bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-12-10 17:45:21 -06:00
Code Issues Packages Projects Releases 211 Wiki Activity

Enhance TwoFactorIsEnabledQuery to throw NotFoundException for non-existent users

Browse Source 
* Updated TwoFactorIsEnabledQuery to throw NotFoundException when a user is not found instead of returning false.
* Added a new unit test to verify that the NotFoundException is thrown when a user is not found while premium access query is enabled.
This commit is contained in:
Rui Tome 2025-12-09 10:45:27 +00:00
parent 2bd00c2753
commit dbb8619e21
No known key found for this signature in database
GPG Key ID: 526239D96A8EC066
2 changed files with 29 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/Core/Auth/UserFeatures/TwoFactorAuth/TwoFactorIsEnabledQuery.cs
View File

@ -6,6 +6,7 @@ using Bit.Core.Auth.Models;
using Bit.Core.Auth.UserFeatures.TwoFactorAuth.Interfaces;
using Bit.Core.Billing.Premium.Queries;
using Bit.Core.Entities;
using Bit.Core.Exceptions;
using Bit.Core.Repositories;
using Bit.Core.Services;
@ -101,7 +102,7 @@ public class TwoFactorIsEnabledQuery : ITwoFactorIsEnabledQuery
var userEntity = user as User ?? await _userRepository.GetByIdAsync(userId.Value);
if (userEntity == null)
{
return false;
throw new NotFoundException();
}
return await TwoFactorIsEnabledVNextAsync(userEntity);

27
test/Core.Test/Auth/UserFeatures/TwoFactorAuth/TwoFactorIsEnabledQueryTests.cs
View File

@ -3,6 +3,7 @@ using Bit.Core.Auth.Models;
using Bit.Core.Auth.UserFeatures.TwoFactorAuth;
using Bit.Core.Billing.Premium.Queries;
using Bit.Core.Entities;
using Bit.Core.Exceptions;
using Bit.Core.Models.Data;
using Bit.Core.Models.Data.Organizations.OrganizationUsers;
using Bit.Core.Repositories;
@ -651,6 +652,32 @@ public class TwoFactorIsEnabledQueryTests
Assert.False(result);
}
[Theory]
[BitAutoData]
public async Task TwoFactorIsEnabledAsync_WhenPremiumAccessQueryEnabled_UserNotFound_ThrowsNotFoundException(
SutProvider<TwoFactorIsEnabledQuery> sutProvider,
Guid userId)
{
// Arrange
sutProvider.GetDependency<IFeatureService>()
.IsEnabled(FeatureFlagKeys.PremiumAccessQuery)
.Returns(true);
var testUser = new TestTwoFactorProviderUser
{
Id = userId,
TwoFactorProviders = null
};
sutProvider.GetDependency<IUserRepository>()
.GetByIdAsync(userId)
.Returns((User)null);
// Act & Assert
await Assert.ThrowsAsync<NotFoundException>(
async () => await sutProvider.Sut.TwoFactorIsEnabledAsync(testUser));
}
private class TestTwoFactorProviderUser : ITwoFactorProvidersUser
{
public Guid? Id { get; set; }