1
0
mirror of https://github.com/bitwarden/server.git synced 2024-12-27 17:47:37 +01:00
Commit Graph

643 Commits

Author SHA1 Message Date
Vincent Salucci
19d5817f8f
[Captcha] Implement failed logins ceiling (#1870)
* [Hacker1] Failed Login Attempts Captcha

* [Captcha] Implement failed logins ceiling

* Formatting

* Updated approach after implementation talks with Kyle

* Updated email templates // Updated calling arch for failed attempts

* Formatting

* Updated 2fa email links

* Renamed baserequest methods to better match their actions

* EF migrations/scripts

* Updated with requested changes

* Defaults for MaxiumumFailedLoginAttempts
2022-03-02 15:45:00 -06:00
Kyle Spearrin
4cbe05da3c
SendGrid Mail Delivery Provider (#1892)
* add sendgrid mail delivery service

* <

* remove duplicate code

* fix test by using ISendGridClient interface
2022-03-01 19:09:51 -05:00
Micaiah Martin
156e10da0e
[BEEEP] Bitwarden Script uninstall option (#1796)
Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
2022-02-23 14:35:36 -06:00
Oscar Hinton
8d6c49f656
Add lock files for NuGet (#1855) 2022-02-10 15:40:31 +01:00
Oscar Hinton
6f2f475aa3
Change setup validation to use a dto (#1852) 2022-02-09 17:13:21 +01:00
Oscar Hinton
ac8ca46f0f
Remove the u2f lib (#1820) 2022-01-24 12:14:04 +01:00
Justin Baur
5268f2781e
Start Migration from Newtonsoft.Json to System.Text.Json (#1803)
* Start switch to System.Text.Json

* Work on switching to System.Text.Json

* Main work on STJ refactor

* Fix build errors

* Run formatting

* Delete unused file

* Use legacy for two factor providers

* Run formatter

* Add TokenProviderTests

* Run formatting

* Fix merge issues

* Switch to use JsonSerializer

* Address PR feedback

* Fix formatting

* Ran formatter

* Switch to async

* Ensure Enums are serialized as strings

* Fix formatting

* Enqueue single items as arrays

* Remove CreateAsync method on AzureQueueService
2022-01-21 09:36:25 -05:00
Oscar Hinton
d92dd7ea3b
Add support for avif (#1812) 2022-01-18 18:50:59 +01:00
Oscar Hinton
2ed588d005
Fix case inconsitency in provider migration (#1806) 2022-01-12 15:25:15 +01:00
Oscar Hinton
e4a10aae27
Split out repositories to Infrastructure.Dapper / EntityFramework (#1759) 2022-01-11 10:40:51 +01:00
Micaiah Martin
735f58dd6f
Feature/add key-connector version to self-hosted scripts (#1784)
* Added Key Connector version

* Fix updatebw() for Key Connector

Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
2021-12-29 09:07:16 -07:00
Jake Fink
11aafac915
remove re-throws of exceptions, which clear the stack trace (#1760)
* remove re-throws of exceptions, which clear the stack trace

* remove whitespace
2021-12-16 15:35:07 -05:00
Oscar Hinton
23b0a1f9df
Run dotnet format (#1764) 2021-12-16 15:35:09 +01:00
Matt Gibson
757927e02a
Null org, org user ids, and friendly name to indicate invalid, unused sponsorship state (#1738)
* Null org, org user ids, and friendly name to indicate invalid, unused sponsorship state

* Match EF queries to MSSQL sprocs
2021-12-01 14:34:56 -06:00
Matt Gibson
fa3f1ad0ce
Null out sponsorship values when foreign key deleted (#1733)
This allows us to maintain record of sponsorships up
until they are explicitly removed. Fixes issues where removing
sponsorships from organizations with invalid sponsorships would error
2021-11-24 08:26:11 -06:00
Matt Gibson
33edc8eba0
Families for Enterprise (#1714)
* Create common test infrastructure project

* Add helpers to further type PlanTypes

* Enable testing of ASP.net MVC controllers

Controller properties have all kinds of validations in the background.
In general, we don't user properties on our Controllers, so the easiest
way to allow for Autofixture-based testing of our Controllers is to just
omit setting all properties on them.

