[PM-18239] Master password policy requirement (#5936)

* wip * initial implementation * add tests * more tests, fix policy Enabled * remove exempt statuses * test EnforcedOptions is populated * clean up, add test * fix test, add json attributes for deserialization * fix attribute casing * fix test --------- Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2025-12-25 20:53:16 +00:00 · 2025-07-25 10:14:16 -04:00
parent c503ecbefc
commit 571111e897
6 changed files with 207 additions and 10 deletions
--- a/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/MasterPasswordPolicyRequirement.cs
+++ b/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/MasterPasswordPolicyRequirement.cs
@@ -0,0 +1,55 @@
+using Bit.Core.AdminConsole.Enums;
+using Bit.Core.AdminConsole.Models.Data.Organizations.Policies;
+using Bit.Core.Enums;
+
+namespace Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements;
+
+/// <summary>
+/// Policy requirements for the Master Password Requirements policy.
+/// </summary>
+public class MasterPasswordPolicyRequirement : IPolicyRequirement
+{
+    /// <summary>
+    /// Indicates whether MasterPassword requirements are enabled for the user.
+    /// </summary>
+    public bool Enabled { get; init; }
+
+    /// <summary>
+    /// Master Password Policy data model associated with this Policy
+    /// </summary>
+    public MasterPasswordPolicyData? EnforcedOptions { get; init; }
+}
+
+public class MasterPasswordPolicyRequirementFactory : BasePolicyRequirementFactory<MasterPasswordPolicyRequirement>
+{
+    public override PolicyType PolicyType => PolicyType.MasterPassword;
+
+    protected override bool ExemptProviders => false;
+
+    protected override IEnumerable<OrganizationUserType> ExemptRoles => [];
+
+    protected override IEnumerable<OrganizationUserStatusType> ExemptStatuses =>
+        [OrganizationUserStatusType.Accepted,
+            OrganizationUserStatusType.Invited,
+            OrganizationUserStatusType.Revoked,
+        ];
+
+    public override MasterPasswordPolicyRequirement Create(IEnumerable<PolicyDetails> policyDetails)
+    {
+        var result = policyDetails
+            .Select(p => p.GetDataModel<MasterPasswordPolicyData>())
+            .Aggregate(
+                new MasterPasswordPolicyRequirement(),
+                (result, data) =>
+                {
+                    data.CombineWith(result.EnforcedOptions);
+                    return new MasterPasswordPolicyRequirement
+                    {
+                        Enabled = true,
+                        EnforcedOptions = data
+                    };
+                });
+
+        return result;
+    }
+}