diff --git a/bitwarden_license/src/Commercial.Infrastructure.EntityFramework/Repositories/ProjectRepository.cs b/bitwarden_license/src/Commercial.Infrastructure.EntityFramework/Repositories/ProjectRepository.cs index b500a5734f..bb9c363f08 100644 --- a/bitwarden_license/src/Commercial.Infrastructure.EntityFramework/Repositories/ProjectRepository.cs +++ b/bitwarden_license/src/Commercial.Infrastructure.EntityFramework/Repositories/ProjectRepository.cs @@ -26,14 +26,24 @@ public class ProjectRepository : Repository> GetAllByOrganizationIdAsync(Guid organizationId) + { + using var scope = ServiceScopeFactory.CreateScope(); + var dbContext = GetDatabaseContext(scope); + var project = await dbContext.Project + .Where(p => p.OrganizationId == organizationId && p.DeletedDate == null) + .OrderBy(p => p.RevisionDate) + .ToListAsync(); + return Mapper.Map>(project); + } + public async Task> GetManyByOrganizationIdAsync(Guid organizationId, Guid userId) { using var scope = ServiceScopeFactory.CreateScope(); var dbContext = GetDatabaseContext(scope); var project = await dbContext.Project .Where(p => p.OrganizationId == organizationId && p.DeletedDate == null) - // TODO: Enable this + Handle Admins - //.Where(UserHasAccessToProject(userId)) + .Where(UserHasAccessToProject(userId)) .OrderBy(p => p.RevisionDate) .ToListAsync(); return Mapper.Map>(project); diff --git a/src/Api/Controllers/ProjectsController.cs b/src/Api/Controllers/ProjectsController.cs index 8b706d42d4..39fd53df56 100644 --- a/src/Api/Controllers/ProjectsController.cs +++ b/src/Api/Controllers/ProjectsController.cs @@ -2,6 +2,8 @@ using Bit.Api.SecretManagerFeatures.Models.Request; using Bit.Api.SecretManagerFeatures.Models.Response; using Bit.Api.Utilities; +using Bit.Core.Context; +using Bit.Core.Entities; using Bit.Core.Exceptions; using Bit.Core.Repositories; using Bit.Core.SecretManagerFeatures.Projects.Interfaces; @@ -18,19 +20,22 @@ public class ProjectsController : Controller private readonly ICreateProjectCommand _createProjectCommand; private readonly IUpdateProjectCommand _updateProjectCommand; private readonly IDeleteProjectCommand _deleteProjectCommand; + private readonly ICurrentContext _currentContext; public ProjectsController( IUserService userService, IProjectRepository projectRepository, ICreateProjectCommand createProjectCommand, IUpdateProjectCommand updateProjectCommand, - IDeleteProjectCommand deleteProjectCommand) + IDeleteProjectCommand deleteProjectCommand, + ICurrentContext currentContext) { _userService = userService; _projectRepository = projectRepository; _createProjectCommand = createProjectCommand; _updateProjectCommand = updateProjectCommand; _deleteProjectCommand = deleteProjectCommand; + _currentContext = currentContext; } [HttpPost("organizations/{organizationId}/projects")] @@ -51,7 +56,16 @@ public class ProjectsController : Controller public async Task> GetProjectsByOrganizationAsync([FromRoute] Guid organizationId) { var userId = _userService.GetProperUserId(User).Value; - var projects = await _projectRepository.GetManyByOrganizationIdAsync(organizationId, userId); + IEnumerable projects; + if (await _currentContext.OrganizationAdmin(organizationId)) + { + // Fetch all projects without access checks since admins have access to all + projects = await _projectRepository.GetAllByOrganizationIdAsync(organizationId); + } + else + { + projects = await _projectRepository.GetManyByOrganizationIdAsync(organizationId, userId); + } var responses = projects.Select(project => new ProjectResponseModel(project)); return new ListResponseModel(responses); } diff --git a/src/Core/Repositories/IProjectRepository.cs b/src/Core/Repositories/IProjectRepository.cs index 80a3a62428..502b8f832c 100644 --- a/src/Core/Repositories/IProjectRepository.cs +++ b/src/Core/Repositories/IProjectRepository.cs @@ -4,6 +4,7 @@ namespace Bit.Core.Repositories; public interface IProjectRepository { + Task> GetAllByOrganizationIdAsync(Guid organizationId); Task> GetManyByOrganizationIdAsync(Guid organizationId, Guid userId); Task> GetManyByIds(IEnumerable ids); Task GetByIdAsync(Guid id);