1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-28 13:15:12 +01:00
Commit Graph

227 Commits

Author SHA1 Message Date
Thomas Rittson
d230b10f82
Fix flaky UpdateSecretsManagerSubscriptionCommandTests (#3355)
Fix flaky UpdateSubscriptionAsync_ThrowsBadRequestException_WhenOccupiedSeatsExceedNewSeatTotal
test by expressly setting SmSeat value instead of relying on autodata.
This ensures that the new smSeat value is actually different.
2023-10-18 10:00:55 -05:00
Rui Tomé
21219262a2
[PM-3779] idor allow the attacker to delete the victim domain (#3308)
* [PM-3779] Added IOrganizationDomainRepository.GetDomainByIdAndOrganizationIdAsync and SQL stored procedure

* [PM-3779] Changed GetOrganizationDomainByIdQuery to also take OrgId as a parameter. Updated existing unit tests and added new. Updated controller to match command changes

* [PM-3779] Removed type from url routes

* [PM-3779] Renamed IGetOrganizationDomainByIdAndOrganizationIdQuery to IGetOrganizationDomainByIdOrganizationIdQuery

* [PM-3779] Renamed GetOrganizationDomainByIdOrganizationIdQueryTests file and added more tests
2023-10-18 11:57:59 +01:00
cyprain-okeke
8177821e8b
[AC 1451] Refactor staticstore plans and consuming logic (#3164)
* refactor the plan and create new objects

* initial commit

* Add new plan types

* continue the refactoring by adding new plantypes

* changes for plans

* Refactoring continues

* making changes for plan

* Fixing the failing test

* Fixing  whitespace

* Fix some in correct values

* Resolve the plan data

* rearranging the plan

* Make the plan more immutable

* Resolve the lint errors

* Fix the failing test

* Add custom plan

* Fix the failing test

* Fix the failing test

* resolve the failing addons after refactoring

* Refactoring

* Merge branch 'master' into ac-1451/refactor-staticstore-plans-and-consuming-logic

* merge from master

* Merge branch 'master' into ac-1451/refactor-staticstore-plans-and-consuming-logic

* format whitespace

* resolve the conflict

* Fix some pr comments

* Fixing some of the pr comments

* fixing some of the pr comments

* Resolve some pr comments

* Resolve pr comments

* Resolves some pr comments

* Resolving some or comments

* Resolve a failing test

* fix the failing test

* Resolving some pr comments

* Fix the failing test

* resolve pr comment

* add a using statement fir a failing test

---------

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2023-10-17 15:56:35 +01:00
Thomas Rittson
53f5eee215
[AC-1638] Disallow Secrets Manager for MSP-managed organizations (#3297)
* Block MSPs from creating orgs with SM

* Block MSPs from adding SM to a managed org

* Prevent manually adding SM to an MSP-managed org

* Revert "Prevent manually adding SM to an MSP-managed org"

This change is no longer required

This reverts commit 51b086243b.

* Block provider from adding org with SM

* Update error message when adding existing org with SM to provider

* Update check to match client

* Revert "Update check to match client"

This reverts commit f195c1c1f6.
2023-10-12 15:56:50 +01:00
Conner Turnbull
90d600db9d
[PM-2961] Upgrade Braintree (#3206)
* Upgraded Braintree to 5.19.0

* Force evaluate of nuget packages

---------

Co-authored-by: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
2023-09-20 14:11:29 -04:00
Oscar Hinton
8b30b3c7fd
Refresh lockfiles (#3274) 2023-09-15 15:49:34 -04:00
Jared Snider
227178980a
PM-3925 - Tech Debt - Add missed tests for SSO Email 2FA Tokenable (#3270)
* PM-3925 - (1) Slightly refactor SsoEmail2faSessionTokenable to provide public static GetTokenLifeTime() method for testing  (2) Add missed tests to SsoEmail2faSessionTokenable

* PM-3925 - Take into account PR feedback
2023-09-15 14:54:52 -04:00
Jake Fink
f909563211
[PM-3487] prevent account enumeration on auth request endpoint (#3239) 2023-09-11 10:23:32 -04:00
Rui Tomé
721c18e94a
[AC-244] Consider a user's email as verified when they accept an organization invitation via the email link (#3199)
* [AC-244] Saving User.EmailVerified = true when accepting organization invite

* [AC-244] Added unit tests

* [AC-244] Added the parameter 'verifyEmail' to OrganizationService.AcceptUserAsync

