1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-21 12:05:42 +01:00
Commit Graph

646 Commits

Author SHA1 Message Date
Ike
22dd957543
[PM-10742] Pull Device verification into testable service (#4851)
* initial device removal

* Unit Testing

* Added unit tests fixed validator null checks

* Finalized tests

* formatting

* fixed test

* lint

* addressing review notes

* comments
2024-10-10 17:26:17 -07:00
Rui Tomé
58c6f09629
[PM-12684] Remove Members Bulk 2FA feature flag logic (#4864) 2024-10-09 15:32:49 +01:00
Conner Turnbull
9d06c7b1e0
Added filter for status when getting invoices (#4866) 2024-10-09 13:00:36 +00:00
Jared McCannon
e288ca97a3
[PM-12358] New Verified Organization Domain SSO Detail endpoint (#4838)
* Added /domain/sso/verified to organization controller

* Restricting sproc to only return verified domains if the org has sso. Adding name. corrected route. removed not found exception. Adding the sproc definition to the SQL project
2024-10-07 14:39:57 -05:00
Maciej Zieniuk
738febf031
PM-11123: Notification Status Details view (#4848)
* PM-11123: Notification Status Details view

* PM-11123: Test Typo

* PM-11123: New line missing

* PM-11123: Delete unnecessary field

* PM-11123: Moved NotificationStatusDetails to Models/Data
2024-10-03 22:13:43 +02:00
Maciej Zieniuk
f3f81deb98
[PM-11123] Service layer for Notification Center (#4741)
* PM-11123: Service layer

* PM-11123: Service layer for Notification Center

* PM-11123: Throw error on unsupported requirement

* PM-11123: Missing await

* PM-11123: Cleanup

* PM-11123: Unit Test coverage

* PM-11123: Flipping the authorization logic to be exact match of fail, formatting

* PM-11123: Async warning

* PM-11123: Using AuthorizeOrThrowAsync, removal of redundant set new id

* PM-11123: UT typo

* PM-11123: UT fix
2024-10-02 19:23:19 +02:00
Rui Tomé
337eedcd2c
[PM-10321/PM-10322] Add Endpoints for Deleting Single and Multiple Organization-Managed Users (#4727)
* Add HasVerifiedDomainsAsync method to IOrganizationDomainService

* Add GetManagedUserIdsByOrganizationIdAsync method to IOrganizationUserRepository and the corresponding queries

* Fix case on the sproc OrganizationUser_ReadManagedIdsByOrganizationId parameter

* Update the EF query to use the Email from the User table

* dotnet format

* Fix IOrganizationDomainService.HasVerifiedDomainsAsync by checking that domains have been Verified and add unit tests

* Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync

* Fix domain queries

* Add OrganizationUserRepository integration tests

* Add summary to IOrganizationDomainService.HasVerifiedDomainsAsync

* chore: Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync to GetManyIdsManagedByOrganizationIdAsync

* Add IsManagedByAnyOrganizationAsync method to IUserRepository

* Add integration tests for UserRepository.IsManagedByAnyOrganizationAsync

* Refactor to IUserService.IsManagedByAnyOrganizationAsync and IOrganizationService.GetUsersOrganizationManagementStatusAsync

* chore: Refactor IsManagedByAnyOrganizationAsync method in UserService

* Refactor IOrganizationService.GetUsersOrganizationManagementStatusAsync to return IDictionary<Guid, bool>

* Extract IOrganizationService.GetUsersOrganizationManagementStatusAsync into a query

* Update comments in OrganizationDomainService to use proper capitalization

* Move OrganizationDomainService to AdminConsole ownership and update namespace

* feat: Add support for organization domains in enterprise plans

* feat: Add HasOrganizationDomains property to OrganizationAbility class

* refactor: Update GetOrganizationUsersManagementStatusQuery to use IApplicationCacheService

* Remove HasOrganizationDomains and use UseSso to check if Organization can have Verified Domains

* Refactor UserService.IsManagedByAnyOrganizationAsync to simply check the UseSso flag

* Add new event types for organization user deletion and voluntary departure

* Add DeleteManagedOrganizationUserAccountCommand to remove user and delete account

* Refactor DeleteManagedOrganizationUserAccountCommand to use orgUser.Id instead of orgUser.UserId.Value

* Add DeleteManagedOrganizationUserAccountCommandTests

* Add an endpoint to the OrganizationUsersController to delete a user account managed by an organization

