mirror of
https://github.com/bitwarden/server
synced 2025-12-19 09:43:25 +00:00
9b313d9c0a
* Update ProviderUserOrganizationDetailsView to include SSO configuration data * Updated the ProviderUserOrganizationDetailsViewQuery to join with SsoConfigs and select SSO-related fields. * Modified the SQL view to reflect the inclusion of SSO configuration data. * Added a new migration script for the updated view structure. * Add SSO configuration properties to ProviderUserOrganizationDetails model * Add SSO configuration handling to ProfileProviderOrganizationResponseModel * Introduced properties for SSO configuration, including SSO enabled status and KeyConnector details. * Implemented deserialization of SSO configuration data to populate new fields in the response model. * Add integration tests for ProviderUserRepository.GetManyOrganizationDetailsByUserAsync * Add BaseUserOrganizationDetails model to encapsulate common properties * Introduced a new abstract class to define shared properties for organization users and provider organization users * Add BaseProfileOrganizationResponseModel to encapsulate organization response properties * Introduced a new abstract class that ensures all properties are fully populated for profile organization responses. * Update ProviderUserOrganizationDetailsViewQuery to include missing ProviderUserId * Refactor OrganizationUserOrganizationDetails and ProviderUserOrganizationDetails to inherit from BaseUserOrganizationDetails * Updated both models to extend BaseUserOrganizationDetails, promoting code reuse and ensure they have the same base properties * Refactor ProfileOrganizationResponseModel and ProfileProviderOrganizationResponseModel to inherit from BaseProfileOrganizationResponseModel * Refactor ProviderUserRepositoryTests to improve organization detail assertions * Consolidated assertions for organization details into a new method, AssertProviderOrganizationDetails, enhancing code readability and maintainability. * Updated test cases to verify all relevant properties for organizations with and without SSO configurations. * Add integration test for GetManyDetailsByUserAsync to verify SSO properties * Implemented a new test case to ensure that the SSO properties are correctly populated for organizations with and without SSO configurations. * The test verifies the expected behavior of the method when interacting with the user and organization repositories, including cleanup of created entities after the test execution. * Add unit tests for ProfileOrganizationResponseModel and ProfileProviderOrganizationResponseModel * Introduced tests to validate the constructors of ProfileOrganizationResponseModel and ProfileProviderOrganizationResponseModel, ensuring that all properties are populated correctly based on the provided organization details. * Verified expected behavior for both organization and provider models, including SSO configurations and relevant properties. * Update SyncControllerTests.Get_ProviderPlanTypeProperlyPopulated to nullify SSO configurations in provider user organization details * Refactor BaseProfileOrganizationResponseModel and ProfileOrganizationResponseModel for null safety Updated properties in BaseProfileOrganizationResponseModel and ProfileOrganizationResponseModel to support null safety by introducing nullable types where appropriate. * Enhance null safety in BaseUserOrganizationDetails and OrganizationUserOrganizationDetails Updated properties in BaseUserOrganizationDetails and OrganizationUserOrganizationDetails to support null safety by introducing nullable types where appropriate, ensuring better handling of potential null values. * Move common properties from ProfileOrganizationResponseModel to BaseProfileOrganizationResponseModel * Refactor organization details: Remove BaseUserOrganizationDetails and introduce IProfileMemberOrganizationDetails interface for improved structure and clarity in organization user data management. * Enhance OrganizationUserOrganizationDetails: Implement IProfileMemberOrganizationDetails