mirror of
https://github.com/bitwarden/server.git
synced 2024-12-05 14:23:30 +01:00
385 lines
18 KiB
C#
385 lines
18 KiB
C#
using System.Text.Json;
|
|
using Bit.Api.AdminConsole.Controllers;
|
|
using Bit.Api.AdminConsole.Models.Request.Organizations;
|
|
using Bit.Api.AdminConsole.Models.Response.Organizations;
|
|
using Bit.Core.AdminConsole.Models.OrganizationConnectionConfigs;
|
|
using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationConnections.Interfaces;
|
|
using Bit.Core.Context;
|
|
using Bit.Core.Entities;
|
|
using Bit.Core.Enums;
|
|
using Bit.Core.Exceptions;
|
|
using Bit.Core.Models.Business;
|
|
using Bit.Core.Models.OrganizationConnectionConfigs;
|
|
using Bit.Core.Repositories;
|
|
using Bit.Core.Services;
|
|
using Bit.Core.Settings;
|
|
using Bit.Test.Common.AutoFixture;
|
|
using Bit.Test.Common.AutoFixture.Attributes;
|
|
using Bit.Test.Common.Helpers;
|
|
using NSubstitute;
|
|
using Xunit;
|
|
|
|
namespace Bit.Api.Test.AdminConsole.Controllers;
|
|
|
|
[ControllerCustomize(typeof(OrganizationConnectionsController))]
|
|
[SutProviderCustomize]
|
|
[JsonDocumentCustomize]
|
|
public class OrganizationConnectionsControllerTests
|
|
{
|
|
public static IEnumerable<object[]> ConnectionTypes =>
|
|
Enum.GetValues<OrganizationConnectionType>().Select(p => new object[] { p });
|
|
|
|
|
|
[Theory]
|
|
[BitAutoData(true, true)]
|
|
[BitAutoData(false, true)]
|
|
[BitAutoData(true, false)]
|
|
[BitAutoData(false, false)]
|
|
public void ConnectionEnabled_RequiresBothSelfHostAndCommunications(bool selfHosted, bool enableCloudCommunication, SutProvider<OrganizationConnectionsController> sutProvider)
|
|
{
|
|
var globalSettingsMock = sutProvider.GetDependency<IGlobalSettings>();
|
|
globalSettingsMock.SelfHosted.Returns(selfHosted);
|
|
globalSettingsMock.EnableCloudCommunication.Returns(enableCloudCommunication);
|
|
|
|
Action<bool> assert = selfHosted && enableCloudCommunication ? Assert.True : Assert.False;
|
|
|
|
var result = sutProvider.Sut.ConnectionsEnabled();
|
|
|
|
assert(result);
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task CreateConnection_CloudBillingSync_RequiresOwnerPermissions(SutProvider<OrganizationConnectionsController> sutProvider)
|
|
{
|
|
var model = new OrganizationConnectionRequestModel
|
|
{
|
|
Type = OrganizationConnectionType.CloudBillingSync,
|
|
};
|
|
var exception = await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.CreateConnection(model));
|
|
|
|
Assert.Contains($"You do not have permission to create a connection of type", exception.Message);
|
|
}
|
|
|
|
[Theory]
|
|
[BitMemberAutoData(nameof(ConnectionTypes))]
|
|
public async Task CreateConnection_OnlyOneConnectionOfEachType(OrganizationConnectionType type,
|
|
OrganizationConnectionRequestModel model, BillingSyncConfig config, Guid existingEntityId,
|
|
SutProvider<OrganizationConnectionsController> sutProvider)
|
|
{
|
|
model.Type = type;
|
|
model.Config = JsonDocumentFromObject(config);
|
|
var typedModel = new OrganizationConnectionRequestModel<BillingSyncConfig>(model);
|
|
var existing = typedModel.ToData(existingEntityId).ToEntity();
|
|
|
|
sutProvider.GetDependency<ICurrentContext>().OrganizationOwner(model.OrganizationId).Returns(true);
|
|
|
|
sutProvider.GetDependency<IOrganizationConnectionRepository>().GetByOrganizationIdTypeAsync(model.OrganizationId, type).Returns(new[] { existing });
|
|
|
|
var exception = await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.CreateConnection(model));
|
|
