[Reset Password v1] Update DB for Forced Reset (#1467)

* [Reset Password v1] Force Temp Password Changes * Updated EF migrations/scripts * Updating user sprocs with default bit value
2024-11-22 12:15:36 +01:00 · 2021-07-21 11:47:11 -05:00 · 2021-07-21 11:47:11 -05:00 · 4e486e5f5d
commit 4e486e5f5d
parent 8e97b924d4
15 changed files with 3299 additions and 5 deletions
--- a/src/Core/Models/Api/Response/ProfileResponseModel.cs
+++ b/src/Core/Models/Api/Response/ProfileResponseModel.cs
@ -30,6 +30,7 @@ namespace Bit.Core.Models.Api
            Key = user.Key;
            PrivateKey = user.PrivateKey;
            SecurityStamp = user.SecurityStamp;
+            ForcePasswordReset = user.ForcePasswordReset;
            Organizations = organizationsUserDetails?.Select(o => new ProfileOrganizationResponseModel(o));
            Providers = providerUserDetails?.Select(p => new ProfileProviderResponseModel(p));
            ProviderOrganizations =
@ -47,6 +48,7 @@ namespace Bit.Core.Models.Api
        public string Key { get; set; }
        public string PrivateKey { get; set; }
        public string SecurityStamp { get; set; }
+        public bool ForcePasswordReset { get; set; }
        public IEnumerable<ProfileOrganizationResponseModel> Organizations { get; set; }
        public IEnumerable<ProfileProviderResponseModel> Providers { get; set; }
        public IEnumerable<ProfileProviderOrganizationResponseModel> ProviderOrganizations { get; set; }
--- a/src/Core/Models/Table/User.cs
+++ b/src/Core/Models/Table/User.cs
@ -57,6 +57,7 @@ namespace Bit.Core.Models.Table
        public int KdfIterations { get; set; } = 5000;
        public DateTime CreationDate { get; internal set; } = DateTime.UtcNow;
        public DateTime RevisionDate { get; internal set; } = DateTime.UtcNow;
+        public bool ForcePasswordReset { get; set; }

        public void SetNewId()
        {
--- a/Procedures/User_Create.sql
+++ b/Procedures/User_Create.sql
@ -29,7 +29,8 @@
    @KdfIterations INT,
    @CreationDate DATETIME2(7),
    @RevisionDate DATETIME2(7),
-    @ApiKey VARCHAR(30)
+    @ApiKey VARCHAR(30),
+    @ForcePasswordReset BIT = 0
 AS
 BEGIN
    SET NOCOUNT ON
@ -66,7 +67,8 @@ BEGIN
        [KdfIterations],
        [CreationDate],
        [RevisionDate],
-        [ApiKey]
+        [ApiKey],
+        [ForcePasswordReset]
    )
    VALUES
    (
@ -100,6 +102,7 @@ BEGIN
        @KdfIterations,
        @CreationDate,
        @RevisionDate,
-        @ApiKey
+        @ApiKey,
+        @ForcePasswordReset
    )
 END
--- a/Procedures/User_Update.sql
+++ b/Procedures/User_Update.sql
@ -29,7 +29,8 @@
    @KdfIterations INT,
    @CreationDate DATETIME2(7),
    @RevisionDate DATETIME2(7),
-    @ApiKey VARCHAR(30)
+    @ApiKey VARCHAR(30),
+    @ForcePasswordReset BIT = 0
 AS
 BEGIN
    SET NOCOUNT ON
@ -66,7 +67,8 @@ BEGIN
        [KdfIterations] = @KdfIterations,
        [CreationDate] = @CreationDate,
        [RevisionDate] = @RevisionDate,
-        [ApiKey] = @ApiKey
+        [ApiKey] = @ApiKey,
+        [ForcePasswordReset] = @ForcePasswordReset
    WHERE
        [Id] = @Id
 END
--- a/src/Sql/dbo/Tables/User.sql
+++ b/src/Sql/dbo/Tables/User.sql
@ -30,6 +30,7 @@
    [CreationDate]                    DATETIME2 (7)    NOT NULL,
    [RevisionDate]                    DATETIME2 (7)    NOT NULL,
    [ApiKey]                          VARCHAR (30)     NOT NULL,
+    [ForcePasswordReset]              BIT              NOT NULL,
    CONSTRAINT [PK_User] PRIMARY KEY CLUSTERED ([Id] ASC)
 );

