* Add delete permission to cs role
* Add domain verification stat to portal
* add feature flag and unit tests
* fix test
* Refactor from PR feedback
* update comment
* Return Policy object instead of NotFoundException
* Add unit tests, change orgId type to Guid
* Fix test cases, throw exception when manage not allowed
* Add check for managed user before purging account
* Rename IOrganizationRepository.GetByClaimedUserDomainAsync to GetByVerifiedUserEmailDomainAsync and refactor to return a list. Remove ManagedByOrganizationId from ProfileResponseMode. Add ManagesActiveUser to ProfileOrganizationResponseModel
* Rename the property ManagesActiveUser to UserIsManagedByOrganization
* Remove whole class #nullable enable and add it to specific places
* [PM-11405] Account Deprovisioning: Prevent a verified user from changing their email address
* Remove unnecessary .ToList()
* Refactor IUserService methods GetOrganizationsManagingUserAsync and IsManagedByAnyOrganizationAsync to not return nullable objects. Update ProfileOrganizationResponseModel.UserIsManagedByOrganization to not be nullable
* Update error message when unable to purge vault for managed account
* Update error message when unable to change email for managed account
* Update expected error messages on unit tests
* Add TestFeatureService to Api.IntegrationTest.Helpers and use it on ApiApplicationFactory to be able to enable specific features for each test
* Add CreateVerifiedDomainAsync method to OrganizationTestHelpers
* Add tests to AccountsControllerTest to prevent changing email for managed accounts
* Remove setting the feature flag value in ApiApplicationFactory and set it on AccountsControllerTest
* Remove TestFeatureService class from Api.IntegrationTest.Helpers
* Refactor OrganizationUsersController.Get to include organization management status of organization users in details endpoint
* Refactor OrganizationUsersController.Get to include organization management status of an individual user in details endpoint
* Remove redundant .ToDictionary()
* Simpify the property xmldoc
* Name tuple variables in OrganizationUsersController.Get
* Name returned tuple objects in GetDetailsByIdWithCollectionsAsync method in OrganizationUserRepository
* Refactor MembersController.Get to destructure tuple returned by GetDetailsByIdWithCollectionsAsync
* Add test for OrganizationUsersController.Get to assert ManagedByOrganization is set accordingly
* Allow for binning of comb IDs by date and value
* Introduce notification hub pool
* Replace device type sharding with comb + range sharding
* Fix proxy interface
* Use enumerable services for multiServiceNotificationHub
* Fix push interface usage
* Fix push notification service dependencies
* Fix push notification keys
* Fixup documentation
* Remove deprecated settings
* Fix tests
* PascalCase method names
* Remove unused request model properties
* Remove unused setting
* Improve DateFromComb precision
* Prefer readonly service enumerable
* Pascal case template holes
* Name TryParse methods TryParse
* Apply suggestions from code review
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* AllClients is a set of clients and must be deduplicated
* Fix registration start time
* Add logging to initialization of a notification hub
* more logging
* Add lower level logging for hub settings
* Log when connection is resolved
* Improve log message
* Log pushes to notification hub
* temporarily elevate log messages for visibility
* Log in multi-service when relaying to another push service
* Revert to more reasonable logging free of user information
* Fixup merge
Deleting user was extracted to a command in #4803, this updates that work to use just the device ids as I did elsewhere in abd67e8ec
* Do not use bouncy castle exception types
* Add required services for logging
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
* Add check for managed user before purging account
* Rename IOrganizationRepository.GetByClaimedUserDomainAsync to GetByVerifiedUserEmailDomainAsync and refactor to return a list. Remove ManagedByOrganizationId from ProfileResponseMode. Add ManagesActiveUser to ProfileOrganizationResponseModel
* Rename the property ManagesActiveUser to UserIsManagedByOrganization
* Remove whole class #nullable enable and add it to specific places
* Remove unnecessary .ToList()
* Refactor IUserService methods GetOrganizationsManagingUserAsync and IsManagedByAnyOrganizationAsync to not return nullable objects. Update ProfileOrganizationResponseModel.UserIsManagedByOrganization to not be nullable
* Update error message when unable to purge vault for managed account
* Add HasConfirmedOwnersExceptQuery class, interface and unit tests
* Register IHasConfirmedOwnersExceptQuery for dependency injection
