New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[PM-7004] Org Admin Initiate Delete #3905
base: main
Are you sure you want to change the base?
Conversation
@@ -579,6 +579,18 @@ | |||
} | |||
} | |||
|
|||
[HttpPost("delete-recover-token")] | |||
[AllowAnonymous] | |||
public async Task PostDeleteRecoverToken([FromBody] OrganizationVerifyDeleteRecoverRequestModel model) |
Check warning
Code scanning / Checkmarx One
Log Forging
@@ -579,6 +579,18 @@ | |||
} | |||
} | |||
|
|||
[HttpPost("delete-recover-token")] | |||
[AllowAnonymous] | |||
public async Task PostDeleteRecoverToken([FromBody] OrganizationVerifyDeleteRecoverRequestModel model) |
Check warning
Code scanning / Checkmarx One
Log Forging
</tr> | ||
<tr style="margin: 0; box-sizing: border-box; color: #333; line-height: 25px; -webkit-font-smoothing: antialiased; -webkit-text-size-adjust: none;"> | ||
<td class="content-block" style="font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; box-sizing: border-box; font-size: 16px; color: #333; line-height: 25px; margin: 0; -webkit-font-smoothing: antialiased; padding: 0 0 10px; -webkit-text-size-adjust: none; text-align: center;" valign="top" align="center"> | ||
<a href="{{{Url}}}" clicktracking=off target="_blank" style="color: #ffffff; text-decoration: none; text-align: center; cursor: pointer; display: inline-block; border-radius: 5px; background-color: #175DDC; border-color: #175DDC; border-style: solid; border-width: 10px 20px; margin: 0; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; box-sizing: border-box; font-size: 16px; line-height: 25px; -webkit-font-smoothing: antialiased; -webkit-text-size-adjust: none;"> |
Check warning
Code scanning / Checkmarx One
Unsafe Use Of Target blank Medium
@@ -579,6 +579,18 @@ | |||
} | |||
} | |||
|
|||
[HttpPost("delete-recover-token")] | |||
[AllowAnonymous] | |||
public async Task PostDeleteRecoverToken([FromBody] OrganizationVerifyDeleteRecoverRequestModel model) |
Check warning
Code scanning / Checkmarx One
Log Forging
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll leave the general review to @vincentsalucci , just wanted to throw in my 2 cents on OrganizationService
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The implementation looks good to me but there are some changes needed including feedback from the Product team.
Ideally the OrganizationService
methods should be on a new command, along with unit tests. However, if time constraints exist, this can be addressed at a later stage.
src/Core/AdminConsole/Services/Implementations/OrganizationService.cs
Outdated
Show resolved
Hide resolved
Co-authored-by: Rui Tomé <[email protected]>
Co-authored-by: Rui Tomé <[email protected]>
New Issues
Fixed Issues
|
Co-authored-by: Rui Tomé <[email protected]>
Where can I find examples of using commands? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
While testing this I noticed an issue, more info on the comments below
Co-authored-by: Rui Tomé <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The build is broken, we just need to fix the orgId variable
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does this belong in Auth? Feels like it might be more Admin Console
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You're right, the clients code was already moved to AC ownership so I also moved this.
# Conflicts: # src/Core/Services/IMailService.cs # src/Core/Services/NoopImplementations/NoopMailService.cs
…uest acceptance endpoint
… organization, string token) method
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good! Just a couple of questions about our security practices, otherwise good to go.
|
||
Click the link below to complete the deletion of your organization. | ||
|
||
If you did not request this email to delete your Bitwarden organization, you can safely ignore it. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe a nit, but if you didn't request this email you should probably be worried! Someone is trying to delete your organization. Maybe "If you did not request this email to delete your Bitwarden organization, please contact us." ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point. I am not opposed to changing that.
Type of change
Objective
This PR adds support for support to initiate a delete of an organization that is then confirmed by the org admin via email.
Code changes
TODO
Before you submit
dotnet format --verify-no-changes
) (required)