* [AC-244] Refactored unit tests

* [AC-244] Fixed failing unit tests

* [AC-244] Marking email as verified only in the endpoint for accepting an invite with a token

* Update src/Core/Services/IOrganizationService.cs

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [AC-244] Marking email as verified only if it was not

* [AC-244] Updated unit test to have the user's email unverified at the start

* [AC-244] dotnet format

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com>
2023-09-07 14:36:54 +01:00
Thomas Rittson
4d0630081a
Fix flaky OrganizationService tests (#3246)
Set up test data more explicitly instead of relying on AutoData
2023-09-05 06:32:47 +10:00
Matt Bishop
d0cf8204c7
[PM-3708] Allow local overrides for flag values (#3243)
* Allow local overrides for flag values

* Rename helper method
2023-09-01 07:06:21 -04:00
Rui Tomé
c271e2dae2
[PM-3177] Extract IOrganizationService.UpdateUserGroupsAsync to a command (#3131)
* [AC-1423] Add AddonProduct and BitwardenProduct properties to BillingSubscriptionItem (#3037)

* [AC-1423] Add AddonProduct and BitwardenProduct properties to BillingSubscriptionItem

- Add a helper method to determine the appropriate addon type based on the subscription items StripeId

* [AC-1423] Add helper to StaticStore.cs to find a Plan by StripePlanId

* [AC-1423] Use the helper method to set SubscriptionInfo.BitwardenProduct

* Add SecretsManagerBilling feature flag to Constants

* [AC 1409] Secrets Manager Subscription Stripe Integration  (#3019)

* Adding the Secret manager to the Plan List

* Adding the unit test for the StaticStoreTests class

* Fix whitespace formatting

* Fix whitespace formatting

* Price update

* Resolving the PR comments

* Resolving PR comments

* Fixing the whitespace

* only password manager plans are return for now

* format whitespace

* Resolve the test issue

* Fixing the failing test

* Refactoring the Plan separation

* add a unit test for SingleOrDefault

* Fix the whitespace format

* Separate the PM and SM plans

* Fixing the whitespace

* Remove unnecessary directive

* Fix imports ordering

* Fix imports ordering

* Resolve imports ordering

* Fixing imports ordering

* Fix response model, add MaxProjects

* Fix filename

* Fix format

* Fix: seat price should match annual/monthly

* Fix service account annual pricing

* Changes for secret manager signup and upgradeplan

* Changes for secrets manager signup and upgrade

* refactoring the code

* Format whitespace

* remove unnecessary using directive

* Resolve the PR comment on Subscription creation

* Resolve PR comment

* Add password manager to the error message

* Add UseSecretsManager to the event log

* Resolve PR comment on plan validation

* Resolving pr comments for service account count

* Resolving pr comments for service account count

* Resolve the pr comments

* Remove the store procedure that is no-longer needed

* Rename a property properly

* Resolving the PR comment

* Resolve PR comments

* Resolving PR comments

* Resolving the Pr comments

* Resolving some PR comments

* Resolving the PR comments

* Resolving the build identity build

* Add additional Validation

* Resolve the Lint issues

* remove unnecessary using directive

* Remove the white spaces

* Adding unit test for the stripe payment

* Remove the incomplete test

* Fixing the failing test

* Fix the failing test

* Fix the fail test on organization service

* Fix the failing unit test

* Fix the whitespace format

* Fix the failing test

* Fix the whitespace format

* resolve pr comments

* Fix the lint message

* Resolve the PR comments

* resolve pr comments

* Resolve pr comments

* Resolve the pr comments

* remove unused code

* Added for sm validation test

* Fix the whitespace format issues

---------

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* SM-802: Add SecretsManagerBetaColumn SQL migration and Org table update

* SM-802: Run EF Migrations for SecretsManagerBeta

* SM-802: Update the two Org procs and View, and move data migration to a separate file

* SM-802: Add missing comma to Organization_Create

* [AC-1418] Add missing SecretsManagerPlan property to OrganizationResponseModel (#3055)

* SM-802: Remove extra GO statement from data migration script

* [AC 1460] Update Stripe Configuration (#3070)

* change the stripeseat id

* change service accountId to align with new product

* make all the Id name for consistent

* SM-802: Add SecretsManagerBeta to OrganizationResponseModel

* SM-802: Move SecretsManagerBeta from OrganizationResponseModel to OrganizationSubscriptionResponseModel. Use sp_refreshview instead of sp_refreshsqlmodule in the migration script.

