mirror of
https://github.com/bitwarden/server
synced 2025-12-18 09:13:19 +00:00
[PM-25923] Simplify and align response models for Organization members and Provider users (#6385)
* Update ProviderUserOrganizationDetailsView to include SSO configuration data * Updated the ProviderUserOrganizationDetailsViewQuery to join with SsoConfigs and select SSO-related fields. * Modified the SQL view to reflect the inclusion of SSO configuration data. * Added a new migration script for the updated view structure. * Add SSO configuration properties to ProviderUserOrganizationDetails model * Add SSO configuration handling to ProfileProviderOrganizationResponseModel * Introduced properties for SSO configuration, including SSO enabled status and KeyConnector details. * Implemented deserialization of SSO configuration data to populate new fields in the response model. * Add integration tests for ProviderUserRepository.GetManyOrganizationDetailsByUserAsync * Add BaseUserOrganizationDetails model to encapsulate common properties * Introduced a new abstract class to define shared properties for organization users and provider organization users * Add BaseProfileOrganizationResponseModel to encapsulate organization response properties * Introduced a new abstract class that ensures all properties are fully populated for profile organization responses. * Update ProviderUserOrganizationDetailsViewQuery to include missing ProviderUserId * Refactor OrganizationUserOrganizationDetails and ProviderUserOrganizationDetails to inherit from BaseUserOrganizationDetails * Updated both models to extend BaseUserOrganizationDetails, promoting code reuse and ensure they have the same base properties * Refactor ProfileOrganizationResponseModel and ProfileProviderOrganizationResponseModel to inherit from BaseProfileOrganizationResponseModel * Refactor ProviderUserRepositoryTests to improve organization detail assertions * Consolidated assertions for organization details into a new method, AssertProviderOrganizationDetails, enhancing code readability and maintainability. * Updated test cases to verify all relevant properties for organizations with and without SSO configurations. * Add integration test for GetManyDetailsByUserAsync to verify SSO properties * Implemented a new test case to ensure that the SSO properties are correctly populated for organizations with and without SSO configurations. * The test verifies the expected behavior of the method when interacting with the user and organization repositories, including cleanup of created entities after the test execution. * Add unit tests for ProfileOrganizationResponseModel and ProfileProviderOrganizationResponseModel * Introduced tests to validate the constructors of ProfileOrganizationResponseModel and ProfileProviderOrganizationResponseModel, ensuring that all properties are populated correctly based on the provided organization details. * Verified expected behavior for both organization and provider models, including SSO configurations and relevant properties. * Update SyncControllerTests.Get_ProviderPlanTypeProperlyPopulated to nullify SSO configurations in provider user organization details * Refactor BaseProfileOrganizationResponseModel and ProfileOrganizationResponseModel for null safety Updated properties in BaseProfileOrganizationResponseModel and ProfileOrganizationResponseModel to support null safety by introducing nullable types where appropriate. * Enhance null safety in BaseUserOrganizationDetails and OrganizationUserOrganizationDetails Updated properties in BaseUserOrganizationDetails and