diff --git a/src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/AutoConfirmUser/AutomaticallyConfirmOrganizationUserCommand.cs b/src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/AutoConfirmUser/AutomaticallyConfirmOrganizationUserCommand.cs index 3cb12bb2ff82..adc6ef59921b 100644 --- a/src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/AutoConfirmUser/AutomaticallyConfirmOrganizationUserCommand.cs +++ b/src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/AutoConfirmUser/AutomaticallyConfirmOrganizationUserCommand.cs @@ -103,7 +103,7 @@ private async Task ShouldCreateDefaultCollectionAsync(AutomaticallyConfirm !string.IsNullOrWhiteSpace(request.DefaultUserCollectionName) && request.Organization!.UseMyItems && (await policyRequirementQuery.GetAsync(request.OrganizationUser!.UserId!.Value)) - .RequiresDefaultCollectionOnConfirm(request.Organization!.Id); + .GetDefaultCollectionRequestOnConfirm(request.Organization!.Id).ShouldCreateDefaultCollection; private async Task PushSyncOrganizationKeysAsync(AutomaticallyConfirmOrganizationUserValidationRequest request) { diff --git a/src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/ConfirmOrganizationUserCommand.cs b/src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/ConfirmOrganizationUserCommand.cs index 007f28a2f3f7..24c1c3297634 100644 --- a/src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/ConfirmOrganizationUserCommand.cs +++ b/src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/ConfirmOrganizationUserCommand.cs @@ -92,7 +92,7 @@ public async Task ConfirmUserAsync(Guid organizationId, Guid o throw new BadRequestException(error); } - await CreateDefaultCollectionAsync(orgUser, organization, defaultUserCollectionName); + await CreateManyDefaultCollectionsAsync(organization, [orgUser], defaultUserCollectionName); return orgUser; } @@ -109,14 +109,7 @@ public async Task>> ConfirmUsersAsync(Guid .Select(r => r.Item1) .ToList(); - if (confirmedOrganizationUsers.Count == 1) - { - await CreateDefaultCollectionAsync(confirmedOrganizationUsers.Single(), organization, defaultUserCollectionName); - } - else if (confirmedOrganizationUsers.Count > 1) - { - await CreateManyDefaultCollectionsAsync(organization, confirmedOrganizationUsers, defaultUserCollectionName); - } + await CreateManyDefaultCollectionsAsync(organization, confirmedOrganizationUsers, defaultUserCollectionName); return result; } @@ -278,38 +271,6 @@ private async Task> GetUserDeviceIdsAsync(Guid userId) .Select(d => d.Id.ToString()); } - /// - /// Creates a default collection for a single user if required by the Organization Data Ownership policy. - /// - /// The organization user who has just been confirmed. - /// The organization. - /// The encrypted default user collection name. - private async Task CreateDefaultCollectionAsync(OrganizationUser organizationUser, Organization organization, string defaultUserCollectionName) - { - // Skip if no collection name provided (backwards compatibility) - if (string.IsNullOrWhiteSpace(defaultUserCollectionName)) - { - return; - } - - // Skip if organization has disabled My Items - if (!organization.UseMyItems) - { - return; - } - - var organizationDataOwnershipPolicy = await _policyRequirementQuery.GetAsync(organizationUser.UserId!.Value); - if (!organizationDataOwnershipPolicy.RequiresDefaultCollectionOnConfirm(organizationUser.OrganizationId)) - { - return; - } - - await _collectionRepository.CreateDefaultCollectionsAsync( - organizationUser.OrganizationId, - [organizationUser.Id], - defaultUserCollectionName); - } - /// /// Creates