Fix org profile to show correct MFA status for site admins (#9106)

shishirx34 · web-flow · commit 2ae64d137e54 · 2022-04-22T10:59:55.000-07:00
diff --git a/src/NuGetGallery/ViewModels/UserProfileModel.cs b/src/NuGetGallery/ViewModels/UserProfileModel.cs
@@ -16,7 +16,6 @@ public UserProfileModel(User user, User currentUser, List<ListPackageItemViewMod
             Username = user.Username;
             EmailAddress = user.EmailAddress;
             UnconfirmedEmailAddress = user.UnconfirmedEmailAddress;
-            HasEnabledMultiFactorAuthentication = user.EnableMultiFactorAuthentication;
             IsLocked = user.IsLocked;
             AllPackages = allPackages;
             TotalPackages = allPackages.Count;
@@ -43,7 +42,25 @@ public UserProfileModel(User user, User currentUser, List<ListPackageItemViewMod
         public string Username { get; private set; }
         public string EmailAddress { get; private set; }
         public string UnconfirmedEmailAddress { get; set; }
-        public bool HasEnabledMultiFactorAuthentication { get; set; }
+        public bool HasEnabledMultiFactorAuthentication 
+        {
+            get
+            {
+                if (UserIsOrganization)
+                {
+                    var organization = (Organization)User;
+                    return organization
+                        .Members
+                        .Select(x => x.Member)
+                        .All(x => x.EnableMultiFactorAuthentication);
+                }
+                else
+                {
+                    return User.EnableMultiFactorAuthentication;
+                }
+            }
+        }
+
         public bool IsLocked { get; set; }
         public ICollection<ListPackageItemViewModel> AllPackages { get; private set; }
         public ICollection<ListPackageItemViewModel> PagedPackages { get; private set; }
diff --git a/src/NuGetGallery/Views/Users/Profiles.cshtml b/src/NuGetGallery/Views/Users/Profiles.cshtml
@@ -39,7 +39,15 @@
                             <dt>Unconfirmed Email Address:</dt>
                             <dd>@Model.UnconfirmedEmailAddress</dd>
                         }
-                        <dt>Multi-factor Authentication:</dt>
+
+                        @if (Model.UserIsOrganization)
+                        {
+                            <dt>Org Multi-factor Authentication:</dt>
+                        }
+                        else
+                        {
+                            <dt>Multi-factor Authentication:</dt>
+                        }
                         <dd>@(Model.HasEnabledMultiFactorAuthentication ? "Enabled" : "Disabled")</dd>
                         <dt>Locked:</dt>
                         <dd>@(Model.IsLocked ? "Yes" : "No")</dd>
diff --git a/tests/NuGetGallery.Facts/ViewModels/UserProfileModelFacts.cs b/tests/NuGetGallery.Facts/ViewModels/UserProfileModelFacts.cs
@@ -34,6 +34,104 @@ public void TotalDownloadCount_DoesNotThrowIntegerOverflow()
                 Assert.Equal(expected, profile.TotalPackageDownloadCount);
             }
 
+            [Theory]
+            [InlineData(true)]
+            [InlineData(false)]
+            public void HasEnabledMultiFactorAuthentication_ForUsers(bool userMfaStatus)
+            {
+                var controller = GetController<UsersController>();
+                var user = new User("theUser")
+                {
+                    EnableMultiFactorAuthentication = userMfaStatus,
+                };
+                var currentUser = new User("theCurrentUser");
+                var packages = new List<ListPackageItemViewModel>
+                {
+                    CreatePackageItemViewModel("1.0.0"),
+                    CreatePackageItemViewModel("2.0.0")
+                };
+
+                // Act
+                var profile = new UserProfileModel(user, currentUser, packages, 0, 10, controller.Url);
+
+                // Assert
+                Assert.Equal(userMfaStatus, profile.HasEnabledMultiFactorAuthentication);
+            }
+
+            [Theory]
+            [InlineData(true, false, true, false)]
+            [InlineData(true, true, false, false)]
+            [InlineData(false, false, true, false)]
+            [InlineData(true, true, true, true)]
+            public void HasEnabledMultiFactorAuthentication_ForOrganizations(bool user1MfaStatus, bool user2MfaStatus, bool collabUserMfaStatus, bool expectedOrgMfaStatus)
+            {
+                var controller = GetController<UsersController>();
+                var userList = new List<User>() {
+                    new User("theUser")
+                    {
+                        EnableMultiFactorAuthentication = user1MfaStatus
+                    },
+                    new User("theOtherUser")
+                    {
+                        EnableMultiFactorAuthentication = user2MfaStatus
+                    }
+                };
+
+                var collabUser = new User("TheCollabUser")
+                {
+                    EnableMultiFactorAuthentication = collabUserMfaStatus
+                };
+
+                var org = CreateTestOrganization(userList, collabUser);
+                var currentUser = new User("theCurrentUser");
+                var packages = new List<ListPackageItemViewModel>
+                {
+                    CreatePackageItemViewModel("1.0.0"),
+                    CreatePackageItemViewModel("2.0.0")
+                };
+
+                // Act
+                var profile = new UserProfileModel(org, currentUser, packages, 0, 10, controller.Url);
+
+                // Assert
+                Assert.Equal(expectedOrgMfaStatus, profile.HasEnabledMultiFactorAuthentication);
+            }
+
+            private Organization CreateTestOrganization(List<User> usersList, User collabUser)
+            {
+                var organization = new Organization()
+                {
+                    Key = 1,
+                    Username = "a"
+                };
+
+                foreach (var user in usersList)
+                {
+                    organization.Members.Add(new Membership()
+                    {
+                        MemberKey = user.Key,
+                        Member = user,
+                        OrganizationKey = organization.Key,
+                        Organization = organization,
+                        IsAdmin = true
+                    });
+                }
+
+                if (collabUser != null)
+                {
+                    organization.Members.Add(new Membership()
+                    {
+                        MemberKey = collabUser.Key,
+                        Member = collabUser,
+                        OrganizationKey = organization.Key,
+                        Organization = organization,
+                        IsAdmin = false
+                    });
+                }
+
+                return organization;
+            }
+
             private ListPackageItemViewModel CreatePackageItemViewModel(string version)
             {
                 return new ListPackageItemViewModelFactory(Mock.Of<IIconUrlProvider>()).Create(new Package
