mirror of
https://github.com/bitwarden/server.git
synced 2024-12-12 15:26:48 +01:00
98a191a5e8
* Define a model for updating many auth requests In order to facilitate a command method that can update many auth requests at one time a new model must be defined that accepts valid input for the command's needs. To achieve this a new file has been created at `Core/AdminConsole/OrganizationAuth/Models/OrganizationAuthRequestUpdateCommandModel.cs` that contains a class of the same name. It's properties match those that need to come from any calling API request models to fulfill the request. * Declare a new command interface method Calling API functions of the `UpdateOrganizationAuthRequestCommand` need a function that can accept many auth request response objects and process them as approved or denied. To achieve this a new function has been added to `IUpdateOrganizationAuthRequestCommand` called `UpdateManyAsync()` that accepts an `IEnumberable<OrganizationAuthRequest>` and returns a `Task`. Implementations of this interface method will be used to bulk process auth requests as approved or denied. * Stub out method implementation for unit testing To facilitate a bulk device login request approval workflow in the admin console `UpdateOrganizationAuthRequestCommand` needs to be updated to include an `UpdateMany()` method. It should accept a list of `OrganizationAuthRequestUpdateCommandModel` objects, perform some simple data validation checks, and then pass those along to `AuthRequestRepository` for updating in the database. This commit stubs out this method for the purpose of writing unit tests. At this stage the method throws a `NotImplementedException()`. It will be expand after writing assertions. * Inject `IAuthRequestRepository` into `UpdateOrganizationAuthCommand` The updates to `UpdateOrganizationAuthRequestCommand` require a new direct dependency on `IAuthRequestRepository`. This commit simply registers this dependency in the `UpdateOrganizationAuthRequest` constructor for use in unit tests and the `UpdateManyAsync()` implementation. * Write tests * Rename `UpdateManyAsync()` to `UpdateAsync` * Drop the `CommandModel` suffix * Invert business logic update filters * Rework everything to be more model-centric * Bulk send push notifications * Write tests that validate the command as a whole * Fix a test that I broke by mistake * Swap to using await instead of chained methods for processing * Seperate a function arguement into a variable declaration * Ungeneric-ify the processor * Adjust ternary formatting * Adjust naming of methods regarding logging organization events * Throw an exception if Process is called with no auth request loaded * Rename `_updates` -> `_update` * Rename email methods * Stop returning `this` * Allow callbacks to be null * Make some assertions about the state of a processed auth request * Be more terse about arguements in happy path test * Remove unneeded null check * Expose an endpoint for bulk processing of organization auth requests (#4077) --------- Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
65 lines
2.3 KiB
C#
65 lines
2.3 KiB
C#
using Bit.Api.AdminConsole.Controllers;
|
|
using Bit.Api.AdminConsole.Models.Request;
|
|
using Bit.Core.Context;
|
|
using Bit.Test.Common.AutoFixture;
|
|
using Bit.Test.Common.AutoFixture.Attributes;
|
|
using NSubstitute;
|
|
using Xunit;
|
|
|
|
namespace Bit.Api.Test.AdminConsole.Controllers;
|
|
|
|
[ControllerCustomize(typeof(OrganizationAuthRequestsController))]
|
|
[SutProviderCustomize]
|
|
public class OrganizationAuthRequestsControllerTests
|
|
{
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task ValidateAdminRequest_UserDoesNotHaveManageResetPasswordPermissions_ThrowsUnauthorized(
|
|
SutProvider<OrganizationAuthRequestsController> sutProvider,
|
|
Guid organizationId
|
|
)
|
|
{
|
|
sutProvider.GetDependency<ICurrentContext>().ManageResetPassword(organizationId).Returns(false);
|
|
|
|
await Assert.ThrowsAsync<UnauthorizedAccessException>(() =>
|
|
sutProvider.Sut.ValidateAdminRequest(organizationId));
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task ValidateAdminRequest_UserHasManageResetPasswordPermissions_DoesNotThrow(
|
|
SutProvider<OrganizationAuthRequestsController> sutProvider,
|
|
Guid organizationId
|
|
)
|
|
{
|
|
sutProvider.GetDependency<ICurrentContext>().ManageResetPassword(organizationId).Returns(true);
|
|
await sutProvider.Sut.ValidateAdminRequest(organizationId);
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task UpdateManyAuthRequests_ValidInput_DoesNotThrow(
|
|
SutProvider<OrganizationAuthRequestsController> sutProvider,
|
|
IEnumerable<OrganizationAuthRequestUpdateManyRequestModel> request,
|
|
Guid organizationId
|
|
)
|
|
{
|
|
sutProvider.GetDependency<ICurrentContext>().ManageResetPassword(organizationId).Returns(true);
|
|
await sutProvider.Sut.UpdateManyAuthRequests(organizationId, request);
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task UpdateManyAuthRequests_NotPermissioned_ThrowsUnauthorized(
|
|
SutProvider<OrganizationAuthRequestsController> sutProvider,
|
|
IEnumerable<OrganizationAuthRequestUpdateManyRequestModel> request,
|
|
Guid organizationId
|
|
)
|
|
{
|
|
sutProvider.GetDependency<ICurrentContext>().ManageResetPassword(organizationId).Returns(false);
|
|
await Assert.ThrowsAsync<UnauthorizedAccessException>(() =>
|
|
sutProvider.Sut.UpdateManyAuthRequests(organizationId, request));
|
|
}
|
|
}
|