test/Core.Test/AdminConsole/OrganizationFeatures/Policies/PolicyRequirementQueryTests.cs

using Bit.Core.AdminConsole.Enums;
using Bit.Core.AdminConsole.Models.Data.Organizations.Policies;
using Bit.Core.AdminConsole.OrganizationFeatures.Policies.Implementations;
using Bit.Core.AdminConsole.Repositories;
using Bit.Test.Common.AutoFixture.Attributes;
using NSubstitute;
using Xunit;

namespace Bit.Core.Test.AdminConsole.OrganizationFeatures.Policies;

[SutProviderCustomize]
public class PolicyRequirementQueryTests
{
    [Theory, BitAutoData]
    public async Task GetAsync_IgnoresOtherPolicyTypes(Guid userId)
    {
        var thisPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.SingleOrg, UserId = userId };
        var otherPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.RequireSso, UserId = userId };
        var policyRepository = Substitute.For<IPolicyRepository>();
        policyRepository.GetPolicyDetailsByUserIdsAndPolicyType(
                Arg.Is<IEnumerable<Guid>>(ids => ids.Contains(userId)), PolicyType.SingleOrg)
            .Returns([otherPolicy, thisPolicy]);

        var factory = new TestPolicyRequirementFactory(_ => true);
        var sut = new PolicyRequirementQuery(policyRepository, [factory]);

        var requirement = await sut.GetAsync<TestPolicyRequirement>(userId);

        Assert.Contains(thisPolicy, requirement.Policies);
        Assert.DoesNotContain(otherPolicy, requirement.Policies);
    }

    [Theory, BitAutoData]
    public async Task GetAsync_CallsEnforceCallback(Guid userId)
    {
        // Arrange policies
        var policyRepository = Substitute.For<IPolicyRepository>();
        var thisPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.SingleOrg, UserId = userId };
        var otherPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.SingleOrg, UserId = userId };
        policyRepository.GetPolicyDetailsByUserIdsAndPolicyType(
                Arg.Is<IEnumerable<Guid>>(ids => ids.Contains(userId)), PolicyType.SingleOrg)
            .Returns([thisPolicy, otherPolicy]);

        // Arrange a substitute Enforce function so that we can inspect the received calls
        var callback = Substitute.For<Func<PolicyDetails, bool>>();
        callback(Arg.Any<PolicyDetails>()).Returns(x => x.Arg<PolicyDetails>() == thisPolicy);

        // Arrange the sut
        var factory = new TestPolicyRequirementFactory(callback);
        var sut = new PolicyRequirementQuery(policyRepository, [factory]);

        // Act
        var requirement = await sut.GetAsync<TestPolicyRequirement>(userId);

        // Assert
        Assert.Contains(thisPolicy, requirement.Policies);
        Assert.DoesNotContain(otherPolicy, requirement.Policies);
        callback.Received()(Arg.Is(thisPolicy));
        callback.Received()(Arg.Is(otherPolicy));
    }

    [Theory, BitAutoData]
    public async Task GetAsync_ThrowsIfNoFactoryRegistered(Guid userId)
    {
        var policyRepository = Substitute.For<IPolicyRepository>();
        var sut = new PolicyRequirementQuery(policyRepository, []);

        var exception = await Assert.ThrowsAsync<NotImplementedException>(()
            => sut.GetAsync<TestPolicyRequirement>(userId));
        Assert.Contains("No Requirement Factory found", exception.Message);
    }

    [Theory, BitAutoData]
    public async Task GetAsync_HandlesNoPolicies(Guid userId)
    {
        var policyRepository = Substitute.For<IPolicyRepository>();
        policyRepository.GetPolicyDetailsByUserIdsAndPolicyType(
                Arg.Is<IEnumerable<Guid>>(ids => ids.Contains(userId)), PolicyType.SingleOrg)
            .Returns([]);

        var factory = new TestPolicyRequirementFactory(x => x.IsProvider);
        var sut = new PolicyRequirementQuery(policyRepository, [factory]);

        var requirement = await sut.GetAsync<TestPolicyRequirement>(userId);

        Assert.Empty(requirement.Policies);
    }

    [Theory, BitAutoData]
    public async Task GetManyByOrganizationIdAsync_IgnoresOtherPolicyTypes(Guid organizationId)
    {
        var policyRepository = Substitute.For<IPolicyRepository>();
        var thisPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.SingleOrg, OrganizationUserId = Guid.NewGuid() };
        var otherPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.RequireSso, OrganizationUserId = Guid.NewGuid() };
        // Force the repository to return both policies even though that is not the expected result
        policyRepository.GetPolicyDetailsByOrganizationIdAsync(organizationId, PolicyType.SingleOrg)
            .Returns([thisPolicy, otherPolicy]);

        var factory = new TestPolicyRequirementFactory(_ => true);
        var sut = new PolicyRequirementQuery(policyRepository, [factory]);

        var organizationUserIds = await sut.GetManyByOrganizationIdAsync<TestPolicyRequirement>(organizationId);

        await policyRepository.Received(1).GetPolicyDetailsByOrganizationIdAsync(organizationId, PolicyType.SingleOrg);

        Assert.Contains(thisPolicy.OrganizationUserId, organizationUserIds);
        Assert.DoesNotContain(otherPolicy.OrganizationUserId, organizationUserIds);
    }

    [Theory, BitAutoData]
    public async Task GetManyByOrganizationIdAsync_CallsEnforceCallback(Guid organizationId)
    {
        var policyRepository = Substitute.For<IPolicyRepository>();
        var thisPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.SingleOrg, OrganizationUserId = Guid.NewGuid() };
        var otherPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.SingleOrg, OrganizationUserId = Guid.NewGuid() };
        policyRepository.GetPolicyDetailsByOrganizationIdAsync(organizationId, PolicyType.SingleOrg).Returns([thisPolicy, otherPolicy]);

        var callback = Substitute.For<Func<PolicyDetails, bool>>();
        callback(Arg.Any<PolicyDetails>()).Returns(x => x.Arg<PolicyDetails>() == thisPolicy);

        var factory = new TestPolicyRequirementFactory(callback);
        var sut = new PolicyRequirementQuery(policyRepository, [factory]);

        var organizationUserIds = await sut.GetManyByOrganizationIdAsync<TestPolicyRequirement>(organizationId);

        Assert.Contains(thisPolicy.OrganizationUserId, organizationUserIds);
        Assert.DoesNotContain(otherPolicy.OrganizationUserId, organizationUserIds);
        callback.Received()(Arg.Is<PolicyDetails>(p => p == thisPolicy));
        callback.Received()(Arg.Is<PolicyDetails>(p => p == otherPolicy));
    }

    [Theory, BitAutoData]
    public async Task GetManyByOrganizationIdAsync_ThrowsIfNoFactoryRegistered(Guid organizationId)
    {
        var policyRepository = Substitute.For<IPolicyRepository>();
        var sut = new PolicyRequirementQuery(policyRepository, []);

        var exception = await Assert.ThrowsAsync<NotImplementedException>(()
            => sut.GetManyByOrganizationIdAsync<TestPolicyRequirement>(organizationId));

        Assert.Contains("No Requirement Factory found", exception.Message);
    }

    [Theory, BitAutoData]
    public async Task GetManyByOrganizationIdAsync_HandlesNoPolicies(Guid organizationId)
    {
        var policyRepository = Substitute.For<IPolicyRepository>();
        policyRepository.GetPolicyDetailsByOrganizationIdAsync(organizationId, PolicyType.SingleOrg).Returns([]);

        var factory = new TestPolicyRequirementFactory(x => x.IsProvider);
        var sut = new PolicyRequirementQuery(policyRepository, [factory]);

        var organizationUserIds = await sut.GetManyByOrganizationIdAsync<TestPolicyRequirement>(organizationId);

        Assert.Empty(organizationUserIds);
    }
}
-												[PM-18876] Refine PolicyRequirements API (#5445)

* make the PolicyRequirements API more granular, e.g.
  replace factory methods with a factory interface
* update Send to use the new API
											
										
										
