[PM-26378] Auto confirm events (#7017)

* implement auto confirm push notification * fix test * fix test * simplify LINQ * add event logging for auto confirm * fix test
2026-02-20 11:23:37 +00:00 · 2026-02-19 12:10:28 -05:00
parent 71a8116d4c
commit 31fe7b0e12
10 changed files with 246 additions and 0 deletions
--- a/test/Admin.Test/AdminConsole/Controllers/OrganizationsControllerTests.cs
+++ b/test/Admin.Test/AdminConsole/Controllers/OrganizationsControllerTests.cs
@@ -11,6 +11,7 @@ using Bit.Core.Billing.Enums;
 using Bit.Core.Billing.Providers.Services;
 using Bit.Core.Enums;
 using Bit.Core.Repositories;
+using Bit.Core.Services;
 using Bit.Test.Common.AutoFixture;
 using Bit.Test.Common.AutoFixture.Attributes;
 using Microsoft.AspNetCore.Http;
@@ -464,5 +465,109 @@ public class OrganizationsControllerTests
            .IsOrganizationCompliantAsync(Arg.Any<AutomaticUserConfirmationOrganizationPolicyComplianceValidatorRequest>());
    }

+    [BitAutoData]
+    [SutProviderCustomize]
+    [Theory]
+    public async Task Edit_UseAutomaticUserConfirmation_EnabledByPortal_LogsEvent(
+        Organization organization,
+        SutProvider<OrganizationsController> sutProvider)
+    {
+        var update = new OrganizationEditModel
+        {
+            PlanType = PlanType.TeamsMonthly,
+            UseAutomaticUserConfirmation = true
+        };
+
+        organization.UseAutomaticUserConfirmation = false;
+        organization.Enabled = true;
+        organization.UseEvents = true;
+
+        sutProvider.GetDependency<IAccessControlService>()
+                .UserHasPermission(Permission.Org_Plan_Edit)
+                .Returns(true);
+
+        var organizationRepository = sutProvider.GetDependency<IOrganizationRepository>();
+        organizationRepository.GetByIdAsync(organization.Id).Returns(organization);
+
+        var request = new AutomaticUserConfirmationOrganizationPolicyComplianceValidatorRequest(organization.Id);
+        sutProvider.GetDependency<IAutomaticUserConfirmationOrganizationPolicyComplianceValidator>()
+            .IsOrganizationCompliantAsync(Arg.Any<AutomaticUserConfirmationOrganizationPolicyComplianceValidatorRequest>())
+            .Returns(Valid(request));
+
+        _ = await sutProvider.Sut.Edit(organization.Id, update);
+
+        await sutProvider.GetDependency<IEventService>().Received(1)
+            .LogOrganizationEventAsync(
+                Arg.Is<Organization>(o => o.Id == organization.Id),
+                EventType.Organization_AutoConfirmEnabled_Portal,
+                EventSystemUser.BitwardenPortal);
+    }
+
+    [BitAutoData]
+    [SutProviderCustomize]
+    [Theory]
+    public async Task Edit_UseAutomaticUserConfirmation_DisabledByPortal_LogsEvent(
+        Organization organization,
+        SutProvider<OrganizationsController> sutProvider)
+    {
+        var update = new OrganizationEditModel
+        {
+            PlanType = PlanType.TeamsMonthly,
+            UseAutomaticUserConfirmation = false
+        };
+
+        organization.UseAutomaticUserConfirmation = true;
+        organization.Enabled = true;
+        organization.UseEvents = true;
+
+        sutProvider.GetDependency<IAccessControlService>()
+                .UserHasPermission(Permission.Org_Plan_Edit)
+                .Returns(true);
+
+        var organizationRepository = sutProvider.GetDependency<IOrganizationRepository>();
+        organizationRepository.GetByIdAsync(organization.Id).Returns(organization);
+
+        _ = await sutProvider.Sut.Edit(organization.Id, update);
+
+        await sutProvider.GetDependency<IEventService>().Received(1)
+            .LogOrganizationEventAsync(
+                Arg.Is<Organization>(o => o.Id == organization.Id),
+                EventType.Organization_AutoConfirmDisabled_Portal,
+                EventSystemUser.BitwardenPortal);
+    }
+
+    [BitAutoData]
+    [SutProviderCustomize]
+    [Theory]
+    public async Task Edit_UseAutomaticUserConfirmation_NoChange_DoesNotLogEvent(
+        Organization organization,
+        SutProvider<OrganizationsController> sutProvider)
+    {
+        var update = new OrganizationEditModel
+        {
+            PlanType = PlanType.TeamsMonthly,
+            UseAutomaticUserConfirmation = true
+        };
+
+        organization.UseAutomaticUserConfirmation = true;
+        organization.Enabled = true;
+        organization.UseEvents = true;
+
+        sutProvider.GetDependency<IAccessControlService>()
+                .UserHasPermission(Permission.Org_Plan_Edit)
+                .Returns(true);
+
+        var organizationRepository = sutProvider.GetDependency<IOrganizationRepository>();
+        organizationRepository.GetByIdAsync(organization.Id).Returns(organization);
+
+        _ = await sutProvider.Sut.Edit(organization.Id, update);
+
+        await sutProvider.GetDependency<IEventService>().DidNotReceive()
+            .LogOrganizationEventAsync(
+                Arg.Any<Organization>(),
+                Arg.Any<EventType>(),
+                Arg.Any<EventSystemUser>());
+    }
+
    #endregion
 }
--- a/test/Core.Test/Dirt/Services/EventServiceTests.cs
+++ b/test/Core.Test/Dirt/Services/EventServiceTests.cs
@@ -116,6 +116,26 @@ public class EventServiceTests
            e.InstallationId == installationId));
    }

