[PM 21897]Add Manual Enable/Disable Override for Providers in Admin Portal (#6072)

* Add the changes for the enable provider * remove the wanted permission added * Added a unit testing for the updateAsync
2025-12-23 03:33:35 +00:00 · 2025-07-24 16:12:25 +01:00
parent 2d1f914eae
commit 2cf7208eb3
8 changed files with 317 additions and 3 deletions
--- a/src/Admin/AdminConsole/Controllers/ProvidersController.cs
+++ b/src/Admin/AdminConsole/Controllers/ProvidersController.cs
@@ -5,6 +5,7 @@ using System.ComponentModel.DataAnnotations;
 using System.Net;
 using Bit.Admin.AdminConsole.Models;
 using Bit.Admin.Enums;
+using Bit.Admin.Services;
 using Bit.Admin.Utilities;
 using Bit.Core;
 using Bit.Core.AdminConsole.Entities.Provider;
@@ -51,6 +52,7 @@ public class ProvidersController : Controller
    private readonly IProviderBillingService _providerBillingService;
    private readonly IPricingClient _pricingClient;
    private readonly IStripeAdapter _stripeAdapter;
+    private readonly IAccessControlService _accessControlService;
    private readonly string _stripeUrl;
    private readonly string _braintreeMerchantUrl;
    private readonly string _braintreeMerchantId;
@@ -70,7 +72,8 @@ public class ProvidersController : Controller
        IProviderBillingService providerBillingService,
        IWebHostEnvironment webHostEnvironment,
        IPricingClient pricingClient,
-        IStripeAdapter stripeAdapter)
+        IStripeAdapter stripeAdapter,
+        IAccessControlService accessControlService)
    {
        _organizationRepository = organizationRepository;
        _resellerClientOrganizationSignUpCommand = resellerClientOrganizationSignUpCommand;
@@ -89,6 +92,7 @@ public class ProvidersController : Controller
        _stripeUrl = webHostEnvironment.GetStripeUrl();
        _braintreeMerchantUrl = webHostEnvironment.GetBraintreeMerchantUrl();
        _braintreeMerchantId = globalSettings.Braintree.MerchantId;
+        _accessControlService = accessControlService;
    }

    [RequirePermission(Permission.Provider_List_View)]
@@ -291,9 +295,14 @@ public class ProvidersController : Controller
            return View(oldModel);
        }

+        var originalProviderStatus = provider.Enabled;
+
        model.ToProvider(provider);

-        await _providerRepository.ReplaceAsync(provider);
+        provider.Enabled = _accessControlService.UserHasPermission(Permission.Provider_CheckEnabledBox)
+            ? model.Enabled : originalProviderStatus;
+
+        await _providerService.UpdateAsync(provider);
        await _applicationCacheService.UpsertProviderAbilityAsync(provider);

        if (!provider.IsBillable())
--- a/src/Admin/AdminConsole/Models/ProviderEditModel.cs
+++ b/src/Admin/AdminConsole/Models/ProviderEditModel.cs
@@ -38,6 +38,7 @@ public class ProviderEditModel : ProviderViewModel, IValidatableObject
        GatewaySubscriptionUrl = gatewaySubscriptionUrl;
        Type = provider.Type;
        PayByInvoice = payByInvoice;
+        Enabled = provider.Enabled;

        if (Type == ProviderType.BusinessUnit)
        {
@@ -78,10 +79,14 @@ public class ProviderEditModel : ProviderViewModel, IValidatableObject
    [Display(Name = "Enterprise Seats Minimum")]
    public int? EnterpriseMinimumSeats { get; set; }

+    [Display(Name = "Enabled")]
+    public bool Enabled { get; set; }
+
    public virtual Provider ToProvider(Provider existingProvider)
    {
        existingProvider.BillingEmail = BillingEmail?.ToLowerInvariant().Trim();
        existingProvider.BillingPhone = BillingPhone?.ToLowerInvariant().Trim();
+        existingProvider.Enabled = Enabled;
        switch (Type)
        {
            case ProviderType.Msp:
--- a/src/Admin/AdminConsole/Views/Providers/Edit.cshtml
+++ b/src/Admin/AdminConsole/Views/Providers/Edit.cshtml
@@ -11,6 +11,7 @@
@{
    ViewData["Title"] = "Provider: " + Model.Provider.DisplayName();
    var canEdit = AccessControlService.UserHasPermission(Permission.Provider_Edit);
+    var canCheckEnabled = AccessControlService.UserHasPermission(Permission.Provider_CheckEnabledBox);
 }

