using Bit.Core.AdminConsole.Entities; using Bit.Core.Context; using Bit.Core.Entities; using Bit.Core.Enums; using Bit.Core.Exceptions; using Bit.Core.Models.Data; using Bit.Core.Repositories; using Bit.Core.Services; using Bit.Core.Test.AutoFixture; using Bit.Core.Test.AutoFixture.OrganizationFixtures; using Bit.Test.Common.AutoFixture; using Bit.Test.Common.AutoFixture.Attributes; using NSubstitute; using Xunit; namespace Bit.Core.Test.Services; [SutProviderCustomize] [OrganizationCustomize] public class CollectionServiceTest { [Theory, BitAutoData] public async Task SaveAsync_DefaultIdWithUsers_CreatesCollectionInTheRepository(Collection collection, Organization organization, [CollectionAccessSelectionCustomize(true)] IEnumerable users, SutProvider sutProvider) { collection.Id = default; sutProvider.GetDependency().GetByIdAsync(organization.Id).Returns(organization); var utcNow = DateTime.UtcNow; await sutProvider.Sut.SaveAsync(collection, null, users); await sutProvider.GetDependency().Received() .CreateAsync(collection, Arg.Is>(l => l == null), Arg.Is>(l => l.Any(i => i.Manage == true))); await sutProvider.GetDependency().Received() .LogCollectionEventAsync(collection, EventType.Collection_Created); Assert.True(collection.CreationDate - utcNow < TimeSpan.FromSeconds(1)); Assert.True(collection.RevisionDate - utcNow < TimeSpan.FromSeconds(1)); } [Theory, BitAutoData] public async Task SaveAsync_DefaultIdWithGroupsAndUsers_CreateCollectionWithGroupsAndUsersInRepository(Collection collection, [CollectionAccessSelectionCustomize(true)] IEnumerable groups, IEnumerable users, Organization organization, SutProvider sutProvider) { collection.Id = default; organization.UseGroups = true; sutProvider.GetDependency().GetByIdAsync(organization.Id).Returns(organization); var utcNow = DateTime.UtcNow; await sutProvider.Sut.SaveAsync(collection, groups, users); await sutProvider.GetDependency().Received() .CreateAsync(collection, Arg.Is>(l => l.Any(i => i.Manage == true)), Arg.Any>()); await sutProvider.GetDependency().Received() .LogCollectionEventAsync(collection, EventType.Collection_Created); Assert.True(collection.CreationDate - utcNow < TimeSpan.FromSeconds(1)); Assert.True(collection.RevisionDate - utcNow < TimeSpan.FromSeconds(1)); } [Theory, BitAutoData] public async Task SaveAsync_NonDefaultId_ReplacesCollectionInRepository(Collection collection, Organization organization, [CollectionAccessSelectionCustomize(true)] IEnumerable users, SutProvider sutProvider) { var creationDate = collection.CreationDate; sutProvider.GetDependency().GetByIdAsync(organization.Id).Returns(organization); var utcNow = DateTime.UtcNow; await sutProvider.Sut.SaveAsync(collection, null, users); await sutProvider.GetDependency().Received().ReplaceAsync(collection, Arg.Is>(l => l == null), Arg.Is>(l => l.Any(i => i.Manage == true))); await sutProvider.GetDependency().Received() .LogCollectionEventAsync(collection, EventType.Collection_Updated); Assert.Equal(collection.CreationDate, creationDate); Assert.True(collection.RevisionDate - utcNow < TimeSpan.FromSeconds(1)); } [Theory, BitAutoData] public async Task SaveAsync_OrganizationNotUseGroup_CreateCollectionWithoutGroupsInRepository(Collection collection, IEnumerable groups, [CollectionAccessSelectionCustomize(true)] IEnumerable users, Organization organization, SutProvider sutProvider) { collection.Id = default; organization.UseGroups = false; sutProvider.GetDependency().GetByIdAsync(organization.Id).Returns(organization); var utcNow = DateTime.UtcNow; await sutProvider.Sut.SaveAsync(collection, groups, users); await sutProvider.GetDependency().Received().CreateAsync(collection, Arg.Is>(l => l == null), Arg.Is>(l => l.Any(i => i.Manage == true))); await sutProvider.GetDependency().Received() .LogCollectionEventAsync(collection, EventType.Collection_Created); Assert.True(collection.CreationDate - utcNow < TimeSpan.FromSeconds(1)); Assert.True(collection.RevisionDate - utcNow < TimeSpan.FromSeconds(1)); } [Theory, BitAutoData] public async Task SaveAsync_NonExistingOrganizationId_ThrowsBadRequest(Collection collection, SutProvider sutProvider) { var ex = await Assert.ThrowsAsync(() => sutProvider.Sut.SaveAsync(collection)); Assert.Contains("Organization not found", ex.Message); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().CreateAsync(default); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().CreateAsync(default, default, default); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().ReplaceAsync(default); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().LogCollectionEventAsync(default, default); } [Theory, BitAutoData] public async Task SaveAsync_NoManageAccess_ThrowsBadRequest(Collection collection, Organization organization, [CollectionAccessSelectionCustomize] IEnumerable