bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-31 23:53:17 +00:00
Code Issues Releases Wiki Activity

Added check for provider users to auto confirm validator. Broke out interface into separate file.

Browse Source
This commit is contained in:
jrmccannon
2025-11-26 08:36:33 -06:00
parent d38e2c3859
commit 6e1ea8bbff
6 changed files with 45 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/AutoConfirmUser/AutomaticallyConfirmOrganizationUsersValidator.cs
View File

@@ -20,6 +20,7 @@ public class AutomaticallyConfirmOrganizationUsersValidator(
IPolicyRequirementQuery policyRequirementQuery,
IAutomaticUserConfirmationPolicyEnforcementQuery automaticUserConfirmationPolicyEnforcementQuery,
IUserService userService,
IProviderUserRepository providerUserRepository,
IPolicyRepository policyRepository) : IAutomaticallyConfirmOrganizationUsersValidator
{
public async Task<ValidationResult<AutomaticallyConfirmOrganizationUserValidationRequest>> ValidateAsync(
@@ -70,9 +71,17 @@ public class AutomaticallyConfirmOrganizationUsersValidator(
return Invalid(request, error);
}
if (await OrganizationUserIsProviderAsync(request))
{
return Invalid(request, new ProviderUsersCannotJoin());
}
return Valid(request);
}
private async Task<bool> OrganizationUserIsProviderAsync(AutomaticallyConfirmOrganizationUserValidationRequest request) =>
(await providerUserRepository.GetManyByUserAsync(request.OrganizationUser!.UserId!.Value)).Count != 0;
private async Task<bool> OrganizationHasAutomaticallyConfirmUsersPolicyEnabledAsync(
AutomaticallyConfirmOrganizationUserValidationRequest request) =>
await policyRepository.GetByOrganizationIdTypeAsync(request.OrganizationId,
@@ -114,4 +123,6 @@ public class AutomaticallyConfirmOrganizationUsersValidator(
_ => null
);
}
}

1
src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/AutoConfirmUser/Errors.cs
View File

@@ -11,3 +11,4 @@ public record UserDoesNotHaveTwoFactorEnabled() : BadRequestError("User does not
public record OrganizationEnforcesSingleOrgPolicy() : BadRequestError("Cannot confirm this member to the organization until they leave or remove all other organizations");
public record OtherOrganizationEnforcesSingleOrgPolicy() : BadRequestError("Cannot confirm this member to the organization because they are in another organization which forbids it.");
public record AutomaticallyConfirmUsersPolicyIsNotEnabled() : BadRequestError("Cannot confirm this member because the Automatically Confirm Users policy is not enabled.");
public record ProviderUsersCannotJoin() : BadRequestError("Organization has enabled Automatic User Confirmation policy and it does not support provider users.");