2022-06-29 19:46:41 -04:00
|
|
|
|
using System.Data;
|
2022-01-21 09:36:25 -05:00
|
|
|
|
using System.Text.Json;
|
2023-10-20 06:37:46 +10:00
|
|
|
|
using Bit.Core.AdminConsole.Entities;
|
2023-11-23 07:07:37 +10:00
|
|
|
|
using Bit.Core.AdminConsole.Enums;
|
2023-12-14 15:05:19 -05:00
|
|
|
|
using Bit.Core.Auth.UserFeatures.UserKey;
|
2022-01-11 10:40:51 +01:00
|
|
|
|
using Bit.Core.Entities;
|
2017-03-25 21:53:32 -04:00
|
|
|
|
using Bit.Core.Enums;
|
2017-05-09 19:04:01 -04:00
|
|
|
|
using Bit.Core.Models.Data;
|
2022-05-10 17:12:09 -04:00
|
|
|
|
using Bit.Core.Models.Data.Organizations.OrganizationUsers;
|
2022-01-11 10:40:51 +01:00
|
|
|
|
using Bit.Core.Repositories;
|
2021-02-22 15:35:16 -06:00
|
|
|
|
using Bit.Core.Settings;
|
2023-12-14 15:05:19 -05:00
|
|
|
|
using Bit.Infrastructure.Dapper.AdminConsole.Helpers;
|
2017-03-02 00:15:05 -05:00
|
|
|
|
using Dapper;
|
2023-01-10 15:58:41 -05:00
|
|
|
|
using Microsoft.Data.SqlClient;
|
2017-03-02 00:15:05 -05:00
|
|
|
|
|
2022-01-11 10:40:51 +01:00
|
|
|
|
namespace Bit.Infrastructure.Dapper.Repositories;
|
2022-08-29 16:06:55 -04:00
|
|
|
|
|
2022-01-11 10:40:51 +01:00
|
|
|
|
public class OrganizationUserRepository : Repository<OrganizationUser, Guid>, IOrganizationUserRepository
|
2017-03-02 00:15:05 -05:00
|
|
|
|
{
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// For use with methods with TDS stream issues.
|
|
|
|
|
|
/// This has been observed in Linux-hosted SqlServers with large table-valued-parameters
|
|
|
|
|
|
/// https://github.com/dotnet/SqlClient/issues/54
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
private string _marsConnectionString;
|
2022-08-29 16:06:55 -04:00
|
|
|
|
|
2017-03-02 00:15:05 -05:00
|
|
|
|
public OrganizationUserRepository(GlobalSettings globalSettings)
|
|
|
|
|
|
: this(globalSettings.SqlServer.ConnectionString, globalSettings.SqlServer.ReadOnlyConnectionString)
|
|
|
|
|
|
{
|
2018-10-09 17:21:12 -04:00
|
|
|
|
var builder = new SqlConnectionStringBuilder(ConnectionString)
|
2021-06-25 14:36:59 -04:00
|
|
|
|
{
|
|
|
|
|
|
MultipleActiveResultSets = true,
|
|
|
|
|
|
};
|
|
|
|
|
|
_marsConnectionString = builder.ToString();
|
|
|
|
|
|
}
|
2017-03-02 00:15:05 -05:00
|
|
|
|
|
2018-10-09 17:21:12 -04:00
|
|
|
|
public OrganizationUserRepository(string connectionString, string readOnlyConnectionString)
|
|
|
|
|
|
: base(connectionString, readOnlyConnectionString)
|
2017-03-02 00:15:05 -05:00
|
|
|
|
{ }
|
|
|
|
|
|
|
2017-04-07 16:41:04 -04:00
|
|
|
|
public async Task<int> GetCountByOrganizationIdAsync(Guid organizationId)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
2017-04-07 16:41:04 -04:00
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.ExecuteScalarAsync<int>(
|
|
|
|
|
|
"[dbo].[OrganizationUser_ReadCountByOrganizationId]",
|
|
|
|
|
|
new { OrganizationId = organizationId },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
|
|
|
|
|
return results;
|
|
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2017-04-07 16:41:04 -04:00
|
|
|
|
|
2017-04-07 14:52:31 -04:00
|
|
|
|
public async Task<int> GetCountByFreeOrganizationAdminUserAsync(Guid userId)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
2017-04-07 14:52:31 -04:00
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.ExecuteScalarAsync<int>(
|
|
|
|
|
|
"[dbo].[OrganizationUser_ReadCountByFreeOrganizationAdminUser]",
|
|
|
|
|
|
new { UserId = userId },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
|
|
|
|
|
return results;
|
|
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2017-04-07 14:52:31 -04:00
|
|
|
|
|
2017-10-25 11:36:54 -04:00
|
|
|
|
public async Task<int> GetCountByOnlyOwnerAsync(Guid userId)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
2017-04-27 17:28:39 -04:00
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.ExecuteScalarAsync<int>(
|
2017-10-25 11:36:54 -04:00
|
|
|
|
"[dbo].[OrganizationUser_ReadCountByOnlyOwner]",
|
2017-04-27 17:28:39 -04:00
|
|
|
|
new { UserId = userId },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
|
|
|
|
|
return results;
|
|
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2017-04-27 17:28:39 -04:00
|
|
|
|
|
2017-11-13 10:06:54 -05:00
|
|
|
|
public async Task<int> GetCountByOrganizationAsync(Guid organizationId, string email, bool onlyRegisteredUsers)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
2017-03-28 21:16:19 -04:00
|
|
|
|
{
|
2017-11-13 10:06:54 -05:00
|
|
|
|
var result = await connection.ExecuteScalarAsync<int>(
|
|
|
|
|
|
"[dbo].[OrganizationUser_ReadCountByOrganizationIdEmail]",
|
|
|
|
|
|
new { OrganizationId = organizationId, Email = email, OnlyUsers = onlyRegisteredUsers },
|
2017-03-28 21:16:19 -04:00
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
2017-11-13 10:06:54 -05:00
|
|
|
|
return result;
|
2017-03-02 00:15:05 -05:00
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2017-03-04 21:28:41 -05:00
|
|
|
|
|
2023-02-24 07:54:19 +10:00
|
|
|
|
public async Task<int> GetOccupiedSeatCountByOrganizationIdAsync(Guid organizationId)
|
|
|
|
|
|
{
|
|
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
|
|
|
|
|
{
|
|
|
|
|
|
var result = await connection.ExecuteScalarAsync<int>(
|
|
|
|
|
|
"[dbo].[OrganizationUser_ReadOccupiedSeatCountByOrganizationId]",
|
|
|
|
|
|
new { OrganizationId = organizationId },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
|
|
|
|
|
return result;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2023-07-24 23:05:05 +01:00
|
|
|
|
public async Task<int> GetOccupiedSmSeatCountByOrganizationIdAsync(Guid organizationId)
|
|
|
|
|
|
{
|
|
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
|
|
|
|
|
{
|
|
|
|
|
|
var result = await connection.ExecuteScalarAsync<int>(
|
|
|
|
|
|
"[dbo].[OrganizationUser_ReadOccupiedSmSeatCountByOrganizationId]",
|
|
|
|
|
|
new { OrganizationId = organizationId },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
|
|
|
|
|
return result;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-06-24 15:31:03 -04:00
|
|
|
|
public async Task<ICollection<string>> SelectKnownEmailsAsync(Guid organizationId, IEnumerable<string> emails,
|
2021-05-17 09:43:02 -05:00
|
|
|
|
bool onlyRegisteredUsers)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2021-06-24 19:40:46 -04:00
|
|
|
|
var emailsTvp = emails.ToArrayTVP("Email");
|
2021-06-25 14:36:59 -04:00
|
|
|
|
using (var connection = new SqlConnection(_marsConnectionString))
|
2021-05-17 09:43:02 -05:00
|
|
|
|
{
|
|
|
|
|
|
var result = await connection.QueryAsync<string>(
|
|
|
|
|
|
"[dbo].[OrganizationUser_SelectKnownEmails]",
|
2021-06-24 19:40:46 -04:00
|
|
|
|
new { OrganizationId = organizationId, Emails = emailsTvp, OnlyUsers = onlyRegisteredUsers },
|
2021-05-17 09:43:02 -05:00
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
2021-06-24 10:38:33 -04:00
|
|
|
|
// Return as a list to avoid timing out the sql connection
|
