mirror of
https://github.com/bitwarden/server.git
synced 2024-12-04 14:13:28 +01:00
b13dda2799
* EF Database Support Init (#1221) * scaffolding for ef support * deleted old postgres repos * added tables to oncreate * updated all the things to .NET 5 * Addition to #1221: Migrated DockerFiles from dotnet/3.1 to 5.0 (#1223) * Migrated DockerFiles from dotnet/3.1 to 5.0 * Migrated SSO/Dockerfile from dotnet 3.1 to 5.0 Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com> * EFDatabaseSupport: Updated links and description in README.md and SETUP.md (#1232) * Updated requirements in README.md * Updated link to documentation of app-secrets * upgraded dotnet version to 5.0 * Ef database support implementation examples (#1265) * mostly finished testing the user repo * finished testing user repo * finished org, user, ssoconfig, and ssouser ef implementations * removed unused prop * fixed a sql file * fixed a spacing issue * fixed a spacing issue * removed extra database creation * refactoring * MsSql => SqlServer * refactoring * code review fixes * build fix * code review * continued attempts to fix the the build * skipped another test * finished all create test * initial pass at several repos * continued building out repos * initial pass at several repos * initial pass at device repo * initial pass at collection repo * initial run of all Entity Framework implementations * signup, signin, create/edit ciphers works * sync working * all web vault pages seem to load with 100% 200s * bulkcopy, folders, and favorites * group and collection management * sso, groups, emergency access, send * get basic creates matching on all repos * got everything building again post merge * removed some IDE config files * cleanup * no more notimplemented methods in the cipher repo * no more not implementeds everywhere * cleaned up schema/navigation properties and fixed tests * removed a sql comment that was written in c# style * fixed build issues from merge * removed unsupported db providers * formatting * code review refactors * naming cleanup for queries * added provider methods * cipher repo cleanup * implemented several missing procedures from the EF implementation surround account revision dates, keys, and storage * fixed the build * added a null check * consolidated some cipher repo methods * formatting fix * cleaned up indentation of queries * removed .idea file * generated postgres migrations * added mysql migrations * formatting * Bug Fixes & Formatting * Formatting * fixed a bug with bulk import when using MySql * code review fixes * fixed the build * implemented new methods * formatting * fixed the build * cleaned up select statements in ef queries * formatting * formatting * formatting Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
297 lines
13 KiB
C#
297 lines
13 KiB
C#
using System;
|
|
using System.Collections.Generic;
|
|
using System.Threading.Tasks;
|
|
using Bit.Core.Exceptions;
|
|
using Bit.Core.Models.Table;
|
|
using Bit.Core.Repositories;
|
|
using Bit.Core.Services;
|
|
using Bit.Core.Test.AutoFixture;
|
|
using Bit.Core.Test.AutoFixture.Attributes;
|
|
using Bit.Core.Test.AutoFixture.OrganizationUserFixtures;
|
|
using PolicyFixtures = Bit.Core.Test.AutoFixture.PolicyFixtures;
|
|
using NSubstitute;
|
|
using Xunit;
|
|
|
|
namespace Bit.Core.Test.Services
|
|
{
|
|
public class PolicyServiceTests
|
|
{
|
|
[Theory, CustomAutoData(typeof(SutProviderCustomization))]
|
|
