[PM-34774] Add GET endpoint for organization invite links (#7534)

* Add Get method to OrganizationInviteLinksController for retrieving invite links by organization ID

- Implemented a new GET endpoint to fetch an invite link based on the organization ID.
- Integrated IOrganizationInviteLinkRepository to handle data retrieval.
- Updated tests to validate the new functionality, ensuring correct responses for existing and non-existing links.
- Refactored service registration for invite link commands to improve clarity.

* Add GetOrganizationInviteLinkQuery and IGetOrganizationInviteLinkQuery interface

- Implemented GetOrganizationInviteLinkQuery to retrieve invite links for organizations.
- Added IGetOrganizationInviteLinkQuery interface defining the contract for fetching invite links.
- Included error handling for cases where invite links are not available or do not exist.

* Add unit tests for GetOrganizationInviteLinkQuery

- Created GetOrganizationInviteLinkQueryTests to validate the functionality of retrieving organization invite links.
- Implemented tests for successful retrieval, handling cases where no link exists, and scenarios with insufficient permissions or null abilities.
- Ensured proper error handling and assertions for various outcomes in the query execution.

* Add InviteLinkNotFound error type for handling missing invite links

- Introduced InviteLinkNotFound record to represent a not found error for invite links.
- Enhanced error handling in the InviteLinks feature to provide clearer feedback when an invite link is not found.

* Add IGetOrganizationInviteLinkQuery to service collection

- Registered IGetOrganizationInviteLinkQuery with the service collection to enable dependency injection for retrieving organization invite links.
- This addition supports the functionality introduced in the GetOrganizationInviteLinkQuery implementation.

* Refactor OrganizationInviteLinksController to use IGetOrganizationInviteLinkQuery

- Updated OrganizationInviteLinksController to replace IOrganizationInviteLinkRepository with IGetOrganizationInviteLinkQuery for retrieving invite links.
- Enhanced the Get method to handle results more effectively, returning appropriate responses based on the query outcome.
- Modified unit tests to align with the new query implementation, ensuring proper handling of both found and not found scenarios.

* Set AllowedDomains for invite link in OrganizationInviteLinksControllerTests

Author: r-tome

src/Api/AdminConsole/Controllers/OrganizationInviteLinksController.cs

@@ -14,9 +14,20 @@ namespace Bit.Api.AdminConsole.Controllers;
 [Authorize("Application")]
 [RequireFeature(FeatureFlagKeys.GenerateInviteLink)]
 public class OrganizationInviteLinksController(
-    ICreateOrganizationInviteLinkCommand createOrganizationInviteLinkCommand)
+    ICreateOrganizationInviteLinkCommand createOrganizationInviteLinkCommand,
+    IGetOrganizationInviteLinkQuery getOrganizationInviteLinkQuery)
     : BaseAdminConsoleController
 {
+    [HttpGet("")]
+    [Authorize<ManageUsersRequirement>]
+    public async Task<IResult> Get(Guid orgId)
+    {
+        var result = await getOrganizationInviteLinkQuery.GetAsync(orgId);
+
+        return Handle(result, link =>
+            TypedResults.Ok(new OrganizationInviteLinkResponseModel(link)));
+    }
+
     [HttpPost("")]
     [Authorize<ManageUsersRequirement>]
     public async Task<IResult> Create(Guid orgId, [FromBody] CreateOrganizationInviteLinkRequestModel model)

src/Core/AdminConsole/OrganizationFeatures/InviteLinks/Errors.cs

@@ -10,3 +10,6 @@ public record InviteLinkDomainsRequired()
 
 public record InviteLinkNotAvailable()
     : BadRequestError("Your organization's plan does not support invite links.");
+
+public record InviteLinkNotFound()
+    : NotFoundError("Invite link not found.");

src/Core/AdminConsole/OrganizationFeatures/InviteLinks/GetOrganizationInviteLinkQuery.cs

