mirror of
https://github.com/bitwarden/server
synced 2026-02-05 11:13:20 +00:00
7f65a655d4
* Add feature flag * Further establish billing command pattern and use in PreviewTaxAmountCommand * Add billing address models/commands/queries/tests * Update TypeReadingJsonConverter to account for new union types * Add payment method models/commands/queries/tests * Add credit models/commands/queries/tests * Add command/query registrations * Add new endpoints to support new command model and payment functionality * Run dotnet format * Add InjectUserAttribute for easier AccountBillilngVNextController handling * Add InjectOrganizationAttribute for easier OrganizationBillingVNextController handling * Add InjectProviderAttribute for easier ProviderBillingVNextController handling * Add XML documentation for billing command pipeline * Fix StripeConstants post-nullability * More nullability cleanup * Run dotnet format
54 lines
1.8 KiB
C#
54 lines
1.8 KiB
C#
#nullable enable
|
|
using Bit.Core.Entities;
|
|
using Bit.Core.Models.Api;
|
|
using Bit.Core.Services;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.AspNetCore.Mvc.Filters;
|
|
|
|
namespace Bit.Api.Billing.Attributes;
|
|
|
|
/// <summary>
|
|
/// An action filter that facilitates the injection of a <see cref="User"/> parameter into the executing action method arguments.
|
|
/// </summary>
|
|
/// <remarks>
|
|
/// <para>This attribute retrieves the authorized user associated with the current HTTP context using the <see cref="IUserService"/> service.
|
|
/// If the user is unauthorized or cannot be found, the request is terminated with an unauthorized response.</para>
|
|
/// <para>The injected <see cref="User"/>
|
|
/// parameter must be marked with a [BindNever] attribute to short-circuit the model-binding system.</para>
|
|
/// </remarks>
|
|
/// <example>
|
|
/// <code><![CDATA[
|
|
/// [HttpPost]
|
|
/// [InjectUser]
|
|
/// public async Task<IResult> EndpointAsync([BindNever] User user)
|
|
/// ]]></code>
|
|
/// </example>
|
|
/// <seealso cref="ActionFilterAttribute"/>
|
|
public class InjectUserAttribute : ActionFilterAttribute
|
|
{
|
|
public override async Task OnActionExecutionAsync(
|
|
ActionExecutingContext context,
|
|
ActionExecutionDelegate next)
|
|
{
|
|
var userService = context.HttpContext.RequestServices.GetRequiredService<IUserService>();
|
|
|
|
var user = await userService.GetUserByPrincipalAsync(context.HttpContext.User);
|
|
|
|
if (user == null)
|
|
{
|
|
context.Result = new UnauthorizedObjectResult(new ErrorResponseModel("Unauthorized."));
|
|
return;
|
|
}
|
|
|
|
var userParameter =
|
|
context.ActionDescriptor.Parameters.FirstOrDefault(parameter => parameter.ParameterType == typeof(User));
|
|
|
|
if (userParameter != null)
|
|
{
|
|
context.ActionArguments[userParameter.Name] = user;
|
|
}
|
|
|
|
await next();
|
|
}
|
|
}
|