public async Task SaveAsync_OrganizationDoesNotExist_ThrowsBadRequest([PolicyFixtures.Policy(Enums.PolicyType.DisableSend)] Core.Models.Table.Policy policy, SutProvider<PolicyService> sutProvider)
|
|
{
|
|
SetupOrg(sutProvider, policy.OrganizationId, null);
|
|
|
|
var badRequestException = await Assert.ThrowsAsync<BadRequestException>(
|
|
() => sutProvider.Sut.SaveAsync(policy,
|
|
Substitute.For<IUserService>(),
|
|
Substitute.For<IOrganizationService>(),
|
|
Guid.NewGuid()));
|
|
|
|
Assert.Contains("Organization not found", badRequestException.Message, StringComparison.OrdinalIgnoreCase);
|
|
|
|
await sutProvider.GetDependency<IPolicyRepository>()
|
|
.DidNotReceiveWithAnyArgs()
|
|
.UpsertAsync(default);
|
|
|
|
await sutProvider.GetDependency<IEventService>()
|
|
.DidNotReceiveWithAnyArgs()
|
|
.LogPolicyEventAsync(default, default, default);
|
|
}
|
|
|
|
[Theory, CustomAutoData(typeof(SutProviderCustomization))]
|
|
public async Task SaveAsync_OrganizationCannotUsePolicies_ThrowsBadRequest([PolicyFixtures.Policy(Enums.PolicyType.DisableSend)] Core.Models.Table.Policy policy, SutProvider<PolicyService> sutProvider)
|
|
{
|
|
var orgId = Guid.NewGuid();
|
|
|
|
SetupOrg(sutProvider, policy.OrganizationId, new Organization
|
|
{
|
|
UsePolicies = false,
|
|
});
|
|
|
|
var badRequestException = await Assert.ThrowsAsync<BadRequestException>(
|
|
() => sutProvider.Sut.SaveAsync(policy,
|
|
Substitute.For<IUserService>(),
|
|
Substitute.For<IOrganizationService>(),
|
|
Guid.NewGuid()));
|
|
|
|
Assert.Contains("cannot use policies", badRequestException.Message, StringComparison.OrdinalIgnoreCase);
|
|
|
|
await sutProvider.GetDependency<IPolicyRepository>()
|
|
.DidNotReceiveWithAnyArgs()
|
|
.UpsertAsync(default);
|
|
|
|
await sutProvider.GetDependency<IEventService>()
|
|
.DidNotReceiveWithAnyArgs()
|
|
.LogPolicyEventAsync(default, default, default);
|
|
}
|
|
|
|
[Theory, CustomAutoData(typeof(SutProviderCustomization))]
|
|
public async Task SaveAsync_SingleOrg_RequireSsoEnabled_ThrowsBadRequest([PolicyFixtures.Policy(Enums.PolicyType.SingleOrg)] Core.Models.Table.Policy policy, SutProvider<PolicyService> sutProvider)
|
|
{
|
|
policy.Enabled = false;
|
|
|
|
SetupOrg(sutProvider, policy.OrganizationId, new Organization
|
|
{
|
|
Id = policy.OrganizationId,
|
|
UsePolicies = true,
|
|
});
|
|
|
|
sutProvider.GetDependency<IPolicyRepository>()
|
|
.GetByOrganizationIdTypeAsync(policy.OrganizationId, Enums.PolicyType.RequireSso)
|
|
.Returns(Task.FromResult(new Core.Models.Table.Policy { Enabled = true }));
|
|
|
|
var badRequestException = await Assert.ThrowsAsync<BadRequestException>(
|
|
() => sutProvider.Sut.SaveAsync(policy,
|
|
Substitute.For<IUserService>(),
|
|
Substitute.For<IOrganizationService>(),
|
|
Guid.NewGuid()));
|
|
|
|
Assert.Contains("Single Sign-On Authentication policy is enabled.", badRequestException.Message, StringComparison.OrdinalIgnoreCase);
|
|
|
|
await sutProvider.GetDependency<IPolicyRepository>()
|
|
.DidNotReceiveWithAnyArgs()
|
|
.UpsertAsync(default);
|
|
|
|
await sutProvider.GetDependency<IEventService>()
|
|
.DidNotReceiveWithAnyArgs()
|
|
.LogPolicyEventAsync(default, default, default);
|
|
}
|
|
|
|
[Theory, CustomAutoData(typeof(SutProviderCustomization))]
|
|
public async Task SaveAsync_RequireSsoPolicy_NotEnabled_ThrowsBadRequestAsync([PolicyFixtures.Policy(Enums.PolicyType.RequireSso)] Core.Models.Table.Policy policy, SutProvider<PolicyService> sutProvider)
|
|
{
|
|
