Merge remote-tracking branch 'origin/main' into xunit-v3-full-upgrade

test/Infrastructure.EFIntegration.Test/Repositories/UserRepositoryTests.cs

@@ -2,6 +2,8 @@
 using Bit.Core.Auth.Entities;
 using Bit.Core.Entities;
 using Bit.Core.Enums;
+using Bit.Core.KeyManagement.Enums;
+using Bit.Core.KeyManagement.Models.Data;
 using Bit.Core.Models.Data;
 using Bit.Core.Test.AutoFixture.Attributes;
 using Bit.Infrastructure.EFIntegration.Test.AutoFixture;
@@ -313,4 +315,66 @@ public class UserRepositoryTests
         Assert.Equal(sqlUser.MasterPasswordHint, updatedUser.MasterPasswordHint);
         Assert.Equal(sqlUser.Email, updatedUser.Email);
     }
+
+    [CiSkippedTheory, EfUserAutoData]
+    public async Task UpdateAccountCryptographicStateAsync_Works_DataMatches(
+        User user,
+        List<EfRepo.UserRepository> suts,
+        SqlRepo.UserRepository sqlUserRepo)
+    {
+        // Test for V1 user (no signature key pair or security state)
+        var accountKeysDataV1 = new UserAccountKeysData
+        {
+            PublicKeyEncryptionKeyPairData = new PublicKeyEncryptionKeyPairData(
+                wrappedPrivateKey: "v1-wrapped-private-key",
+                publicKey: "v1-public-key"
+            )
+        };
+
+        foreach (var sut in suts)
+        {
+            var createdUser = await sut.CreateAsync(user);
+            sut.ClearChangeTracking();
+
+            await sut.SetV2AccountCryptographicStateAsync(createdUser.Id, accountKeysDataV1);
+            sut.ClearChangeTracking();
+
+            var updatedUser = await sut.GetByIdAsync(createdUser.Id);
+            Assert.Equal("v1-public-key", updatedUser.PublicKey);
+            Assert.Equal("v1-wrapped-private-key", updatedUser.PrivateKey);
+            Assert.Null(updatedUser.SignedPublicKey);
+            Assert.Null(updatedUser.SecurityState);
+            Assert.Null(updatedUser.SecurityVersion);
+        }
+
+        // Test for V2 user (with signature key pair and security state)
+        var accountKeysDataV2 = new UserAccountKeysData
+        {
+            PublicKeyEncryptionKeyPairData = new PublicKeyEncryptionKeyPairData(
+                wrappedPrivateKey: "v2-wrapped-private-key",
+                publicKey: "v2-public-key",
+                signedPublicKey: "v2-signed-public-key"
+            ),
+            SignatureKeyPairData = new SignatureKeyPairData(
+                signatureAlgorithm: SignatureAlgorithm.Ed25519,
+                wrappedSigningKey: "v2-wrapped-signing-key",
+                verifyingKey: "v2-verifying-key"
+            ),
+            SecurityStateData = new SecurityStateData
+            {
+                SecurityState = "v2-security-state",
+                SecurityVersion = 2
+            }
+        };
+
+        var sqlUser = await sqlUserRepo.CreateAsync(user);
+        await sqlUserRepo.SetV2AccountCryptographicStateAsync(sqlUser.Id, accountKeysDataV2);
+
+        var updatedSqlUser = await sqlUserRepo.GetByIdAsync(sqlUser.Id);
+        Assert.Equal("v2-public-key", updatedSqlUser.PublicKey);
+        Assert.Equal("v2-wrapped-private-key", updatedSqlUser.PrivateKey);
+        Assert.Equal("v2-signed-public-key", updatedSqlUser.SignedPublicKey);
+        Assert.Equal("v2-security-state", updatedSqlUser.SecurityState);
+        Assert.Equal(2, updatedSqlUser.SecurityVersion);
+    }
 }

test/Infrastructure.EFIntegration.Test/Vault/Repositories/CipherRepositoryTests.cs

@@ -225,4 +225,58 @@ public class CipherRepositoryTests
             Assert.True(savedCipher == null);
         }
     }
+
+    [CiSkippedTheory, EfOrganizationCipherCustomize, BitAutoData]
+    public async Task ReplaceAsync_WithCollections_UpdatesFoldersFavoritesRepromptAndArchivedDateAsync(
+        Cipher cipher,
+        User user,
+        Organization org,
+        Collection collection,
+        List<EfVaultRepo.CipherRepository> suts,
+        List<EfRepo.UserRepository> efUserRepos,
+        List<EfRepo.OrganizationRepository> efOrgRepos,
+        List<EfRepo.CollectionRepository> efCollectionRepos)
+    {
+        foreach (var sut in suts)
+        {
+            var i = suts.IndexOf(sut);
+
+            var postEfOrg = await efOrgRepos[i].CreateAsync(org);
+            efOrgRepos[i].ClearChangeTracking();
+            var postEfUser = await efUserRepos[i].CreateAsync(user);
+            efUserRepos[i].ClearChangeTracking();
+
+            collection.OrganizationId = postEfOrg.Id;
+            var postEfCollection = await efCollectionRepos[i].CreateAsync(collection);
+            efCollectionRepos[i].ClearChangeTracking();
+
+            cipher.UserId = postEfUser.Id;
+            cipher.OrganizationId = null;
+            cipher.Folders = $"{{\"{postEfUser.Id}\":\"some-folder-id\"}}";
+            cipher.Favorites = $"{{\"{postEfUser.Id}\":true}}";
+            cipher.Reprompt = Core.Vault.Enums.CipherRepromptType.Password;
+
+            var createdCipher = await sut.CreateAsync(cipher);
+            sut.ClearChangeTracking();
+
+            var updatedCipher = await sut.GetByIdAsync(createdCipher.Id);
+            updatedCipher.UserId = postEfUser.Id;
+            updatedCipher.OrganizationId = postEfOrg.Id;
+            updatedCipher.Folders = $"{{\"{postEfUser.Id}\":\"new-folder-id\"}}";
+            updatedCipher.Favorites = $"{{\"{postEfUser.Id}\":true}}";
+            updatedCipher.Reprompt = Core.Vault.Enums.CipherRepromptType.Password;
+
+            await sut.ReplaceAsync(updatedCipher, new List<Guid> { postEfCollection.Id });
+            sut.ClearChangeTracking();
+
+
+            var savedCipher = await sut.GetByIdAsync(createdCipher.Id);
+            Assert.NotNull(savedCipher);
+            Assert.Null(savedCipher.UserId);
+            Assert.Equal(postEfOrg.Id, savedCipher.OrganizationId);
+            Assert.Equal($"{{\"{postEfUser.Id}\":\"new-folder-id\"}}", savedCipher.Folders);
+            Assert.Equal($"{{\"{postEfUser.Id}\":true}}", savedCipher.Favorites);
+            Assert.Equal(Core.Vault.Enums.CipherRepromptType.Password, savedCipher.Reprompt);
+        }
+    }
 }