* Add unit tests for OrganizationUsersController.DeleteAccount

* Add an endpoint to the OrganizationUsersController to bulk delete user accounts managed by an organization

* Add unit tests for OrganizationUsersController.BulkDeleteAccount

* Gate new endpoints behind feature flag

* Remove duplicate migration

* Remove unnecessary _userService.GetProperUserId
2024-10-01 15:45:23 +01:00
Alex Morask
594b2a274d
[PM-7452] Handle PayPal for premium users (#4835)
* Add PremiumUserSale

* Add PremiumUserBillingService

* Integrate into UserService behind FF

* Update invoice.created handler to bill newly created PayPal customers

* Run dotnet format
2024-10-01 09:12:08 -04:00
Jonas Hendrickx
84f7cd262c
[PM-12526] Can Reduce Org's PM seats to be lower than SM seats (#4796) 2024-10-01 11:08:10 +02:00
Thomas Rittson
c94a084c86
[PM-3478] Refactor OrganizationUser api (#4752)
* Add OrganizationUserMiniDetails endpoint, models and authorization
* Restrict access to current OrganizationUserUserDetails endpoint
Both are behind feature flags
2024-10-01 07:14:16 +10:00
Jared McCannon
81b151b1c0
[PM-12074] - Refactored Index to use UserViewModel (#4797)
* Refactored View and Edit models to have all needed fields.
2024-09-30 13:21:30 -05:00
renovate[bot]
72b7f6c065
[deps] Billing: Update dotnet monorepo (#4819)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-30 11:14:17 -04:00
renovate[bot]
392ade534e
[deps] Billing: Update Kralizek.AutoFixture.Extensions.MockHttp to v2 (#4831)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-30 11:08:49 -04:00
renovate[bot]
222f8dd949
[deps] Billing: Update xunit-dotnet monorepo (#4827)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-30 09:44:13 +02:00
renovate[bot]
9eacf16ff6
[deps] Billing: Update coverlet.collector to 6.0.2 (#4818)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-30 09:41:57 +02:00
renovate[bot]
bee83724a3
[deps] Billing: Update FluentAssertions to 6.12.1 (#4817)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-30 09:41:33 +02:00
Rui Tomé
6514b342fc
[PM-10316] Add Command to Remove User and Delete Data for Organization-Managed Users (#4726)
* Add HasVerifiedDomainsAsync method to IOrganizationDomainService

* Add GetManagedUserIdsByOrganizationIdAsync method to IOrganizationUserRepository and the corresponding queries

* Fix case on the sproc OrganizationUser_ReadManagedIdsByOrganizationId parameter

* Update the EF query to use the Email from the User table

* dotnet format

* Fix IOrganizationDomainService.HasVerifiedDomainsAsync by checking that domains have been Verified and add unit tests

* Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync

* Fix domain queries

* Add OrganizationUserRepository integration tests

* Add summary to IOrganizationDomainService.HasVerifiedDomainsAsync

* chore: Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync to GetManyIdsManagedByOrganizationIdAsync

* Add IsManagedByAnyOrganizationAsync method to IUserRepository

* Add integration tests for UserRepository.IsManagedByAnyOrganizationAsync

* Refactor to IUserService.IsManagedByAnyOrganizationAsync and IOrganizationService.GetUsersOrganizationManagementStatusAsync

* chore: Refactor IsManagedByAnyOrganizationAsync method in UserService

* Refactor IOrganizationService.GetUsersOrganizationManagementStatusAsync to return IDictionary<Guid, bool>

* Extract IOrganizationService.GetUsersOrganizationManagementStatusAsync into a query

* Update comments in OrganizationDomainService to use proper capitalization

* Move OrganizationDomainService to AdminConsole ownership and update namespace

* feat: Add support for organization domains in enterprise plans

* feat: Add HasOrganizationDomains property to OrganizationAbility class

* refactor: Update GetOrganizationUsersManagementStatusQuery to use IApplicationCacheService

* Remove HasOrganizationDomains and use UseSso to check if Organization can have Verified Domains

* Refactor UserService.IsManagedByAnyOrganizationAsync to simply check the UseSso flag

* Add new event types for organization user deletion and voluntary departure

* Add DeleteManagedOrganizationUserAccountCommand to remove user and delete account