											2025-03-11 10:46:09 +10:00
+								using Bit.Core.AdminConsole.Enums;
 								using Bit.Core.AdminConsole.Models.Data.Organizations.Policies;
-												[PM-14439] Add PolicyRequirementQuery for enforcement logic (#5336)

* Add PolicyRequirementQuery, helpers and models in preparation for migrating domain code

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
											
										
										
											2025-02-14 21:05:49 +10:00
+								using Bit.Core.AdminConsole.OrganizationFeatures.Policies.Implementations;
 								using Bit.Core.AdminConsole.Repositories;
 								using Bit.Test.Common.AutoFixture.Attributes;
 								using NSubstitute;
 								using Xunit;
 								namespace Bit.Core.Test.AdminConsole.OrganizationFeatures.Policies;
 								[SutProviderCustomize]
 								public class PolicyRequirementQueryTests
 								{
 								    [Theory, BitAutoData]
-												[PM-18876] Refine PolicyRequirements API (#5445)

* make the PolicyRequirements API more granular, e.g.
  replace factory methods with a factory interface
* update Send to use the new API
											
										
										
											2025-03-11 10:46:09 +10:00
+								    public async Task GetAsync_IgnoresOtherPolicyTypes(Guid userId)
-												[PM-14439] Add PolicyRequirementQuery for enforcement logic (#5336)

* Add PolicyRequirementQuery, helpers and models in preparation for migrating domain code

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
											
										
										
											2025-02-14 21:05:49 +10:00
+								    {
-												[PM-23134] Update PolicyDetails sprocs for performance (#6421)

* Add integration tests for GetByUserIdWithPolicyDetailsAsync in OrganizationUserRepository

- Implemented multiple test cases to verify the behavior of GetByUserIdWithPolicyDetailsAsync for different user statuses (Confirmed, Accepted, Invited, Revoked).
- Ensured that the method returns correct policy details based on user status and organization.
- Added tests for scenarios with multiple organizations and non-existing policy types.
- Included checks for provider users and custom user permissions.

These tests enhance coverage and ensure the correctness of policy retrieval logic.

* Add UserProviderAccessView to identify which organizations a user can access as a provider

* Refactor PolicyDetails_ReadByUserId stored procedure to improve user access logic

- Introduced a Common Table Expression (CTE) for organization users to streamline the selection process based on user status and email.
- Added a CTE for providers to enhance clarity and maintainability.
- Updated the main query to utilize the new CTEs, improving readability and performance.
- Ensured that the procedure correctly identifies provider access based on user permissions.

* Refactor OrganizationUser_ReadByUserIdWithPolicyDetails stored procedure to enhance user access logic

- Introduced a Common Table Expression (CTE) for organization users to improve selection based on user status and email.
- Updated the main query to utilize the new CTEs, enhancing readability and performance.
- Adjusted the logic for identifying provider access to ensure accurate policy retrieval based on user permissions.

* Add new SQL migration script to refactor policy details queries

- Created a new view, UserProviderAccessView, to streamline user access to provider organizations.
- Introduced two stored procedures: PolicyDetails_ReadByUserId and OrganizationUser_ReadByUserIdWithPolicyDetails, enhancing the logic for retrieving policy details based on user ID and policy type.
- Utilized Common Table Expressions (CTEs) to improve query readability and performance, ensuring accurate policy retrieval based on user permissions and organization status.

* Remove GetPolicyDetailsByUserIdTests

* Refactor PolicyRequirementQuery to use GetPolicyDetailsByUserIdsAndPolicyType and update unit tests

* Remove GetPolicyDetailsByUserId method from IPolicyRepository and its implementations in PolicyRepository classes

* Revert changes to PolicyDetails_ReadByUserId stored procedure

* Refactor OrganizationUser_ReadByUserIdWithPolicyDetails stored procedure to use UNION instead of OR

* Reduce UserEmail variable size from NVARCHAR(320) to NVARCHAR(256) for consistency in stored procedures

* Bump date on migration script
											
										
										
											2025-10-22 13:20:53 +01:00
+								        var thisPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.SingleOrg, UserId = userId };
 								        var otherPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.RequireSso, UserId = userId };
-												[PM-14439] Add PolicyRequirementQuery for enforcement logic (#5336)

* Add PolicyRequirementQuery, helpers and models in preparation for migrating domain code

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
											
										
										
											2025-02-14 21:05:49 +10:00
+								        var policyRepository = Substitute.For<IPolicyRepository>();
-												[PM-23134] Update PolicyDetails sprocs for performance (#6421)

* Add integration tests for GetByUserIdWithPolicyDetailsAsync in OrganizationUserRepository

- Implemented multiple test cases to verify the behavior of GetByUserIdWithPolicyDetailsAsync for different user statuses (Confirmed, Accepted, Invited, Revoked).
- Ensured that the method returns correct policy details based on user status and organization.
- Added tests for scenarios with multiple organizations and non-existing policy types.
- Included checks for provider users and custom user permissions.

These tests enhance coverage and ensure the correctness of policy retrieval logic.

* Add UserProviderAccessView to identify which organizations a user can access as a provider

* Refactor PolicyDetails_ReadByUserId stored procedure to improve user access logic

- Introduced a Common Table Expression (CTE) for organization users to streamline the selection process based on user status and email.
- Added a CTE for providers to enhance clarity and maintainability.
- Updated the main query to utilize the new CTEs, improving readability and performance.
- Ensured that the procedure correctly identifies provider access based on user permissions.

* Refactor OrganizationUser_ReadByUserIdWithPolicyDetails stored procedure to enhance user access logic

- Introduced a Common Table Expression (CTE) for organization users to improve selection based on user status and email.
- Updated the main query to utilize the new CTEs, enhancing readability and performance.
- Adjusted the logic for identifying provider access to ensure accurate policy retrieval based on user permissions.

* Add new SQL migration script to refactor policy details queries

- Created a new view, UserProviderAccessView, to streamline user access to provider organizations.
- Introduced two stored procedures: PolicyDetails_ReadByUserId and OrganizationUser_ReadByUserIdWithPolicyDetails, enhancing the logic for retrieving policy details based on user ID and policy type.
- Utilized Common Table Expressions (CTEs) to improve query readability and performance, ensuring accurate policy retrieval based on user permissions and organization status.

* Remove GetPolicyDetailsByUserIdTests

* Refactor PolicyRequirementQuery to use GetPolicyDetailsByUserIdsAndPolicyType and update unit tests

* Remove GetPolicyDetailsByUserId method from IPolicyRepository and its implementations in PolicyRepository classes

* Revert changes to PolicyDetails_ReadByUserId stored procedure

* Refactor OrganizationUser_ReadByUserIdWithPolicyDetails stored procedure to use UNION instead of OR

* Reduce UserEmail variable size from NVARCHAR(320) to NVARCHAR(256) for consistency in stored procedures

* Bump date on migration script
											
										
										
											2025-10-22 13:20:53 +01:00
+								        policyRepository.GetPolicyDetailsByUserIdsAndPolicyType(
 								                Arg.Is<IEnumerable<Guid>>(ids => ids.Contains(userId)), PolicyType.SingleOrg)
 								            .Returns([otherPolicy, thisPolicy]);
-												[PM-14439] Add PolicyRequirementQuery for enforcement logic (#5336)

* Add PolicyRequirementQuery, helpers and models in preparation for migrating domain code

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
											
										
										
											2025-02-14 21:05:49 +10:00
-												[PM-18876] Refine PolicyRequirements API (#5445)

* make the PolicyRequirements API more granular, e.g.
  replace factory methods with a factory interface
* update Send to use the new API
											
										
										
											2025-03-11 10:46:09 +10:00
+								        var factory = new TestPolicyRequirementFactory(_ => true);
 								        var sut = new PolicyRequirementQuery(policyRepository, [factory]);
 								        var requirement = await sut.GetAsync<TestPolicyRequirement>(userId);
 								        Assert.Contains(thisPolicy, requirement.Policies);
 								        Assert.DoesNotContain(otherPolicy, requirement.Policies);
 								    }
 								    [Theory, BitAutoData]
 								    public async Task GetAsync_CallsEnforceCallback(Guid userId)
 								    {
 								        // Arrange policies
 								        var policyRepository = Substitute.For<IPolicyRepository>();
-												[PM-23134] Update PolicyDetails sprocs for performance (#6421)

* Add integration tests for GetByUserIdWithPolicyDetailsAsync in OrganizationUserRepository

- Implemented multiple test cases to verify the behavior of GetByUserIdWithPolicyDetailsAsync for different user statuses (Confirmed, Accepted, Invited, Revoked).
- Ensured that the method returns correct policy details based on user status and organization.
- Added tests for scenarios with multiple organizations and non-existing policy types.
- Included checks for provider users and custom user permissions.

