* Enhance PolicyRequestModel and SavePolicyRequest with validation for policy data and metadata.
* Add integration tests for policy updates to validate handling of invalid data types in PolicyRequestModel and SavePolicyRequest.
* Add missing using
* Update PolicyRequestModel for null safety by making Data and ValidateAndSerializePolicyData nullable
* Add integration tests for public PoliciesController to validate handling of invalid data types in policy updates.
* Add PolicyDataValidator class for validating and serializing policy data and metadata based on policy type.
* Refactor PolicyRequestModel, SavePolicyRequest, and PolicyUpdateRequestModel to utilize PolicyDataValidator for data validation and serialization, removing redundant methods and improving code clarity.
* Update PolicyRequestModel and SavePolicyRequest to initialize Data and Metadata properties with empty dictionaries.
* Refactor PolicyDataValidator to remove null checks for input data in validation methods
* Rename test methods in SavePolicyRequestTests to reflect handling of empty data and metadata, and remove null assignments in test cases for improved clarity.
* Remove Type property from PolicyRequestModel to use route parameter only
* Run dotnet format
* Enhance error handling in PolicyDataValidator to include field-specific details in BadRequestException messages.
* Enhance PoliciesControllerTests to verify error messages for BadRequest responses by checking for specific field names in the response content.
* refactor: Update PolicyRequestModel and SavePolicyRequest to use nullable dictionaries for Data and Metadata properties; enhance validation methods in PolicyDataValidator to handle null cases.
* test: Add integration tests for handling policies with null data in PoliciesController
* fix: Catch specific JsonException in PolicyDataValidator to improve error handling
* test: Add unit tests for PolicyDataValidator to validate and serialize policy data and metadata
* test: Remove PolicyType from PolicyRequestModel in PoliciesControllerTests
* test: Update PolicyDataValidatorTests to validate organization data ownership metadata
* Refactor PoliciesControllerTests to include policy type in PutVNext method calls
* Enhance PolicyRequestModel and SavePolicyRequest with validation for policy data and metadata.
* Add integration tests for policy updates to validate handling of invalid data types in PolicyRequestModel and SavePolicyRequest.
* Add missing using
* Update PolicyRequestModel for null safety by making Data and ValidateAndSerializePolicyData nullable
* Add integration tests for public PoliciesController to validate handling of invalid data types in policy updates.
* Add PolicyDataValidator class for validating and serializing policy data and metadata based on policy type.
* Refactor PolicyRequestModel, SavePolicyRequest, and PolicyUpdateRequestModel to utilize PolicyDataValidator for data validation and serialization, removing redundant methods and improving code clarity.
* Update PolicyRequestModel and SavePolicyRequest to initialize Data and Metadata properties with empty dictionaries.
* Refactor PolicyDataValidator to remove null checks for input data in validation methods
* Rename test methods in SavePolicyRequestTests to reflect handling of empty data and metadata, and remove null assignments in test cases for improved clarity.
* Enhance error handling in PolicyDataValidator to include field-specific details in BadRequestException messages.
* Enhance PoliciesControllerTests to verify error messages for BadRequest responses by checking for specific field names in the response content.
* refactor: Update PolicyRequestModel and SavePolicyRequest to use nullable dictionaries for Data and Metadata properties; enhance validation methods in PolicyDataValidator to handle null cases.
* test: Add integration tests for handling policies with null data in PoliciesController
* fix: Catch specific JsonException in PolicyDataValidator to improve error handling
* test: Add unit tests for PolicyDataValidator to validate and serialize policy data and metadata
* test: Update PolicyDataValidatorTests to validate organization data ownership metadata
* Move account recovery logic to command
(temporarily duplicated behind feature flag)
* Move permission checks to authorization handler
* Prevent user from recovering provider member account
unless they are also provider member
- create vNext command
- restructure command to simplify logic
- move validation to a separate class
- implement result types using OneOf library and demo
their use here
* Update the OrganizationUserController integration Confirm tests to handle the Owner type
* Refactor ConfirmOrganizationUserCommand to simplify side-effect handling in organization user confirmation.
Update IPolicyRequirementQuery to return eligible org user IDs for policy enforcement.
Update tests for method signature changes and default collection creation logic.
* Refactor UpdateOrganizationUserCommand to validate and filter out DefaultUserCollections during user updates.
* Enhance UpdateOrganizationUserCommandTests to filter out DefaultUserCollections during user updates, ensuring only shared collections are processed. Updated test logic to reflect new filtering behavior.
* Add integration test for updating organization user with existing default collection. The test verifies successful updates to user permissions, group access, and collection access, ensuring correct handling of shared and default collections.
* Refactor UpdateOrganizationUserCommand to separate the collection validation and DefaultUserCollection filtering
* Refactored integration test setup/assertion for clarity
* Implement GetByOrganizationAsync method in PolicyRequirementQuery and add corresponding unit tests
* Refactor ConfirmOrganizationUserCommand for clarity and add bulk support
* Update ConfirmOrganizationUserCommandTests to use GetByOrganizationAsync for policy requirement queries
* Add DefaultUserCollectionName property to OrganizationUserBulkConfirmRequestModel with encryption attributes
* Update ConfirmUsersAsync method to include DefaultUserCollectionName parameter in OrganizationUsersController
* Add EnableOrganizationDataOwnershipPolicyAsync method to OrganizationTestHelpers
* Add integration tests for confirming organization users in OrganizationUserControllerTests
- Implemented Confirm_WithValidUser test to verify successful confirmation of a single user.
- Added BulkConfirm_WithValidUsers test to ensure multiple users can be confirmed successfully.
* Refactor organization user confirmation integration tests to also test when the organization data ownership policy is disabled
* Refactor ConfirmOrganizationUserCommand to consolidate confirmation side effects handling
- Replaced single and bulk confirmation side effect methods with a unified HandleConfirmationSideEffectsAsync method.
- Updated related logic to handle confirmed organization users more efficiently.
- Adjusted unit tests to reflect changes in the collection creation process for confirmed users.
* Refactor OrganizationUserControllerTests to simplify feature flag handling and consolidate test logic
- Removed redundant feature flag checks in Confirm and BulkConfirm tests.
- Updated tests to directly enable the Organization Data Ownership policy without conditional checks.
- Ensured verification of DefaultUserCollection for confirmed users remains intact.
* Refactor OrganizationUserControllerTests to enhance clarity and reduce redundancy
- Simplified user creation and confirmation logic in tests by introducing helper methods.
- Consolidated verification of confirmed users and their associated collections.
- Removed unnecessary comments and streamlined test flow for better readability.
* Created ReadAllOrganizationUsersBasicInformationRequirement for use with Authorize attribute.
* Removed unused req and Handler and tests. Moved to new auth attribute
* Moved tests to integration tests with new response.
* Removed tests that were migrated to integration tests.
* Made string params Guids instead of parsing them manually in methods.
* Admin and Owner added to requirement.
* Added XML docs for basic get endpoint. Removed unused. Added another auth check. Inverted if check.
* Removed unused endpoint
* Added tests for requirement
* Added checks for both User and Custom
* Added org id check to validate the user being requested belongs to the org in the route.
* typo
Adds a SqlServerApiApplicationFactory which allows you to run api tests using SqlServer. Currently a new database is create and destroyed for each test. In the future we'd like a more optimized way to do this.
The database logic is abstracted away in a ITestDatabase interface which handles the configuration, migration and teardown.
Adds a database seeder which can be used standalone using a CLI for seeding your local development environment, or used in unit tests to seed complex scenarios.
---------
Co-authored-by: Robert Y <rkac@bitwarden.com>
