[AC-2286] [Defect] - CLI: User creating a collection through the CLI does not have access to the collection (#9409)
* Send current Org user Id on collection creation through CLI * Run npm prettier * Add organization services to CreateCommand creation on ServeCommand * Refactor organization data models to include organizationUserId property * Refactor create command to utilize the OrganizationUserId on the Organization object * Add users to collection request in edit command * fix: organization.data test update to correct deserialization, refs AC-2286 --------- Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com>
This commit is contained in:
Rui Tomé
GitHub
parent
7acc13cbb9
commit
eef1e511b5
|
|
@ -9,8 +9,10 @@ export class OrganizationCollectionRequest extends CollectionExport {
|
|||
req.name = "Collection name";
|
||||
req.externalId = null;
|
||||
req.groups = [SelectionReadOnly.template(), SelectionReadOnly.template()];
|
||||
req.users = [SelectionReadOnly.template(), SelectionReadOnly.template()];
|
||||
return req;
|
||||
}
|
||||
|
||||
groups: SelectionReadOnly[];
|
||||
users: SelectionReadOnly[];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -170,10 +170,17 @@ export class EditCommand {
|
|||
: req.groups.map(
|
||||
(g) => new SelectionReadOnlyRequest(g.id, g.readOnly, g.hidePasswords, g.manage),
|
||||
);
|
||||
const users =
|
||||
req.users == null
|
||||
? null
|
||||
: req.users.map(
|
||||
(u) => new SelectionReadOnlyRequest(u.id, u.readOnly, u.hidePasswords, u.manage),
|
||||
);
|
||||
const request = new CollectionRequest();
|
||||
request.name = (await this.cryptoService.encrypt(req.name, orgKey)).encryptedString;
|
||||
request.externalId = req.externalId;
|
||||
request.groups = groups;
|
||||
request.users = users;
|
||||
const response = await this.apiService.putCollection(req.organizationId, id, request);
|
||||
const view = CollectionExport.toView(req);
|
||||
view.id = response.id;
|
||||
|
|
|
|||
|
|
@ -87,6 +87,7 @@ export class ServeCommand {
|
|||
this.serviceContainer.apiService,
|
||||
this.serviceContainer.folderApiService,
|
||||
this.serviceContainer.billingAccountProfileStateService,
|
||||
this.serviceContainer.organizationService,
|
||||
);
|
||||
this.editCommand = new EditCommand(
|
||||
this.serviceContainer.cipherService,
|
||||
|
|
|
|||
|
|
@ -226,6 +226,7 @@ export class VaultProgram extends BaseProgram {
|
|||
this.serviceContainer.apiService,
|
||||
this.serviceContainer.folderApiService,
|
||||
this.serviceContainer.billingAccountProfileStateService,
|
||||
this.serviceContainer.organizationService,
|
||||
);
|
||||
const response = await command.run(object, encodedJson, cmd);
|
||||
this.processResponse(response);
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ import * as path from "path";
|
|||
import { firstValueFrom } from "rxjs";
|
||||
|
||||
import { ApiService } from "@bitwarden/common/abstractions/api.service";
|
||||
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||
import { SelectionReadOnlyRequest } from "@bitwarden/common/admin-console/models/request/selection-read-only.request";
|
||||
import { BillingAccountProfileStateService } from "@bitwarden/common/billing/abstractions/account/billing-account-profile-state.service";
|
||||
import { CipherExport } from "@bitwarden/common/models/export/cipher.export";
|
||||
|
|
@ -32,6 +33,7 @@ export class CreateCommand {
|
|||
private apiService: ApiService,
|
||||
private folderApiService: FolderApiServiceAbstraction,
|
||||
private accountProfileService: BillingAccountProfileStateService,
|
||||
private organizationService: OrganizationService,
|
||||
) {}
|
||||
|
||||
async run(
|
||||
|
|
@ -183,6 +185,8 @@ export class CreateCommand {
|
|||
if (orgKey == null) {
|
||||
throw new Error("No encryption key for this organization.");