These tests enhance coverage and ensure the correctness of policy retrieval logic.

* Add UserProviderAccessView to identify which organizations a user can access as a provider

* Refactor PolicyDetails_ReadByUserId stored procedure to improve user access logic

- Introduced a Common Table Expression (CTE) for organization users to streamline the selection process based on user status and email.
- Added a CTE for providers to enhance clarity and maintainability.
- Updated the main query to utilize the new CTEs, improving readability and performance.
- Ensured that the procedure correctly identifies provider access based on user permissions.

* Refactor OrganizationUser_ReadByUserIdWithPolicyDetails stored procedure to enhance user access logic

- Introduced a Common Table Expression (CTE) for organization users to improve selection based on user status and email.
- Updated the main query to utilize the new CTEs, enhancing readability and performance.
- Adjusted the logic for identifying provider access to ensure accurate policy retrieval based on user permissions.

* Add new SQL migration script to refactor policy details queries

- Created a new view, UserProviderAccessView, to streamline user access to provider organizations.
- Introduced two stored procedures: PolicyDetails_ReadByUserId and OrganizationUser_ReadByUserIdWithPolicyDetails, enhancing the logic for retrieving policy details based on user ID and policy type.
- Utilized Common Table Expressions (CTEs) to improve query readability and performance, ensuring accurate policy retrieval based on user permissions and organization status.

* Remove GetPolicyDetailsByUserIdTests

* Refactor PolicyRequirementQuery to use GetPolicyDetailsByUserIdsAndPolicyType and update unit tests

* Remove GetPolicyDetailsByUserId method from IPolicyRepository and its implementations in PolicyRepository classes

* Revert changes to PolicyDetails_ReadByUserId stored procedure

* Refactor OrganizationUser_ReadByUserIdWithPolicyDetails stored procedure to use UNION instead of OR

* Reduce UserEmail variable size from NVARCHAR(320) to NVARCHAR(256) for consistency in stored procedures

* Bump date on migration script
											
										
										
											2025-10-22 13:20:53 +01:00
+								        var thisPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.SingleOrg, UserId = userId };
 								        var otherPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.SingleOrg, UserId = userId };
 								        policyRepository.GetPolicyDetailsByUserIdsAndPolicyType(
 								                Arg.Is<IEnumerable<Guid>>(ids => ids.Contains(userId)), PolicyType.SingleOrg)
 								            .Returns([thisPolicy, otherPolicy]);
-												[PM-18876] Refine PolicyRequirements API (#5445)

* make the PolicyRequirements API more granular, e.g.
  replace factory methods with a factory interface
* update Send to use the new API
											
										
										
											2025-03-11 10:46:09 +10:00
 								        // Arrange a substitute Enforce function so that we can inspect the received calls
 								        var callback = Substitute.For<Func<PolicyDetails, bool>>();
 								        callback(Arg.Any<PolicyDetails>()).Returns(x => x.Arg<PolicyDetails>() == thisPolicy);
 								        // Arrange the sut
 								        var factory = new TestPolicyRequirementFactory(callback);
 								        var sut = new PolicyRequirementQuery(policyRepository, [factory]);
 								        // Act
-												[PM-14439] Add PolicyRequirementQuery for enforcement logic (#5336)

* Add PolicyRequirementQuery, helpers and models in preparation for migrating domain code

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
											
										
										
											2025-02-14 21:05:49 +10:00
+								        var requirement = await sut.GetAsync<TestPolicyRequirement>(userId);
-												[PM-18876] Refine PolicyRequirements API (#5445)

* make the PolicyRequirements API more granular, e.g.
  replace factory methods with a factory interface
* update Send to use the new API
											
										
										
											2025-03-11 10:46:09 +10:00
 								        // Assert
 								        Assert.Contains(thisPolicy, requirement.Policies);
 								        Assert.DoesNotContain(otherPolicy, requirement.Policies);
 								        callback.Received()(Arg.Is(thisPolicy));
 								        callback.Received()(Arg.Is(otherPolicy));
-												[PM-14439] Add PolicyRequirementQuery for enforcement logic (#5336)

* Add PolicyRequirementQuery, helpers and models in preparation for migrating domain code

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
											
										
										
											2025-02-14 21:05:49 +10:00
+								    }
 								    [Theory, BitAutoData]
-												[PM-18876] Refine PolicyRequirements API (#5445)

* make the PolicyRequirements API more granular, e.g.
  replace factory methods with a factory interface
* update Send to use the new API
											
										
										
											2025-03-11 10:46:09 +10:00
+								    public async Task GetAsync_ThrowsIfNoFactoryRegistered(Guid userId)
-												[PM-14439] Add PolicyRequirementQuery for enforcement logic (#5336)

* Add PolicyRequirementQuery, helpers and models in preparation for migrating domain code

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
											
										
										
											2025-02-14 21:05:49 +10:00
+								    {
 								        var policyRepository = Substitute.For<IPolicyRepository>();
 								        var sut = new PolicyRequirementQuery(policyRepository, []);
 								        var exception = await Assert.ThrowsAsync<NotImplementedException>(()
 								            => sut.GetAsync<TestPolicyRequirement>(userId));
-												[PM-18876] Refine PolicyRequirements API (#5445)

* make the PolicyRequirements API more granular, e.g.
  replace factory methods with a factory interface
* update Send to use the new API
											
										
										
											2025-03-11 10:46:09 +10:00
+								        Assert.Contains("No Requirement Factory found", exception.Message);
-												[PM-14439] Add PolicyRequirementQuery for enforcement logic (#5336)

* Add PolicyRequirementQuery, helpers and models in preparation for migrating domain code

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
											
										
										
											2025-02-14 21:05:49 +10:00
+								    }
-												[PM-18876] Refine PolicyRequirements API (#5445)

* make the PolicyRequirements API more granular, e.g.
  replace factory methods with a factory interface
* update Send to use the new API
											
										
										
											2025-03-11 10:46:09 +10:00
+								    [Theory, BitAutoData]
 								    public async Task GetAsync_HandlesNoPolicies(Guid userId)
-												[PM-14439] Add PolicyRequirementQuery for enforcement logic (#5336)

* Add PolicyRequirementQuery, helpers and models in preparation for migrating domain code

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
											
										
										
											2025-02-14 21:05:49 +10:00
+								    {
-												[PM-18876] Refine PolicyRequirements API (#5445)

* make the PolicyRequirements API more granular, e.g.
  replace factory methods with a factory interface
* update Send to use the new API
											
										
										
											2025-03-11 10:46:09 +10:00
+								        var policyRepository = Substitute.For<IPolicyRepository>();
-												[PM-23134] Update PolicyDetails sprocs for performance (#6421)

* Add integration tests for GetByUserIdWithPolicyDetailsAsync in OrganizationUserRepository

- Implemented multiple test cases to verify the behavior of GetByUserIdWithPolicyDetailsAsync for different user statuses (Confirmed, Accepted, Invited, Revoked).
- Ensured that the method returns correct policy details based on user status and organization.
- Added tests for scenarios with multiple organizations and non-existing policy types.
- Included checks for provider users and custom user permissions.

These tests enhance coverage and ensure the correctness of policy retrieval logic.

* Add UserProviderAccessView to identify which organizations a user can access as a provider

* Refactor PolicyDetails_ReadByUserId stored procedure to improve user access logic

- Introduced a Common Table Expression (CTE) for organization users to streamline the selection process based on user status and email.
- Added a CTE for providers to enhance clarity and maintainability.
- Updated the main query to utilize the new CTEs, improving readability and performance.
- Ensured that the procedure correctly identifies provider access based on user permissions.