* Replace OrganizationService.HasConfirmedOwnersExceptAsync with HasConfirmedOwnersExceptQuery
* Refactor DeleteManagedOrganizationUserAccountCommand to use IHasConfirmedOwnersExceptQuery
* Fix unit tests
* Extract IOrganizationService.RemoveUserAsync into IRemoveOrganizationUserCommand; Update unit tests
* Extract IOrganizationService.RemoveUsersAsync into IRemoveOrganizationUserCommand; Update unit tests
* Refactor RemoveUserAsync(Guid organizationId, Guid userId) to use ValidateDeleteUser
* Refactor RemoveOrganizationUserCommandTests to use more descriptive method names
* Refactor controller actions to accept Guid directly instead of parsing strings
* Add unit tests for removing OrganizationUser by UserId
* Refactor remove OrganizationUser by UserId method
* Add summary to IHasConfirmedOwnersExceptQuery
* Added /domain/sso/verified to organization controller
* Restricting sproc to only return verified domains if the org has sso. Adding name. corrected route. removed not found exception. Adding the sproc definition to the SQL project
* PM-11123: Notification Status Details view
* PM-11123: Test Typo
* PM-11123: New line missing
* PM-11123: Delete unnecessary field
* PM-11123: Moved NotificationStatusDetails to Models/Data
* PM-11123: Service layer
* PM-11123: Service layer for Notification Center
* PM-11123: Throw error on unsupported requirement
* PM-11123: Missing await
* PM-11123: Cleanup
* PM-11123: Unit Test coverage
* PM-11123: Flipping the authorization logic to be exact match of fail, formatting
* PM-11123: Async warning
* PM-11123: Using AuthorizeOrThrowAsync, removal of redundant set new id
* PM-11123: UT typo
* PM-11123: UT fix
* Add HasVerifiedDomainsAsync method to IOrganizationDomainService
* Add GetManagedUserIdsByOrganizationIdAsync method to IOrganizationUserRepository and the corresponding queries
* Fix case on the sproc OrganizationUser_ReadManagedIdsByOrganizationId parameter
* Update the EF query to use the Email from the User table
* dotnet format
* Fix IOrganizationDomainService.HasVerifiedDomainsAsync by checking that domains have been Verified and add unit tests
* Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync
* Fix domain queries
* Add OrganizationUserRepository integration tests
* Add summary to IOrganizationDomainService.HasVerifiedDomainsAsync
* chore: Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync to GetManyIdsManagedByOrganizationIdAsync
* Add IsManagedByAnyOrganizationAsync method to IUserRepository
* Add integration tests for UserRepository.IsManagedByAnyOrganizationAsync
* Refactor to IUserService.IsManagedByAnyOrganizationAsync and IOrganizationService.GetUsersOrganizationManagementStatusAsync
* chore: Refactor IsManagedByAnyOrganizationAsync method in UserService
* Refactor IOrganizationService.GetUsersOrganizationManagementStatusAsync to return IDictionary<Guid, bool>
* Extract IOrganizationService.GetUsersOrganizationManagementStatusAsync into a query
* Update comments in OrganizationDomainService to use proper capitalization
* Move OrganizationDomainService to AdminConsole ownership and update namespace
* feat: Add support for organization domains in enterprise plans
* feat: Add HasOrganizationDomains property to OrganizationAbility class
* refactor: Update GetOrganizationUsersManagementStatusQuery to use IApplicationCacheService
* Remove HasOrganizationDomains and use UseSso to check if Organization can have Verified Domains
* Refactor UserService.IsManagedByAnyOrganizationAsync to simply check the UseSso flag
* Add new event types for organization user deletion and voluntary departure
* Add DeleteManagedOrganizationUserAccountCommand to remove user and delete account
* Refactor DeleteManagedOrganizationUserAccountCommand to use orgUser.Id instead of orgUser.UserId.Value
* Add DeleteManagedOrganizationUserAccountCommandTests
* Add an endpoint to the OrganizationUsersController to delete a user account managed by an organization
* Add unit tests for OrganizationUsersController.DeleteAccount
* Add an endpoint to the OrganizationUsersController to bulk delete user accounts managed by an organization
* Add unit tests for OrganizationUsersController.BulkDeleteAccount
* Gate new endpoints behind feature flag
* Remove duplicate migration
* Remove unnecessary _userService.GetProperUserId
* Add PremiumUserSale
* Add PremiumUserBillingService
* Integrate into UserService behind FF
* Update invoice.created handler to bill newly created PayPal customers
* Run dotnet format
* Add OrganizationUserMiniDetails endpoint, models and authorization
* Restrict access to current OrganizationUserUserDetails endpoint
Both are behind feature flags
* Add HasVerifiedDomainsAsync method to IOrganizationDomainService
* Add GetManagedUserIdsByOrganizationIdAsync method to IOrganizationUserRepository and the corresponding queries
