1
0
mirror of https://github.com/bitwarden/server.git synced 2024-12-26 17:37:36 +01:00
Commit Graph

735 Commits

Author SHA1 Message Date
Matt Bishop
48ae4a2e92
Include migrator utility in solution (#2776) 2023-03-07 10:29:05 -05:00
Michał Chęciński
5e3f4c9bbe
Revert "Revert "[DEVOPS-1215] Build migrator CLI project (#2747)" (#2769)" (#2774)
This reverts commit f8cbd4ef7d.
2023-03-07 14:10:34 +01:00
Michał Chęciński
f8cbd4ef7d
Revert "[DEVOPS-1215] Build migrator CLI project (#2747)" (#2769)
This reverts commit 9cbf254fef.
2023-03-06 18:02:19 +01:00
Michał Chęciński
9cbf254fef
[DEVOPS-1215] Build migrator CLI project (#2747)
* Add migrator cli

* Ran format

* Acc build workflow

* Change paths in push and pr triggers

* Add build migrator cli to build workflow

* Remove build migrator cli workflow

* Add different levels of logs for verbose

* Rename migratorCLI to MsSqlMigratorUtility

* Add MsSqlMigratorUtility to solution file

* Remove the clean command

* Fix name and path in build workflow

* Add retry logic to DbMigrator instead of invocation

* Add migrator with retry mechanism as a new method

* Log the migration start log to migrate database method

* Fix name in build

* Fix cli leftovers

* Fix exception var name

* String interpolation

* Remove redundant check for number

* Remove CommandDotNet

* dotnet format

* Remove CommandDotNet from packages lock

* Remove all cli

* Trying to remove usings to see if this fixes linter

* Add usings back again - uild is failing

* Remove implicit usings

* Trying to fix linter issues

* Trying to fix linter
2023-03-06 15:39:30 +01:00
Matt Bishop
27adaf59b4
[PM-1011] LaunchDarkly service (#2726)
* LaunchDarkly service

* Load file-based flag values, properly support offline only when self-host

* Simplify tests

* Use interface for LD settings

* Remove tests that will provide inconsistent results depending on machine setup and file fallback

* Fall back to offline mode more actively

* Drive fallback file path with setting
2023-03-02 14:04:23 -05:00
Justin Baur
26c30f8854
Add Sqlite Migration (#2760) 2023-03-02 08:50:27 -05:00
Oscar Hinton
64e0a981c9
[SM-389] Event log for service account (#2674) 2023-02-24 16:44:33 +01:00
Thomas Rittson
4643f5960e
[EC-635] Extract organizationService.UpdateLicenseAsync to a command (#2408)
* move UpdateLicenseAsync from service to command
* create new SelfHostedOrganizationDetails view model and move license validation logic there
* move occupied seat count logic to database level
2023-02-24 07:54:19 +10:00
SmithThe4th
1c66365e96
Made correction to the domain used to domains that have been unverified after 72 hours. Instead of doing a greater than or equal to the condition is set to a fixed period 4, so domains after 4 days which are uneverified would not be picked up by the service (#2729) 2023-02-22 19:25:26 -05:00
SmithThe4th
a430518cdb
[PM-1128] Add Migration to Sync OrganizationUserUserDetailsView (#2732)
* Updated OrganizationUserUserDetailsView to include AccessSecretsManager which was missing in the migration hence making the view script out of sync with the migrations

* Formatted file

* Formatted file
2023-02-22 19:11:16 -05:00
Matt Bishop
cf13ee71f3
Upgrade DBUp to shed System.Data.SqlClient dependency (#2730) 2023-02-22 14:18:32 -05:00
Brandon Maharaj
7365ca0925
[SG-783] Change organization user list to pull the user's selected color and display it in the avatar (#2630)
* work: baseline for org stuff

* fix: missed view as usual oops

* fix: refresh using sp_refreshsqlmodule
2023-02-21 15:59:50 -05:00
SmithThe4th
34544f2292
[SG-1082]-Defect-Update stored procedure to properly determine is SSO is available (#2715)
* Fixed SsoAvailble bug by using the enabled column from SsoConfig table, updated the existing query for EF Core

* Added no tracking to ef query since it is read only
2023-02-17 13:19:21 -05:00
Federico Maccaroni
69511160cb
[EC-400] Code clean up Device Verification (#2601)
* EC-400 Clean up code regarding Unknown Device Verification

