* Check canScale when scaling for sso
* PR review
Use AutoAddSeats to add seats in a consistent way.
This requires moving user check out of that method.
* User logic moved out of method
* Add autoscale fields to Organization
* Add autoscale setting changes
* Autoscale organizations
updates InviteUsersAsync to support all invite sources.
sends an email to org owners when organization autoscaled
* All organizations autoscale
Disabling autoscaling can be done by setting max seats to current seats.
We only warn about autoscaling on the first autoscaling event.
* Fix tests
* Bug fixes
* Simplify subscription update logic
* Void invoices that fail to delete
Stripe no longer allows deletion of draft invoices that were created as part of subscription updates. It's necessary to void out these invoices without sending tem to the client.
* Notify org owners when their subscription runs out of seats
* Use datetime for notifications
Allows for later re-sending email if we want to periodically remind
owners
* Do not update subscription if it already matches new quatity
* Include all migrations
* Remove unnecessary inline styling
* SubscriptionUpdate handles update decisions
* Remove unnecessary html setter
* PR review
* Use minimum access for class methods
* Adding a QA environment specific configuration
* separating the bitwarden environment and stripe environment checks
* adding a logging statement for the PayPal webhook key check
* adding more logging
* switched logging type
* Changing the log level on the PayPal webhook. Removing the debugging log from the Stripe Controller
* Add SsoUser_ReadByUserIdOrganizationId
* Automatically reset stale/duplicate Sso links
* Fix typo
* Check for stale Sso link in existing user flow
* Delete any stale user record before provisioning new user
* Check for existing db query before creating
* PR feedback updates
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
* deploying directly to the production slot of the App Service
* Update Azure Service Bus package
* adding a app service shutdown to qa
* reverting QA env deploy change
* Update qa-deploy workflow with debugging statement
* Disable start/stop in QA deploy workflow
* Fix UserKdf and UserApiKey migrations to only update null values (#1494)
* Add proper New Relic NuGet package for .NET 5
* Test NewRelic changes
Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
* Add Organizations to provider views
Remove enabled/disabled toggle from provider. It's currently not used.
* Remove provider Delete
There are implications to deleting providers on the organizations they manage.
We want to think through this flow before allowing delete from the
admin portal.
* Use toastr to display production exception messages.
Update build actions to upgrade npm to v7.
Use a custom error handler in production which displays a toast of the
exception message and redirect to the offending page
* Clarify provider create error message
* Title case buttons
* Throw if provider tries to add a non-business organization
* Allow only one admin OR owner roll in a free org per user
Boolean operators were not properly assocated
and ownership of an org was precluding confirmation into any other
organization
* Limit email length
* Require email domain with top level domain
* Do not allow email domains to end in invalid characters
* Fix free org tests
* Added a button for resending provider setup emails
* Fixed a case typo in a stored procedure
* Turned a couple lines of code into a method call
* Added service level validation against inviting users for MSP invites
* Code review improvements for provider invites
created a factory for provider user invites
wrote tests for provider invite permissions"
* changed a few exception types
* Record when a provider user accesses a clients vault
* Do not allow removal from provider unless owner exists
* PR Review
* Null safe event processing
* append `Async` to async methods
* Share globalSettings hcaptcha public key with clients
* Require captcha valid only prior to two factor
users with two factor will have already solved captcha is necessary.
