Implemented Custom role and permissions (#1057)

* Implemented Custom role and permissions * Converted permissions columns to a json blob * Code review fixes for Permissions * sql build fix * Update Permissions.cs * formatting * Update IOrganizationService.cs * reworked a conditional * built out tests for relevant organization service methods * removed unused usings * fixed a broken test and a bad empty string init * removed 'Attribute' from some attribute instances
2025-12-20 02:03:46 +00:00 · 2021-01-12 11:02:39 -05:00
parent 99b95b5330
commit 63fcdc1418
39 changed files with 1116 additions and 149 deletions
--- a/src/Core/Models/Api/Request/Organizations/OrganizationUpdateRequestModel.cs
+++ b/src/Core/Models/Api/Request/Organizations/OrganizationUpdateRequestModel.cs
@@ -1,4 +1,5 @@
-using Bit.Core.Models.Table;
+using Bit.Core.Models.Data;
+using Bit.Core.Models.Table;
 using System.ComponentModel.DataAnnotations;

 namespace Bit.Core.Models.Api
@@ -17,6 +18,8 @@ namespace Bit.Core.Models.Api
        [StringLength(50)]
        public string BillingEmail { get; set; }

+        public Permissions Permissions { get; set; }
+
        public virtual Organization ToOrganization(Organization existingOrganization, GlobalSettings globalSettings)
        {
            if (!globalSettings.SelfHosted)
--- a/src/Core/Models/Api/Request/Organizations/OrganizationUserRequestModels.cs
+++ b/src/Core/Models/Api/Request/Organizations/OrganizationUserRequestModels.cs
@@ -1,8 +1,9 @@
-using Bit.Core.Models.Table;
+using Bit.Core.Models.Data;
+using Bit.Core.Models.Table;
 using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
-using System;
 using System.Linq;
+using System.Text.Json;

 namespace Bit.Core.Models.Api
 {
@@ -13,6 +14,7 @@ namespace Bit.Core.Models.Api
        [Required]
        public Enums.OrganizationUserType? Type { get; set; }
        public bool AccessAll { get; set; }
+        public Permissions Permissions { get; set; }
        public IEnumerable<SelectionReadOnlyRequestModel> Collections { get; set; }

        public IEnumerable<ValidationResult> Validate(ValidationContext validationContext)
@@ -62,11 +64,16 @@ namespace Bit.Core.Models.Api
        [Required]
        public Enums.OrganizationUserType? Type { get; set; }
        public bool AccessAll { get; set; }
+        public Permissions Permissions { get; set; }
        public IEnumerable<SelectionReadOnlyRequestModel> Collections { get; set; }

        public OrganizationUser ToOrganizationUser(OrganizationUser existingUser)
        {
            existingUser.Type = Type.Value;
+            existingUser.Permissions = JsonSerializer.Serialize(Permissions, new JsonSerializerOptions
+            {
+                PropertyNamingPolicy = JsonNamingPolicy.CamelCase,
+            });
            existingUser.AccessAll = AccessAll;
            return existingUser;
        }