* SM-802: Remove OrganizationUserOrganizationDetailsView.sql changes

* [AC 1410] Secrets Manager subscription adjustment back-end changes (#3036)

* Create UpgradeSecretsManagerSubscription command

---------

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>

* SM-802: Remove SecretsManagerBetaColumn migration

* SM-802: Add SecretsManagerBetaColumn migration

* SM-802: Remove OrganizationUserOrganizationDetailsView update

* [AC-1495] Extract UpgradePlanAsync into a command (#3081)

* This is a pure lift & shift with no refactors

* Only register subscription commands in Api

---------

Co-authored-by: cyprain-okeke <cokeke@bitwarden.com>

* [AC-1503] Fix Stripe integration on organization upgrade (#3084)

* Fix SM parameters not being passed to Stripe

* Fix flaky test

* Fix error message

* [AC-1504] Allow SM max autoscale limits to be disabled (#3085)

* [AC-1488] Changed SM Signup and Upgrade paths to set SmServiceAccounts to include the plan BaseServiceAccount (#3086)

* [AC-1510] Enable access to Secrets Manager to Organization owner for new Subscription (#3089)

* Revert changes to ReferenceEvent code (#3091)

* Revert changes to ReferenceEvent code

This will be done in AC-1481

* Revert ReferenceEventType change

* Move NoopServiceAccountRepository to SM and update namespace

* [AC-1462] Add secrets manager service accounts autoscaling commands (#3059)

* Adding the Secret manager to the Plan List

* Adding the unit test for the StaticStoreTests class

* Fix whitespace formatting

* Fix whitespace formatting

* Price update

* Resolving the PR comments

* Resolving PR comments

* Fixing the whitespace

* only password manager plans are return for now

* format whitespace

* Resolve the test issue

* Fixing the failing test

* Refactoring the Plan separation

* add a unit test for SingleOrDefault

* Fix the whitespace format

* Separate the PM and SM plans

* Fixing the whitespace

* Remove unnecessary directive

* Fix imports ordering

* Fix imports ordering

* Resolve imports ordering

* Fixing imports ordering

* Fix response model, add MaxProjects

* Fix filename

* Fix format

* Fix: seat price should match annual/monthly

* Fix service account annual pricing

* Changes for secret manager signup and upgradeplan

* Changes for secrets manager signup and upgrade

* refactoring the code

* Format whitespace

* remove unnecessary using directive

* Changes for subscription Update

* Update the seatAdjustment and update

* Resolve the PR comment on Subscription creation

* Resolve PR comment

* Add password manager to the error message

* Add UseSecretsManager to the event log

* Resolve PR comment on plan validation

* Resolving pr comments for service account count

* Resolving pr comments for service account count

* Resolve the pr comments

* Remove the store procedure that is no-longer needed

* Add a new class for update subscription

* Modify the Update subscription for sm

* Add the missing property

* Rename a property properly

* Resolving the PR comment

* Resolve PR comments

* Resolving PR comments

* Resolving the Pr comments

* Resolving some PR comments

* Resolving the PR comments

* Resolving the build identity build

* Add additional Validation

* Resolve the Lint issues

* remove unnecessary using directive

* Remove the white spaces

* Adding unit test for the stripe payment

* Remove the incomplete test

* Fixing the failing test

* Fix the failing test

* Fix the fail test on organization service

* Fix the failing unit test

* Fix the whitespace format

* Fix the failing test

* Fix the whitespace format

* resolve pr comments

* Fix the lint message

* refactor the code

* Fix the failing Test

* adding a new endpoint

* Remove the unwanted code

* Changes for Command and Queries

* changes for command and queries

* Fix the Lint issues

* Fix imports ordering

* Resolve the PR comments

* resolve pr comments

* Resolve pr comments

* Fix the failing test on adjustSeatscommandtests

* Fix the failing test

* Fix the whitespaces

* resolve failing test

* rename a property

* Resolve the pr comments

* refactoring the existing implementation

* Resolve the whitespaces format issue

* Resolve the pr comments

* [AC-1462] Created IAvailableServiceAccountsQuery along its implementation and with unit tests