|
|
|
|
|
return result.ToList();
|
2021-05-17 09:43:02 -05:00
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2021-05-17 09:43:02 -05:00
|
|
|
|
|
2017-04-12 10:07:27 -04:00
|
|
|
|
public async Task<OrganizationUser> GetByOrganizationAsync(Guid organizationId, Guid userId)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
2017-04-12 10:07:27 -04:00
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.QueryAsync<OrganizationUser>(
|
|
|
|
|
|
"[dbo].[OrganizationUser_ReadByOrganizationIdUserId]",
|
|
|
|
|
|
new { OrganizationId = organizationId, UserId = userId },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
|
|
|
|
|
return results.SingleOrDefault();
|
|
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2017-04-12 10:07:27 -04:00
|
|
|
|
|
2017-04-05 15:31:33 -04:00
|
|
|
|
public async Task<ICollection<OrganizationUser>> GetManyByUserAsync(Guid userId)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
2017-04-05 15:31:33 -04:00
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.QueryAsync<OrganizationUser>(
|
|
|
|
|
|
"[dbo].[OrganizationUser_ReadByUserId]",
|
|
|
|
|
|
new { UserId = userId },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
|
|
|
|
|
return results.ToList();
|
|
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2017-04-05 15:31:33 -04:00
|
|
|
|
|
2017-03-29 21:26:19 -04:00
|
|
|
|
public async Task<ICollection<OrganizationUser>> GetManyByOrganizationAsync(Guid organizationId,
|
|
|
|
|
|
OrganizationUserType? type)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
2017-03-29 21:26:19 -04:00
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.QueryAsync<OrganizationUser>(
|
|
|
|
|
|
"[dbo].[OrganizationUser_ReadByOrganizationId]",
|
|
|
|
|
|
new { OrganizationId = organizationId, Type = type },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
|
|
|
|
|
return results.ToList();
|
|
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2017-03-29 21:26:19 -04:00
|
|
|
|
|
2023-01-19 17:00:54 +01:00
|
|
|
|
public async Task<Tuple<OrganizationUser, ICollection<CollectionAccessSelection>>> GetByIdWithCollectionsAsync(Guid id)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
2017-03-04 21:28:41 -05:00
|
|
|
|
{
|
2017-03-11 15:34:57 -05:00
|
|
|
|
var results = await connection.QueryMultipleAsync(
|
2017-05-11 10:32:25 -04:00
|
|
|
|
"[dbo].[OrganizationUser_ReadWithCollectionsById]",
|
2017-03-04 21:28:41 -05:00
|
|
|
|
new { Id = id },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
2022-08-29 16:06:55 -04:00
|
|
|
|
|
2017-05-11 10:32:25 -04:00
|
|
|
|
var user = (await results.ReadAsync<OrganizationUser>()).SingleOrDefault();
|
2023-01-19 17:00:54 +01:00
|
|
|
|
var collections = (await results.ReadAsync<CollectionAccessSelection>()).ToList();
|
|
|
|
|
|
return new Tuple<OrganizationUser, ICollection<CollectionAccessSelection>>(user, collections);
|
2017-03-04 21:28:41 -05:00
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2017-03-04 21:28:41 -05:00
|
|
|
|
|
2019-03-05 23:22:43 -05:00
|
|
|
|
public async Task<OrganizationUserUserDetails> GetDetailsByIdAsync(Guid id)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
2019-03-05 23:22:43 -05:00
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.QueryAsync<OrganizationUserUserDetails>(
|
|
|
|
|
|
"[dbo].[OrganizationUserUserDetails_ReadById]",
|
|
|
|
|
|
new { Id = id },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
|
|
|
|
|
return results.SingleOrDefault();
|
|
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2023-01-19 17:00:54 +01:00
|
|
|
|
public async Task<Tuple<OrganizationUserUserDetails, ICollection<CollectionAccessSelection>>>
|
2019-03-05 23:22:43 -05:00
|
|
|
|
GetDetailsByIdWithCollectionsAsync(Guid id)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
2019-03-05 23:22:43 -05:00
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.QueryMultipleAsync(
|
|
|
|
|
|
"[dbo].[OrganizationUserUserDetails_ReadWithCollectionsById]",
|
|
|
|
|
|
new { Id = id },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
2022-08-29 16:06:55 -04:00
|
|
|
|
|
2019-03-05 23:22:43 -05:00
|
|
|
|
var user = (await results.ReadAsync<OrganizationUserUserDetails>()).SingleOrDefault();
|
2023-01-19 17:00:54 +01:00
|
|
|
|
var collections = (await results.ReadAsync<CollectionAccessSelection>()).ToList();
|
|
|
|
|
|
return new Tuple<OrganizationUserUserDetails, ICollection<CollectionAccessSelection>>(user, collections);
|
2019-03-05 23:22:43 -05:00
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2019-03-05 23:22:43 -05:00
|
|
|
|
|
2023-01-19 17:00:54 +01:00
|
|
|
|
public async Task<ICollection<OrganizationUserUserDetails>> GetManyDetailsByOrganizationAsync(Guid organizationId, bool includeGroups, bool includeCollections)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
2017-03-04 21:28:41 -05:00
|
|
|
|
{
|
2017-03-06 20:51:13 -05:00
|
|
|
|
var results = await connection.QueryAsync<OrganizationUserUserDetails>(
|
|
|
|
|
|
"[dbo].[OrganizationUserUserDetails_ReadByOrganizationId]",
|
2017-03-04 21:28:41 -05:00
|
|
|
|
new { OrganizationId = organizationId },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
2023-01-19 17:00:54 +01:00
|
|
|
|
List<IGrouping<Guid, GroupUser>> userGroups = null;
|
|
|
|
|
|
List<IGrouping<Guid, CollectionUser>> userCollections = null;
|
|
|
|
|
|
|
|
|
|
|
|
var users = results.ToList();
|
|
|
|
|
|
|
|
|
|
|
|
if (!includeCollections && !includeGroups)
|
|
|
|
|
|
{
|
|
|
|
|
|
return users;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var orgUserIds = users.Select(u => u.Id).ToGuidIdArrayTVP();
|
|
|
|
|
|
|
|
|
|
|
|
if (includeGroups)
|
|
|
|
|
|
{
|
|
|
|
|
|
userGroups = (await connection.QueryAsync<GroupUser>(
|
|
|
|
|
|
"[dbo].[GroupUser_ReadByOrganizationUserIds]",
|
|
|
|
|
|
new { OrganizationUserIds = orgUserIds },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure)).GroupBy(u => u.OrganizationUserId).ToList();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (includeCollections)
|
|
|
|
|
|
{
|
|
|
|
|
|
userCollections = (await connection.QueryAsync<CollectionUser>(
|
|
|
|
|
|
"[dbo].[CollectionUser_ReadByOrganizationUserIds]",
|
|
|
|
|
|
new { OrganizationUserIds = orgUserIds },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure)).GroupBy(u => u.OrganizationUserId).ToList();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Map any queried collections and groups to their respective users
|
|
|
|
|
|
foreach (var user in users)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (userGroups != null)
|
|
|
|
|
|
{
|
|
|
|
|
|
user.Groups = userGroups
|
|
|
|
|
|
.FirstOrDefault(u => u.Key == user.Id)?
|
|
|
|
|
|
.Select(ug => ug.GroupId).ToList() ?? new List<Guid>();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (userCollections != null)
|
|
|
|
|
|
{
|
|
|
|
|
|
user.Collections = userCollections
|
|
|
|
|
|
.FirstOrDefault(u => u.Key == user.Id)?
