bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-25 12:43:14 +00:00
Code Issues Releases Wiki Activity

Fixed impelmentation in enforcement query. also cleaned up format. added tests.

Browse Source
This commit is contained in:
jrmccannon
2025-11-26 09:22:56 -06:00
parent 18cba7861c
commit ba7fa768f3
3 changed files with 320 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
src/Core/AdminConsole/OrganizationFeatures/Policies/Enforcement/AutoConfirm/AutomaticUserConfirmationPolicyEnforcementQuery.cs
View File

@@ -14,34 +14,32 @@ public class AutomaticUserConfirmationPolicyEnforcementQuery(
public async Task<ValidationResult<AutomaticUserConfirmationPolicyEnforcementRequest>> IsCompliantAsync(
AutomaticUserConfirmationPolicyEnforcementRequest request)
{
var (organizationUser, otherOrganizationsOrganizationUsers, user) = request;
var automaticUserConfirmationPolicyRequirement = await policyRequirementQuery
.GetAsync<AutomaticUserConfirmationPolicyRequirement>(request.User.Id);
if (automaticUserConfirmationPolicyRequirement.IsEnabled(organizationUser.OrganizationId))
{
return Invalid(request, new AutoConfirmDoesNotAllowMembershipToOtherOrganizations());
}
if (automaticUserConfirmationPolicyRequirement.IsEnabledAndUserIsAProvider(organizationUser.OrganizationId))
{
return Invalid(request, new ProviderUsersCannotJoin());
}
if (automaticUserConfirmationPolicyRequirement.IsEnabledForOrganizationsOtherThan(organizationUser
.OrganizationId))
if (automaticUserConfirmationPolicyRequirement.IsEnabled(request.OrganizationUser.OrganizationId)
&& await OrganizationUserBelongsToAnotherOrganizationAsync(request))
{
return Invalid(request, new OrganizationEnforcesSingleOrgPolicy());
}
if (otherOrganizationsOrganizationUsers is { Count: > 0 }
|| (await organizationUserRepository.GetManyByUserAsync(user.Id))
.Any(x => x.OrganizationId != organizationUser.OrganizationId))
if (automaticUserConfirmationPolicyRequirement.IsEnabledAndUserIsAProvider(request.OrganizationUser.OrganizationId))
{
return Invalid(request, new ProviderUsersCannotJoin());
}
if (automaticUserConfirmationPolicyRequirement.IsEnabledForOrganizationsOtherThan(request.OrganizationUser
.OrganizationId))
{
return Invalid(request, new OtherOrganizationEnforcesSingleOrgPolicy());
}
return Valid(request);
}
private async Task<bool> OrganizationUserBelongsToAnotherOrganizationAsync(
AutomaticUserConfirmationPolicyEnforcementRequest request) =>
request.OtherOrganizationsOrganizationUsers?.ToArray() is { Length: > 0 }
|| (await organizationUserRepository.GetManyByUserAsync(request.User.Id))
.Any(x => x.OrganizationId != request.OrganizationUser.OrganizationId);
}

7
src/Core/AdminConsole/OrganizationFeatures/Policies/Enforcement/AutoConfirm/AutomaticUserConfirmationPolicyEnforcementRequest.cs
View File

@@ -47,12 +47,5 @@ public record AutomaticUserConfirmationPolicyEnforcementRequest
OtherOrganizationsOrganizationUsers = null;
User = user;
}
public void Deconstruct(out OrganizationUser organizationUser, out ICollection<OrganizationUser>? otherOrganizationsOrganizationUsers, out User user)
{
organizationUser = OrganizationUser;
otherOrganizationsOrganizationUsers = OtherOrganizationsOrganizationUsers?.ToArray();
user = User;
}
}