[PM-23580] Security Task Metrics (#6164)

* add metrics endpoint for an organization to return completed and total security tasks * refactor metrics fetch to use sql sproc for efficiency rather than having to pull all security task data * add separate response model for security task metrics endpoint * Pascal Case to match existing implementations * refactor org to organization for consistency with other methods * alter security task endpoint: - remove "count" from variable naming - update sproc naming * remove enablement check * replace orgId with organizationId
2025-12-17 08:43:27 +00:00 · 2025-08-13 08:23:22 -05:00
parent 9022ad2360
commit f88baba66b
12 changed files with 254 additions and 1 deletions
--- a/src/Core/Vault/Queries/GetTaskMetricsForOrganizationQuery.cs
+++ b/src/Core/Vault/Queries/GetTaskMetricsForOrganizationQuery.cs
@@ -0,0 +1,42 @@
+using Bit.Core.Context;
+using Bit.Core.Exceptions;
+using Bit.Core.Utilities;
+using Bit.Core.Vault.Authorization.SecurityTasks;
+using Bit.Core.Vault.Entities;
+using Bit.Core.Vault.Repositories;
+using Microsoft.AspNetCore.Authorization;
+
+namespace Bit.Core.Vault.Queries;
+
+public class GetTaskMetricsForOrganizationQuery : IGetTaskMetricsForOrganizationQuery
+{
+    private readonly ISecurityTaskRepository _securityTaskRepository;
+    private readonly IAuthorizationService _authorizationService;
+    private readonly ICurrentContext _currentContext;
+
+    public GetTaskMetricsForOrganizationQuery(
+        ISecurityTaskRepository securityTaskRepository,
+        IAuthorizationService authorizationService,
+        ICurrentContext currentContext
+    )
+    {
+        _securityTaskRepository = securityTaskRepository;
+        _authorizationService = authorizationService;
+        _currentContext = currentContext;
+    }
+
+    public async Task<SecurityTaskMetrics> GetTaskMetrics(Guid organizationId)
+    {
+        var organization = _currentContext.GetOrganization(organizationId);
+        var userId = _currentContext.UserId;
+
+        if (organization == null || !userId.HasValue)
+        {
+            throw new NotFoundException();
+        }
+
+        await _authorizationService.AuthorizeOrThrowAsync(_currentContext.HttpContext.User, organization, SecurityTaskOperations.ListAllForOrganization);
+
+        return await _securityTaskRepository.GetTaskMetricsAsync(organizationId);
+    }
+}