[PM-21097] Fix: Prevent admin-added sponsored families from appearing in individual vault settings (#5767)

* Changes to resolve sponsorship showing in individual vault * Resolve the failing unit test Signed-off-by: Cy Okeke <cokeke@bitwarden.com> * Resolve the failing test * Resolve the failing test * Resolve the failing test * fix make IsAdminInitiated nullable Signed-off-by: Cy Okeke <cokeke@bitwarden.com> * Add the isAdminInitiated property Signed-off-by: Cy Okeke <cokeke@bitwarden.com> * Resolve the database error Signed-off-by: Cy Okeke <cokeke@bitwarden.com> * Resolve the failing unit test Signed-off-by: Cy Okeke <cokeke@bitwarden.com> * Resolve the scan error Signed-off-by: Cy Okeke <cokeke@bitwarden.com> * Resolve the database issue * resolve the database build error * Resolve the database build error * Resolve the synchronization issue --------- Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2025-12-23 03:33:35 +00:00 · 2025-05-12 18:21:07 +01:00
parent 3a848d5747
commit e4359f071c
11 changed files with 294 additions and 12 deletions
--- a/src/Api/AdminConsole/Models/Response/ProfileOrganizationResponseModel.cs
+++ b/src/Api/AdminConsole/Models/Response/ProfileOrganizationResponseModel.cs
@@ -58,7 +58,8 @@ public class ProfileOrganizationResponseModel : ResponseModel
        ProviderName = organization.ProviderName;
        ProviderType = organization.ProviderType;
        FamilySponsorshipFriendlyName = organization.FamilySponsorshipFriendlyName;
-        FamilySponsorshipAvailable = FamilySponsorshipFriendlyName == null &&
+        IsAdminInitiated = organization.IsAdminInitiated ?? false;
+        FamilySponsorshipAvailable = (FamilySponsorshipFriendlyName == null || IsAdminInitiated) &&
            StaticStore.GetSponsoredPlan(PlanSponsorshipType.FamiliesForEnterprise)
            .UsersCanSponsor(organization);
        ProductTierType = organization.PlanType.GetProductTier();
@@ -157,4 +158,5 @@ public class ProfileOrganizationResponseModel : ResponseModel
    public bool UserIsClaimedByOrganization { get; set; }
    public bool UseRiskInsights { get; set; }
    public bool UseAdminSponsoredFamilies { get; set; }
+    public bool IsAdminInitiated { get; set; }
 }
--- a/src/Api/Billing/Controllers/OrganizationSponsorshipsController.cs
+++ b/src/Api/Billing/Controllers/OrganizationSponsorshipsController.cs
@@ -271,8 +271,11 @@ public class OrganizationSponsorshipsController : Controller
        }

        var sponsorships = await _organizationSponsorshipRepository.GetManyBySponsoringOrganizationAsync(sponsoringOrgId);
-        return new ListResponseModel<OrganizationSponsorshipInvitesResponseModel>(sponsorships.Select(s =>
-            new OrganizationSponsorshipInvitesResponseModel(new OrganizationSponsorshipData(s))));
+        return new ListResponseModel<OrganizationSponsorshipInvitesResponseModel>(
+            sponsorships
+                .Where(s => s.IsAdminInitiated)
+                .Select(s => new OrganizationSponsorshipInvitesResponseModel(new OrganizationSponsorshipData(s)))
+        );

    }

--- a/src/Core/AdminConsole/Models/Data/Organizations/OrganizationUsers/OrganizationUserOrganizationDetails.cs
+++ b/src/Core/AdminConsole/Models/Data/Organizations/OrganizationUsers/OrganizationUserOrganizationDetails.cs
@@ -60,4 +60,5 @@ public class OrganizationUserOrganizationDetails
    public bool AllowAdminAccessToAllCollectionItems { get; set; }
    public bool UseRiskInsights { get; set; }
    public bool UseAdminSponsoredFamilies { get; set; }
+    public bool? IsAdminInitiated { get; set; }
 }
--- a/src/Core/Models/Api/Response/OrganizationSponsorships/OrganizationSponsorshipResponseModel.cs
+++ b/src/Core/Models/Api/Response/OrganizationSponsorships/OrganizationSponsorshipResponseModel.cs
@@ -14,6 +14,7 @@ public class OrganizationSponsorshipResponseModel
    public bool ToDelete { get; set; }

    public bool CloudSponsorshipRemoved { get; set; }
+    public bool IsAdminInitiated { get; set; }