* Fix case on the sproc OrganizationUser_ReadManagedIdsByOrganizationId parameter
* Update the EF query to use the Email from the User table
* dotnet format
* Fix IOrganizationDomainService.HasVerifiedDomainsAsync by checking that domains have been Verified and add unit tests
* Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync
* Fix domain queries
* Add OrganizationUserRepository integration tests
* Add summary to IOrganizationDomainService.HasVerifiedDomainsAsync
* chore: Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync to GetManyIdsManagedByOrganizationIdAsync
* Add IsManagedByAnyOrganizationAsync method to IUserRepository
* Add integration tests for UserRepository.IsManagedByAnyOrganizationAsync
* Refactor to IUserService.IsManagedByAnyOrganizationAsync and IOrganizationService.GetUsersOrganizationManagementStatusAsync
* chore: Refactor IsManagedByAnyOrganizationAsync method in UserService
* Refactor IOrganizationService.GetUsersOrganizationManagementStatusAsync to return IDictionary<Guid, bool>
* Extract IOrganizationService.GetUsersOrganizationManagementStatusAsync into a query
* Update comments in OrganizationDomainService to use proper capitalization
* Move OrganizationDomainService to AdminConsole ownership and update namespace
* feat: Add support for organization domains in enterprise plans
* feat: Add HasOrganizationDomains property to OrganizationAbility class
* refactor: Update GetOrganizationUsersManagementStatusQuery to use IApplicationCacheService
* Remove HasOrganizationDomains and use UseSso to check if Organization can have Verified Domains
* Refactor UserService.IsManagedByAnyOrganizationAsync to simply check the UseSso flag
* Add new event types for organization user deletion and voluntary departure
* Add DeleteManagedOrganizationUserAccountCommand to remove user and delete account
* Refactor DeleteManagedOrganizationUserAccountCommand to use orgUser.Id instead of orgUser.UserId.Value
* Add DeleteManagedOrganizationUserAccountCommandTests
* Remove duplicate sql migration script
* Update DeleteManagedOrganizationUserAccountCommand methods to cover all existing checks on OrganizationService
* Add unit tests for all user checks
* Refactor DeleteManagedOrganizationUserAccountCommand
* Set nullable enable annotation on DeleteManagedOrganizationUserAccountCommand
* Fix possible null reference
* Refactor DeleteManagedOrganizationUserAccountCommand.cs for improved event logging
* Use UserRepository.GetByIdAsync instead of UserService.GetUserByIdAsync
* Refactor DeleteManagedOrganizationUserAccountCommand.cs for improved error messages
* Refactor DeleteManagedOrganizationUserAccountCommand.cs for improved event logging, error handling and reduce database calls
* Rename unit tests to correctly describe expected outcome
* PM-11123: Device Type mapping
* PM-11123: Moving ClientType out of NotificationCenter, naming clash with Identity ClientType
* PM-11123: Rename ClientType in ICurrentContext to match the type
* PM-11969 - Add new logic for registering a user via an AcceptEmergencyAccessInviteToken
* PM-11969 - Unit test new RegisterUserViaAcceptEmergencyAccessInviteToken method.
* PM-11969 - Integration test new method
* PM-11945 - Rename RegisterUserWithOptionalOrgInvite to RegisterUserViaOrgInvite as the org invite isn't optional in the function - just the overall process of registration.
* PM-11945 - Yet another rename
* PM-11945 - Wire up call to RegisterUserViaOrgSponsoredFreeFamilyPlanInviteToken and test.
* PM-11945 - RegisterUserCommandTests - test new method
* PM-11949 - Rename tests
* PM-11945 - AccountsControllerTests.cs - add integration test for RegistrationWithEmailVerification_WithOrgSponsoredFreeFamilyPlanInviteToken_Succeeds
* PM-11945 - Adjust naming per PR feedback to match docs.
* PM-11945 - More renaming
* Refactor: Update metadata in OrganizationSignup and OrganizationUpgrade
This commit moves the IsFromSecretsManagerTrial flag from the OrganizationUpgrade to the OrganizationSignup because it will only be passed in on organization creation. Additionally, it removes the nullable boolean 'provider' flag passed to OrganizationService.SignUpAsync and instead adds that boolean flag to the OrganizationSignup which seems more appropriate.
* Introduce OrganizationSale
While I'm trying to ingrain a singular model that can be used to purchase or upgrade organizations, I disliked my previously implemented OrganizationSubscriptionPurchase for being a little too wordy and specific. This sale class aligns more closely with the work we need to complete against Stripe and also uses a private constructor so that it can only be created and utilized via an Organiztion and either OrganizationSignup or OrganizationUpgrade object.