--- a/util/Migrator/DbScripts/2021-07-13_00_UserForcePasswordReset.sql
+++ b/util/Migrator/DbScripts/2021-07-13_00_UserForcePasswordReset.sql
@ -0,0 +1,240 @@
+-- Table: User (ForcePasswordReset)
+IF COL_LENGTH('[dbo].[User]', 'ForcePasswordReset') IS NULL
+BEGIN
+    ALTER TABLE
+        [dbo].[User]
+    ADD
+        [ForcePasswordReset] BIT NULL
+END
+GO
+
+UPDATE
+    [dbo].[User]
+SET
+    [ForcePasswordReset] = FALSE
+WHERE
+    [ForcePasswordReset] IS NULL
+GO
+
+ALTER TABLE
+    [dbo].[User]
+ALTER COLUMN
+    [ForcePasswordReset] BIT NOT NULL
+GO
+
+-- View: User
+IF EXISTS(SELECT * FROM sys.views WHERE [Name] = 'UserView')
+BEGIN
+    DROP VIEW [dbo].[UserView]
+END
+GO
+
+CREATE VIEW [dbo].[UserView]
+AS
+SELECT
+    *
+FROM
+    [dbo].[User]
+GO
+
+-- Stored Procedure: User_Create
+IF OBJECT_ID('[dbo].[User_Create]') IS NOT NULL
+BEGIN
+    DROP PROCEDURE [dbo].[User_Create]
+END
+GO
+
+CREATE PROCEDURE [dbo].[User_Create]
+    @Id UNIQUEIDENTIFIER OUTPUT,
+    @Name NVARCHAR(50),
+    @Email NVARCHAR(256),
+    @EmailVerified BIT,
+    @MasterPassword NVARCHAR(300),
+    @MasterPasswordHint NVARCHAR(50),
+    @Culture NVARCHAR(10),
+    @SecurityStamp NVARCHAR(50),
+    @TwoFactorProviders NVARCHAR(MAX),
+    @TwoFactorRecoveryCode NVARCHAR(32),
+    @EquivalentDomains NVARCHAR(MAX),
+    @ExcludedGlobalEquivalentDomains NVARCHAR(MAX),
+    @AccountRevisionDate DATETIME2(7),
+    @Key NVARCHAR(MAX),
+    @PublicKey NVARCHAR(MAX),
+    @PrivateKey NVARCHAR(MAX),
+    @Premium BIT,
+    @PremiumExpirationDate DATETIME2(7),
+    @RenewalReminderDate DATETIME2(7),
+    @Storage BIGINT,
+    @MaxStorageGb SMALLINT,
+    @Gateway TINYINT,
+    @GatewayCustomerId VARCHAR(50),
+    @GatewaySubscriptionId VARCHAR(50),
+    @ReferenceData VARCHAR(MAX),
+    @LicenseKey VARCHAR(100),
+    @Kdf TINYINT,
+    @KdfIterations INT,
+    @CreationDate DATETIME2(7),
+    @RevisionDate DATETIME2(7),
+    @ApiKey VARCHAR(30),
+    @ForcePasswordReset BIT = 0
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    INSERT INTO [dbo].[User]
+    (
+        [Id],
+        [Name],
+        [Email],
+        [EmailVerified],
+        [MasterPassword],
+        [MasterPasswordHint],
+        [Culture],
+        [SecurityStamp],
+        [TwoFactorProviders],
+        [TwoFactorRecoveryCode],
+        [EquivalentDomains],
+        [ExcludedGlobalEquivalentDomains],
+        [AccountRevisionDate],
+        [Key],
+        [PublicKey],
+        [PrivateKey],
+        [Premium],
+        [PremiumExpirationDate],
+        [RenewalReminderDate],
+        [Storage],
+        [MaxStorageGb],
+        [Gateway],
+        [GatewayCustomerId],
+        [GatewaySubscriptionId],
+        [ReferenceData],
+        [LicenseKey],
+        [Kdf],
+        [KdfIterations],
+        [CreationDate],
+        [RevisionDate],
+        [ApiKey],
+        [ForcePasswordReset]
+    )
+    VALUES
+    (
+        @Id,
+        @Name,
+        @Email,
+        @EmailVerified,
+        @MasterPassword,
+        @MasterPasswordHint,
+        @Culture,
+        @SecurityStamp,
+        @TwoFactorProviders,
+        @TwoFactorRecoveryCode,
+        @EquivalentDomains,
+        @ExcludedGlobalEquivalentDomains,
+        @AccountRevisionDate,
+        @Key,
+        @PublicKey,
+        @PrivateKey,
+        @Premium,
+        @PremiumExpirationDate,
+        @RenewalReminderDate,
+        @Storage,
+        @MaxStorageGb,
+        @Gateway,
+        @GatewayCustomerId,
+        @GatewaySubscriptionId,
+        @ReferenceData,
+        @LicenseKey,
+        @Kdf,
+        @KdfIterations,
+        @CreationDate,
+        @RevisionDate,
+        @ApiKey,
+        @ForcePasswordReset
+    )
+END
+GO
+
+-- Stored Procedure: User_Create
+IF OBJECT_ID('[dbo].[User_Update]') IS NOT NULL
+BEGIN
+    DROP PROCEDURE [dbo].[User_Update]
