1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-22 12:15:36 +01:00
Commit Graph

5208 Commits

Author SHA1 Message Date
renovate[bot]
5467b9d8ac
[deps] DevOps: Update YamlDotNet to v16 2024-11-12 00:59:01 +00:00
Shane Melton
702a81b161
[PM-14418] Add security-tasks feature flag (#5023) 2024-11-11 16:07:21 -05:00
renovate[bot]
db5beb54b5
[deps] Tools: Update aws-sdk-net monorepo (#5017)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
2024-11-11 19:53:33 +01:00
Matt Bishop
eec4a77bda
Check run earlier during setup (#5022) 2024-11-11 13:19:20 -05:00
Vijay Oommen
9fb3f1d346
PM-13237 password health report application add get (#5000)
* PM-13236 PasswordHealthReportApplications db

* PM-13236 incorporated pr comments

* PM-13236 fixed error in SQL script

* PM-13236 resolve quality scan errors SQL71006, SQL7101, SQL70001

* PM-13236 fixed warnings on procedures

* PM-13236 added efMigrations

* PM-13236 renamed files to PasswordHealthReportApplication (singular)

* PM-13236 changed file name to more appropriate naming

* PM-13236 changed the file name singular

* PM-13236 PasswordHealthReportApplication Entities and Repos

* PM-13236 moved files under tools from core

* PM-13236 Entity PasswordHealthReportApplication namespace changed to tools/entities

* PM-13236 moved Repos and Interfaces to tools

* PM-13236 migrated model to tools namespace

* PM-13236 minor fixes to the unit tests

* PM-13236 fixed script errors during build

* PM-13236 Script to drop PasswordHealthReportApplications if it exists

* PM-13236 fixes to database snapshot

* PM-13236 updated databasesnapshots

* PM-13236 Update database model changes for Mysql

* PM-13236 update model changes for Sqlite

* PM-13236 updated the models to remove commented code

* PM-13236 added correct db snapshot for MySql

* PM-13236 updated database snapshot for Postgres

* PM-13236 updated database snapshot for Sqlite

* PM-13236 removed unwanted directive to fix linting error

* PM-13236 removed redundant script files

* PM-13237 Add entity command and unit tests

* PM-13237 Get query added with unit tests

* PM-13237 Controller to add/get PasswordHealthReportApplication

* PM-13237 Setup dependencies in the EF Service collection extensions

* PM-13237 Added unit tests for ReportsController
2024-11-11 12:54:52 -05:00
Tom
0e23a07bbc
[PM-13298] Modify members access logic (#4876)
* Initial refactor of members acess

* Refactor of the members access report to include a list of ciphers

* Saving ciphers to parent object

* Missed saving the response model

* bit.core change and updating references. Removing unused refs

* Removing commented code

* Adding Bit to the namespaces

* The mapping to the response model missed setting the UserId
2024-11-11 11:18:10 -05:00
Jared McCannon
1dec51bf5a
[PM-13014] - Add CanToggleStatus property to PolicyRepsonseModel based on Policy Validators (#4940)
* Adding CanToggleState to PoliciesControllers (api/public) endpoints. Added mappings wrapped in feature flag.

* Updated logic for determining CanToggle. Removed setting of toggle from List endpoint. Added new details model for single policy response. Validator now returns after first error.
2024-11-11 09:52:42 -06:00
Alex Morask
2e635c9505
Create ProviderInvoiceItems for empty invoices (#5021) 2024-11-11 10:02:21 -05:00
Alex Urbina
89be2f495a
Fix Hackerone Report ID 2830741 (#5010) 2024-11-08 20:41:58 +00:00
Jimmy Vo
aa3d71607f
PM-13763 Move ResetPasswordEnrolled to response model (#4983)
to adhere to Liskov Substitution Principle. Ensures request models inherit only relevant properties.
2024-11-08 15:02:51 -05:00
MtnBurrit0
a56f3a587c
Update logic to handle pull_request_target (#5008)
- Removing the grep and create a conditional based on GITHUB_EVENT_NAME
2024-11-08 11:58:07 -07:00
Vijay Oommen
7cf6742595
PM-13236 - Password Health Report Application - entities repos (#4974)
* PM-13236 PasswordHealthReportApplications db

* PM-13236 incorporated pr comments

* PM-13236 fixed error in SQL script

* PM-13236 resolve quality scan errors SQL71006, SQL7101, SQL70001

* PM-13236 fixed warnings on procedures

* PM-13236 added efMigrations

* PM-13236 renamed files to PasswordHealthReportApplication (singular)

* PM-13236 changed file name to more appropriate naming

* PM-13236 changed the file name singular

* PM-13236 PasswordHealthReportApplication Entities and Repos

* PM-13236 moved files under tools from core

* PM-13236 Entity PasswordHealthReportApplication namespace changed to tools/entities

