1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-22 12:15:36 +01:00
Commit Graph

5208 Commits

Author SHA1 Message Date
Matt Bishop
1944c853e7
Move cancelled check inside braces (#4627) 2024-08-13 14:03:13 -04:00
renovate[bot]
eaa386f3da
[deps] DevOps: Update gh minor (#4585)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-13 13:33:53 -04:00
Matt Bishop
71d5f53be5
Use not cancelled vs always (#4626) 2024-08-13 13:31:27 -04:00
Matt Bishop
0dae02df23
Test for secrets before performing restricted actions (#4625)
* Test for secrets before performing restricted actions

* Go back to always
2024-08-13 12:56:47 -04:00
Vincent Salucci
253ad9c74f
chore: remove fc v1 feature flag, remove obsolete feature service calls from tests, refs PM-10295 (#4618) 2024-08-13 11:20:05 -05:00
Bernd Schoolmann
1442bf94ae
Fix send rotation error message (#4624) 2024-08-13 11:41:27 -04:00
Matt Bishop
5084ccc328
Check for secrets for a couple remaining workflows using them (#4621) 2024-08-13 08:24:15 -04:00
Thomas Rittson
f04c3b8e54
[PM-10361] Remove Group.AccessAll from code (#4614)
* Remove Group.AccessAll from code

* Add shadow property config and migration
2024-08-13 08:54:03 +10:00
Thomas Avery
e2f05f4b8b
Fix SecretAccessPoliciesUpdatesQueryTest (#4619) 2024-08-12 16:58:30 -05:00
Bitwarden DevOps
47afe97379
Bumped version to 2024.8.0 (#4617) 2024-08-12 15:22:00 +00:00
renovate[bot]
1589291ecd
[deps] Tools: Update aws-sdk-net monorepo to v3.7.400.4 (#4602)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-12 12:25:29 +02:00
Thomas Rittson
916be50e66
[PM-10349] Drop Organization.FlexibleCollections column (#4583) 2024-08-12 08:28:13 +10:00
Alex Morask
de1a816b07
Handle tax_id_invalid error (#4609) 2024-08-09 14:13:54 -04:00
Justin Baur
56d6c91b25
Enable Nullable In Auth Repositories (#4600) 2024-08-09 09:31:06 -04:00
Thomas Rittson
374ef95656
Add OrganizationUser_UpdateDataForKeyRotation sproc (#4601) 2024-08-09 08:52:25 +10:00
Thomas Rittson
58a314d9f4
[PM-10360] Drop user cipher and collection details v2 functions (#4588) 2024-08-09 07:33:45 +10:00
renovate[bot]
31412db1a9
[deps] DevOps: Update anchore/scan-action action to v4 (#4606)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-08 16:12:22 -04:00
Mark Youssef
2011e39e0b
Update new user and trial initiation email content (#4571)
* Update new user and trial initiation email content

* Adjust spacing

* Update style and text

* Update to `{{{`
2024-08-08 12:48:44 -07:00
Vincent Salucci
e2110da4a7
fix: restore using core for remaining feature flag references, refs PM-10291 (#4607) 2024-08-08 14:07:05 -05:00
Vincent Salucci
746a35a14a
[PM-10291] Remove Flexible Collections v1 flag from API (#4578)
* chore: remove fc v1 from groups controller, refs PM-10291

* chore: remove fc v1 from organization users controller, refs PM-10291

* chore: remove fc v1 from organizations controller and clean up unsused imports, refs PM-10291

* chore: remove fc v1 from BulkCollectionAuthorizationHandler, refs PM-10291

* chore: remove fc v1 from CiphersCollections, refs PM-10291

* fix: unit tests related to fc v1 flag removal, refs PM-10291

* chore: update AllowAdminAccessToAllCollectionItems to take optional params, increase usage, refs PM-10291

* fix: format files, refs PM-10291

* chore: revert change to helper method, ignore double cache call, refs PM-10291
2024-08-08 12:26:07 -05:00
Rui Tomé
8d69bb0aaa
[AC-1698] Check if a user has 2FA enabled more efficiently (#4524)
* feat: Add stored procedure for reading organization user details with premium access by organization ID

The code changes include:
- Addition of a new stored procedure [dbo].[OrganizationUserUserDetailsWithPremiumAccess_ReadByOrganizationId] to read organization user details with premium access by organization ID
- Modification of the IUserService interface to include an optional parameter for checking two-factor authentication with premium access
- Modification of the UserService class to handle the new optional parameter in the TwoFactorIsEnabledAsync method
- Addition of a new method GetManyDetailsWithPremiumAccessByOrganizationAsync in the IOrganizationUserRepository interface to retrieve organization user details with premium access by organization ID
- Addition of a new view [dbo].[OrganizationUserUserDetailsWithPremiumAccessView] to retrieve organization user details with premium access

* Add IUserRepository.SearchDetailsAsync that includes the field HasPremiumAccess

* Check the feature flag on Admin.UsersController to see if the optimization runs

