diff --git a/bitwarden_license/bit-cli/src/admin-console/device-approval/approve.command.ts b/bitwarden_license/bit-cli/src/admin-console/device-approval/approve.command.ts index b3a30165ce..8efa172296 100644 --- a/bitwarden_license/bit-cli/src/admin-console/device-approval/approve.command.ts +++ b/bitwarden_license/bit-cli/src/admin-console/device-approval/approve.command.ts @@ -1,9 +1,54 @@ +import { firstValueFrom } from "rxjs"; + import { Response } from "@bitwarden/cli/models/response"; +import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction"; +import { Utils } from "@bitwarden/common/platform/misc/utils"; + +import { OrganizationAuthRequestService } from "../../../../bit-common/src/admin-console/auth-requests"; export class ApproveCommand { - constructor() {} + constructor( + private organizationService: OrganizationService, + private organizationAuthRequestService: OrganizationAuthRequestService, + ) {} - async run(id: string): Promise { - throw new Error("Not implemented"); + async run(organizationId: string, id: string): Promise { + if (organizationId != null) { + organizationId = organizationId.toLowerCase(); + } + + if (!Utils.isGuid(organizationId)) { + return Response.badRequest("`" + organizationId + "` is not a GUID."); + } + + if (id != null) { + id = id.toLowerCase(); + } + + if (!Utils.isGuid(id)) { + return Response.badRequest("`" + id + "` is not a GUID."); + } + + const organization = await firstValueFrom(this.organizationService.get$(organizationId)); + if (!organization?.canManageUsersPassword) { + return Response.error( + "You do not have permission to approve pending device authorization requests.", + ); + } + + try { + const pendingRequests = + await this.organizationAuthRequestService.listPendingRequests(organizationId); + + const request = pendingRequests.find((r) => r.id == id); + if (request == null) { + return Response.error("Invalid request id"); + } + + await this.organizationAuthRequestService.approvePendingRequest(organizationId, request); + return Response.success(); + } catch (e) { + return Response.error(e); + } } } diff --git a/bitwarden_license/bit-cli/src/admin-console/device-approval/device-approval.program.ts b/bitwarden_license/bit-cli/src/admin-console/device-approval/device-approval.program.ts index 290bbb6fa8..9b08fbe26c 100644 --- a/bitwarden_license/bit-cli/src/admin-console/device-approval/device-approval.program.ts +++ b/bitwarden_license/bit-cli/src/admin-console/device-approval/device-approval.program.ts @@ -49,14 +49,18 @@ export class DeviceApprovalProgram extends BaseProgram { private approveCommand(): Command { return new Command("approve") - .argument("") + .argument("", "The id of the organization") + .argument("", "The id of the request to approve") .description("Approve a pending request") - .action(async (id: string) => { + .action(async (organizationId: string, id: string) => { await this.exitIfFeatureFlagDisabled(FeatureFlag.BulkDeviceApproval); await this.exitIfLocked(); - const cmd = new ApproveCommand(); - const response = await cmd.run(id); + const cmd = new ApproveCommand( + this.serviceContainer.organizationService, + this.serviceContainer.organizationAuthRequestService, + ); + const response = await cmd.run(organizationId, id); this.processResponse(response); }); }