* EC-400 Fix formatting
2023-02-17 10:15:28 -03:00
Oscar Hinton
6da1b87e00
Fix name of FixOrganizationDeleteOrgDomain (#2706) 2023-02-16 15:53:28 +01:00
Oscar Hinton
7a209aa3bb
[SM-501] Add support for revoking access tokens (#2692)
* Add support for revoking access tokens
2023-02-16 10:51:02 +01:00
SmithThe4th
9a484bec07
[SG-147] Organization Domain Claiming Feature (#2704)
* [SG-696] Organization Domain Claiming DB Objects and Migrations (#2394)

* model organization domain claiming

* Added migration scripts and db objects for mssql

* create and implement sql repository abstraction

* Added ef migrations for mysql and postgres. Removed time without timezone in previous migration

* made update on sql migration to use create or alter statement

* removed active column from OrganizationDomain table and decided to go with the hard delete approach

* Ran dotnet restore evaluate

* created DNS service verification using DNSClient (#2401)

* [SG-678] Api Endpoints for Domain Claiming (#2430)

* Added stored procedure to read claimed domains

* Updated Organization Domain Repository to include method to get claimed domains

* Updated domain entity and added request model

* Implemented organization domain respository and regsitered it in the various extensions

* Added create endpoint, request, responses and command

* Added endpoint to get domain by domain entry id

* Ran lint fix

* Added new stored procedure to get domains by organizattion id

* Moved migration scripts to init migration and added new procedure

* Renamed from domainId to Id

* Added and implemented GetDomainByOrganizationId

* Completed GetDomainByOrgId endpoint and started work on verify domain endpoint

* Updated the OrganizationDomain update procedure

* Added delete command and include other endpoints in the controller

* Remove test item from controller

* Remove test item from controller

* Changed access to allow admin, owners and manage sso roles

* changed logic for setting the initial value for the NextRunCount

* Renamed NextRunCount to JobRunCount

* Renamed NextRunCount to JobRunCount on mysql

* Renamed NextRunCount to JobRunCount on postgres

* Removed chaining pattern and added logic to get next run date

* Lint fix

* Added stored procedure to get organization sso details by email address

* Added endpoint to get sso details of an organization with email

* Added organizationDomainRepository to OrganizationController test

* merged with master and fixed conflicts

* [SG-661] Background Domain Verification Service (#2455)

* Added stored procedure to read claimed domains

* Updated Organization Domain Repository to include method to get claimed domains

* Updated domain entity and added request model

* Implemented organization domain respository and regsitered it in the various extensions

* Added create endpoint, request, responses and command

* Added endpoint to get domain by domain entry id

* Ran lint fix

* Added new stored procedure to get domains by organizattion id

* Moved migration scripts to init migration and added new procedure

* Renamed from domainId to Id

* Added and implemented GetDomainByOrganizationId

* Completed GetDomainByOrgId endpoint and started work on verify domain endpoint

* Updated the OrganizationDomain update procedure

* Added delete command and include other endpoints in the controller

* Remove test item from controller

* Remove test item from controller

* Changed access to allow admin, owners and manage sso roles

* Added stored procedure to get unverified domains by nextrundate

* Renamed stored procedure name

* Added domain verification service interface

* Added GetManyByNextRunDate to repository

* Added verification domain service implementation

* changed logic for setting the initial value for the NextRunCount

* This commit should be signed using my SSH key

* Renamed NextRunCount to JobRunCount

* Renamed NextRunCount to JobRunCount on mysql

* Renamed NextRunCount to JobRunCount on postgres

* Removed chaining pattern and added logic to get next run date

* Lint fix

* Implemented EF core version on the repository

* Created background job implementation and logic

* popped stash

* Updated stored procedure and EF script

* Lint fix

* Added logic to set next job count and the next run date when a verification is false

* Added logic to set next job count and the next run date when a verification is false

* Updated stored procedure name on repository

* Removed test trigger

* Lint fix

* Added trigger for job

* Added job count update after successful domain verification

* Lint fix

* Lint fix

* [SG-682] Add Event Log Entries to Organization Domain (#2492)

* Added domain name property to Event related objects

* Added organization domain claiming event types

* Created migration script and updated related event scripts to include domanName