* Workaround for broken MemberAutoDataAttribute

https://github.com/AutoFixture/AutoFixture/pull/1164 shows that only
the first test case is pulled for this attribute.

This is a workaround that populates the provided parameters, left to
right, using AutoFixture to populate any remaining.

* WIP: Organization sponsorship flow

* Add Attribute to use the Bit Autodata dependency chain

BitAutoDataAttribute is used to mark a Theory as autopopulating
parameters.

Extract common attribute methods to to a helper class. Cannot
inherit a common base, since both require inheriting from different
Xunit base classes to work.

* WIP: scaffolding for families for enterprise sponsorship flow

* Fix broken tests

* Create sponsorship offer (#1688)

* Initial db work (#1687)

* Add organization sponsorship databases to all providers

* Generalize create and update for database, specialize in code

* Add PlanSponsorshipType to db model

* Write valid json for test entries

* Initial scaffolding of emails (#1686)

* Initial scaffolding of emails

* Work on adding models for FamilyForEnterprise emails

* Switch verbage

* Put preliminary copy in emails

* Skip test

* Families for enterprise/stripe integrations (#1699)

* Add PlanSponsorshipType to static store

* Add sponsorship type to token and creates sponsorship

* PascalCase properties

* Require sponsorship for remove

* Create subscription sponsorship helper class

* Handle Sponsored subscription changes

* Add sponsorship id to subscription metadata

* Make sponsoring references nullable

This state indicates that a sponsorship has lapsed, but was not able to
be reverted for billing reasons

* WIP: Validate and remove subscriptions

* Update sponsorships on organization and org user delete

* Add friendly name to organization sponsorship

* Add sponsorship available boolean to orgDetails

* Add sponsorship service to DI

* Use userId to find org users

* Send f4e offer email

* Simplify names of f4e mail messages

* Fix Stripe org default tax rates

* Universal sponsorship redeem api

* Populate user in current context

* Add product type to organization details

* Use upgrade path to change sponsorship

Sponsorships need to be annual to match the GB add-on charge rate

* Use organization and auth to find organization sponsorship

* Add resend sponsorship offer api endpoint

* Fix double email send

* Fix sponsorship upgrade options

* Add is sponsored item to subscription response

* Add sponsorship validation to upcoming invoice webhook

* Add sponsorship validation to upcoming invoice webhook

* Fix organization delete sponsorship hooks

* Test org sponsorship service

* Fix sproc

* Create common test infrastructure project

* Add helpers to further type PlanTypes

* Enable testing of ASP.net MVC controllers

Controller properties have all kinds of validations in the background.
In general, we don't user properties on our Controllers, so the easiest
way to allow for Autofixture-based testing of our Controllers is to just
omit setting all properties on them.

* Workaround for broken MemberAutoDataAttribute

https://github.com/AutoFixture/AutoFixture/pull/1164 shows that only
the first test case is pulled for this attribute.

This is a workaround that populates the provided parameters, left to
right, using AutoFixture to populate any remaining.

* WIP: Organization sponsorship flow

* Add Attribute to use the Bit Autodata dependency chain

BitAutoDataAttribute is used to mark a Theory as autopopulating
parameters.

Extract common attribute methods to to a helper class. Cannot
inherit a common base, since both require inheriting from different
Xunit base classes to work.