* Use OrganizationSale in OrganizationBillingService
This commit renames the OrganizationBillingService.PurchaseSubscription to Finalize and passes it the OrganizationSale object. It also updates the method so that, if the organization already has a customer, it retrieves that customer instead of automatically trying to create one which we'll need for upgraded free organizations.
* Add functionality for free organization upgrade
This commit adds an UpdatePaymentMethod to the OrganizationBillingService that will check if a customer exists for the organization and if not, creates one with the updated payment source and tax information. Then, in the UpgradeOrganizationPlanCommand, we can use the OrganizationUpgrade to get an OrganizationSale and finalize it, which will create a subscription using the customer created as part of the payment method update that takes place right before it on the client-side. Additionally, it adds some tax ID backfill logic to SubscriberService.UpdateTaxInformation
* (No Logic) Re-order OrganizationBillingService methods alphabetically
* (No Logic) Run dotnet format
* Add HasVerifiedDomainsAsync method to IOrganizationDomainService
* Add GetManagedUserIdsByOrganizationIdAsync method to IOrganizationUserRepository and the corresponding queries
* Fix case on the sproc OrganizationUser_ReadManagedIdsByOrganizationId parameter
* Update the EF query to use the Email from the User table
* dotnet format
* Fix IOrganizationDomainService.HasVerifiedDomainsAsync by checking that domains have been Verified and add unit tests
* Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync
* Fix domain queries
* Add OrganizationUserRepository integration tests
* Add summary to IOrganizationDomainService.HasVerifiedDomainsAsync
* chore: Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync to GetManyIdsManagedByOrganizationIdAsync
* Add IsManagedByAnyOrganizationAsync method to IUserRepository
* Add integration tests for UserRepository.IsManagedByAnyOrganizationAsync
* Refactor to IUserService.IsManagedByAnyOrganizationAsync and IOrganizationService.GetUsersOrganizationManagementStatusAsync
* chore: Refactor IsManagedByAnyOrganizationAsync method in UserService
* Refactor IOrganizationService.GetUsersOrganizationManagementStatusAsync to return IDictionary<Guid, bool>
* Extract IOrganizationService.GetUsersOrganizationManagementStatusAsync into a query
* Update comments in OrganizationDomainService to use proper capitalization
* Move OrganizationDomainService to AdminConsole ownership and update namespace
* feat: Add support for organization domains in enterprise plans
* feat: Add HasOrganizationDomains property to OrganizationAbility class
* refactor: Update GetOrganizationUsersManagementStatusQuery to use IApplicationCacheService
* Remove HasOrganizationDomains and use UseSso to check if Organization can have Verified Domains
* Refactor UserService.IsManagedByAnyOrganizationAsync to simply check the UseSso flag
* Add TODO comment for replacing 'UseSso' organization ability on user verified domain checks
* Bump date on migration script
* Add indexes to OrganizationDomain table
* Bump script migration date; Remove WITH ONLINE = ON from data migration.
* Added invoices and transaction history endpoints. Added cursor paging for each
* Removed try/catch since it's handled by middleware. Updated condition to use pattern matching
* Added unit tests for PaymentHistoryService
* Removed organizationId from account billing controller endpoints
* Initial draft of moving the org user controller details method into a query
* Removing comments and addressing pr items
* Adding the org users query to core
* Adding the member access report
* Addressing some pr concerns and refactoring to be more efficient
* Some minor changes to the way properties are spelled
* Setting authorization to organization
* Adding the permissions check for reports and comments
* removing unnecessary usings
* Removing ciphers controller change that was a mistake
* There was a duplication issue in getting collections for users grabbing groups
* Adding comments to the CreateReport method
* Only get the user collections by userId
* Some finaly refactoring
* Adding the no group, no collection, and no perms local strings
* Modifying and adding query test cases
* Removing unnecessary permissions code in query
* Added mapping for id and UsesKeyConnector to MemberAccessReportModel (#4681)
* Moving test cases from controller fully into the query.
---------
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
Co-authored-by: aj-rosado <109146700+aj-rosado@users.noreply.github.com>
* Rename IDeleteOrganizationUserCommand to IRemoveOrganizationUserCommand
* Rename IOrganizationService DeleteUser methods to RemoveUser
* Rename API endpoints for deleting organization users to "Remove"
* chore: Rename Delete method to Remove in MembersController
* Add SQL script to migrate custom users with specific permissions to User type
Remove 'editAssignedCollections' and 'deleteAssignedCollections' properties from Permissions in OrganizationUser table. Migrate custom users who only have these permissions to the User type.