* Refactor DeleteManagedOrganizationUserAccountCommand to use orgUser.Id instead of orgUser.UserId.Value

* Add DeleteManagedOrganizationUserAccountCommandTests

* Remove duplicate sql migration script

* Update DeleteManagedOrganizationUserAccountCommand methods to cover all existing checks on OrganizationService

* Add unit tests for all user checks

* Refactor DeleteManagedOrganizationUserAccountCommand

* Set nullable enable annotation on DeleteManagedOrganizationUserAccountCommand

* Fix possible null reference

* Refactor DeleteManagedOrganizationUserAccountCommand.cs for improved event logging

* Use UserRepository.GetByIdAsync instead of UserService.GetUserByIdAsync

* Refactor DeleteManagedOrganizationUserAccountCommand.cs for improved error messages

* Refactor DeleteManagedOrganizationUserAccountCommand.cs for improved event logging, error handling and reduce database calls

* Rename unit tests to correctly describe expected outcome
2024-09-25 11:02:17 +01:00
Maciej Zieniuk
9a5c6fe527
PM-11123: Device Type mapping (#4768)
* PM-11123: Device Type mapping

* PM-11123: Moving ClientType out of NotificationCenter, naming clash with Identity ClientType

* PM-11123: Rename ClientType in ICurrentContext to match the type
2024-09-23 23:02:32 +02:00
Thomas Rittson
2384e0b7ef
Add AuthorizeOrThrowAsync extension method (#4790) 2024-09-23 08:45:14 +10:00
Jared Snider
fd07de736d
Auth/PM-11969 - Registration with Email Verification - Accept Emergency Access Invite Flow (#4773)
* PM-11969 - Add new logic for registering a user via an AcceptEmergencyAccessInviteToken

* PM-11969 - Unit test new RegisterUserViaAcceptEmergencyAccessInviteToken method.

* PM-11969 - Integration test new method
2024-09-12 19:39:10 -04:00
Jared Snider
7d8df767cd
Auth/PM-11945 - Registration with Email Verification - Fix Org Sponsored Free Family Plan not working (#4772)
* PM-11945 - Rename RegisterUserWithOptionalOrgInvite to RegisterUserViaOrgInvite as the org invite isn't optional in the function - just the overall process of registration.

* PM-11945 - Yet another rename

* PM-11945 - Wire up call to RegisterUserViaOrgSponsoredFreeFamilyPlanInviteToken and test.

* PM-11945 - RegisterUserCommandTests - test new method

* PM-11949 - Rename tests

* PM-11945 - AccountsControllerTests.cs - add integration test for RegistrationWithEmailVerification_WithOrgSponsoredFreeFamilyPlanInviteToken_Succeeds

* PM-11945 - Adjust naming per PR feedback to match docs.

* PM-11945 - More renaming
2024-09-12 15:24:47 -04:00
Alex Morask
68b421fa2b
[PM-11728] Upgrade free organizations without Stripe Sources API (#4757)
* Refactor: Update metadata in OrganizationSignup and OrganizationUpgrade

This commit moves the IsFromSecretsManagerTrial flag from the OrganizationUpgrade to the OrganizationSignup because it will only be passed in on organization creation. Additionally, it removes the nullable boolean 'provider' flag passed to OrganizationService.SignUpAsync and instead adds that boolean flag to the OrganizationSignup which seems more appropriate.

* Introduce OrganizationSale

While I'm trying to ingrain a singular model that can be used to purchase or upgrade organizations, I disliked my previously implemented OrganizationSubscriptionPurchase for being a little too wordy and specific. This sale class aligns more closely with the work we need to complete against Stripe and also uses a private constructor so that it can only be created and utilized via an Organiztion and either OrganizationSignup or OrganizationUpgrade object.

* Use OrganizationSale in OrganizationBillingService

This commit renames the OrganizationBillingService.PurchaseSubscription to Finalize and passes it the OrganizationSale object. It also updates the method so that, if the organization already has a customer, it retrieves that customer instead of automatically trying to create one which we'll need for upgraded free organizations.

