bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2026-01-29 15:53:36 +00:00
Code Issues Releases Wiki Activity
Files
f578dab94f2e92d460a39b2b8d8f9db596fadae5
server/test/Api.Test/KeyManagement/Validators/OrganizationUserRotationValidatorTests.cs
Maciej Zieniuk f578dab94f user reset password key can be empty string (#6871)
2026-01-27 21:38:09 +01:00

203 lines
7.6 KiB
C#
Raw Blame History

using Bit.Api.AdminConsole.Models.Request.Organizations;
using Bit.Api.KeyManagement.Validators;
using Bit.Core.Entities;
using Bit.Core.Exceptions;
using Bit.Core.Repositories;
using Bit.Test.Common.AutoFixture;
using Bit.Test.Common.AutoFixture.Attributes;
using NSubstitute;
using Xunit;
namespace Bit.Api.Test.KeyManagement.Validators;
[SutProviderCustomize]
public class OrganizationUserRotationValidatorTests
{
[Theory]
[BitAutoData]
public async Task ValidateAsync_Success_ReturnsValid(
SutProvider<OrganizationUserRotationValidator> sutProvider, User user,
IEnumerable<ResetPasswordWithOrgIdRequestModel> resetPasswordKeys)
{
var existingUserResetPassword = resetPasswordKeys
.Select(a =>
new OrganizationUser
{
Id = new Guid(),
ResetPasswordKey = a.ResetPasswordKey,
OrganizationId = a.OrganizationId
}).ToList();
sutProvider.GetDependency<IOrganizationUserRepository>().GetManyByUserAsync(user.Id)
.Returns(existingUserResetPassword);
var result = await sutProvider.Sut.ValidateAsync(user, resetPasswordKeys);
Assert.Equal(result.Select(r => r.OrganizationId), resetPasswordKeys.Select(a => a.OrganizationId));
}
[Theory]
[BitAutoData]
public async Task ValidateAsync_NullResetPasswordKeys_ReturnsEmptyList(
SutProvider<OrganizationUserRotationValidator> sutProvider, User user)
{
// Arrange
IEnumerable<ResetPasswordWithOrgIdRequestModel> resetPasswordKeys = null;
// Act
var result = await sutProvider.Sut.ValidateAsync(user, resetPasswordKeys);
// Assert
Assert.NotNull(result);
Assert.Empty(result);
}
[Theory]
[BitAutoData]
public async Task ValidateAsync_NoOrgUsers_ReturnsEmptyList(
SutProvider<OrganizationUserRotationValidator> sutProvider, User user,
IEnumerable<ResetPasswordWithOrgIdRequestModel> resetPasswordKeys)
{
// Arrange
sutProvider.GetDependency<IOrganizationUserRepository>().GetManyByUserAsync(user.Id)
.Returns(new List<OrganizationUser>()); // Return an empty list
// Act
var result = await sutProvider.Sut.ValidateAsync(user, resetPasswordKeys);
// Assert
Assert.NotNull(result);
Assert.Empty(result);
}
[Theory]
[BitAutoData([null])]
[BitAutoData("")]
public async Task ValidateAsync_OrgUsersWithNullOrEmptyResetPasswordKey_FiltersOutInvalidKeys(
string? invalidResetPasswordKey,
SutProvider<OrganizationUserRotationValidator> sutProvider, User user,
ResetPasswordWithOrgIdRequestModel validResetPasswordKey)
{
// Arrange
var existingUserResetPassword = new List<OrganizationUser>
{
// Valid org user with reset password key
new OrganizationUser
{
Id = Guid.NewGuid(),
OrganizationId = validResetPasswordKey.OrganizationId,
ResetPasswordKey = validResetPasswordKey.ResetPasswordKey
},
// Invalid org user with null or empty reset password key - should be filtered out
new OrganizationUser
{
Id = Guid.NewGuid(),
OrganizationId = Guid.NewGuid(),
ResetPasswordKey = invalidResetPasswordKey
}
};
sutProvider.GetDependency<IOrganizationUserRepository>().GetManyByUserAsync(user.Id)