* Add MySQL migration to migrate custom users with specific permissions to User type
* Add Postgres migration to migrate custom users with specific permissions to User type
* Add Sqlite migration to migrate custom users with specific permissions to User type
* Update AutoFixture usage in tests to resolve creating ILogger mock instances
* Update EF integration tests database contexts to use each respective Migrations assembly. Configure Sqlite instance
* Add RunMigration method to BaseEntityFrameworkRepository
* Add FinalFlexibleCollectionsDataMigrationsTests
* Improve data migration efficiency by using OPENJSON instead of multiple JSON_EXTRACT
* Add batching to the sql data migrations
* Update DbMigrator to run a specific script based on its name
* Update DatabaseDataAttribute to be able to test a specific migration
* Add reference to the migration projects to Infrastructure.IntegrationTest
* Add integration test to test the migration FinalFlexibleCollectionsDataMigrations
* Remove EFIntegration tests and remove RunMigration method from BaseEntityFrameworkRepository
* Add IMigrationTesterService and implementations for SQL and EF migrations
* Add FinalFlexibleCollectionsDataMigrationsTests and remove test from OrganizationUserRepositoryTests
* Update sql data migration script based on performance feedback
* Bump date on EF migration scripts
* Add xmldoc comments to IMigrationTesterService and each implementation
* Bump up the date on the EF migration scripts
* Bump up dates on EF migrations
* Added tests to assert no unwanted changes are made to the permissions json. Refactor tests.
* Revert changes made to DbMigrator and refactor SqlMigrationTesterService to not use it.
* Add method description
* Fix test to assert no changes are made to custom user
* Remove unnecessary COALESCE and SELECT CASE
* Unident lines on SQL script
* Update DatabaseDataAttribute MigrationName property to be nullable
* Fix null reference checks
* Remove unnecessary COALESCE from Postgres script
* Bump dates on migration scripts
* Bump up dates on EF migrations
* Add migration tests for handling null
* Add test for non json values
* Fix test
* Remove migrations
* Recreate EF migrations
* Update Postgres data migration script to check for valid JSON in Permissions column
---------
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
* Refactor: Rename some methods and models for consistency
This commit contains no logic changes at all. It's entirely comprised of renames of existing models and methods to bring our codebase more in line with our app's functionality and terminology.
* Add feature flag: AC-2476-deprecate-stripe-sources-api
* Standardize error responses from applicable billing controllers
During my work on CB, I found that just using the built-in TypedResults errors results in the client choking on the response because it's looking for the ErrroResponseModel. The new BaseBillingController provides Error utilities to return TypedResults wrapping that model so the client can process it.
* Add feature flagged payment method endoints to OrganizationBillingController
* Run dotnet format
* Log events from the import organization flow
* Use an interface for the `OrganizationUser` object used to log events
* Log import events as being from the public api if they are
* Add logging for created groups
* Log proper group ids
* Fix tests
* Also log update events for groups
* Remove private API `import` endpoint
* Make `eventSystemUser` non-nullable for `ImportAsync`
* Fix tests
* Delete `ImportOrganizationUsersRequestModel`
* Fix tests
Subscription update tests were not fixing the current maxAutoscaleSeats
value. Autodata could sometimes make it the same as the new value,
so the update code wouldn't be triggered and the test would fail
* Add Collections Tests
* Update CollectionRepository Implementation
* Test Adding And Deleting Through Replace
* Format
* Fix Most Test Warnings
* Format
* chore: remove fc v1 from groups controller, refs PM-10291
* chore: remove fc v1 from organization users controller, refs PM-10291
* chore: remove fc v1 from organizations controller and clean up unsused imports, refs PM-10291
* chore: remove fc v1 from BulkCollectionAuthorizationHandler, refs PM-10291
* chore: remove fc v1 from CiphersCollections, refs PM-10291
* fix: unit tests related to fc v1 flag removal, refs PM-10291
* chore: update AllowAdminAccessToAllCollectionItems to take optional params, increase usage, refs PM-10291
* fix: format files, refs PM-10291
* chore: revert change to helper method, ignore double cache call, refs PM-10291
* feat: Add stored procedure for reading organization user details with premium access by organization ID
