admin/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2026-01-31 22:23:18 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
780400fcf9ed8a7f4650e01ac825a9a480e49121
server/test/Core.Test/OrganizationFeatures/OrganizationCollections/CreateCollectionCommandTests.cs

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

226 lines
10 KiB
C#
Raw Normal View History

[PM-22105] Extract CollectionService.SaveAsync into commands (#5959) * Add CreateCollectionCommand and associated interface with validation logic * Implement CreateCollectionCommand to handle collection creation with organization checks and access permissions. * Introduce ICreateCollectionCommand interface for defining the collection creation contract. * Add unit tests for CreateCollectionCommand to validate various scenarios including permission checks and error handling. * Add UpdateCollectionCommand and associated interface with validation logic * Implement UpdateCollectionCommand to handle collection updates with organization checks and access permissions. * Introduce IUpdateCollectionCommand interface for defining the collection update contract. * Add unit tests for UpdateCollectionCommand to validate various scenarios including permission checks and error handling. * Add scoped services for collection commands * Register ICreateCollectionCommand and IUpdateCollectionCommand in the service collection for handling collection creation and updates. * Refactor CollectionsController to use command interfaces for collection creation and updates * Updated CollectionsController to utilize ICreateCollectionCommand and IUpdateCollectionCommand for handling collection creation and updates, replacing calls to ICollectionService. * Adjusted related unit tests to verify the new command implementations. * Refactor ICollectionService and CollectionService to remove SaveAsync method * Removed the SaveAsync method from ICollectionService and its implementation in CollectionService. * Updated related tests in CollectionServiceTests to reflect the removal of SaveAsync, ensuring existing functionality remains intact. * Remove unused organization repository dependency from CollectionServiceTests
2025-06-24 10:19:48 +01:00
using Bit.Core.AdminConsole.Entities;
using Bit.Core.Entities;
using Bit.Core.Enums;
using Bit.Core.Exceptions;
using Bit.Core.Models.Data;
using Bit.Core.OrganizationFeatures.OrganizationCollections;
using Bit.Core.Repositories;
using Bit.Core.Services;
using Bit.Core.Test.AutoFixture;
using Bit.Core.Test.AutoFixture.OrganizationFixtures;
using Bit.Test.Common.AutoFixture;
using Bit.Test.Common.AutoFixture.Attributes;
using NSubstitute;
using Xunit;
namespace Bit.Core.Test.OrganizationFeatures.OrganizationCollections;
[SutProviderCustomize]
[OrganizationCustomize]
public class CreateCollectionCommandTests
{
[Theory, BitAutoData]
public async Task CreateAsync_WithoutGroupsAndUsers_CreatesCollection(
Organization organization, Collection collection,
SutProvider<CreateCollectionCommand> sutProvider)
{
collection.Id = default;
sutProvider.GetDependency<IOrganizationRepository>()
.GetByIdAsync(organization.Id)
.Returns(organization);
var utcNow = DateTime.UtcNow;
await sutProvider.Sut.CreateAsync(collection, null, null);
await sutProvider.GetDependency<ICollectionRepository>()
.Received(1)
.CreateAsync(
collection,
Arg.Is<List<CollectionAccessSelection>>(l => l == null),
Arg.Is<List<CollectionAccessSelection>>(l => l == null));
await sutProvider.GetDependency<IEventService>()
.Received(1)
.LogCollectionEventAsync(collection, EventType.Collection_Created);
Assert.True(collection.CreationDate - utcNow < TimeSpan.FromSeconds(1));
Assert.True(collection.RevisionDate - utcNow < TimeSpan.FromSeconds(1));
}
[Theory, BitAutoData]
public async Task CreateAsync_WithGroupsAndUsers_CreatesCollectionWithGroupsAndUsers(
Organization organization, Collection collection,
[CollectionAccessSelectionCustomize(true)] IEnumerable<CollectionAccessSelection> groups,
IEnumerable<CollectionAccessSelection> users,
SutProvider<CreateCollectionCommand> sutProvider)
{
collection.Id = default;
organization.UseGroups = true;
sutProvider.GetDependency<IOrganizationRepository>()
.GetByIdAsync(organization.Id)
.Returns(organization);
var utcNow = DateTime.UtcNow;
await sutProvider.Sut.CreateAsync(collection, groups, users);
await sutProvider.GetDependency<ICollectionRepository>()
.Received(1)
.CreateAsync(
collection,