interface * Refactor ProviderUserOrganizationDetails: Implement IProfileMemberOrganizationDetails interface * Refactor ProfileOrganizationResponseModelTests and ProfileProviderOrganizationResponseModelTests: Update constructors to utilize Organization and ProviderUserOrganizationDetails, enhancing property population and test coverage. * Enhance ProviderUserOrganizationDetails: Add UseResetPassword, UseSecretsManager, and UsePasswordManager properties to the query and SQL views * Update BaseProfileOrganizationResponseModel documentation: Clarify purpose and usage of organization properties for OrganizationUsers and ProviderUsers. * Rename ProfileOrganizationResponseModel to ProfileMemberOrganizationResponseModel, update references and update related test names * Add XML documentation for ProfileMemberOrganizationResponseModel and ProfileProviderOrganizationResponseModel to clarify their purpose and relationships * Remove unnecessary cleanup code from OrganizationUserRepositoryTests * Remove unnecessary cleanup code from ProviderUserRepositoryTests * Rename test method in ProviderUserRepositoryTests to improve clarity on property population * Add CreateFullOrganization method to ProviderUserRepositoryTests for improved organization setup in tests * Refactor organization creation in tests to use CreateTestOrganizationAsync for consistency and improved setup * Rename IProfileMemberOrganizationDetails to IProfileOrganizationDetails * Rename ProfileMemberOrganizationResponseModel back to ProfileOrganizationResponseModel * Refactor organization response models to remove Family Sponsorship properties from BaseProfileOrganizationResponseModel and reintroduce them in ProfileOrganizationResponseModel. Update related interfaces and tests accordingly. * Bump date on migration script * Update OrganizationUserOrganizationDetailsViewQuery to include UseAutomaticUserConfirmation property
457 lines
20 KiB
C#
457 lines
20 KiB
C#
using System.Security.Claims;
|
|
using System.Text.Json;
|
|
using AutoFixture;
|
|
using Bit.Api.Vault.Controllers;
|
|
using Bit.Api.Vault.Models.Response;
|
|
using Bit.Core.AdminConsole.Entities;
|
|
using Bit.Core.AdminConsole.Enums.Provider;
|
|
using Bit.Core.AdminConsole.Models.Data.Provider;
|
|
using Bit.Core.AdminConsole.Repositories;
|
|
using Bit.Core.Auth.Models;
|
|
using Bit.Core.Auth.UserFeatures.TwoFactorAuth.Interfaces;
|
|
using Bit.Core.Entities;
|
|
using Bit.Core.Enums;
|
|
using Bit.Core.Exceptions;
|
|
using Bit.Core.KeyManagement.Models.Data;
|
|
using Bit.Core.KeyManagement.Queries.Interfaces;
|
|
using Bit.Core.Models.Data;
|
|
using Bit.Core.Models.Data.Organizations.OrganizationUsers;
|
|
using Bit.Core.Repositories;
|
|
using Bit.Core.Services;
|
|
using Bit.Core.Tools.Entities;
|
|
using Bit.Core.Tools.Repositories;
|
|
using Bit.Core.Utilities;
|
|
using Bit.Core.Vault.Entities;
|
|
using Bit.Core.Vault.Models.Data;
|
|
using Bit.Core.Vault.Repositories;
|
|
using Bit.Test.Common.AutoFixture;
|
|
using Bit.Test.Common.AutoFixture.Attributes;
|
|
using NSubstitute;
|
|
using NSubstitute.ReturnsExtensions;
|
|
using Xunit;
|
|
|
|
namespace Bit.Api.Test.Controllers;
|
|
|
|
[ControllerCustomize(typeof(SyncController))]
|
|
[SutProviderCustomize]
|
|
public class SyncControllerTests
|
|
{
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task Get_ThrowBadRequest_WhenUserNotFound(SutProvider<SyncController> sutProvider)
|
|
{
|
|
sutProvider.GetDependency<IUserService>().GetUserByPrincipalAsync(Arg.Any<ClaimsPrincipal>()).ReturnsNull();
|
|
|
|
async Task<SyncResponseModel> GetAction()
|
|
{
|
|
return await sutProvider.Sut.Get();
|
|
}
|
|
|
|
await Assert.ThrowsAsync<BadRequestException>((Func<Task<SyncResponseModel>>)GetAction);
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task Get_Success_AtLeastOneEnabledOrg(User user,
|
|
List<List<string>> userEquivalentDomains,
|
|
List<GlobalEquivalentDomainsType> userExcludedGlobalEquivalentDomains,
|
|
ICollection<OrganizationUserOrganizationDetails> organizationUserDetails,
|
|