* Refactor OrganizationUser_ReadByUserIdWithPolicyDetails stored procedure to enhance user access logic

- Introduced a Common Table Expression (CTE) for organization users to improve selection based on user status and email.
- Updated the main query to utilize the new CTEs, enhancing readability and performance.
- Adjusted the logic for identifying provider access to ensure accurate policy retrieval based on user permissions.

* Add new SQL migration script to refactor policy details queries

- Created a new view, UserProviderAccessView, to streamline user access to provider organizations.
- Introduced two stored procedures: PolicyDetails_ReadByUserId and OrganizationUser_ReadByUserIdWithPolicyDetails, enhancing the logic for retrieving policy details based on user ID and policy type.
- Utilized Common Table Expressions (CTEs) to improve query readability and performance, ensuring accurate policy retrieval based on user permissions and organization status.

* Remove GetPolicyDetailsByUserIdTests

* Refactor PolicyRequirementQuery to use GetPolicyDetailsByUserIdsAndPolicyType and update unit tests

* Remove GetPolicyDetailsByUserId method from IPolicyRepository and its implementations in PolicyRepository classes

* Revert changes to PolicyDetails_ReadByUserId stored procedure

* Refactor OrganizationUser_ReadByUserIdWithPolicyDetails stored procedure to use UNION instead of OR

* Reduce UserEmail variable size from NVARCHAR(320) to NVARCHAR(256) for consistency in stored procedures

* Bump date on migration script
											
										
										
											2025-10-22 13:20:53 +01:00
+								        policyRepository.GetPolicyDetailsByUserIdsAndPolicyType(
 								                Arg.Is<IEnumerable<Guid>>(ids => ids.Contains(userId)), PolicyType.SingleOrg)
 								            .Returns([]);
-												[PM-18876] Refine PolicyRequirements API (#5445)

* make the PolicyRequirements API more granular, e.g.
  replace factory methods with a factory interface
* update Send to use the new API
											
										
										
											2025-03-11 10:46:09 +10:00
 								        var factory = new TestPolicyRequirementFactory(x => x.IsProvider);
 								        var sut = new PolicyRequirementQuery(policyRepository, [factory]);
 								        var requirement = await sut.GetAsync<TestPolicyRequirement>(userId);
 								        Assert.Empty(requirement.Policies);
-												[PM-14439] Add PolicyRequirementQuery for enforcement logic (#5336)

* Add PolicyRequirementQuery, helpers and models in preparation for migrating domain code

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
											
										
										
											2025-02-14 21:05:49 +10:00
+								    }
-												[PM-22241] Add DefaultUserCollectionName support to bulk organization user confirmation (#6153)

* Implement GetByOrganizationAsync method in PolicyRequirementQuery and add corresponding unit tests

* Refactor ConfirmOrganizationUserCommand for clarity and add bulk support

* Update ConfirmOrganizationUserCommandTests to use GetByOrganizationAsync for policy requirement queries

* Add DefaultUserCollectionName property to OrganizationUserBulkConfirmRequestModel with encryption attributes

* Update ConfirmUsersAsync method to include DefaultUserCollectionName parameter in OrganizationUsersController

* Add EnableOrganizationDataOwnershipPolicyAsync method to OrganizationTestHelpers

* Add integration tests for confirming organization users in OrganizationUserControllerTests

- Implemented Confirm_WithValidUser test to verify successful confirmation of a single user.
- Added BulkConfirm_WithValidUsers test to ensure multiple users can be confirmed successfully.

* Refactor organization user confirmation integration tests to also test when the organization data ownership policy is disabled

* Refactor ConfirmOrganizationUserCommand to consolidate confirmation side effects handling

- Replaced single and bulk confirmation side effect methods with a unified HandleConfirmationSideEffectsAsync method.
- Updated related logic to handle confirmed organization users more efficiently.
- Adjusted unit tests to reflect changes in the collection creation process for confirmed users.

* Refactor OrganizationUserControllerTests to simplify feature flag handling and consolidate test logic

- Removed redundant feature flag checks in Confirm and BulkConfirm tests.
- Updated tests to directly enable the Organization Data Ownership policy without conditional checks.
- Ensured verification of DefaultUserCollection for confirmed users remains intact.

* Refactor OrganizationUserControllerTests to enhance clarity and reduce redundancy

- Simplified user creation and confirmation logic in tests by introducing helper methods.
- Consolidated verification of confirmed users and their associated collections.
- Removed unnecessary comments and streamlined test flow for better readability.
											
										
										
											2025-08-05 15:34:13 +01:00
 								    [Theory, BitAutoData]
-												[PM-24582] Bugfix: exclude admins and owners from default user collection creation on confirmation (#6177)

* Update the OrganizationUserController integration Confirm tests to handle the Owner type

* Refactor ConfirmOrganizationUserCommand to simplify side-effect handling in organization user confirmation.
Update IPolicyRequirementQuery to return eligible org user IDs for policy enforcement.
Update tests for method signature changes and default collection creation logic.
											
										
										
											2025-08-11 16:36:40 +01:00
+								    public async Task GetManyByOrganizationIdAsync_IgnoresOtherPolicyTypes(Guid organizationId)
-												[PM-22241] Add DefaultUserCollectionName support to bulk organization user confirmation (#6153)

* Implement GetByOrganizationAsync method in PolicyRequirementQuery and add corresponding unit tests

* Refactor ConfirmOrganizationUserCommand for clarity and add bulk support

* Update ConfirmOrganizationUserCommandTests to use GetByOrganizationAsync for policy requirement queries

* Add DefaultUserCollectionName property to OrganizationUserBulkConfirmRequestModel with encryption attributes

* Update ConfirmUsersAsync method to include DefaultUserCollectionName parameter in OrganizationUsersController

* Add EnableOrganizationDataOwnershipPolicyAsync method to OrganizationTestHelpers

* Add integration tests for confirming organization users in OrganizationUserControllerTests

- Implemented Confirm_WithValidUser test to verify successful confirmation of a single user.
- Added BulkConfirm_WithValidUsers test to ensure multiple users can be confirmed successfully.

* Refactor organization user confirmation integration tests to also test when the organization data ownership policy is disabled

* Refactor ConfirmOrganizationUserCommand to consolidate confirmation side effects handling

- Replaced single and bulk confirmation side effect methods with a unified HandleConfirmationSideEffectsAsync method.
- Updated related logic to handle confirmed organization users more efficiently.
- Adjusted unit tests to reflect changes in the collection creation process for confirmed users.

* Refactor OrganizationUserControllerTests to simplify feature flag handling and consolidate test logic

- Removed redundant feature flag checks in Confirm and BulkConfirm tests.
- Updated tests to directly enable the Organization Data Ownership policy without conditional checks.
- Ensured verification of DefaultUserCollection for confirmed users remains intact.

* Refactor OrganizationUserControllerTests to enhance clarity and reduce redundancy

- Simplified user creation and confirmation logic in tests by introducing helper methods.
- Consolidated verification of confirmed users and their associated collections.
- Removed unnecessary comments and streamlined test flow for better readability.
											
										
										
											2025-08-05 15:34:13 +01:00
+								    {
 								        var policyRepository = Substitute.For<IPolicyRepository>();
-												[PM-24582] Bugfix: exclude admins and owners from default user collection creation on confirmation (#6177)

* Update the OrganizationUserController integration Confirm tests to handle the Owner type

* Refactor ConfirmOrganizationUserCommand to simplify side-effect handling in organization user confirmation.
Update IPolicyRequirementQuery to return eligible org user IDs for policy enforcement.
Update tests for method signature changes and default collection creation logic.
											