* Add functionality for free organization upgrade

This commit adds an UpdatePaymentMethod to the OrganizationBillingService that will check if a customer exists for the organization and if not, creates one with the updated payment source and tax information. Then, in the UpgradeOrganizationPlanCommand, we can use the OrganizationUpgrade to get an OrganizationSale and finalize it, which will create a subscription using the customer created as part of the payment method update that takes place right before it on the client-side. Additionally, it adds some tax ID backfill logic to SubscriberService.UpdateTaxInformation

* (No Logic) Re-order OrganizationBillingService methods alphabetically

* (No Logic) Run dotnet format
2024-09-11 09:04:15 -04:00
Rui Tomé
f2180aa7b7
[PM-10311] Account Management: Create helper methods for checking against verified domains (#4636)
* Add HasVerifiedDomainsAsync method to IOrganizationDomainService

* Add GetManagedUserIdsByOrganizationIdAsync method to IOrganizationUserRepository and the corresponding queries

* Fix case on the sproc OrganizationUser_ReadManagedIdsByOrganizationId parameter

* Update the EF query to use the Email from the User table

* dotnet format

* Fix IOrganizationDomainService.HasVerifiedDomainsAsync by checking that domains have been Verified and add unit tests

* Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync

* Fix domain queries

* Add OrganizationUserRepository integration tests

* Add summary to IOrganizationDomainService.HasVerifiedDomainsAsync

* chore: Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync to GetManyIdsManagedByOrganizationIdAsync

* Add IsManagedByAnyOrganizationAsync method to IUserRepository

* Add integration tests for UserRepository.IsManagedByAnyOrganizationAsync

* Refactor to IUserService.IsManagedByAnyOrganizationAsync and IOrganizationService.GetUsersOrganizationManagementStatusAsync

* chore: Refactor IsManagedByAnyOrganizationAsync method in UserService

* Refactor IOrganizationService.GetUsersOrganizationManagementStatusAsync to return IDictionary<Guid, bool>

* Extract IOrganizationService.GetUsersOrganizationManagementStatusAsync into a query

* Update comments in OrganizationDomainService to use proper capitalization

* Move OrganizationDomainService to AdminConsole ownership and update namespace

* feat: Add support for organization domains in enterprise plans

* feat: Add HasOrganizationDomains property to OrganizationAbility class

* refactor: Update GetOrganizationUsersManagementStatusQuery to use IApplicationCacheService

* Remove HasOrganizationDomains and use UseSso to check if Organization can have Verified Domains

* Refactor UserService.IsManagedByAnyOrganizationAsync to simply check the UseSso flag

* Add TODO comment for replacing 'UseSso' organization ability on user verified domain checks

* Bump date on migration script

* Add indexes to OrganizationDomain table

* Bump script migration date; Remove WITH ONLINE = ON from data migration.
2024-09-11 11:29:57 +01:00
Matt Bishop
4f874ff375
Provide client device type and version info in feature flag contexts (#4755) 2024-09-10 12:49:46 -04:00
Rui Tomé
add8783e31
[PM-11667] Remove all code related to the outdated custom permissions 'Edit/Delete Assigned Collections' (#4736) 2024-09-10 15:06:13 +01:00
Conner Turnbull
46ac2a9b3b
[AC-2568] Added invoices and transaction history endpoints. Added cursor paging for each (#4692)
* Added invoices and transaction history endpoints. Added cursor paging for each

* Removed try/catch since it's handled by middleware. Updated condition to use pattern matching

* Added unit tests for PaymentHistoryService

* Removed organizationId from account billing controller endpoints
2024-09-09 09:38:58 -04:00
Alex Morask
dd6bc89b19
Upgrade Stripe.net to 45.7.0 (#4744) 2024-09-06 13:30:39 -04:00
Ike
fc587847c3
[PM-6664] base request validator - Two Factor flows integration tests (#4643)
* initial commit added two factor tests

* initial commit

* updated two factor tests

* fixed formatting
2024-09-06 08:05:25 -07:00
Justin Baur
329eef82cd
Create DataTableBuilder (#4608)
* Add DataTableBuilder Using Expressions

* Format

* Unwrap Underlying Enum Type

* Formatting
2024-09-05 20:44:45 -04:00
Ike
fa5d6712c5
[PM-6664] Base Request Validator Unit Tests and Resource Owner integration Tests (#4582)
* intial commit

* Some UnitTests for the VerifyAsync flows

* WIP org two factor

* removed useless tests

* added ResourceOwnerValidation integration tests

* fixing formatting

* addressing comments

* removed comment
2024-09-05 11:17:15 -07:00
Tom
af3797c540
[AC-2614] Member Access Report Endpoint (#4599)
* Initial draft of moving the org user controller details method into a query

