Added transaction isolation and wrapped all calls (cept sm) in transaaction

Author: jrmccannon

bitwarden_license/src/Scim/Users/PostUserCommand.cs

@@ -1,5 +1,6 @@
 #nullable enable
 
+using System.Data;
 using Bit.Core;
 using Bit.Core.AdminConsole.Enums;
 using Bit.Core.AdminConsole.Models.Business;
@@ -50,7 +51,7 @@ public class PostUserCommand(
         Guid organizationId,
         ScimProviderType scimProvider)
     {
-        await transactionManager.BeginTransactionAsync();
+        await transactionManager.BeginTransactionAsync(IsolationLevel.Serializable);
 
         var organization = await organizationRepository.GetByIdAsync(organizationId);
 

src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/InviteUsers/InviteOrganizationUsersCommand.cs

@@ -156,12 +156,14 @@ private async Task<CommandResult<InviteOrganizationUsersResponse>> InviteOrganiz
         {
             logger.LogError(ex, FailedToInviteUsersError.Code);
 
-            await organizationUserRepository.DeleteManyAsync(organizationUserToInviteEntities.Select(x => x.OrganizationUser.Id));
+            // this should already be done
+            //await organizationUserRepository.DeleteManyAsync(organizationUserToInviteEntities.Select(x => x.OrganizationUser.Id));
 
             // Do this first so that SmSeats never exceed PM seats (due to current billing requirements)
             await RevertSecretsManagerChangesAsync(validatedRequest, organization, validatedRequest.Value.InviteOrganization.SmSeats);
 
-            await RevertPasswordManagerChangesAsync(validatedRequest, organization);
+            //this should already be done
+            //await RevertPasswordManagerChangesAsync(validatedRequest, organization);
 
             return new Failure<InviteOrganizationUsersResponse>(
                 new FailedToInviteUsersError(

src/Core/Platform/Data/ITransactionManager.cs

@@ -1,4 +1,6 @@
-namespace Bit.Core.Platform.Data;
+using System.Data;
+
+namespace Bit.Core.Platform.Data;
 
 /// <summary>
 /// Manages ambient database transactions that span multiple repository calls.
@@ -10,9 +12,12 @@ public interface ITransactionManager
     /// Begins a new ambient transaction. All repository operations on the current
     /// async flow will use the same connection and transaction until disposed.
     /// Supports nesting: inner calls increment a reference count; only the
-    /// outermost Dispose/Commit actually affects the database.
+    /// outermost Dispose/Commit actually affects the database. The isolation level
+    /// on a nested call is ignored — the inner scope joins the outer transaction.
     /// </summary>
-    Task<ITransactionScope> BeginTransactionAsync(CancellationToken cancellationToken = default);
+    Task<ITransactionScope> BeginTransactionAsync(
+        IsolationLevel isolationLevel = IsolationLevel.ReadCommitted,
+        CancellationToken cancellationToken = default);
 
     /// <summary>
     /// Returns true if the current async flow has an active ambient transaction.

src/Infrastructure.Dapper/AdminConsole/Repositories/OrganizationRepository.cs

@@ -250,15 +250,16 @@ public async Task<ICollection<Organization>> GetManyByIdsAsync(IEnumerable<Guid>
 
     public async Task<OrganizationSeatCounts> GetOccupiedSeatCountByOrganizationIdAsync(Guid organizationId)
     {
-        using (var connection = new SqlConnection(ConnectionString))
+        return await ExecuteWithConnectionAsync(async (connection, transaction) =>
         {
             var result = await connection.QueryAsync<OrganizationSeatCounts>(
                 "[dbo].[Organization_ReadOccupiedSeatCountByOrganizationId]",
                 new { OrganizationId = organizationId },
+                transaction: transaction,
                 commandType: CommandType.StoredProcedure);
 
             return result.SingleOrDefault() ?? new OrganizationSeatCounts();
-        }
+        });
     }
 
     public async Task<IEnumerable<Organization>> GetOrganizationsForSubscriptionSyncAsync()
@@ -285,11 +286,13 @@ await connection.ExecuteAsync("[dbo].[Organization_UpdateSubscriptionStatus]",
 
