bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2026-01-06 02:23:51 +00:00
Code Issues Releases Wiki Activity

[PM-24279] Add vnext policy endpoint (#6253)

Browse Source
This commit is contained in:
Jimmy Vo
2025-09-10 10:13:04 -04:00
committed by GitHub
parent 52045b89fa
commit d43b00dad9
19 changed files with 908 additions and 136 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
src/Core/AdminConsole/OrganizationFeatures/Policies/Implementations/SavePolicyCommand.cs
View File

@@ -1,6 +1,4 @@
#nullable enable
using Bit.Core.AdminConsole.Entities;
using Bit.Core.AdminConsole.Entities;
using Bit.Core.AdminConsole.Enums;
using Bit.Core.AdminConsole.OrganizationFeatures.Policies.Models;
using Bit.Core.AdminConsole.Repositories;
@@ -17,18 +15,20 @@ public class SavePolicyCommand : ISavePolicyCommand
private readonly IPolicyRepository _policyRepository;
private readonly IReadOnlyDictionary<PolicyType, IPolicyValidator> _policyValidators;
private readonly TimeProvider _timeProvider;
private readonly IPostSavePolicySideEffect _postSavePolicySideEffect;
public SavePolicyCommand(
IApplicationCacheService applicationCacheService,
public SavePolicyCommand(IApplicationCacheService applicationCacheService,
IEventService eventService,
IPolicyRepository policyRepository,
IEnumerable<IPolicyValidator> policyValidators,
TimeProvider timeProvider)
TimeProvider timeProvider,
IPostSavePolicySideEffect postSavePolicySideEffect)
{
_applicationCacheService = applicationCacheService;
_eventService = eventService;
_policyRepository = policyRepository;
_timeProvider = timeProvider;
_postSavePolicySideEffect = postSavePolicySideEffect;
var policyValidatorsDict = new Dictionary<PolicyType, IPolicyValidator>();
foreach (var policyValidator in policyValidators)
@@ -78,12 +78,28 @@ public class SavePolicyCommand : ISavePolicyCommand
return policy;
}
public async Task<Policy> VNextSaveAsync(SavePolicyModel policyRequest)
{
var (_, currentPolicy) = await GetCurrentPolicyStateAsync(policyRequest.PolicyUpdate);
var policy = await SaveAsync(policyRequest.PolicyUpdate);
await ExecutePostPolicySaveSideEffectsForSupportedPoliciesAsync(policyRequest, policy, currentPolicy);
return policy;
}
private async Task ExecutePostPolicySaveSideEffectsForSupportedPoliciesAsync(SavePolicyModel policyRequest, Policy postUpdatedPolicy, Policy? previousPolicyState)
{
if (postUpdatedPolicy.Type == PolicyType.OrganizationDataOwnership)
{
await _postSavePolicySideEffect.ExecuteSideEffectsAsync(policyRequest, postUpdatedPolicy, previousPolicyState);
}
}
private async Task RunValidatorAsync(IPolicyValidator validator, PolicyUpdate policyUpdate)
{
var savedPolicies = await _policyRepository.GetManyByOrganizationIdAsync(policyUpdate.OrganizationId);
// Note: policies may be missing from this dict if they have never been enabled
var savedPoliciesDict = savedPolicies.ToDictionary(p => p.Type);
var currentPolicy = savedPoliciesDict.GetValueOrDefault(policyUpdate.Type);
var (savedPoliciesDict, currentPolicy) = await GetCurrentPolicyStateAsync(policyUpdate);
// If enabling this policy - check that all policy requirements are satisfied
if (currentPolicy is not { Enabled: true } && policyUpdate.Enabled)
@@ -127,4 +143,13 @@ public class SavePolicyCommand : ISavePolicyCommand
// Run side effects
await validator.OnSaveSideEffectsAsync(policyUpdate, currentPolicy);
}
private async Task<(Dictionary<PolicyType, Policy> savedPoliciesDict, Policy? currentPolicy)> GetCurrentPolicyStateAsync(PolicyUpdate policyUpdate)
{
var savedPolicies = await _policyRepository.GetManyByOrganizationIdAsync(policyUpdate.OrganizationId);
// Note: policies may be missing from this dict if they have never been enabled
var savedPoliciesDict = savedPolicies.ToDictionary(p => p.Type);
var currentPolicy = savedPoliciesDict.GetValueOrDefault(policyUpdate.Type);
return (savedPoliciesDict, currentPolicy);
}
}