1
0
mirror of https://github.com/bitwarden/server.git synced 2024-12-05 14:23:30 +01:00
bitwarden-server/util/Migrator/DbScripts/2024-09-10_00_UsersManagedByOrg.sql
Rui Tomé f2180aa7b7
[PM-10311] Account Management: Create helper methods for checking against verified domains (#4636)
* Add HasVerifiedDomainsAsync method to IOrganizationDomainService

* Add GetManagedUserIdsByOrganizationIdAsync method to IOrganizationUserRepository and the corresponding queries

* Fix case on the sproc OrganizationUser_ReadManagedIdsByOrganizationId parameter

* Update the EF query to use the Email from the User table

* dotnet format

* Fix IOrganizationDomainService.HasVerifiedDomainsAsync by checking that domains have been Verified and add unit tests

* Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync

* Fix domain queries

* Add OrganizationUserRepository integration tests

* Add summary to IOrganizationDomainService.HasVerifiedDomainsAsync

* chore: Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync to GetManyIdsManagedByOrganizationIdAsync

* Add IsManagedByAnyOrganizationAsync method to IUserRepository

* Add integration tests for UserRepository.IsManagedByAnyOrganizationAsync

* Refactor to IUserService.IsManagedByAnyOrganizationAsync and IOrganizationService.GetUsersOrganizationManagementStatusAsync

* chore: Refactor IsManagedByAnyOrganizationAsync method in UserService

* Refactor IOrganizationService.GetUsersOrganizationManagementStatusAsync to return IDictionary<Guid, bool>

* Extract IOrganizationService.GetUsersOrganizationManagementStatusAsync into a query

* Update comments in OrganizationDomainService to use proper capitalization

* Move OrganizationDomainService to AdminConsole ownership and update namespace

* feat: Add support for organization domains in enterprise plans

* feat: Add HasOrganizationDomains property to OrganizationAbility class

* refactor: Update GetOrganizationUsersManagementStatusQuery to use IApplicationCacheService

* Remove HasOrganizationDomains and use UseSso to check if Organization can have Verified Domains

* Refactor UserService.IsManagedByAnyOrganizationAsync to simply check the UseSso flag

* Add TODO comment for replacing 'UseSso' organization ability on user verified domain checks

* Bump date on migration script

* Add indexes to OrganizationDomain table

* Bump script migration date; Remove WITH ONLINE = ON from data migration.
2024-09-11 11:29:57 +01:00

56 lines
1.7 KiB
Transact-SQL

IF NOT EXISTS(SELECT name
FROM sys.indexes
WHERE name = 'IX_OrganizationDomain_OrganizationIdVerifiedDate')
BEGIN
CREATE NONCLUSTERED INDEX [IX_OrganizationDomain_OrganizationIdVerifiedDate]
ON [dbo].[OrganizationDomain] ([OrganizationId],[VerifiedDate]);
END
GO
IF NOT EXISTS(SELECT name
FROM sys.indexes
WHERE name = 'IX_OrganizationDomain_VerifiedDate')
BEGIN
CREATE NONCLUSTERED INDEX [IX_OrganizationDomain_VerifiedDate]
ON [dbo].[OrganizationDomain] ([VerifiedDate])
INCLUDE ([OrganizationId],[DomainName]);
END
GO
CREATE OR ALTER PROCEDURE [dbo].[OrganizationUser_ReadByOrganizationIdWithClaimedDomains]
@OrganizationId UNIQUEIDENTIFIER
AS
BEGIN
SET NOCOUNT ON;
SELECT OU.*
FROM [dbo].[OrganizationUserView] OU
INNER JOIN [dbo].[UserView] U ON OU.[UserId] = U.[Id]
WHERE OU.[OrganizationId] = @OrganizationId
AND EXISTS (
SELECT 1
FROM [dbo].[OrganizationDomainView] OD
WHERE OD.[OrganizationId] = @OrganizationId
AND OD.[VerifiedDate] IS NOT NULL
AND U.[Email] LIKE '%@' + OD.[DomainName]
);
END
GO
CREATE OR ALTER PROCEDURE [dbo].[Organization_ReadByClaimedUserEmailDomain]
@UserId UNIQUEIDENTIFIER
AS
BEGIN
SET NOCOUNT ON;
SELECT O.*
FROM [dbo].[UserView] U
INNER JOIN [dbo].[OrganizationUserView] OU ON U.[Id] = OU.[UserId]
INNER JOIN [dbo].[OrganizationView] O ON OU.[OrganizationId] = O.[Id]
INNER JOIN [dbo].[OrganizationDomainView] OD ON OU.[OrganizationId] = OD.[OrganizationId]
WHERE U.[Id] = @UserId
AND OD.[VerifiedDate] IS NOT NULL
AND U.[Email] LIKE '%@' + OD.[DomainName];
END
GO