     public async Task IncrementSeatCountAsync(Guid organizationId, int increaseAmount, DateTime requestDate)
     {
-        await using var connection = new SqlConnection(ConnectionString);
-
-        await connection.ExecuteAsync("[dbo].[Organization_IncrementSeatCount]",
-            new { OrganizationId = organizationId, SeatsToAdd = increaseAmount, RequestDate = requestDate },
-            commandType: CommandType.StoredProcedure);
+        await ExecuteWithConnectionAsync(async (connection, transaction) =>
+        {
+            await connection.ExecuteAsync("[dbo].[Organization_IncrementSeatCount]",
+                new { OrganizationId = organizationId, SeatsToAdd = increaseAmount, RequestDate = requestDate },
+                transaction: transaction,
+                commandType: CommandType.StoredProcedure);
+        });
     }
 
     public async Task InitializeOrganizationAsync(Organization organization, Func<DbConnection, DbTransaction, Task> confirmOwnerAction)

src/Infrastructure.Dapper/AdminConsole/Repositories/OrganizationUserRepository.cs

@@ -94,15 +94,16 @@ public async Task<int> GetCountByOrganizationAsync(Guid organizationId, string e
 
     public async Task<int> GetOccupiedSmSeatCountByOrganizationIdAsync(Guid organizationId)
     {
-        using (var connection = new SqlConnection(ConnectionString))
+        return await ExecuteWithConnectionAsync(async (connection, transaction) =>
         {
             var result = await connection.ExecuteScalarAsync<int>(
                 "[dbo].[OrganizationUser_ReadOccupiedSmSeatCountByOrganizationId]",
                 new { OrganizationId = organizationId },
+                transaction: transaction,
                 commandType: CommandType.StoredProcedure);
 
             return result;
-        }
+        });
     }
 
     public async Task<ICollection<string>> SelectKnownEmailsAsync(Guid organizationId, IEnumerable<string> emails,
@@ -205,11 +206,12 @@ public async Task<ICollection<OrganizationUser>> GetManyByOrganizationAsync(Guid
 
     public async Task<ICollection<OrganizationUserUserDetails>> GetManyDetailsByOrganizationAsync(Guid organizationId, bool includeGroups, bool includeSharedCollections)
     {
-        using (var connection = new SqlConnection(ConnectionString))
+        return await ExecuteWithConnectionAsync(async (connection, transaction) =>
         {
             var results = await connection.QueryAsync<OrganizationUserUserDetails>(
                 "[dbo].[OrganizationUserUserDetails_ReadByOrganizationId]",
                 new { OrganizationId = organizationId },
+                transaction: transaction,
                 commandType: CommandType.StoredProcedure);
 
             List<IGrouping<Guid, GroupUser>>? userGroups = null;
@@ -229,6 +231,7 @@ public async Task<ICollection<OrganizationUserUserDetails>> GetManyDetailsByOrga
                 userGroups = (await connection.QueryAsync<GroupUser>(
                     "[dbo].[GroupUser_ReadByOrganizationUserIds]",
                     new { OrganizationUserIds = orgUserIds },
+                    transaction: transaction,
                     commandType: CommandType.StoredProcedure)).GroupBy(u => u.OrganizationUserId).ToList();
             }
 
@@ -237,6 +240,7 @@ public async Task<ICollection<OrganizationUserUserDetails>> GetManyDetailsByOrga
                 userCollections = (await connection.QueryAsync<CollectionUser>(
                     "[dbo].[CollectionUser_ReadSharedCollectionsByOrganizationUserIds]",
                     new { OrganizationUserIds = orgUserIds },
+                    transaction: transaction,
                     commandType: CommandType.StoredProcedure)).GroupBy(u => u.OrganizationUserId).ToList();
             }
 
@@ -265,7 +269,7 @@ public async Task<ICollection<OrganizationUserUserDetails>> GetManyDetailsByOrga
             }
 
             return users;
-        }
+        });
     }
 
     public async Task<ICollection<OrganizationUserUserDetails>> GetManyDetailsByOrganizationAsync_vNext(Guid organizationId, bool includeGroups, bool includeSharedCollections)
@@ -664,38 +668,40 @@ public async Task<IEnumerable<OrganizationUserUserDetails>> GetManyDetailsByRole
 
     public async Task CreateManyAsync(IEnumerable<CreateOrganizationUser> organizationUserCollection)
     {
-        await using var connection = new SqlConnection(_marsConnectionString);
-
         var organizationUsersList = organizationUserCollection.ToList();
         if (organizationUsersList.Count == 0)
         {
             return;
         }
 