* [AC-1462] Renamed ICountNewServiceAccountSlotsRequiredQuery

* [AC-1462] Added IAutoscaleServiceAccountsCommand and implementation

* Add more unit testing

* fix the whitespaces issues

* [AC-1462] Added unit tests for AutoscaleServiceAccountsCommand

* Add more unit test

* Remove unnecessary directive

* Resolve some pr comments

* Adding more unit test

* adding more test

* add more test

* Resolving some pr comments

* Resolving some pr comments

* Resolving some pr comments

* resolve some pr comments

* Resolving pr comments

* remove whitespaces

* remove white spaces

* Resolving pr comments

* resolving pr comments and fixing white spaces

* resolving the lint error

* Run dotnet format

* resolving the pr comments

* Add a missing properties to plan response model

* Add the email sender for sm seat and service acct

* Add the email sender for sm seat and service acct

* Fix the failing test after email sender changes

* Add staticstorewrapper to properly test the plans

* Add more test and validate the existing test

* Fix the white spaces issues

* Remove staticstorewrapper and fix the test

* fix a null issue on autoscaling

* Suggestion: do all seat calculations in update model

* Resolve some pr comments

* resolving some pr comments

* Return value is unnecessary

* Resolve the failing test

* resolve pr comments

* Resolve the pr comments

* Resolving admin api failure and adding more test

* Resolve the issue failing admin project

* Fixing the failed test

* Clarify naming and add comments

* Clarify naming conventions

* Dotnet format

* Fix the failing dependency

* remove similar test

* [AC-1462] Rewrote AutoscaleServiceAccountsCommand to use UpdateSecretsManagerSubscriptionCommand which has the same logic

* [AC-1462] Deleted IAutoscaleServiceAccountsCommand as the logic will be moved to UpdateSecretsManagerSubscriptionCommand

* [AC-1462] Created method AdjustSecretsManagerServiceAccountsAsync

* [AC-1462] Changed SecretsManagerSubscriptionUpdate to only be set by its constructor

* [AC-1462] Added check to CountNewServiceAccountSlotsRequiredQuery and revised unit tests

* [AC-1462] Revised logic for CountNewServiceAccountSlotsRequiredQuery and fixed unit tests

* [AC-1462] Changed SecretsManagerSubscriptionUpdate to receive Organization as a parameter and fixed the unit tests

* [AC-1462] Renamed IUpdateSecretsManagerSubscriptionCommand methods UpdateSubscriptionAsync and AdjustServiceAccountsAsync

* [AC-1462] Rewrote unit test UpdateSubscriptionAsync_ValidInput_Passes

* [AC-1462] Registered CountNewServiceAccountSlotsRequiredQuery for dependency injection

* [AC-1462] Added parameter names to SecretsManagerSubscriptionUpdateRequestModel

* [AC-1462] Updated SecretsManagerSubscriptionUpdate logic to handle null parameters. Revised the unit tests to test null values

---------

Co-authored-by: cyprain-okeke <cokeke@bitwarden.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* Add UsePasswordManager to sync data (#3114)

* [AC-1522] Fix service account check on upgrading (#3111)

* Create new query and add to save orgUser flow

* Add tests

* Resolved the checkmarx issues

* [AC-1521] Address checkmarx security feedback (#3124)

* Reinstate target attribute but add noopener noreferrer

* Make same updates to service account adjustment code

* Wire up to BulkEnableSecretsManager, delete separate command

* Register new query

* WIP: autoscaling in invite user flow

* Resolve dependency issues

* circular dependency between OrganizationService and
  UpdateSecretsManagerSubscriptionCommand - fixed by temporarily
  duplicating ReplaceAndUpdateCache

* Unresolvable dependencies in other services - fixed by temporarily
  registering noop services and moving around some DI code

All should be resolved in PM-1880

* fix using refs

* Update date on migration script

* Remove unused constant

* Revert "Remove unused constant"

This reverts commit 4fcb9da4d6.

This is required to make feature flags work on the client

* Fix tests

* Refactor: fix the update object and use it to adjust values

* [PM-3177] Created OrganizationUserCommand and UpdateOrganizationUserGroupsCommand

* [PM-3177] Added unit tests for UpdateOrganizationUserGroupsCommand

* [PM-3177] Replaced IOrganizationService.UpdateUserGroupsAsync with IUpdateOrganizationUserGroupsCommand

* [AC-1458] Add Endpoint And Service Logic for secrets manager to existing subscription (#3087)