+END
+GO
+
+CREATE PROCEDURE [dbo].[User_Update]
+    @Id UNIQUEIDENTIFIER,
+    @Name NVARCHAR(50),
+    @Email NVARCHAR(256),
+    @EmailVerified BIT,
+    @MasterPassword NVARCHAR(300),
+    @MasterPasswordHint NVARCHAR(50),
+    @Culture NVARCHAR(10),
+    @SecurityStamp NVARCHAR(50),
+    @TwoFactorProviders NVARCHAR(MAX),
+    @TwoFactorRecoveryCode NVARCHAR(32),
+    @EquivalentDomains NVARCHAR(MAX),
+    @ExcludedGlobalEquivalentDomains NVARCHAR(MAX),
+    @AccountRevisionDate DATETIME2(7),
+    @Key NVARCHAR(MAX),
+    @PublicKey NVARCHAR(MAX),
+    @PrivateKey NVARCHAR(MAX),
+    @Premium BIT,
+    @PremiumExpirationDate DATETIME2(7),
+    @RenewalReminderDate DATETIME2(7),
+    @Storage BIGINT,
+    @MaxStorageGb SMALLINT,
+    @Gateway TINYINT,
+    @GatewayCustomerId VARCHAR(50),
+    @GatewaySubscriptionId VARCHAR(50),
+    @ReferenceData VARCHAR(MAX),
+    @LicenseKey VARCHAR(100),
+    @Kdf TINYINT,
+    @KdfIterations INT,
+    @CreationDate DATETIME2(7),
+    @RevisionDate DATETIME2(7),
+    @ApiKey VARCHAR(30),
+    @ForcePasswordReset BIT = 0
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    UPDATE
+        [dbo].[User]
+    SET
+        [Name] = @Name,
+        [Email] = @Email,
+        [EmailVerified] = @EmailVerified,
+        [MasterPassword] = @MasterPassword,
+        [MasterPasswordHint] = @MasterPasswordHint,
+        [Culture] = @Culture,
+        [SecurityStamp] = @SecurityStamp,
+        [TwoFactorProviders] = @TwoFactorProviders,
+        [TwoFactorRecoveryCode] = @TwoFactorRecoveryCode,
+        [EquivalentDomains] = @EquivalentDomains,
+        [ExcludedGlobalEquivalentDomains] = @ExcludedGlobalEquivalentDomains,
+        [AccountRevisionDate] = @AccountRevisionDate,
+        [Key] = @Key,
+        [PublicKey] = @PublicKey,
+        [PrivateKey] = @PrivateKey,
+        [Premium] = @Premium,
+        [PremiumExpirationDate] = @PremiumExpirationDate,
+        [RenewalReminderDate] = @RenewalReminderDate,
+        [Storage] = @Storage,
+        [MaxStorageGb] = @MaxStorageGb,
+        [Gateway] = @Gateway,
+        [GatewayCustomerId] = @GatewayCustomerId,
+        [GatewaySubscriptionId] = @GatewaySubscriptionId,
+        [ReferenceData] = @ReferenceData,
+        [LicenseKey] = @LicenseKey,
+        [Kdf] = @Kdf,
+        [KdfIterations] = @KdfIterations,
+        [CreationDate] = @CreationDate,
+        [RevisionDate] = @RevisionDate,
+        [ApiKey] = @ApiKey,
+        [ForcePasswordReset] = @ForcePasswordReset
+    WHERE
+        [Id] = @Id
+END
+GO
+
+
--- a/util/MySqlMigrations/Migrations/20210716142145_UserForcePasswordReset.Designer.cs
+++ b/util/MySqlMigrations/Migrations/20210716142145_UserForcePasswordReset.Designer.cs
--- a/util/MySqlMigrations/Migrations/20210716142145_UserForcePasswordReset.cs
+++ b/util/MySqlMigrations/Migrations/20210716142145_UserForcePasswordReset.cs
@ -0,0 +1,24 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+namespace Bit.MySqlMigrations.Migrations
+{
+    public partial class UserForcePasswordReset : Migration
+    {
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.AddColumn<bool>(
+                name: "ForcePasswordReset",
+                table: "User",
+                type: "tinyint(1)",
+                nullable: false,
+                defaultValue: false);
+        }
+
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropColumn(
+                name: "ForcePasswordReset",
+                table: "User");
+        }
+    }
+}
--- a/util/MySqlMigrations/Migrations/DatabaseContextModelSnapshot.cs
+++ b/util/MySqlMigrations/Migrations/DatabaseContextModelSnapshot.cs
@ -1040,6 +1040,9 @@ namespace Bit.MySqlMigrations.Migrations
                    b.Property<string>("ExcludedGlobalEquivalentDomains")
                        .HasColumnType("longtext");