|
|
Assert.Contains($"The requested organization already has a connection of type {model.Type}. Only one of each connection type may exist per organization.", exception.Message);
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task CreateConnection_BillingSyncType_InvalidLicense_Throws(OrganizationConnectionRequestModel model,
|
|
BillingSyncConfig config, Guid cloudOrgId, OrganizationLicense organizationLicense,
|
|
SutProvider<OrganizationConnectionsController> sutProvider)
|
|
{
|
|
model.Type = OrganizationConnectionType.CloudBillingSync;
|
|
organizationLicense.Id = cloudOrgId;
|
|
|
|
model.Config = JsonDocumentFromObject(config);
|
|
var typedModel = new OrganizationConnectionRequestModel<BillingSyncConfig>(model);
|
|
typedModel.ParsedConfig.CloudOrganizationId = cloudOrgId;
|
|
|
|
sutProvider.GetDependency<ICurrentContext>()
|
|
.OrganizationOwner(model.OrganizationId)
|
|
.Returns(true);
|
|
|
|
sutProvider.GetDependency<ILicensingService>()
|
|
.ReadOrganizationLicenseAsync(model.OrganizationId)
|
|
.Returns(organizationLicense);
|
|
|
|
sutProvider.GetDependency<ILicensingService>()
|
|
.VerifyLicense(organizationLicense)
|
|
.Returns(false);
|
|
|
|
await Assert.ThrowsAsync<BadRequestException>(async () => await sutProvider.Sut.CreateConnection(model));
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task CreateConnection_Success(OrganizationConnectionRequestModel model, BillingSyncConfig config,
|
|
Guid cloudOrgId, OrganizationLicense organizationLicense, SutProvider<OrganizationConnectionsController> sutProvider)
|
|
{
|
|
organizationLicense.Id = cloudOrgId;
|
|
|
|
model.Config = JsonDocumentFromObject(config);
|
|
var typedModel = new OrganizationConnectionRequestModel<BillingSyncConfig>(model);
|
|
typedModel.ParsedConfig.CloudOrganizationId = cloudOrgId;
|
|
|
|
sutProvider.GetDependency<IGlobalSettings>().SelfHosted.Returns(true);
|
|
sutProvider.GetDependency<ICreateOrganizationConnectionCommand>().CreateAsync<BillingSyncConfig>(default)
|
|
.ReturnsForAnyArgs(typedModel.ToData(Guid.NewGuid()).ToEntity());
|
|
sutProvider.GetDependency<ICurrentContext>().OrganizationOwner(model.OrganizationId).Returns(true);
|
|
sutProvider.GetDependency<ILicensingService>()
|
|
.ReadOrganizationLicenseAsync(Arg.Any<Guid>())
|
|
.Returns(organizationLicense);
|
|
|
|
sutProvider.GetDependency<ILicensingService>()
|
|
.VerifyLicense(organizationLicense)
|
|
.Returns(true);
|
|
|
|
await sutProvider.Sut.CreateConnection(model);
|
|
|
|
await sutProvider.GetDependency<ICreateOrganizationConnectionCommand>().Received(1)
|
|
.CreateAsync(Arg.Is(AssertHelper.AssertPropertyEqual(typedModel.ToData())));
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task UpdateConnection_RequiresOwnerPermissions(SutProvider<OrganizationConnectionsController> sutProvider)
|
|
{
|
|
sutProvider.GetDependency<IOrganizationConnectionRepository>()
|
|
.GetByIdOrganizationIdAsync(Arg.Any<Guid>(), Arg.Any<Guid>())
|
|
.Returns(new OrganizationConnection());
|
|
|
|
var exception = await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.UpdateConnection(default, new OrganizationConnectionRequestModel()));
|
|
|
|
Assert.Contains("You do not have permission to update this connection.", exception.Message);
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData(OrganizationConnectionType.CloudBillingSync)]
|
|
public async Task UpdateConnection_BillingSync_OnlyOneConnectionOfEachType(OrganizationConnectionType type,
|
|
