admin/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2026-02-05 08:33:10 +08:00
Code Issues Packages Projects Releases Wiki Activity

[PM-3779] idor allow the attacker to delete the victim domain (#3308)

Browse Source 
* [PM-3779] Added IOrganizationDomainRepository.GetDomainByIdAndOrganizationIdAsync and SQL stored procedure

* [PM-3779] Changed GetOrganizationDomainByIdQuery to also take OrgId as a parameter. Updated existing unit tests and added new. Updated controller to match command changes

* [PM-3779] Removed type from url routes

* [PM-3779] Renamed IGetOrganizationDomainByIdAndOrganizationIdQuery to IGetOrganizationDomainByIdOrganizationIdQuery

* [PM-3779] Renamed GetOrganizationDomainByIdOrganizationIdQueryTests file and added more tests
This commit is contained in:
Rui Tomé
2023-10-18 11:57:59 +01:00
committed by GitHub
parent cb73056c42
commit 21219262a2
22 changed files with 312 additions and 176 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Core/OrganizationFeatures/OrganizationServiceCollectionExtensions.cs
View File

@@ -118,7 +118,7 @@ public static class OrganizationServiceCollectionExtensions
{
services.AddScoped<ICreateOrganizationDomainCommand, CreateOrganizationDomainCommand>();
services.AddScoped<IVerifyOrganizationDomainCommand, VerifyOrganizationDomainCommand>();
services.AddScoped<IGetOrganizationDomainByIdQuery, GetOrganizationDomainByIdQuery>();
services.AddScoped<IGetOrganizationDomainByIdOrganizationIdQuery, GetOrganizationDomainByIdOrganizationIdQuery>();
services.AddScoped<IGetOrganizationDomainByOrganizationIdQuery, GetOrganizationDomainByOrganizationIdQuery>();
services.AddScoped<IDeleteOrganizationDomainCommand, DeleteOrganizationDomainCommand>();
}