1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-22 12:15:36 +01:00
bitwarden-server/util/Migrator/DbScripts/2024-05-05_00_UpdateManyAuthRequests.sql
Addison Beck 56c523f76f
Allow for bulk updating AuthRequest database objects (#4053)
* Declare a new repository interface method

To facilitate a new bulk device login request approval workflow in the
admin console we need to update `IAuthRequestRepisitory` (owned by Auth
team) to include an`UpdateManyAsync()` method. It should accept a list
of `AuthRequest` table objects, and implementations will do a very
simple 1:1 update of the passed in data.

This commit adds an `UpdateManyAsync()` method to the
`AuthRequestRepository` interface.

* Stub out method implementations to enable unit testing

This commit stubs out implementations of
`IAuthRequestRepository.UpdateManyAsync()` so the method signature can
be called in unit tests. At this stage the methods are not implemented.

* Assert a happy path integration test

* Establish a user defined SQL type for Auth Requests

To facilitate a bulk update operation for auth requests a new user
defined type will need to be written that can be used as a table input
to the stored procedure. This will follow a similar pattern to how the
`OragnizationSponsorshipType` works and is used by the stored procedure
`OrganizationSponsorship_UpdateMany`.

* Establish a new stored procedure

To facilitate the bulk updating of auth request table objects this
commit adds a new stored procedure to  update a collection of entities
on `AuthRequest` table by their primary key. It updates all properties,
for convention, but the endpoint created later will only change the
`Approved`, `ResponseDate`, `Key`, `MasterPasswordHash`, and
`AuthenticationDate` properties.

* Apply a SQL server migration script

This commit simply applies a migration script containing the new user
defined type and stored procedure comitted previously.

* Enable converting an `IEnumerable<AuthRequest>` to a `DataTable`

The current pattern in place for bulk update stored procedures is to
pass a `DataTable` through Dapper as an input for the update stored
procedure being run. In order to facilitate the new bulk update
procedure for the`AuthRequest` type we need a function added that can
convert an `IEnumerable<AuthRequest>` to a `DataTable`. This is commit
follows the convention of having a static class with a conversion method
in a `Helpers` folder: `AuthRequestHelpers.ToDataTable()`.

* Implement `Dapper/../AuthRequestRepository.UpdateMany()`

This commit implements `AuthRequestRepository.UpdateMany()` for the
Dapper implementation of `AuthRequestRepository`. It connects the stored
procedure, `DataTable` converter, and Dapper-focused unit test commits
written previously into one exposed method that can be referenced by
service callers.

* Implement `EntityFramework/../AuthRequestRepository.UpdateMany()`

This commit implements the new
`IAuthRequestRepository.UpdateManyAsync()`method in the Entity Framework
skew of the repository layer. It checks to make sure the passed in list
has auth requests, converts them all to an Entity Framework entity, and
then uses `UpdateRange` to apply the whole thing over in the database
context.

* Assert that  `UpdateManyAsync` can not create any new auth requests

* Use a json object as stored procedure input

* Fix the build

* Continuing to troubleshoot the build

* Move `AuthRequest_UpdateMany` to the Auth folder

* Remove extra comment

* Delete type that never got used

* intentionally break a test

* Unbreak it
2024-05-22 11:55:31 -05:00

46 lines
1.8 KiB
Transact-SQL

CREATE PROCEDURE AuthRequest_UpdateMany
@jsonData NVARCHAR(MAX)
AS
BEGIN
UPDATE AR
SET
[Id] = ARI.[Id],
[UserId] = ARI.[UserId],
[Type] = ARI.[Type],
[RequestDeviceIdentifier] = ARI.[RequestDeviceIdentifier],
[RequestDeviceType] = ARI.[RequestDeviceType],
[RequestIpAddress] = ARI.[RequestIpAddress],
[ResponseDeviceId] = ARI.[ResponseDeviceId],
[AccessCode] = ARI.[AccessCode],
[PublicKey] = ARI.[PublicKey],
[Key] = ARI.[Key],
[MasterPasswordHash] = ARI.[MasterPasswordHash],
[Approved] = ARI.[Approved],
[CreationDate] = ARI.[CreationDate],
[ResponseDate] = ARI.[ResponseDate],
[AuthenticationDate] = ARI.[AuthenticationDate],
[OrganizationId] = ARI.[OrganizationId]
FROM
[dbo].[AuthRequest] AR
INNER JOIN
OPENJSON(@jsonData)
WITH (
Id UNIQUEIDENTIFIER '$.Id',
UserId UNIQUEIDENTIFIER '$.UserId',
Type SMALLINT '$.Type',
RequestDeviceIdentifier NVARCHAR(50) '$.RequestDeviceIdentifier',
RequestDeviceType SMALLINT '$.RequestDeviceType',
RequestIpAddress VARCHAR(50) '$.RequestIpAddress',
ResponseDeviceId UNIQUEIDENTIFIER '$.ResponseDeviceId',
AccessCode VARCHAR(25) '$.AccessCode',
PublicKey VARCHAR(MAX) '$.PublicKey',
[Key] VARCHAR(MAX) '$.Key',
MasterPasswordHash VARCHAR(MAX) '$.MasterPasswordHash',
Approved BIT '$.Approved',
CreationDate DATETIME2 '$.CreationDate',
ResponseDate DATETIME2 '$.ResponseDate',
AuthenticationDate DATETIME2 '$.AuthenticationDate',
OrganizationId UNIQUEIDENTIFIER '$.OrganizationId'
) ARI ON AR.Id = ARI.Id;
END