@@ -0,0 +1,35 @@
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.AdminConsole.OrganizationFeatures.InviteLinks.Interfaces;
+using Bit.Core.AdminConsole.Repositories;
+using Bit.Core.AdminConsole.Utilities.v2.Results;
+using Bit.Core.Services;
+
+namespace Bit.Core.AdminConsole.OrganizationFeatures.InviteLinks;
+
+public class GetOrganizationInviteLinkQuery(
+    IOrganizationInviteLinkRepository organizationInviteLinkRepository,
+    IApplicationCacheService applicationCacheService)
+    : IGetOrganizationInviteLinkQuery
+{
+    public async Task<CommandResult<OrganizationInviteLink>> GetAsync(Guid organizationId)
+    {
+        if (!await OrganizationHasInviteLinksAbilityAsync(organizationId))
+        {
+            return new InviteLinkNotAvailable();
+        }
+
+        var link = await organizationInviteLinkRepository.GetByOrganizationIdAsync(organizationId);
+        if (link is null)
+        {
+            return new InviteLinkNotFound();
+        }
+
+        return link;
+    }
+
+    private async Task<bool> OrganizationHasInviteLinksAbilityAsync(Guid organizationId)
+    {
+        var ability = await applicationCacheService.GetOrganizationAbilityAsync(organizationId);
+        return ability is not null && ability.UseInviteLinks;
+    }
+}

src/Core/AdminConsole/OrganizationFeatures/InviteLinks/Interfaces/IGetOrganizationInviteLinkQuery.cs

@@ -0,0 +1,17 @@
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.AdminConsole.Utilities.v2.Results;
+
+namespace Bit.Core.AdminConsole.OrganizationFeatures.InviteLinks.Interfaces;
+
+public interface IGetOrganizationInviteLinkQuery
+{
+    /// <summary>
+    /// Gets the invite link for the specified organization.
+    /// </summary>
+    /// <param name="organizationId">The organization to get the invite link for.</param>
+    /// <returns>
+    /// The <see cref="OrganizationInviteLink"/> if found and available, or an error if the invite link
+    /// feature is not available or no invite link exists.
+    /// </returns>
+    Task<CommandResult<OrganizationInviteLink>> GetAsync(Guid organizationId);
+}

src/Core/OrganizationFeatures/OrganizationServiceCollectionExtensions.cs

@@ -67,7 +67,7 @@ public static void AddOrganizationServices(this IServiceCollection services, IGl
         services.AddOrganizationApiKeyCommandsQueries();
         services.AddOrganizationCollectionCommands();
         services.AddOrganizationGroupCommands();
-        services.AddOrganizationInviteLinkCommands();
+        services.AddOrganizationInviteLinkCommandsQueries();
         services.AddOrganizationDomainCommandsQueries();
         services.AddOrganizationSignUpCommands();
         services.AddOrganizationDeleteCommands();
@@ -191,9 +191,10 @@ private static void AddOrganizationGroupCommands(this IServiceCollection service
         services.AddScoped<IUpdateGroupCommand, UpdateGroupCommand>();
     }
 
-    private static void AddOrganizationInviteLinkCommands(this IServiceCollection services)
+    private static void AddOrganizationInviteLinkCommandsQueries(this IServiceCollection services)
     {
         services.TryAddScoped<ICreateOrganizationInviteLinkCommand, CreateOrganizationInviteLinkCommand>();
+        services.TryAddScoped<IGetOrganizationInviteLinkQuery, GetOrganizationInviteLinkQuery>();
     }
 
     private static void AddOrganizationDomainCommandsQueries(this IServiceCollection services)

test/Api.IntegrationTest/AdminConsole/Controllers/OrganizationInviteLinksControllerTests.cs

@@ -5,7 +5,6 @@
 using Bit.Api.IntegrationTest.Helpers;
 using Bit.Core;
 using Bit.Core.AdminConsole.Entities;
-using Bit.Core.AdminConsole.Repositories;
 using Bit.Core.Billing.Enums;
 using Bit.Core.Enums;
 using Bit.Core.Models.Data.Organizations;
@@ -68,30 +67,37 @@ public Task DisposeAsync()
     }
 
     [Fact]
-    public async Task Create_AsOwner_ReturnsCreated()
+    public async Task CreateThenGet_AsOwner_ReturnsCreatedAndOk()
     {
         var request = new CreateOrganizationInviteLinkRequestModel
         {
             AllowedDomains = ["acme.com", "example.com"],
             EncryptedInviteKey = _validEncryptedKey,
         };
 
-        var response = await _client.PostAsJsonAsync(
+        static void AssertInviteLink(OrganizationInviteLinkResponseModel? content, Organization organization)
+        {
+            Assert.NotNull(content);
+            Assert.NotEqual(Guid.Empty, content.Id);
+            Assert.NotEqual(Guid.Empty, content.Code);
+            Assert.Equal(organization.Id, content.OrganizationId);
+            Assert.Equal(["acme.com", "example.com"], content.AllowedDomains);
+            Assert.Equal(_validEncryptedKey, content.EncryptedInviteKey);
+        }
+
+        var createResponse = await _client.PostAsJsonAsync(
             $"/organizations/{_organization.Id}/invite-link", request);
 
