[AC-2303] Implement approveAllRequests method (#9031)

* [AC-2302] Move organization-auth-request.service to bit-common folder * [AC-2302] Rename organization-auth-request.service to organization-auth-request-api.service * [AC-2302] Move logic from component to organization-auth-request.service * [AC-2302] Fix import path in OrganizationAuthRequestService * [AC-2302] Move imports to OrganizationsModule and delete unused CoreOrganizationModule * [AC-2302] Move the call to get userResetPasswordDetails into OrganizationAuthRequestService * [AC-2302] Remove @Injectable() and manually configure dependencies * [AC-2302] Add OrganizationAuthRequestService unit tests first draft * [AC-2302] Refactor device-approvals.component.ts to remove unused imports * [AC-2302] Set up jest on bit-common and add unit tests for OrganizationAuthRequestService * [AC-2302] Add bit-common to jest.config.js * [AC-2302] Update organizations.module.ts to include safeProviders declared in variable * [AC-2302] Remove services and views folders from bit-common * [AC-2302] Define path mapping * Adjust an import path The import path of `PendingAuthRequestView` in `OrganizationAuthRequestApiService` was pointing to the wrong place. I think this file was just recently moved, and the import didn't get updated. * Get paths working * Fix import * Update jest config to use ts-jest adn jsdom * Copy-paste path mappings from bit-web * Remove unnecessary test setup file * Undo unnecessary change * Fix remaining path mappings * Remove Bitwarden License mapping from OSS code * Fix bit-web so it uses its own tsconfig * Fix import path * Remove web-bit entrypoint from OSS tsconfig * Make DeviceApprovalsComponent standalone * Remove organization-auth-request-api.service export * Add BulkApproveAuthRequestsRequest class for bulk approval of authentication requests * Add api call for device bulk approvals * Add bulk device approval to OrganizationAuthRequestService * Add unit tests for bulk device approval method * Remove OrganizationsRoutingModule from DeviceApprovalsComponent imports * Remove CoreOrganizationModule from OrganizationsModule imports * Remove NoItemsModule from OrganizationsModule imports * Get keys for each item to approve * Update approvePendingRequests unit test * Use ApiService from JslibServicesModule * Update providers in device-approvals.component.ts * Add method to retrieve reset password details for multiple organization users * Add organizationUserId property to OrganizationUserResetPasswordDetailsResponse class * Use method to retrieve reset password details for multiple organization users * Rename ResetPasswordDetails to AccountRecoveryDetails * Update OrganizationAuthRequestService to use getManyOrganizationUserAccountRecoveryDetails * Update AdminAuthRequestUpdateWithIdRequest property names and imports * Refactor bulk approval functionality in organization auth requests * Rename update request AdminAuthRequestUpdateWithIdRequest to OrganizationAuthRequestUpdateRequest * Update organization-auth-request.service.spec.ts to use bulkUpdatePendingRequests method --------- Co-authored-by: Addison Beck <hello@addisonbeck.com> Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2025-12-19 09:43:23 +00:00 · 2024-05-24 15:48:47 +01:00
parent f3b82c30f2
commit a49e7bb35f
4 changed files with 109 additions and 0 deletions
--- a/bitwarden_license/bit-common/src/admin-console/auth-requests/organization-auth-request.service.ts
+++ b/bitwarden_license/bit-common/src/admin-console/auth-requests/organization-auth-request.service.ts
@@ -6,6 +6,7 @@ import { EncString } from "@bitwarden/common/platform/models/domain/enc-string";
 import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key";

 import { OrganizationAuthRequestApiService } from "./organization-auth-request-api.service";
+import { OrganizationAuthRequestUpdateRequest } from "./organization-auth-request-update.request";
 import { PendingAuthRequestView } from "./pending-auth-request.view";

 export class OrganizationAuthRequestService {
@@ -23,6 +24,42 @@ export class OrganizationAuthRequestService {
    await this.organizationAuthRequestApiService.denyPendingRequests(organizationId, ...requestIds);
  }

+  async approvePendingRequests(
+    organizationId: string,
+    authRequests: PendingAuthRequestView[],
+  ): Promise<void> {
+    const organizationUserIds = authRequests.map((r) => r.organizationUserId);
+    const details =
+      await this.organizationUserService.getManyOrganizationUserAccountRecoveryDetails(
+        organizationId,
+        organizationUserIds,
+      );
+
+    if (
+      details == null ||
+      details.data.length == 0 ||
+      details.data.some((d) => d.resetPasswordKey == null)
+    ) {
+      throw new Error(
+        "All users must be enrolled in account recovery (password reset) in order for the requests to be approved.",
+      );
+    }
+
+    const requestsToApprove = await Promise.all(
+      authRequests.map(async (r) => {
+        const detail = details.data.find((d) => d.organizationUserId === r.organizationUserId);
+        const encryptedKey = await this.getEncryptedUserKey(organizationId, r.publicKey, detail);
+
+        return new OrganizationAuthRequestUpdateRequest(r.id, true, encryptedKey.encryptedString);
+      }),
+    );
+
+    await this.organizationAuthRequestApiService.bulkUpdatePendingRequests(
+      organizationId,
+      requestsToApprove,
+    );
+  }
+
  async approvePendingRequest(organizationId: string, authRequest: PendingAuthRequestView) {
    const details = await this.organizationUserService.getOrganizationUserResetPasswordDetails(
      organizationId,