* Added EF Migrations

* Renamed postres script file extension

* Added DomainName property to response model

* Added abstraction to interface

* Added system name to enum

* dotnet formattinfg fix

* Added events to organization domain actions

* Added LastCheckedDate property to domain

* Migrations and stored procedure updates with new column

* Added new stored procedure to get domain by org id and domain name

* Log organization domain event abstract method

* Ef migrattion to add new LastCheckedDate column

* Added duplicate domain exception

* Modified create command to include domain verification and last checked date and renamed methods used

* removed variable

* changed service lifetime

* Renamed trigger

* Initialed property in constructor

* Ensured domain name is stored as lower case

* Fixed suggestions from review

* Fixed suggestions from review

* Return Conflict Status on Organization Domain APIs (#2498)

* Added conflict response to end point to help translate error message on the client better

* Added conflict response to end point to help translate error message on the client better

* Set message with exception message or generic message

* Added last check date to response model (#2499)

* Fix/Check to throw exception when domain is claimed by another organization (#2503)

* Added check to ensure domain claimed by another organization cannot be verified

* Made error message consistent

* [SG-660] Organization Domain Maintenance (#2502)

* Added email template

* Mail service abstraction and implementation

* Mail template model

* Initial delete job commit

* Added SPs to get all unverifed domains after 72 hours and another to delete unverified domains after 7 days

* Moved all organization domain scripts to single file

* Added new scripts implementation for sqlserver and EF core

* Renamed service

* Formatting fix

* Added background service to send warning email and delete expired domains

* Renamed variable

* Added implementation for email warning to organization admins and for deleting expired domains after 7 days

* Added formatting

* Modified read if expired script to limit result to 4 days

* Added send mail abstract method and implementation

* Model used in build mail body

* Completed maintenace service

* Added comment to make logic clear

* Fixed cron expression (#2505)

* Modified procedure and methods to handle flexible verification adn expiration period (#2517)

* Merged with master

* [SG-908] Unit Tests for Organization Domain Claiming Feature (#2522)

* added test controlleer class

* added unit test for create command

* Added query tests

* Added tests for delete and verify command

* Formated code and added some more unit tests

* Fixed lint

* Added log event assertion to create command tests

* Added log event assertion to delete command tests

* Added unit tests for organization domain controller

* Added unit tests for organization domain service

* Modified test after merge

* fixed comment

* fixed comment

* fixed lint

* Defect/SG-977 - Org domain event logs missing details (#2573)

* SG-977 - (1) Refactor EventSystemUser.SSO to be EventSystemUser.DomainVerification to better match SCIM property and for easier display and translation on web client (2) Add new DeviceType of Server to be used on SCIM and Domain Verification logs so event log will show Server as client.

* SG-977 - SCIM bugfix - Restoring / Revoking user access via Jumpcloud activation / suspension did not properly log the events as SCIM events so the client side showed Unknown for both Client and Member.

* Run autoformat to fix lint errors

* SG-977 - Fixed broken test due to new device type logic in event service

* SG-976 - Add admin log and clean up log verbiage for domain verification (#2574)

* SG-976 - Add admin log and clean up log verbiage for domain verification

* SG-976 - (1) Use logInformation extension without exception (2) Clarify verbiage of logs

* SG-955 - On domain verification error or failure, set last checked da… (#2541)

* SG-955 - On domain verification error or failure, set last checked date on the org domain.

* SG-955 - Refactoring VerifyOrganizationDomain event logging to avoid duplication and increase efficiency (based on Gbubemi's PR feedback)

* Org Domain Background Verification service - set last checked date (#2599)

* Refactored OrganizationDomain repository to work with latest changes on code base

* Fixed formatting

* [SG-957] Cannot Delete Organizations due to FK Constraint (#2602)

* Added stored procedure to fix FX contstraint issue when deleting an organization

* Update stored procedures related to organization delete with OrganizationDomain_OrganizationDelete SP

* Fixed formatting

* Updated SP

* SG-990 - Log expired domains that are going to be deleted.

* Fix lint errors with auto format

* /home/runner/work/server/server/src/Core/OrganizationFeatures/OrganizationServiceCollectionExtensions.cs(107,2): error FINALNEWLINE: Fix final newline. Insert '\n'.

* Added missing bracket to fix compile error.

* Added imports for Domain Claiming classes that were lost on merge.