ICollection<ProviderUserProviderDetails> providerUserDetails,
|
|
IEnumerable<ProviderUserOrganizationDetails> providerUserOrganizationDetails,
|
|
ICollection<Folder> folders,
|
|
ICollection<CipherDetails> ciphers,
|
|
ICollection<Send> sends,
|
|
ICollection<Policy> policies,
|
|
ICollection<CollectionDetails> collections,
|
|
SutProvider<SyncController> sutProvider)
|
|
{
|
|
// Get dependencies
|
|
var userService = sutProvider.GetDependency<IUserService>();
|
|
var twoFactorIsEnabledQuery = sutProvider.GetDependency<ITwoFactorIsEnabledQuery>();
|
|
var organizationUserRepository = sutProvider.GetDependency<IOrganizationUserRepository>();
|
|
var providerUserRepository = sutProvider.GetDependency<IProviderUserRepository>();
|
|
var folderRepository = sutProvider.GetDependency<IFolderRepository>();
|
|
var cipherRepository = sutProvider.GetDependency<ICipherRepository>();
|
|
var sendRepository = sutProvider.GetDependency<ISendRepository>();
|
|
var policyRepository = sutProvider.GetDependency<IPolicyRepository>();
|
|
var collectionRepository = sutProvider.GetDependency<ICollectionRepository>();
|
|
var collectionCipherRepository = sutProvider.GetDependency<ICollectionCipherRepository>();
|
|
var userAccountKeysQuery = sutProvider.GetDependency<IUserAccountKeysQuery>();
|
|
|
|
// Adjust random data to match required formats / test intentions
|
|
user.EquivalentDomains = JsonSerializer.Serialize(userEquivalentDomains);
|
|
user.ExcludedGlobalEquivalentDomains = JsonSerializer.Serialize(userExcludedGlobalEquivalentDomains);
|
|
|
|
// At least 1 org needs to be enabled to fully test
|
|
if (!organizationUserDetails.Any(o => o.Enabled))
|
|
{
|
|
// We need at least 1 enabled org
|
|
if (organizationUserDetails.Count > 0)
|
|
{
|
|
organizationUserDetails.First().Enabled = true;
|
|
}
|
|
else
|
|
{
|
|
// create an enabled org
|
|
var enabledOrg = new Fixture().Create<OrganizationUserOrganizationDetails>();
|
|
enabledOrg.Enabled = true;
|
|
organizationUserDetails.Add((enabledOrg));
|
|
}
|
|
}
|
|
|
|
// Setup returns
|
|
userService.GetUserByPrincipalAsync(Arg.Any<ClaimsPrincipal>()).ReturnsForAnyArgs(user);
|
|
userAccountKeysQuery.Run(user).Returns(new UserAccountKeysData
|
|
{
|
|
PublicKeyEncryptionKeyPairData = user.GetPublicKeyEncryptionKeyPair(),
|
|
SignatureKeyPairData = null,
|
|
});
|
|
|
|
organizationUserRepository
|
|
.GetManyDetailsByUserAsync(user.Id, OrganizationUserStatusType.Confirmed).Returns(organizationUserDetails);
|
|
|
|
providerUserRepository
|
|
.GetManyDetailsByUserAsync(user.Id, ProviderUserStatusType.Confirmed).Returns(providerUserDetails);
|
|
|
|
providerUserRepository
|
|
.GetManyOrganizationDetailsByUserAsync(user.Id, ProviderUserStatusType.Confirmed)
|
|
.Returns(providerUserOrganizationDetails);
|
|
|
|
folderRepository.GetManyByUserIdAsync(user.Id).Returns(folders);
|
|
cipherRepository.GetManyByUserIdAsync(user.Id).Returns(ciphers);
|
|
|
|
sendRepository
|
|
.GetManyByUserIdAsync(user.Id).Returns(sends);
|
|
|
|
policyRepository.GetManyByUserIdAsync(user.Id).Returns(policies);
|
|
|
|
// Returns for methods only called if we have enabled orgs
|
|
collectionRepository.GetManyByUserIdAsync(user.Id).Returns(collections);
|
|
collectionCipherRepository.GetManyByUserIdAsync(user.Id).Returns(new List<CollectionCipher>());
|
|
// Back to standard test setup
|
|
twoFactorIsEnabledQuery.TwoFactorIsEnabledAsync(user).Returns(false);
|
|
userService.HasPremiumFromOrganization(user).Returns(false);
|
|
|
|
// Execute GET
|
|
var result = await sutProvider.Sut.Get();
|
|
|
|
// Asserts
|
|
// Assert that methods are called
|
|
var hasEnabledOrgs = organizationUserDetails.Any(o => o.Enabled);
|
|
await this.AssertMethodsCalledAsync(userService, twoFactorIsEnabledQuery, organizationUserRepository, providerUserRepository, folderRepository,
|
|
cipherRepository, sendRepository, collectionRepository, collectionCipherRepository, hasEnabledOrgs);
|
|
|
|
Assert.IsType<SyncResponseModel>(result);
|
|
|
|
// Collections should not be empty when at least 1 org is enabled
