1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-28 13:15:12 +01:00
Commit Graph

3161 Commits

Author SHA1 Message Date
Oscar Hinton
7439dd4fb1
Self-Hosted release, v1.41.3 (#1338) 2021-05-17 20:51:29 +02:00
Oscar Hinton
2b6c5bcd31
Fix bulk api (#1335) 2021-05-17 20:07:41 +02:00
Matt Gibson
785e788cb6
Support large organization sync (#1311)
* Increase organization max seat size from 30k to 2b (#1274)

* Increase organization max seat size from 30k to 2b

* PR review. Do not modify unless state matches expected

* Organization sync simultaneous event reporting (#1275)

* Split up azure messages according to max size

* Allow simultaneous login of organization user events

* Early resolve small event lists

* Clarify logic

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Improve readability

This comes at the cost of multiple serializations, but the
 improvement in wire-time should more than make up for this
 on message where serialization time matters

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Queue emails (#1286)

* Extract common Azure queue methods

* Do not use internal entity framework namespace

* Prefer IEnumerable to IList unless needed

All of these implementations were just using `Count == 1`,
which is easily replicated. This will be used when abstracting Azure queues

* Add model for azure queue message

* Abstract Azure queue for reuse

* Creat service to enqueue mail messages for later processing

Azure queue mail service uses Azure queues.
Blocking just blocks until all the work is done -- This is
how emailing works today

* Provide mail queue service to DI

* Queue organization invite emails for later processing

All emails can later be added to this queue

* Create Admin hosted service to process enqueued mail messages

* Prefer constructors to static generators

* Mass delete organization users (#1287)

* Add delete many to Organization Users

* Correct formatting

* Remove erroneous migration

* Clarify parameter name

* Formatting fixes

* Simplify bump account revision sproc

* Formatting fixes

* Match file names to objects

* Indicate if large import is expected

* Early pull all existing users we were planning on inviting (#1290)

* Early pull all existing users we were planning on inviting

* Improve sproc name

* Batch upsert org users (#1289)

* Add UpsertMany sprocs to OrganizationUser

* Add method to create TVPs from any object.

Uses DbOrder attribute to generate.
Sproc will fail unless TVP column order matches that of the db type

* Combine migrations

* Correct formatting

* Include sql objects in sql project

* Keep consisten parameter names

* Batch deletes for performance

* Correct formatting

* consolidate migrations

* Use batch methods in OrganizationImport

* Declare @BatchSize

* Transaction names limited to 32 chars

Drop sproc before creating it if it exists

* Update import tests

* Allow for more users in org upgrades

* Fix formatting

* Improve class hierarchy structure

* Use name tuple types

* Fix formatting

* Front load all reflection

* Format constructor

* Simplify ToTvp as class-specific extension

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-05-17 09:43:02 -05:00
Chad Scharf
738a4c2bac
Version bump 1.41.3 (#1336) 2021-05-17 10:22:21 -04:00
Oscar Hinton
7a7668b754
Add API for bulk removal of org users (#1320)
* Add API for bulk removal of org users

* Refactor OrganizationService, extract some common code.

* Add tests for DeleteUserAsync

* Add tests for DeleteUsers

* Formating

* Update test/Core.Test/Services/OrganizationServiceTests.cs

added a space

Co-authored-by: Addison Beck <abeck@bitwarden.com>
2021-05-17 10:10:44 +02:00
Oscar Hinton
4258076bae
Prevent error when using WebAuthn as non premium user (#1331) 2021-05-17 09:39:40 +02:00
Contribucious
785705342c
Add amazon.{pl,se} to Amazon equivalent domains (#1219) 2021-05-15 15:27:31 -04:00
chi
ebf12ecfca
Update EmergencyAccessConfirmed.html.hbs (#1329)
Corrected type in emergency access confirmation message body.
2021-05-14 18:19:46 -04:00
Justin Baur
b3ccc652f4
Properly qualify namespace (#1328) 2021-05-13 18:06:16 -04:00
Justin Baur
0e1ab99e25
Cleanup Projects (#1324)
* Update bitwarden_license projects