-        Assert.Equal(HttpStatusCode.Created, response.StatusCode);
+        Assert.Equal(HttpStatusCode.Created, createResponse.StatusCode);
+
+        var created = await createResponse.Content.ReadFromJsonAsync<OrganizationInviteLinkResponseModel>();
+        AssertInviteLink(created, _organization);
+
+        var getResponse = await _client.GetAsync($"/organizations/{_organization.Id}/invite-link");
 
-        var content = await response.Content.ReadFromJsonAsync<OrganizationInviteLinkResponseModel>();
-        Assert.NotNull(content);
-        Assert.NotEqual(Guid.Empty, content.Id);
-        Assert.NotEqual(Guid.Empty, content.Code);
-        Assert.Equal(_organization.Id, content.OrganizationId);
-        Assert.Equal(["acme.com", "example.com"], content.AllowedDomains);
-        Assert.Equal(_validEncryptedKey, content.EncryptedInviteKey);
+        Assert.Equal(HttpStatusCode.OK, getResponse.StatusCode);
 
-        var repository = _factory.GetService<IOrganizationInviteLinkRepository>();
-        var persisted = await repository.GetByOrganizationIdAsync(_organization.Id);
-        Assert.NotNull(persisted);
-        Assert.Equal(content.Id, persisted.Id);
+        var content = await getResponse.Content.ReadFromJsonAsync<OrganizationInviteLinkResponseModel>();
+        AssertInviteLink(content, _organization);
     }
 }

test/Api.Test/AdminConsole/Controllers/OrganizationInviteLinksControllerTests.cs

@@ -74,6 +74,57 @@ public async Task Create_WithExistingLink_Returns409(
         Assert.Equal(StatusCodes.Status409Conflict, jsonResult.StatusCode);
     }
 
+    [Theory, BitAutoData]
+    public async Task Get_WhenLinkExists_ReturnsOkWithModel(
+        Guid orgId,
+        OrganizationInviteLink inviteLink,
+        SutProvider<OrganizationInviteLinksController> sutProvider)
+    {
+        inviteLink.OrganizationId = orgId;
+        inviteLink.AllowedDomains = "[\"acme.com\"]";
+
+        sutProvider.GetDependency<IGetOrganizationInviteLinkQuery>()
+            .GetAsync(orgId)
+            .Returns(new CommandResult<OrganizationInviteLink>(inviteLink));
+
+        var result = await sutProvider.Sut.Get(orgId);
+
+        var okResult = Assert.IsType<Ok<OrganizationInviteLinkResponseModel>>(result);
+        Assert.NotNull(okResult.Value);
+        Assert.Equal(inviteLink.Id, okResult.Value.Id);
+        Assert.Equal(orgId, okResult.Value.OrganizationId);
+    }
+
+    [Theory, BitAutoData]
+    public async Task Get_WhenNoLinkExists_ReturnsNotFound(
+        Guid orgId,
+        SutProvider<OrganizationInviteLinksController> sutProvider)
+    {
+        sutProvider.GetDependency<IGetOrganizationInviteLinkQuery>()
+            .GetAsync(orgId)
+            .Returns(new CommandResult<OrganizationInviteLink>(new InviteLinkNotFound()));
+
+        var result = await sutProvider.Sut.Get(orgId);
+
+        var notFoundResult = Assert.IsType<NotFound<Bit.Core.Models.Api.ErrorResponseModel>>(result);
+        Assert.NotNull(notFoundResult.Value);
+    }
+
+    [Theory, BitAutoData]
+    public async Task Get_WhenInviteLinkNotAvailable_Returns400(
+        Guid orgId,
+        SutProvider<OrganizationInviteLinksController> sutProvider)
+    {
+        sutProvider.GetDependency<IGetOrganizationInviteLinkQuery>()
+            .GetAsync(orgId)
+            .Returns(new CommandResult<OrganizationInviteLink>(new InviteLinkNotAvailable()));
+
+        var result = await sutProvider.Sut.Get(orgId);
+
+        var badRequestResult = Assert.IsType<BadRequest<Bit.Core.Models.Api.ErrorResponseModel>>(result);
+        Assert.NotNull(badRequestResult.Value);
+    }
+
     [Theory, BitAutoData]
     public async Task Create_WithValidationError_Returns400(
         Guid orgId,

test/Core.Test/AdminConsole/OrganizationFeatures/InviteLinks/GetOrganizationInviteLinkQueryTests.cs