* Fixing broken unit tests + adding proper behavior for newly added SCIM logic changing device type

* Fix lint errors again

* Included domain name set in constructor (#2618)

* [SG-1001] Error Thrown When Verifying Sub Domains (#2621)

* Renamed exception to a more generic name that receives error message from the dns client and also added updates to job count and next run date

* Improved error logs by adding dns client error message

* Fixed formatting

* [SG-1001] Added event logs when a domain is not verified due to thrown exception (#2623)

* Added eevent logs when a domain is not verified due to thrown exception

* Fixed formatting

* Org Domain Verification - Small refactor to improve method/model name… (#2641)

* Org Domain Verification - Small refactor to improve method/model names and method locations - required refactoring of controller routes (I confirmed all behavior still functional)

* Fixed organization test controller issue

* Fixed lint

* Autoformat org domain controller

* Removing whitespace for lint argh, why does Rider not do this.

---------

Co-authored-by: gbubemismith <gsmithwalter@gmail.com>

* Tweak name of Request model to match Response model for ClaimedOrgDomain call

* [SG-1009] Users with Custom Role and "Manage SSO" permission don't receive verification failed email (#2645)

* Modified condition to pick up unverified domains after said period

* Fix to get emails of custom users with manage sso rights

* Formatted code

* Removed return that made background job exit on successful validation (#2648)

* [SG-1014] Unit Tests for Get Organization Sso Details (#2655)

* Added unit tests for GetOrgDomainSsoDetails

* renamed variable

* Adjust OrganizationDomainSsoDetails_ReadByEmail to use outer join so … (#2657)

* Adjust OrganizationDomainSsoDetails_ReadByEmail to use outer join so that claimed domain results will come back if an org has not yet setup a policy

* Removed migration as not needed

* Updated OrganizationDomainSsoDetails_ReadByEmail from original creation migration to use outer join & handle null policy results (and still return results)

* Fixed lint formatting

---------

Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
2023-02-15 14:26:41 -05:00
Stepan Goremykin
d32cd79535
[PS-2425] Upgrade vulnerable packages (#2669)
* Upgrade vulnerable packages

* Added packages.lock.json files

---------

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2023-02-07 17:44:40 -06:00
Kyle Spearrin
6514bdbb7e
add more CSPs to the default correction check (#2668)
* add more CSPs to the default correction check

* add Dec2020ContentSecurityPolicy
2023-02-03 16:04:03 -05:00
Kyle Spearrin
0e84678150
[PS-2416 and PS-2417] dont set CSP config value by default (#2667)
* dont set CSP config value by default

* space
2023-02-03 14:50:33 -05:00
Kyle Spearrin
7e74695afc
add timestamps to user table for security related events (#2660)
* add timestamps to user table for security related events

* ef migrations

* fix lint problems

* formatting

* add missing namespace back

* move `now` up some

* review fixes

* add missing view rebuild to migration script
2023-02-02 14:39:57 -05:00
Thomas Avery
28a3d4ad92
Add EF migrations for SecretsManager flag (#2659)
* Add EF migrations for SecretsManager flag
2023-02-01 12:27:13 -06:00
Kyle Spearrin
522df6e91a
add wasm-unsafe-eval to CSP (#2656) 2023-01-31 16:21:06 -05:00
Oscar Hinton
cf25d55090
[SM-378] Enable SM on a user basis (#2590)
* Add support for giving individual users access to secrets manager
2023-01-31 18:38:53 +01:00
Jared Snider
b412a01d2a
Defect/SG-992 ProviderOrgs Missing Plan Type & EC-591/SG-996 - Provider Org Autoscaling Email Invites Working (#2596)
* SG-992 - Provider receives free org prompt when trying to auto scale org seats because plan type was missing and defaulting to free. PlanType has now been added to provider orgs returned as part of the profile sync.

* SG-992 - Updated Stored proc name to match convention

* EC-591 / SG-996 - (1) Update ProviderUserRepo.GetManyDetailsByProviderAsync to accept optional ProviderUserStatusType (2) Update OrganizationService.cs autoscaling user logic to check if an org is a provider org and send owner emails to the confirmed provider users instead of the managed org owners. Prevents scenario where newly created, managed orgs would not have an owner yet, and ownerEmails would be null and the email service would explode.

* EC-591 / SG-996 - Remove comments

* EC-591 / SG-996 - ES lint fix.

* SG-996 - SQL files must have SQL extensions.