policy.Enabled = true;
|
|
|
|
SetupOrg(sutProvider, policy.OrganizationId, new Organization
|
|
{
|
|
Id = policy.OrganizationId,
|
|
UsePolicies = true,
|
|
});
|
|
|
|
sutProvider.GetDependency<IPolicyRepository>()
|
|
.GetByOrganizationIdTypeAsync(policy.OrganizationId, Enums.PolicyType.SingleOrg)
|
|
.Returns(Task.FromResult(new Core.Models.Table.Policy { Enabled = false }));
|
|
|
|
var badRequestException = await Assert.ThrowsAsync<BadRequestException>(
|
|
() => sutProvider.Sut.SaveAsync(policy,
|
|
Substitute.For<IUserService>(),
|
|
Substitute.For<IOrganizationService>(),
|
|
Guid.NewGuid()));
|
|
|
|
Assert.Contains("Single Organization policy not enabled.", badRequestException.Message, StringComparison.OrdinalIgnoreCase);
|
|
|
|
await sutProvider.GetDependency<IPolicyRepository>()
|
|
.DidNotReceiveWithAnyArgs()
|
|
.UpsertAsync(default);
|
|
|
|
await sutProvider.GetDependency<IEventService>()
|
|
.DidNotReceiveWithAnyArgs()
|
|
.LogPolicyEventAsync(default, default, default);
|
|
}
|
|
|
|
[Theory, CustomAutoData(typeof(SutProviderCustomization))]
|
|
public async Task SaveAsync_NewPolicy_Created([PolicyFixtures.Policy(Enums.PolicyType.MasterPassword)] Core.Models.Table.Policy policy, SutProvider<PolicyService> sutProvider)
|
|
{
|
|
policy.Id = default;
|
|
|
|
SetupOrg(sutProvider, policy.OrganizationId, new Organization
|
|
{
|
|
Id = policy.OrganizationId,
|
|
UsePolicies = true,
|
|
});
|
|
|
|
var utcNow = DateTime.UtcNow;
|
|
|
|
await sutProvider.Sut.SaveAsync(policy, Substitute.For<IUserService>(), Substitute.For<IOrganizationService>(), Guid.NewGuid());
|
|
|
|
await sutProvider.GetDependency<IEventService>().Received()
|
|
.LogPolicyEventAsync(policy, Enums.EventType.Policy_Updated);
|
|
|
|
await sutProvider.GetDependency<IPolicyRepository>().Received()
|
|
.UpsertAsync(policy);
|
|
|
|
Assert.True(policy.CreationDate - utcNow < TimeSpan.FromSeconds(1));
|
|
Assert.True(policy.RevisionDate - utcNow < TimeSpan.FromSeconds(1));
|
|
}
|
|
|
|
[Theory, CustomAutoData(typeof(SutProviderCustomization))]
|
|
public async Task SaveAsync_ExistingPolicy_UpdateTwoFactor([PolicyFixtures.Policy(Enums.PolicyType.TwoFactorAuthentication)] Core.Models.Table.Policy policy, SutProvider<PolicyService> sutProvider)
|
|
{
|
|
// If the policy that this is updating isn't enabled then do some work now that the current one is enabled
|
|
|
|
var org = new Organization
|
|
{
|
|
Id = policy.OrganizationId,
|
|
UsePolicies = true,
|
|
Name = "TEST",
|
|
};
|
|
|
|
SetupOrg(sutProvider, policy.OrganizationId, org);
|
|
|
|
sutProvider.GetDependency<IPolicyRepository>()
|
|
.GetByIdAsync(policy.Id)
|
|
.Returns(new Core.Models.Table.Policy
|
|
{
|
|
Id = policy.Id,
|
|
Type = Enums.PolicyType.TwoFactorAuthentication,
|
|
Enabled = false,
|
|
});
|
|
|
|
var orgUserDetail = new Core.Models.Data.OrganizationUserUserDetails
|
|
{
|
|
Id = Guid.NewGuid(),
|
|
Status = Enums.OrganizationUserStatusType.Accepted,
|
|
Type = Enums.OrganizationUserType.User,
|
|
// Needs to be different from what is passed in as the savingUserId to Sut.SaveAsync
|
|
Email = "test@bitwarden.com",
|
|
Name = "TEST",
|
|
UserId = Guid.NewGuid(),
|
|
};
|
|
|
|
sutProvider.GetDependency<IOrganizationUserRepository>()
|
|
.GetManyDetailsByOrganizationAsync(policy.OrganizationId)
|
|
.Returns(new List<Core.Models.Data.OrganizationUserUserDetails>
|
|
{
|
|
orgUserDetail,
|
|
});
|
|
|
|
var userService = Substitute.For<IUserService>();