|
|
Assert.NotEmpty(result.Collections);
|
|
}
|
|
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task Get_Success_AllDisabledOrgs(User user,
|
|
List<List<string>> userEquivalentDomains,
|
|
List<GlobalEquivalentDomainsType> userExcludedGlobalEquivalentDomains,
|
|
ICollection<OrganizationUserOrganizationDetails> organizationUserDetails,
|
|
ICollection<ProviderUserProviderDetails> providerUserDetails,
|
|
IEnumerable<ProviderUserOrganizationDetails> providerUserOrganizationDetails,
|
|
ICollection<Folder> folders,
|
|
ICollection<CipherDetails> ciphers,
|
|
ICollection<Send> sends,
|
|
ICollection<Policy> policies,
|
|
SutProvider<SyncController> sutProvider)
|
|
{
|
|
// Get dependencies
|
|
var userService = sutProvider.GetDependency<IUserService>();
|
|
var twoFactorIsEnabledQuery = sutProvider.GetDependency<ITwoFactorIsEnabledQuery>();
|
|
var organizationUserRepository = sutProvider.GetDependency<IOrganizationUserRepository>();
|
|
var providerUserRepository = sutProvider.GetDependency<IProviderUserRepository>();
|
|
var folderRepository = sutProvider.GetDependency<IFolderRepository>();
|
|
var cipherRepository = sutProvider.GetDependency<ICipherRepository>();
|
|
var sendRepository = sutProvider.GetDependency<ISendRepository>();
|
|
var policyRepository = sutProvider.GetDependency<IPolicyRepository>();
|
|
var collectionRepository = sutProvider.GetDependency<ICollectionRepository>();
|
|
var collectionCipherRepository = sutProvider.GetDependency<ICollectionCipherRepository>();
|
|
var userAccountKeysQuery = sutProvider.GetDependency<IUserAccountKeysQuery>();
|
|
|
|
// Adjust random data to match required formats / test intentions
|
|
user.EquivalentDomains = JsonSerializer.Serialize(userEquivalentDomains);
|
|
user.ExcludedGlobalEquivalentDomains = JsonSerializer.Serialize(userExcludedGlobalEquivalentDomains);
|
|
|
|
// All orgs disabled
|
|
if (organizationUserDetails.Count > 0)
|
|
{
|
|
foreach (var orgUserDetails in organizationUserDetails)
|
|
{
|
|
orgUserDetails.Enabled = false;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
var disabledOrg = new Fixture().Create<OrganizationUserOrganizationDetails>();
|
|
disabledOrg.Enabled = false;
|
|
organizationUserDetails.Add((disabledOrg));
|
|
}
|
|
|
|
|
|
// Setup returns
|
|
userService.GetUserByPrincipalAsync(Arg.Any<ClaimsPrincipal>()).ReturnsForAnyArgs(user);
|
|
userAccountKeysQuery.Run(user).Returns(new UserAccountKeysData
|
|
{
|
|
PublicKeyEncryptionKeyPairData = user.GetPublicKeyEncryptionKeyPair(),
|
|
SignatureKeyPairData = null,
|
|
});
|
|
|
|
organizationUserRepository
|
|
.GetManyDetailsByUserAsync(user.Id, OrganizationUserStatusType.Confirmed).Returns(organizationUserDetails);
|
|
|
|
providerUserRepository
|
|
.GetManyDetailsByUserAsync(user.Id, ProviderUserStatusType.Confirmed).Returns(providerUserDetails);
|
|
|
|
providerUserRepository
|
|
.GetManyOrganizationDetailsByUserAsync(user.Id, ProviderUserStatusType.Confirmed)
|
|
.Returns(providerUserOrganizationDetails);
|
|
|
|
folderRepository.GetManyByUserIdAsync(user.Id).Returns(folders);
|
|
cipherRepository.GetManyByUserIdAsync(user.Id).Returns(ciphers);
|
|
|
|
sendRepository
|
|
.GetManyByUserIdAsync(user.Id).Returns(sends);
|
|
|
|
policyRepository.GetManyByUserIdAsync(user.Id).Returns(policies);
|
|
|
|
twoFactorIsEnabledQuery.TwoFactorIsEnabledAsync(user).Returns(false);
|
|
userService.HasPremiumFromOrganization(user).Returns(false);
|
|
|
|
// Execute GET
|
|
var result = await sutProvider.Sut.Get();
|
|
|
|
|
|
// Asserts
|
|
// Assert that methods are called
|
|
|
|
var hasEnabledOrgs = organizationUserDetails.Any(o => o.Enabled);
|
|
await this.AssertMethodsCalledAsync(userService, twoFactorIsEnabledQuery, organizationUserRepository, providerUserRepository, folderRepository,
|
|
cipherRepository, sendRepository, collectionRepository, collectionCipherRepository, hasEnabledOrgs);
|
|
|
|
Assert.IsType<SyncResponseModel>(result);
|
|
|
|
// Collections should be empty when all standard orgs are disabled.