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>

* Handle autoscaling-specific errors

* Revert name change to method

* Fix typo

* Exclude beta users from seat limits

* Fix inaccurate comment

* Update nullable properties to use .Value accessor

* Fix tests

* Add missing awaits

* Move early return up

* Revert based on currentOrganization

* Remove duplicate migrations from incorrectly resolved merge

* Add tests

* [PM-3177] Remove Admin project referencing Commercial.Infrastructure.EntityFramework

* [PM-3177] Removed abstract class OrganizationUserCommand. Added ValidateOrganizationUserUpdatePermissions to IOrganizationService

---------

Co-authored-by: Shane Melton <smelton@bitwarden.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Colton Hurst <colton@coltonhurst.com>
Co-authored-by: cyprain-okeke <cokeke@bitwarden.com>
Co-authored-by: Conner Turnbull <cturnbull@bitwarden.com>
2023-09-01 09:10:02 +01:00
Rui Tomé
e679d3127a
[AC-1585] Automatically verify managed members on an organization with a verified domain (#3207) 2023-08-30 07:23:45 +01:00
Thomas Rittson
8de9f4d10d
Fix flaky OrganizationService test (#3232) 2023-08-28 08:01:00 +01:00
Thomas Rittson
4d59dd4a6b
Fix typo: CurrentContent -> CurrentContext (#3231) 2023-08-28 10:20:01 +10:00
Thomas Rittson
4748b5b3fc
[AC-1568] Finish refactor of update subscription interface, minor fixes (#3189)
* Remove UpdateSecretsManagerSubscriptionCommand.AdjustServiceAccounts interface

* Rewrite tests and use autofixture customizations

* Reduce method nesting in the command, simplify parameters

* Fix capitalization and wording of error messages

* Add checks for existing SM beta enrolment etc
2023-08-28 08:05:23 +10:00
Thomas Rittson
c5b5225642
[AC-1568] Refactor UpdateSecretsManagerSubscriptionCommandTests to use new ctor (#3210) 2023-08-22 09:55:39 +10:00
Todd Martin
1c3afcdffc
Trusted Device Encryption feature (#3151)
* [PM-1203] feat: allow verification for all passwordless accounts (#3038)

* [PM-1033] Org invite user creation flow 1 (#3028)

* [PM-1033] feat: remove user verification from password enrollment

* [PM-1033] feat: auto accept invitation when enrolling into password reset

* [PM-1033] fix: controller tests

* [PM-1033] refactor: `UpdateUserResetPasswordEnrollmentCommand`

* [PM-1033] refactor(wip): make `AcceptUserCommand`

* Revert "[PM-1033] refactor(wip): make `AcceptUserCommand`"

This reverts commit dc1319e7fa.

* Revert "[PM-1033] refactor: `UpdateUserResetPasswordEnrollmentCommand`"

This reverts commit 43df689c7f.

* [PM-1033] refactor: move invite accept to controller

This avoids creating yet another method that depends on having `IUserService` passed in as a parameter

* [PM-1033] fix: add missing changes

* [PM-1381] Add Trusted Device Keys to Auth Response (#3066)

* Return Keys for Trusted Device

- Check whether the current logging in device is trusted
- Return their keys on successful login

* Formatting

* Address PR Feedback

* Add Remarks Comment

* [PM-1338] `AuthRequest` Event Logs (#3046)

* Update AuthRequestController

- Only allow AdminApproval Requests to be created from authed endpoint
- Add endpoint that has authentication to be able to create admin approval

* Add PasswordlessAuthSettings

- Add settings for customizing expiration times

* Add new EventTypes

* Add Logic for AdminApproval Type

- Add logic for validating AdminApproval expiration
- Add event logging for Approval/Disapproval of AdminApproval
- Add logic for creating AdminApproval types

* Add Test Helpers

- Change BitAutoData to allow you to use string representations of common types.

* Add/Update AuthRequestService Tests

* Run Formatting

* Switch to 7 Days

* Add Test Covering ResponseDate Being Set

* Address PR Feedback

- Create helper for checking if date is expired
- Move validation logic into smaller methods

* Switch to User Event Type

- Make RequestDeviceApproval user type
- User types will log for each org user is in

* [PM-2998] Move Approving Device Check (#3101)

* Move Check for Approving Devices

- Exclude currently logging in device
- Remove old way of checking
- Add tests asserting behavior

* Update DeviceType list

* Update Naming & Address PR Feedback

* Fix Tests

* Address PR Feedback

* Formatting

* Now Fully Update Naming?

