[AC-1679] Approve all pending device authorizations (#9407)

* feat: update service container for required service injection, refs AC-1679 * feat: complete approve all command, refs AC-1679 * fix: cast service container to access bit services, refs AC-1679 * fix: override service container from base program, refs AC-1679 * fix: prettier, refs AC-1679 * feat: replace hardcoded strings with i18n translations (future-proofing), refs AC-1679 * chore: remove i18n references, refs AC-1679 * fix: update approve-all and deny-all commands to match desired input, refs AC-1679
bitwarden · Jun 3, 2024 · 2358443 · 2358443
1 parent 3835a9d
commit 2358443
Show file tree

Hide file tree

Showing 5 changed files with 79 additions and 7 deletions.
diff --git a/bitwarden_license/bit-cli/src/admin-console/device-approval/approve-all.command.ts b/bitwarden_license/bit-cli/src/admin-console/device-approval/approve-all.command.ts
@@ -1,9 +1,52 @@
+import { firstValueFrom } from "rxjs";
+
+import { OrganizationAuthRequestService } from "@bitwarden/bit-common/admin-console/auth-requests";
 import { Response } from "@bitwarden/cli/models/response";
+import { MessageResponse } from "@bitwarden/cli/models/response/message.response";
+import { OrganizationService } from "@bitwarden/common/admin-console/services/organization/organization.service";
+import { Utils } from "@bitwarden/common/platform/misc/utils";
 
 export class ApproveAllCommand {
-  constructor() {}
+  constructor(
+    private organizationAuthRequestService: OrganizationAuthRequestService,
+    private organizationService: OrganizationService,
+  ) {}
 
   async run(organizationId: string): Promise<Response> {
-    throw new Error("Not implemented");
+    if (organizationId != null) {
+      organizationId = organizationId.toLowerCase();
+    }
+
+    if (!Utils.isGuid(organizationId)) {
+      return Response.badRequest("`" + organizationId + "` is not a GUID.");
+    }
+
+    const organization = await firstValueFrom(this.organizationService.get$(organizationId));
+    if (!organization?.canManageUsersPassword) {
+      return Response.error(
+        "You do not have permission to approve pending device authorization requests.",
+      );
+    }
+
+    try {
+      const pendingApprovals =
+        await this.organizationAuthRequestService.listPendingRequests(organizationId);
+      if (pendingApprovals.length == 0) {
+        const res = new MessageResponse(
+          "No pending device authorization requests to approve.",
+          null,
+        );
+        return Response.success(res);
+      }
+
+      await this.organizationAuthRequestService.approvePendingRequests(
+        organizationId,
+        pendingApprovals,
+      );
+
+      return Response.success();
+    } catch (e) {
+      return Response.error(e);
+    }
   }
 }
diff --git a/bitwarden_license/bit-cli/src/admin-console/device-approval/device-approval.program.ts b/bitwarden_license/bit-cli/src/admin-console/device-approval/device-approval.program.ts
@@ -3,13 +3,19 @@ import { program, Command } from "commander";
 import { BaseProgram } from "@bitwarden/cli/base-program";
 import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
 
+import { ServiceContainer } from "../../service-container";
+
 import { ApproveAllCommand } from "./approve-all.command";
 import { ApproveCommand } from "./approve.command";
 import { DenyAllCommand } from "./deny-all.command";
 import { DenyCommand } from "./deny.command";
 import { ListCommand } from "./list.command";
 
 export class DeviceApprovalProgram extends BaseProgram {
+  constructor(protected serviceContainer: ServiceContainer) {
+    super(serviceContainer);
+  }
+
   register() {
     program.addCommand(this.deviceApprovalCommand());
   }
@@ -53,14 +59,17 @@ export class DeviceApprovalProgram extends BaseProgram {
   }
 
   private approveAllCommand(): Command {
-    return new Command("approveAll")
+    return new Command("approve-all")
       .description("Approve all pending requests for an organization")
       .argument("<organizationId>")
       .action(async (organizationId: string) => {
         await this.exitIfFeatureFlagDisabled(FeatureFlag.BulkDeviceApproval);
         await this.exitIfLocked();
 
-        const cmd = new ApproveAllCommand();
+        const cmd = new ApproveAllCommand(
+          this.serviceContainer.organizationAuthRequestService,
+          this.serviceContainer.organizationService,
+        );
         const response = await cmd.run(organizationId);
         this.processResponse(response);
       });
@@ -81,7 +90,7 @@ export class DeviceApprovalProgram extends BaseProgram {
   }
 
   private denyAllCommand(): Command {
-    return new Command("denyAll")
+    return new Command("deny-all")
       .description("Deny all pending requests for an organization")
       .argument("<organizationId>")
       .action(async (organizationId: string) => {

diff --git a/bitwarden_license/bit-cli/src/service-container.ts b/bitwarden_license/bit-cli/src/service-container.ts
@@ -1,7 +1,24 @@
+import {
+  OrganizationAuthRequestService,
+  OrganizationAuthRequestApiService,
+} from "@bitwarden/bit-common/admin-console/auth-requests";
 import { ServiceContainer as OssServiceContainer } from "@bitwarden/cli/service-container";
 
 /**
  * Instantiates services and makes them available for dependency injection.
  * Any Bitwarden-licensed services should be registered here.
  */
-export class ServiceContainer extends OssServiceContainer {}
+export class ServiceContainer extends OssServiceContainer {
+  organizationAuthRequestApiService: OrganizationAuthRequestApiService;
+  organizationAuthRequestService: OrganizationAuthRequestService;
+
+  constructor() {
+    super();
+    this.organizationAuthRequestApiService = new OrganizationAuthRequestApiService(this.apiService);
+    this.organizationAuthRequestService = new OrganizationAuthRequestService(
+      this.organizationAuthRequestApiService,
+      this.cryptoService,
+      this.organizationUserService,
+    );
+  }
+}
diff --git a/bitwarden_license/bit-cli/tsconfig.json b/bitwarden_license/bit-cli/tsconfig.json
@@ -21,7 +21,8 @@
       "@bitwarden/vault-export-core": [
         "../../libs/tools/export/vault-export/vault-export-core/src"
       ],
-      "@bitwarden/node/*": ["../../libs/node/src/*"]
+      "@bitwarden/node/*": ["../../libs/node/src/*"],
+      "@bitwarden/bit-common/*": ["../../bitwarden_license/bit-common/src/*"]
     }
   },
   "include": ["src", "src/**/*.spec.ts"]

diff --git a/bitwarden_license/bit-common/src/admin-console/auth-requests/index.ts b/bitwarden_license/bit-common/src/admin-console/auth-requests/index.ts
@@ -1,2 +1,4 @@
 export * from "./pending-organization-auth-request.response";
 export * from "./organization-auth-request.service";
+export * from "./organization-auth-request-api.service";
+export * from "./pending-auth-request.view";