default collections for multiple users if required by the Organization Data Ownership policy. /// @@ -331,12 +292,17 @@ private async Task CreateManyDefaultCollectionsAsync(Organization organization, return; } - var policyEligibleOrganizationUserIds = await _policyRequirementQuery - .GetManyByOrganizationIdAsync(organization.Id); + var confirmedUserIds = confirmedOrganizationUsers + .Select(s => s.UserId!.Value) + .ToList(); + + var policiesForUsers = await _policyRequirementQuery + .GetAsync(confirmedUserIds); - var eligibleOrganizationUserIds = confirmedOrganizationUsers - .Where(ou => policyEligibleOrganizationUserIds.Contains(ou.Id)) - .Select(ou => ou.Id) + var eligibleOrganizationUserIds = policiesForUsers + .Select(x => x.Requirement.GetDefaultCollectionRequestOnConfirm(organization.Id)) + .Where(w => w.ShouldCreateDefaultCollection) + .Select(s => s.OrganizationUserId) .ToList(); if (eligibleOrganizationUserIds.Count == 0) diff --git a/src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/RestoreUser/v1/RestoreOrganizationUserCommand.cs b/src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/RestoreUser/v1/RestoreOrganizationUserCommand.cs index 1f05c07db5f6..b0038060ceca 100644 --- a/src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/RestoreUser/v1/RestoreOrganizationUserCommand.cs +++ b/src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/RestoreUser/v1/RestoreOrganizationUserCommand.cs @@ -261,27 +261,41 @@ await CreateDefaultCollectionsForConfirmedUsersAsync(organization, defaultCollec private async Task CreateDefaultCollectionsForConfirmedUsersAsync(Organization organization, string defaultCollectionName, ICollection restoredUsers) { + if (string.IsNullOrWhiteSpace(defaultCollectionName)) + { + return; + } + if (!organization.UseMyItems) { return; } - if (!string.IsNullOrWhiteSpace(defaultCollectionName)) + var restoredConfirmedUsers = restoredUsers + .Where(w => w.Status == OrganizationUserStatusType.Confirmed) + .Where(w => w.UserId != null) + .Select(s => s.UserId.Value) + .ToList(); + + if (restoredConfirmedUsers.Count == 0) { - var organizationUsersDataOwnershipEnabled = (await policyRequirementQuery - .GetManyByOrganizationIdAsync(organization.Id)) - .ToList(); + return; + } - var usersToCreateDefaultCollectionsFor = restoredUsers.Where(x => - organizationUsersDataOwnershipEnabled.Contains(x.Id) - && x.Status == OrganizationUserStatusType.Confirmed).ToList(); + var restoredUserPolicyRequirements = await + policyRequirementQuery.GetAsync(restoredConfirmedUsers); - if (usersToCreateDefaultCollectionsFor.Count != 0) - { - await collectionRepository.CreateDefaultCollectionsAsync(organization.Id, - usersToCreateDefaultCollectionsFor.Select(x => x.Id), - defaultCollectionName); - } + var orgUserIdsToCreateDefaultCollectionsFor = restoredUserPolicyRequirements + .Select(s => s.Requirement.GetDefaultCollectionRequestOnConfirm(organization.Id)) + .Where(w => w.ShouldCreateDefaultCollection) + .Select(s => s.OrganizationUserId) + .ToList(); + + if (orgUserIdsToCreateDefaultCollectionsFor.Count != 0) + { + await collectionRepository.CreateDefaultCollectionsAsync(organization.Id, + orgUserIdsToCreateDefaultCollectionsFor, + defaultCollectionName); } } diff --git a/src/Core/AdminConsole/OrganizationFeatures/Policies/IPolicyRequirementQuery.cs b/src/Core/AdminConsole/OrganizationFeatures/Policies/IPolicyRequirementQuery.cs index 2d6bd94fd12b..02d2dedfc114 100644 --- a/src/Core/AdminConsole/OrganizationFeatures/Policies/IPolicyRequirementQuery.cs +++ b/src/Core/AdminConsole/OrganizationFeatures/Policies/IPolicyRequirementQuery.cs @@ -26,13 +26,4 @@ public interface IPolicyRequirementQuery /// The users that you need to enforce the policy against. /// The IPolicyRequirement that corresponds to the policy you want to enforce. Task> GetAsync(IEnumerable userIds) where T : IPolicyRequirement; - - /// - /// Get all organization user IDs within an organization that are affected by a given policy type. - /// Respects role/status/provider exemptions via the policy factory's Enforce predicate. - /// - /// The organization to check. - /// The IPolicyRequirement that corresponds to the policy type to evaluate. - /// Organization user IDs for whom the policy applies within the organization. - Task> GetManyByOrganizationIdAsync(Guid organizationId) where T : IPolicyRequirement; } diff --git a/src/Core/AdminConsole/OrganizationFeatures/Policies/Implementations/PolicyRequirementQuery.cs b/src/Core/AdminConsole/OrganizationFeatures/Policies/Implementations/PolicyRequirementQuery.cs index 809069154045..c38693fdfd9d 100644 --- a/src/Core/AdminConsole/OrganizationFeatures/Policies/Implementations/PolicyRequirementQuery.cs +++ b/src/Core/AdminConsole/OrganizationFeatures/Policies/Implementations/PolicyRequirementQuery.cs @@ -32,29 +32,6 @@ public async Task GetAsync(Guid userId) where T : IPolicyRequirement return policyRequirements; } - public async Task> GetManyByOrganizationIdAsync(Guid organizationId) - where T : IPolicyRequirement - { - var factory = factories.OfType>().SingleOrDefault(); - if (factory is null) - { - throw new NotImplementedException("No Requirement Factory found for " + typeof(T)); - } - - var organizationPolicyDetails = await GetOrganizationPolicyDetails(organizationId, factory.PolicyType); - - var eligibleOrganizationUserIds = organizationPolicyDetails - .Where(p => p.PolicyType == factory.PolicyType) - .Where(factory.Enforce) - .Select(p => p.OrganizationUserId) - .ToList(); - - return eligibleOrganizationUserIds; - } - private async Task> GetPolicyDetails(IEnumerable userIds, PolicyType policyType) => await policyRepository.GetPolicyDetailsByUserIdsAndPolicyType(userIds, policyType); - - private async Task> GetOrganizationPolicyDetails(Guid organizationId, PolicyType policyType) - => await policyRepository.GetPolicyDetailsByOrganizationIdAsync(organizationId, policyType); } diff --git a/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/OrganizationDataOwnershipPolicyRequirement.cs b/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/OrganizationDataOwnershipPolicyRequirement.cs index d30ba5c39f0e..5a2026d8f14c 100644 --- a/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/OrganizationDataOwnershipPolicyRequirement.cs +++ b/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/OrganizationDataOwnershipPolicyRequirement.cs @@ -68,9 +68,14 @@ public DefaultCollectionRequest GetDefaultCollectionRequestOnPolicyEnable(Guid o return noCollectionNeeded; } - public bool RequiresDefaultCollectionOnConfirm(Guid organizationId) + public DefaultCollectionRequest GetDefaultCollectionRequestOnConfirm(Guid organizationId) { - return _policyDetails.Any(p => p.OrganizationId == organizationId); + var matchingOrgUserId = + _policyDetails.FirstOrDefault(p => p.OrganizationId == organizationId)?.OrganizationUserId; + + return new DefaultCollectionRequest( + OrganizationUserId: matchingOrgUserId.GetValueOrDefault(Guid.Empty), + ShouldCreateDefaultCollection: matchingOrgUserId.HasValue); } /// diff --git a/test/Core.Test/AdminConsole/OrganizationFeatures/OrganizationUsers/ConfirmOrganizationUserCommandTests.cs