* WIP: scaffolding for families for enterprise sponsorship flow

* Fix broken tests

* Create sponsorship offer (#1688)

* Initial db work (#1687)

* Add organization sponsorship databases to all providers

* Generalize create and update for database, specialize in code

* Add PlanSponsorshipType to db model

* Write valid json for test entries

* Initial scaffolding of emails (#1686)

* Initial scaffolding of emails

* Work on adding models for FamilyForEnterprise emails

* Switch verbage

* Put preliminary copy in emails

* Skip test

* Families for enterprise/stripe integrations (#1699)

* Add PlanSponsorshipType to static store

* Add sponsorship type to token and creates sponsorship

* PascalCase properties

* Require sponsorship for remove

* Create subscription sponsorship helper class

* Handle Sponsored subscription changes

* Add sponsorship id to subscription metadata

* Make sponsoring references nullable

This state indicates that a sponsorship has lapsed, but was not able to
be reverted for billing reasons

* WIP: Validate and remove subscriptions

* Update sponsorships on organization and org user delete

* Add friendly name to organization sponsorship

* Add sponsorship available boolean to orgDetails

* Add sponsorship service to DI

* Use userId to find org users

* Send f4e offer email

* Simplify names of f4e mail messages

* Fix Stripe org default tax rates

* Universal sponsorship redeem api

* Populate user in current context

* Add product type to organization details

* Use upgrade path to change sponsorship

Sponsorships need to be annual to match the GB add-on charge rate

* Use organization and auth to find organization sponsorship

* Add resend sponsorship offer api endpoint

* Fix double email send

* Fix sponsorship upgrade options

* Add is sponsored item to subscription response

* Add sponsorship validation to upcoming invoice webhook

* Add sponsorship validation to upcoming invoice webhook

* Fix organization delete sponsorship hooks

* Test org sponsorship service

* Fix sproc

* Fix build error

* Update emails

* Fix tests

* Skip local test

* Add newline

* Fix stripe subscription update

* Finish emails

* Skip test

* Fix unit tests

* Remove unused variable

* Fix unit tests

* Switch to handlebars ifs

* Remove ending email

* Remove reconfirmation template

* Switch naming convention

* Switch naming convention

* Fix migration

* Update copy and links

* Switch to using Guid in the method

* Remove unneeded css styles

* Add sql files to Sql.sqlproj

* Removed old comments

* Made name more verbose

* Fix SQL error

* Move unit tests to service

* Fix sp

* Revert "Move unit tests to service"

This reverts commit 1185bf3ec8.

* Do repository validation in service layer

* Fix tests

* Fix merge conflicts and remove TODO

* Remove unneeded models

* Fix spacing and formatting

* Switch Org -> Organization

* Remove single use variables

* Switch method name

* Fix Controller

* Switch to obfuscating email

* Fix unit tests

Co-authored-by: Justin Baur <admin@justinbaur.com>
2021-11-19 17:25:06 -05:00
Oscar Hinton
f866b25e43
Key Connector feature toggle (#1716) 2021-11-17 11:46:35 +01:00
Joseph Flinn
3a22f91ff5
Enable key connector selfhost (#1707)
* initial commit

* Add code for Key Connector feature

* Add help URL to config

* Fix folders for key-connector service

* Fix paths for key-connector

* fixing the env file builder when disabling the key connector

* swapping a variable name

Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
2021-11-16 09:52:02 -08:00
Addison Beck
6b629feb03
[bug] Drop unused db column UsesCryptoAgent (#1704) 2021-11-09 12:33:18 -05:00
Oscar Hinton
fd37cb5a12
Add support for Key Connector OTP and account migration (#1663)
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2021-11-09 16:37:32 +01:00
Thomas Rittson
f6bc35b2d0
Fix typos in EF migrations (#1693)
* Fix typos in postgres migrations

* Fix extension of migration script
2021-11-09 07:40:01 +10:00
Thomas Rittson
e57bef6af4
Fix policy enforcement against invited users (#1680) 2021-11-03 07:08:13 +10:00
Joseph Flinn
630376400f
Dependency updates (#1681)
* fix: util/Nginx/Dockerfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277346
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277349
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277350
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1569403
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1569406