Arg.Is<List<CollectionAccessSelection>>(l => l.Any(i => i.Manage == true)),
Arg.Any<List<CollectionAccessSelection>>());
await sutProvider.GetDependency<IEventService>()
.Received(1)
.LogCollectionEventAsync(collection, EventType.Collection_Created);
Assert.True(collection.CreationDate - utcNow < TimeSpan.FromSeconds(1));
Assert.True(collection.RevisionDate - utcNow < TimeSpan.FromSeconds(1));
}
[Theory, BitAutoData]
public async Task CreateAsync_WithOrganizationUseGroupDisabled_CreatesCollectionWithoutGroups(
Organization organization, Collection collection,
[CollectionAccessSelectionCustomize] IEnumerable<CollectionAccessSelection> groups,
[CollectionAccessSelectionCustomize(true)] IEnumerable<CollectionAccessSelection> users,
SutProvider<CreateCollectionCommand> sutProvider)
{
collection.Id = default;
organization.UseGroups = false;
sutProvider.GetDependency<IOrganizationRepository>()
.GetByIdAsync(organization.Id)
.Returns(organization);
var utcNow = DateTime.UtcNow;
await sutProvider.Sut.CreateAsync(collection, groups, users);
await sutProvider.GetDependency<ICollectionRepository>()
.Received(1)
.CreateAsync(
collection,
Arg.Is<List<CollectionAccessSelection>>(l => l == null),
Arg.Is<List<CollectionAccessSelection>>(l => l.Any(i => i.Manage == true)));
await sutProvider.GetDependency<IEventService>()
.Received(1)
.LogCollectionEventAsync(collection, EventType.Collection_Created);
Assert.True(collection.CreationDate - utcNow < TimeSpan.FromSeconds(1));
Assert.True(collection.RevisionDate - utcNow < TimeSpan.FromSeconds(1));
}
[Theory, BitAutoData]
public async Task CreateAsync_WithNonExistingOrganizationId_ThrowsBadRequest(
Collection collection, SutProvider<CreateCollectionCommand> sutProvider)
{
collection.Id = default;
var ex = await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.CreateAsync(collection));
Assert.Contains("Organization not found", ex.Message);
await sutProvider.GetDependency<ICollectionRepository>()
.DidNotReceiveWithAnyArgs()
.CreateAsync(default);
await sutProvider.GetDependency<ICollectionRepository>()
.DidNotReceiveWithAnyArgs()
.CreateAsync(default, default, default);
await sutProvider.GetDependency<IEventService>()
.DidNotReceiveWithAnyArgs()
.LogCollectionEventAsync(default, default);
}
[Theory, BitAutoData]
public async Task CreateAsync_WithoutManageAccess_ThrowsBadRequest(
Organization organization, Collection collection,
[CollectionAccessSelectionCustomize] IEnumerable<CollectionAccessSelection> users,
SutProvider<CreateCollectionCommand> sutProvider)
{
collection.Id = default;
organization.AllowAdminAccessToAllCollectionItems = false;
sutProvider.GetDependency<IOrganizationRepository>()
.GetByIdAsync(organization.Id)
.Returns(organization);
var ex = await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.CreateAsync(collection, null, users));
Assert.Contains("At least one member or group must have can manage permission.", ex.Message);
await sutProvider.GetDependency<ICollectionRepository>()
.DidNotReceiveWithAnyArgs()
.CreateAsync(default);
await sutProvider.GetDependency<ICollectionRepository>()
.DidNotReceiveWithAnyArgs()
.CreateAsync(default, default, default);
await sutProvider.GetDependency<IEventService>()
.DidNotReceiveWithAnyArgs()
.LogCollectionEventAsync(default, default);
}
[Theory, BitAutoData]
public async Task CreateAsync_WithExceedsOrganizationMaxCollections_ThrowsBadRequest(
Organization organization, Collection collection,
[CollectionAccessSelectionCustomize(true)] IEnumerable<CollectionAccessSelection> users,
SutProvider<CreateCollectionCommand> sutProvider)
{
collection.Id = default;
sutProvider.GetDependency<IOrganizationRepository>()
.GetByIdAsync(organization.Id)
.Returns(organization);
sutProvider.GetDependency<ICollectionRepository>()
.GetCountByOrganizationIdAsync(organization.Id)
.Returns(organization.MaxCollections.Value);
var ex = await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.CreateAsync(collection, null, users));
Assert.Equal($@"You have reached the maximum number of collections ({organization.MaxCollections.Value}) for this organization.", ex.Message);
await sutProvider.GetDependency<ICollectionRepository>()
.DidNotReceiveWithAnyArgs()
.CreateAsync(default);
await sutProvider.GetDependency<ICollectionRepository>()
.DidNotReceiveWithAnyArgs()
.CreateAsync(default, default, default);
await sutProvider.GetDependency<IEventService>()
.DidNotReceiveWithAnyArgs()
.LogCollectionEventAsync(default, default);