|
||||
}
|
||||
const organization = await this.organizationService.get(req.organizationId);
|
||||
const currentOrgUserId = organization.organizationUserId;
|
||||
|
||||
const groups =
|
||||
req.groups == null
|
||||
|
|
@ -190,10 +194,17 @@ export class CreateCommand {
|
|||
: req.groups.map(
|
||||
(g) => new SelectionReadOnlyRequest(g.id, g.readOnly, g.hidePasswords, g.manage),
|
||||
);
|
||||
const users =
|
||||
req.users == null
|
||||
? [new SelectionReadOnlyRequest(currentOrgUserId, false, false, true)]
|
||||
: req.users.map(
|
||||
(u) => new SelectionReadOnlyRequest(u.id, u.readOnly, u.hidePasswords, u.manage),
|
||||
);
|
||||
const request = new CollectionRequest();
|
||||
request.name = (await this.cryptoService.encrypt(req.name, orgKey)).encryptedString;
|
||||
request.externalId = req.externalId;
|
||||
request.groups = groups;
|
||||
request.users = users;
|
||||
const response = await this.apiService.postCollection(req.organizationId, request);
|
||||
const view = CollectionExport.toView(req);
|
||||
view.id = response.id;
|
||||
|
|
|
|||
|
|
@ -39,6 +39,7 @@ describe("ORGANIZATIONS state", () => {
|
|||
permissions: undefined,
|
||||
resetPasswordEnrolled: false,
|
||||
userId: "userId",
|
||||
organizationUserId: "organizationUserId",
|
||||
hasPublicAndPrivateKeys: false,
|
||||
providerId: "providerId",
|
||||
providerName: "providerName",
|
||||
|
|
|
|||
|
|
@ -36,6 +36,7 @@ export class OrganizationData {
|
|||
permissions: PermissionsApi;
|
||||
resetPasswordEnrolled: boolean;
|
||||
userId: string;
|
||||
organizationUserId: string;
|
||||
hasPublicAndPrivateKeys: boolean;
|
||||
providerId: string;
|
||||
providerName: string;
|
||||
|
|
@ -96,6 +97,7 @@ export class OrganizationData {
|
|||
this.permissions = response.permissions;
|
||||
this.resetPasswordEnrolled = response.resetPasswordEnrolled;
|
||||
this.userId = response.userId;
|
||||
this.organizationUserId = response.organizationUserId;
|
||||
this.hasPublicAndPrivateKeys = response.hasPublicAndPrivateKeys;
|
||||
this.providerId = response.providerId;
|
||||
this.providerName = response.providerName;
|
||||
|
|
|
|||
|
|
@ -43,6 +43,7 @@ export class Organization {
|
|||
permissions: PermissionsApi;
|
||||
resetPasswordEnrolled: boolean;
|
||||
userId: string;
|
||||
organizationUserId: string;
|
||||
hasPublicAndPrivateKeys: boolean;
|
||||
providerId: string;
|
||||
providerName: string;
|
||||
|
|
@ -113,6 +114,7 @@ export class Organization {
|
|||
this.permissions = obj.permissions;
|
||||
this.resetPasswordEnrolled = obj.resetPasswordEnrolled;
|
||||
this.userId = obj.userId;
|
||||
this.organizationUserId = obj.organizationUserId;
|
||||
this.hasPublicAndPrivateKeys = obj.hasPublicAndPrivateKeys;
|
||||
this.providerId = obj.providerId;
|
||||
this.providerName = obj.providerName;
|
||||
|
|
|
|||
|
|
@ -36,6 +36,7 @@ export class ProfileOrganizationResponse extends BaseResponse {
|
|||
permissions: PermissionsApi;
|
||||
resetPasswordEnrolled: boolean;
|
||||
userId: string;
|
||||
organizationUserId: string;
|
||||
providerId: string;
|
||||
providerName: string;
|
||||
providerType?: ProviderType;
|
||||
|
|
@ -86,6 +87,7 @@ export class ProfileOrganizationResponse extends BaseResponse {
|
|||
this.permissions = new PermissionsApi(this.getResponseProperty("permissions"));
|
||||
this.resetPasswordEnrolled = this.getResponseProperty("ResetPasswordEnrolled");
|
||||
this.userId = this.getResponseProperty("UserId");
|
||||
this.organizationUserId = this.getResponseProperty("OrganizationUserId");
|
||||
this.providerId = this.getResponseProperty("ProviderId");
|
||||
this.providerName = this.getResponseProperty("ProviderName");
|
||||
this.providerType = this.getResponseProperty("ProviderType");
|
||||
|
|
|
|||
Loading…
Reference in New Issue