|
|
|
|
|
|
.Select(uc => new CollectionAccessSelection
|
|
|
|
|
|
{
|
|
|
|
|
|
Id = uc.CollectionId,
|
|
|
|
|
|
ReadOnly = uc.ReadOnly,
|
[AC-1373] Flexible Collections (#3245)
* [AC-1117] Add manage permission (#3126)
* Update sql files to add Manage permission
* Add migration script
* Rename collection manage migration file to remove duplicate migration date
* Migrations
* Add manage to models
* Add manage to repository
* Add constraint to Manage columns
* Migration lint fixes
* Add manage to OrganizationUserUserDetails_ReadWithCollectionsById
* Add missing manage fields
* Add 'Manage' to UserCollectionDetails
* Use CREATE OR ALTER where possible
* [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145)
* feat: update org table with new column, write migration, refs AC-1374
* feat: update views with new column, refs AC-1374
* feat: Alter sprocs (org create/update) to include new column, refs AC-1374
* feat: update entity/data/request/response models to handle new column, refs AC-1374
* feat: update necessary Provider related views during migration, refs AC-1374
* fix: update org create to default new column to false, refs AC-1374
* feat: added new API/request model for collection management and removed property from update request model, refs AC-1374
* fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: add ef migrations to reflect mssql changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374
* fix: merge conflict resolution
* [AC-1174] CollectionUser and CollectionGroup authorization handlers (#3194)
* [AC-1174] Introduce BulkAuthorizationHandler.cs
* [AC-1174] Introduce CollectionUserAuthorizationHandler
* [AC-1174] Add CreateForNewCollection CollectionUser requirement
* [AC-1174] Add some more details to CollectionCustomization
* [AC-1174] Formatting
* [AC-1174] Add CollectionGroupOperation.cs
* [AC-1174] Introduce CollectionGroupAuthorizationHandler.cs
* [AC-1174] Cleanup CollectionFixture customization
Implement and use re-usable extension method to support seeded Guids
* [AC-1174] Introduce WithValueFromList AutoFixtureExtensions
Modify CollectionCustomization to use multiple organization Ids for auto generated test data
* [AC-1174] Simplify CollectionUserAuthorizationHandler.cs
Modify the authorization handler to only perform authorization logic. Validation logic will need to be handled by any calling commands/controllers instead.
* [AC-1174] Introduce shared CollectionAccessAuthorizationHandlerBase
A shared base authorization handler was created for both CollectionUser and CollectionGroup resources, as they share the same underlying management authorization logic.
* [AC-1174] Update CollectionUserAuthorizationHandler and CollectionGroupAuthorizationHandler to use the new CollectionAccessAuthorizationHandlerBase class
* [AC-1174] Formatting
* [AC-1174] Cleanup typo and redundant ToList() call
* [AC-1174] Add check for provider users
* [AC-1174] Reduce nested loops
* [AC-1174] Introduce ICollectionAccess.cs
* [AC-1174] Remove individual CollectionGroup and CollectionUser auth handlers and use base class instead
* [AC-1174] Tweak unit test to fail minimally
* [AC-1174] Reorganize authorization handlers in Core project
* [AC-1174] Introduce new AddCoreAuthorizationHandlers() extension method
* [AC-1174] Move CollectionAccessAuthorizationHandler into Api project
* [AC-1174] Move CollectionFixture to Vault folder
* [AC-1174] Rename operation to CreateUpdateDelete
* [AC-1174] Require single organization for collection access authorization handler
- Add requirement that all target collections must belong to the same organization
- Simplify logic related to multiple organizations
- Update tests and helpers
- Use ToHashSet to improve lookup time
* [AC-1174] Fix null reference exception
* [AC-1174] Throw bad request exception when collections belong to different organizations
* [AC-1174] Switch to CollectionAuthorizationHandler instead of CollectionAccessAuthorizationHandler to reduce complexity
* Fix improper merge conflict resolution
* fix: add permission check for collection management api, refs AC-1647 (#3252)
* [AC-1125] Enforce org setting for creating/deleting collections (#3241)
* [AC-1117] Add manage permission (#3126)
* Update sql files to add Manage permission
* Add migration script
* Rename collection manage migration file to remove duplicate migration date
* Migrations
* Add manage to models
* Add manage to repository
* Add constraint to Manage columns
* Migration lint fixes
* Add manage to OrganizationUserUserDetails_ReadWithCollectionsById
* Add missing manage fields
* Add 'Manage' to UserCollectionDetails
* Use CREATE OR ALTER where possible
* [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145)
* feat: update org table with new column, write migration, refs AC-1374
* feat: update views with new column, refs AC-1374
* feat: Alter sprocs (org create/update) to include new column, refs AC-1374
* feat: update entity/data/request/response models to handle new column, refs AC-1374
* feat: update necessary Provider related views during migration, refs AC-1374
* fix: update org create to default new column to false, refs AC-1374
* feat: added new API/request model for collection management and removed property from update request model, refs AC-1374
* fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: add ef migrations to reflect mssql changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374
* feat: created collection auth handler/operations, added LimitCollectionCdOwnerAdmin to CurrentContentOrganization, refs AC-1125
* feat: create vault service collection extensions and register with base services, refs AC-1125
* feat: deprecated CurrentContext.CreateNewCollections, refs AC-1125
* feat: deprecate DeleteAnyCollection for single resource usages, refs AC-1125
* feat: move service registration to api, update references, refs AC-1125
* feat: add bulk delete authorization handler, refs AC-1125
* feat: always assign user and give manage access on create, refs AC-1125
* fix: updated CurrentContextOrganization type, refs AC-1125
* feat: combined existing collection authorization handlers/operations, refs AC-1125
* fix: OrganizationServiceTests -> CurrentContentOrganization typo, refs AC-1125
* fix: format, refs AC-1125
* fix: update collection controller tests, refs AC-1125
* fix: dotnet format, refs AC-1125
* feat: removed extra BulkAuthorizationHandler, refs AC-1125
* fix: dotnet format, refs AC-1125
* fix: change string to guid for org id, update bulk delete request model, refs AC-1125
* fix: remove delete many collection check, refs AC-1125
* fix: clean up collection auth handler, refs AC-1125
* fix: format fix for CollectionOperations, refs AC-1125
* fix: removed unnecessary owner check, add org null check to custom permission validation, refs AC-1125
* fix: remove unused methods in CurrentContext, refs AC-1125
* fix: removed obsolete test, fixed failling delete many test, refs AC-1125
* fix: CollectionAuthorizationHandlerTests fixes, refs AC-1125
* fix: OrganizationServiceTests fix broken test by mocking GetOrganization, refs AC-1125
* fix: CollectionAuthorizationHandler - remove unused repository, refs AC-1125
* feat: moved UserId null check to common method, refs AC-1125
* fix: updated auth handler tests to remove dependency on requirement for common code checks, refs AC-1125
* feat: updated conditionals/comments for create/delete methods within colleciton auth handler, refs AC-1125
* feat: added create/delete collection auth handler success methods, refs AC-1125
* fix: new up permissions to prevent excessive null checks, refs AC-1125
* fix: remove old reference to CreateNewCollections, refs AC-1125
* fix: typo within ViewAssignedCollections method, refs AC-1125
---------
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
* refactor: remove organizationId from CollectionBulkDeleteRequestModel, refs AC-1649 (#3282)
* [AC-1174] Bulk Collection Management (#3229)
* [AC-1174] Update SelectionReadOnlyRequestModel to use Guid for Id property
* [AC-1174] Introduce initial bulk-access collection endpoint
* [AC-1174] Introduce BulkAddCollectionAccessCommand and validation logic/tests
* [AC-1174] Add CreateOrUpdateAccessMany method to CollectionRepository
* [AC-1174] Add event logs for bulk add collection access command
* [AC-1174] Add User_BumpAccountRevisionDateByCollectionIds and database migration script
* [AC-1174] Implement EF repository method
* [AC-1174] Improve null checks
* [AC-1174] Remove unnecessary BulkCollectionAccessRequestModel helpers
* [AC-1174] Add unit tests for new controller endpoint