* SG-996 / EC-591 - Update alter sql to be actually backwards compatible

* SG-996 - Make Status actually optional and backwards compatible for ProviderUserUserDetails_ReadByProvider.sql

* SG-992 - Update migrations to meet standards - (1) use CREATE OR ALTER and (2) Update view metadata after change if necessary

* EC-591 / SG-996 - Update Stored Proc migration to use proper standards: (1) Remove unnecessary code and (2) Use CREATE OR ALTER instead of just ALTER

* SG-992 / EC-591 / SG-996 - Refactor separate migrations into single migrations file per PR feedback

* SG-992/SG-996 - Add SyncControllerTests.cs with basic test suite + specific test suite to ensure provider orgs have plan type mapped to output product type properly.

* Fix lint issues by removing unnecessary using statements

* SG-992 - Refresh of view metadata has to target the stored procs that reference the view -- not the view itself.
2023-01-26 11:51:26 -05:00
Thomas Rittson
6dfbd06e8f
[EC-1043] Fix syntax error in ReadKdfByEmail query (#2631) 2023-01-26 15:34:18 +10:00
Kyle Spearrin
7c55d56561
fix lint issues and sql csproj (#2627) 2023-01-25 12:44:32 -05:00
Bernd Schoolmann
cb1ba50ce2
[PS-2267] Add KdfMemory and KDFParallelism fields (#2583)
* Add KdfMemory and KDFParallelism fields

* Revise argon2 support

This pull request makes the new attribues for argon2, kdfMemory and
kdfParallelism optional. Furthermore it adds checks for the argon2
parametrs and improves the database migration script.

* Add validation for argon2 in RegisterRequestModel

* update validation messages

* update sql scripts

* register data protection with migration factories

* add ef migrations

* update kdf option validation

* adjust validation

* Centralize and Test KDF Validation

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
Co-authored-by: Kyle Spearrin <kyle.spearrin@gmail.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2023-01-25 07:56:54 -05:00
Vince Grassia
4041d7f009
Remove old Digital Ocean Marketplace files (#2622) 2023-01-24 13:26:21 -05:00
Matt Bishop
0e32cb944a
Upgrade Swagger (#2611) 2023-01-24 12:10:00 -05:00
Oscar Hinton
bdea036c1f
[SM-454] Refresh OrganizationView (#2605) 2023-01-23 18:03:45 +01:00
Rui Tomé
68989442c8
[EC-427] Add provider types (MSP/Reseller) to Provider table (#2518)
* [EC-427] Add columns 'Type' and 'BillingPhone' to Provider table

* [EC-427] Provider table Type and BillingPhone MySql migrations

* [EC-427] Provider table Type and BillingPhone Postgres migrations

* [EC-427] Add mysql migration script

* [EC-427] Add mysql migration script

* [EC-427] Updated Provider sql script to include default column value

* [EC-427] Removed default value from Provider.Type column

* [EC-427] Changed migration script to include a default value constraint instead of updating the null type

* [EC-427] Updated Sql project Provider table script

* [EC-427] Changed migration script to use 'Create OR Alter' for views and sprocs

* [EC-427] Added default values for 'BillingPhone' and 'Type' fields on sprocs [dbo].[Provider_Create] and [dbo].[Provider_Update]

* [EC-427] Adjusting metadata in migration script

* [EC-427] Updated Provider sprocs SQL script files

* [EC-427] Fixed migration script

* [EC-427] Added sqlite migration

* [EC-427] Add missing Provider_Update sproc default value

* [EC-427] Added missing GO action to migration script

* [EC-428] Redirect to Edit after creating Provider

* Revert "[EC-428] Redirect to Edit after creating Provider"

This reverts commit 6347bca1ed.
2023-01-23 16:08:05 +00:00
Brandon Maharaj
862ce01bf4
[SG-927] Pull the user's selected avatar color from the state store and display on Emergency Contacts page (#2582)
* work: backend changes

* fix: lets not mix up Grantor and Grantee

* work: update view
2023-01-20 13:11:16 -05:00
Matt Bishop
352b42b535
Upgrade FIDO2 library usage out of beta (#2579) 2023-01-19 11:06:51 -05:00
Andreas Coroiu
354caa3063
[EC-647] OAVR v2 Feature Branch Merge (#2588)
* [EC-19] Move SSO Identifier to Org SSO endpoint (#2184)

* [EC-19] Move SSO identifier to Org SSO config endpoint

* [EC-19] Add Jira tech debt issue reference

* [EC-542] Update email communications (#2348)

* [EC-73] Add users alongside groups for collection details (#2358)