-        await connection.ExecuteAsync(
-            $"[{Schema}].[OrganizationUser_CreateManyWithCollectionsAndGroups]",
-            new
-            {
-                OrganizationUserData = JsonSerializer.Serialize(organizationUsersList.Select(x => x.OrganizationUser)),
-                CollectionData = JsonSerializer.Serialize(organizationUsersList
-                    .SelectMany(x => x.Collections, (user, collection) => new CollectionUser
-                    {
-                        CollectionId = collection.Id,
-                        OrganizationUserId = user.OrganizationUser.Id,
-                        ReadOnly = collection.ReadOnly,
-                        HidePasswords = collection.HidePasswords,
-                        Manage = collection.Manage
-                    })),
-                GroupData = JsonSerializer.Serialize(organizationUsersList
-                    .SelectMany(x => x.Groups, (user, group) => new GroupUser
-                    {
-                        GroupId = group,
-                        OrganizationUserId = user.OrganizationUser.Id
-                    })),
-                // Use the same RevisionDate as the created OrganizationUsers
-                RevisionDate = organizationUsersList.First().OrganizationUser.RevisionDate
-            },
-            commandType: CommandType.StoredProcedure);
+        await ExecuteWithConnectionAsync(async (connection, transaction) =>
+        {
+            await connection.ExecuteAsync(
+                $"[{Schema}].[OrganizationUser_CreateManyWithCollectionsAndGroups]",
+                new
+                {
+                    OrganizationUserData =
+                        JsonSerializer.Serialize(organizationUsersList.Select(x => x.OrganizationUser)),
+                    CollectionData = JsonSerializer.Serialize(organizationUsersList
+                        .SelectMany(x => x.Collections,
+                            (user, collection) => new CollectionUser
+                            {
+                                CollectionId = collection.Id,
+                                OrganizationUserId = user.OrganizationUser.Id,
+                                ReadOnly = collection.ReadOnly,
+                                HidePasswords = collection.HidePasswords,
+                                Manage = collection.Manage
+                            })),
+                    GroupData = JsonSerializer.Serialize(organizationUsersList
+                        .SelectMany(x => x.Groups,
+                            (user, group) =>
+                                new GroupUser { GroupId = group, OrganizationUserId = user.OrganizationUser.Id })),
+                    // Use the same RevisionDate as the created OrganizationUsers
+                    RevisionDate = organizationUsersList.First().OrganizationUser.RevisionDate
+                },
+                transaction: transaction,
+                commandType: CommandType.StoredProcedure);
+        });
     }
 
     public async Task<bool> ConfirmOrganizationUserAsync(AcceptedOrganizationUserToConfirm organizationUserToConfirm)

src/Infrastructure.Dapper/AdminConsole/Repositories/ProviderRepository.cs

@@ -49,15 +49,16 @@ public ProviderRepository(string connectionString, string readOnlyConnectionStri
 
     public async Task<Provider?> GetByOrganizationIdAsync(Guid organizationId)
     {
-        using (var connection = new SqlConnection(ConnectionString))
+        return await ExecuteWithConnectionAsync(async (connection, transaction) =>
         {
             var results = await connection.QueryAsync<Provider>(
                 "[dbo].[Provider_ReadByOrganizationId]",
                 new { OrganizationId = organizationId },
+                transaction: transaction,
                 commandType: CommandType.StoredProcedure);
 
             return results.FirstOrDefault();
-        }
+        });
     }
 
     public async Task<ICollection<Provider>> SearchAsync(string name, string userEmail, int skip, int take)

src/Infrastructure.Dapper/Data/DapperTransactionManager.cs

@@ -1,4 +1,4 @@
-using System.Data.Common;
+using System.Data;
 using Bit.Core.Platform.Data;
 using Bit.Core.Settings;
 using Microsoft.Data.SqlClient;
@@ -16,7 +16,9 @@ public DapperTransactionManager(GlobalSettings globalSettings)
 
     public bool HasActiveTransaction => TransactionState.Current is not null;
 
