bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-20 18:23:44 +00:00
Code Issues Releases Wiki Activity

[PM-20595] Add Policy for Send access (#6282)

Browse Source 
* feat: add policy to API startup and Policies class to hold the static strings
* test: add snapshot testing for constants to help with rust mappings
* doc: add docs for send access
This commit is contained in:
Ike
2025-09-05 10:36:01 -04:00
committed by GitHub
parent 2c0c113420
commit 6d4129c6b7
6 changed files with 162 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/Api/Startup.cs
View File

@@ -33,6 +33,7 @@ using Bit.Core.Auth.Models.Api.Request;
using Bit.Core.Dirt.Reports.ReportFeatures;
using Bit.Core.Tools.SendFeatures;
using Bit.Core.Auth.IdentityServer;
using Bit.Core.Auth.Identity;
#if !OSS
@@ -145,6 +146,12 @@ public class Startup
(c.Value.Contains(ApiScopes.Api) || c.Value.Contains(ApiScopes.ApiSecrets))
));
});
config.AddPolicy(Policies.Send, configurePolicy: policy =>
{
policy.RequireAuthenticatedUser();
policy.RequireClaim(JwtClaimTypes.Scope, ApiScopes.ApiSendAccess);
policy.RequireClaim(Claims.SendAccessClaims.SendId);
});
});
services.AddScoped<AuthenticatorTokenProvider>();