* Modify PolicyService to run query optimization if the feature flag is enabled

* Refactor the parameter check on UserService.TwoFactorIsEnabledAsync

* Run query optimization on public MembersController if feature flag is enabled

* Restore refactor

* Reverted change used for development

* Add unit tests for OrganizationService.RestoreUser

* Separate new CheckPoliciesBeforeRestoreAsync optimization into new method

* Add more unit tests

* Apply refactor to bulk restore

* Add GetManyDetailsAsync method to IUserRepository. Add ConfirmUsersAsync_vNext method to IOrganizationService

* Add unit tests for ConfirmUser_vNext

* Refactor the optimization to use the new TwoFactorIsEnabledAsync method instead of changing the existing one

* Removed unused sql scripts and added migration script

* Remove unnecessary view

* chore: Remove unused SearchDetailsAsync method from IUserRepository and UserRepository

* refactor: Use UserDetails constructor in UserRepository

* Add summary to IUserRepository.GetManyDetailsAsync

* Add summary descriptions to IUserService.TwoFactorIsEnabledAsync

* Remove obsolete annotation from IUserRepository.UpdateUserKeyAndEncryptedDataAsync

* refactor: Rename UserDetails to UserWithCalculatedPremium across the codebase

* Extract IUserService.TwoFactorIsEnabledAsync into a new TwoFactorIsEnabledQuery class

* Add unit tests for TwoFactorIsEnabledQuery

* Update TwoFactorIsEnabledQueryTests to include additional provider types

* Refactor TwoFactorIsEnabledQuery

* Refactor TwoFactorIsEnabledQuery and update tests

* refactor: Update TwoFactorIsEnabledQueryTests to include test for null TwoFactorProviders

* refactor: Improve TwoFactorIsEnabledQuery and update tests

* refactor: Improve TwoFactorIsEnabledQuery and update tests

* Remove empty <returns> from summary

* Update User_ReadByIdsWithCalculatedPremium stored procedure to accept JSON array of IDs
2024-08-08 15:43:45 +01:00
Vince Grassia
19dc7c339b
Remove reference to missing job (#4595) 2024-08-08 14:42:58 +01:00
Maciej Zieniuk
77f8cc58e8
SM-1146: Secrets Manager total counts (#4200)
* SM-1146: SM Organization Counts for Projects, Secrets, Machine Accounts

* SM-1146: Project total counts

* SM-1146: models object renames

* SM-1146: Service Account total counts

* SM-1146: Unit test coverage for counts controller

* SM-1146: Counts controller simplification, UT update

* SM-1146: Service Account total counts from Service Account auth user

* SM-1146: Integration Tests for total counts controller

* SM-1146: Explicitly denying access for Service Accounts

* SM-1146: Fix broken ProjectsController integration test

* SM-1146: Integration tests for counts controller

* SM-1146: Explicitly denying access for Service Accounts cleanup

* SM-1146: Test cleanup

* SM-1146: PR review comments fix

* SM-1146: People, Service Accounts positive count on write access

* Update bitwarden_license/src/Commercial.Infrastructure.EntityFramework/SecretsManager/Repositories/ProjectRepository.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2024-08-08 15:12:52 +02:00
Bitwarden DevOps
bb02bdb3e8
Bumped version to 2024.7.4 (#4603) 2024-08-08 11:59:26 +00:00
renovate[bot]
c757bf351c
[PM-9811][deps] Tools: Update MailKit to v4.7.1.1 (#4511)
* [deps] Tools: Update MailKit to v4.7.1.1

* Remove explicit reference to System.Formats.Asn1 because it's resolved downstream with MimeKit 4.7.1

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2024-08-08 11:03:18 +02:00
Cesar Gonzalez
92eac5b59f
[PM-8841] Adding feature flag to allow us to toggle delaying the FIDO2 page-script content script injection within mv2 (#4598) 2024-08-07 10:42:00 -05:00
Conner Turnbull
722dedf10d
Added all missing plan fields to GetPlansHelper (#4597) 2024-08-07 11:22:45 -04:00
Conner Turnbull
4de0f2d783
Checking if seats and storage have values before setting them to default (#4596) 2024-08-07 11:22:09 -04:00
Conner Turnbull
452646be8c
HTML encoding email address when sending trial init email (#4594) 2024-08-06 19:21:04 +00:00
Vincent Salucci
f49fb3a891
[PM-10292] Remove Flexible Collections v1 from Core (#4579)
* chore: remove fc v1 from OrganizationService, refs PM-10292

* chore: remove fc v1 from CollectionService, refs PM-10292

* chore: remove fc v1 from OrganizationCiphersQuery, refs PM-10292

* fix: update CollectionServiceTests, refs PM-10292
2024-08-06 11:14:16 -05:00
Bernd Schoolmann
7d48102865
[PM-7742] Set hasManageResetPasswordPermission for owner and admin invitees (#4528)
* Set hasManageResetPasswordPermission for owner and admin invitees