* Added tests to verify resource names

* Remove unneeded assembly attributes

* Standardized namespace

* Remove .GetTypeInfo()
2021-05-13 17:14:56 -04:00
Kyle Spearrin
b150f5977e
add support for postal and multi service mail delivery (#1326)
* adds suppose for postal and multi service mail delivery

* adjust tags

* dont need settings checks in multi-service
2021-05-13 15:18:42 -04:00
Chad Scharf
571862a7ac
Self-Hosted release, v1.41.2 (#1327) 2021-05-13 15:11:29 -04:00
Vincent Salucci
ae38c33e05
[Reset Password] Enterprise Policy (#1315)
* [Reset Password] Enterprise Policy

* Created UI for policy/edit policy // Updated TODOs for policy dependent checks

* Updated reset password data model field name to be more descriptive

* Update title to Master Password Reset

* Updated PoliciesModel, Policy Model spacing, and strings
2021-05-12 14:47:00 -05:00
Oscar Hinton
a47b86a995
Remove U2F APIs again (#1319)
* Revert "U2F (#1304)"

This reverts commit ce4f025a0c.

* Avoid removing WebAuthn fixes
2021-05-12 19:48:00 +02:00
Justin Baur
d21ca83a20
Add Directory.Build.props (#1314)
* Add Directory.Build.props

* Remove unneeded props
2021-05-12 13:03:21 -04:00
Oscar Hinton
cb9ed50248
Discourage user verification on WebAuthn enroll (#1322) 2021-05-12 18:46:35 +02:00
Oscar Hinton
e7892d8a28
Resolved build issue introduced in #1267 (#1318) 2021-05-12 16:27:01 +02:00
Oscar Hinton
e2f633dace
Bulk re-invite of org users (#1316)
* Add APIs for Bulk reinvinte

* Resolve review comments.
2021-05-12 11:18:25 +02:00
Sang
69c2673f1f
Write GroupService unit tests (#1267)
* Write GroupService tests

* Rewrite with AutoFixture, improve tests

* Resolve PR comments

* Rename OrganizationCustomization

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2021-05-11 21:36:23 -05:00
Chad Scharf
5a7b00c037
Update issue template (#1317)
* Update Issue Template to match other repos

* Removed version number ref

* Add language asking to refrain from version bumps
2021-05-11 20:41:01 -04:00
Joseph Flinn
353b007bca
Update docker signing (#1310)
* removing the unneeded docker repo keys

* adding some testing code

* fixing notary install location

* installed notary in home directory without relying on the PATH var

* adding notary config for testing

* commenting out branch conditionals so that the pipeline will run a test on a non-master/rc branch

* trying to track down the docker trust files

* changing to the home directory to install notary

* testing with out all of the notary testing stuff

* uncommenting the code after testing

* updating the release workflow with the delegate-2 key
2021-05-11 12:49:08 -07:00
Matt Gibson
354ff6e2cb
Fix skip sso for apikey login (#1308)
* Improve mixing SSO login error

* Skip SSO requirement for API key logins

* Bypass MFA for apikey logins
2021-05-10 11:13:37 -05:00
Vincent Salucci
70ab5b25a1
[Reset Password] Organization Key Pair (#1292)
* [Reset Password] Organization Key Pair

* Fixed type in Organization_ReadAbilites sproc

* Fixed broken unit test by making sure premium addon was false

* Updated PublicKey decorator and removed unecessary validation
2021-05-06 14:53:12 -05:00
Oscar Hinton
cae204cb7c
Refactor WebAuthn IoC container (#1302)
* Refactor WebAuthn IoC container

* Move to AddDefaultServices
2021-05-06 10:17:12 +02:00
Chad Scharf
7cae9d5e47
Version bump, 1.41.2 (#1305) 2021-05-05 12:33:11 -04:00
Oscar Hinton
ce4f025a0c
U2F (#1304)
* Delete U2F tokens alongside WebAuthn

* Bring back u2f apis
2021-05-05 16:14:49 +02:00
Chad Scharf
f0baf7e6a4 Revert "Added fido2 registration to other services"
This reverts part of commit 8f64f4a99f.
2021-05-04 23:49:22 -04:00
Chad Scharf
fc146d27ce
Added fido2 registration to other services (#1299) 2021-05-04 23:43:16 -04:00
Joseph Flinn
5095d8eb49
removing the unused environment in the prod deploy (#1298) 2021-05-04 13:50:44 -07:00
Joseph Flinn
a6265885ad
Automating Server Release/Deploy for QA Env (#1281)
* initial success caching test

