bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2026-01-10 12:33:49 +00:00
Code Issues Releases Wiki Activity

[PM-14378] SecurityTask Authorization Handler (#5039)

Browse Source 
* [PM-14378] Introduce GetCipherPermissionsForOrganization query for Dapper CipherRepository

* [PM-14378] Introduce GetCipherPermissionsForOrganization method for Entity Framework

* [PM-14378] Add integration tests for new repository method

* [PM-14378] Introduce IGetCipherPermissionsForUserQuery CQRS query

* [PM-14378] Introduce SecurityTaskOperationRequirement

* [PM-14378] Introduce SecurityTaskAuthorizationHandler.cs

* [PM-14378] Introduce SecurityTaskOrganizationAuthorizationHandler.cs

* [PM-14378] Register new authorization handlers

* [PM-14378] Formatting

* [PM-14378] Add unit tests for GetCipherPermissionsForUserQuery

* [PM-15378] Cleanup SecurityTaskAuthorizationHandler and add tests

* [PM-14378] Add tests for SecurityTaskOrganizationAuthorizationHandler

* [PM-14378] Formatting

* [PM-14378] Update date in migration file

* [PM-14378] Add missing awaits

* [PM-14378] Bump migration script date

* [PM-14378] Remove Unassigned property from OrganizationCipherPermission as it was making the query too complicated

* [PM-14378] Update sproc to use Union All to improve query performance

* [PM-14378] Bump migration script date
This commit is contained in:
Shane Melton
2025-01-09 12:14:24 -08:00
committed by GitHub
parent fd195e7cf3
commit a99f82dddd
18 changed files with 1669 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/Core/Vault/Repositories/ICipherRepository.cs
View File

@@ -39,6 +39,16 @@ public interface ICipherRepository : IRepository<Cipher, Guid>
Task<DateTime> RestoreByIdsOrganizationIdAsync(IEnumerable<Guid> ids, Guid organizationId);
Task DeleteDeletedAsync(DateTime deletedDateBefore);
/// <summary>
/// Low-level query to get all cipher permissions for a user in an organization. DOES NOT consider the user's
/// organization role, any collection management settings on the organization, or special unassigned cipher
/// permissions.
///
/// Recommended to use <see cref="IGetCipherPermissionsForUserQuery"/> instead to handle those cases.
/// </summary>
Task<ICollection<OrganizationCipherPermission>> GetCipherPermissionsForOrganizationAsync(Guid organizationId,
Guid userId);
/// <summary>
/// Updates encrypted data for ciphers during a key rotation
/// </summary>