bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-15 07:43:54 +00:00
Code Issues Releases Wiki Activity

[PM-20010] Fix purge logic to skip claimed user check for organization vault (#6107)

Browse Source 
* Implement unit tests for PostPurge method in CiphersController to handle various scenarios

* Refactor PostPurge method in CiphersController to use Guid for organizationId parameter and update related unit tests

* Refactor PostPurge method in CiphersController to skip checking if user is claimed if its purging the org vault
This commit is contained in:
Rui Tomé
2025-07-29 16:17:16 +01:00
committed by GitHub
parent 47237fa88f
commit 43372b7168
2 changed files with 129 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/Api/Vault/Controllers/CiphersController.cs
View File

@@ -1113,7 +1113,7 @@ public class CiphersController : Controller
}
[HttpPost("purge")]
public async Task PostPurge([FromBody] SecretVerificationRequestModel model, string organizationId = null)
public async Task PostPurge([FromBody] SecretVerificationRequestModel model, Guid? organizationId = null)
{
var user = await _userService.GetUserByPrincipalAsync(User);
if (user == null)
@@ -1128,24 +1128,22 @@ public class CiphersController : Controller
throw new BadRequestException(ModelState);
}
// Check if the user is claimed by any organization.
if (await _userService.IsClaimedByAnyOrganizationAsync(user.Id))
{
throw new BadRequestException("Cannot purge accounts owned by an organization. Contact your organization administrator for additional details.");
}
if (string.IsNullOrWhiteSpace(organizationId))
if (organizationId == null)
{
// Check if the user is claimed by any organization.
if (await _userService.IsClaimedByAnyOrganizationAsync(user.Id))
{
throw new BadRequestException("Cannot purge accounts owned by an organization. Contact your organization administrator for additional details.");
}
await _cipherRepository.DeleteByUserIdAsync(user.Id);
}
else
{
var orgId = new Guid(organizationId);
if (!await _currentContext.EditAnyCollection(orgId))
if (!await _currentContext.EditAnyCollection(organizationId!.Value))
{
throw new NotFoundException();
}
await _cipherService.PurgeAsync(orgId);
await _cipherService.PurgeAsync(organizationId!.Value);
}
}