+    [Theory, BitAutoData]
+    public async Task LogOrganizationEvent_WithEventSystemUser_LogsRequiredInfo(Organization organization, EventType eventType,
+        EventSystemUser eventSystemUser, DateTime date, Guid providerId, SutProvider<EventService> sutProvider)
+    {
+        organization.Enabled = true;
+        organization.UseEvents = true;
+
+        sutProvider.GetDependency<ICurrentContext>().ProviderIdForOrg(Arg.Any<Guid>()).Returns(providerId);
+
+        await sutProvider.Sut.LogOrganizationEventAsync(organization, eventType, eventSystemUser, date);
+
+        await sutProvider.GetDependency<IEventWriteService>().Received(1).CreateAsync(Arg.Is<IEvent>(e =>
+            e.OrganizationId == organization.Id &&
+            e.Type == eventType &&
+            e.SystemUser == eventSystemUser &&
+            e.DeviceType == DeviceType.Server &&
+            e.Date == date &&
+            e.ProviderId == providerId));
+    }
+
    [Theory, BitAutoData]
    public async Task LogOrganizationUserEvent_LogsRequiredInfo(OrganizationUser orgUser, EventType eventType, DateTime date,
        Guid actingUserId, Guid providerId, string ipAddress, DeviceType deviceType, SutProvider<EventService> sutProvider)
--- a/test/Events.Test/Controllers/CollectControllerTests.cs
+++ b/test/Events.Test/Controllers/CollectControllerTests.cs
@@ -743,4 +743,80 @@ public class CollectControllerTests
            Arg.Is<IEnumerable<Tuple<Cipher, EventType, DateTime?>>>(tuples => tuples.Count() == 50)
        );
    }
+
+    [Theory]
+    [BitAutoData(EventType.Organization_AutoConfirmEnabled_Admin)]
+    [BitAutoData(EventType.Organization_AutoConfirmDisabled_Admin)]
+    public async Task Post_OrganizationAutoConfirmAdmin_WithValidOrg_LogsOrgEvent(
+        EventType eventType, Guid userId, Guid orgId, Organization organization)
+    {
+        _currentContext.UserId.Returns(userId);
+        organization.Id = orgId;
+        _organizationRepository.GetByIdAsync(orgId).Returns(organization);
+        var eventDate = DateTime.UtcNow;
+        var events = new List<EventModel>
+        {
+            new EventModel
+            {
+                Type = eventType,
+                OrganizationId = orgId,
+                Date = eventDate
+            }
+        };
+
+        var result = await _sut.Post(events);
+
+        Assert.IsType<OkResult>(result);
+        await _organizationRepository.Received(1).GetByIdAsync(orgId);
+        await _eventService.Received(1).LogOrganizationEventAsync(organization, eventType, eventDate);
+    }
+
+    [Theory]
+    [BitAutoData(EventType.Organization_AutoConfirmEnabled_Admin)]
+    [BitAutoData(EventType.Organization_AutoConfirmDisabled_Admin)]
+    public async Task Post_OrganizationAutoConfirmAdmin_WithoutOrgId_SkipsEvent(
+        EventType eventType, Guid userId)
+    {
+        _currentContext.UserId.Returns(userId);
+        var events = new List<EventModel>
+        {
+            new EventModel
+            {
+                Type = eventType,
+                OrganizationId = null,
+                Date = DateTime.UtcNow
+            }
+        };
+
+        var result = await _sut.Post(events);
+
+        Assert.IsType<OkResult>(result);
+        await _organizationRepository.DidNotReceiveWithAnyArgs().GetByIdAsync(default);
+        await _eventService.DidNotReceiveWithAnyArgs().LogOrganizationEventAsync(default, default, default);
+    }
+
+    [Theory]
+    [BitAutoData(EventType.Organization_AutoConfirmEnabled_Admin)]
+    [BitAutoData(EventType.Organization_AutoConfirmDisabled_Admin)]
+    public async Task Post_OrganizationAutoConfirmAdmin_WithNullOrg_SkipsEvent(
+        EventType eventType, Guid userId, Guid orgId)
+    {
+        _currentContext.UserId.Returns(userId);
+        _organizationRepository.GetByIdAsync(orgId).Returns((Organization)null);
+        var events = new List<EventModel>
+        {
+            new EventModel
+            {
+                Type = eventType,
+                OrganizationId = orgId,
+                Date = DateTime.UtcNow
+            }
+        };
+
+        var result = await _sut.Post(events);
+
+        Assert.IsType<OkResult>(result);
+        await _organizationRepository.Received(1).GetByIdAsync(orgId);
+        await _eventService.DidNotReceiveWithAnyArgs().LogOrganizationEventAsync(default, default, default);
+    }
 }