										
										
											2025-08-11 16:36:40 +01:00
+								        var thisPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.SingleOrg, OrganizationUserId = Guid.NewGuid() };
 								        var otherPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.RequireSso, OrganizationUserId = Guid.NewGuid() };
-												[PM-22241] Add DefaultUserCollectionName support to bulk organization user confirmation (#6153)

* Implement GetByOrganizationAsync method in PolicyRequirementQuery and add corresponding unit tests

* Refactor ConfirmOrganizationUserCommand for clarity and add bulk support

* Update ConfirmOrganizationUserCommandTests to use GetByOrganizationAsync for policy requirement queries

* Add DefaultUserCollectionName property to OrganizationUserBulkConfirmRequestModel with encryption attributes

* Update ConfirmUsersAsync method to include DefaultUserCollectionName parameter in OrganizationUsersController

* Add EnableOrganizationDataOwnershipPolicyAsync method to OrganizationTestHelpers

* Add integration tests for confirming organization users in OrganizationUserControllerTests

- Implemented Confirm_WithValidUser test to verify successful confirmation of a single user.
- Added BulkConfirm_WithValidUsers test to ensure multiple users can be confirmed successfully.

* Refactor organization user confirmation integration tests to also test when the organization data ownership policy is disabled

* Refactor ConfirmOrganizationUserCommand to consolidate confirmation side effects handling

- Replaced single and bulk confirmation side effect methods with a unified HandleConfirmationSideEffectsAsync method.
- Updated related logic to handle confirmed organization users more efficiently.
- Adjusted unit tests to reflect changes in the collection creation process for confirmed users.

* Refactor OrganizationUserControllerTests to simplify feature flag handling and consolidate test logic

- Removed redundant feature flag checks in Confirm and BulkConfirm tests.
- Updated tests to directly enable the Organization Data Ownership policy without conditional checks.
- Ensured verification of DefaultUserCollection for confirmed users remains intact.

* Refactor OrganizationUserControllerTests to enhance clarity and reduce redundancy

- Simplified user creation and confirmation logic in tests by introducing helper methods.
- Consolidated verification of confirmed users and their associated collections.
- Removed unnecessary comments and streamlined test flow for better readability.
											
										
										
											2025-08-05 15:34:13 +01:00
+								        // Force the repository to return both policies even though that is not the expected result
 								        policyRepository.GetPolicyDetailsByOrganizationIdAsync(organizationId, PolicyType.SingleOrg)
 								            .Returns([thisPolicy, otherPolicy]);
 								        var factory = new TestPolicyRequirementFactory(_ => true);
 								        var sut = new PolicyRequirementQuery(policyRepository, [factory]);
-												[PM-24582] Bugfix: exclude admins and owners from default user collection creation on confirmation (#6177)

* Update the OrganizationUserController integration Confirm tests to handle the Owner type

* Refactor ConfirmOrganizationUserCommand to simplify side-effect handling in organization user confirmation.
Update IPolicyRequirementQuery to return eligible org user IDs for policy enforcement.
Update tests for method signature changes and default collection creation logic.
											
										
										
											2025-08-11 16:36:40 +01:00
+								        var organizationUserIds = await sut.GetManyByOrganizationIdAsync<TestPolicyRequirement>(organizationId);
-												[PM-22241] Add DefaultUserCollectionName support to bulk organization user confirmation (#6153)

* Implement GetByOrganizationAsync method in PolicyRequirementQuery and add corresponding unit tests

* Refactor ConfirmOrganizationUserCommand for clarity and add bulk support

* Update ConfirmOrganizationUserCommandTests to use GetByOrganizationAsync for policy requirement queries

* Add DefaultUserCollectionName property to OrganizationUserBulkConfirmRequestModel with encryption attributes

* Update ConfirmUsersAsync method to include DefaultUserCollectionName parameter in OrganizationUsersController

* Add EnableOrganizationDataOwnershipPolicyAsync method to OrganizationTestHelpers

* Add integration tests for confirming organization users in OrganizationUserControllerTests

- Implemented Confirm_WithValidUser test to verify successful confirmation of a single user.
- Added BulkConfirm_WithValidUsers test to ensure multiple users can be confirmed successfully.

* Refactor organization user confirmation integration tests to also test when the organization data ownership policy is disabled

* Refactor ConfirmOrganizationUserCommand to consolidate confirmation side effects handling

- Replaced single and bulk confirmation side effect methods with a unified HandleConfirmationSideEffectsAsync method.
- Updated related logic to handle confirmed organization users more efficiently.
- Adjusted unit tests to reflect changes in the collection creation process for confirmed users.

* Refactor OrganizationUserControllerTests to simplify feature flag handling and consolidate test logic

- Removed redundant feature flag checks in Confirm and BulkConfirm tests.
- Updated tests to directly enable the Organization Data Ownership policy without conditional checks.
- Ensured verification of DefaultUserCollection for confirmed users remains intact.

* Refactor OrganizationUserControllerTests to enhance clarity and reduce redundancy

- Simplified user creation and confirmation logic in tests by introducing helper methods.
- Consolidated verification of confirmed users and their associated collections.
- Removed unnecessary comments and streamlined test flow for better readability.
											
										
										
											2025-08-05 15:34:13 +01:00
 								        await policyRepository.Received(1).GetPolicyDetailsByOrganizationIdAsync(organizationId, PolicyType.SingleOrg);
-												[PM-24582] Bugfix: exclude admins and owners from default user collection creation on confirmation (#6177)

* Update the OrganizationUserController integration Confirm tests to handle the Owner type

* Refactor ConfirmOrganizationUserCommand to simplify side-effect handling in organization user confirmation.
Update IPolicyRequirementQuery to return eligible org user IDs for policy enforcement.
Update tests for method signature changes and default collection creation logic.
											
										
										
											2025-08-11 16:36:40 +01:00
+								        Assert.Contains(thisPolicy.OrganizationUserId, organizationUserIds);
 								        Assert.DoesNotContain(otherPolicy.OrganizationUserId, organizationUserIds);
-												[PM-22241] Add DefaultUserCollectionName support to bulk organization user confirmation (#6153)

* Implement GetByOrganizationAsync method in PolicyRequirementQuery and add corresponding unit tests

* Refactor ConfirmOrganizationUserCommand for clarity and add bulk support

* Update ConfirmOrganizationUserCommandTests to use GetByOrganizationAsync for policy requirement queries

* Add DefaultUserCollectionName property to OrganizationUserBulkConfirmRequestModel with encryption attributes

* Update ConfirmUsersAsync method to include DefaultUserCollectionName parameter in OrganizationUsersController

* Add EnableOrganizationDataOwnershipPolicyAsync method to OrganizationTestHelpers

* Add integration tests for confirming organization users in OrganizationUserControllerTests

- Implemented Confirm_WithValidUser test to verify successful confirmation of a single user.
- Added BulkConfirm_WithValidUsers test to ensure multiple users can be confirmed successfully.

* Refactor organization user confirmation integration tests to also test when the organization data ownership policy is disabled

* Refactor ConfirmOrganizationUserCommand to consolidate confirmation side effects handling

- Replaced single and bulk confirmation side effect methods with a unified HandleConfirmationSideEffectsAsync method.
- Updated related logic to handle confirmed organization users more efficiently.
- Adjusted unit tests to reflect changes in the collection creation process for confirmed users.

* Refactor OrganizationUserControllerTests to simplify feature flag handling and consolidate test logic

- Removed redundant feature flag checks in Confirm and BulkConfirm tests.
- Updated tests to directly enable the Organization Data Ownership policy without conditional checks.
- Ensured verification of DefaultUserCollection for confirmed users remains intact.

* Refactor OrganizationUserControllerTests to enhance clarity and reduce redundancy

- Simplified user creation and confirmation logic in tests by introducing helper methods.
- Consolidated verification of confirmed users and their associated collections.
- Removed unnecessary comments and streamlined test flow for better readability.
											
										
										
											2025-08-05 15:34:13 +01:00
+								    }
 								    [Theory, BitAutoData]
-												[PM-24582] Bugfix: exclude admins and owners from default user collection creation on confirmation (#6177)

* Update the OrganizationUserController integration Confirm tests to handle the Owner type

* Refactor ConfirmOrganizationUserCommand to simplify side-effect handling in organization user confirmation.
Update IPolicyRequirementQuery to return eligible org user IDs for policy enforcement.
Update tests for method signature changes and default collection creation logic.
											