OrganizationUserOrganizationDetails to support null safety by introducing nullable types where appropriate, ensuring better handling of potential null values. * Move common properties from ProfileOrganizationResponseModel to BaseProfileOrganizationResponseModel * Refactor organization details: Remove BaseUserOrganizationDetails and introduce IProfileMemberOrganizationDetails interface for improved structure and clarity in organization user data management. * Enhance OrganizationUserOrganizationDetails: Implement IProfileMemberOrganizationDetails interface * Refactor ProviderUserOrganizationDetails: Implement IProfileMemberOrganizationDetails interface * Refactor ProfileOrganizationResponseModelTests and ProfileProviderOrganizationResponseModelTests: Update constructors to utilize Organization and ProviderUserOrganizationDetails, enhancing property population and test coverage. * Enhance ProviderUserOrganizationDetails: Add UseResetPassword, UseSecretsManager, and UsePasswordManager properties to the query and SQL views * Update BaseProfileOrganizationResponseModel documentation: Clarify purpose and usage of organization properties for OrganizationUsers and ProviderUsers. * Rename ProfileOrganizationResponseModel to ProfileMemberOrganizationResponseModel, update references and update related test names * Add XML documentation for ProfileMemberOrganizationResponseModel and ProfileProviderOrganizationResponseModel to clarify their purpose and relationships * Remove unnecessary cleanup code from OrganizationUserRepositoryTests * Remove unnecessary cleanup code from ProviderUserRepositoryTests * Rename test method in ProviderUserRepositoryTests to improve clarity on property population * Add CreateFullOrganization method to ProviderUserRepositoryTests for improved organization setup in tests * Refactor organization creation in tests to use CreateTestOrganizationAsync for consistency and improved setup * Rename IProfileMemberOrganizationDetails to IProfileOrganizationDetails * Rename ProfileMemberOrganizationResponseModel back to ProfileOrganizationResponseModel * Refactor organization response models to remove Family Sponsorship properties from BaseProfileOrganizationResponseModel and reintroduce them in ProfileOrganizationResponseModel. Update related interfaces and tests accordingly. * Bump date on migration script * Update OrganizationUserOrganizationDetailsViewQuery to include UseAutomaticUserConfirmation property
This commit is contained in:
Rui Tomé
GitHub
@@ -0,0 +1,150 @@
|
||||
using Bit.Api.AdminConsole.Models.Response;
|
||||
using Bit.Core.AdminConsole.Entities;
|
||||
using Bit.Core.AdminConsole.Enums.Provider;
|
||||
using Bit.Core.Auth.Enums;
|
||||
using Bit.Core.Auth.Models.Data;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Billing.Extensions;
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.Models.Data.Organizations.OrganizationUsers;
|
||||
using Bit.Core.Utilities;
|
||||
using Bit.Test.Common.AutoFixture.Attributes;
|
||||
using Xunit;
|
||||
|
||||
namespace Bit.Api.Test.AdminConsole.Models.Response;
|
||||
|
||||
public class ProfileOrganizationResponseModelTests
|
||||
{
|
||||
[Theory, BitAutoData]
|
||||
public void Constructor_ShouldPopulatePropertiesCorrectly(Organization organization)
|
||||
{
|
||||
var userId = Guid.NewGuid();
|
||||
var organizationUserId = Guid.NewGuid();
|
||||
var providerId = Guid.NewGuid();
|
||||
var organizationIdsClaimingUser = new[] { organization.Id };
|
||||
|
||||
var organizationDetails = new OrganizationUserOrganizationDetails
|
||||
{
|
||||
OrganizationId = organization.Id,