* Removing comments and addressing pr items

* Adding the org users query to core

* Adding the member access report

* Addressing some pr concerns and refactoring to be more efficient

* Some minor changes to the way properties are spelled

* Setting authorization to organization

* Adding the permissions check for reports and comments

* removing unnecessary usings

* Removing ciphers controller change that was a mistake

* There was a duplication issue in getting collections for users grabbing groups

* Adding comments to the CreateReport method

* Only get the user collections by userId

* Some finaly refactoring

* Adding the no group, no collection, and no perms local strings

* Modifying and adding query test cases

* Removing unnecessary permissions code in query

* Added mapping for id and UsesKeyConnector to MemberAccessReportModel (#4681)

* Moving test cases from controller fully into the query.

---------

Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
Co-authored-by: aj-rosado <109146700+aj-rosado@users.noreply.github.com>
2024-09-04 14:33:33 -04:00
Rui Tomé
471851978b
[PM-10325] Rename OrganizationUser Delete and BulkDelete endpoints to Remove and BulkRemove (#4711)
* Rename IDeleteOrganizationUserCommand to IRemoveOrganizationUserCommand

* Rename IOrganizationService DeleteUser methods to RemoveUser

* Rename API endpoints for deleting organization users to "Remove"

* chore: Rename Delete method to Remove in MembersController
2024-09-04 11:18:23 +01:00
Rui Tomé
f5caecc6d6
[AC-1722] Deprecate "Edit/Delete Assigned Collections" custom permissions (#4604)
* Add SQL script to migrate custom users with specific permissions to User type

Remove 'editAssignedCollections' and 'deleteAssignedCollections' properties from Permissions in OrganizationUser table. Migrate custom users who only have these permissions to the User type.

* Add MySQL migration to migrate custom users with specific permissions to User type

* Add Postgres migration to migrate custom users with specific permissions to User type

* Add Sqlite migration to migrate custom users with specific permissions to User type

* Update AutoFixture usage in tests to resolve creating ILogger mock instances

* Update EF integration tests database contexts to use each respective Migrations assembly. Configure Sqlite instance

* Add RunMigration method to BaseEntityFrameworkRepository

* Add FinalFlexibleCollectionsDataMigrationsTests

* Improve data migration efficiency by using OPENJSON instead of multiple JSON_EXTRACT

* Add batching to the sql data migrations

* Update DbMigrator to run a specific script based on its name

* Update DatabaseDataAttribute to be able to test a specific migration

* Add reference to the migration projects to Infrastructure.IntegrationTest

* Add integration test to test the migration FinalFlexibleCollectionsDataMigrations

* Remove EFIntegration tests and remove RunMigration method from BaseEntityFrameworkRepository

* Add IMigrationTesterService and implementations for SQL and EF migrations

* Add FinalFlexibleCollectionsDataMigrationsTests and remove test from OrganizationUserRepositoryTests

* Update sql data migration script based on performance feedback

* Bump date on EF migration scripts

* Add xmldoc comments to IMigrationTesterService and each implementation

* Bump up the date on the EF migration scripts

* Bump up dates on EF migrations

* Added tests to assert no unwanted changes are made to the permissions json. Refactor tests.

* Revert changes made to DbMigrator and refactor SqlMigrationTesterService to not use it.

* Add method description

* Fix test to assert no changes are made to custom user

* Remove unnecessary COALESCE and SELECT CASE

* Unident lines on SQL script

* Update DatabaseDataAttribute MigrationName property to be nullable

* Fix null reference checks

* Remove unnecessary COALESCE from Postgres script

* Bump dates on migration scripts

* Bump up dates on EF migrations

* Add migration tests for handling null

* Add test for non json values

* Fix test

* Remove migrations

* Recreate EF migrations

* Update Postgres data migration script to check for valid JSON in Permissions column

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2024-09-02 11:04:55 +01:00
Alex Morask
3c86ec6a35
[AC-2959] ACH Direct Debit POC (#4703)
* Refactor: Rename some methods and models for consistency

This commit contains no logic changes at all. It's entirely comprised of renames of existing models and methods to bring our codebase more in line with our app's functionality and terminology.