										
										
											2025-08-11 16:36:40 +01:00
+								    public async Task GetManyByOrganizationIdAsync_CallsEnforceCallback(Guid organizationId)
-												[PM-22241] Add DefaultUserCollectionName support to bulk organization user confirmation (#6153)

* Implement GetByOrganizationAsync method in PolicyRequirementQuery and add corresponding unit tests

* Refactor ConfirmOrganizationUserCommand for clarity and add bulk support

* Update ConfirmOrganizationUserCommandTests to use GetByOrganizationAsync for policy requirement queries

* Add DefaultUserCollectionName property to OrganizationUserBulkConfirmRequestModel with encryption attributes

* Update ConfirmUsersAsync method to include DefaultUserCollectionName parameter in OrganizationUsersController

* Add EnableOrganizationDataOwnershipPolicyAsync method to OrganizationTestHelpers

* Add integration tests for confirming organization users in OrganizationUserControllerTests

- Implemented Confirm_WithValidUser test to verify successful confirmation of a single user.
- Added BulkConfirm_WithValidUsers test to ensure multiple users can be confirmed successfully.

* Refactor organization user confirmation integration tests to also test when the organization data ownership policy is disabled

* Refactor ConfirmOrganizationUserCommand to consolidate confirmation side effects handling

- Replaced single and bulk confirmation side effect methods with a unified HandleConfirmationSideEffectsAsync method.
- Updated related logic to handle confirmed organization users more efficiently.
- Adjusted unit tests to reflect changes in the collection creation process for confirmed users.

* Refactor OrganizationUserControllerTests to simplify feature flag handling and consolidate test logic

- Removed redundant feature flag checks in Confirm and BulkConfirm tests.
- Updated tests to directly enable the Organization Data Ownership policy without conditional checks.
- Ensured verification of DefaultUserCollection for confirmed users remains intact.

* Refactor OrganizationUserControllerTests to enhance clarity and reduce redundancy

- Simplified user creation and confirmation logic in tests by introducing helper methods.
- Consolidated verification of confirmed users and their associated collections.
- Removed unnecessary comments and streamlined test flow for better readability.
											
										
										
											2025-08-05 15:34:13 +01:00
+								    {
 								        var policyRepository = Substitute.For<IPolicyRepository>();
-												[PM-24582] Bugfix: exclude admins and owners from default user collection creation on confirmation (#6177)

* Update the OrganizationUserController integration Confirm tests to handle the Owner type

* Refactor ConfirmOrganizationUserCommand to simplify side-effect handling in organization user confirmation.
Update IPolicyRequirementQuery to return eligible org user IDs for policy enforcement.
Update tests for method signature changes and default collection creation logic.
											
										
										
											2025-08-11 16:36:40 +01:00
+								        var thisPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.SingleOrg, OrganizationUserId = Guid.NewGuid() };
 								        var otherPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.SingleOrg, OrganizationUserId = Guid.NewGuid() };
-												[PM-22241] Add DefaultUserCollectionName support to bulk organization user confirmation (#6153)

* Implement GetByOrganizationAsync method in PolicyRequirementQuery and add corresponding unit tests

* Refactor ConfirmOrganizationUserCommand for clarity and add bulk support

* Update ConfirmOrganizationUserCommandTests to use GetByOrganizationAsync for policy requirement queries

* Add DefaultUserCollectionName property to OrganizationUserBulkConfirmRequestModel with encryption attributes

* Update ConfirmUsersAsync method to include DefaultUserCollectionName parameter in OrganizationUsersController

* Add EnableOrganizationDataOwnershipPolicyAsync method to OrganizationTestHelpers

* Add integration tests for confirming organization users in OrganizationUserControllerTests

- Implemented Confirm_WithValidUser test to verify successful confirmation of a single user.
- Added BulkConfirm_WithValidUsers test to ensure multiple users can be confirmed successfully.

* Refactor organization user confirmation integration tests to also test when the organization data ownership policy is disabled

* Refactor ConfirmOrganizationUserCommand to consolidate confirmation side effects handling

- Replaced single and bulk confirmation side effect methods with a unified HandleConfirmationSideEffectsAsync method.
- Updated related logic to handle confirmed organization users more efficiently.
- Adjusted unit tests to reflect changes in the collection creation process for confirmed users.

* Refactor OrganizationUserControllerTests to simplify feature flag handling and consolidate test logic

- Removed redundant feature flag checks in Confirm and BulkConfirm tests.
- Updated tests to directly enable the Organization Data Ownership policy without conditional checks.
- Ensured verification of DefaultUserCollection for confirmed users remains intact.

* Refactor OrganizationUserControllerTests to enhance clarity and reduce redundancy

- Simplified user creation and confirmation logic in tests by introducing helper methods.
- Consolidated verification of confirmed users and their associated collections.
- Removed unnecessary comments and streamlined test flow for better readability.
											
										
										
											2025-08-05 15:34:13 +01:00
+								        policyRepository.GetPolicyDetailsByOrganizationIdAsync(organizationId, PolicyType.SingleOrg).Returns([thisPolicy, otherPolicy]);
 								        var callback = Substitute.For<Func<PolicyDetails, bool>>();
 								        callback(Arg.Any<PolicyDetails>()).Returns(x => x.Arg<PolicyDetails>() == thisPolicy);
 								        var factory = new TestPolicyRequirementFactory(callback);
 								        var sut = new PolicyRequirementQuery(policyRepository, [factory]);
-												[PM-24582] Bugfix: exclude admins and owners from default user collection creation on confirmation (#6177)

* Update the OrganizationUserController integration Confirm tests to handle the Owner type

* Refactor ConfirmOrganizationUserCommand to simplify side-effect handling in organization user confirmation.
Update IPolicyRequirementQuery to return eligible org user IDs for policy enforcement.
Update tests for method signature changes and default collection creation logic.
											
										
										
											2025-08-11 16:36:40 +01:00
+								        var organizationUserIds = await sut.GetManyByOrganizationIdAsync<TestPolicyRequirement>(organizationId);
-												[PM-22241] Add DefaultUserCollectionName support to bulk organization user confirmation (#6153)

* Implement GetByOrganizationAsync method in PolicyRequirementQuery and add corresponding unit tests

* Refactor ConfirmOrganizationUserCommand for clarity and add bulk support

* Update ConfirmOrganizationUserCommandTests to use GetByOrganizationAsync for policy requirement queries

* Add DefaultUserCollectionName property to OrganizationUserBulkConfirmRequestModel with encryption attributes

* Update ConfirmUsersAsync method to include DefaultUserCollectionName parameter in OrganizationUsersController

* Add EnableOrganizationDataOwnershipPolicyAsync method to OrganizationTestHelpers

* Add integration tests for confirming organization users in OrganizationUserControllerTests

- Implemented Confirm_WithValidUser test to verify successful confirmation of a single user.
- Added BulkConfirm_WithValidUsers test to ensure multiple users can be confirmed successfully.

* Refactor organization user confirmation integration tests to also test when the organization data ownership policy is disabled

* Refactor ConfirmOrganizationUserCommand to consolidate confirmation side effects handling

- Replaced single and bulk confirmation side effect methods with a unified HandleConfirmationSideEffectsAsync method.
- Updated related logic to handle confirmed organization users more efficiently.
- Adjusted unit tests to reflect changes in the collection creation process for confirmed users.

* Refactor OrganizationUserControllerTests to simplify feature flag handling and consolidate test logic

- Removed redundant feature flag checks in Confirm and BulkConfirm tests.
- Updated tests to directly enable the Organization Data Ownership policy without conditional checks.
- Ensured verification of DefaultUserCollection for confirmed users remains intact.

* Refactor OrganizationUserControllerTests to enhance clarity and reduce redundancy

- Simplified user creation and confirmation logic in tests by introducing helper methods.
- Consolidated verification of confirmed users and their associated collections.
- Removed unnecessary comments and streamlined test flow for better readability.
											
										
										
											2025-08-05 15:34:13 +01:00
-												[PM-24582] Bugfix: exclude admins and owners from default user collection creation on confirmation (#6177)

* Update the OrganizationUserController integration Confirm tests to handle the Owner type

* Refactor ConfirmOrganizationUserCommand to simplify side-effect handling in organization user confirmation.
Update IPolicyRequirementQuery to return eligible org user IDs for policy enforcement.
Update tests for method signature changes and default collection creation logic.
											