* Feature/auth/pm 2759/add can reset password to user decryption options (#3113)

* PM-2759 - BaseRequestValidator.cs - CreateUserDecryptionOptionsAsync - Add new hasManageResetPasswordPermission for post SSO redirect logic required on client.

* PM-2759 - Update IdentityServerSsoTests.cs to all pass based on the addition of HasManageResetPasswordPermission to TrustedDeviceUserDecryptionOption

* IdentityServerSsoTests.cs - fix typo in test name:  LoggingApproval --> LoginApproval

* PM1259 - Add test case for verifying that TrustedDeviceOption.hasManageResetPasswordPermission is set properly based on user permission

* dotnet format run

* Feature/auth/pm 2759/add can reset password to user decryption options fix jit users (#3120)

* PM-2759 - IdentityServer - CreateUserDecryptionOptionsAsync - hasManageResetPasswordPermission set logic was broken for JIT provisioned users as I assumed we would always have a list of at least 1 org during the SSO process. Added TODO for future test addition but getting this out there now as QA is blocked by being unable to create JIT provisioned users.

* dotnet format

* Tiny tweak

* [PM-1339] Allow Rotating Device Keys (#3096)

* Allow Rotation of Trusted Device Keys

- Add endpoint for getting keys relating to rotation
- Add endpoint for rotating your current device
- In the same endpoint allow a list of other devices to rotate

* Formatting

* Use Extension Method

* Add Tests from PR

Co-authored-by: Jared Snider <jsnider@bitwarden.com>

---------

Co-authored-by: Jared Snider <jsnider@bitwarden.com>

* Check the user directly if they have the ResetPasswordKey (#3153)

* PM-3327 - UpdateKeyAsync must exempt the currently calling device from the logout notification in order to prevent prematurely logging the user out before the client side key rotation process can complete. The calling device will log itself out once it is done. (#3170)

* Allow OTP Requests When Users Are On TDE (#3184)

* [PM-3356][PM-3292] Allow OTP For All (#3188)

* Allow OTP For All

- On a trusted device isn't a good check because a user might be using a trusted device locally but not trusted it long term
- The logic wasn't working for KC users anyways

* Remove Old Comment

* [AC-1601] Added RequireSso policy as a dependency of TDE (#3209)

* Added RequireSso policy as a dependency of TDE.

* Added test for RequireSso for TDE.

* Added save.

* Fixed policy name.

---------

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com>
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
2023-08-17 16:03:06 -04:00
Thomas Rittson
fc814ff352
[AC-1597] Revert GetByUserIdWithPolicyDetailsAsync changes to unblock SQL CPU (#3203)
* Revert "[PM-3007] Caching user policies on PolicyService variable (#3117)"

This reverts commit 78588d0246.

* Don't delete old migration script

* Add migration to revert sproc
2023-08-16 13:42:09 +10:00
Oscar Hinton
d4bcaf10ff
Remove moq (#3166) 2023-08-10 17:03:42 +02:00
Rui Tomé
95b7652ca9
[AC-1443] Update manager permission to only see collections they have access to (#3071)
* [AC-1443] Changed CurrentContext.ViewAllCollections to only check if the user can edit or delete any collection

* [AC-1443] Renamed ICollectionService.GetOrganizationCollections to GetOrganizationCollectionsAsync

* [AC-1443] Changed CollectionService.GetOrganizationCollectionsAsync to first check CurrentContext.ViewAssignedCollections instead
Added unit tests

* [AC-1443] Added new unit test to check for Exception when user does not have permission
2023-08-08 16:54:10 +01:00
Matt Gibson
a5bda60c4e
Platform/pm 2535/upgrade to azure messaging servicebus (#3102)
* `dotnet add package Azure.Messaging.ServiceBus` 🤖

* Move to Azure.Messaging.ServiceBus

* `dotnet restore --locked-mode --force-evaluate` 🤖

Remove Microsoft.Azure.ServiceBus

* `dotnet restore --locked-mode --force-evaluate` 🤖

* Include broker filter

* `dotnet restore --locked-mode --force-evaluate` 🤖
2023-08-07 08:57:18 -05:00
Thomas Rittson
3573aee2ef
[AC-1512] Feature: Secrets Manager Billing - round 2 (#3119)
* [AC-1423] Add AddonProduct and BitwardenProduct properties to BillingSubscriptionItem (#3037)

* [AC-1423] Add AddonProduct and BitwardenProduct properties to BillingSubscriptionItem

