mirror of
https://github.com/bitwarden/server.git
synced 2024-11-25 12:45:18 +01:00
Block MSPs from adding SM to a managed org
This commit is contained in:
parent
75fe220970
commit
e4600a199f
@ -410,6 +410,11 @@ public class OrganizationService : IOrganizationService
|
||||
var secretsManagerPlan = StaticStore.SecretManagerPlans.FirstOrDefault(p => p.Type == signup.Plan);
|
||||
if (signup.UseSecretsManager)
|
||||
{
|
||||
if (provider)
|
||||
{
|
||||
throw new BadRequestException(
|
||||
"Organizations with a Managed Service Provider do not support Secrets Manager.");
|
||||
}
|
||||
ValidateSecretsManagerPlan(secretsManagerPlan, signup);
|
||||
}
|
||||
|
||||
|
@ -262,6 +262,22 @@ public class OrganizationServiceTests
|
||||
);
|
||||
}
|
||||
|
||||
[Theory]
|
||||
[BitAutoData(PlanType.EnterpriseAnnually)]
|
||||
public async Task SignUp_SM_Throws_WhenManagedByMSP(PlanType planType, OrganizationSignup signup, SutProvider<OrganizationService> sutProvider)
|
||||
{
|
||||
signup.Plan = planType;
|
||||
signup.UseSecretsManager = true;
|
||||
signup.AdditionalSeats = 15;
|
||||
signup.AdditionalSmSeats = 10;
|
||||
signup.AdditionalServiceAccounts = 20;
|
||||
signup.PaymentMethodType = PaymentMethodType.Card;
|
||||
signup.PremiumAccessAddon = false;
|
||||
|
||||
var exception = await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.SignUpAsync(signup, true));
|
||||
Assert.Contains("Organizations with a Managed Service Provider do not support Secrets Manager.", exception.Message);
|
||||
}
|
||||
|
||||
[Theory]
|
||||
[BitAutoData]
|
||||
public async Task SignUpAsync_SecretManager_AdditionalServiceAccounts_NotAllowedByPlan_ShouldThrowException(OrganizationSignup signup, SutProvider<OrganizationService> sutProvider)
|
||||
|
Loading…
Reference in New Issue
Block a user