* [EC-73] feat: add new stored procedures

* [EC-73] feat: add migration

* [EC-73] chore: rename collection group details

* [EC-73] fix: migration

* [EC-73] feat: return users from dapper repo

* [EC-73] feat: EF support for collection users

* [EC-73] feat: implement updating users in EF

* [EC-73] feat: new collections with users in EF

* [EC-73] feat: create with users in dapper

* [EC-73] feat: update with users in dapper

* [EC-73] fix: collection service tests

* [EC-73] fix: lint

* [EC-73] feat: add new data model and rename for clarity

* [EC-73] chore: add future migrations

* [EC-16 / EC-86] Implement Groups Table Endpoints (#2280)

* [EC-16] Update Group endpoints/repositories to include necessary collection info

* [EC-16] Add delete many groups endpoint and command

* [EC-16] Add DeleteGroupCommand unit tests

* [EC-16] Update migration script

* [EC-16] Formatting

* [EC-16] Support modifying users via Post Group endpoint

- Add optional Users property to GroupRequestModel
- Add users parameter to the GroupService.SaveAsync() method
- Use the users argument to update the Group via the GroupRepository if present.

* [EC-16] Add/update Sprocs for bulk group deletion

- Add a new bump account revision date by multiple org ids sproc to be used by the delete many group sproc.
- Update the delete many group sproc to no longer require the organization Id as authorization is a business concern.

* [EC-16] No longer require org Id in delete many GroupRepository

The group repository should not care about which organization a group belongs to when being deleted. That is a business logic concern and is not necessary at the repository level.

* [EC-16] Remove org Id from delete many group command

- Remove the organization Id from the delete many method.
- Require Group entities instead of just group Ids so that group retrieval is completed outside the command.
- No longer return deleted groups as they are now being passed into the command.
- Update unit tests

* [EC-16] Remove org id from bulk delete group endpoint

- Remove the Org Id from the endpoint and make use of the updated delete many command

* [EC-16] Rename delete many groups sproc

* [EC-16] Update migration script

* [EC-16] Fix typo in migration script

* [EC-16] Fix order of operations in Group_DeleteByIds sproc

* [EC-16] Formatting

* [EC-86] Fix DeleteManyAsync parameter name

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [EC-16] Add missing sproc to sqlproj file

* [EC-16] Improve GroupRepository method performance

Use GroupBy before marrying Groups and Collections to avoid iterating over all collections for every group)

* [EC-16] Use ToListAsync() to be consistent in the repository

* [EC-16] Fix collection grouping in the EF repository

* [EC-16] Adjust DeleteGroup command namespace to be less verbose

* [EC-16] Cleanup DeleteGroupCommandTests

* [EC-16] Formatting

* [EC-16] Ensure a non-null group collection list is provided

* [EC-16] Add bulk GroupEvents method to EventService

- Use the new method in the DeleteGroups command

* [EC-16] Remove bulk delete group Api response

The response is unnecessary and not used by the client

* [EC-16] Log OrganizationUser_UpdateGroups event in GroupService

Events are logged for users during both Group creation (all added users) and modification (only changed users).

* [EC-16] Fix failing unit test

* [EC-16] Rename newUsers variable per feedback

* [EC-16] Assert delete many group log events

Explicitly check for the event type and groups that are logged to the event service.

* [EC-16] Update DeleteManyAsync signature

Use ICollection<> instead of IEnumerable<> to avoid ambiguity of possible multiple enumeration

* [EC-16] Increment migration script name

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* Add missing GO command to EC-73 migration script (#2433)

* [EC-15] Members Grid Api Support (#2485)

* [EC-15] Update OrganizationUser models to support list of collections and groups

* [EC-15] Add sprocs to query GroupUser and CollectionUser entities

* [EC-15] Update the OrganizationUserRepository to optionally fetch groups/collections

* [EC-15] Formatting

* [EC-15] Remove leftover repository method

* [EC-15] Fix table identifier inconsistency in sproc/migration

* Formatting

* [EC-14]: Server changes for Collection rows in Vault (#2360)

* [EC-14] add collection management methods to repo
- delete many, get many by ids, and get many with groups by org

* [EC-14] connection command tests had wrong folder name

* [EC-14] add collection repo methods to interface

* [EC-14] create DeleteCollectionCommand

* [EC-14] add getManyWithDetails collections endpoint

* [EC-14] add GetManyWithGroupsByUserId

* [EC-14] add call to interface

* [EC-14] add GetOrganizationCollectionsWIthGroups
- gets groups with collections
- add tests as well