* [AC-1174] Fix formatting
* [AC-1174] Remove comment
* [AC-1174] Remove redundant organizationId parameter
* [AC-1174] Ensure user and group Ids are distinct
* [AC-1174] Cleanup tests based on PR feedback
* [AC-1174] Formatting
* [AC-1174] Update CollectionGroup alias in the sproc
* [AC-1174] Add some additional comments to SQL sproc
* [AC-1174] Add comment explaining additional SaveChangesAsync call
---------
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
* [AC-1646] Rename LimitCollectionCdOwnerAdmin column (#3300)
* Rename LimitCollectionCdOwnerAdmin -> LimitCollectionCreationDeletion
* Rename and bump migration script
* [AC-1666] Removed EditAnyCollection from Create/Delete permission checks (#3301)
* fix: remove EditAnyCollection from Create/Delete permission check, refs AC-1666
* fix: updated comment, refs AC-1666
* [AC-1669] Bug - Remove obsolete assignUserId from CollectionService.SaveAsync(...) (#3312)
* fix: remove AssignUserId from CollectionService.SaveAsync, refs AC-1669
* fix: add manage access conditional before creating collection, refs AC-1669
* fix: move access logic for create/update, fix all tests, refs AC-1669
* fix: add CollectionAccessSelection fixture, update tests, update bad reqeuest message, refs AC-1669
* fix: format, refs AC-1669
* fix: update null params with specific arg.is null checks, refs Ac-1669
* fix: update attribute class name, refs AC-1669
* [AC-1713] [Flexible collections] Add feature flags to server (#3334)
* Add feature flags for FlexibleCollections and BulkCollectionAccess
* Flag new routes and behaviour
---------
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
* Add joint codeownership for auth handlers (#3346)
* [AC-1717] Update default values for LimitCollectionCreationDeletion (#3365)
* Change default value in organization create sproc to 1
* Drop old column name still present in some QA instances
* Set LimitCollectionCreationDeletion value in code based on feature flag
* Fix: add missing namespace after merging in master
* Fix: add missing namespace after merging in master
* [AC-1683] Fix DB migrations for new Manage permission (#3307)
* [AC-1683] Update migration script and introduce V2 procedures and types
* [AC-1683] Update repository calls to use new V2 procedures / types
* [AC-1684] Update bulk add collection migration script to use new V2 type
* [AC-1683] Undo Manage changes to more original procedures
* [AC-1683] Restore whitespace changes
* [AC-1683] Clarify comments regarding explicit column lists
* [AC-1683] Update migration script dates
* [AC-1683] Split the migration script for readability
* [AC-1683] Re-name SelectReadOnlyArray_V2 to CollectionAccessSelectionType
* [AC-1648] [Flexible Collections] Bump migration scripts before feature branch merge (#3371)
* Bump dates on sql migration scripts
* Bump date on ef migrations
---------
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com>
Co-authored-by: Shane Melton <smelton@bitwarden.com>
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
2023-11-01 19:30:52 +10:00
|
|
|
|
HidePasswords = uc.HidePasswords,
|
|
|
|
|
|
Manage = uc.Manage
|
2023-01-19 17:00:54 +01:00
|
|
|
|
}).ToList() ?? new List<CollectionAccessSelection>();
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return users;
|
2017-03-04 21:28:41 -05:00
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2017-03-06 20:51:13 -05:00
|
|
|
|
|
2017-03-29 21:26:19 -04:00
|
|
|
|
public async Task<ICollection<OrganizationUserOrganizationDetails>> GetManyDetailsByUserAsync(Guid userId,
|
2017-03-25 21:53:32 -04:00
|
|
|
|
OrganizationUserStatusType? status = null)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
2017-03-06 20:51:13 -05:00
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.QueryAsync<OrganizationUserOrganizationDetails>(
|
2017-03-25 21:53:32 -04:00
|
|
|
|
"[dbo].[OrganizationUserOrganizationDetails_ReadByUserIdStatus]",
|
|
|
|
|
|
new { UserId = userId, Status = status },
|
2017-03-06 20:51:13 -05:00
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
|
|
|
|
|
return results.ToList();
|
|
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2021-12-16 15:35:09 +01:00
|
|
|
|
|
2020-12-11 10:45:26 -06:00
|
|
|
|
public async Task<OrganizationUserOrganizationDetails> GetDetailsByUserAsync(Guid userId,
|
|
|
|
|
|
Guid organizationId, OrganizationUserStatusType? status = null)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2020-12-11 10:45:26 -06:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
|
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.QueryAsync<OrganizationUserOrganizationDetails>(
|
|
|
|
|
|
"[dbo].[OrganizationUserOrganizationDetails_ReadByUserIdStatusOrganizationId]",
|
|
|
|
|
|
new { UserId = userId, Status = status, OrganizationId = organizationId },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
|
|
|
|
|
return results.SingleOrDefault();
|
|
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2017-05-09 19:04:01 -04:00
|
|
|
|
|
|
|
|
|
|
public async Task UpdateGroupsAsync(Guid orgUserId, IEnumerable<Guid> groupIds)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
2017-05-09 19:04:01 -04:00
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.ExecuteAsync(
|
|
|
|
|
|
"[dbo].[GroupUser_UpdateGroups]",
|
|
|
|
|
|
new { OrganizationUserId = orgUserId, GroupIds = groupIds.ToGuidIdArrayTVP() },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2023-01-19 17:00:54 +01:00
|
|
|
|
public async Task<Guid> CreateAsync(OrganizationUser obj, IEnumerable<CollectionAccessSelection> collections)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2022-01-21 09:36:25 -05:00
|
|
|
|
obj.SetNewId();
|
|
|
|
|
|
var objWithCollections = JsonSerializer.Deserialize<OrganizationUserWithCollections>(
|
|
|
|
|
|
JsonSerializer.Serialize(obj));
|
2017-05-11 14:52:35 -04:00
|
|
|
|
objWithCollections.Collections = collections.ToArrayTVP();
|
|
|
|
|
|
|
2021-09-23 06:36:08 -04:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
2017-05-11 14:52:35 -04:00
|
|
|
|
{
|
2022-01-21 09:36:25 -05:00
|
|
|
|
var results = await connection.ExecuteAsync(
|
[AC-1373] Flexible Collections (#3245)
* [AC-1117] Add manage permission (#3126)
* Update sql files to add Manage permission
* Add migration script
* Rename collection manage migration file to remove duplicate migration date
* Migrations
* Add manage to models
* Add manage to repository
* Add constraint to Manage columns
* Migration lint fixes
* Add manage to OrganizationUserUserDetails_ReadWithCollectionsById
* Add missing manage fields
* Add 'Manage' to UserCollectionDetails
* Use CREATE OR ALTER where possible
* [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145)
* feat: update org table with new column, write migration, refs AC-1374
* feat: update views with new column, refs AC-1374
* feat: Alter sprocs (org create/update) to include new column, refs AC-1374
* feat: update entity/data/request/response models to handle new column, refs AC-1374
* feat: update necessary Provider related views during migration, refs AC-1374
* fix: update org create to default new column to false, refs AC-1374
* feat: added new API/request model for collection management and removed property from update request model, refs AC-1374
* fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: add ef migrations to reflect mssql changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374
* fix: merge conflict resolution
* [AC-1174] CollectionUser and CollectionGroup authorization handlers (#3194)
* [AC-1174] Introduce BulkAuthorizationHandler.cs
* [AC-1174] Introduce CollectionUserAuthorizationHandler
* [AC-1174] Add CreateForNewCollection CollectionUser requirement
* [AC-1174] Add some more details to CollectionCustomization
* [AC-1174] Formatting
* [AC-1174] Add CollectionGroupOperation.cs
* [AC-1174] Introduce CollectionGroupAuthorizationHandler.cs
* [AC-1174] Cleanup CollectionFixture customization
Implement and use re-usable extension method to support seeded Guids
* [AC-1174] Introduce WithValueFromList AutoFixtureExtensions
Modify CollectionCustomization to use multiple organization Ids for auto generated test data
* [AC-1174] Simplify CollectionUserAuthorizationHandler.cs
Modify the authorization handler to only perform authorization logic. Validation logic will need to be handled by any calling commands/controllers instead.
* [AC-1174] Introduce shared CollectionAccessAuthorizationHandlerBase
A shared base authorization handler was created for both CollectionUser and CollectionGroup resources, as they share the same underlying management authorization logic.