|
|
var organizationService = Substitute.For<IOrganizationService>();
|
|
|
|
userService.TwoFactorIsEnabledAsync(orgUserDetail)
|
|
.Returns(false);
|
|
|
|
var utcNow = DateTime.UtcNow;
|
|
|
|
var savingUserId = Guid.NewGuid();
|
|
|
|
await sutProvider.Sut.SaveAsync(policy, userService, organizationService, savingUserId);
|
|
|
|
await organizationService.Received()
|
|
.DeleteUserAsync(policy.OrganizationId, orgUserDetail.Id, savingUserId);
|
|
|
|
await sutProvider.GetDependency<IMailService>().Received()
|
|
.SendOrganizationUserRemovedForPolicyTwoStepEmailAsync(org.Name, orgUserDetail.Email);
|
|
|
|
await sutProvider.GetDependency<IEventService>().Received()
|
|
.LogPolicyEventAsync(policy, Enums.EventType.Policy_Updated);
|
|
|
|
await sutProvider.GetDependency<IPolicyRepository>().Received()
|
|
.UpsertAsync(policy);
|
|
|
|
Assert.True(policy.CreationDate - utcNow < TimeSpan.FromSeconds(1));
|
|
Assert.True(policy.RevisionDate - utcNow < TimeSpan.FromSeconds(1));
|
|
}
|
|
|
|
[Theory, CustomAutoData(typeof(SutProviderCustomization))]
|
|
public async Task SaveAsync_ExistingPolicy_UpdateSingleOrg([PolicyFixtures.Policy(Enums.PolicyType.TwoFactorAuthentication)] Core.Models.Table.Policy policy, SutProvider<PolicyService> sutProvider)
|
|
{
|
|
// If the policy that this is updating isn't enabled then do some work now that the current one is enabled
|
|
|
|
var org = new Organization
|
|
{
|
|
Id = policy.OrganizationId,
|
|
UsePolicies = true,
|
|
Name = "TEST",
|
|
};
|
|
|
|
SetupOrg(sutProvider, policy.OrganizationId, org);
|
|
|
|
sutProvider.GetDependency<IPolicyRepository>()
|
|
.GetByIdAsync(policy.Id)
|
|
.Returns(new Core.Models.Table.Policy
|
|
{
|
|
Id = policy.Id,
|
|
Type = Enums.PolicyType.SingleOrg,
|
|
Enabled = false,
|
|
});
|
|
|
|
var orgUserDetail = new Core.Models.Data.OrganizationUserUserDetails
|
|
{
|
|
Id = Guid.NewGuid(),
|
|
Status = Enums.OrganizationUserStatusType.Accepted,
|
|
Type = Enums.OrganizationUserType.User,
|
|
// Needs to be different from what is passed in as the savingUserId to Sut.SaveAsync
|
|
Email = "test@bitwarden.com",
|
|
Name = "TEST",
|
|
UserId = Guid.NewGuid(),
|
|
};
|
|
|
|
sutProvider.GetDependency<IOrganizationUserRepository>()
|
|
.GetManyDetailsByOrganizationAsync(policy.OrganizationId)
|
|
.Returns(new List<Core.Models.Data.OrganizationUserUserDetails>
|
|
{
|
|
orgUserDetail,
|
|
});
|
|
|
|
var userService = Substitute.For<IUserService>();
|
|
var organizationService = Substitute.For<IOrganizationService>();
|
|
|
|
userService.TwoFactorIsEnabledAsync(orgUserDetail)
|
|
.Returns(false);
|
|
|
|
var utcNow = DateTime.UtcNow;
|
|
|
|
var savingUserId = Guid.NewGuid();
|
|
|
|
await sutProvider.Sut.SaveAsync(policy, userService, organizationService, savingUserId);
|
|
|
|
await sutProvider.GetDependency<IEventService>().Received()
|
|
.LogPolicyEventAsync(policy, Enums.EventType.Policy_Updated);
|
|
|
|
await sutProvider.GetDependency<IPolicyRepository>().Received()
|
|
.UpsertAsync(policy);
|
|
|
|
Assert.True(policy.CreationDate - utcNow < TimeSpan.FromSeconds(1));
|
|
Assert.True(policy.RevisionDate - utcNow < TimeSpan.FromSeconds(1));
|
|
}
|
|
|
|
private static void SetupOrg(SutProvider<PolicyService> sutProvider, Guid organizationId, Organization organization)
|
|
{
|
|
sutProvider.GetDependency<IOrganizationRepository>()
|
|
.GetByIdAsync(organizationId)
|
|
.Returns(Task.FromResult(organization));
|
|
}
|
|
}
|
|
}
|