}
[Theory, BitAutoData]
public async Task CreateAsync_WithInvalidManageAssociations_ThrowsBadRequest(
Organization organization, Collection collection, SutProvider<CreateCollectionCommand> sutProvider)
{
collection.Id = default;
sutProvider.GetDependency<IOrganizationRepository>()
.GetByIdAsync(organization.Id)
.Returns(organization);
var invalidGroups = new List<CollectionAccessSelection>
{
new() { Id = Guid.NewGuid(), Manage = true, ReadOnly = true }
};
var ex = await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.CreateAsync(collection, invalidGroups, null));
Assert.Contains("The Manage property is mutually exclusive and cannot be true while the ReadOnly or HidePasswords properties are also true.", ex.Message);
await sutProvider.GetDependency<ICollectionRepository>()
.DidNotReceiveWithAnyArgs()
.CreateAsync(default);
await sutProvider.GetDependency<ICollectionRepository>()
.DidNotReceiveWithAnyArgs()
.CreateAsync(default, default, default);
await sutProvider.GetDependency<IEventService>()
.DidNotReceiveWithAnyArgs()
.LogCollectionEventAsync(default, default);
}
[PM-22101] Enforce restrictions on collections with DefaultUserCollection type (#5968) * Add CreateCollectionCommand and associated interface with validation logic * Implement CreateCollectionCommand to handle collection creation with organization checks and access permissions. * Introduce ICreateCollectionCommand interface for defining the collection creation contract. * Add unit tests for CreateCollectionCommand to validate various scenarios including permission checks and error handling. * Add UpdateCollectionCommand and associated interface with validation logic * Implement UpdateCollectionCommand to handle collection updates with organization checks and access permissions. * Introduce IUpdateCollectionCommand interface for defining the collection update contract. * Add unit tests for UpdateCollectionCommand to validate various scenarios including permission checks and error handling. * Add scoped services for collection commands * Register ICreateCollectionCommand and IUpdateCollectionCommand in the service collection for handling collection creation and updates. * Refactor CollectionsController to use command interfaces for collection creation and updates * Updated CollectionsController to utilize ICreateCollectionCommand and IUpdateCollectionCommand for handling collection creation and updates, replacing calls to ICollectionService. * Adjusted related unit tests to verify the new command implementations. * Refactor ICollectionService and CollectionService to remove SaveAsync method * Removed the SaveAsync method from ICollectionService and its implementation in CollectionService. * Updated related tests in CollectionServiceTests to reflect the removal of SaveAsync, ensuring existing functionality remains intact. * Remove unused organization repository dependency from CollectionServiceTests * Add validation to CreateCollectionCommand to prevent creation of DefaultUserCollection type * Implemented a check in CreateCollectionCommand to throw a BadRequestException if a collection of type DefaultUserCollection is attempted to be created. * Added a unit test to verify that the exception is thrown with the correct message when attempting to create a collection of this type. * Add validation to DeleteCollectionCommand to prevent deletion of DefaultUserCollection type * Implemented checks in DeleteAsync and DeleteManyAsync methods to throw a BadRequestException if a collection of type DefaultUserCollection is attempted to be deleted. * Added unit tests to verify that the exceptions are thrown with the correct messages when attempting to delete collections of this type. * Add validation in UpdateCollectionCommand to prevent editing DefaultUserCollection type * Implemented a check in UpdateAsync to throw a BadRequestException if a collection of type DefaultUserCollection is attempted to be updated. * Added a unit test to verify that the exception is thrown with the correct message when attempting to update a collection of this type. * Add validation in UpdateOrganizationUserCommand to prevent modification of DefaultUserCollection type * Implemented a check to throw a BadRequestException if an attempt is made to modify member access for collections of type DefaultUserCollection. * Added a unit test to ensure the exception is thrown with the correct message when this condition is met. * Add validation