* [AC-1174] Update CollectionUserAuthorizationHandler and CollectionGroupAuthorizationHandler to use the new CollectionAccessAuthorizationHandlerBase class
* [AC-1174] Formatting
* [AC-1174] Cleanup typo and redundant ToList() call
* [AC-1174] Add check for provider users
* [AC-1174] Reduce nested loops
* [AC-1174] Introduce ICollectionAccess.cs
* [AC-1174] Remove individual CollectionGroup and CollectionUser auth handlers and use base class instead
* [AC-1174] Tweak unit test to fail minimally
* [AC-1174] Reorganize authorization handlers in Core project
* [AC-1174] Introduce new AddCoreAuthorizationHandlers() extension method
* [AC-1174] Move CollectionAccessAuthorizationHandler into Api project
* [AC-1174] Move CollectionFixture to Vault folder
* [AC-1174] Rename operation to CreateUpdateDelete
* [AC-1174] Require single organization for collection access authorization handler
- Add requirement that all target collections must belong to the same organization
- Simplify logic related to multiple organizations
- Update tests and helpers
- Use ToHashSet to improve lookup time
* [AC-1174] Fix null reference exception
* [AC-1174] Throw bad request exception when collections belong to different organizations
* [AC-1174] Switch to CollectionAuthorizationHandler instead of CollectionAccessAuthorizationHandler to reduce complexity
* Fix improper merge conflict resolution
* fix: add permission check for collection management api, refs AC-1647 (#3252)
* [AC-1125] Enforce org setting for creating/deleting collections (#3241)
* [AC-1117] Add manage permission (#3126)
* Update sql files to add Manage permission
* Add migration script
* Rename collection manage migration file to remove duplicate migration date
* Migrations
* Add manage to models
* Add manage to repository
* Add constraint to Manage columns
* Migration lint fixes
* Add manage to OrganizationUserUserDetails_ReadWithCollectionsById
* Add missing manage fields
* Add 'Manage' to UserCollectionDetails
* Use CREATE OR ALTER where possible
* [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145)
* feat: update org table with new column, write migration, refs AC-1374
* feat: update views with new column, refs AC-1374
* feat: Alter sprocs (org create/update) to include new column, refs AC-1374
* feat: update entity/data/request/response models to handle new column, refs AC-1374
* feat: update necessary Provider related views during migration, refs AC-1374
* fix: update org create to default new column to false, refs AC-1374
* feat: added new API/request model for collection management and removed property from update request model, refs AC-1374
* fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: add ef migrations to reflect mssql changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374
* feat: created collection auth handler/operations, added LimitCollectionCdOwnerAdmin to CurrentContentOrganization, refs AC-1125
* feat: create vault service collection extensions and register with base services, refs AC-1125
* feat: deprecated CurrentContext.CreateNewCollections, refs AC-1125
* feat: deprecate DeleteAnyCollection for single resource usages, refs AC-1125
* feat: move service registration to api, update references, refs AC-1125
* feat: add bulk delete authorization handler, refs AC-1125
* feat: always assign user and give manage access on create, refs AC-1125
* fix: updated CurrentContextOrganization type, refs AC-1125
* feat: combined existing collection authorization handlers/operations, refs AC-1125
* fix: OrganizationServiceTests -> CurrentContentOrganization typo, refs AC-1125
* fix: format, refs AC-1125
* fix: update collection controller tests, refs AC-1125
* fix: dotnet format, refs AC-1125
* feat: removed extra BulkAuthorizationHandler, refs AC-1125
* fix: dotnet format, refs AC-1125
* fix: change string to guid for org id, update bulk delete request model, refs AC-1125
* fix: remove delete many collection check, refs AC-1125
* fix: clean up collection auth handler, refs AC-1125
* fix: format fix for CollectionOperations, refs AC-1125
* fix: removed unnecessary owner check, add org null check to custom permission validation, refs AC-1125
* fix: remove unused methods in CurrentContext, refs AC-1125
* fix: removed obsolete test, fixed failling delete many test, refs AC-1125
* fix: CollectionAuthorizationHandlerTests fixes, refs AC-1125
* fix: OrganizationServiceTests fix broken test by mocking GetOrganization, refs AC-1125
* fix: CollectionAuthorizationHandler - remove unused repository, refs AC-1125
* feat: moved UserId null check to common method, refs AC-1125
* fix: updated auth handler tests to remove dependency on requirement for common code checks, refs AC-1125
* feat: updated conditionals/comments for create/delete methods within colleciton auth handler, refs AC-1125
* feat: added create/delete collection auth handler success methods, refs AC-1125
* fix: new up permissions to prevent excessive null checks, refs AC-1125
* fix: remove old reference to CreateNewCollections, refs AC-1125
* fix: typo within ViewAssignedCollections method, refs AC-1125
---------
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
* refactor: remove organizationId from CollectionBulkDeleteRequestModel, refs AC-1649 (#3282)
* [AC-1174] Bulk Collection Management (#3229)
* [AC-1174] Update SelectionReadOnlyRequestModel to use Guid for Id property
* [AC-1174] Introduce initial bulk-access collection endpoint
* [AC-1174] Introduce BulkAddCollectionAccessCommand and validation logic/tests
* [AC-1174] Add CreateOrUpdateAccessMany method to CollectionRepository
* [AC-1174] Add event logs for bulk add collection access command
* [AC-1174] Add User_BumpAccountRevisionDateByCollectionIds and database migration script
* [AC-1174] Implement EF repository method
* [AC-1174] Improve null checks
* [AC-1174] Remove unnecessary BulkCollectionAccessRequestModel helpers
* [AC-1174] Add unit tests for new controller endpoint
* [AC-1174] Fix formatting
* [AC-1174] Remove comment
* [AC-1174] Remove redundant organizationId parameter
* [AC-1174] Ensure user and group Ids are distinct
* [AC-1174] Cleanup tests based on PR feedback
* [AC-1174] Formatting
* [AC-1174] Update CollectionGroup alias in the sproc
* [AC-1174] Add some additional comments to SQL sproc
* [AC-1174] Add comment explaining additional SaveChangesAsync call
---------
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
* [AC-1646] Rename LimitCollectionCdOwnerAdmin column (#3300)
* Rename LimitCollectionCdOwnerAdmin -> LimitCollectionCreationDeletion
* Rename and bump migration script
* [AC-1666] Removed EditAnyCollection from Create/Delete permission checks (#3301)
* fix: remove EditAnyCollection from Create/Delete permission check, refs AC-1666
* fix: updated comment, refs AC-1666
* [AC-1669] Bug - Remove obsolete assignUserId from CollectionService.SaveAsync(...) (#3312)
* fix: remove AssignUserId from CollectionService.SaveAsync, refs AC-1669
* fix: add manage access conditional before creating collection, refs AC-1669
* fix: move access logic for create/update, fix all tests, refs AC-1669
* fix: add CollectionAccessSelection fixture, update tests, update bad reqeuest message, refs AC-1669
* fix: format, refs AC-1669
* fix: update null params with specific arg.is null checks, refs Ac-1669
* fix: update attribute class name, refs AC-1669
* [AC-1713] [Flexible collections] Add feature flags to server (#3334)
* Add feature flags for FlexibleCollections and BulkCollectionAccess
* Flag new routes and behaviour
---------
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
* Add joint codeownership for auth handlers (#3346)
* [AC-1717] Update default values for LimitCollectionCreationDeletion (#3365)
* Change default value in organization create sproc to 1
* Drop old column name still present in some QA instances
* Set LimitCollectionCreationDeletion value in code based on feature flag
* Fix: add missing namespace after merging in master
* Fix: add missing namespace after merging in master
* [AC-1683] Fix DB migrations for new Manage permission (#3307)
* [AC-1683] Update migration script and introduce V2 procedures and types