-    public async Task<ITransactionScope> BeginTransactionAsync(CancellationToken cancellationToken = default)
+    public async Task<ITransactionScope> BeginTransactionAsync(
+        IsolationLevel isolationLevel = IsolationLevel.ReadCommitted,
+        CancellationToken cancellationToken = default)
     {
         var existing = TransactionState.Current;
         if (existing is not null)
@@ -27,7 +29,7 @@ public async Task<ITransactionScope> BeginTransactionAsync(CancellationToken can
 
         var connection = new SqlConnection(_connectionString);
         await connection.OpenAsync(cancellationToken);
-        var transaction = (DbTransaction)await connection.BeginTransactionAsync(cancellationToken);
+        var transaction = await connection.BeginTransactionAsync(isolationLevel, cancellationToken);
 
         var holder = new TransactionHolder
         {

src/Infrastructure.EntityFramework/AdminConsole/Repositories/OrganizationRepository.cs

@@ -424,26 +424,24 @@ where ids.Contains(organization.Id)
 
     public async Task<OrganizationSeatCounts> GetOccupiedSeatCountByOrganizationIdAsync(Guid organizationId)
     {
-        using (var scope = ServiceScopeFactory.CreateScope())
+        return await ExecuteWithContextAsync(async dbContext =>
         {
-            var dbContext = GetDatabaseContext(scope);
             var users = await dbContext.OrganizationUsers
                 .Where(ou => ou.OrganizationId == organizationId && ou.Status >= 0)
                 .CountAsync();
 
             var sponsored = await dbContext.OrganizationSponsorships
                 .Where(os => os.SponsoringOrganizationId == organizationId &&
-                    os.IsAdminInitiated &&
-                    (os.ToDelete == false || (os.ToDelete == true && os.ValidUntil != null && os.ValidUntil > DateTime.UtcNow)) &&
-                    (os.SponsoredOrganizationId == null || (os.SponsoredOrganizationId != null && (os.ValidUntil == null || os.ValidUntil > DateTime.UtcNow))))
+                             os.IsAdminInitiated &&
+                             (os.ToDelete == false || (os.ToDelete == true && os.ValidUntil != null &&
+                                                       os.ValidUntil > DateTime.UtcNow)) &&
+                             (os.SponsoredOrganizationId == null || (os.SponsoredOrganizationId != null &&
+                                                                     (os.ValidUntil == null ||
+                                                                      os.ValidUntil > DateTime.UtcNow))))
                 .CountAsync();
 
-            return new OrganizationSeatCounts
-            {
-                Users = users,
-                Sponsored = sponsored
-            };
-        }
+            return new OrganizationSeatCounts { Users = users, Sponsored = sponsored };
+        });
     }
 
     public async Task<IEnumerable<Core.AdminConsole.Entities.Organization>> GetOrganizationsForSubscriptionSyncAsync()
@@ -472,15 +470,15 @@ await dbContext.Organizations
 
     public async Task IncrementSeatCountAsync(Guid organizationId, int increaseAmount, DateTime requestDate)
     {
-        using var scope = ServiceScopeFactory.CreateScope();
-        await using var dbContext = GetDatabaseContext(scope);
-
-        await dbContext.Organizations
-            .Where(o => o.Id == organizationId)
-            .ExecuteUpdateAsync(s => s
-                .SetProperty(o => o.Seats, o => o.Seats + increaseAmount)
-                .SetProperty(o => o.SyncSeats, true)
-                .SetProperty(o => o.RevisionDate, requestDate));
+        await ExecuteWithContextAsync(async dbContext =>
+        {
+            await dbContext.Organizations
+                .Where(o => o.Id == organizationId)
+                .ExecuteUpdateAsync(s => s
+                    .SetProperty(o => o.Seats, o => o.Seats + increaseAmount)
+                    .SetProperty(o => o.SyncSeats, true)
+                    .SetProperty(o => o.RevisionDate, requestDate));
+        });
     }
 
     public async Task InitializeOrganizationAsync(Core.AdminConsole.Entities.Organization organization, Func<DbConnection, DbTransaction, Task> confirmOwnerAction)