* fix: util/Nginx/Dockerfile-k8s to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277346
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277349
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277350
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1569403
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1569406

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
2021-11-02 09:49:00 -07:00
Oscar Hinton
c5d5601464
Add support for crypto agent (#1623) 2021-10-25 15:09:14 +02:00
Matt Gibson
e744ffe499
Default autoscaling to off (#1659)
* Default autoscaling to off

* Update util/Migrator/DbScripts/2021-10-21_00_DefaultAutoscaleLimitToCurrentSeats.sql

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Update util/Migrator/DbScripts/2021-10-21_00_DefaultAutoscaleLimitToCurrentSeats.sql

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Update util/MySqlMigrations/Scripts/2021-10-21_00_SetMaxAutoscaleSeatCount.sql

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-10-22 08:11:14 -05:00
Vince Grassia
15eeb9d650
Update SQL files to be backwards compatible when adding columns (#1635)
* Update SQL files to be backwards compatible when adding columns

* Remove 'UseResetPasswordCustomOrg' SQL script
2021-10-15 12:28:21 -04:00
Matt Gibson
7802c2b969
⚠️ Do not specify database in migration files (#1628)
* Do not specify database in migration files

* Rename migrations to force them to re-run

* Use new migration files

* Rename EF migrations
2021-10-11 10:20:21 -05:00
Joseph Flinn
ee7b608a46
revamping the build scripts (#1620) 2021-10-08 09:53:56 -07:00
Oscar Hinton
79447b6671
Remove Business Portal (#1614) 2021-10-06 10:39:13 +02:00
Matt Gibson
bd297fb7a2
SqlServer split manage collection permission (#1594)
* SqlServer split manage collection permission

* Clarify names

* Test claims generation

* Test permission serialization

* Simplify claims building

* Use new collections permissions

* Throw on use of deprecated permissions

* Lower case all claims

* Remove todos

* Clean nonexistent project from test solution

* JsonIgnore for both system and newtonsoft json

* Make migrations more robust to multiple runs

* remove duplicate usings

* Remove obsolete permissions

* Test solutions separately to detect failures

* Handle dos line endings

* Fix collections create/update permissions

* Change restore cipher to edit permissions

* Improve formatting

* Simplify map

* Refactor test
2021-10-05 11:12:05 -05:00
Thomas Rittson
66629b2f1c
Refactor policy checks (#1536)
* Move policy checking logic inside PolicyService

* Refactor to use currentContext.ManagePolicies

* Make orgUser status check more semantic

* Fix single org user checks

* Use CoreHelper implementation to deserialize json

* Refactor policy checks to use db query

* Use new db query for enforcing 2FA Policy

* Add Policy_ReadByTypeApplicableToUser

* Stub out EF implementations

* Refactor: use PolicyRepository only

* Refactor tests

* Copy SQL queries to proj and update sqlproj file

* Refactor importCiphersAsync to use new method

* Add EF implementations and tests

* Refactor SQL to remove unnecessary operations
2021-09-28 06:54:28 +10:00
Matt Gibson
d39f45c81c
Organization autoscaling (#1585)
* Add autoscale fields to Organization

* Add autoscale setting changes

* Autoscale organizations

updates InviteUsersAsync to support all invite sources.

sends an email to org owners when organization autoscaled

* All organizations autoscale

Disabling autoscaling can be done by setting max seats to current seats.

We only warn about autoscaling on the first autoscaling event.

* Fix tests

* Bug fixes

* Simplify subscription update logic

* Void invoices that fail to delete

Stripe no longer allows deletion of draft invoices that were created as part of subscription updates. It's necessary to void out these invoices without sending tem to the client.