users, SutProvider sutProvider) { collection.Id = default; organization.FlexibleCollections = true; sutProvider.GetDependency().GetByIdAsync(organization.Id).Returns(organization); sutProvider.GetDependency() .IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1, Arg.Any()) .Returns(true); organization.AllowAdminAccessToAllCollectionItems = false; var ex = await Assert.ThrowsAsync(() => sutProvider.Sut.SaveAsync(collection, null, users)); Assert.Contains("At least one member or group must have can manage permission.", ex.Message); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().CreateAsync(default); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().CreateAsync(default, default, default); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().ReplaceAsync(default); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().LogCollectionEventAsync(default, default); } [Theory, BitAutoData] public async Task SaveAsync_ExceedsOrganizationMaxCollections_ThrowsBadRequest(Collection collection, Organization organization, [CollectionAccessSelectionCustomize(true)] IEnumerable users, SutProvider sutProvider) { collection.Id = default; sutProvider.GetDependency().GetByIdAsync(organization.Id).Returns(organization); sutProvider.GetDependency().GetCountByOrganizationIdAsync(organization.Id) .Returns(organization.MaxCollections.Value); var ex = await Assert.ThrowsAsync(() => sutProvider.Sut.SaveAsync(collection, null, users)); Assert.Equal($@"You have reached the maximum number of collections ({organization.MaxCollections.Value}) for this organization.", ex.Message); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().CreateAsync(default); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().CreateAsync(default, default, default); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().ReplaceAsync(default); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().LogCollectionEventAsync(default, default); } [Theory, BitAutoData] public async Task DeleteUserAsync_DeletesValidUserWhoBelongsToCollection(Collection collection, Organization organization, OrganizationUser organizationUser, SutProvider sutProvider) { collection.OrganizationId = organization.Id; organizationUser.OrganizationId = organization.Id; sutProvider.GetDependency().GetByIdAsync(organization.Id).Returns(organization); sutProvider.GetDependency().GetByIdAsync(organizationUser.Id) .Returns(organizationUser); await sutProvider.Sut.DeleteUserAsync(collection, organizationUser.Id); await sutProvider.GetDependency().Received() .DeleteUserAsync(collection.Id, organizationUser.Id); await sutProvider.GetDependency().Received().LogOrganizationUserEventAsync(organizationUser, EventType.OrganizationUser_Updated); } [Theory, BitAutoData] public async Task DeleteUserAsync_InvalidUser_ThrowsNotFound(Collection collection, Organization organization, OrganizationUser organizationUser, SutProvider sutProvider) { collection.OrganizationId = organization.Id; sutProvider.GetDependency().GetByIdAsync(organization.Id).Returns(organization); sutProvider.GetDependency().GetByIdAsync(organizationUser.Id) .Returns(organizationUser); // user not in organization await Assert.ThrowsAsync(() => sutProvider.Sut.DeleteUserAsync(collection, organizationUser.Id)); // invalid user await Assert.ThrowsAsync(() => sutProvider.Sut.DeleteUserAsync(collection, Guid.NewGuid())); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().DeleteUserAsync(default, default); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs() .LogOrganizationUserEventAsync(default, default); } [Theory, BitAutoData] public async Task GetOrganizationCollectionsAsync_WithViewAllCollectionsTrue_ReturnsAllOrganizationCollections( Collection collection, Guid organizationId, Guid userId, SutProvider sutProvider) { sutProvider.GetDependency().UserId.Returns(userId); sutProvider.GetDependency() .GetManyByOrganizationIdAsync(organizationId) .Returns(new List { collection }); sutProvider.GetDependency().ViewAllCollections(organizationId).Returns(true); var result = await sutProvider.Sut.GetOrganizationCollectionsAsync(organizationId); Assert.Single(result); Assert.Equal(collection, result.First()); await sutProvider.GetDependency().Received(1).GetManyByOrganizationIdAsync(organizationId); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().GetManyByUserIdAsync(default, default); } [Theory, BitAutoData] public async Task GetOrganizationCollectionsAsync_WithViewAssignedCollectionsFalse_ThrowsBadRequestException( Guid organizationId, SutProvider sutProvider) { await Assert.ThrowsAsync(() => sutProvider.Sut.GetOrganizationCollectionsAsync(organizationId)); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().GetManyByOrganizationIdAsync(default); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().GetManyByUserIdAsync(default, default); } }