using System.Security.Claims; using Bit.Api.SecretsManager.Controllers; using Bit.Api.SecretsManager.Models.Request; using Bit.Api.Test.SecretsManager.Enums; using Bit.Core.Context; using Bit.Core.Enums; using Bit.Core.Exceptions; using Bit.Core.SecretsManager.Commands.Secrets.Interfaces; using Bit.Core.SecretsManager.Entities; using Bit.Core.SecretsManager.Models.Data; using Bit.Core.SecretsManager.Repositories; using Bit.Core.Services; using Bit.Core.Test.SecretsManager.AutoFixture.SecretsFixture; using Bit.Test.Common.AutoFixture; using Bit.Test.Common.AutoFixture.Attributes; using Bit.Test.Common.Helpers; using Microsoft.AspNetCore.Authorization; using NSubstitute; using Xunit; namespace Bit.Api.Test.SecretsManager.Controllers; [ControllerCustomize(typeof(SecretsController))] [SutProviderCustomize] [JsonDocumentCustomize] [SecretCustomize] public class SecretsControllerTests { [Theory] [BitAutoData] public async Task GetSecretsByOrganization_ReturnsEmptyList(SutProvider sutProvider, Guid id, Guid organizationId, Guid userId, AccessClientType accessType) { sutProvider.GetDependency().AccessSecretsManager(id).Returns(true); sutProvider.GetDependency().OrganizationAdmin(organizationId).Returns(true); sutProvider.GetDependency().GetProperUserId(default).ReturnsForAnyArgs(userId); var result = await sutProvider.Sut.ListByOrganizationAsync(id); await sutProvider.GetDependency().Received(1) .GetManyByOrganizationIdAsync(Arg.Is(AssertHelper.AssertPropertyEqual(id)), userId, accessType); Assert.Empty(result.Secrets); } [Theory] [BitAutoData(PermissionType.RunAsAdmin)] [BitAutoData(PermissionType.RunAsUserWithPermission)] public async Task GetSecretsByOrganization_Success(PermissionType permissionType, SutProvider sutProvider, Core.SecretsManager.Entities.Secret resultSecret, Guid organizationId, Guid userId, Core.SecretsManager.Entities.Project mockProject, AccessClientType accessType) { sutProvider.GetDependency().AccessSecretsManager(default).ReturnsForAnyArgs(true); sutProvider.GetDependency().GetManyByOrganizationIdAsync(default, default, default) .ReturnsForAnyArgs(new List { new() { Secret = resultSecret, Read = true, Write = true }, }); sutProvider.GetDependency().GetProperUserId(default).ReturnsForAnyArgs(userId); if (permissionType == PermissionType.RunAsAdmin) { sutProvider.GetDependency().OrganizationAdmin(organizationId).Returns(true); } else { resultSecret.Projects = new List() { mockProject }; sutProvider.GetDependency().OrganizationAdmin(organizationId).Returns(false); sutProvider.GetDependency().AccessToProjectAsync(default, default, default) .Returns((true, true)); } var result = await sutProvider.Sut.ListByOrganizationAsync(resultSecret.OrganizationId); await sutProvider.GetDependency().Received(1) .GetManyByOrganizationIdAsync(Arg.Is(AssertHelper.AssertPropertyEqual(resultSecret.OrganizationId)), userId, accessType); } [Theory] [BitAutoData] public async Task GetSecretsByOrganization_AccessDenied_Throws(SutProvider sutProvider, Core.SecretsManager.Entities.Secret resultSecret) { sutProvider.GetDependency().AccessSecretsManager(default).ReturnsForAnyArgs(false); await Assert.ThrowsAsync(() => sutProvider.Sut.ListByOrganizationAsync(resultSecret.OrganizationId)); } [Theory] [BitAutoData] public async Task GetSecret_NotFound(SutProvider sutProvider) { await Assert.ThrowsAsync(() => sutProvider.Sut.GetAsync(Guid.NewGuid())); } [Theory] [BitAutoData(PermissionType.RunAsAdmin)] [BitAutoData(PermissionType.RunAsUserWithPermission)] public async Task GetSecret_Success(PermissionType permissionType, SutProvider sutProvider, Secret resultSecret, Guid userId, Guid organizationId, Project mockProject) { sutProvider.GetDependency().AccessSecretsManager(organizationId).Returns(true); sutProvider.GetDependency().GetProperUserId(default).ReturnsForAnyArgs(userId); mockProject.OrganizationId = organizationId; resultSecret.Projects = new List() { mockProject }; resultSecret.OrganizationId = organizationId; sutProvider.GetDependency().GetByIdAsync(default).ReturnsForAnyArgs(resultSecret); sutProvider.GetDependency().AccessToSecretAsync(default, default, default) .ReturnsForAnyArgs(Task.FromResult((true, true))); if (permissionType == PermissionType.RunAsAdmin) { resultSecret.OrganizationId = organizationId; sutProvider.GetDependency().OrganizationAdmin(organizationId).Returns(true); sutProvider.GetDependency().AccessToProjectAsync(Arg.Any(), Arg.Any(), AccessClientType.NoAccessCheck) .Returns((true, true)); } else { sutProvider.GetDependency().OrganizationAdmin(organizationId).Returns(false); sutProvider.GetDependency().AccessToProjectAsync(Arg.Any(), Arg.Any(), AccessClientType.User) .Returns((true, true)); } await sutProvider.Sut.GetAsync(resultSecret.Id); await sutProvider.GetDependency().Received(1) .GetByIdAsync(Arg.Is(AssertHelper.AssertPropertyEqual(resultSecret.Id))); } [Theory] [BitAutoData] public async Task CreateSecret_NoAccess_Throws(SutProvider sutProvider, SecretCreateRequestModel data, Guid organizationId, Guid userId) { // We currently only allow a secret to be in one project at a time if (data.ProjectIds != null && data.ProjectIds.Length > 1) { data.ProjectIds = new Guid[] { data.ProjectIds.ElementAt(0) }; } sutProvider.GetDependency() .AuthorizeAsync(Arg.Any(), data.ToSecret(organizationId), Arg.Any>()).ReturnsForAnyArgs(AuthorizationResult.Failed()); var resultSecret = data.ToSecret(organizationId); sutProvider.GetDependency().GetProperUserId(default).ReturnsForAnyArgs(userId); sutProvider.GetDependency().CreateAsync(default).ReturnsForAnyArgs(resultSecret); await Assert.ThrowsAsync(() => sutProvider.Sut.CreateAsync(organizationId, data)); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs() .CreateAsync(Arg.Any()); } [Theory] [BitAutoData] public async Task CreateSecret_Success(SutProvider sutProvider, SecretCreateRequestModel data, Guid organizationId, Guid userId) { // We currently only allow a secret to be in one project at a time if (data.ProjectIds != null && data.ProjectIds.Length > 1) { data.ProjectIds = new Guid[] { data.ProjectIds.ElementAt(0) }; } sutProvider.GetDependency() .AuthorizeAsync(Arg.Any(), data.ToSecret(organizationId), Arg.Any>()).ReturnsForAnyArgs(AuthorizationResult.Success()); var resultSecret = data.ToSecret(organizationId); sutProvider.GetDependency().GetProperUserId(default).ReturnsForAnyArgs(userId); sutProvider.GetDependency().CreateAsync(default).ReturnsForAnyArgs(resultSecret); await sutProvider.Sut.CreateAsync(organizationId, data); await sutProvider.GetDependency().Received(1) .CreateAsync(Arg.Any()); } [Theory] [BitAutoData] public async Task UpdateSecret_NoAccess_Throws(SutProvider sutProvider, SecretUpdateRequestModel data, Guid secretId, Guid organizationId, Secret mockSecret) { // We currently only allow a secret to be in one project at a time if (data.ProjectIds != null && data.ProjectIds.Length > 1) { data.ProjectIds = new Guid[] { data.ProjectIds.ElementAt(0) }; } sutProvider.GetDependency() .AuthorizeAsync(Arg.Any(), data.ToSecret(secretId, organizationId), Arg.Any>()).ReturnsForAnyArgs(AuthorizationResult.Failed()); sutProvider.GetDependency().GetByIdAsync(secretId).ReturnsForAnyArgs(mockSecret); var resultSecret = data.ToSecret(secretId, organizationId); sutProvider.GetDependency().UpdateAsync(default).ReturnsForAnyArgs(resultSecret); await Assert.ThrowsAsync(() => sutProvider.Sut.UpdateSecretAsync(secretId, data)); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs() .UpdateAsync(Arg.Any()); } [Theory] [BitAutoData] public async Task UpdateSecret_SecretDoesNotExist_Throws(SutProvider sutProvider, SecretUpdateRequestModel data, Guid secretId, Guid organizationId) { // We currently only allow a secret to be in one project at a time if (data.ProjectIds != null && data.ProjectIds.Length > 1) { data.ProjectIds = new Guid[] { data.ProjectIds.ElementAt(0) }; } sutProvider.GetDependency() .AuthorizeAsync(Arg.Any(), data.ToSecret(secretId, organizationId), Arg.Any>()).ReturnsForAnyArgs(AuthorizationResult.Failed()); var resultSecret = data.ToSecret(secretId, organizationId); sutProvider.GetDependency().UpdateAsync(default).ReturnsForAnyArgs(resultSecret); await