* Add feature flag: AC-2476-deprecate-stripe-sources-api

* Standardize error responses from applicable billing controllers

During my work on CB, I found that just using the built-in TypedResults errors results in the client choking on the response because it's looking for the ErrroResponseModel. The new BaseBillingController provides Error utilities to return TypedResults wrapping that model so the client can process it.

* Add feature flagged payment method endoints to OrganizationBillingController

* Run dotnet format
2024-08-28 10:48:14 -04:00
Addison Beck
acb71d87d9
Log events from the import organization flow (#4632)
* Log events from the import organization flow

* Use an interface for the `OrganizationUser` object used to log events

* Log import events as being from the public api if they are

* Add logging for created groups

* Log proper group ids

* Fix tests

* Also log update events for groups

* Remove private API `import` endpoint

* Make `eventSystemUser` non-nullable for `ImportAsync`

* Fix tests

* Delete `ImportOrganizationUsersRequestModel`

* Fix tests
2024-08-28 08:19:48 +10:00
Thomas Rittson
933b3e9696
Fix flaky OrganizationService tests (#4686)
Subscription update tests were not fixing the current maxAutoscaleSeats
value. Autodata could sometimes make it the same as the new value,
so the update code wouldn't be triggered and the test would fail
2024-08-27 08:48:14 +10:00
Thomas Rittson
22bd755b3c
[AC-10362] Remove OrganizationUser.AccessAll from code (#4622)
* Remove OrganizationUser.AccessAll from code

* Add shadow property

* Remove remaining reference

* dotnet format

* Fix tests

* Bump migration dates
2024-08-26 12:03:44 +01:00
Matt Gibson
aa66b5ad11
Remove hints from responses (#4635) 2024-08-23 13:51:21 -04:00
Conner Turnbull
8ab19c7b00
F4E validation (#4690)
* F4E validation

* Fix broken tests
2024-08-22 15:10:03 +00:00
Thomas Rittson
9a7165b489
[AC-2972] AC Team ownership: Events (2/2) (#4675) 2024-08-21 09:03:26 +10:00
Justin Baur
aa34bbb0e6
Fix Most Test Warnings (#4612)
* Add Collections Tests

* Update CollectionRepository Implementation

* Test Adding And Deleting Through Replace

* Format

* Fix Most Test Warnings

* Format
2024-08-15 17:14:22 -04:00
Justin Baur
3d7fe4f8af
Update ReplaceAsync Implementation in EF CollectionRepository (#4611)
* Add Collections Tests

* Update CollectionRepository Implementation

* Test Adding And Deleting Through Replace

* Format
2024-08-14 13:50:29 -04:00
Vincent Salucci
253ad9c74f
chore: remove fc v1 feature flag, remove obsolete feature service calls from tests, refs PM-10295 (#4618) 2024-08-13 11:20:05 -05:00
Thomas Rittson
f04c3b8e54
[PM-10361] Remove Group.AccessAll from code (#4614)
* Remove Group.AccessAll from code

* Add shadow property config and migration
2024-08-13 08:54:03 +10:00
Justin Baur
56d6c91b25
Enable Nullable In Auth Repositories (#4600) 2024-08-09 09:31:06 -04:00
Vincent Salucci
746a35a14a
[PM-10291] Remove Flexible Collections v1 flag from API (#4578)
* chore: remove fc v1 from groups controller, refs PM-10291

* chore: remove fc v1 from organization users controller, refs PM-10291

* chore: remove fc v1 from organizations controller and clean up unsused imports, refs PM-10291

* chore: remove fc v1 from BulkCollectionAuthorizationHandler, refs PM-10291

* chore: remove fc v1 from CiphersCollections, refs PM-10291

* fix: unit tests related to fc v1 flag removal, refs PM-10291

* chore: update AllowAdminAccessToAllCollectionItems to take optional params, increase usage, refs PM-10291

* fix: format files, refs PM-10291

* chore: revert change to helper method, ignore double cache call, refs PM-10291
2024-08-08 12:26:07 -05:00
Rui Tomé
8d69bb0aaa
[AC-1698] Check if a user has 2FA enabled more efficiently (#4524)
* feat: Add stored procedure for reading organization user details with premium access by organization ID