    public OrganizationSponsorshipResponseModel() { }

@@ -27,6 +28,7 @@ public class OrganizationSponsorshipResponseModel
        ValidUntil = sponsorshipData.ValidUntil;
        ToDelete = sponsorshipData.ToDelete;
        CloudSponsorshipRemoved = sponsorshipData.CloudSponsorshipRemoved;
+        IsAdminInitiated = sponsorshipData.IsAdminInitiated;
    }

    public OrganizationSponsorshipData ToOrganizationSponsorship()
@@ -40,7 +42,8 @@ public class OrganizationSponsorshipResponseModel
            LastSyncDate = LastSyncDate,
            ValidUntil = ValidUntil,
            ToDelete = ToDelete,
-            CloudSponsorshipRemoved = CloudSponsorshipRemoved
+            CloudSponsorshipRemoved = CloudSponsorshipRemoved,
+            IsAdminInitiated = IsAdminInitiated,
        };

    }
--- a/src/Infrastructure.EntityFramework/AdminConsole/Repositories/Queries/OrganizationUserOrganizationDetailsViewQuery.cs
+++ b/src/Infrastructure.EntityFramework/AdminConsole/Repositories/Queries/OrganizationUserOrganizationDetailsViewQuery.cs
@@ -7,8 +7,7 @@ public class OrganizationUserOrganizationDetailsViewQuery : IQuery<OrganizationU
    public IQueryable<OrganizationUserOrganizationDetails> Run(DatabaseContext dbContext)
    {
        var query = from ou in dbContext.OrganizationUsers
-                    join o in dbContext.Organizations on ou.OrganizationId equals o.Id into outerOrganization
-                    from o in outerOrganization.DefaultIfEmpty()
+                    join o in dbContext.Organizations on ou.OrganizationId equals o.Id
                    join su in dbContext.SsoUsers on new { ou.UserId, OrganizationId = (Guid?)ou.OrganizationId } equals new { UserId = (Guid?)su.UserId, su.OrganizationId } into su_g
                    from su in su_g.DefaultIfEmpty()
                    join po in dbContext.ProviderOrganizations on o.Id equals po.OrganizationId into po_g
@@ -68,10 +67,11 @@ public class OrganizationUserOrganizationDetailsViewQuery : IQuery<OrganizationU
                        SmServiceAccounts = o.SmServiceAccounts,
                        LimitCollectionCreation = o.LimitCollectionCreation,
                        LimitCollectionDeletion = o.LimitCollectionDeletion,
-                        LimitItemDeletion = o.LimitItemDeletion,
                        AllowAdminAccessToAllCollectionItems = o.AllowAdminAccessToAllCollectionItems,
                        UseRiskInsights = o.UseRiskInsights,
                        UseAdminSponsoredFamilies = o.UseAdminSponsoredFamilies,
+                        LimitItemDeletion = o.LimitItemDeletion,
+                        IsAdminInitiated = os.IsAdminInitiated
                    };
        return query;
    }
--- a/Procedures/OrganizationSponsorship_ReadBySponsoringOrganizationUserId.sql
+++ b/Procedures/OrganizationSponsorship_ReadBySponsoringOrganizationUserId.sql
@@ -1,8 +1,9 @@
 CREATE PROCEDURE [dbo].[OrganizationSponsorship_ReadBySponsoringOrganizationUserId]
-    @SponsoringOrganizationUserId UNIQUEIDENTIFIER
+    @SponsoringOrganizationUserId UNIQUEIDENTIFIER,
+    @IsAdminInitiated BIT = 0
 AS
 BEGIN
-    SET NOCOUNT ON
+    SET NOCOUNT ON;

    SELECT
        *
@@ -10,5 +11,5 @@ BEGIN
        [dbo].[OrganizationSponsorshipView]
    WHERE
        [SponsoringOrganizationUserId] = @SponsoringOrganizationUserId
-END
-GO
+    and [IsAdminInitiated] = @IsAdminInitiated
+END 
--- a/src/Sql/dbo/Views/OrganizationUserOrganizationDetailsView.sql
+++ b/src/Sql/dbo/Views/OrganizationUserOrganizationDetailsView.sql
@@ -51,7 +51,8 @@ SELECT
    O.[AllowAdminAccessToAllCollectionItems],
    O.[UseRiskInsights],
    O.[UseAdminSponsoredFamilies],
-    O.[LimitItemDeletion]
+    O.[LimitItemDeletion],
+    OS.[IsAdminInitiated]
 FROM
    [dbo].[OrganizationUser] OU
 LEFT JOIN