Assert.ThrowsAsync(() => sutProvider.Sut.UpdateSecretAsync(secretId, data)); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs() .UpdateAsync(Arg.Any()); } [Theory] [BitAutoData] public async Task UpdateSecret_Success(SutProvider sutProvider, SecretUpdateRequestModel data, Guid secretId, Guid organizationId, Secret mockSecret) { // We currently only allow a secret to be in one project at a time if (data.ProjectIds != null && data.ProjectIds.Length > 1) { data.ProjectIds = new Guid[] { data.ProjectIds.ElementAt(0) }; } sutProvider.GetDependency() .AuthorizeAsync(Arg.Any(), data.ToSecret(secretId, organizationId), Arg.Any>()).ReturnsForAnyArgs(AuthorizationResult.Success()); sutProvider.GetDependency().GetByIdAsync(secretId).ReturnsForAnyArgs(mockSecret); var resultSecret = data.ToSecret(secretId, organizationId); sutProvider.GetDependency().UpdateAsync(default).ReturnsForAnyArgs(resultSecret); await sutProvider.Sut.UpdateSecretAsync(secretId, data); await sutProvider.GetDependency().Received(1) .UpdateAsync(Arg.Any()); } [Theory] [BitAutoData] public async Task BulkDelete_NoSecretsFound_ThrowsNotFound(SutProvider sutProvider, List data) { var ids = data.Select(s => s.Id).ToList(); sutProvider.GetDependency().GetManyByIds(Arg.Is(ids)).ReturnsForAnyArgs(new List()); await Assert.ThrowsAsync(() => sutProvider.Sut.BulkDeleteAsync(ids)); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().DeleteSecrets(Arg.Any>()); } [Theory] [BitAutoData] public async Task BulkDelete_SecretsFoundMisMatch_ThrowsNotFound(SutProvider sutProvider, List data, Secret mockSecret) { data.Add(mockSecret); var ids = data.Select(s => s.Id).ToList(); sutProvider.GetDependency().GetManyByIds(Arg.Is(ids)).ReturnsForAnyArgs(new List { mockSecret }); await Assert.ThrowsAsync(() => sutProvider.Sut.BulkDeleteAsync(ids)); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().DeleteSecrets(Arg.Any>()); } [Theory] [BitAutoData] public async Task BulkDelete_OrganizationMistMatch_ThrowsNotFound(SutProvider sutProvider, List data) { var ids = data.Select(s => s.Id).ToList(); sutProvider.GetDependency().GetManyByIds(Arg.Is(ids)).ReturnsForAnyArgs(data); await Assert.ThrowsAsync(() => sutProvider.Sut.BulkDeleteAsync(ids)); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().DeleteSecrets(Arg.Any>()); } [Theory] [BitAutoData] public async Task BulkDelete_NoAccessToSecretsManager_ThrowsNotFound(SutProvider sutProvider, List data) { var ids = data.Select(s => s.Id).ToList(); var organizationId = data.First().OrganizationId; foreach (var s in data) { s.OrganizationId = organizationId; } sutProvider.GetDependency().AccessSecretsManager(Arg.Is(organizationId)).ReturnsForAnyArgs(false); sutProvider.GetDependency().GetManyByIds(Arg.Is(ids)).ReturnsForAnyArgs(data); await Assert.ThrowsAsync(() => sutProvider.Sut.BulkDeleteAsync(ids)); await sutProvider.GetDependency().DidNotReceiveWithAnyArgs().DeleteSecrets(Arg.Any>()); } [Theory] [BitAutoData] public async Task BulkDelete_ReturnsAccessDeniedForSecretsWithoutAccess_Success(SutProvider sutProvider, List data) { var ids = data.Select(s => s.Id).ToList(); var organizationId = data.First().OrganizationId; foreach (var secret in data) { secret.OrganizationId = organizationId; sutProvider.GetDependency() .AuthorizeAsync(Arg.Any(), secret, Arg.Any>()).ReturnsForAnyArgs(AuthorizationResult.Success()); } sutProvider.GetDependency() .AuthorizeAsync(Arg.Any(), data.First(), Arg.Any>()).Returns(AuthorizationResult.Failed()); sutProvider.GetDependency().AccessSecretsManager(Arg.Is(organizationId)).ReturnsForAnyArgs(true); sutProvider.GetDependency().GetManyByIds(Arg.Is(ids)).ReturnsForAnyArgs(data); var results = await sutProvider.Sut.BulkDeleteAsync(ids); Assert.Equal(data.Count, results.Data.Count()); Assert.Equal("access denied", results.Data.First().Error); data.Remove(data.First()); await sutProvider.GetDependency().Received(1) .DeleteSecrets(Arg.Is(AssertHelper.AssertPropertyEqual(data))); } [Theory] [BitAutoData] public async Task BulkDelete_Success(SutProvider