mirror of
https://github.com/bitwarden/server
synced 2025-12-06 00:03:34 +00:00
fedc6b865b
* ignore serena * removing unused properties from org metadata * removing further properties that can already be fetched on the client side using available data * new vnext endpoint for org metadata plus caching metadata first pass including new feature flag # Conflicts: # src/Core/Constants.cs * [PM-25379] decided against cache and new query shouldn't use the service * pr feedback removing unneeded response model * run dotnet format
313 lines
9.2 KiB
C#
313 lines
9.2 KiB
C#
using Bit.Api.Billing.Models.Requests;
|
|
using Bit.Api.Billing.Models.Responses;
|
|
using Bit.Core.Billing.Organizations.Services;
|
|
using Bit.Core.Billing.Providers.Services;
|
|
using Bit.Core.Billing.Services;
|
|
using Bit.Core.Context;
|
|
using Bit.Core.Repositories;
|
|
using Bit.Core.Services;
|
|
using Bit.Core.Utilities;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
|
|
namespace Bit.Api.Billing.Controllers;
|
|
|
|
[Route("organizations/{organizationId:guid}/billing")]
|
|
[Authorize("Application")]
|
|
public class OrganizationBillingController(
|
|
IBusinessUnitConverter businessUnitConverter,
|
|
ICurrentContext currentContext,
|
|
IOrganizationBillingService organizationBillingService,
|
|
IOrganizationRepository organizationRepository,
|
|
IPaymentService paymentService,
|
|
ISubscriberService subscriberService,
|
|
IPaymentHistoryService paymentHistoryService) : BaseBillingController
|
|
{
|
|
[HttpGet("metadata")]
|
|
public async Task<IResult> GetMetadataAsync([FromRoute] Guid organizationId)
|
|
{
|
|
if (!await currentContext.OrganizationUser(organizationId))
|
|
{
|
|
return Error.Unauthorized();
|
|
}
|
|
|
|
var metadata = await organizationBillingService.GetMetadata(organizationId);
|
|
|
|
if (metadata == null)
|
|
{
|
|
return Error.NotFound();
|
|
}
|
|
|
|
return TypedResults.Ok(metadata);
|
|
}
|
|
|
|
[HttpGet("history")]
|
|
public async Task<IResult> GetHistoryAsync([FromRoute] Guid organizationId)
|
|
{
|
|
if (!await currentContext.ViewBillingHistory(organizationId))
|
|
{
|
|
return Error.Unauthorized();
|
|
}
|
|
|
|
var organization = await organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
if (organization == null)
|
|
{
|
|
return Error.NotFound();
|
|
}
|
|
|
|
var billingInfo = await paymentService.GetBillingHistoryAsync(organization);
|
|
|
|
return TypedResults.Ok(billingInfo);
|
|
}
|
|
|
|
[HttpGet("invoices")]
|
|
public async Task<IResult> GetInvoicesAsync([FromRoute] Guid organizationId, [FromQuery] string? status = null, [FromQuery] string? startAfter = null)
|
|
{
|
|
if (!await currentContext.ViewBillingHistory(organizationId))
|
|
{
|
|
return TypedResults.Unauthorized();
|
|
}
|
|
|
|
var organization = await organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
if (organization == null)
|
|
{
|
|
return TypedResults.NotFound();
|
|
}
|
|
|
|
var invoices = await paymentHistoryService.GetInvoiceHistoryAsync(
|
|
organization,
|
|
5,
|
|
status,
|
|
startAfter);
|
|
|
|
return TypedResults.Ok(invoices);
|
|
}
|
|
|
|
[HttpGet("transactions")]
|
|
public async Task<IResult> GetTransactionsAsync([FromRoute] Guid organizationId, [FromQuery] DateTime? startAfter = null)
|
|
{
|
|
if (!await currentContext.ViewBillingHistory(organizationId))
|
|
{
|
|
return TypedResults.Unauthorized();
|
|
}
|
|
|
|
var organization = await organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
if (organization == null)
|
|
{
|
|
return TypedResults.NotFound();
|
|
}
|
|
|
|
var transactions = await paymentHistoryService.GetTransactionHistoryAsync(
|
|
organization,
|
|
5,
|
|
startAfter);
|
|
|
|
return TypedResults.Ok(transactions);
|
|
}
|
|
|
|
[HttpGet]
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
|
public async Task<IResult> GetBillingAsync(Guid organizationId)
|
|
{
|
|
if (!await currentContext.ViewBillingHistory(organizationId))
|
|
{
|
|
return Error.Unauthorized();
|
|
}
|
|
|
|
var organization = await organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
if (organization == null)
|
|
{
|
|
return Error.NotFound();
|
|
}
|
|
|
|
var billingInfo = await paymentService.GetBillingAsync(organization);
|
|
|
|
var response = new BillingResponseModel(billingInfo);
|
|
|
|
return TypedResults.Ok(response);
|
|
}
|
|
|
|
[HttpGet("payment-method")]
|
|
public async Task<IResult> GetPaymentMethodAsync([FromRoute] Guid organizationId)
|
|
{
|
|
if (!await currentContext.EditPaymentMethods(organizationId))
|
|
{
|
|
return Error.Unauthorized();
|
|
}
|
|
|
|
var organization = await organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
if (organization == null)