The code changes include:
- Addition of a new stored procedure [dbo].[OrganizationUserUserDetailsWithPremiumAccess_ReadByOrganizationId] to read organization user details with premium access by organization ID
- Modification of the IUserService interface to include an optional parameter for checking two-factor authentication with premium access
- Modification of the UserService class to handle the new optional parameter in the TwoFactorIsEnabledAsync method
- Addition of a new method GetManyDetailsWithPremiumAccessByOrganizationAsync in the IOrganizationUserRepository interface to retrieve organization user details with premium access by organization ID
- Addition of a new view [dbo].[OrganizationUserUserDetailsWithPremiumAccessView] to retrieve organization user details with premium access
* Add IUserRepository.SearchDetailsAsync that includes the field HasPremiumAccess
* Check the feature flag on Admin.UsersController to see if the optimization runs
* Modify PolicyService to run query optimization if the feature flag is enabled
* Refactor the parameter check on UserService.TwoFactorIsEnabledAsync
* Run query optimization on public MembersController if feature flag is enabled
* Restore refactor
* Reverted change used for development
* Add unit tests for OrganizationService.RestoreUser
* Separate new CheckPoliciesBeforeRestoreAsync optimization into new method
* Add more unit tests
* Apply refactor to bulk restore
* Add GetManyDetailsAsync method to IUserRepository. Add ConfirmUsersAsync_vNext method to IOrganizationService
* Add unit tests for ConfirmUser_vNext
* Refactor the optimization to use the new TwoFactorIsEnabledAsync method instead of changing the existing one
* Removed unused sql scripts and added migration script
* Remove unnecessary view
* chore: Remove unused SearchDetailsAsync method from IUserRepository and UserRepository
* refactor: Use UserDetails constructor in UserRepository
* Add summary to IUserRepository.GetManyDetailsAsync
* Add summary descriptions to IUserService.TwoFactorIsEnabledAsync
* Remove obsolete annotation from IUserRepository.UpdateUserKeyAndEncryptedDataAsync
* refactor: Rename UserDetails to UserWithCalculatedPremium across the codebase
* Extract IUserService.TwoFactorIsEnabledAsync into a new TwoFactorIsEnabledQuery class
* Add unit tests for TwoFactorIsEnabledQuery
* Update TwoFactorIsEnabledQueryTests to include additional provider types
* Refactor TwoFactorIsEnabledQuery
* Refactor TwoFactorIsEnabledQuery and update tests
* refactor: Update TwoFactorIsEnabledQueryTests to include test for null TwoFactorProviders
* refactor: Improve TwoFactorIsEnabledQuery and update tests
* refactor: Improve TwoFactorIsEnabledQuery and update tests
* Remove empty <returns> from summary
* Update User_ReadByIdsWithCalculatedPremium stored procedure to accept JSON array of IDs
* SM-1146: SM Organization Counts for Projects, Secrets, Machine Accounts
* SM-1146: Project total counts
* SM-1146: models object renames
* SM-1146: Service Account total counts
* SM-1146: Unit test coverage for counts controller
* SM-1146: Counts controller simplification, UT update
* SM-1146: Service Account total counts from Service Account auth user
* SM-1146: Integration Tests for total counts controller
* SM-1146: Explicitly denying access for Service Accounts
* SM-1146: Fix broken ProjectsController integration test
* SM-1146: Integration tests for counts controller
* SM-1146: Explicitly denying access for Service Accounts cleanup
* SM-1146: Test cleanup
* SM-1146: PR review comments fix
* SM-1146: People, Service Accounts positive count on write access
* Update bitwarden_license/src/Commercial.Infrastructure.EntityFramework/SecretsManager/Repositories/ProjectRepository.cs
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
---------
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
* Fix error handling in provider setup process
This update ensures that when 'enable-consolidated-billing' is on, any exception thrown during the Stripe customer or subscription setup process for the provider will block the remainder of the setup process so the provider does not enter an invalid state
* Refactor the way BillingException is thrown
Made it simpler to just use the exception constructor and also ensured it was added to the exception handling middleware so it could provide a simple response to the client
* Handle all Stripe exceptions in exception handling middleware
* Fixed error response output for billing's provider controllers
* Cleaned up billing owned provider controllers
Changes were made based on feature updates by product and stuff that's no longer needed. No need to expose sensitive endpoints when they're not being used.