* Make userdecryptionoptionsbuilder ignore orgusertype if orguser is null
2024-08-06 11:22:10 +02:00
Vincent Salucci
4d3c1c5a5c
chore: remove AllowAdminAccessToAllCollectionItems ref along with feature service call, refs AC-2683 (#4535) 2024-08-05 13:56:46 -05:00
Alex Morask
2157df9ac8
[AC-2942] Sync seat minimum updates from Admin to Stripe (#4580)
* Sync stripe when seat minimums are updated from admin portal

* Add unit tests

* Run dotnet format
2024-08-05 14:45:33 -04:00
Cesar Gonzalez
02fe8777ce
[PM-10420] Generate identity fill script refactor feature flag (#4577) 2024-08-05 12:04:23 -05:00
Alex Morask
a2e1eb79d2
[AC-2947] Fix provider account credit display (#4590)
* Fix provider account credit

* Fix test
2024-08-05 11:02:17 -04:00
renovate[bot]
1f09233760
[deps] Tools: Update aws-sdk-net monorepo to v3.7.400.2 (#4572)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-02 14:02:05 +02:00
Oscar Hinton
f5c771a057
[PM-10261] Migrate from gulp to webpack (#4569)
* Migrate from gulp to bootstrap

* Remove auto build since it breaks tests
2024-07-31 15:41:55 -04:00
renovate[bot]
3cccb6fead
[deps] Auth: Update Duende.IdentityServer to v7.0.6 [SECURITY] (#4573)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-31 15:19:45 -04:00
Alex Morask
398741cec4
[AC-2888] Improve consolidated billing error handling (#4548)
* Fix error handling in provider setup process

This update ensures that when 'enable-consolidated-billing' is on, any exception thrown during the Stripe customer or subscription setup process for the provider will block the remainder of the setup process so the provider does not enter an invalid state

* Refactor the way BillingException is thrown

Made it simpler to just use the exception constructor and also ensured it was added to the exception handling middleware so it could provide a simple response to the client

* Handle all Stripe exceptions in exception handling middleware

* Fixed error response output for billing's provider controllers

* Cleaned up billing owned provider controllers

Changes were made based on feature updates by product and stuff that's no longer needed. No need to expose sensitive endpoints when they're not being used.

* Reafctored get invoices

Removed unnecssarily bloated method from SubscriberService

* Updated error handling for generating the client invoice report

* Moved get provider subscription to controller

This is only used once and the service layer doesn't seem like the correct choice anymore when thinking about error handling with retrieval

* Handled bad request for update tax information

* Split out Stripe configuration from unauthorization

* Run dotnet format

* Addison's feedback
2024-07-31 09:26:44 -04:00
Bitwarden DevOps
85ddd080cb
Bumped version to 2024.7.3 (#4570) 2024-07-30 15:07:46 +00:00
Todd Martin
bc8d03da6c
Added flag. (#4560) 2024-07-30 10:19:36 -04:00
Alex Morask
ef24724e8c
Set client org max storage to 1GB (#4567) 2024-07-29 17:13:52 -04:00
Conner Turnbull
656e0c20f9
[PM-5093][PM-7325] Added trial initiation email verification endpoint (#4221)
* Added trial initiation user verification endpoint

* Added explanatory comment for why we add artificial delay

* Updated RegistrationStart to Registration reference event

* Ensure that productTier query param is an int

* Added email value to trial initiation email
2024-07-29 14:18:12 -04:00
Daniel James Smith
2b738a5a4c
Set column type for externalId (#4566)
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2024-07-29 15:41:55 +02:00
Conner Turnbull
de79d57d6e
[AC-2820] Updated org edit form scripts to dynamically update expected values (#4439)
* Updated org edit form scripts to dynamically update expected values

* Added script to update null values on organization table

* Updated script to only add MaxStorageGb for premium tiers. Removed setting of seats since it's not a valid edge case

* Updated GetPlansHelper() to not use annonymous properties
2024-07-29 09:06:10 -04:00
Jared Snider
54bd5fa894
Auth/PM-10130 - Registration with Email Verification - Respect Self-hosted Disable Open Registration flag (#4561)
* PM-10130 - Registration with email verification - respect self hosted disable open registration setting properly in non-org invite scenarios.

* PM-10130 - Fix unit tests.

* PM-10130 - Update integration tests.
2024-07-26 13:30:47 -04:00
cyprain-okeke
f9017f8e8c
Add a flag for ac-2708 task (#4536)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-07-26 14:55:29 +00:00
Thomas Rittson
ffdc40b21c
[AC-2881] Remove Organization.FlexibleCollections from code (#4552)
* Remove Organization.FlexibleCollections from code

* Drop Organization.FlexibleCollections column in EF databases
(MSSQL column to be retained for 1 additional deployment to support rollback in cloud)
2024-07-26 15:07:33 +10:00
Thomas Rittson
f9a1a6fc95
Remove GroupsComponentRefactor flag (#4556) 2024-07-26 09:59:10 +10:00
Thomas Rittson
abcde39353
Remove TODO from OrganizationLicense (#4553) 2024-07-26 07:15:30 +10:00