|
|
{
|
|
return Error.NotFound();
|
|
}
|
|
|
|
var paymentMethod = await subscriberService.GetPaymentMethod(organization);
|
|
|
|
var response = PaymentMethodResponse.From(paymentMethod);
|
|
|
|
return TypedResults.Ok(response);
|
|
}
|
|
|
|
[HttpPut("payment-method")]
|
|
public async Task<IResult> UpdatePaymentMethodAsync(
|
|
[FromRoute] Guid organizationId,
|
|
[FromBody] UpdatePaymentMethodRequestBody requestBody)
|
|
{
|
|
if (!await currentContext.EditPaymentMethods(organizationId))
|
|
{
|
|
return Error.Unauthorized();
|
|
}
|
|
|
|
var organization = await organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
if (organization == null)
|
|
{
|
|
return Error.NotFound();
|
|
}
|
|
|
|
var tokenizedPaymentSource = requestBody.PaymentSource.ToDomain();
|
|
|
|
var taxInformation = requestBody.TaxInformation.ToDomain();
|
|
|
|
await organizationBillingService.UpdatePaymentMethod(organization, tokenizedPaymentSource, taxInformation);
|
|
|
|
return TypedResults.Ok();
|
|
}
|
|
|
|
[HttpPost("payment-method/verify-bank-account")]
|
|
public async Task<IResult> VerifyBankAccountAsync(
|
|
[FromRoute] Guid organizationId,
|
|
[FromBody] VerifyBankAccountRequestBody requestBody)
|
|
{
|
|
if (!await currentContext.EditPaymentMethods(organizationId))
|
|
{
|
|
return Error.Unauthorized();
|
|
}
|
|
|
|
if (requestBody.DescriptorCode.Length != 6 || !requestBody.DescriptorCode.StartsWith("SM"))
|
|
{
|
|
return Error.BadRequest("Statement descriptor should be a 6-character value that starts with 'SM'");
|
|
}
|
|
|
|
var organization = await organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
if (organization == null)
|
|
{
|
|
return Error.NotFound();
|
|
}
|
|
|
|
await subscriberService.VerifyBankAccount(organization, requestBody.DescriptorCode);
|
|
|
|
return TypedResults.Ok();
|
|
}
|
|
|
|
[HttpGet("tax-information")]
|
|
public async Task<IResult> GetTaxInformationAsync([FromRoute] Guid organizationId)
|
|
{
|
|
if (!await currentContext.EditPaymentMethods(organizationId))
|
|
{
|
|
return Error.Unauthorized();
|
|
}
|
|
|
|
var organization = await organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
if (organization == null)
|
|
{
|
|
return Error.NotFound();
|
|
}
|
|
|
|
var taxInformation = await subscriberService.GetTaxInformation(organization);
|
|
|
|
var response = TaxInformationResponse.From(taxInformation);
|
|
|
|
return TypedResults.Ok(response);
|
|
}
|
|
|
|
[HttpPut("tax-information")]
|
|
public async Task<IResult> UpdateTaxInformationAsync(
|
|
[FromRoute] Guid organizationId,
|
|
[FromBody] TaxInformationRequestBody requestBody)
|
|
{
|
|
if (!await currentContext.EditPaymentMethods(organizationId))
|
|
{
|
|
return Error.Unauthorized();
|
|
}
|
|
|
|
var organization = await organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
if (organization == null)
|
|
{
|
|
return Error.NotFound();
|
|
}
|
|
|
|
var taxInformation = requestBody.ToDomain();
|
|
|
|
await subscriberService.UpdateTaxInformation(organization, taxInformation);
|
|
|
|
return TypedResults.Ok();
|
|
}
|
|
|
|
[HttpPost("setup-business-unit")]
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
|
public async Task<IResult> SetupBusinessUnitAsync(
|
|
[FromRoute] Guid organizationId,
|
|
[FromBody] SetupBusinessUnitRequestBody requestBody)
|
|
{
|
|
var organization = await organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
if (organization == null)
|
|
{
|
|
return Error.NotFound();
|
|
}
|
|
|
|
if (!await currentContext.OrganizationUser(organizationId))
|
|
{
|
|
return Error.Unauthorized();
|
|
}
|
|
|
|
var providerId = await businessUnitConverter.FinalizeConversion(
|
|
organization,
|
|
requestBody.UserId,
|
|
requestBody.Token,
|
|
requestBody.ProviderKey,
|
|
requestBody.OrganizationKey);
|
|
|
|
return TypedResults.Ok(providerId);
|
|
}
|
|
|
|
[HttpPost("change-frequency")]
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
|
public async Task<IResult> ChangePlanSubscriptionFrequencyAsync(
|
|
[FromRoute] Guid organizationId,
|
|
[FromBody] ChangePlanFrequencyRequest request)
|
|
{
|
|
if (!await currentContext.EditSubscription(organizationId))
|
|
{
|
|
return Error.Unauthorized();
|
|
}
|
|
|
|
var organization = await organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
if (organization == null)
|
|
{
|
|
return Error.NotFound();
|
|
}
|
|
|
|
if (organization.PlanType == request.NewPlanType)
|
|
{
|
|
return Error.BadRequest("Organization is already on the requested plan frequency.");
|
|
}
|
|
|
|
await organizationBillingService.UpdateSubscriptionPlanFrequency(
|
|
organization,
|
|
request.NewPlanType);
|
|
|
|
return TypedResults.Ok();
|
|
}
|
|
}
|