OrganizationConnection existing1, OrganizationConnection existing2, BillingSyncConfig config,
|
|
SutProvider<OrganizationConnectionsController> sutProvider)
|
|
{
|
|
existing1.Type = existing2.Type = type;
|
|
existing1.Config = JsonSerializer.Serialize(config);
|
|
var typedModel = RequestModelFromEntity<BillingSyncConfig>(existing1);
|
|
|
|
sutProvider.GetDependency<ICurrentContext>().OrganizationOwner(typedModel.OrganizationId).Returns(true);
|
|
|
|
var orgConnectionRepository = sutProvider.GetDependency<IOrganizationConnectionRepository>();
|
|
orgConnectionRepository.GetByIdOrganizationIdAsync(existing1.Id, existing1.OrganizationId).Returns(existing1);
|
|
orgConnectionRepository.GetByIdOrganizationIdAsync(existing2.Id, existing2.OrganizationId).Returns(existing2);
|
|
orgConnectionRepository.GetByOrganizationIdTypeAsync(typedModel.OrganizationId, type).Returns(new[] { existing1, existing2 });
|
|
|
|
var exception = await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.UpdateConnection(existing1.Id, typedModel));
|
|
|
|
Assert.Contains($"The requested organization already has a connection of type {typedModel.Type}. Only one of each connection type may exist per organization.", exception.Message);
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData(OrganizationConnectionType.Scim)]
|
|
public async Task UpdateConnection_Scim_OnlyOneConnectionOfEachType(OrganizationConnectionType type,
|
|
OrganizationConnection existing1, OrganizationConnection existing2, ScimConfig config,
|
|
SutProvider<OrganizationConnectionsController> sutProvider)
|
|
{
|
|
existing1.Type = existing2.Type = type;
|
|
existing1.Config = JsonSerializer.Serialize(config);
|
|
var typedModel = RequestModelFromEntity<ScimConfig>(existing1);
|
|
|
|
sutProvider.GetDependency<ICurrentContext>().OrganizationOwner(typedModel.OrganizationId).Returns(true);
|
|
|
|
sutProvider.GetDependency<IOrganizationConnectionRepository>()
|
|
.GetByIdOrganizationIdAsync(existing1.Id, existing1.OrganizationId)
|
|
.Returns(existing1);
|
|
|
|
sutProvider.GetDependency<ICurrentContext>().ManageScim(typedModel.OrganizationId).Returns(true);
|
|
|
|
sutProvider.GetDependency<IOrganizationConnectionRepository>()
|
|
.GetByOrganizationIdTypeAsync(typedModel.OrganizationId, type)
|
|
.Returns(new[] { existing1, existing2 });
|
|
|
|
var exception = await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.UpdateConnection(existing1.Id, typedModel));
|
|
|
|
Assert.Contains($"The requested organization already has a connection of type {typedModel.Type}. Only one of each connection type may exist per organization.", exception.Message);
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task UpdateConnection_Success(OrganizationConnection existing, BillingSyncConfig config,
|
|
OrganizationConnection updated,
|
|
SutProvider<OrganizationConnectionsController> sutProvider)
|
|
{
|
|
existing.SetConfig(new BillingSyncConfig
|
|
{
|
|
CloudOrganizationId = config.CloudOrganizationId,
|
|
});
|
|
updated.Config = JsonSerializer.Serialize(config);
|
|
updated.Id = existing.Id;
|
|
updated.OrganizationId = existing.OrganizationId;
|
|
updated.Type = OrganizationConnectionType.CloudBillingSync;
|
|
var model = RequestModelFromEntity<BillingSyncConfig>(updated);
|
|
|
|
sutProvider.GetDependency<IGlobalSettings>().SelfHosted.Returns(true);
|
|
sutProvider.GetDependency<ICurrentContext>().OrganizationOwner(model.OrganizationId).Returns(true);
|
|
sutProvider.GetDependency<IOrganizationConnectionRepository>()
|
|