 <h1>Provider <small>@Model.Provider.DisplayName()</small></h1>
@@ -30,6 +31,13 @@
        <dt class="col-sm-4 col-lg-3">Name</dt>
        <dd class="col-sm-8 col-lg-9">@Model.Provider.DisplayName()</dd>
    </dl>
+    @if (canCheckEnabled && (Model.Provider.Type == ProviderType.Msp || Model.Provider.Type == ProviderType.BusinessUnit))
+    {
+        <div class="form-check mb-3">
+            <input type="checkbox" class="form-check-input" asp-for="Enabled" disabled='@(canCheckEnabled ? null : "disabled")'>
+            <label class="form-check-label" asp-for="Enabled"></label>
+        </div>
+    }
    <h2>Business Information</h2>
    <dl class="row">
        <dt class="col-sm-4 col-lg-3">Business Name</dt>
--- a/src/Admin/AdminConsole/Views/Providers/_ViewInformation.cshtml
+++ b/src/Admin/AdminConsole/Views/Providers/_ViewInformation.cshtml
@@ -14,6 +14,12 @@
    <dt class="col-sm-4 col-lg-3">Provider Type</dt>
    <dd class="col-sm-8 col-lg-9">@(Model.Provider.Type.GetDisplayAttribute()?.GetName())</dd>

+    @if (Model.Provider.Type == ProviderType.Msp || Model.Provider.Type == ProviderType.BusinessUnit)
+    {
+        <dt class="col-sm-4 col-lg-3">Enabled</dt>
+        <dd class="col-sm-8 col-lg-9">@(Model.Provider.Enabled ? "Yes" : "No")</dd>
+    }
+
    <dt class="col-sm-4 col-lg-3">Created</dt>
    <dd class="col-sm-8 col-lg-9">@Model.Provider.CreationDate.ToString()</dd>

--- a/src/Admin/Enums/Permissions.cs
+++ b/src/Admin/Enums/Permissions.cs
@@ -45,6 +45,7 @@ public enum Permission
    Provider_Edit,
    Provider_View,
    Provider_ResendEmailInvite,
+    Provider_CheckEnabledBox,

    Tools_ChargeBrainTreeCustomer,
    Tools_PromoteAdmin,
--- a/src/Admin/Utilities/RolePermissionMapping.cs
+++ b/src/Admin/Utilities/RolePermissionMapping.cs
@@ -47,6 +47,7 @@ public static class RolePermissionMapping
                Permission.Provider_Create,
                Permission.Provider_View,
                Permission.Provider_ResendEmailInvite,
+                Permission.Provider_CheckEnabledBox,
                Permission.Tools_ChargeBrainTreeCustomer,
                Permission.Tools_PromoteAdmin,
                Permission.Tools_PromoteProviderServiceUser,
@@ -98,6 +99,7 @@ public static class RolePermissionMapping
                Permission.Provider_View,
                Permission.Provider_Edit,
                Permission.Provider_ResendEmailInvite,
+                Permission.Provider_CheckEnabledBox,
                Permission.Tools_ChargeBrainTreeCustomer,
                Permission.Tools_PromoteAdmin,
                Permission.Tools_PromoteProviderServiceUser,
@@ -135,7 +137,8 @@ public static class RolePermissionMapping
                Permission.Org_Billing_LaunchGateway,
                Permission.Org_RequestDelete,
                Permission.Provider_List_View,
-                Permission.Provider_View
+                Permission.Provider_View,
+                Permission.Provider_CheckEnabledBox
            }
        },
        { "billing", new List<Permission>
@@ -173,6 +176,7 @@ public static class RolePermissionMapping
                Permission.Provider_Edit,
                Permission.Provider_View,
                Permission.Provider_List_View,
+                Permission.Provider_CheckEnabledBox,
                Permission.Tools_ChargeBrainTreeCustomer,
                Permission.Tools_GenerateLicenseFile,
                Permission.Tools_ManageTaxRates,