b/test/Core.Test/AdminConsole/OrganizationFeatures/OrganizationUsers/ConfirmOrganizationUserCommandTests.cs index 0aed4e2ff5a6..8fe744f1143f 100644 --- a/test/Core.Test/AdminConsole/OrganizationFeatures/OrganizationUsers/ConfirmOrganizationUserCommandTests.cs +++ b/test/Core.Test/AdminConsole/OrganizationFeatures/OrganizationUsers/ConfirmOrganizationUserCommandTests.cs @@ -485,8 +485,9 @@ public async Task ConfirmUserAsync_WithOrganizationDataOwnershipPolicyApplicable PolicyType = PolicyType.OrganizationDataOwnership }; sutProvider.GetDependency() - .GetAsync(orgUser.UserId!.Value) - .Returns(new OrganizationDataOwnershipPolicyRequirement(OrganizationDataOwnershipState.Enabled, [policyDetails])); + .GetAsync( + Arg.Is>(ids => ids.Contains(orgUser.UserId!.Value))) + .Returns([(orgUser.UserId!.Value, new OrganizationDataOwnershipPolicyRequirement(OrganizationDataOwnershipState.Enabled, [policyDetails]))]); await sutProvider.Sut.ConfirmUserAsync(orgUser.OrganizationId, orgUser.Id, key, confirmingUser.Id, collectionName); @@ -534,8 +535,9 @@ public async Task ConfirmUserAsync_WithOrganizationDataOwnershipPolicyNotApplica sutProvider.GetDependency().GetManyAsync(default).ReturnsForAnyArgs(new[] { user }); sutProvider.GetDependency() - .GetAsync(orgUser.UserId!.Value) - .Returns(new OrganizationDataOwnershipPolicyRequirement(OrganizationDataOwnershipState.Disabled, [])); + .GetAsync( + Arg.Is>(ids => ids.Contains(orgUser.UserId!.Value))) + .Returns([(orgUser.UserId!.Value, new OrganizationDataOwnershipPolicyRequirement(OrganizationDataOwnershipState.Disabled, []))]); await sutProvider.Sut.ConfirmUserAsync(orgUser.OrganizationId, orgUser.Id, key, confirmingUser.Id, collectionName); @@ -908,8 +910,10 @@ public async Task ConfirmUserAsync_UseMyItemsEnabled_CreatesDefaultCollection( PolicyType = PolicyType.OrganizationDataOwnership }; sutProvider.GetDependency() - .GetAsync(orgUser.UserId!.Value) - .Returns(new OrganizationDataOwnershipPolicyRequirement(OrganizationDataOwnershipState.Enabled, [policyDetails])); + .GetAsync(Arg.Is>(ids => ids.Contains(orgUser.UserId!.Value))) + .Returns([ + (orgUser.UserId!.Value, new OrganizationDataOwnershipPolicyRequirement(OrganizationDataOwnershipState.Enabled, [policyDetails])) + ]); // Act await sutProvider.Sut.ConfirmUserAsync(orgUser.OrganizationId, orgUser.Id, key, confirmingUser.Id, collectionName); @@ -949,10 +953,6 @@ public async Task ConfirmUsersAsync_UseMyItemsDisabled_DoesNotCreateDefaultColle sutProvider.GetDependency().GetManyAsync(default).ReturnsForAnyArgs(new[] { orgUser1, orgUser2 }); sutProvider.GetDependency().GetManyAsync(default).ReturnsForAnyArgs(new[] { user1, user2 }); - sutProvider.GetDependency() - .GetManyByOrganizationIdAsync(organization.Id) - .Returns([orgUser1.Id, orgUser2.Id]); - // Act await sutProvider.Sut.ConfirmUsersAsync(organization.Id, keys, confirmingUser.Id, collectionName); @@ -988,9 +988,30 @@ public async Task ConfirmUsersAsync_UseMyItemsEnabled_CreatesDefaultCollections( sutProvider.GetDependency().GetManyAsync(default).ReturnsForAnyArgs(new[] { orgUser1, orgUser2 }); sutProvider.GetDependency().GetManyAsync(default).ReturnsForAnyArgs(new[] { user1, user2 }); + var policyDetails1 = new PolicyDetails + { + OrganizationId = organization.Id, + OrganizationUserId = orgUser1.Id, + IsProvider = false, + OrganizationUserStatus = orgUser1.Status, + OrganizationUserType = orgUser1.Type, + PolicyType = PolicyType.OrganizationDataOwnership + }; + var policyDetails2 = new PolicyDetails + { + OrganizationId = organization.Id, + OrganizationUserId = orgUser2.Id, + IsProvider = false, + OrganizationUserStatus = orgUser2.Status, + OrganizationUserType = orgUser2.Type, + PolicyType = PolicyType.OrganizationDataOwnership + }; sutProvider.GetDependency() - .GetManyByOrganizationIdAsync(organization.Id) - .Returns([orgUser1.Id, orgUser2.Id]); + .GetAsync(Arg.Is>(ids => ids.Contains(orgUser1.UserId!.Value) && ids.Contains(orgUser2.UserId!.Value))) + .Returns([ + (orgUser1.UserId!.Value, new OrganizationDataOwnershipPolicyRequirement(OrganizationDataOwnershipState.Enabled, [policyDetails1])), + (orgUser2.UserId!.Value, new OrganizationDataOwnershipPolicyRequirement(OrganizationDataOwnershipState.Enabled, [policyDetails2])) + ]); // Act await sutProvider.Sut.ConfirmUsersAsync(organization.Id, keys, confirmingUser.Id, collectionName); diff --git a/test/Core.Test/AdminConsole/OrganizationFeatures/OrganizationUsers/RestoreUser/RestoreOrganizationUserCommandTests.cs b/test/Core.Test/AdminConsole/OrganizationFeatures/OrganizationUsers/RestoreUser/RestoreOrganizationUserCommandTests.cs index 1b3e5fb8eb76..36c1b496dd45 100644 --- a/test/Core.Test/AdminConsole/OrganizationFeatures/OrganizationUsers/RestoreUser/RestoreOrganizationUserCommandTests.cs +++ b/test/Core.Test/AdminConsole/OrganizationFeatures/OrganizationUsers/RestoreUser/RestoreOrganizationUserCommandTests.cs @@ -1368,14 +1368,19 @@ public async Task RestoreUsers_Bulk_WithDataOwnershipPolicy_CreatesCollectionsFo orgUser2.Key = null; orgUser2.OrganizationId = organization.Id; + var orgUser1PolicyRequirement = new OrganizationDataOwnershipPolicyRequirement( + OrganizationDataOwnershipState.Enabled, + [new PolicyDetails { OrganizationId = organization.Id, OrganizationUserId = orgUser1.Id }]); + organizationUserRepository .GetManyAsync(Arg.Is>(ids => ids.Contains(orgUser1.Id) && ids.Contains(orgUser2.Id))) .Returns([orgUser1, orgUser2]); // Setup bulk policy query - returns org user IDs with policy enabled sutProvider.GetDependency() - .GetManyByOrganizationIdAsync(organization.Id) - .Returns([orgUser1.Id]); + .GetAsync( + Arg.Is>(ids => ids.Contains(orgUser1.UserId.Value))) + .Returns([(orgUser1.UserId!.Value, orgUser1PolicyRequirement)]); sutProvider.GetDependency() .TwoFactorIsEnabledAsync(Arg.Any>()) @@ -1421,14 +1426,22 @@ public async Task RestoreUsers_Bulk_WithMixedPolicyStates_OnlyCreatesForEnabledP orgUser2.Email = null; orgUser2.OrganizationId = organization.Id; + var orgUser1PolicyRequirement = new OrganizationDataOwnershipPolicyRequirement( + OrganizationDataOwnershipState.Enabled, + [new PolicyDetails { OrganizationId = organization.Id, OrganizationUserId = orgUser1.Id }]); + + var orgUser2PolicyRequirement = new OrganizationDataOwnershipPolicyRequirement( + OrganizationDataOwnershipState.Disabled, []); + organizationUserRepository .GetManyAsync(Arg.Is>(ids => ids.Contains(orgUser1.Id) && ids.Contains(orgUser2.Id))) .Returns([orgUser1, orgUser2]); // Setup bulk policy query - only orgUser1 has policy enabled sutProvider.GetDependency() - .GetManyByOrganizationIdAsync(organization.Id) - .Returns([orgUser1.Id]); + .GetAsync( + Arg.Is>(ids => ids.Contains(orgUser1.UserId!.Value) && ids.Contains(orgUser2.UserId!.Value))) + .Returns([(orgUser1.UserId!.Value, orgUser1PolicyRequirement), (orgUser2.UserId!.Value, orgUser2PolicyRequirement)]); sutProvider.GetDependency() .TwoFactorIsEnabledAsync(Arg.Any>()) @@ -1474,14 +1487,23 @@ public async Task RestoreUsers_Bulk_WithNullCollectionName_DoesNotCreateAnyColle orgUser2.Email = null; orgUser2.OrganizationId = organization.Id; + var