|
|
Assert.Empty(result.Collections);
|
|
}
|
|
|
|
|
|
// Test where provider org has specific plan type and assert plan type comes out on SyncResponseModel class on ProfileResponseModel
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task Get_ProviderPlanTypeProperlyPopulated(User user,
|
|
List<List<string>> userEquivalentDomains,
|
|
List<GlobalEquivalentDomainsType> userExcludedGlobalEquivalentDomains,
|
|
ICollection<OrganizationUserOrganizationDetails> organizationUserDetails,
|
|
ICollection<ProviderUserProviderDetails> providerUserDetails,
|
|
IEnumerable<ProviderUserOrganizationDetails> providerUserOrganizationDetails,
|
|
ICollection<Folder> folders,
|
|
ICollection<CipherDetails> ciphers,
|
|
ICollection<Send> sends,
|
|
ICollection<Policy> policies,
|
|
ICollection<CollectionDetails> collections,
|
|
SutProvider<SyncController> sutProvider)
|
|
{
|
|
// Get dependencies
|
|
var userService = sutProvider.GetDependency<IUserService>();
|
|
var twoFactorIsEnabledQuery = sutProvider.GetDependency<ITwoFactorIsEnabledQuery>();
|
|
var organizationUserRepository = sutProvider.GetDependency<IOrganizationUserRepository>();
|
|
var providerUserRepository = sutProvider.GetDependency<IProviderUserRepository>();
|
|
var folderRepository = sutProvider.GetDependency<IFolderRepository>();
|
|
var cipherRepository = sutProvider.GetDependency<ICipherRepository>();
|
|
var sendRepository = sutProvider.GetDependency<ISendRepository>();
|
|
var policyRepository = sutProvider.GetDependency<IPolicyRepository>();
|
|
var collectionRepository = sutProvider.GetDependency<ICollectionRepository>();
|
|
var collectionCipherRepository = sutProvider.GetDependency<ICollectionCipherRepository>();
|
|
var userAccountKeysQuery = sutProvider.GetDependency<IUserAccountKeysQuery>();
|
|
|
|
// Adjust random data to match required formats / test intentions
|
|
user.EquivalentDomains = JsonSerializer.Serialize(userEquivalentDomains);
|
|
user.ExcludedGlobalEquivalentDomains = JsonSerializer.Serialize(userExcludedGlobalEquivalentDomains);
|
|
|
|
|
|
// Setup returns
|
|
userService.GetUserByPrincipalAsync(Arg.Any<ClaimsPrincipal>()).ReturnsForAnyArgs(user);
|
|
|
|
organizationUserRepository
|
|
.GetManyDetailsByUserAsync(user.Id, OrganizationUserStatusType.Confirmed).Returns(organizationUserDetails);
|
|
|
|
providerUserRepository
|
|
.GetManyDetailsByUserAsync(user.Id, ProviderUserStatusType.Confirmed).Returns(providerUserDetails);
|
|
|
|
foreach (var p in providerUserOrganizationDetails)
|
|
{
|
|
p.SsoConfig = null;
|
|
}
|
|
providerUserRepository
|
|
.GetManyOrganizationDetailsByUserAsync(user.Id, ProviderUserStatusType.Confirmed)
|
|
.Returns(providerUserOrganizationDetails);
|
|
|
|
folderRepository.GetManyByUserIdAsync(user.Id).Returns(folders);
|
|
cipherRepository.GetManyByUserIdAsync(user.Id).Returns(ciphers);
|
|
|
|
sendRepository
|
|
.GetManyByUserIdAsync(user.Id).Returns(sends);
|
|
|
|
policyRepository.GetManyByUserIdAsync(user.Id).Returns(policies);
|
|
|
|
// Returns for methods only called if we have enabled orgs
|
|
