From ce5b05456b134017f1f709e1954becf05d00ca0c Mon Sep 17 00:00:00 2001 From: Brandon Date: Tue, 31 Mar 2026 16:49:30 -0400 Subject: [PATCH] add missing model.type param --- .../OrganizationConnectionsController.cs | 2 +- .../OrganizationConnectionsControllerTests.cs | 42 ++++++++++++++++++- 2 files changed, 42 insertions(+), 2 deletions(-) diff --git a/src/Api/AdminConsole/Controllers/OrganizationConnectionsController.cs b/src/Api/AdminConsole/Controllers/OrganizationConnectionsController.cs index 776e28d2a3ce..18389755c57b 100644 --- a/src/Api/AdminConsole/Controllers/OrganizationConnectionsController.cs +++ b/src/Api/AdminConsole/Controllers/OrganizationConnectionsController.cs @@ -57,7 +57,7 @@ public bool ConnectionsEnabled() [HttpPost] public async Task CreateConnection([FromBody] OrganizationConnectionRequestModel model) { - if (!await HasPermissionAsync(model?.OrganizationId)) + if (!await HasPermissionAsync(model?.OrganizationId, model?.Type)) { throw new BadRequestException($"You do not have permission to create a connection of type {model.Type}."); } diff --git a/test/Api.Test/AdminConsole/Controllers/OrganizationConnectionsControllerTests.cs b/test/Api.Test/AdminConsole/Controllers/OrganizationConnectionsControllerTests.cs index 078272d940f8..363f86884ebe 100644 --- a/test/Api.Test/AdminConsole/Controllers/OrganizationConnectionsControllerTests.cs +++ b/test/Api.Test/AdminConsole/Controllers/OrganizationConnectionsControllerTests.cs @@ -50,17 +50,56 @@ public void ConnectionEnabled_RequiresBothSelfHostAndCommunications(bool selfHos [Theory] [BitAutoData] - public async Task CreateConnection_CloudBillingSync_RequiresOwnerPermissions(SutProvider sutProvider) + public async Task CreateConnection_CloudBillingSync_RequiresOwnerPermissions(Guid organizationId, + SutProvider sutProvider) { var model = new OrganizationConnectionRequestModel { Type = OrganizationConnectionType.CloudBillingSync, + OrganizationId = organizationId, }; var exception = await Assert.ThrowsAsync(() => sutProvider.Sut.CreateConnection(model)); Assert.Contains($"You do not have permission to create a connection of type", exception.Message); } + [Theory] + [BitAutoData] + public async Task CreateConnection_Scim_RequiresManageScimPermission(Guid organizationId, + SutProvider sutProvider) + { + var model = new OrganizationConnectionRequestModel + { + Type = OrganizationConnectionType.Scim, + OrganizationId = organizationId, + }; + + sutProvider.GetDependency().ManageScim(organizationId).Returns(false); + + var exception = await Assert.ThrowsAsync(() => sutProvider.Sut.CreateConnection(model)); + + Assert.Contains($"You do not have permission to create a connection of type", exception.Message); + } + + [Theory] + [BitAutoData] + public async Task CreateConnection_Scim_Success(OrganizationConnectionRequestModel model, ScimConfig config, + SutProvider sutProvider) + { + model.Type = OrganizationConnectionType.Scim; + model.Config = JsonDocumentFromObject(config); + var typedModel = new OrganizationConnectionRequestModel(model); + + sutProvider.GetDependency().ManageScim(model.OrganizationId).Returns(true); + sutProvider.GetDependency().CreateAsync(default) + .ReturnsForAnyArgs(typedModel.ToData(Guid.NewGuid()).ToEntity()); + + await sutProvider.Sut.CreateConnection(model); + + await sutProvider.GetDependency().Received(1) + .CreateAsync(Arg.Is(AssertHelper.AssertPropertyEqual(typedModel.ToData()))); + } + [Theory] [BitMemberAutoData(nameof(ConnectionTypes))] public async Task CreateConnection_OnlyOneConnectionOfEachType(OrganizationConnectionType type, @@ -73,6 +112,7 @@ public async Task CreateConnection_OnlyOneConnectionOfEachType(OrganizationConne var existing = typedModel.ToData(existingEntityId).ToEntity(); sutProvider.GetDependency().OrganizationOwner(model.OrganizationId).Returns(true); + sutProvider.GetDependency().ManageScim(model.OrganizationId).Returns(true); sutProvider.GetDependency().GetByOrganizationIdTypeAsync(model.OrganizationId, type).Returns(new[] { existing });