orgUser1PolicyRequirement = new OrganizationDataOwnershipPolicyRequirement( + OrganizationDataOwnershipState.Enabled, + [new PolicyDetails { OrganizationId = organization.Id, OrganizationUserId = orgUser1.Id }]); + + var orgUser2PolicyRequirement = new OrganizationDataOwnershipPolicyRequirement( + OrganizationDataOwnershipState.Enabled, + [new PolicyDetails { OrganizationId = organization.Id, OrganizationUserId = orgUser2.Id }]); + organizationUserRepository .GetManyAsync(Arg.Is>(ids => ids.Contains(orgUser1.Id) && ids.Contains(orgUser2.Id))) .Returns([orgUser1, orgUser2]); // Setup bulk policy query - both users have policy enabled sutProvider.GetDependency() - .GetManyByOrganizationIdAsync(organization.Id) - .Returns([orgUser1.Id, orgUser2.Id]); + .GetAsync( + Arg.Is>(ids => ids.Contains(orgUser1.UserId!.Value) && ids.Contains(orgUser2.UserId!.Value))) + .Returns([(orgUser1.UserId!.Value, orgUser1PolicyRequirement), (orgUser2.UserId!.Value, orgUser2PolicyRequirement)]); sutProvider.GetDependency() .TwoFactorIsEnabledAsync(Arg.Any>()) @@ -1596,11 +1618,6 @@ public async Task RestoreUsersAsync_UseMyItemsDisabled_DoesNotCreateCollections( .GetManyAsync(Arg.Is>(ids => ids.Contains(orgUser1.Id) && ids.Contains(orgUser2.Id))) .Returns([orgUser1, orgUser2]); - // Setup bulk policy query - both users have policy enabled - sutProvider.GetDependency() - .GetManyByOrganizationIdAsync(organization.Id) - .Returns([orgUser1.Id, orgUser2.Id]); - sutProvider.GetDependency() .TwoFactorIsEnabledAsync(Arg.Any>()) .Returns(new List<(Guid userId, bool twoFactorIsEnabled)> @@ -1649,11 +1666,6 @@ public async Task RestoreUsersAsync_UseMyItemsEnabled_CreatesCollections( .GetManyAsync(Arg.Is>(ids => ids.Contains(orgUser1.Id) && ids.Contains(orgUser2.Id))) .Returns([orgUser1, orgUser2]); - // Setup bulk policy query - both users have policy enabled - sutProvider.GetDependency() - .GetManyByOrganizationIdAsync(organization.Id) - .Returns([orgUser1.Id, orgUser2.Id]); - sutProvider.GetDependency() .TwoFactorIsEnabledAsync(Arg.Any>()) .Returns(new List<(Guid userId, bool twoFactorIsEnabled)> @@ -1662,6 +1674,31 @@ public async Task RestoreUsersAsync_UseMyItemsEnabled_CreatesCollections( (orgUser2.UserId!.Value, true) }); + var policyDetails1 = new PolicyDetails + { + OrganizationId = organization.Id, + OrganizationUserId = orgUser1.Id, + IsProvider = false, + OrganizationUserStatus = OrganizationUserStatusType.Confirmed, + OrganizationUserType = orgUser1.Type, + PolicyType = PolicyType.OrganizationDataOwnership + }; + var policyDetails2 = new PolicyDetails + { + OrganizationId = organization.Id, + OrganizationUserId = orgUser2.Id, + IsProvider = false, + OrganizationUserStatus = OrganizationUserStatusType.Confirmed, + OrganizationUserType = orgUser2.Type, + PolicyType = PolicyType.OrganizationDataOwnership + }; + sutProvider.GetDependency() + .GetAsync(Arg.Is>(ids => ids.Contains(orgUser1.UserId!.Value) && ids.Contains(orgUser2.UserId!.Value))) + .Returns([ + (orgUser1.UserId!.Value, new OrganizationDataOwnershipPolicyRequirement(OrganizationDataOwnershipState.Enabled, [policyDetails1])), + (orgUser2.UserId!.Value, new OrganizationDataOwnershipPolicyRequirement(OrganizationDataOwnershipState.Enabled, [policyDetails2])) + ]); + // Act var result = await sutProvider.Sut.RestoreUsersAsync( organization.Id, diff --git a/test/Core.Test/AdminConsole/OrganizationFeatures/Policies/PolicyRequirementQueryTests.cs b/test/Core.Test/AdminConsole/OrganizationFeatures/Policies/PolicyRequirementQueryTests.cs index 823de897571e..e652181a461d 100644 --- a/test/Core.Test/AdminConsole/OrganizationFeatures/Policies/PolicyRequirementQueryTests.cs +++ b/test/Core.Test/AdminConsole/OrganizationFeatures/Policies/PolicyRequirementQueryTests.cs @@ -194,73 +194,4 @@ public async Task GetAsync_WithMultipleUserIds_ReturnsEmptyRequirementForUserWit Assert.Contains(policyA, requirements[0].Requirement.Policies); Assert.Empty(requirements[1].Requirement.Policies); } - - [Theory, BitAutoData] - public async Task GetManyByOrganizationIdAsync_IgnoresOtherPolicyTypes(Guid organizationId) - { - var policyRepository = Substitute.For(); - var thisPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.SingleOrg, OrganizationUserId = Guid.NewGuid() }; - var otherPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.RequireSso, OrganizationUserId = Guid.NewGuid() }; - // Force the repository to return both policies even though that is not the expected result - policyRepository.GetPolicyDetailsByOrganizationIdAsync(organizationId, PolicyType.SingleOrg) - .Returns([thisPolicy, otherPolicy]); - - var factory = new TestPolicyRequirementFactory(_ => true); - var sut = new PolicyRequirementQuery(policyRepository, [factory]); - - var organizationUserIds = await sut.GetManyByOrganizationIdAsync(organizationId); - - await policyRepository.Received(1).GetPolicyDetailsByOrganizationIdAsync(organizationId, PolicyType.SingleOrg); - - Assert.Contains(thisPolicy.OrganizationUserId, organizationUserIds); - Assert.DoesNotContain(otherPolicy.OrganizationUserId, organizationUserIds); - } - - [Theory, BitAutoData] - public async Task GetManyByOrganizationIdAsync_CallsEnforceCallback(Guid organizationId) - { - var policyRepository = Substitute.For(); - var thisPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.SingleOrg, OrganizationUserId = Guid.NewGuid() }; - var otherPolicy = new OrganizationPolicyDetails { PolicyType = PolicyType.SingleOrg, OrganizationUserId = Guid.NewGuid() }; - policyRepository.GetPolicyDetailsByOrganizationIdAsync(organizationId, PolicyType.SingleOrg).Returns([thisPolicy, otherPolicy]); - - var callback = Substitute.For>(); - callback(Arg.Any()).Returns(x => x.Arg() == thisPolicy); - - var factory = new TestPolicyRequirementFactory(callback); - var sut = new PolicyRequirementQuery(policyRepository, [factory]); - - var organizationUserIds = await sut.GetManyByOrganizationIdAsync(organizationId); - - Assert.Contains(thisPolicy.OrganizationUserId, organizationUserIds); - Assert.DoesNotContain(otherPolicy.OrganizationUserId, organizationUserIds); - callback.Received()(Arg.Is(p => p == thisPolicy)); - callback.Received()(Arg.Is(p => p == otherPolicy)); - } - - [Theory, BitAutoData] - public async Task GetManyByOrganizationIdAsync_ThrowsIfNoFactoryRegistered(Guid organizationId) - { - var policyRepository = Substitute.For(); - var sut = new PolicyRequirementQuery(policyRepository, []); - - var exception = await Assert.ThrowsAsync(() - => sut.GetManyByOrganizationIdAsync(organizationId)); - - Assert.Contains("No Requirement Factory found", exception.Message); - } - - [Theory, BitAutoData] - public async Task GetManyByOrganizationIdAsync_HandlesNoPolicies(Guid organizationId) - { - var policyRepository = Substitute.For(); - policyRepository.GetPolicyDetailsByOrganizationIdAsync(organizationId, PolicyType.SingleOrg).Returns([]); - - var factory = new TestPolicyRequirementFactory(x => x.IsProvider); - var sut = new PolicyRequirementQuery(policyRepository, [factory]); - - var organizationUserIds = await sut.GetManyByOrganizationIdAsync(organizationId); - - Assert.Empty(organizationUserIds); - } }