collectionRepository.GetManyByUserIdAsync(user.Id).Returns(collections);
|
|
collectionCipherRepository.GetManyByUserIdAsync(user.Id).Returns(new List<CollectionCipher>());
|
|
// Back to standard test setup
|
|
twoFactorIsEnabledQuery.TwoFactorIsEnabledAsync(user).Returns(false);
|
|
userService.HasPremiumFromOrganization(user).Returns(false);
|
|
|
|
userAccountKeysQuery.Run(user).Returns(new UserAccountKeysData
|
|
{
|
|
PublicKeyEncryptionKeyPairData = user.GetPublicKeyEncryptionKeyPair(),
|
|
SignatureKeyPairData = null,
|
|
});
|
|
|
|
// Execute GET
|
|
var result = await sutProvider.Sut.Get();
|
|
|
|
// Asserts
|
|
// Assert that methods are called
|
|
|
|
var hasEnabledOrgs = organizationUserDetails.Any(o => o.Enabled);
|
|
await this.AssertMethodsCalledAsync(userService, twoFactorIsEnabledQuery, organizationUserRepository, providerUserRepository, folderRepository,
|
|
cipherRepository, sendRepository, collectionRepository, collectionCipherRepository, hasEnabledOrgs);
|
|
|
|
Assert.IsType<SyncResponseModel>(result);
|
|
|
|
// Look up ProviderOrg output and compare to ProviderOrg method inputs to ensure
|
|
// product type is set correctly.
|
|
foreach (var profProviderOrg in result.Profile.ProviderOrganizations)
|
|
{
|
|
var matchedProviderUserOrgDetails =
|
|
providerUserOrganizationDetails.FirstOrDefault(p => p.OrganizationId == profProviderOrg.Id);
|
|
|
|
if (matchedProviderUserOrgDetails != null)
|
|
{
|
|
var providerOrgProductType = StaticStore.GetPlan(matchedProviderUserOrgDetails.PlanType).ProductTier;
|
|
Assert.Equal(providerOrgProductType, profProviderOrg.ProductTierType);
|
|
}
|
|
}
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData]
|
|
public async Task Get_HaveNoMasterPassword_UserDecryptionMasterPasswordUnlockIsNull(
|
|
User user, SutProvider<SyncController> sutProvider)
|
|
{
|
|
user.EquivalentDomains = null;
|
|
user.ExcludedGlobalEquivalentDomains = null;
|
|
|
|
user.MasterPassword = null;
|
|
|
|
var userAccountKeysQuery = sutProvider.GetDependency<IUserAccountKeysQuery>();
|
|
userAccountKeysQuery.Run(user).Returns(new UserAccountKeysData
|
|
{
|
|
PublicKeyEncryptionKeyPairData = user.GetPublicKeyEncryptionKeyPair(),
|
|
SignatureKeyPairData = null,
|
|
});
|
|
|
|
var userService = sutProvider.GetDependency<IUserService>();
|
|
userService.GetUserByPrincipalAsync(Arg.Any<ClaimsPrincipal>()).ReturnsForAnyArgs(user);
|
|
|
|
var result = await sutProvider.Sut.Get();
|
|
|
|
Assert.Null(result.UserDecryption.MasterPasswordUnlock);
|
|
}
|
|
|
|
[Theory]
|
|
[BitAutoData(KdfType.PBKDF2_SHA256, 654_321, null, null)]
|
|
[BitAutoData(KdfType.Argon2id, 11, 128, 5)]
|
|
public async Task Get_HaveMasterPassword_UserDecryptionMasterPasswordUnlockNotNull(
|
|
KdfType kdfType, int kdfIterations, int? kdfMemory, int? kdfParallelism,
|
|
User user, SutProvider<SyncController> sutProvider)
|
|
{
|
|
user.EquivalentDomains = null;
|
|
user.ExcludedGlobalEquivalentDomains = null;
|
|
|
|
user.Key = "test-key";
|
|
user.MasterPassword = "test-master-password";
|
|
user.Kdf = kdfType;
|
|
user.KdfIterations = kdfIterations;
|
|
user.KdfMemory = kdfMemory;