|
||||
UserId = userId,
|
||||
OrganizationUserId = organizationUserId,
|
||||
Name = organization.Name,
|
||||
Enabled = organization.Enabled,
|
||||
Identifier = organization.Identifier,
|
||||
PlanType = organization.PlanType,
|
||||
UsePolicies = organization.UsePolicies,
|
||||
UseSso = organization.UseSso,
|
||||
UseKeyConnector = organization.UseKeyConnector,
|
||||
UseScim = organization.UseScim,
|
||||
UseGroups = organization.UseGroups,
|
||||
UseDirectory = organization.UseDirectory,
|
||||
UseEvents = organization.UseEvents,
|
||||
UseTotp = organization.UseTotp,
|
||||
Use2fa = organization.Use2fa,
|
||||
UseApi = organization.UseApi,
|
||||
UseResetPassword = organization.UseResetPassword,
|
||||
UseSecretsManager = organization.UseSecretsManager,
|
||||
UsePasswordManager = organization.UsePasswordManager,
|
||||
UsersGetPremium = organization.UsersGetPremium,
|
||||
UseCustomPermissions = organization.UseCustomPermissions,
|
||||
UseRiskInsights = organization.UseRiskInsights,
|
||||
UseOrganizationDomains = organization.UseOrganizationDomains,
|
||||
UseAdminSponsoredFamilies = organization.UseAdminSponsoredFamilies,
|
||||
UseAutomaticUserConfirmation = organization.UseAutomaticUserConfirmation,
|
||||
SelfHost = organization.SelfHost,
|
||||
Seats = organization.Seats,
|
||||
MaxCollections = organization.MaxCollections,
|
||||
MaxStorageGb = organization.MaxStorageGb,
|
||||
Key = "organization-key",
|
||||
PublicKey = "public-key",
|
||||
PrivateKey = "private-key",
|
||||
LimitCollectionCreation = organization.LimitCollectionCreation,
|
||||
LimitCollectionDeletion = organization.LimitCollectionDeletion,
|
||||
LimitItemDeletion = organization.LimitItemDeletion,
|
||||
AllowAdminAccessToAllCollectionItems = organization.AllowAdminAccessToAllCollectionItems,
|
||||
ProviderId = providerId,
|
||||
ProviderName = "Test Provider",
|
||||
ProviderType = ProviderType.Msp,
|
||||
SsoEnabled = true,
|
||||
SsoConfig = new SsoConfigurationData
|
||||
{
|
||||
MemberDecryptionType = MemberDecryptionType.KeyConnector,
|
||||
KeyConnectorUrl = "https://keyconnector.example.com"
|
||||
}.Serialize(),
|
||||
SsoExternalId = "external-sso-id",
|
||||
Permissions = CoreHelpers.ClassToJsonData(new Core.Models.Data.Permissions { ManageUsers = true }),
|
||||
ResetPasswordKey = "reset-password-key",
|
||||
FamilySponsorshipFriendlyName = "Family Sponsorship",
|
||||
FamilySponsorshipLastSyncDate = DateTime.UtcNow.AddDays(-1),
|
||||
FamilySponsorshipToDelete = false,
|
||||
FamilySponsorshipValidUntil = DateTime.UtcNow.AddYears(1),
|
||||
IsAdminInitiated = true,
|
||||
Status = OrganizationUserStatusType.Confirmed,
|
||||
Type = OrganizationUserType.Owner,
|
||||
AccessSecretsManager = true,
|
||||
SmSeats = 5,
|
||||
SmServiceAccounts = 10
|
||||
};
|
||||
|
||||
var result = new ProfileOrganizationResponseModel(organizationDetails, organizationIdsClaimingUser);
|
||||
|
||||
Assert.Equal("profileOrganization", result.Object);
|
||||
Assert.Equal(organization.Id, result.Id);
|
||||
Assert.Equal(userId, result.UserId);
|
||||
Assert.Equal(organization.Name, result.Name);
|
||||
Assert.Equal(organization.Enabled, result.Enabled);
|
||||
Assert.Equal(organization.Identifier, result.Identifier);
|
||||
Assert.Equal(organization.PlanType.GetProductTier(), result.ProductTierType);
|
||||
Assert.Equal(organization.UsePolicies, result.UsePolicies);
|
||||
Assert.Equal(organization.UseSso, result.UseSso);
|
||||
Assert.Equal(organization.UseKeyConnector, result.UseKeyConnector);
|
||||
Assert.Equal(organization.UseScim, result.UseScim);