* Reafctored get invoices
Removed unnecssarily bloated method from SubscriberService
* Updated error handling for generating the client invoice report
* Moved get provider subscription to controller
This is only used once and the service layer doesn't seem like the correct choice anymore when thinking about error handling with retrieval
* Handled bad request for update tax information
* Split out Stripe configuration from unauthorization
* Run dotnet format
* Addison's feedback
* Remove Organization.FlexibleCollections from code
* Drop Organization.FlexibleCollections column in EF databases
(MSSQL column to be retained for 1 additional deployment to support rollback in cloud)
* Adding API endpoint to send out Access Request for SM to Admins, adding email template
* Fixing email template HTML, adding tests
* fixing tests
* fixing lint
* Moving files to proper locations
* fixing build error relating to not removing some old code
* Updating namespaces and removing unused using statements
* Dependency injection fix
* Fixing tests and moving them to proper files
* lint
* format fixes
* dotnet format fix
* small fixes
* removing using directive's that aren't needed
* Update bitwarden_license/test/Commercial.Core.Test/SecretsManager/Commands/PasswordManager/RequestSMAccessCommandTests.cs
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
* Update src/Core/MailTemplates/Handlebars/SecretsManagerAccessRequest.text.hbs
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
* Update bitwarden_license/src/Commercial.Core/SecretsManager/Commands/PasswordManager/RequestSMAccessCommand.cs
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
* Changes requested by Thomas
* Lint fixes
* Suggested changes from Maceij
* Current state of tests
* Fixing tests and getting the core.csproj file from main
* Reverting csproj file change
* Removing usings directory
* dotnet format
* Fixing test
* Update bitwarden_license/test/Commercial.Core.Test/SecretsManager/Commands/Requests/RequestSMAccessCommandTests.cs
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
* Update test/Api.Test/SecretsManager/Controllers/RequestSMAccessControllerTests.cs
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
* Thomas requested changes
* Fixing 500 error when user name is null
* Prettier error message if user sends over an whitespace string
* Fixing word wrapping issue in email contents
---------
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
* Attempt to fix tde to mp flow
* Move tde offboarding to dedicated flag
* Add tde offboarding password request
* Validate tde offboarding input
* Correctly check whether tde is active when building trusted device options
* Refactor Tde offboarding into a separate command
* Add unit tests for tde offboarding
* Update tde offboarding request model
* Fix tests
* Fix further tests
* Fix documentation
* Add validation for updatetdepasswordasync key/newmasterpassword
* Add comment explaining test
* Remove unrelated changes
* PM-6198 - RegistrationEmailVerificationTokenable - add new static validate token method
* PM-6198 - Rename RegistrationStart to Registration as we now have to add another anonymous reference event.
* PM-6198 - rest of work
* PM-6198 - Unit test new account controller method.
* PM-6198 - Integration test new account controller endpoint
* remove validation from 2fa GET and mask sensitive data
* skip verification check on put email
* disable verification on send-email and reenable on put email
* validate authenticator on set instead of get
* Revert "validate authenticator on set instead of get"
This reverts commit 7bf2084531.
* fix tests
* fix more tests
* Narrow scope of verify bypass
* Defaulted to false on VerifySecretAsync
* fix default param value
---------
Co-authored-by: Ike Kottlowski <ikottlowski@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
* Added missing authorization validation to OrganizationBillingController endpoints
* Moved authorization validation to top of each method
* Resolved broken unit tests and added some new ones
* chore: remove fc refs in CreateGroup and UpdateGroup commands, refs AC-2646
* chore: remove fc refs and update interface to represent usage/get rid of double enumeration warnings, refs AC-2646
* chore: remove org/provider service fc callers, refs AC-2646
* chore: remove collection service fc callers, refs AC-2646
* chore: remove cipher service import ciphers fc callers, refs AC-2646
* fix: UpdateOrganizationUserCommandTests collections to list, refs AC-2646
* fix: update CreateGroupCommandTests, refs AC-2646
* fix: adjust UpdateGroupCommandTests, refs AC-2646
* fix: adjust UpdateOrganizationUserCommandTests for FC always true, refs AC-2646
* fix: update CollectionServiceTests, refs AC-2646
* fix: remove unnecessary test with fc disabled, refs AC-2646
* fix: update tests to account for AccessAll removal and Manager removal, refs AC-2646
* chore: remove dependence on FC flag for tests, refs AC-2646
* Add AccessToSecretsAsync to the repository
* Add BulkSecretAuthorizationHandler
* Update controller to use the new authz handler
* Add integration test coverage
* Optionally Run `docker-compose`
* Use Traversal Projects Over Solution Files
* Cleanup VSCode Tasks
* Bind DataProtection Keys to Host
- Makes it so the container can be rebuilt without corrupting data
* Update .vscode/tasks.json
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Enable `nullable` for `ApiKey`
* Switch to Using `required`
* Make Scope Be Valid JSON
* Update test/Api.IntegrationTest/SecretsManager/Controllers/ServiceAccountsControllerTests.cs
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Move Nullable Directive
---------
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Sql-backed IDistributedCache
* sqlserver cache table
* remove unused using
* setup EF entity
* cache indexes
* add back cipher
* revert SetupEntityFramework change
* ef cache
* EntityFrameworkCache
* IServiceScopeFactory for db context
* implement EntityFrameworkCache
* move to _serviceScopeFactory
* move to config file
* ef migrations
* fixes
* datetime and error codes
* revert migrations
* migrations
* format
* static and namespace fix
* use time provider
* Move SQL migration and remove EF one for the moment
* Add clean migration of just the new table
* Formatting
* Test Custom `IDistributedCache` Implementation
* Add Back Logging
* Remove Double Logging
* Skip Test When Not EntityFrameworkCache
* Format
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Show a more detailed error message if duplicate GUIDS are passed ot get by Ids
* Update test/Api.IntegrationTest/SecretsManager/Controllers/SecretsControllerTests.cs
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
* Update src/Api/SecretsManager/Models/Request/GetSecretsRequestModel.cs
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
* Update src/Api/SecretsManager/Models/Request/GetSecretsRequestModel.cs
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
* Making requested changes to tests
* lint fix
* fixing whitespace
---------
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
Remove FlexibleCollections feature flag logic for repository methods:
* GetManyByUserIdAsync
* GetManyByUserIdCipherIdAsync
* UpdateCollectionsAsync
* UpdateCollectionsForCiphersAsync
This feature flag was never turned on and we will update the sprocs
directly as required.