|
|
user.KdfParallelism = kdfParallelism;
|
|
|
|
var userAccountKeysQuery = sutProvider.GetDependency<IUserAccountKeysQuery>();
|
|
userAccountKeysQuery.Run(user).Returns(new UserAccountKeysData
|
|
{
|
|
PublicKeyEncryptionKeyPairData = user.GetPublicKeyEncryptionKeyPair(),
|
|
SignatureKeyPairData = null,
|
|
});
|
|
|
|
var userService = sutProvider.GetDependency<IUserService>();
|
|
userService.GetUserByPrincipalAsync(Arg.Any<ClaimsPrincipal>()).ReturnsForAnyArgs(user);
|
|
|
|
var result = await sutProvider.Sut.Get();
|
|
|
|
Assert.NotNull(result.UserDecryption.MasterPasswordUnlock);
|
|
Assert.NotNull(result.UserDecryption.MasterPasswordUnlock.Kdf);
|
|
Assert.Equal(kdfType, result.UserDecryption.MasterPasswordUnlock.Kdf.KdfType);
|
|
Assert.Equal(kdfIterations, result.UserDecryption.MasterPasswordUnlock.Kdf.Iterations);
|
|
Assert.Equal(kdfMemory, result.UserDecryption.MasterPasswordUnlock.Kdf.Memory);
|
|
Assert.Equal(kdfParallelism, result.UserDecryption.MasterPasswordUnlock.Kdf.Parallelism);
|
|
Assert.Equal(user.Key, result.UserDecryption.MasterPasswordUnlock.MasterKeyEncryptedUserKey);
|
|
Assert.Equal(user.Email.ToLower(), result.UserDecryption.MasterPasswordUnlock.Salt);
|
|
}
|
|
|
|
private async Task AssertMethodsCalledAsync(IUserService userService,
|
|
ITwoFactorIsEnabledQuery twoFactorIsEnabledQuery,
|
|
IOrganizationUserRepository organizationUserRepository,
|
|
IProviderUserRepository providerUserRepository, IFolderRepository folderRepository,
|
|
ICipherRepository cipherRepository, ISendRepository sendRepository,
|
|
ICollectionRepository collectionRepository,
|
|
ICollectionCipherRepository collectionCipherRepository,
|
|
bool hasEnabledOrgs)
|
|
{
|
|
await userService.ReceivedWithAnyArgs(1).GetUserByPrincipalAsync(default);
|
|
await organizationUserRepository.ReceivedWithAnyArgs(1)
|
|
.GetManyDetailsByUserAsync(default);
|
|
await providerUserRepository.ReceivedWithAnyArgs(1)
|
|
.GetManyDetailsByUserAsync(default);
|
|
await providerUserRepository.ReceivedWithAnyArgs(1)
|
|
.GetManyOrganizationDetailsByUserAsync(default);
|
|
|
|
await folderRepository.ReceivedWithAnyArgs(1)
|
|
.GetManyByUserIdAsync(default);
|
|
|
|
await cipherRepository.ReceivedWithAnyArgs(1)
|
|
.GetManyByUserIdAsync(default);
|
|
|
|
await sendRepository.ReceivedWithAnyArgs(1)
|
|
.GetManyByUserIdAsync(default);
|
|
|
|
// These two are only called when at least 1 enabled org.
|
|
if (hasEnabledOrgs)
|
|
{
|
|
await collectionRepository.ReceivedWithAnyArgs(1)
|
|
.GetManyByUserIdAsync(default);
|
|
await collectionCipherRepository.ReceivedWithAnyArgs(1)
|
|
.GetManyByUserIdAsync(default);
|
|
}
|
|
else
|
|
{
|
|
// all disabled orgs
|
|
await collectionRepository.ReceivedWithAnyArgs(0)
|
|
.GetManyByUserIdAsync(default);
|
|
await collectionCipherRepository.ReceivedWithAnyArgs(0)
|
|
.GetManyByUserIdAsync(default);
|
|
}
|
|
|
|
await twoFactorIsEnabledQuery.ReceivedWithAnyArgs(1)
|
|
.TwoFactorIsEnabledAsync(default(ITwoFactorProvidersUser));
|
|
await userService.ReceivedWithAnyArgs(1)
|
|
.HasPremiumFromOrganization(default);
|
|
}
|
|
}
|