Users without two factor will have`TwoFactorVerified` set to false
* Do not require CaptchaResponse on two-factor requests
* Add option to always require captcha for testing purposes
* Allow for self-hosted instances if they want to use it
* Move refresh suggestion to correct error
* Expect lifetime in helper method
* Add captcha bypass token to successful captcha validations
* Remove twofactorValidated
* PR Feedback
* EF Database Support Init (#1221)
* scaffolding for ef support
* deleted old postgres repos
* added tables to oncreate
* updated all the things to .NET 5
* Addition to #1221: Migrated DockerFiles from dotnet/3.1 to 5.0 (#1223)
* Migrated DockerFiles from dotnet/3.1 to 5.0
* Migrated SSO/Dockerfile from dotnet 3.1 to 5.0
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* EFDatabaseSupport: Updated links and description in README.md and SETUP.md (#1232)
* Updated requirements in README.md
* Updated link to documentation of app-secrets
* upgraded dotnet version to 5.0
* Ef database support implementation examples (#1265)
* mostly finished testing the user repo
* finished testing user repo
* finished org, user, ssoconfig, and ssouser ef implementations
* removed unused prop
* fixed a sql file
* fixed a spacing issue
* fixed a spacing issue
* removed extra database creation
* refactoring
* MsSql => SqlServer
* refactoring
* code review fixes
* build fix
* code review
* continued attempts to fix the the build
* skipped another test
* finished all create test
* initial pass at several repos
* continued building out repos
* initial pass at several repos
* initial pass at device repo
* initial pass at collection repo
* initial run of all Entity Framework implementations
* signup, signin, create/edit ciphers works
* sync working
* all web vault pages seem to load with 100% 200s
* bulkcopy, folders, and favorites
* group and collection management
* sso, groups, emergency access, send
* get basic creates matching on all repos
* got everything building again post merge
* removed some IDE config files
* cleanup
* no more notimplemented methods in the cipher repo
* no more not implementeds everywhere
* cleaned up schema/navigation properties and fixed tests
* removed a sql comment that was written in c# style
* fixed build issues from merge
* removed unsupported db providers
* formatting
* code review refactors
* naming cleanup for queries
* added provider methods
* cipher repo cleanup
* implemented several missing procedures from the EF implementation surround account revision dates, keys, and storage
* fixed the build
* added a null check
* consolidated some cipher repo methods
* formatting fix
* cleaned up indentation of queries
* removed .idea file
* generated postgres migrations
* added mysql migrations
* formatting
* Bug Fixes & Formatting
* Formatting
* fixed a bug with bulk import when using MySql
* code review fixes
* fixed the build
* implemented new methods
* formatting
* fixed the build
* cleaned up select statements in ef queries
* formatting
* formatting
* formatting
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Remove hard coded database name
* Update permissions on build scripts
* Update Setup project and run scripts for configuring database name
* Remove hyphen from database name flag
* Update with suggested changes, still needs testing
* Revert SQL statements to concatenantion for testing
* Fix typo
* Update util/Setup/EnvironmentFileBuilder.cs
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
* Update SQL commands to prevent SQL injection attacks
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
* [Reset Password] Enterprise Policy
* Created UI for policy/edit policy // Updated TODOs for policy dependent checks
* Updated reset password data model field name to be more descriptive
* Update title to Master Password Reset
* Updated PoliciesModel, Policy Model spacing, and strings
* Add send HideEmail to tables and models
* Respect HideEmail setting for Sends
* Recreate SendView to include new HideEmail column
* Enforce new Send policy
* Insert default value for new HideEmail column
* Delete c95d7598-71cc-4eab-8b08-aced0045198b.json
* Remove unrelated files
* Revert disableSendPolicy, add sendOptionsPolicy
* Minor style fixes
* Update SQL project with Send.HideEmail column
* unit test SendOptionsPolicy.DisableHideEmail
* Add SendOptionsPolicy to Portal
* Make HideEmail nullable, fix migrator script
* Remove NOT NULL constraint from HideEmail
* Fix style
* Make HideEmail nullable
* minor fixes to model and error message
* Move SendOptionsExemption banner
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
* Get limited life attachment download URL
This change limits url download to a 1min lifetime.
This requires moving to a new container to allow for non-public blob
access.
Clients will have to call GetAttachmentData api function to receive the download
URL. For backwards compatibility, attachment URLs are still present, but will not
work for attachments stored in non-public access blobs.
* Make GlobalSettings interface for testing
* Test LocalAttachmentStorageService equivalence
* Remove comment
* Add missing globalSettings using
* Simplify default attachment container
* Default to attachments containe for existing methods
A new upload method will be made for uploading to attachments-v2.
For compatibility for clients which don't use these new methods, we need
to still use the old container. The new container will be used only for
new uploads
* Remove Default MetaData fixture.
* Keep attachments container blob-level security for all instances
* Close unclosed FileStream
* Favor default value for noop services