										
										
											2025-08-11 16:36:40 +01:00
+								        Assert.Contains(thisPolicy.OrganizationUserId, organizationUserIds);
 								        Assert.DoesNotContain(otherPolicy.OrganizationUserId, organizationUserIds);
-												[PM-22241] Add DefaultUserCollectionName support to bulk organization user confirmation (#6153)

* Implement GetByOrganizationAsync method in PolicyRequirementQuery and add corresponding unit tests

* Refactor ConfirmOrganizationUserCommand for clarity and add bulk support

* Update ConfirmOrganizationUserCommandTests to use GetByOrganizationAsync for policy requirement queries

* Add DefaultUserCollectionName property to OrganizationUserBulkConfirmRequestModel with encryption attributes

* Update ConfirmUsersAsync method to include DefaultUserCollectionName parameter in OrganizationUsersController

* Add EnableOrganizationDataOwnershipPolicyAsync method to OrganizationTestHelpers

* Add integration tests for confirming organization users in OrganizationUserControllerTests

- Implemented Confirm_WithValidUser test to verify successful confirmation of a single user.
- Added BulkConfirm_WithValidUsers test to ensure multiple users can be confirmed successfully.

* Refactor organization user confirmation integration tests to also test when the organization data ownership policy is disabled

* Refactor ConfirmOrganizationUserCommand to consolidate confirmation side effects handling

- Replaced single and bulk confirmation side effect methods with a unified HandleConfirmationSideEffectsAsync method.
- Updated related logic to handle confirmed organization users more efficiently.
- Adjusted unit tests to reflect changes in the collection creation process for confirmed users.

* Refactor OrganizationUserControllerTests to simplify feature flag handling and consolidate test logic

- Removed redundant feature flag checks in Confirm and BulkConfirm tests.
- Updated tests to directly enable the Organization Data Ownership policy without conditional checks.
- Ensured verification of DefaultUserCollection for confirmed users remains intact.

* Refactor OrganizationUserControllerTests to enhance clarity and reduce redundancy

- Simplified user creation and confirmation logic in tests by introducing helper methods.
- Consolidated verification of confirmed users and their associated collections.
- Removed unnecessary comments and streamlined test flow for better readability.
											
										
										
											2025-08-05 15:34:13 +01:00
+								        callback.Received()(Arg.Is<PolicyDetails>(p => p == thisPolicy));
 								        callback.Received()(Arg.Is<PolicyDetails>(p => p == otherPolicy));
 								    }
 								    [Theory, BitAutoData]
-												[PM-24582] Bugfix: exclude admins and owners from default user collection creation on confirmation (#6177)

* Update the OrganizationUserController integration Confirm tests to handle the Owner type

* Refactor ConfirmOrganizationUserCommand to simplify side-effect handling in organization user confirmation.
Update IPolicyRequirementQuery to return eligible org user IDs for policy enforcement.
Update tests for method signature changes and default collection creation logic.
											
										
										
											2025-08-11 16:36:40 +01:00
+								    public async Task GetManyByOrganizationIdAsync_ThrowsIfNoFactoryRegistered(Guid organizationId)
-												[PM-22241] Add DefaultUserCollectionName support to bulk organization user confirmation (#6153)

* Implement GetByOrganizationAsync method in PolicyRequirementQuery and add corresponding unit tests

* Refactor ConfirmOrganizationUserCommand for clarity and add bulk support

* Update ConfirmOrganizationUserCommandTests to use GetByOrganizationAsync for policy requirement queries

* Add DefaultUserCollectionName property to OrganizationUserBulkConfirmRequestModel with encryption attributes

* Update ConfirmUsersAsync method to include DefaultUserCollectionName parameter in OrganizationUsersController

* Add EnableOrganizationDataOwnershipPolicyAsync method to OrganizationTestHelpers

* Add integration tests for confirming organization users in OrganizationUserControllerTests

- Implemented Confirm_WithValidUser test to verify successful confirmation of a single user.
- Added BulkConfirm_WithValidUsers test to ensure multiple users can be confirmed successfully.

* Refactor organization user confirmation integration tests to also test when the organization data ownership policy is disabled

* Refactor ConfirmOrganizationUserCommand to consolidate confirmation side effects handling

- Replaced single and bulk confirmation side effect methods with a unified HandleConfirmationSideEffectsAsync method.
- Updated related logic to handle confirmed organization users more efficiently.
- Adjusted unit tests to reflect changes in the collection creation process for confirmed users.

* Refactor OrganizationUserControllerTests to simplify feature flag handling and consolidate test logic

- Removed redundant feature flag checks in Confirm and BulkConfirm tests.
- Updated tests to directly enable the Organization Data Ownership policy without conditional checks.
- Ensured verification of DefaultUserCollection for confirmed users remains intact.

* Refactor OrganizationUserControllerTests to enhance clarity and reduce redundancy

- Simplified user creation and confirmation logic in tests by introducing helper methods.
- Consolidated verification of confirmed users and their associated collections.
- Removed unnecessary comments and streamlined test flow for better readability.
											
										
										
											2025-08-05 15:34:13 +01:00
+								    {
 								        var policyRepository = Substitute.For<IPolicyRepository>();
 								        var sut = new PolicyRequirementQuery(policyRepository, []);
 								        var exception = await Assert.ThrowsAsync<NotImplementedException>(()
-												[PM-24582] Bugfix: exclude admins and owners from default user collection creation on confirmation (#6177)

* Update the OrganizationUserController integration Confirm tests to handle the Owner type

* Refactor ConfirmOrganizationUserCommand to simplify side-effect handling in organization user confirmation.
Update IPolicyRequirementQuery to return eligible org user IDs for policy enforcement.
Update tests for method signature changes and default collection creation logic.
											
										
										
											2025-08-11 16:36:40 +01:00
+								            => sut.GetManyByOrganizationIdAsync<TestPolicyRequirement>(organizationId));
-												[PM-22241] Add DefaultUserCollectionName support to bulk organization user confirmation (#6153)

* Implement GetByOrganizationAsync method in PolicyRequirementQuery and add corresponding unit tests

* Refactor ConfirmOrganizationUserCommand for clarity and add bulk support

* Update ConfirmOrganizationUserCommandTests to use GetByOrganizationAsync for policy requirement queries

* Add DefaultUserCollectionName property to OrganizationUserBulkConfirmRequestModel with encryption attributes

* Update ConfirmUsersAsync method to include DefaultUserCollectionName parameter in OrganizationUsersController

* Add EnableOrganizationDataOwnershipPolicyAsync method to OrganizationTestHelpers

* Add integration tests for confirming organization users in OrganizationUserControllerTests

- Implemented Confirm_WithValidUser test to verify successful confirmation of a single user.
- Added BulkConfirm_WithValidUsers test to ensure multiple users can be confirmed successfully.

* Refactor organization user confirmation integration tests to also test when the organization data ownership policy is disabled

* Refactor ConfirmOrganizationUserCommand to consolidate confirmation side effects handling

- Replaced single and bulk confirmation side effect methods with a unified HandleConfirmationSideEffectsAsync method.
- Updated related logic to handle confirmed organization users more efficiently.
- Adjusted unit tests to reflect changes in the collection creation process for confirmed users.

* Refactor OrganizationUserControllerTests to simplify feature flag handling and consolidate test logic

- Removed redundant feature flag checks in Confirm and BulkConfirm tests.
- Updated tests to directly enable the Organization Data Ownership policy without conditional checks.
- Ensured verification of DefaultUserCollection for confirmed users remains intact.

* Refactor OrganizationUserControllerTests to enhance clarity and reduce redundancy

- Simplified user creation and confirmation logic in tests by introducing helper methods.
- Consolidated verification of confirmed users and their associated collections.
- Removed unnecessary comments and streamlined test flow for better readability.
											
										
										
											2025-08-05 15:34:13 +01:00
 								        Assert.Contains("No Requirement Factory found", exception.Message);
 								    }
 								    [Theory, BitAutoData]
-												[PM-24582] Bugfix: exclude admins and owners from default user collection creation on confirmation (#6177)

* Update the OrganizationUserController integration Confirm tests to handle the Owner type

* Refactor ConfirmOrganizationUserCommand to simplify side-effect handling in organization user confirmation.
Update IPolicyRequirementQuery to return eligible org user IDs for policy enforcement.
Update tests for method signature changes and default collection creation logic.
											