.Returns(existingUserResetPassword);
// Act
var result = await sutProvider.Sut.ValidateAsync(user, new[] { validResetPasswordKey });
// Assert
Assert.NotNull(result);
Assert.Single(result);
Assert.Equal(validResetPasswordKey.OrganizationId, result[0].OrganizationId);
}
[Theory]
[BitAutoData]
public async Task ValidateAsync_MissingResetPassword_Throws(
SutProvider<OrganizationUserRotationValidator> sutProvider, User user,
IEnumerable<ResetPasswordWithOrgIdRequestModel> resetPasswordKeys)
{
var existingUserResetPassword = resetPasswordKeys
.Select(a =>
new OrganizationUser
{
Id = new Guid(),
ResetPasswordKey = a.ResetPasswordKey,
OrganizationId = a.OrganizationId
}).ToList();
existingUserResetPassword.Add(new OrganizationUser
{
Id = Guid.NewGuid(),
ResetPasswordKey = "Missing ResetPasswordKey"
});
sutProvider.GetDependency<IOrganizationUserRepository>().GetManyByUserAsync(user.Id)
.Returns(existingUserResetPassword);
await Assert.ThrowsAsync<BadRequestException>(async () =>
await sutProvider.Sut.ValidateAsync(user, resetPasswordKeys));
}
[Theory]
[BitAutoData]
public async Task ValidateAsync_ResetPasswordDoesNotBelongToUser_NotReturned(
SutProvider<OrganizationUserRotationValidator> sutProvider, User user,
IEnumerable<ResetPasswordWithOrgIdRequestModel> resetPasswordKeys)
{
var existingUserResetPassword = resetPasswordKeys
.Select(a =>
new OrganizationUser
{
Id = new Guid(),
ResetPasswordKey = a.ResetPasswordKey,
OrganizationId = a.OrganizationId
}).ToList();
existingUserResetPassword.RemoveAt(0);
sutProvider.GetDependency<IOrganizationUserRepository>().GetManyByUserAsync(user.Id)
.Returns(existingUserResetPassword);
var result = await sutProvider.Sut.ValidateAsync(user, resetPasswordKeys);
Assert.DoesNotContain(result, c => c.Id == resetPasswordKeys.First().OrganizationId);
}
[Theory]
[BitAutoData]
public async Task ValidateAsync_AttemptToSetKeyToNull_Throws(
SutProvider<OrganizationUserRotationValidator> sutProvider, User user,
IEnumerable<ResetPasswordWithOrgIdRequestModel> resetPasswordKeys)
{
var existingUserResetPassword = resetPasswordKeys
.Select(a =>
new OrganizationUser
{
Id = new Guid(),
ResetPasswordKey = a.ResetPasswordKey,
OrganizationId = a.OrganizationId
}).ToList();
sutProvider.GetDependency<IOrganizationUserRepository>().GetManyByUserAsync(user.Id)
.Returns(existingUserResetPassword);
resetPasswordKeys.First().ResetPasswordKey = null;
await Assert.ThrowsAsync<BadRequestException>(async () =>
await sutProvider.Sut.ValidateAsync(user, resetPasswordKeys));
}
[Theory]
[BitAutoData]
public async Task ValidateAsync_NoOrganizationsInRequestButInDatabase_Throws(
SutProvider<OrganizationUserRotationValidator> sutProvider, User user,
IEnumerable<ResetPasswordWithOrgIdRequestModel> resetPasswordKeys)
{
var existingUserResetPassword = resetPasswordKeys
.Select(a =>
new OrganizationUser
{
Id = new Guid(),
ResetPasswordKey = a.ResetPasswordKey,
OrganizationId = a.OrganizationId
}).ToList();
sutProvider.GetDependency<IOrganizationUserRepository>().GetManyByUserAsync(user.Id)
.Returns(existingUserResetPassword);
await Assert.ThrowsAsync<BadRequestException>(async () =>
await sutProvider.Sut.ValidateAsync(user, Enumerable.Empty<ResetPasswordWithOrgIdRequestModel>()));
}
}
Reference in New Issue View Git Blame Copy Permalink