* PM-13236 moved Repos and Interfaces to tools

* PM-13236 migrated model to tools namespace

* PM-13236 minor fixes to the unit tests

* PM-13236 fixed script errors during build

* PM-13236 Script to drop PasswordHealthReportApplications if it exists

* PM-13236 fixes to database snapshot

* PM-13236 updated databasesnapshots

* PM-13236 Update database model changes for Mysql

* PM-13236 update model changes for Sqlite

* PM-13236 updated the models to remove commented code

* PM-13236 added correct db snapshot for MySql

* PM-13236 updated database snapshot for Postgres

* PM-13236 updated database snapshot for Sqlite

* PM-13236 removed unwanted directive to fix linting error

* PM-13236 removed redundant script files
2024-11-08 11:28:56 -05:00
Matt Bishop
e7cbdaa469
Only build Unified on main branch pushes (#5006) 2024-11-08 10:31:18 -05:00
Matt Bishop
fcb706b9c5
Catch PR targets for certain build operations (#5003)
* Catch PR targets for certain build operations

* Support EE
2024-11-07 17:11:01 -05:00
Matt Bishop
21b7c3b73a
Support client version prerelease flag in context and LD targeting (#4994)
* Support client version prerelease flag in context and LD targeting

* Use integer instead of Boolean
2024-11-07 16:13:57 -05:00
renovate[bot]
d6e624d639
[deps] Tools: Update aws-sdk-net monorepo (#4993)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-11-07 20:39:36 +01:00
Jason Ng
fda7c4912a
[PM-8682] added flags for new device verification notice (#4999) 2024-11-07 14:30:29 -05:00
Brandon Treston
ebd78ff30d
[PM-11408] Remove cs delete permission (#4998)
* remove user delete permission from CS role
2024-11-07 14:14:42 -05:00
Brandon Treston
15bc5060c6
[PM-11409] prevent managed user from leaving managing organization (#4995)
* prevent managed user from leaving managing organization

* fix org check to be specific to single org

* simplify logic
2024-11-07 14:10:00 -05:00
renovate[bot]
4adcecb80a
[deps]: Update Microsoft.NET.Test.Sdk to 17.11.1 (#4830)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-11-07 11:51:39 -05:00
Brandon Treston
82cd1a8b1a
add feature flag (#4987) 2024-11-07 11:30:26 -05:00
Nick Krantz
72736db4b6
[PM-13839][PM-13840] Admin Console Collections (#4922)
* add collectionIds to the response of `{id}/admin`

- They're now needed in the admin console when add/editing a cipher.
- Prior to this there was no way to edit collection when editing a cipher. Assigning collections was a separate workflow

* return cipher from collections endpoint
2024-11-07 10:21:48 -06:00
Matt Bishop
f7957f7053
Check run permissions for secrets usage (#4992) 2024-11-07 09:56:57 -05:00
Todd Martin
b07df10335
Add back provider keys on TwoFactorProviders response (#4991) 2024-11-06 18:12:59 -05:00
Justin Baur
b5014ed6d8
Add MariaDB test (#4989)
* Add MariaDB Test

* Use Correct Syntax

* Use Container Name

* Add Port

* Remove MySQL Thing

* Remove Another Thing

* Different Port Syntax

* Add Back Skipped Checks

* Use Correct Connection String in Test Setup

* Update .github/workflows/test-database.yml

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>

* Update .github/workflows/test-database.yml

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>

* Use MariaDB 10

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-06 21:51:10 +00:00
holow29
639ee5780b
Update 2024-09-05_00_SyncDuoVersionFourMetadataToVersionTwo.sql (#4982)
Fix MariaDB compatibility with JSON_EXTRACT

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-06 13:45:09 -08:00
Justin Baur
355ebfa889
Move Packages to Platform Ownership (#4988) 2024-11-06 19:36:07 +00:00
Matt Bishop
e7bd31c009
Check for secrets on Docker builds (#4985) 2024-11-06 13:56:12 -05:00
Matt Bishop
d63e18ec7a
Check for secrets on database test report upload (#4984) 2024-11-06 11:38:25 -05:00
Jonas Hendrickx
9beeebaac5
[PM-14456] Return provider type when getting provider's subscription (#4972) 2024-11-06 15:46:36 +01:00
Jonas Hendrickx
05356248eb
[PM-13450] Change Client Plan when Provider's Plan changes. (#4980) 2024-11-06 15:46:20 +01:00
Jonas Hendrickx
982d1bc558
[PM-13470] Allow creating clients for Multi-organization enterprise (#4977) 2024-11-06 09:44:16 +01:00
Bernd Schoolmann
dae493db72
[PM-10394] Add new item type ssh key (#4575)
* Add ssh key item type

* Add fingerprint

* Limit ssh key ciphers to new clients

* Fix enc string length for 4096 bit rsa keys

* Remove keyAlgorithm from ssh cipher

* Add featureflag and exclude mobile from sync

* Add ssh-agent flag
2024-11-05 20:25:06 +01:00
Todd Martin
50f7fa03db
Removed eu-environment feature flag (#4966) 2024-11-05 13:13:09 -05:00
Tom
d5cfdb26d2
Added the file change (#4975) 2024-11-05 13:06:05 -05:00
Vince Grassia
fded36c999
Add version bump task (#4976) 2024-11-05 11:47:58 -05:00
Alex Morask
e6c24c3f3b
[PM-11345] Add SCIM to Teams Plan (#4924)
* Add SCIM to Teams