										
										
											2025-08-11 16:36:40 +01:00
+								    public async Task GetManyByOrganizationIdAsync_HandlesNoPolicies(Guid organizationId)
-												[PM-22241] Add DefaultUserCollectionName support to bulk organization user confirmation (#6153)

* Implement GetByOrganizationAsync method in PolicyRequirementQuery and add corresponding unit tests

* Refactor ConfirmOrganizationUserCommand for clarity and add bulk support

* Update ConfirmOrganizationUserCommandTests to use GetByOrganizationAsync for policy requirement queries

* Add DefaultUserCollectionName property to OrganizationUserBulkConfirmRequestModel with encryption attributes

* Update ConfirmUsersAsync method to include DefaultUserCollectionName parameter in OrganizationUsersController

* Add EnableOrganizationDataOwnershipPolicyAsync method to OrganizationTestHelpers

* Add integration tests for confirming organization users in OrganizationUserControllerTests

- Implemented Confirm_WithValidUser test to verify successful confirmation of a single user.
- Added BulkConfirm_WithValidUsers test to ensure multiple users can be confirmed successfully.

* Refactor organization user confirmation integration tests to also test when the organization data ownership policy is disabled

* Refactor ConfirmOrganizationUserCommand to consolidate confirmation side effects handling

- Replaced single and bulk confirmation side effect methods with a unified HandleConfirmationSideEffectsAsync method.
- Updated related logic to handle confirmed organization users more efficiently.
- Adjusted unit tests to reflect changes in the collection creation process for confirmed users.

* Refactor OrganizationUserControllerTests to simplify feature flag handling and consolidate test logic

- Removed redundant feature flag checks in Confirm and BulkConfirm tests.
- Updated tests to directly enable the Organization Data Ownership policy without conditional checks.
- Ensured verification of DefaultUserCollection for confirmed users remains intact.

* Refactor OrganizationUserControllerTests to enhance clarity and reduce redundancy

- Simplified user creation and confirmation logic in tests by introducing helper methods.
- Consolidated verification of confirmed users and their associated collections.
- Removed unnecessary comments and streamlined test flow for better readability.
											
										
										
											2025-08-05 15:34:13 +01:00
+								    {
 								        var policyRepository = Substitute.For<IPolicyRepository>();
 								        policyRepository.GetPolicyDetailsByOrganizationIdAsync(organizationId, PolicyType.SingleOrg).Returns([]);
 								        var factory = new TestPolicyRequirementFactory(x => x.IsProvider);
 								        var sut = new PolicyRequirementQuery(policyRepository, [factory]);
-												[PM-24582] Bugfix: exclude admins and owners from default user collection creation on confirmation (#6177)

* Update the OrganizationUserController integration Confirm tests to handle the Owner type

* Refactor ConfirmOrganizationUserCommand to simplify side-effect handling in organization user confirmation.
Update IPolicyRequirementQuery to return eligible org user IDs for policy enforcement.
Update tests for method signature changes and default collection creation logic.
											
										
										
											2025-08-11 16:36:40 +01:00
+								        var organizationUserIds = await sut.GetManyByOrganizationIdAsync<TestPolicyRequirement>(organizationId);
-												[PM-22241] Add DefaultUserCollectionName support to bulk organization user confirmation (#6153)

* Implement GetByOrganizationAsync method in PolicyRequirementQuery and add corresponding unit tests

* Refactor ConfirmOrganizationUserCommand for clarity and add bulk support

* Update ConfirmOrganizationUserCommandTests to use GetByOrganizationAsync for policy requirement queries

* Add DefaultUserCollectionName property to OrganizationUserBulkConfirmRequestModel with encryption attributes

* Update ConfirmUsersAsync method to include DefaultUserCollectionName parameter in OrganizationUsersController

* Add EnableOrganizationDataOwnershipPolicyAsync method to OrganizationTestHelpers

* Add integration tests for confirming organization users in OrganizationUserControllerTests

- Implemented Confirm_WithValidUser test to verify successful confirmation of a single user.
- Added BulkConfirm_WithValidUsers test to ensure multiple users can be confirmed successfully.

* Refactor organization user confirmation integration tests to also test when the organization data ownership policy is disabled

* Refactor ConfirmOrganizationUserCommand to consolidate confirmation side effects handling

- Replaced single and bulk confirmation side effect methods with a unified HandleConfirmationSideEffectsAsync method.
- Updated related logic to handle confirmed organization users more efficiently.
- Adjusted unit tests to reflect changes in the collection creation process for confirmed users.

* Refactor OrganizationUserControllerTests to simplify feature flag handling and consolidate test logic

- Removed redundant feature flag checks in Confirm and BulkConfirm tests.
- Updated tests to directly enable the Organization Data Ownership policy without conditional checks.
- Ensured verification of DefaultUserCollection for confirmed users remains intact.

* Refactor OrganizationUserControllerTests to enhance clarity and reduce redundancy

- Simplified user creation and confirmation logic in tests by introducing helper methods.
- Consolidated verification of confirmed users and their associated collections.
- Removed unnecessary comments and streamlined test flow for better readability.
											
										
										
											2025-08-05 15:34:13 +01:00
-												[PM-24582] Bugfix: exclude admins and owners from default user collection creation on confirmation (#6177)

* Update the OrganizationUserController integration Confirm tests to handle the Owner type

* Refactor ConfirmOrganizationUserCommand to simplify side-effect handling in organization user confirmation.
Update IPolicyRequirementQuery to return eligible org user IDs for policy enforcement.
Update tests for method signature changes and default collection creation logic.
											
										
										
											2025-08-11 16:36:40 +01:00
+								        Assert.Empty(organizationUserIds);
-												[PM-22241] Add DefaultUserCollectionName support to bulk organization user confirmation (#6153)

* Implement GetByOrganizationAsync method in PolicyRequirementQuery and add corresponding unit tests

* Refactor ConfirmOrganizationUserCommand for clarity and add bulk support

* Update ConfirmOrganizationUserCommandTests to use GetByOrganizationAsync for policy requirement queries

* Add DefaultUserCollectionName property to OrganizationUserBulkConfirmRequestModel with encryption attributes

* Update ConfirmUsersAsync method to include DefaultUserCollectionName parameter in OrganizationUsersController

* Add EnableOrganizationDataOwnershipPolicyAsync method to OrganizationTestHelpers

* Add integration tests for confirming organization users in OrganizationUserControllerTests

- Implemented Confirm_WithValidUser test to verify successful confirmation of a single user.
- Added BulkConfirm_WithValidUsers test to ensure multiple users can be confirmed successfully.

* Refactor organization user confirmation integration tests to also test when the organization data ownership policy is disabled

* Refactor ConfirmOrganizationUserCommand to consolidate confirmation side effects handling

- Replaced single and bulk confirmation side effect methods with a unified HandleConfirmationSideEffectsAsync method.
- Updated related logic to handle confirmed organization users more efficiently.
- Adjusted unit tests to reflect changes in the collection creation process for confirmed users.

* Refactor OrganizationUserControllerTests to simplify feature flag handling and consolidate test logic

- Removed redundant feature flag checks in Confirm and BulkConfirm tests.
- Updated tests to directly enable the Organization Data Ownership policy without conditional checks.
- Ensured verification of DefaultUserCollection for confirmed users remains intact.

* Refactor OrganizationUserControllerTests to enhance clarity and reduce redundancy

- Simplified user creation and confirmation logic in tests by introducing helper methods.
- Consolidated verification of confirmed users and their associated collections.
- Removed unnecessary comments and streamlined test flow for better readability.
											
										
										
											2025-08-05 15:34:13 +01:00
+								    }
-												[PM-14439] Add PolicyRequirementQuery for enforcement logic (#5336)

* Add PolicyRequirementQuery, helpers and models in preparation for migrating domain code

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
											
										
										
											2025-02-14 21:05:49 +10:00
+								}