* [EC-14] add call to interface

* [EC-14] add new coll call to controller
- gets collections with groups

* [EC-14] use new delete collection command

* [EC-14] add CollectionBulkDeleteRequestModel

* [EC-14] remove org from delete collection cmd
- move all permission checks to controller
- add tests to controller
- remove org check from repository method

* [EC-14] add migration and sprocs

* [EC-14] formatting

* [EC-14] revert delete permission check changes

* [EC-14] rename SelectionReadOnly to CollectionAccessSelection

* [EC-14] move GetOrganizationCollectionsWithGroups to controller
- there's no reason to have this logic in the service layer
- we can still test the permission check in the controller
- also renamed repo methods and changed return types

* [EC-14] include users in collection access details

* [EC-14] fix migration names

* [EC-14] bumpAccountRevisionDate when deleting collections

* [EC-14] new line in collection service

* [EC-14] formatting and add .sql to proc file

* [EC-14] more formatting

* [EC-14] formatting

* [EC-14] fix whitespace

* [EC-14] add datetime to event log of single delete

* [EC-14] remove ToList() from enumerables not returned

* [EC-14] fix permissions on "Create new collection"
- a custom user with "Create new collections" should see all collections

* [EC-14] add bulk events for collections

* [EC-14] group collections from db before iterating

* [EC-14] sql formatting and missing GO

* [EC-14] fix tests

* [EC-14] add null handling to repo methods

* [EC-14] fix account revision call

* [EC-14] formatting

* [EC-548] Member Details Group Tab (#2508)

* [EC-548] Update models to support groups

* [EC-548] Include groups in invite and save organization user methods

* [EC-548] Pass groups to service methods in member/user controllers

* [EC-548] Fix failing tests

* [EC-548] Add option to include groups for GET org user query

* Formatting

* [EC-887] Server fix for managers seeing options to edit/delete Collections they aren't assigned to (#2542)

* [EC-887] Add Assigned property to CollectionResponseModel

A new property to determine if a collection is assigned to the acting user; as some users, have the view all collections permission, but cannot see every collection's items

* [EC-887] Update logic for retrieving GET all collection details

- Only need to check the ViewAllCollections permission
- Calculate new Assigned response property based on the assignedOrgCollections list

* Formatting

* [EC-887] Update unit tests

Co-authored-by: Shane Melton <smelton@bitwarden.com>
Co-authored-by: Jacob Fink <jfink@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2023-01-19 11:00:54 -05:00
Justin Baur
c6e2db1ff5
Remove Unused Auto Properties (#2580)
* Correct Auto Navigation Property

* Add Needed Migration
2023-01-13 14:24:58 -05:00
Oscar Hinton
504395a4e1
Fix linting errors (#2577)
* Fix linting errors

* Use microsoft.Data.SqlClient
2023-01-13 17:02:44 +01:00
Oscar Hinton
1f0fc43278
[SM-394] Secrets Manager (#2164)
Long lived feature branch for Secrets Manager

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
Co-authored-by: cd-bitwarden <106776772+cd-bitwarden@users.noreply.github.com>
Co-authored-by: CarleyDiaz-Bitwarden <103955722+CarleyDiaz-Bitwarden@users.noreply.github.com>
Co-authored-by: Thomas Avery <tavery@bitwarden.com>
Co-authored-by: Colton Hurst <colton@coltonhurst.com>
2023-01-13 15:02:53 +01:00
Matt Bishop
df2edcfb8c
Migrate to Microsoft.Data.SqlClient (#2548) 2023-01-10 15:58:41 -05:00
Todd Martin
145071d499
Remove EF migration scripts (#2550)
* Removed Scripts folders

* Removed .csproj references.

* Added back HelperScripts

* Added back additional helper scripts.

* Fixed extra ItemGroup
2023-01-10 13:46:19 -05:00
Kyle Spearrin
97b5a7e55d
add sqlite migrations for avatar color (#2543)
* add sqlite migrations for avatar color

* lint fix
2023-01-10 07:50:34 -05:00
Oscar Hinton
b1dfbe7519
[SM-412] Remove postgres timezone legacy behavior (#2547) 2023-01-09 11:53:47 +01:00
Mathijs van Veluw
3e07d0bd32
Fix Inactive two-step login check (#2523)
It looks like 2fa.directory has changed it's API endpoint.
According to https://2fa.directory/api/ it now uses `api.2fa.directory` instead of `2fa.directory/api`.