* [AC-1683] Update repository calls to use new V2 procedures / types
* [AC-1684] Update bulk add collection migration script to use new V2 type
* [AC-1683] Undo Manage changes to more original procedures
* [AC-1683] Restore whitespace changes
* [AC-1683] Clarify comments regarding explicit column lists
* [AC-1683] Update migration script dates
* [AC-1683] Split the migration script for readability
* [AC-1683] Re-name SelectReadOnlyArray_V2 to CollectionAccessSelectionType
* [AC-1648] [Flexible Collections] Bump migration scripts before feature branch merge (#3371)
* Bump dates on sql migration scripts
* Bump date on ef migrations
---------
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com>
Co-authored-by: Shane Melton <smelton@bitwarden.com>
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
2023-11-01 19:30:52 +10:00
|
|
|
|
$"[{Schema}].[OrganizationUser_CreateWithCollections_V2]",
|
2017-05-11 14:52:35 -04:00
|
|
|
|
objWithCollections,
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2021-09-23 06:36:08 -04:00
|
|
|
|
|
2017-05-11 14:52:35 -04:00
|
|
|
|
return obj.Id;
|
2022-08-29 15:53:48 -04:00
|
|
|
|
}
|
2017-05-11 14:52:35 -04:00
|
|
|
|
|
2023-01-19 17:00:54 +01:00
|
|
|
|
public async Task ReplaceAsync(OrganizationUser obj, IEnumerable<CollectionAccessSelection> collections)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2020-10-20 02:48:10 -04:00
|
|
|
|
var objWithCollections = JsonSerializer.Deserialize<OrganizationUserWithCollections>(
|
2017-05-11 14:52:35 -04:00
|
|
|
|
JsonSerializer.Serialize(obj));
|
2020-10-20 02:48:10 -04:00
|
|
|
|
objWithCollections.Collections = collections.ToArrayTVP();
|
2017-05-11 14:52:35 -04:00
|
|
|
|
|
2020-10-20 02:48:10 -04:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
|
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.ExecuteAsync(
|
[AC-1373] Flexible Collections (#3245)
* [AC-1117] Add manage permission (#3126)
* Update sql files to add Manage permission
* Add migration script
* Rename collection manage migration file to remove duplicate migration date
* Migrations
* Add manage to models
* Add manage to repository
* Add constraint to Manage columns
* Migration lint fixes
* Add manage to OrganizationUserUserDetails_ReadWithCollectionsById
* Add missing manage fields
* Add 'Manage' to UserCollectionDetails
* Use CREATE OR ALTER where possible
* [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145)
* feat: update org table with new column, write migration, refs AC-1374
* feat: update views with new column, refs AC-1374
* feat: Alter sprocs (org create/update) to include new column, refs AC-1374
* feat: update entity/data/request/response models to handle new column, refs AC-1374
* feat: update necessary Provider related views during migration, refs AC-1374
* fix: update org create to default new column to false, refs AC-1374
* feat: added new API/request model for collection management and removed property from update request model, refs AC-1374
* fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: add ef migrations to reflect mssql changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374
* fix: merge conflict resolution
* [AC-1174] CollectionUser and CollectionGroup authorization handlers (#3194)
* [AC-1174] Introduce BulkAuthorizationHandler.cs
* [AC-1174] Introduce CollectionUserAuthorizationHandler
* [AC-1174] Add CreateForNewCollection CollectionUser requirement
* [AC-1174] Add some more details to CollectionCustomization
* [AC-1174] Formatting
* [AC-1174] Add CollectionGroupOperation.cs
* [AC-1174] Introduce CollectionGroupAuthorizationHandler.cs
* [AC-1174] Cleanup CollectionFixture customization
Implement and use re-usable extension method to support seeded Guids
* [AC-1174] Introduce WithValueFromList AutoFixtureExtensions
Modify CollectionCustomization to use multiple organization Ids for auto generated test data
* [AC-1174] Simplify CollectionUserAuthorizationHandler.cs
Modify the authorization handler to only perform authorization logic. Validation logic will need to be handled by any calling commands/controllers instead.
* [AC-1174] Introduce shared CollectionAccessAuthorizationHandlerBase
A shared base authorization handler was created for both CollectionUser and CollectionGroup resources, as they share the same underlying management authorization logic.
* [AC-1174] Update CollectionUserAuthorizationHandler and CollectionGroupAuthorizationHandler to use the new CollectionAccessAuthorizationHandlerBase class
* [AC-1174] Formatting
* [AC-1174] Cleanup typo and redundant ToList() call
* [AC-1174] Add check for provider users
* [AC-1174] Reduce nested loops
* [AC-1174] Introduce ICollectionAccess.cs
* [AC-1174] Remove individual CollectionGroup and CollectionUser auth handlers and use base class instead
* [AC-1174] Tweak unit test to fail minimally
* [AC-1174] Reorganize authorization handlers in Core project
* [AC-1174] Introduce new AddCoreAuthorizationHandlers() extension method
* [AC-1174] Move CollectionAccessAuthorizationHandler into Api project
* [AC-1174] Move CollectionFixture to Vault folder
* [AC-1174] Rename operation to CreateUpdateDelete
* [AC-1174] Require single organization for collection access authorization handler
- Add requirement that all target collections must belong to the same organization
- Simplify logic related to multiple organizations
- Update tests and helpers
- Use ToHashSet to improve lookup time
* [AC-1174] Fix null reference exception
* [AC-1174] Throw bad request exception when collections belong to different organizations
* [AC-1174] Switch to CollectionAuthorizationHandler instead of CollectionAccessAuthorizationHandler to reduce complexity
* Fix improper merge conflict resolution
* fix: add permission check for collection management api, refs AC-1647 (#3252)
* [AC-1125] Enforce org setting for creating/deleting collections (#3241)
* [AC-1117] Add manage permission (#3126)
* Update sql files to add Manage permission
* Add migration script
* Rename collection manage migration file to remove duplicate migration date
* Migrations
* Add manage to models
* Add manage to repository
* Add constraint to Manage columns
* Migration lint fixes
* Add manage to OrganizationUserUserDetails_ReadWithCollectionsById
* Add missing manage fields
* Add 'Manage' to UserCollectionDetails
* Use CREATE OR ALTER where possible
* [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145)
* feat: update org table with new column, write migration, refs AC-1374
* feat: update views with new column, refs AC-1374
* feat: Alter sprocs (org create/update) to include new column, refs AC-1374
* feat: update entity/data/request/response models to handle new column, refs AC-1374
* feat: update necessary Provider related views during migration, refs AC-1374
* fix: update org create to default new column to false, refs AC-1374
* feat: added new API/request model for collection management and removed property from update request model, refs AC-1374
* fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: add ef migrations to reflect mssql changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374
* feat: created collection auth handler/operations, added LimitCollectionCdOwnerAdmin to CurrentContentOrganization, refs AC-1125
* feat: create vault service collection extensions and register with base services, refs AC-1125
* feat: deprecated CurrentContext.CreateNewCollections, refs AC-1125
* feat: deprecate DeleteAnyCollection for single resource usages, refs AC-1125
* feat: move service registration to api, update references, refs AC-1125
* feat: add bulk delete authorization handler, refs AC-1125
* feat: always assign user and give manage access on create, refs AC-1125
* fix: updated CurrentContextOrganization type, refs AC-1125
* feat: combined existing collection authorization handlers/operations, refs AC-1125
* fix: OrganizationServiceTests -> CurrentContentOrganization typo, refs AC-1125
* fix: format, refs AC-1125
* fix: update collection controller tests, refs AC-1125
* fix: dotnet format, refs AC-1125
* feat: removed extra BulkAuthorizationHandler, refs AC-1125
* fix: dotnet format, refs AC-1125
