[PM-24192] Add OrganizationContext in API project (#6291)

2025-12-21 02:33:30 +00:00 · 2025-09-11 07:37:45 +10:00
parent 04cb7820a6
commit bd1745a50d
7 changed files with 238 additions and 12 deletions
--- a/test/Api.Test/AdminConsole/Authorization/OrganizationContextTests.cs
+++ b/test/Api.Test/AdminConsole/Authorization/OrganizationContextTests.cs
@@ -0,0 +1,125 @@
+using System.Security.Claims;
+using AutoFixture;
+using Bit.Api.AdminConsole.Authorization;
+using Bit.Core.AdminConsole.Enums.Provider;
+using Bit.Core.AdminConsole.Models.Data.Provider;
+using Bit.Core.AdminConsole.Repositories;
+using Bit.Core.Services;
+using Bit.Test.Common.AutoFixture;
+using Bit.Test.Common.AutoFixture.Attributes;
+using NSubstitute;
+using Xunit;
+
+namespace Bit.Api.Test.AdminConsole.Authorization;
+
+[SutProviderCustomize]
+public class OrganizationContextTests
+{
+    [Theory, BitAutoData]
+    public async Task IsProviderUserForOrganization_UserIsProviderUser_ReturnsTrue(
+        Guid userId, Guid organizationId, Guid otherOrganizationId,
+        SutProvider<OrganizationContext> sutProvider)
+    {
+        var claimsPrincipal = new ClaimsPrincipal();
+        var providerUserOrganizations = new List<ProviderUserOrganizationDetails>
+        {
+            new() { OrganizationId = organizationId },
+            new() { OrganizationId = otherOrganizationId }
+        };
+
+        sutProvider.GetDependency<IUserService>()
+            .GetProperUserId(claimsPrincipal)
+            .Returns(userId);
+
+        sutProvider.GetDependency<IProviderUserRepository>()
+            .GetManyOrganizationDetailsByUserAsync(userId, ProviderUserStatusType.Confirmed)
+            .Returns(providerUserOrganizations);
+
+        var result = await sutProvider.Sut.IsProviderUserForOrganization(claimsPrincipal, organizationId);
+
+        Assert.True(result);
+        await sutProvider.GetDependency<IProviderUserRepository>()
+            .Received(1)
+            .GetManyOrganizationDetailsByUserAsync(userId, ProviderUserStatusType.Confirmed);
+    }
+
+    public static IEnumerable<object[]> UserIsNotProviderUserData()
+    {
+        // User has provider organizations, but not for the target organization
+        yield return
+        [
+            new List<ProviderUserOrganizationDetails>
+            {
+                new Fixture().Create<ProviderUserOrganizationDetails>()
+            }
+        ];
+
+        // User has no provider organizations
+        yield return [Array.Empty<ProviderUserOrganizationDetails>()];
+    }
+
+    [Theory, BitMemberAutoData(nameof(UserIsNotProviderUserData))]
+    public async Task IsProviderUserForOrganization_UserIsNotProviderUser_ReturnsFalse(
+        IEnumerable<ProviderUserOrganizationDetails> providerUserOrganizations,
+        Guid userId, Guid organizationId,
+        SutProvider<OrganizationContext> sutProvider)
+    {
+        var claimsPrincipal = new ClaimsPrincipal();
+
+        sutProvider.GetDependency<IUserService>()
+            .GetProperUserId(claimsPrincipal)
+            .Returns(userId);
+
+        sutProvider.GetDependency<IProviderUserRepository>()
+            .GetManyOrganizationDetailsByUserAsync(userId, ProviderUserStatusType.Confirmed)
+            .Returns(providerUserOrganizations);
+
+        var result = await sutProvider.Sut.IsProviderUserForOrganization(claimsPrincipal, organizationId);
+
+        Assert.False(result);
+    }
+
+    [Theory, BitAutoData]
+    public async Task IsProviderUserForOrganization_UserIdIsNull_ThrowsException(
+        Guid organizationId,
+        SutProvider<OrganizationContext> sutProvider)
+    {
+        var claimsPrincipal = new ClaimsPrincipal();
+
+        sutProvider.GetDependency<IUserService>()
+            .GetProperUserId(claimsPrincipal)
+            .Returns((Guid?)null);
+
+        var exception = await Assert.ThrowsAsync<InvalidOperationException>(() =>
+            sutProvider.Sut.IsProviderUserForOrganization(claimsPrincipal, organizationId));
+
+        Assert.Equal(OrganizationContext.NoUserIdError, exception.Message);
+    }
+
+    [Theory, BitAutoData]
+    public async Task IsProviderUserForOrganization_UsesCaching(
+        Guid userId, Guid organizationId,
+        SutProvider<OrganizationContext> sutProvider)
+    {
+        var claimsPrincipal = new ClaimsPrincipal();
+        var providerUserOrganizations = new List<ProviderUserOrganizationDetails>
+        {
+            new() { OrganizationId = organizationId }
+        };
+
+        sutProvider.GetDependency<IUserService>()
+            .GetProperUserId(claimsPrincipal)
+            .Returns(userId);
+
+        sutProvider.GetDependency<IProviderUserRepository>()
+            .GetManyOrganizationDetailsByUserAsync(userId, ProviderUserStatusType.Confirmed)
+            .Returns(providerUserOrganizations);
+
+        await sutProvider.Sut.IsProviderUserForOrganization(claimsPrincipal, organizationId);
+        await sutProvider.Sut.IsProviderUserForOrganization(claimsPrincipal, organizationId);
+
+        await sutProvider.GetDependency<IProviderUserRepository>()
+            .Received(1)
+            .GetManyOrganizationDetailsByUserAsync(userId, ProviderUserStatusType.Confirmed);
+    }
+}