bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-12 14:23:32 +00:00
Code Issues Releases Wiki Activity

Add device-approval deny and deny-all commands (#9474)

Browse Source
This commit is contained in:
Thomas Rittson
2024-06-04 08:34:51 +10:00
committed by GitHub
parent e99fd44eed
commit 90812e0ef5
3 changed files with 94 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
bitwarden_license/bit-cli/src/admin-console/device-approval/deny-all.command.ts
View File

@@ -1,9 +1,49 @@
import { firstValueFrom } from "rxjs";
import { Response } from "@bitwarden/cli/models/response"; import { Response } from "@bitwarden/cli/models/response";
import { MessageResponse } from "@bitwarden/cli/models/response/message.response";
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
import { Utils } from "@bitwarden/common/platform/misc/utils";
import { OrganizationAuthRequestService } from "../../../../bit-common/src/admin-console/auth-requests";
export class DenyAllCommand { export class DenyAllCommand {
constructor() {} constructor(
private organizationService: OrganizationService,
private organizationAuthRequestService: OrganizationAuthRequestService,
) {}
async run(organizationId: string): Promise<Response> { async run(organizationId: string): Promise<Response> {
throw new Error("Not implemented"); if (organizationId != null) {
organizationId = organizationId.toLowerCase();
}
if (!Utils.isGuid(organizationId)) {
return Response.badRequest("`" + organizationId + "` is not a GUID.");
}
const organization = await firstValueFrom(this.organizationService.get$(organizationId));
if (!organization?.canManageUsersPassword) {
return Response.error(
"You do not have permission to approve pending device authorization requests.",
);
}
try {
const pendingRequests =
await this.organizationAuthRequestService.listPendingRequests(organizationId);
if (pendingRequests.length == 0) {
const res = new MessageResponse("No pending device authorization requests to deny.", null);
return Response.success(res);
}
await this.organizationAuthRequestService.denyPendingRequests(
organizationId,
...pendingRequests.map((r) => r.id),
);
return Response.success();
} catch (e) {
return Response.error(e);
}
} }
} }

43
bitwarden_license/bit-cli/src/admin-console/device-approval/deny.command.ts
View File

@@ -1,9 +1,46 @@
import { firstValueFrom } from "rxjs";
import { Response } from "@bitwarden/cli/models/response"; import { Response } from "@bitwarden/cli/models/response";
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
import { Utils } from "@bitwarden/common/platform/misc/utils";
import { OrganizationAuthRequestService } from "../../../../bit-common/src/admin-console/auth-requests";
export class DenyCommand { export class DenyCommand {
constructor() {} constructor(
private organizationService: OrganizationService,
private organizationAuthRequestService: OrganizationAuthRequestService,
) {}
async run(id: string): Promise<Response> { async run(organizationId: string, id: string): Promise<Response> {
throw new Error("Not implemented"); if (organizationId != null) {
organizationId = organizationId.toLowerCase();
}
if (!Utils.isGuid(organizationId)) {
return Response.badRequest("`" + organizationId + "` is not a GUID.");
}
if (id != null) {
id = id.toLowerCase();
}
if (!Utils.isGuid(id)) {
return Response.badRequest("`" + id + "` is not a GUID.");
}
const organization = await firstValueFrom(this.organizationService.get$(organizationId));
if (!organization?.canManageUsersPassword) {
return Response.error(
"You do not have permission to approve pending device authorization requests.",
);
}
try {
await this.organizationAuthRequestService.denyPendingRequests(organizationId, id);
return Response.success();
} catch (e) {
return Response.error(e);
}
} }
} }

17
bitwarden_license/bit-cli/src/admin-console/device-approval/device-approval.program.ts
View File

@@ -84,14 +84,18 @@ export class DeviceApprovalProgram extends BaseProgram {
private denyCommand(): Command { private denyCommand(): Command {
return new Command("deny") return new Command("deny")
.argument("<id>") .argument("<organizationId>", "The id of the organization")
.argument("<requestId>", "The id of the request to deny")
.description("Deny a pending request") .description("Deny a pending request")
.action(async (id: string) => { .action(async (organizationId: string, id: string) => {
await this.exitIfFeatureFlagDisabled(FeatureFlag.BulkDeviceApproval); await this.exitIfFeatureFlagDisabled(FeatureFlag.BulkDeviceApproval);
await this.exitIfLocked(); await this.exitIfLocked();
const cmd = new DenyCommand(); const cmd = new DenyCommand(
const response = await cmd.run(id); this.serviceContainer.organizationService,
this.serviceContainer.organizationAuthRequestService,
);
const response = await cmd.run(organizationId, id);
this.processResponse(response); this.processResponse(response);
}); });
} }
@@ -104,7 +108,10 @@ export class DeviceApprovalProgram extends BaseProgram {
await this.exitIfFeatureFlagDisabled(FeatureFlag.BulkDeviceApproval); await this.exitIfFeatureFlagDisabled(FeatureFlag.BulkDeviceApproval);
await this.exitIfLocked(); await this.exitIfLocked();
const cmd = new DenyAllCommand(); const cmd = new DenyAllCommand(
this.serviceContainer.organizationService,
this.serviceContainer.organizationAuthRequestService,
);
const response = await cmd.run(organizationId); const response = await cmd.run(organizationId);
this.processResponse(response); this.processResponse(response);
}); });