Add device-approval deny and deny-all commands (#9474)

bitwarden_license/bit-cli/src/admin-console/device-approval/deny.command.ts

@@ -1,9 +1,46 @@
+import { firstValueFrom } from "rxjs";
+
 import { Response } from "@bitwarden/cli/models/response";
+import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
+import { Utils } from "@bitwarden/common/platform/misc/utils";
+
+import { OrganizationAuthRequestService } from "../../../../bit-common/src/admin-console/auth-requests";
 
 export class DenyCommand {
-  constructor() {}
+  constructor(
+    private organizationService: OrganizationService,
+    private organizationAuthRequestService: OrganizationAuthRequestService,
+  ) {}
 
-  async run(id: string): Promise<Response> {
-    throw new Error("Not implemented");
+  async run(organizationId: string, id: string): Promise<Response> {
+    if (organizationId != null) {
+      organizationId = organizationId.toLowerCase();
+    }
+
+    if (!Utils.isGuid(organizationId)) {
+      return Response.badRequest("`" + organizationId + "` is not a GUID.");
+    }
+
+    if (id != null) {
+      id = id.toLowerCase();
+    }
+
+    if (!Utils.isGuid(id)) {
+      return Response.badRequest("`" + id + "` is not a GUID.");
+    }
+
+    const organization = await firstValueFrom(this.organizationService.get$(organizationId));
+    if (!organization?.canManageUsersPassword) {
+      return Response.error(
+        "You do not have permission to approve pending device authorization requests.",
+      );
+    }
+
+    try {
+      await this.organizationAuthRequestService.denyPendingRequests(organizationId, id);
+      return Response.success();
+    } catch (e) {
+      return Response.error(e);
+    }
   }
 }