* fix: change string to guid for org id, update bulk delete request model, refs AC-1125
* fix: remove delete many collection check, refs AC-1125
* fix: clean up collection auth handler, refs AC-1125
* fix: format fix for CollectionOperations, refs AC-1125
* fix: removed unnecessary owner check, add org null check to custom permission validation, refs AC-1125
* fix: remove unused methods in CurrentContext, refs AC-1125
* fix: removed obsolete test, fixed failling delete many test, refs AC-1125
* fix: CollectionAuthorizationHandlerTests fixes, refs AC-1125
* fix: OrganizationServiceTests fix broken test by mocking GetOrganization, refs AC-1125
* fix: CollectionAuthorizationHandler - remove unused repository, refs AC-1125
* feat: moved UserId null check to common method, refs AC-1125
* fix: updated auth handler tests to remove dependency on requirement for common code checks, refs AC-1125
* feat: updated conditionals/comments for create/delete methods within colleciton auth handler, refs AC-1125
* feat: added create/delete collection auth handler success methods, refs AC-1125
* fix: new up permissions to prevent excessive null checks, refs AC-1125
* fix: remove old reference to CreateNewCollections, refs AC-1125
* fix: typo within ViewAssignedCollections method, refs AC-1125
---------
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
* refactor: remove organizationId from CollectionBulkDeleteRequestModel, refs AC-1649 (#3282)
* [AC-1174] Bulk Collection Management (#3229)
* [AC-1174] Update SelectionReadOnlyRequestModel to use Guid for Id property
* [AC-1174] Introduce initial bulk-access collection endpoint
* [AC-1174] Introduce BulkAddCollectionAccessCommand and validation logic/tests
* [AC-1174] Add CreateOrUpdateAccessMany method to CollectionRepository
* [AC-1174] Add event logs for bulk add collection access command
* [AC-1174] Add User_BumpAccountRevisionDateByCollectionIds and database migration script
* [AC-1174] Implement EF repository method
* [AC-1174] Improve null checks
* [AC-1174] Remove unnecessary BulkCollectionAccessRequestModel helpers
* [AC-1174] Add unit tests for new controller endpoint
* [AC-1174] Fix formatting
* [AC-1174] Remove comment
* [AC-1174] Remove redundant organizationId parameter
* [AC-1174] Ensure user and group Ids are distinct
* [AC-1174] Cleanup tests based on PR feedback
* [AC-1174] Formatting
* [AC-1174] Update CollectionGroup alias in the sproc
* [AC-1174] Add some additional comments to SQL sproc
* [AC-1174] Add comment explaining additional SaveChangesAsync call
---------
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
* [AC-1646] Rename LimitCollectionCdOwnerAdmin column (#3300)
* Rename LimitCollectionCdOwnerAdmin -> LimitCollectionCreationDeletion
* Rename and bump migration script
* [AC-1666] Removed EditAnyCollection from Create/Delete permission checks (#3301)
* fix: remove EditAnyCollection from Create/Delete permission check, refs AC-1666
* fix: updated comment, refs AC-1666
* [AC-1669] Bug - Remove obsolete assignUserId from CollectionService.SaveAsync(...) (#3312)
* fix: remove AssignUserId from CollectionService.SaveAsync, refs AC-1669
* fix: add manage access conditional before creating collection, refs AC-1669
* fix: move access logic for create/update, fix all tests, refs AC-1669
* fix: add CollectionAccessSelection fixture, update tests, update bad reqeuest message, refs AC-1669
* fix: format, refs AC-1669
* fix: update null params with specific arg.is null checks, refs Ac-1669
* fix: update attribute class name, refs AC-1669
* [AC-1713] [Flexible collections] Add feature flags to server (#3334)
* Add feature flags for FlexibleCollections and BulkCollectionAccess
* Flag new routes and behaviour
---------
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
* Add joint codeownership for auth handlers (#3346)
* [AC-1717] Update default values for LimitCollectionCreationDeletion (#3365)
* Change default value in organization create sproc to 1
* Drop old column name still present in some QA instances
* Set LimitCollectionCreationDeletion value in code based on feature flag
* Fix: add missing namespace after merging in master
* Fix: add missing namespace after merging in master
* [AC-1683] Fix DB migrations for new Manage permission (#3307)
* [AC-1683] Update migration script and introduce V2 procedures and types
* [AC-1683] Update repository calls to use new V2 procedures / types
* [AC-1684] Update bulk add collection migration script to use new V2 type
* [AC-1683] Undo Manage changes to more original procedures
* [AC-1683] Restore whitespace changes
* [AC-1683] Clarify comments regarding explicit column lists
* [AC-1683] Update migration script dates
* [AC-1683] Split the migration script for readability
* [AC-1683] Re-name SelectReadOnlyArray_V2 to CollectionAccessSelectionType
* [AC-1648] [Flexible Collections] Bump migration scripts before feature branch merge (#3371)
* Bump dates on sql migration scripts
* Bump date on ef migrations
---------
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com>
Co-authored-by: Shane Melton <smelton@bitwarden.com>
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
2023-11-01 19:30:52 +10:00
|
|
|
|
$"[{Schema}].[OrganizationUser_UpdateWithCollections_V2]",
|
2017-05-11 14:52:35 -04:00
|
|
|
|
objWithCollections,
|
2020-10-20 02:48:10 -04:00
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2021-12-16 15:35:09 +01:00
|
|
|
|
|
2021-05-12 11:18:25 +02:00
|
|
|
|
public async Task<ICollection<OrganizationUser>> GetManyByManyUsersAsync(IEnumerable<Guid> userIds)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2020-10-20 02:48:10 -04:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
2021-05-12 11:18:25 +02:00
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.QueryAsync<OrganizationUser>(
|
|
|
|
|
|
"[dbo].[OrganizationUser_ReadByUserIds]",
|
|
|
|
|
|
new { UserIds = userIds.ToGuidIdArrayTVP() },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
|
|
|
|
|
return results.ToList();
|
|
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2021-12-16 15:35:09 +01:00
|
|
|
|
|
2020-12-04 16:45:54 -06:00
|
|
|
|
public async Task<ICollection<OrganizationUser>> GetManyAsync(IEnumerable<Guid> Ids)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2021-05-12 11:18:25 +02:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
2020-12-04 16:45:54 -06:00
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.QueryAsync<OrganizationUser>(
|
|
|
|
|
|
"[dbo].[OrganizationUser_ReadByIds]",
|
|
|
|
|
|
new { Ids = Ids.ToGuidIdArrayTVP() },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
|
|
|
|
|
return results.ToList();
|
|
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2021-05-17 09:43:02 -05:00
|
|
|
|
|
|
|
|
|
|
public async Task<OrganizationUser> GetByOrganizationEmailAsync(Guid organizationId, string email)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2021-05-17 09:43:02 -05:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
|
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.QueryAsync<OrganizationUser>(
|
|
|
|
|
|
"[dbo].[OrganizationUser_ReadByOrganizationIdEmail]",
|
|
|
|
|
|
new { OrganizationId = organizationId, Email = email },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
2022-08-29 15:53:48 -04:00
|
|
|
|
|
2021-05-17 09:43:02 -05:00
|
|
|
|
return results.SingleOrDefault();
|
|
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2021-05-17 09:43:02 -05:00
|
|
|
|
|
|
|
|
|
|
public async Task DeleteManyAsync(IEnumerable<Guid> organizationUserIds)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2021-05-17 09:43:02 -05:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
|
|
|
|
|
{
|
|
|
|
|
|
await connection.ExecuteAsync("[dbo].[OrganizationUser_DeleteByIds]",
|
|
|
|
|
|
new { Ids = organizationUserIds.ToGuidIdArrayTVP() }, commandType: CommandType.StoredProcedure);
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2021-05-17 09:43:02 -05:00
|
|
|
|
|
2021-09-23 06:36:08 -04:00
|
|
|
|
public async Task UpsertManyAsync(IEnumerable<OrganizationUser> organizationUsers)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2021-05-17 09:43:02 -05:00
