bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-21 18:53:41 +00:00
Code Issues Releases Wiki Activity
Files
ada1fb35a66f45572c841fc248db6d21cdb24a02
server/test/Api.Test/AdminConsole/Authorization/Requirements/BasePermissionRequirementTests.cs
Thomas Rittson 88dd977848 [PM-23921] [BEEEP] Add IOrganizationRequirements for each permission (#6105) 
* Add BasePermissionRequirement and implement it for each permission

* Add tests
2025-07-31 11:22:06 +10:00

67 lines
2.9 KiB
C#
Raw Blame History

using Bit.Api.AdminConsole.Authorization.Requirements;
using Bit.Core.Context;
using Bit.Core.Enums;
using Bit.Core.Test.AdminConsole.AutoFixture;
using Bit.Core.Test.AdminConsole.Helpers;
using Bit.Test.Common.AutoFixture.Attributes;
using Xunit;
namespace Bit.Api.Test.AdminConsole.Authorization.Requirements;
public class BasePermissionRequirementTests
{
[Theory, BitAutoData]
[CurrentContextOrganizationCustomize(Type = OrganizationUserType.Owner)]
public async Task Authorizes_Owners(CurrentContextOrganization organizationClaims)
{
var result = await new PermissionRequirement().AuthorizeAsync(organizationClaims, () => Task.FromResult(false));
Assert.True(result);
}
[Theory, BitAutoData]
[CurrentContextOrganizationCustomize(Type = OrganizationUserType.Admin)]
public async Task Authorizes_Admins(CurrentContextOrganization organizationClaims)
{
var result = await new PermissionRequirement().AuthorizeAsync(organizationClaims, () => Task.FromResult(false));
Assert.True(result);
}
[Theory, BitAutoData]
[CurrentContextOrganizationCustomize(Type = OrganizationUserType.User)]
public async Task Authorizes_Providers(CurrentContextOrganization organizationClaims)
{
var result = await new PermissionRequirement().AuthorizeAsync(organizationClaims, () => Task.FromResult(true));
Assert.True(result);
}
[Theory, BitAutoData]
[CurrentContextOrganizationCustomize(Type = OrganizationUserType.Custom)]
public async Task Authorizes_CustomPermission(CurrentContextOrganization organizationClaims)
{
organizationClaims.Permissions.ManageGroups = true;
var result = await new TestCustomPermissionRequirement().AuthorizeAsync(organizationClaims, () => Task.FromResult(false));
Assert.True(result);
}
[Theory, BitAutoData]
[CurrentContextOrganizationCustomize(Type = OrganizationUserType.User)]
public async Task DoesNotAuthorize_Users(CurrentContextOrganization organizationClaims)
{
var result = await new PermissionRequirement().AuthorizeAsync(organizationClaims, () => Task.FromResult(false));
Assert.False(result);
}
[Theory, BitAutoData]
[CurrentContextOrganizationCustomize(Type = OrganizationUserType.Custom)]
public async Task DoesNotAuthorize_OtherCustomPermissions(CurrentContextOrganization organizationClaims)
{
organizationClaims.Permissions.ManageGroups = true;
organizationClaims.Permissions = organizationClaims.Permissions.Invert();
var result = await new TestCustomPermissionRequirement().AuthorizeAsync(organizationClaims, () => Task.FromResult(false));
Assert.False(result);
}
private class PermissionRequirement() : BasePermissionRequirement(_ => false);
private class TestCustomPermissionRequirement() : BasePermissionRequirement(p => p.ManageGroups);
}
Reference in New Issue View Git Blame Copy Permalink