sutProvider, List data) { var ids = data.Select(sa => sa.Id).ToList(); var organizationId = data.First().OrganizationId; foreach (var secret in data) { secret.OrganizationId = organizationId; sutProvider.GetDependency() .AuthorizeAsync(Arg.Any(), secret, Arg.Any>()).ReturnsForAnyArgs(AuthorizationResult.Success()); } sutProvider.GetDependency().AccessSecretsManager(Arg.Is(organizationId)).ReturnsForAnyArgs(true); sutProvider.GetDependency().GetManyByIds(Arg.Is(ids)).ReturnsForAnyArgs(data); var results = await sutProvider.Sut.BulkDeleteAsync(ids); await sutProvider.GetDependency().Received(1) .DeleteSecrets(Arg.Is(AssertHelper.AssertPropertyEqual(data))); Assert.Equal(data.Count, results.Data.Count()); foreach (var result in results.Data) { Assert.Null(result.Error); } } [Theory] [BitAutoData] public async Task GetSecretsByIds_NoSecretsFound_ThrowsNotFound(SutProvider sutProvider, List data) { var (ids, request) = BuildGetSecretsRequestModel(data); sutProvider.GetDependency().GetManyByIds(Arg.Is(ids)).ReturnsForAnyArgs(new List()); await Assert.ThrowsAsync(() => sutProvider.Sut.GetSecretsByIdsAsync(request)); } [Theory] [BitAutoData] public async Task GetSecretsByIds_SecretsFoundMisMatch_ThrowsNotFound(SutProvider sutProvider, List data, Secret mockSecret) { var (ids, request) = BuildGetSecretsRequestModel(data); ids.Add(mockSecret.Id); sutProvider.GetDependency().GetManyByIds(Arg.Is(ids)) .ReturnsForAnyArgs(new List { mockSecret }); await Assert.ThrowsAsync(() => sutProvider.Sut.GetSecretsByIdsAsync(request)); } [Theory] [BitAutoData] public async Task GetSecretsByIds_OrganizationMisMatch_ThrowsNotFound(SutProvider sutProvider, List data) { var (ids, request) = BuildGetSecretsRequestModel(data); sutProvider.GetDependency().GetManyByIds(Arg.Is(ids)).ReturnsForAnyArgs(data); await Assert.ThrowsAsync(() => sutProvider.Sut.GetSecretsByIdsAsync(request)); } [Theory] [BitAutoData] public async Task GetSecretsByIds_NoAccessToSecretsManager_ThrowsNotFound( SutProvider sutProvider, List data) { var (ids, request) = BuildGetSecretsRequestModel(data); var organizationId = SetOrganizations(ref data); sutProvider.GetDependency().AccessSecretsManager(Arg.Is(organizationId)) .ReturnsForAnyArgs(false); sutProvider.GetDependency().GetManyByIds(Arg.Is(ids)).ReturnsForAnyArgs(data); await Assert.ThrowsAsync(() => sutProvider.Sut.GetSecretsByIdsAsync(request)); } [Theory] [BitAutoData] public async Task GetSecretsByIds_AccessDenied_ThrowsNotFound(SutProvider sutProvider, List data) { var (ids, request) = BuildGetSecretsRequestModel(data); var organizationId = SetOrganizations(ref data); sutProvider.GetDependency().GetManyByIds(Arg.Is(ids)).ReturnsForAnyArgs(data); sutProvider.GetDependency().AccessSecretsManager(Arg.Is(organizationId)) .ReturnsForAnyArgs(true); sutProvider.GetDependency() .AuthorizeAsync(Arg.Any(), data.First(), Arg.Any>()).ReturnsForAnyArgs(AuthorizationResult.Failed()); await Assert.ThrowsAsync(() => sutProvider.Sut.GetSecretsByIdsAsync(request)); } [Theory] [BitAutoData] public async Task GetSecretsByIds_Success(SutProvider sutProvider, List data) { var (ids, request) = BuildGetSecretsRequestModel(data); var organizationId = SetOrganizations(ref data); sutProvider.GetDependency().GetManyByIds(Arg.Is(ids)).ReturnsForAnyArgs(data); sutProvider.GetDependency().AccessSecretsManager(Arg.Is(organizationId)) .ReturnsForAnyArgs(true); sutProvider.GetDependency() .AuthorizeAsync(Arg.Any(), data.First(), Arg.Any>()).ReturnsForAnyArgs(AuthorizationResult.Success()); var results = await sutProvider.Sut.GetSecretsByIdsAsync(request); Assert.Equal(data.Count, results.Data.Count()); } private static (List Ids, GetSecretsRequestModel request) BuildGetSecretsRequestModel( IEnumerable data) { var ids = data.Select(s => s.Id).ToList(); var request = new GetSecretsRequestModel { Ids = ids }; return (ids, request); } private static Guid SetOrganizations(ref List data) { var organizationId = data.First().OrganizationId; foreach (var s in data) { s.OrganizationId = organizationId; } return organizationId; } }