+                    b.Property<bool>("ForcePasswordReset")
+                        .HasColumnType("tinyint(1)");
+
                    b.Property<byte?>("Gateway")
                        .HasColumnType("tinyint unsigned");

--- a/util/MySqlMigrations/Scripts/2021-07-13_00_UserForcePasswordReset.sql
+++ b/util/MySqlMigrations/Scripts/2021-07-13_00_UserForcePasswordReset.sql
@ -0,0 +1,8 @@
+START TRANSACTION;
+
+ALTER TABLE `User` ADD `ForcePasswordReset` tinyint(1) NOT NULL DEFAULT FALSE;
+
+INSERT INTO `__EFMigrationsHistory` (`MigrationId`, `ProductVersion`)
+VALUES ('20210716142145_UserForcePasswordReset', '5.0.5');
+
+COMMIT;
--- a/util/PostgresMigrations/Migrations/20210716141748_UserForcePasswordReset.Designer.cs
+++ b/util/PostgresMigrations/Migrations/20210716141748_UserForcePasswordReset.Designer.cs
--- a/util/PostgresMigrations/Migrations/20210716141748_UserForcePasswordReset.cs
+++ b/util/PostgresMigrations/Migrations/20210716141748_UserForcePasswordReset.cs
@ -0,0 +1,24 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+namespace Bit.PostgresMigrations.Migrations
+{
+    public partial class UserForcePasswordReset : Migration
+    {
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.AddColumn<bool>(
+                name: "ForcePasswordReset",
+                table: "User",
+                type: "boolean",
+                nullable: false,
+                defaultValue: false);
+        }
+
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropColumn(
+                name: "ForcePasswordReset",
+                table: "User");
+        }
+    }
+}
--- a/util/PostgresMigrations/Migrations/DatabaseContextModelSnapshot.cs
+++ b/util/PostgresMigrations/Migrations/DatabaseContextModelSnapshot.cs
@ -1049,6 +1049,9 @@ namespace Bit.PostgresMigrations.Migrations
                    b.Property<string>("ExcludedGlobalEquivalentDomains")
                        .HasColumnType("text");

+                    b.Property<bool>("ForcePasswordReset")
+                        .HasColumnType("boolean");
+
                    b.Property<byte?>("Gateway")
                        .HasColumnType("smallint");

--- a/util/PostgresMigrations/RemoveProviderOrganizationProviderUser.psql
+++ b/util/PostgresMigrations/RemoveProviderOrganizationProviderUser.psql
--- a/util/PostgresMigrations/Scripts/2021-07-13_00_UserForcePasswordReset.psql
+++ b/util/PostgresMigrations/Scripts/2021-07-13_00_UserForcePasswordReset.psql
@ -0,0 +1,8 @@
+START TRANSACTION;
+
+ALTER TABLE "User" ADD "ForcePasswordReset" boolean NOT NULL DEFAULT FALSE;
+
+INSERT INTO "__EFMigrationsHistory" ("MigrationId", "ProductVersion")
+VALUES ('20210716141748_UserForcePasswordReset', '5.0.5');
+
+COMMIT;