|
|
|
|
var createUsers = new List<OrganizationUser>();
|
2021-09-23 06:36:08 -04:00
|
|
|
|
var replaceUsers = new List<OrganizationUser>();
|
|
|
|
|
|
foreach (var organizationUser in organizationUsers)
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2021-09-23 06:36:08 -04:00
|
|
|
|
if (organizationUser.Id.Equals(default))
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2021-05-17 09:43:02 -05:00
|
|
|
|
createUsers.Add(organizationUser);
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2021-09-23 06:36:08 -04:00
|
|
|
|
else
|
2022-08-29 15:53:48 -04:00
|
|
|
|
{
|
2021-05-17 09:43:02 -05:00
|
|
|
|
replaceUsers.Add(organizationUser);
|
2022-08-29 15:53:48 -04:00
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2021-05-17 09:43:02 -05:00
|
|
|
|
|
2021-09-23 06:36:08 -04:00
|
|
|
|
await CreateManyAsync(createUsers);
|
2021-05-17 09:43:02 -05:00
|
|
|
|
await ReplaceManyAsync(replaceUsers);
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-17 09:43:02 -05:00
|
|
|
|
public async Task<ICollection<Guid>> CreateManyAsync(IEnumerable<OrganizationUser> organizationUsers)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2021-05-17 09:43:02 -05:00
|
|
|
|
if (!organizationUsers.Any())
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2021-05-17 09:43:02 -05:00
|
|
|
|
return default;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
foreach (var organizationUser in organizationUsers)
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2021-05-17 09:43:02 -05:00
|
|
|
|
organizationUser.SetNewId();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-06-24 19:40:46 -04:00
|
|
|
|
var orgUsersTVP = organizationUsers.ToTvp();
|
|
|
|
|
|
using (var connection = new SqlConnection(_marsConnectionString))
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2021-09-23 06:36:08 -04:00
|
|
|
|
var results = await connection.ExecuteAsync(
|
2023-01-31 18:38:53 +01:00
|
|
|
|
$"[{Schema}].[{Table}_CreateMany2]",
|
2021-06-24 19:40:46 -04:00
|
|
|
|
new { OrganizationUsersInput = orgUsersTVP },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
2021-05-17 09:43:02 -05:00
|
|
|
|
}
|
2021-09-23 06:36:08 -04:00
|
|
|
|
|
|
|
|
|
|
return organizationUsers.Select(u => u.Id).ToList();
|
2022-08-29 15:53:48 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-09-23 06:36:08 -04:00
|
|
|
|
public async Task ReplaceManyAsync(IEnumerable<OrganizationUser> organizationUsers)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2021-09-23 06:36:08 -04:00
|
|
|
|
if (!organizationUsers.Any())
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2021-09-23 06:36:08 -04:00
|
|
|
|
return;
|
2021-05-17 09:43:02 -05:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var orgUsersTVP = organizationUsers.ToTvp();
|
|
|
|
|
|
using (var connection = new SqlConnection(_marsConnectionString))
|
|
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.ExecuteAsync(
|
2023-01-31 18:38:53 +01:00
|
|
|
|
$"[{Schema}].[{Table}_UpdateMany2]",
|
2021-06-24 19:40:46 -04:00
|
|
|
|
new { OrganizationUsersInput = orgUsersTVP },
|
2021-05-17 09:43:02 -05:00
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2021-05-25 19:23:47 +02:00
|
|
|
|
|
|
|
|
|
|
public async Task<IEnumerable<OrganizationUserPublicKey>> GetManyPublicKeysByOrganizationUserAsync(
|
|
|
|
|
|
Guid organizationId, IEnumerable<Guid> Ids)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2021-05-25 19:23:47 +02:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
|
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.QueryAsync<OrganizationUserPublicKey>(
|
|
|
|
|
|
"[dbo].[User_ReadPublicKeysByOrganizationUserIds]",
|
|
|
|
|
|
new { OrganizationId = organizationId, OrganizationUserIds = Ids.ToGuidIdArrayTVP() },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
|
|
|
|
|
return results.ToList();
|
|
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2021-07-16 13:49:27 -04:00
|
|
|
|
|
|
|
|
|
|
public async Task<IEnumerable<OrganizationUserUserDetails>> GetManyByMinimumRoleAsync(Guid organizationId, OrganizationUserType minRole)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2021-07-16 13:49:27 -04:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
|
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.QueryAsync<OrganizationUserUserDetails>(
|
|
|
|
|
|
"[dbo].[OrganizationUser_ReadByMinimumRole]",
|
|
|
|
|
|
new { OrganizationId = organizationId, MinRole = minRole },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
|
|
|
|
|
return results.ToList();
|
|
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2022-06-16 15:59:57 -04:00
|
|
|
|
|
2022-07-25 10:47:44 +10:00
|
|
|
|
public async Task RevokeAsync(Guid id)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2022-06-16 15:59:57 -04:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
|
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.ExecuteAsync(
|
|
|
|
|
|
$"[{Schema}].[{Table}_Deactivate]",
|
|
|
|
|
|
new { Id = id },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2022-06-16 15:59:57 -04:00
|
|
|
|
|
2022-07-25 10:47:44 +10:00
|
|
|
|
public async Task RestoreAsync(Guid id, OrganizationUserStatusType status)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2022-06-16 15:59:57 -04:00
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
|
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.ExecuteAsync(
|
|
|
|
|
|
$"[{Schema}].[{Table}_Activate]",
|
|
|
|
|
|
new { Id = id, Status = status },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
}
|
2017-03-02 00:15:05 -05:00
|
|
|
|
}
|
2023-05-12 08:22:19 +01:00
|
|
|
|
|
2023-08-16 13:42:09 +10:00
|
|
|
|
public async Task<IEnumerable<OrganizationUserPolicyDetails>> GetByUserIdWithPolicyDetailsAsync(Guid userId, PolicyType policyType)
|
2023-05-12 08:22:19 +01:00
|
|
|
|
{
|
|
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
|
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.QueryAsync<OrganizationUserPolicyDetails>(
|
|
|
|
|
|
$"[{Schema}].[{Table}_ReadByUserIdWithPolicyDetails]",
|
2023-08-16 13:42:09 +10:00
|
|
|
|
new { UserId = userId, PolicyType = policyType },
|
2023-05-12 08:22:19 +01:00
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
|
|
|
|
|
return results.ToList();
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2023-12-14 15:05:19 -05:00
|
|
|
|
|
2024-05-24 11:20:54 +01:00
|
|
|
|
public async Task<IEnumerable<OrganizationUserResetPasswordDetails>> GetManyAccountRecoveryDetailsByOrganizationUserAsync(
|
|
|
|
|
|
Guid organizationId, IEnumerable<Guid> organizationUserIds)
|
|
|
|
|
|
{
|
|
|
|
|
|
using (var connection = new SqlConnection(ConnectionString))
|
|
|
|
|
|
{
|
|
|
|
|
|
var results = await connection.QueryAsync<OrganizationUserResetPasswordDetails>(
|
|
|
|
|
|
"[dbo].[OrganizationUser_ReadManyAccountRecoveryDetailsByOrganizationUserIds]",
|
|
|
|
|
|
new { OrganizationId = organizationId, OrganizationUserIds = organizationUserIds.ToGuidIdArrayTVP() },
|
|
|
|
|
|
commandType: CommandType.StoredProcedure);
|
|
|
|
|
|
|
|
|
|
|
|
return results.ToList();
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2023-12-14 15:05:19 -05:00
|
|
|
|
/// <inheritdoc />
|
|
|
|
|
|
public UpdateEncryptedDataForKeyRotation UpdateForKeyRotation(
|
|
|
|
|
|
Guid userId, IEnumerable<OrganizationUser> resetPasswordKeys)
|
|
|
|
|
|
{
|
|
|
|
|
|
return async (SqlConnection connection, SqlTransaction transaction) =>
|
|
|
|
|
|
{
|
|
|
|
|
|
const string sql = @"
|
|
|
|
|
|
UPDATE
|
|
|
|
|
|
[dbo].[OrganizationUser]
|
|
|
|
|
|
SET
|
|
|
|
|
|
[ResetPasswordKey] = AR.[ResetPasswordKey]
|
|
|
|
|
|
FROM
|
|
|
|
|
|
[dbo].[OrganizationUser] OU
|
|
|
|
|
|
INNER JOIN
|
|
|
|
|
|
@ResetPasswordKeys AR ON OU.Id = AR.Id
|
|
|
|
|
|
WHERE
|
|
|
|
|
|
OU.[UserId] = @UserId";
|
|
|
|
|
|
|
|
|
|
|
|
var organizationUsersTVP = resetPasswordKeys.ToTvp();
|
|
|
|
|
|
|
|
|
|
|
|
await connection.ExecuteAsync(
|
|
|
|
|
|
sql,
|
|
|
|
|
|
new { UserId = userId, resetPasswordKeys = organizationUsersTVP },
|
|
|
|
|
|
transaction: transaction,
|
|
|
|
|
|
commandType: CommandType.Text);
|
|
|
|
|
|
};
|
|
|
|
|
|
}
|
2017-03-02 00:15:05 -05:00
|
|
|
|
}
|