in UpdateGroupCommand to prevent modification of DefaultUserCollection type * Implemented a check to throw a BadRequestException if an attempt is made to modify group access for collections of type DefaultUserCollection. * Added a unit test to ensure the exception is thrown with the correct message when this condition is met. * Add validation in BulkAddCollectionAccessCommand to prevent addition of collections of DefaultUserCollection type * Implemented a check to throw a BadRequestException if an attempt is made to add access to collections of type DefaultUserCollection. * Added a unit test to ensure the exception is thrown with the correct message when this condition is met. * Add validation in CollectionService to prevent modification of DefaultUserCollection type * Implemented a check in DeleteUserAsync to throw a BadRequestException if an attempt is made to modify member access for collections of type DefaultUserCollection. * Added a unit test to ensure the exception is thrown with the correct message when this condition is met. * Implement a check to throw a BadRequestException if an attempt is made to modify member access for collections of type DefaultUserCollection. * Add validation in CollectionsController to prevent deletion of DefaultUserCollection type * Implemented a check to return a BadRequestObjectResult if an attempt is made to delete a collection of type DefaultUserCollection. * Remove unused test method for handling DefaultUserCollection in CollectionsControllerTests * Update UpdateOrganizationUserCommandTests to use OrganizationUserType for user updates
2025-06-27 15:29:34 +01:00
[Theory, BitAutoData]
public async Task CreateAsync_WithDefaultUserCollectionType_ThrowsBadRequest(
Organization organization, Collection collection, SutProvider<CreateCollectionCommand> sutProvider)
{
collection.Id = default;
collection.Type = CollectionType.DefaultUserCollection;
sutProvider.GetDependency<IOrganizationRepository>()
.GetByIdAsync(organization.Id)
.Returns(organization);
var ex = await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.CreateAsync(collection));
Assert.Contains("You cannot create a collection with the type as DefaultUserCollection.", ex.Message);
await sutProvider.GetDependency<ICollectionRepository>()
.DidNotReceiveWithAnyArgs()
.CreateAsync(default);
await sutProvider.GetDependency<ICollectionRepository>()
.DidNotReceiveWithAnyArgs()
.CreateAsync(default, default, default);
await sutProvider.GetDependency<IEventService>()
.DidNotReceiveWithAnyArgs()
.LogCollectionEventAsync(default, default);
}
[PM-22105] Extract CollectionService.SaveAsync into commands (#5959) * Add CreateCollectionCommand and associated interface with validation logic * Implement CreateCollectionCommand to handle collection creation with organization checks and access permissions. * Introduce ICreateCollectionCommand interface for defining the collection creation contract. * Add unit tests for CreateCollectionCommand to validate various scenarios including permission checks and error handling. * Add UpdateCollectionCommand and associated interface with validation logic * Implement UpdateCollectionCommand to handle collection updates with organization checks and access permissions. * Introduce IUpdateCollectionCommand interface for defining the collection update contract. * Add unit tests for UpdateCollectionCommand to validate various scenarios including permission checks and error handling. * Add scoped services for collection commands * Register ICreateCollectionCommand and IUpdateCollectionCommand in the service collection for handling collection creation and updates. * Refactor CollectionsController to use command interfaces for collection creation and updates * Updated CollectionsController to utilize ICreateCollectionCommand and IUpdateCollectionCommand for handling collection creation and updates, replacing calls to ICollectionService. * Adjusted related unit tests to verify the new command implementations. * Refactor ICollectionService and CollectionService to remove SaveAsync method * Removed the SaveAsync method from ICollectionService and its implementation in CollectionService. * Updated related tests in CollectionServiceTests to reflect the removal of SaveAsync, ensuring existing functionality remains intact. * Remove unused organization repository dependency from CollectionServiceTests
2025-06-24 10:19:48 +01:00
}
Reference in New Issue Copy Permalink