This PR fixes the URL's where needed.
A fix for the client side is also created.
2023-01-03 19:57:53 +01:00
Brandon Maharaj
aa1f443530
[SG-58] Avatar color selector (#2330)
* chore: backend work

* changed typing to match efc

* Update User_Update.sql

* fix: script cleanup

* fix: adjust max length

* fix: adjust max length

* fix: added missing script changes

* fix: use short form for creating objects

* add: mysql migrations

* chore: add mysql script

* chore: posgres migrations

* chore: postgres migrations

* fix: lint

* Update 20221115034053_AvatarColor.cs

* fix: removed gravatar inline (#2447)

Co-authored-by: Todd Martin <tmartin@bitwarden.com>
Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com>
2023-01-01 11:28:59 -05:00
Kyle Spearrin
c39fb8f7af
update ef core libraries (#2515)
* update ef core libraries

* lock file updates
2022-12-25 20:49:14 -05:00
Jared Snider
a791f93051
Defect/SG-825 - users in org w/ no personal vault still see personal vault (disabled org policies now still apply) (#2429)
* SG-825 - Policy_ReadByUserId stored proc now pulls back policies of disabled orgs

* SG-825 - SyncController - Always retrieve policies -- even if orgs are disabled.

* SG-825 - EF - PolicyReadByUserId - autoformat to remove whitespace and pass eslint build error
2022-12-16 15:22:39 -05:00
Matt Gibson
7cbc4a8970
Add Sqlite as EF DB provider (#2487)
* Add Sqlite as EF DB provider

Note: In-memory sqlite does not work across projects, since the migrator
only runs on the Admin project

Co-authored-by: Justin Baur <justindbaur@users.noreply.github.com>

* Include example sqlite connection string

* Add migrator assembly to sqlite connection

* Update initial migration to current schema state

* dotnet format 🤖

* Update package locks

* Respect name set in BW_SSL_KEY for cert generation (#2490)

(cherry picked from commit 2469e10110)

* [PS-2016] Add ability to change UID/GID for Bitwarden unified (#2495)

(cherry picked from commit c6fbe8cc44)

* Add SqliteMigrations project to unified Dockerfile

Co-authored-by: Justin Baur <justindbaur@users.noreply.github.com>
Co-authored-by: accolon <mail@accolon.net>
Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
2022-12-14 08:28:51 -06:00
Rui Tomé
ae280a313c
[EC-343] Gate custom permissions behind enterprise plan (#2352)
* [EC-343] Added column 'UseCustomPermissions' to Organization table

* [EC-343] Added 'UseCustomPermissions' to Api responses

* [EC-343] Added 'UseCustomPermissions' to Admin view

* [EC-343] Add constraint to Organization table to have default UseCustomPermissions value

* [EC-343] Recreate OrganizationView to include UseCustomPermissions column

* [EC-343] Add MySql EF migrations

* [EC-343] Add Postgres EF migrations

* Revert "[EC-343] Add Postgres EF migrations"

This reverts commit 8f1654cb7d.

* [EC-343] Add Postgres migrations and script

* [EC-343] dotnet format

* [EC-343] Set 'Custom Permissions' feature as unchecked for teams plan

* [EC-343] Add CustomPermissions to plan upgrades

* [EC-343] Update CURRENT_LICENSE_FILE_VERSION

* [EC-343] Enable 'Custom Permissions' on Enterprise 2019 plan

* [EC-343] Updated migration script to include Enterprise 2019 plan

* [EC-343] Update CURRENT_LICENSE_FILE_VERSION to 10

* [EC-343] Move logic checking if Organization can use custom permissions to OrganizationService

* [EC-343] Add unit tests to validate UseCustomPermissions check

* [EC-343] Revert UseCustomPermissionsFlag migration

* [EC-343] Fix typo in OrganizationUserOrganizationDetailsViewQuery

* [EC-343] Add Postgres migrations without affecting other datetime column

* [EC-343] Create ValidateOrganizationCustomPermissionsEnabledAsync. Add more unit tests around CustomPermissions check

* [EC-343] Add curly brackets to if condition

* [EC-343] Rename unit tests
2022-12-06 09:50:08 +00:00
Kyle Spearrin
41db511872
cast Min function values to int (#2459) 2022-12-02 13:55:51 -05:00
Vince Grassia
194dfe7e14
Bitwarden Unified Self-Host project (#2410) 2022-11-18 14:39:01 -05:00