* Robert's feedback

* Feedback
2024-11-05 08:54:49 -05:00
Vijay Oommen
cb7eecc96d
PM-13236 PasswordHealthReportApplication DB Tables (#4958)
* PM-13236 PasswordHealthReportApplications db

* PM-13236 incorporated pr comments

* PM-13236 fixed error in SQL script

* PM-13236 resolve quality scan errors SQL71006, SQL7101, SQL70001

* PM-13236 fixed warnings on procedures

* PM-13236 added efMigrations

* PM-13236 renamed files to PasswordHealthReportApplication (singular)

* PM-13236 changed file name to more appropriate naming

* PM-13236 changed the file name singular

* PM-13236 removed the entity file

* PM-13236 Moved PasswordHealthReportApplication entity to src/core/tools/entities
2024-11-04 14:23:39 -05:00
Rui Tomé
4b76008245
[PM-11406] Account Management: Prevent a verified user from deleting their account (#4878)
* Add check for managed user before purging account

* Rename IOrganizationRepository.GetByClaimedUserDomainAsync to GetByVerifiedUserEmailDomainAsync and refactor to return a list. Remove ManagedByOrganizationId from ProfileResponseMode. Add ManagesActiveUser to ProfileOrganizationResponseModel

* Rename the property ManagesActiveUser to UserIsManagedByOrganization

* Remove whole class #nullable enable and add it to specific places

* [PM-11405] Account Deprovisioning: Prevent a verified user from changing their email address

* Remove unnecessary .ToList()

* Refactor IUserService methods GetOrganizationsManagingUserAsync and IsManagedByAnyOrganizationAsync to not return nullable objects. Update ProfileOrganizationResponseModel.UserIsManagedByOrganization to not be nullable

* Prevent deletion of accounts managed by an organization when Account Deprovisioning is enabled

* Add CannotDeleteManagedAccountViewModel and email templates

- Added CannotDeleteManagedAccountViewModel class to handle emails related to preventing deletion of accounts managed by an organization.
- Added HTML and text email templates for sending notifications about the inability to delete an account owned by an organization.
- Updated IMailService interface with a new method to send the cannot delete managed account email.
- Implemented the SendCannotDeleteManagedAccountEmailAsync method in HandlebarsMailService.
- Added a check in UserService to send the cannot delete managed account email if the user is managed by any organization.
- Added a no-op implementation for SendCannotDeleteManagedAccountEmailAsync in NoopMailService.

* Update error message when unable to purge vault for managed account

* Update error message when unable to change email for managed account

* Update error message when unable to delete account when managed by organization

* Update error message in test for deleting organization-owned accounts
2024-11-04 16:37:21 +00:00
Vince Grassia
a2654ce2ee
Bump project version (#4971) 2024-11-04 10:47:38 -05:00
Jonas Hendrickx
d53d9c0600
[PM-14443] Cannot view pending MOE provider page (#4970) 2024-11-04 16:43:48 +01:00
Rui Tomé
60672bbe48
[PM-10323] Remove user verification from organization user deletion methods (#4965) 2024-11-04 14:48:13 +00:00
cyprain-okeke
96862b974f
[PM-14365][Defect] Member of trialing org cannot log in app (#4968)
* decreased authorization level

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add some level of authorization

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* resolve the failing test

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Resolve the failing test

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-11-04 15:15:27 +01:00
cyprain-okeke
df4f8df485
Remove the time threshold feature flag (#4860)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-11-04 12:38:58 +01:00
Jonas Hendrickx
35b0f61986
[PM-13450] Admin: Display Multi-organization Enterprise attributes on provider details (#4955) 2024-11-04 06:45:25 +01:00
cyprain-okeke
fc719efee9
[PM-14365][Defect] Member of trialing org cannot log in app (#4967)
* changes to include subscription status metadata

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Fix the failing test

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Resolve the failing test

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-11-01 17:55:59 +01:00
Alex Morask
f149f247d5
Don't try to credit customer \$0 (#4964) 2024-11-01 12:55:07 -04:00
renovate[bot]
edd31bcf4e
[deps] Auth: Update Duende.IdentityServer to 7.0.8 [SECURITY] (#4953)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-31 14:40:46 -07:00
Matt Bishop
a04df4beba
Device deactivation (#4963)
* Device deactivation

* Check active status in service

* Format and work around potential deadlocks
2024-10-31 17:05:13 -04:00
tangowithfoxtrot
751fd33aef
fix: ensure vault URI is propagated from config.yml (#4925)
* fix: ensure vault URI matches Url from config.yml

* fmt: use camelCase for vaultUri

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2024-10-31 09:13:57 -07:00