|
||||
Assert.Equal(organization.UseGroups, result.UseGroups);
|
||||
Assert.Equal(organization.UseDirectory, result.UseDirectory);
|
||||
Assert.Equal(organization.UseEvents, result.UseEvents);
|
||||
Assert.Equal(organization.UseTotp, result.UseTotp);
|
||||
Assert.Equal(organization.Use2fa, result.Use2fa);
|
||||
Assert.Equal(organization.UseApi, result.UseApi);
|
||||
Assert.Equal(organization.UseResetPassword, result.UseResetPassword);
|
||||
Assert.Equal(organization.UseSecretsManager, result.UseSecretsManager);
|
||||
Assert.Equal(organization.UsePasswordManager, result.UsePasswordManager);
|
||||
Assert.Equal(organization.UsersGetPremium, result.UsersGetPremium);
|
||||
Assert.Equal(organization.UseCustomPermissions, result.UseCustomPermissions);
|
||||
Assert.Equal(organization.PlanType.GetProductTier() == ProductTierType.Enterprise, result.UseActivateAutofillPolicy);
|
||||
Assert.Equal(organization.UseRiskInsights, result.UseRiskInsights);
|
||||
Assert.Equal(organization.UseOrganizationDomains, result.UseOrganizationDomains);
|
||||
Assert.Equal(organization.UseAdminSponsoredFamilies, result.UseAdminSponsoredFamilies);
|
||||
Assert.Equal(organization.UseAutomaticUserConfirmation, result.UseAutomaticUserConfirmation);
|
||||
Assert.Equal(organization.SelfHost, result.SelfHost);
|
||||
Assert.Equal(organization.Seats, result.Seats);
|
||||
Assert.Equal(organization.MaxCollections, result.MaxCollections);
|
||||
Assert.Equal(organization.MaxStorageGb, result.MaxStorageGb);
|
||||
Assert.Equal(organizationDetails.Key, result.Key);
|
||||
Assert.True(result.HasPublicAndPrivateKeys);
|
||||
Assert.Equal(organization.LimitCollectionCreation, result.LimitCollectionCreation);
|
||||
Assert.Equal(organization.LimitCollectionDeletion, result.LimitCollectionDeletion);
|
||||
Assert.Equal(organization.LimitItemDeletion, result.LimitItemDeletion);
|
||||
Assert.Equal(organization.AllowAdminAccessToAllCollectionItems, result.AllowAdminAccessToAllCollectionItems);
|
||||
Assert.Equal(organizationDetails.ProviderId, result.ProviderId);
|
||||
Assert.Equal(organizationDetails.ProviderName, result.ProviderName);
|
||||
Assert.Equal(organizationDetails.ProviderType, result.ProviderType);
|
||||
Assert.Equal(organizationDetails.SsoEnabled, result.SsoEnabled);
|
||||
Assert.True(result.KeyConnectorEnabled);
|
||||
Assert.Equal("https://keyconnector.example.com", result.KeyConnectorUrl);
|
||||
Assert.Equal(MemberDecryptionType.KeyConnector, result.SsoMemberDecryptionType);
|
||||
Assert.True(result.SsoBound);
|
||||
Assert.Equal(organizationDetails.Status, result.Status);
|
||||
Assert.Equal(organizationDetails.Type, result.Type);
|
||||
Assert.Equal(organizationDetails.OrganizationUserId, result.OrganizationUserId);
|
||||
Assert.True(result.UserIsClaimedByOrganization);
|
||||
Assert.NotNull(result.Permissions);
|
||||
Assert.True(result.ResetPasswordEnrolled);
|
||||
Assert.Equal(organizationDetails.AccessSecretsManager, result.AccessSecretsManager);
|
||||
Assert.Equal(organizationDetails.FamilySponsorshipFriendlyName, result.FamilySponsorshipFriendlyName);
|
||||
Assert.Equal(organizationDetails.FamilySponsorshipLastSyncDate, result.FamilySponsorshipLastSyncDate);
|
||||
Assert.Equal(organizationDetails.FamilySponsorshipToDelete, result.FamilySponsorshipToDelete);
|
||||
Assert.Equal(organizationDetails.FamilySponsorshipValidUntil, result.FamilySponsorshipValidUntil);
|
||||
Assert.True(result.IsAdminInitiated);
|
||||
Assert.False(result.FamilySponsorshipAvailable);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user