Remove FlexibleCollections feature flag logic for repository methods:
* CiphersController.GetByIdAsync
* CipherRepository.DeleteAsync
* CipherRepository.MoveAsync
* RestoreAsync
* SoftDeleteAsync
This feature flag was never turned on and we will update the sprocs
directly as required.
* PM-7322 - AccountsController.cs - create empty method + empty req model to be able to create draft PR.
* PM-7322 - Start on RegisterFinishRequestModel.cs
* PM-7322 - WIP on Complete Registration endpoint
* PM-7322 - UserService.cs - RegisterUserAsync - Tweak of token to be orgInviteToken as we are adding a new email verification token to the mix.
* PM-7322 - UserService - Rename MP to MPHash
* PM-7322 - More WIP progress on getting new finish registration process in place.
* PM-7322 Create IRegisterUserCommand
* PM-7322 - RegisterUserCommand.cs - first WIP draft
* PM-7322 - Implement use of new command in Identity.
* PM-7322 - Rename RegisterUserViaOrgInvite to just be RegisterUser as orgInvite is optional.
* PM07322 - Test RegisterUserCommand.RegisterUser(...) happy paths and one bad request path.
* PM-7322 - More WIP on RegisterUserCommand.cs and tests
* PM-7322 - RegisterUserCommand.cs - refactor ValidateOrgInviteToken logic to always validate the token if we have one.
* PM-7322 - RegisterUserCommand.cs - Refactor OrgInviteToken validation to be more clear + validate org invite token even in open registration scenarios + added tests.
* PM-7322 - Add more test coverage to RegisterUserWithOptionalOrgInvite
* PM-7322 - IRegisterUserCommand - DOCS
* PM-7322 - Test RegisterUser
* PM-7322 - IRegisterUserCommand - Add more docs.
* PM-7322 - Finish updating all existing user service register calls to use the new command.
* PM-7322 - RegistrationEmailVerificationTokenable.cs changes + tests
* PM-7322 - RegistrationEmailVerificationTokenable.cs changed to only verify email as it's the only thing we need to verify + updated tests.
* PM-7322 - Get RegisterUserViaEmailVerificationToken built and tested
* PM-7322 - AccountsController.cs - get bones of PostRegisterFinish in place
* PM-7322 - SendVerificationEmailForRegistrationCommand - Feature flag timing attack delays per architecture discussion with a default of keeping them around.
* PM-7322 - RegisterFinishRequestModel.cs - EmailVerificationToken must be optional for org invite scenarios.
* PM-7322 - HandlebarsMailService.cs - SendRegistrationVerificationEmailAsync - must URL encode email to avoid invalid email upon submission to server on complete registration step
* PM-7322 - RegisterUserCommandTests.cs - add API key assertions
* PM-7322 - Clean up RegisterUserCommand.cs
* PM-7322 - Refactor AccountsController.cs existing org invite method and new process to consider new feature flag for delays.
* PM-7322 - Add feature flag svc to AccountsControllerTests.cs + add TODO
* PM-7322 - AccountsController.cs - Refactor shared IdentityResult logic into private helper.
* PM-7322 - Work on getting PostRegisterFinish tests in place.
* PM-7322 - AccountsControllerTests.cs - test new method.
* PM-7322 - RegisterFinishRequestModel.cs - Update to use required keyword instead of required annotations as it is easier to catch mistakes.
* PM-7322 - Fix misspelling
* PM-7322 - Integration tests for RegistrationWithEmailVerification
* PM-7322 - Fix leaky integration tests.
* PM-7322 - Another leaky test fix.
* PM-7322 - AccountsControllerTests.cs - fix RegistrationWithEmailVerification_WithOrgInviteToken_Succeeds
* PM-7322 - AccountsControllerTests.cs - Finish out integration test suite!