.GetByOrganizationIdTypeAsync(model.OrganizationId, model.Type)
|
|
.Returns(new[] { existing });
|
|
sutProvider.GetDependency<IUpdateOrganizationConnectionCommand>()
|
|
.UpdateAsync<BillingSyncConfig>(default)
|
|
.ReturnsForAnyArgs(updated);
|
|
sutProvider.GetDependency<IOrganizationConnectionRepository>()
|
|
.GetByIdOrganizationIdAsync(existing.Id, existing.OrganizationId)
|
|
.Returns(existing);
|
|
|
|
OrganizationLicense organizationLicense = new OrganizationLicense();
|
|
var now = DateTime.UtcNow;
|
|
organizationLicense.Issued = now.AddDays(-10);
|
|
organizationLicense.Expires = now.AddDays(10);
|
|
organizationLicense.Version = 1;
|
|
organizationLicense.UsersGetPremium = true;
|
|
organizationLicense.Id = config.CloudOrganizationId;
|
|
organizationLicense.Trial = true;
|
|
|
|
sutProvider.GetDependency<ILicensingService>()
|
|
.ReadOrganizationLicenseAsync(Arg.Any<Guid>())
|
|
.Returns(organizationLicense);
|
|
|
|
sutProvider.GetDependency<ILicensingService>()
|
|
.VerifyLicense(organizationLicense)
|
|
.Returns(true);
|
|
|
|
var expected = new OrganizationConnectionResponseModel(updated, typeof(BillingSyncConfig));
|
|
var result = await sutProvider.Sut.UpdateConnection(existing.Id, model);
|
|
|
|
AssertHelper.AssertPropertyEqual(expected, result);
|
|
await sutProvider.GetDependency<IUpdateOrganizationConnectionCommand>().Received(1)
|
|
.UpdateAsync(Arg.Is(AssertHelper.AssertPropertyEqual(model.ToData(updated.Id))));
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task UpdateConnection_BillingSyncType_InvalidLicense_ErrorThrows(OrganizationConnection existing, BillingSyncConfig config,
|
|
OrganizationConnection updated,
|
|
SutProvider<OrganizationConnectionsController> sutProvider)
|
|
{
|
|
existing.SetConfig(new BillingSyncConfig
|
|
{
|
|
CloudOrganizationId = config.CloudOrganizationId,
|
|
});
|
|
updated.Config = JsonSerializer.Serialize(config);
|
|
updated.Id = existing.Id;
|
|
updated.OrganizationId = existing.OrganizationId;
|
|
updated.Type = OrganizationConnectionType.CloudBillingSync;
|
|
var model = RequestModelFromEntity<BillingSyncConfig>(updated);
|
|
sutProvider.GetDependency<IGlobalSettings>().SelfHosted.Returns(true);
|
|
sutProvider.GetDependency<ICurrentContext>().OrganizationOwner(model.OrganizationId).Returns(true);
|
|
sutProvider.GetDependency<IOrganizationConnectionRepository>()
|
|
.GetByOrganizationIdTypeAsync(model.OrganizationId, model.Type)
|
|
.Returns(new[] { existing });
|
|
sutProvider.GetDependency<IUpdateOrganizationConnectionCommand>()
|
|
.UpdateAsync<BillingSyncConfig>(default)
|
|
.ReturnsForAnyArgs(updated);
|
|
sutProvider.GetDependency<IOrganizationConnectionRepository>()
|
|
.GetByIdOrganizationIdAsync(existing.Id, existing.OrganizationId)
|
|
.Returns(existing);
|
|
|
|
OrganizationLicense organizationLicense = new OrganizationLicense();
|
|
var now = DateTime.UtcNow;
|
|
organizationLicense.Issued = now.AddDays(-10);
|
|
organizationLicense.Expires = now.AddDays(10);
|
|
organizationLicense.Version = 1;
|
|
organizationLicense.UsersGetPremium = true;
|
|
organizationLicense.Id = config.CloudOrganizationId;
|
|
organizationLicense.Trial = true;
|
|
|
|
sutProvider.GetDependency<ILicensingService>()
|
|
.VerifyLicense(organizationLicense)
|
|
.Returns(false);
|
|
|
|
var exception = await Assert.ThrowsAsync<BadRequestException>(async () => await sutProvider.Sut.UpdateConnection(existing.Id, model));
|
|
|
|
Assert.Contains("Cannot verify license file.", exception.Message);
|
|