The code changes include:
- Addition of a new stored procedure [dbo].[OrganizationUserUserDetailsWithPremiumAccess_ReadByOrganizationId] to read organization user details with premium access by organization ID
- Modification of the IUserService interface to include an optional parameter for checking two-factor authentication with premium access
- Modification of the UserService class to handle the new optional parameter in the TwoFactorIsEnabledAsync method
- Addition of a new method GetManyDetailsWithPremiumAccessByOrganizationAsync in the IOrganizationUserRepository interface to retrieve organization user details with premium access by organization ID
- Addition of a new view [dbo].[OrganizationUserUserDetailsWithPremiumAccessView] to retrieve organization user details with premium access

* Add IUserRepository.SearchDetailsAsync that includes the field HasPremiumAccess

* Check the feature flag on Admin.UsersController to see if the optimization runs

* Modify PolicyService to run query optimization if the feature flag is enabled

* Refactor the parameter check on UserService.TwoFactorIsEnabledAsync

* Run query optimization on public MembersController if feature flag is enabled

* Restore refactor

* Reverted change used for development

* Add unit tests for OrganizationService.RestoreUser

* Separate new CheckPoliciesBeforeRestoreAsync optimization into new method

* Add more unit tests

* Apply refactor to bulk restore

* Add GetManyDetailsAsync method to IUserRepository. Add ConfirmUsersAsync_vNext method to IOrganizationService

* Add unit tests for ConfirmUser_vNext

* Refactor the optimization to use the new TwoFactorIsEnabledAsync method instead of changing the existing one

* Removed unused sql scripts and added migration script

* Remove unnecessary view

* chore: Remove unused SearchDetailsAsync method from IUserRepository and UserRepository

* refactor: Use UserDetails constructor in UserRepository

* Add summary to IUserRepository.GetManyDetailsAsync

* Add summary descriptions to IUserService.TwoFactorIsEnabledAsync

* Remove obsolete annotation from IUserRepository.UpdateUserKeyAndEncryptedDataAsync

* refactor: Rename UserDetails to UserWithCalculatedPremium across the codebase

* Extract IUserService.TwoFactorIsEnabledAsync into a new TwoFactorIsEnabledQuery class

* Add unit tests for TwoFactorIsEnabledQuery

* Update TwoFactorIsEnabledQueryTests to include additional provider types

* Refactor TwoFactorIsEnabledQuery

* Refactor TwoFactorIsEnabledQuery and update tests

* refactor: Update TwoFactorIsEnabledQueryTests to include test for null TwoFactorProviders

* refactor: Improve TwoFactorIsEnabledQuery and update tests

* refactor: Improve TwoFactorIsEnabledQuery and update tests

* Remove empty <returns> from summary

* Update User_ReadByIdsWithCalculatedPremium stored procedure to accept JSON array of IDs
2024-08-08 15:43:45 +01:00
Maciej Zieniuk
77f8cc58e8
SM-1146: Secrets Manager total counts (#4200)
* SM-1146: SM Organization Counts for Projects, Secrets, Machine Accounts

* SM-1146: Project total counts

* SM-1146: models object renames

* SM-1146: Service Account total counts

* SM-1146: Unit test coverage for counts controller

* SM-1146: Counts controller simplification, UT update

* SM-1146: Service Account total counts from Service Account auth user

* SM-1146: Integration Tests for total counts controller

* SM-1146: Explicitly denying access for Service Accounts

* SM-1146: Fix broken ProjectsController integration test

* SM-1146: Integration tests for counts controller

* SM-1146: Explicitly denying access for Service Accounts cleanup

* SM-1146: Test cleanup

* SM-1146: PR review comments fix

* SM-1146: People, Service Accounts positive count on write access

* Update bitwarden_license/src/Commercial.Infrastructure.EntityFramework/SecretsManager/Repositories/ProjectRepository.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2024-08-08 15:12:52 +02:00
Vincent Salucci
f49fb3a891
[PM-10292] Remove Flexible Collections v1 from Core (#4579)
* chore: remove fc v1 from OrganizationService, refs PM-10292

* chore: remove fc v1 from CollectionService, refs PM-10292

* chore: remove fc v1 from OrganizationCiphersQuery, refs PM-10292

* fix: update CollectionServiceTests, refs PM-10292
2024-08-06 11:14:16 -05:00
Bernd Schoolmann
7d48102865
[PM-7742] Set hasManageResetPasswordPermission for owner and admin invitees (#4528)
* Set hasManageResetPasswordPermission for owner and admin invitees

* Make userdecryptionoptionsbuilder ignore orgusertype if orguser is null
2024-08-06 11:22:10 +02:00