* updating status testing

* fixing the fail check

* fixing bash if syntax

* changing the way of testing since you can't change workflow inputs between re-runs

* trying out different bash syntax

* removing the export to env

* adding in last run status check

* switching up the last_run_status file handling since it doesn't look like it is working correctly

* adding push trigger

* fixing typo

* adding date to the cache key and adding a bit more logging

* fixing restore key

* trying a different way of logging both successes and failures

* fixing typo

* reorganizing the random success/fail

* trying different bash

* fixing binary operator

* adding in success flag checks

* increasing the odds of success

* trying to fix weird problem

* changing dquotes to squotes

* testing failure and always() flow

* adding in a release pipeline

* adding in the manual trigger for the release pipeline

* fixing the bash for loop for tagging and switching to the rc image for release

* adding docker trust to the pull task

* fixing bash array typo

* removing build task

* adding the dotnet tool restore back in to hopefully restore swagger

* adding an Api build to build the swagger docs

* working on build workflow

* testing cache between jobs

* Adding in steps

* fixing the last line

* updating the build workflow

* adding manual trigger for build workflow

* moving the matrix values to the env section of the task

* changing the envs

* using env template replacement

* removing the unique id since I don't think I need it

* testing the cache

* commenting out the docker push

* adding the env vars back to the cache task

* adding envs to test

* fixing the path issue

* resetting the build workflow back to serial build/docker

* Adding in the qa release workflow

* removing unneccessary dependency

* parameterizing the project file names

* forcing gulp install

* installing gulp globally

* reorganizing to see if gulp works

* removing the awkward paths

* fixing typo

* commenting out all non-api matrix for easier testing

* trying to zip the build for deploy

* adding in the base path for the test

* replacing the web app name

* adding a specific slotname

* adding the env into the package path for the deployment

* trying to fix the zip

* setting up all of the other deploys

* switching the secrets over to be environment secrets

* adding in production automation with the deploys commented out

* removing the master branch from the QA deploy

* adding in the dependancy on the setup

* changing the tag

* trying a different ref

* renaming the deployment slot to staging

* trying a different slot name

* resetting the qa deploy to the original

* moving the secrets

* updating the qa deploy with the db reset/update stubs

* updating the deploy task dependencies

* adding missing update-db command placeholder

* trying a string for the inputs

* moving the input check into the steps instead of the job level so that the job completes

* testing azure kv

* fixing typo

* Change id to retrieve-secrets

* Fix typo

* testing the rest of the QA app service deployments

* updating the name of the QA AZ creds secret and migrating the disabled prod deploy jobs to use the prod AZ secrets

* adding in the additional key vault secrets and fixing some other mistakes

* fixing one of the other preview versions

* removing newline for testing commit

* fixing typo

* fixing a secret name typo

* moving the secrets to the env to test their outputs

* adding missing k

* Update build workflow with environment variables for Docker Trust

* removing the unneeded env vars

* Update build and release workflow using Azure secrets as env variables

* Clean up output of NuGet version

* Fix capitalization

* Fix variable names for Docker Trust Setup

* fixing the dashes in the env ids

* switching the dev tag for qa when pushing

* commenting out the test for the pipeline testing

* removing all of the testing code and blockers

Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
2021-05-04 13:41:49 -07:00
Oscar Hinton
6ada46f906
Fix password re-prompt not working in org view (#1296)
* Fix password reprompt not working in org view

* Also fix Cipher_UpdateWithCollections and CipherDetails_CreateWithCollections. Rename migration script
2021-05-04 20:36:35 +02:00
Chad Scharf
179e6aa76b
enable default appsettings for self hosted - bwlic (#1288) 2021-04-30 15:00:57 -04:00
Oscar Hinton
2054e5a926
Password re-prompt (#1269)
* Add support for password re-prompt
2021-04-29 15:43:44 +02:00
Chad Scharf
17db94190e
Test 1: add acr_values return validation value (#1285)
* Part 1: add acr_values return validation value