@@ -0,0 +1,97 @@
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.AdminConsole.OrganizationFeatures.InviteLinks;
+using Bit.Core.AdminConsole.Repositories;
+using Bit.Core.Models.Data.Organizations;
+using Bit.Core.Services;
+using Bit.Test.Common.AutoFixture;
+using Bit.Test.Common.AutoFixture.Attributes;
+using NSubstitute;
+using Xunit;
+
+namespace Bit.Core.Test.AdminConsole.OrganizationFeatures.InviteLinks;
+
+[SutProviderCustomize]
+public class GetOrganizationInviteLinkQueryTests
+{
+    [Theory, BitAutoData]
+    public async Task GetAsync_WithValidInput_Success(
+        Guid organizationId,
+        OrganizationInviteLink link,
+        SutProvider<GetOrganizationInviteLinkQuery> sutProvider)
+    {
+        SetupAbility(sutProvider, organizationId);
+        link.OrganizationId = organizationId;
+
+        sutProvider.GetDependency<IOrganizationInviteLinkRepository>()
+            .GetByOrganizationIdAsync(organizationId)
+            .Returns(link);
+
+        var result = await sutProvider.Sut.GetAsync(organizationId);
+
+        Assert.True(result.IsSuccess);
+        Assert.Same(link, result.AsSuccess);
+    }
+
+    [Theory, BitAutoData]
+    public async Task GetAsync_WhenNoLinkExists_ReturnsNotFoundError(
+        Guid organizationId,
+        SutProvider<GetOrganizationInviteLinkQuery> sutProvider)
+    {
+        SetupAbility(sutProvider, organizationId);
+
+        sutProvider.GetDependency<IOrganizationInviteLinkRepository>()
+            .GetByOrganizationIdAsync(organizationId)
+            .Returns((OrganizationInviteLink?)null);
+
+        var result = await sutProvider.Sut.GetAsync(organizationId);
+
+        Assert.True(result.IsError);
+        Assert.IsType<InviteLinkNotFound>(result.AsError);
+    }
+
+    [Theory, BitAutoData]
+    public async Task GetAsync_WithoutUseInviteLinksAbility_ReturnsBadRequestError(
+        Guid organizationId,
+        SutProvider<GetOrganizationInviteLinkQuery> sutProvider)
+    {
+        SetupAbility(sutProvider, organizationId, useInviteLinks: false);
+
+        var result = await sutProvider.Sut.GetAsync(organizationId);
+
+        Assert.True(result.IsError);
+        Assert.IsType<InviteLinkNotAvailable>(result.AsError);
+
+        await sutProvider.GetDependency<IOrganizationInviteLinkRepository>()
+            .DidNotReceiveWithAnyArgs()
+            .GetByOrganizationIdAsync(default);
+    }
+
+    [Theory, BitAutoData]
+    public async Task GetAsync_WithNullAbility_ReturnsBadRequestError(
+        Guid organizationId,
+        SutProvider<GetOrganizationInviteLinkQuery> sutProvider)
+    {
+        sutProvider.GetDependency<IApplicationCacheService>()
+            .GetOrganizationAbilityAsync(organizationId)
+            .Returns((OrganizationAbility?)null);
+
+        var result = await sutProvider.Sut.GetAsync(organizationId);
+
+        Assert.True(result.IsError);
+        Assert.IsType<InviteLinkNotAvailable>(result.AsError);
+
+        await sutProvider.GetDependency<IOrganizationInviteLinkRepository>()
+            .DidNotReceiveWithAnyArgs()
+            .GetByOrganizationIdAsync(default);
+    }
+
+    private static void SetupAbility(
+        SutProvider<GetOrganizationInviteLinkQuery> sutProvider,
+        Guid organizationId,
+        bool useInviteLinks = true)
+    {
+        sutProvider.GetDependency<IApplicationCacheService>()
+            .GetOrganizationAbilityAsync(organizationId)
+            .Returns(new OrganizationAbility { UseInviteLinks = useInviteLinks });
+    }
+}