server

bitwarden/server

Fork 0

mirror of https://github.com/bitwarden/server synced 2026-01-13 14:03:58 +00:00

Commit Graph

Author	SHA1	Message	Date
Rui Tomé	1b17d99bfd	[PM-29555] Add self-revoke endpoint for declining organization data ownership policy (#6739 ) * Add OrganizationUser_SelfRevoked event type to EventType enum * Add SelfRevokeOrganizationUserCommand implementation and interface for user self-revocation from organizations * Add unit tests for SelfRevokeOrganizationUserCommand to validate user self-revocation logic, including success scenarios and various failure conditions. * Add ISelfRevokeOrganizationUserCommand registration to OrganizationServiceCollectionExtensions for user self-revocation functionality * Add self-revoke user functionality to OrganizationUsersController with new endpoint for user-initiated revocation * Add integration tests for self-revoke functionality in OrganizationUsersController, covering scenarios for eligible users, non-members, and users with owner/admin roles. * Add unit test for SelfRevokeOrganizationUserCommand to validate behavior when a user attempts to self-revoke without confirmation. This test checks for a BadRequestException with an appropriate message. * Add MemberRequirement class for organization membership authorization - Implemented MemberRequirement to check if a user is a member of the organization. - Added unit tests for MemberRequirement to validate authorization logic for different user types. * Update authorization requirement for self-revoke endpoint and add integration test for provider users - Changed authorization attribute from MemberOrProviderRequirement to MemberRequirement in the RevokeSelfAsync method. - Added a new integration test to verify that provider users who are not members receive a forbidden response when attempting to revoke themselves. * Add EligibleForSelfRevoke method to OrganizationDataOwnershipPolicyRequirement - Implemented the EligibleForSelfRevoke method to determine if a user can self-revoke their data ownership based on their membership status and policy state. - Added unit tests to validate the eligibility logic for confirmed, invited, and non-policy users, as well as for different organization IDs. * Refactor self-revoke user command to enhance eligibility checks - Updated the SelfRevokeOrganizationUserCommand to utilize policy requirements for determining user eligibility for self-revocation. - Implemented checks to prevent the last owner from revoking themselves, ensuring organizational integrity. - Modified unit tests to reflect changes in eligibility logic and added scenarios for confirmed owners and admins. - Removed deprecated policy checks and streamlined the command's dependencies. * Use CommandResult pattern in self-revoke command * Clearer documentation	2026-01-06 11:25:14 +00:00

Author

SHA1

Message

Date

Rui Tomé

1b17d99bfd

[PM-29555] Add self-revoke endpoint for declining organization data ownership policy (#6739 )

* Add OrganizationUser_SelfRevoked event type to EventType enum

* Add SelfRevokeOrganizationUserCommand implementation and interface for user self-revocation from organizations

* Add unit tests for SelfRevokeOrganizationUserCommand to validate user self-revocation logic, including success scenarios and various failure conditions.

* Add ISelfRevokeOrganizationUserCommand registration to OrganizationServiceCollectionExtensions for user self-revocation functionality

* Add self-revoke user functionality to OrganizationUsersController with new endpoint for user-initiated revocation

* Add integration tests for self-revoke functionality in OrganizationUsersController, covering scenarios for eligible users, non-members, and users with owner/admin roles.

* Add unit test for SelfRevokeOrganizationUserCommand to validate behavior when a user attempts to self-revoke without confirmation. This test checks for a BadRequestException with an appropriate message.

* Add MemberRequirement class for organization membership authorization

- Implemented MemberRequirement to check if a user is a member of the organization.
- Added unit tests for MemberRequirement to validate authorization logic for different user types.

* Update authorization requirement for self-revoke endpoint and add integration test for provider users

- Changed authorization attribute from MemberOrProviderRequirement to MemberRequirement in the RevokeSelfAsync method.
- Added a new integration test to verify that provider users who are not members receive a forbidden response when attempting to revoke themselves.

* Add EligibleForSelfRevoke method to OrganizationDataOwnershipPolicyRequirement

- Implemented the EligibleForSelfRevoke method to determine if a user can self-revoke their data ownership based on their membership status and policy state.
- Added unit tests to validate the eligibility logic for confirmed, invited, and non-policy users, as well as for different organization IDs.

* Refactor self-revoke user command to enhance eligibility checks

- Updated the SelfRevokeOrganizationUserCommand to utilize policy requirements for determining user eligibility for self-revocation.
- Implemented checks to prevent the last owner from revoking themselves, ensuring organizational integrity.
- Modified unit tests to reflect changes in eligibility logic and added scenarios for confirmed owners and admins.
- Removed deprecated policy checks and streamlined the command's dependencies.

* Use CommandResult pattern in self-revoke command

* Clearer documentation

2026-01-06 11:25:14 +00:00

1 Commits