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task UpdateConnection_DoesNotExist_ThrowsNotFound(SutProvider<OrganizationConnectionsController> sutProvider)
|
|
{
|
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.UpdateConnection(Guid.NewGuid(), null));
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task GetConnection_RequiresOwnerPermissions(Guid connectionId, SutProvider<OrganizationConnectionsController> sutProvider)
|
|
{
|
|
var exception = await Assert.ThrowsAsync<BadRequestException>(() =>
|
|
sutProvider.Sut.GetConnection(connectionId, OrganizationConnectionType.CloudBillingSync));
|
|
|
|
Assert.Contains("You do not have permission to retrieve a connection of type", exception.Message);
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task GetConnection_Success(OrganizationConnection connection, BillingSyncConfig config,
|
|
SutProvider<OrganizationConnectionsController> sutProvider)
|
|
{
|
|
connection.Config = JsonSerializer.Serialize(config);
|
|
|
|
sutProvider.GetDependency<IGlobalSettings>().SelfHosted.Returns(true);
|
|
sutProvider.GetDependency<IOrganizationConnectionRepository>()
|
|
.GetByOrganizationIdTypeAsync(connection.OrganizationId, connection.Type)
|
|
.Returns(new[] { connection });
|
|
sutProvider.GetDependency<ICurrentContext>().OrganizationOwner(connection.OrganizationId).Returns(true);
|
|
|
|
var expected = new OrganizationConnectionResponseModel(connection, typeof(BillingSyncConfig));
|
|
var actual = await sutProvider.Sut.GetConnection(connection.OrganizationId, connection.Type);
|
|
|
|
AssertHelper.AssertPropertyEqual(expected, actual);
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task DeleteConnection_NotFound(Guid connectionId,
|
|
SutProvider<OrganizationConnectionsController> sutProvider)
|
|
{
|
|
await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.DeleteConnection(connectionId));
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task DeleteConnection_RequiresOwnerPermissions(OrganizationConnection connection,
|
|
SutProvider<OrganizationConnectionsController> sutProvider)
|
|
{
|
|
sutProvider.GetDependency<IOrganizationConnectionRepository>().GetByIdAsync(connection.Id).Returns(connection);
|
|
|
|
var exception = await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.DeleteConnection(connection.Id));
|
|
|
|
Assert.Contains("You do not have permission to remove this connection of type", exception.Message);
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task DeleteConnection_Success(OrganizationConnection connection,
|
|
SutProvider<OrganizationConnectionsController> sutProvider)
|
|
{
|
|
sutProvider.GetDependency<IOrganizationConnectionRepository>().GetByIdAsync(connection.Id).Returns(connection);
|
|
sutProvider.GetDependency<ICurrentContext>().OrganizationOwner(connection.OrganizationId).Returns(true);
|
|
|
|
await sutProvider.Sut.DeleteConnection(connection.Id);
|
|
|
|
await sutProvider.GetDependency<IDeleteOrganizationConnectionCommand>().DeleteAsync(connection);
|
|
}
|
|
|
|
private static OrganizationConnectionRequestModel<T> RequestModelFromEntity<T>(OrganizationConnection entity)
|
|
where T : IConnectionConfig
|
|
{
|
|
return new(new OrganizationConnectionRequestModel()
|
|
{
|
|
Type = entity.Type,
|
|
OrganizationId = entity.OrganizationId,
|
|
Enabled = entity.Enabled,
|
|
Config = JsonDocument.Parse(entity.Config),
|
|
});
|
|
}
|
|
|
|
private static JsonDocument JsonDocumentFromObject<T>(T obj) => JsonDocument.Parse(JsonSerializer.Serialize(obj));
|
|
}
|