admin/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2026-02-08 09:53:14 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
b0f6b22b3d0492094de84bce386f5fa9d105d9f8
server/test/Api.Test/AdminConsole/Authorization/Requirements/BasePermissionRequirementTests.cs

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

67 lines
2.9 KiB
C#
Raw Normal View History

[PM-23921] [BEEEP] Add IOrganizationRequirements for each permission (#6105) * Add BasePermissionRequirement and implement it for each permission * Add tests
2025-07-31 11:22:06 +10:00
using Bit.Api.AdminConsole.Authorization.Requirements;
using Bit.Core.Context;
using Bit.Core.Enums;
using Bit.Core.Test.AdminConsole.AutoFixture;
using Bit.Core.Test.AdminConsole.Helpers;
using Bit.Test.Common.AutoFixture.Attributes;
using Xunit;
namespace Bit.Api.Test.AdminConsole.Authorization.Requirements;
public class BasePermissionRequirementTests
{
[Theory, BitAutoData]
[CurrentContextOrganizationCustomize(Type = OrganizationUserType.Owner)]
public async Task Authorizes_Owners(CurrentContextOrganization organizationClaims)
{
var result = await new PermissionRequirement().AuthorizeAsync(organizationClaims, () => Task.FromResult(false));
Assert.True(result);
}
[Theory, BitAutoData]
[CurrentContextOrganizationCustomize(Type = OrganizationUserType.Admin)]
public async Task Authorizes_Admins(CurrentContextOrganization organizationClaims)
{
var result = await new PermissionRequirement().AuthorizeAsync(organizationClaims, () => Task.FromResult(false));
Assert.True(result);
}
[Theory, BitAutoData]
[CurrentContextOrganizationCustomize(Type = OrganizationUserType.User)]
public async Task Authorizes_Providers(CurrentContextOrganization organizationClaims)
{
var result = await new PermissionRequirement().AuthorizeAsync(organizationClaims, () => Task.FromResult(true));
Assert.True(result);
}
[Theory, BitAutoData]
[CurrentContextOrganizationCustomize(Type = OrganizationUserType.Custom)]
public async Task Authorizes_CustomPermission(CurrentContextOrganization organizationClaims)
{
organizationClaims.Permissions.ManageGroups = true;
var result = await new TestCustomPermissionRequirement().AuthorizeAsync(organizationClaims, () => Task.FromResult(false));
Assert.True(result);
}
[Theory, BitAutoData]
[CurrentContextOrganizationCustomize(Type = OrganizationUserType.User)]
public async Task DoesNotAuthorize_Users(CurrentContextOrganization organizationClaims)
{
var result = await new PermissionRequirement().AuthorizeAsync(organizationClaims, () => Task.FromResult(false));
Assert.False(result);
}
[Theory, BitAutoData]
[CurrentContextOrganizationCustomize(Type = OrganizationUserType.Custom)]
public async Task DoesNotAuthorize_OtherCustomPermissions(CurrentContextOrganization organizationClaims)
{
organizationClaims.Permissions.ManageGroups = true;
organizationClaims.Permissions = organizationClaims.Permissions.Invert();
var result = await new TestCustomPermissionRequirement().AuthorizeAsync(organizationClaims, () => Task.FromResult(false));
Assert.False(result);
}
private class PermissionRequirement() : BasePermissionRequirement(_ => false);
private class TestCustomPermissionRequirement() : BasePermissionRequirement(p => p.ManageGroups);
}
Reference in New Issue Copy Permalink