* Notify org owners when their subscription runs out of seats

* Use datetime for notifications

Allows for later re-sending email if we want to periodically remind
owners

* Do not update subscription if it already matches new quatity

* Include all migrations

* Remove unnecessary inline styling

* SubscriptionUpdate handles update decisions

* Remove unnecessary html setter

* PR review

* Use minimum access for class methods
2021-09-23 05:36:08 -05:00
Vince Grassia
ff8d736e8b
Fix SQL Connection String (#1584)
* Update SQL connection string storage method

* Revert Docker Compose template

* Revert Docker Compose Builder version back to 3
2021-09-16 10:54:46 -04:00
Oscar Hinton
c22e48c1b4
Resolve error when deleting an account connected to a provider (#1580) 2021-09-15 20:34:06 +02:00
Oscar Hinton
02866623f2
Add OrganizationUser_ReadByMinimumRole to Sql.sqlproj (#1555) 2021-09-07 15:42:44 +02:00
Thomas Rittson
8f27f21ce0
Remove stale SsoUser objects from database (#1560)
* Add SsoUser_ReadByUserIdOrganizationId

* Automatically reset stale/duplicate Sso links

* Fix typo

* Check for stale Sso link in existing user flow

* Delete any stale user record before provisioning new user

* Check for existing db query before creating

* PR feedback updates

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-09-03 10:54:41 -04:00
Daniel James Smith
f803e7664e
Updated nuget packages to use newest .Net 5.0.9 (#1547) 2021-09-01 11:36:37 +02:00
Matt Portune
dbf82385c9
remove assetlinks (#1553) 2021-08-30 21:40:43 -04:00
Thomas Rittson
4bc683c38d
Increase sales tax precision from 2 to 3 decimal places (#1525)
* Allow for tax rates with 3 decimal places

* Update input validation

* Increase precision of create procedure
2021-08-24 06:52:59 +10:00
Matt Portune
f241b34b22
Update AppId.hbs (#1517)
testing sha256 apk key hash against debug build
2021-08-17 10:31:16 -04:00
Matt Gibson
6d18f44029
Add captcha option to Nginx config (#1509)
* Add captcha option to Nginx config

* Fix formatting
2021-08-13 08:52:26 -05:00
Addison Beck
87fb3f533c
fixed a bad migration change (#1511) 2021-08-12 13:06:02 -04:00
Addison Beck
b726b08ea1
added a status check to the read by minimum role proc (#1498) 2021-08-10 06:59:54 -04:00
Matt Portune
744e8f1a13
Update AppId.hbs (#1495) 2021-08-04 15:49:55 -04:00
Thomas Rittson
b1ed6d2c21
Fix upload limits for direct uploads (again) (#1479)
* Use constants to represent file size limits

* Allow uploads of up to 500mb for self-hosted

* Set nginx max body size to 505mb

* Add reminder about updating nginx/proxy.conf
2021-08-04 09:00:30 +10:00
Vince Grassia
a31c231749
Fix UserKdf and UserApiKey migrations to only update null values (#1494) 2021-08-03 15:54:47 -04:00
Thomas Rittson
8d2b36d187
Fix conflicting group permissions (#1473)
* Return collection with highest permission levels

* Revert "Return collection with highest permission levels"

This reverts commit 06e0f3b73e.

* Combine duplicate collectionDetails

* Update EF to combine duplicate CollectionDetails

* Delete unneeded using statements
2021-08-02 11:49:27 +10:00
Mart
fdaf6b14d4
enh(mysql) Enforce ENGINE=InnoDB (#1470)
* enh(mysql) Enforce ENGINE=InnoDB

* enh(mysql) Enforce ENGINE=InnoDB
2021-07-29 17:12:57 -04:00
Vincent Salucci
545d5f942b
[Reset Password v1] Fixed ForcePasswordReset migration script (#1484) 2021-07-23 08:48:34 -05:00
Oscar Hinton
792fb377dd
[Provider] Prevent including pending organizations in SyncResponse (#1482) 2021-07-22 22:18:34 +02:00