added confirm invitation

Author: Katzenkralle

src/vaultwarden/models/bitwarden.py

@@ -1,5 +1,6 @@
 from typing import Generic, Literal, TypeVar, cast
 from uuid import UUID
+from base64 import b64decode
 
 from pydantic import AliasChoices, Field, TypeAdapter, field_validator
 from pydantic_core.core_schema import FieldValidationInfo
@@ -8,7 +9,7 @@
 from vaultwarden.models.enum import CipherType, OrganizationUserType
 from vaultwarden.models.exception_models import BitwardenError
 from vaultwarden.models.permissive_model import PermissiveBaseModel
-from vaultwarden.utils.crypto import decrypt, encrypt
+from vaultwarden.utils.crypto import decrypt, encrypt, encrypt_asym
 
 # Pydantic models for Bitwarden data structures
 
@@ -423,6 +424,30 @@ def invite(
         self._users = self._get_users()
         return resp
 
+    def confirm(
+        self,
+        new_user: OrganizationUserDetails,
+    ):
+        rsa_public_key_new_user = b64decode(self.get_public_key_for_user(new_user.UserId))
+        org_key_decrypted = self.key()
+        key = encrypt_asym(org_key_decrypted, rsa_public_key_new_user)
+
+        payload = {
+            "key": key,
+        }
+        resp = self.api_client.api_request(
+            "POST", f"api/organizations/{self.Id}/users/{new_user.Id}/confirm", json=payload
+        )
+        self._users = self._get_users()
+        return resp
+    
+    def get_public_key_for_user(self, user_id: UUID | str):
+        resp = self.api_client.api_request(
+            "GET", f"api/users/{user_id}/public-key"
+        )
+        resp.raise_for_status()
+        return resp.json().get("publicKey")
+
     def _get_users(self) -> list[OrganizationUserDetails]:
         resp = self.api_client.api_request(
             "GET",

tests/e2e/run_tests.sh

@@ -4,13 +4,15 @@ if [[ -z "${VAULTWARDEN_VERSION}" ]]; then
   VAULTWARDEN_VERSION="1.34.3"
 fi
 
+export VAULTWARDEN_INVITATIONS_ALLOWED="false"
+
 temp_dir=$(mktemp -d)
 
 # Copy fixtures db to tmp
 cp tests/fixtures/server/* $temp_dir
 
 # Start Vaultwarden docker
-docker run -d --name vaultwarden -v $temp_dir:/data  --env I_REALLY_WANT_VOLATILE_STORAGE=true --env ADMIN_TOKEN=admin  --restart unless-stopped -p 80:80 vaultwarden/server:${VAULTWARDEN_VERSION}
+docker run -d --name vaultwarden -v $temp_dir:/data --env INVITATIONS_ALLOWED=${VAULTWARDEN_INVITATIONS_ALLOWED} --env I_REALLY_WANT_VOLATILE_STORAGE=true --env ADMIN_TOKEN=admin  --restart unless-stopped -p 80:80 vaultwarden/server:${VAULTWARDEN_VERSION}
 
 exit 0
 

tests/e2e/test_bitwarden.py

@@ -97,14 +97,21 @@ def test_add_remove_collection_from_user(self):
         )
 
     def test_invite_user_than_remove(self):
-        resp = self.organization.invite("[email protected]")
-        self.assertTrue(resp.is_success)
         user = self.organization.user_search(
-            "test-user-3@example.com", force_refresh=True
+            "test-account-2@example.com", force_refresh=True
         )
-        self.assertIsNotNone(user)
         user.delete()
 
+        resp = self.organization.invite("[email protected]")
+        self.assertTrue(resp.is_success)
+        
+        if not os.environ.get("VAULTWARDEN_INVITATIONS_ALLOWED", True).lower() in ["true", "1", "yes"]:
+            user = self.organization.user_search(
+            "[email protected]", force_refresh=True
+            )
+            resp = self.organization.confirm(user)
+            self.assertTrue(resp.is_success)
+
     def test_rename_organization(self):
         old_name = self.organization.Name
         new_name = "new_test_organization"