[SM-1293] Add endpoint to fetch secret's access policies (#4146)

* Add authz handling for secret access policy reads * Add the ability to fetch secret access polices from the repository * refactor response models * Add new endpoint
2025-12-18 09:13:19 +00:00 · 2024-06-07 12:08:38 -05:00
parent a1d609b208
commit 36705790ad
17 changed files with 554 additions and 143 deletions
--- a/src/Core/SecretsManager/Models/Data/SecretAccessPolicies.cs
+++ b/src/Core/SecretsManager/Models/Data/SecretAccessPolicies.cs
@@ -0,0 +1,35 @@
+#nullable enable
+using Bit.Core.SecretsManager.Entities;
+
+namespace Bit.Core.SecretsManager.Models.Data;
+
+public class SecretAccessPolicies
+{
+    public SecretAccessPolicies(Guid secretId, Guid organizationId, List<BaseAccessPolicy> policies)
+    {
+        SecretId = secretId;
+        OrganizationId = organizationId;
+
+        UserAccessPolicies = policies
+            .OfType<UserSecretAccessPolicy>()
+            .ToList();
+
+        GroupAccessPolicies = policies
+            .OfType<GroupSecretAccessPolicy>()
+            .ToList();
+
+        ServiceAccountAccessPolicies = policies
+            .OfType<ServiceAccountSecretAccessPolicy>()
+            .ToList();
+    }
+
+    public SecretAccessPolicies()
+    {
+    }
+
+    public Guid SecretId { get; set; }
+    public Guid OrganizationId { get; set; }
+    public IEnumerable<UserSecretAccessPolicy> UserAccessPolicies { get; set; } = [];
+    public IEnumerable<GroupSecretAccessPolicy> GroupAccessPolicies { get; set; } = [];
+    public IEnumerable<ServiceAccountSecretAccessPolicy> ServiceAccountAccessPolicies { get; set; } = [];
+}