* Update acr return value validation from OIDC specs

* acr validation prompt clarification
2021-04-27 15:17:03 -04:00
Matt Gibson
1bd515e8f0
Refuse upload renew if a file is validated (#1284)
Download should return regardless of file validation state
2021-04-26 14:36:06 -05:00
Thomas Rittson
de155c78ad Enforce SSO "Want assertions signed" option (#1270)
* Enforce SSO Want Assertions Signed option

* Simplify changes and code style

* Fix style

* Check Issuer entityID before assertion signature
2021-04-21 11:06:30 -04:00
Vincent Salucci
477f679fc6
[Reset Password] Admin reset actions (#1272)
* [Reset Password] Admin reset actions

* Updated thrown except for permission collision

* Updated GET/PUT password reset to use orgUser.Id for db operations
2021-04-20 16:58:57 -05:00
Joseph Flinn
ba36afe69c
Adding the events processor container image (#1271) 2021-04-15 08:28:55 -07:00
Matt Gibson
b68c841e56
Move renew endpoint to fix overlapping endpoint issue (#1266) 2021-04-12 09:44:45 -05:00
Kyle Spearrin
83e68bce06
enable default appsettings for self hosted installs (#1263)
* enable default appsettings for self hosted installs

* change setters to use arrow functions

* fix tests

* fix global settings ref
2021-04-09 09:48:43 -04:00
Thomas Rittson
c1ceeace95
Require user to verify email to use file Send (#1262) 2021-04-08 06:42:12 +10:00
Vince Grassia
0366c0efef
Add install-id, install-key, and skip-ssl flags to Setup Project (#1260)
* Add install-id, install-key, and skip-ssl flags

* Update util/Setup/CertBuilder.cs

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>

* Update util/Setup/Program.cs

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>

* Remove redundant variable assignment

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
2021-04-06 14:39:27 -04:00
Matt Gibson
79f3dabaac
Throw if collection Id does not exist on the organization (#1259)
Otherwise, we're just saving strings for fun. This makes it clear the
user's specified collection won't do anything.
2021-04-05 15:20:13 -05:00
Vincent Salucci
7a35813dfd
[Reset Password] Manage Reset Password permission (#1252) 2021-04-05 09:45:17 -05:00
Thomas Rittson
4b98361684
Fix server 500 error when enabling 2FA policy from Portal (#1254)
* Fix illegal chars in senderTag

* add null check
2021-04-05 08:33:19 +10:00
Kyle Spearrin
597fa01344
job to delete trashed ciphers nightly (#1243)
* job to delete trashed items nightly

* remove script from migration project file

* admin setting for controlling trash deleting dates
2021-04-02 11:14:21 -04:00
Chad Scharf
1b8b9b7539
Email length in IdSv4 config needed to be 256 (#1255) 2021-04-01 10:56:55 -04:00
Oscar Hinton
10d9e6c687
Change UserVerificationRequirement to Discouraged (#1250) 2021-03-31 16:20:15 +02:00
Matt Gibson
022e404cc5
Attachment blob upload (#1229)
* Add Cipher attachment upload endpoints

* Add validation bool to attachment storage data

This bool is used to determine whether or not to renew upload links

* Add model to request a new attachment to be made for later upload

* Add model to respond with created attachment.

The two cipher properties represent the two different
cipher model types that can be returned. Cipher Response from
personal items and mini response from organizations

* Create Azure SAS-authorized upload links for both one-shot and block uploads

* Add service methods to handle delayed upload and file size validation

* Add emergency access method for downloading attachments direct from Azure

* Add new attachment storage methods to other services

* Update service interfaces

* Log event grid exceptions

* Limit Send and Attachment Size to 500MB

* capitalize Key property

* Add key validation to Azure Event Grid endpoint

* Delete blob for unexpected blob creation events

* Set Event Grid key at API startup

* Change renew attachment upload url request path to match Send

* Shore up attachment cleanup method.

As long as we have the required information, we should always delete
attachments from each the Repository, the cipher in memory, and the
file storage service to ensure they're all synched.
2021-03-30 18:41:14 -05:00
Thomas Rittson
908decac5e
Add unit test for hiding emails on sends (#1246)
* Add unit test for hiding emails on sends

* Fix dependencies
2021-03-31 07:21:46 +10:00