- Add a helper method to determine the appropriate addon type based on the subscription items StripeId

* [AC-1423] Add helper to StaticStore.cs to find a Plan by StripePlanId

* [AC-1423] Use the helper method to set SubscriptionInfo.BitwardenProduct

* Add SecretsManagerBilling feature flag to Constants

* [AC 1409] Secrets Manager Subscription Stripe Integration  (#3019)

* Adding the Secret manager to the Plan List

* Adding the unit test for the StaticStoreTests class

* Fix whitespace formatting

* Fix whitespace formatting

* Price update

* Resolving the PR comments

* Resolving PR comments

* Fixing the whitespace

* only password manager plans are return for now

* format whitespace

* Resolve the test issue

* Fixing the failing test

* Refactoring the Plan separation

* add a unit test for SingleOrDefault

* Fix the whitespace format

* Separate the PM and SM plans

* Fixing the whitespace

* Remove unnecessary directive

* Fix imports ordering

* Fix imports ordering

* Resolve imports ordering

* Fixing imports ordering

* Fix response model, add MaxProjects

* Fix filename

* Fix format

* Fix: seat price should match annual/monthly

* Fix service account annual pricing

* Changes for secret manager signup and upgradeplan

* Changes for secrets manager signup and upgrade

* refactoring the code

* Format whitespace

* remove unnecessary using directive

* Resolve the PR comment on Subscription creation

* Resolve PR comment

* Add password manager to the error message

* Add UseSecretsManager to the event log

* Resolve PR comment on plan validation

* Resolving pr comments for service account count

* Resolving pr comments for service account count

* Resolve the pr comments

* Remove the store procedure that is no-longer needed

* Rename a property properly

* Resolving the PR comment

* Resolve PR comments

* Resolving PR comments

* Resolving the Pr comments

* Resolving some PR comments

* Resolving the PR comments

* Resolving the build identity build

* Add additional Validation

* Resolve the Lint issues

* remove unnecessary using directive

* Remove the white spaces

* Adding unit test for the stripe payment

* Remove the incomplete test

* Fixing the failing test

* Fix the failing test

* Fix the fail test on organization service

* Fix the failing unit test

* Fix the whitespace format

* Fix the failing test

* Fix the whitespace format

* resolve pr comments

* Fix the lint message

* Resolve the PR comments

* resolve pr comments

* Resolve pr comments

* Resolve the pr comments

* remove unused code

* Added for sm validation test

* Fix the whitespace format issues

---------

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* SM-802: Add SecretsManagerBetaColumn SQL migration and Org table update

* SM-802: Run EF Migrations for SecretsManagerBeta

* SM-802: Update the two Org procs and View, and move data migration to a separate file

* SM-802: Add missing comma to Organization_Create

* [AC-1418] Add missing SecretsManagerPlan property to OrganizationResponseModel (#3055)

* SM-802: Remove extra GO statement from data migration script

* [AC 1460] Update Stripe Configuration (#3070)

* change the stripeseat id

* change service accountId to align with new product

* make all the Id name for consistent

* SM-802: Add SecretsManagerBeta to OrganizationResponseModel

* SM-802: Move SecretsManagerBeta from OrganizationResponseModel to OrganizationSubscriptionResponseModel. Use sp_refreshview instead of sp_refreshsqlmodule in the migration script.

* SM-802: Remove OrganizationUserOrganizationDetailsView.sql changes

* [AC 1410] Secrets Manager subscription adjustment back-end changes (#3036)

* Create UpgradeSecretsManagerSubscription command

---------

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>

* SM-802: Remove SecretsManagerBetaColumn migration

* SM-802: Add SecretsManagerBetaColumn migration

* SM-802: Remove OrganizationUserOrganizationDetailsView update

* [AC-1495] Extract UpgradePlanAsync into a command (#3081)

* This is a pure lift & shift with no refactors

* Only register subscription commands in Api

---------

Co-authored-by: cyprain-okeke <cokeke@bitwarden.com>

* [AC-1503] Fix Stripe integration on organization upgrade (#3084)

* Fix SM parameters not being passed to Stripe

* Fix flaky test

* Fix error message

* [AC-1504] Allow SM max autoscale limits to be disabled (#3085)

* [AC-1488] Changed SM Signup and Upgrade paths to set SmServiceAccounts to include the plan BaseServiceAccount (#3086)

* [AC-1510] Enable access to Secrets Manager to Organization owner for new Subscription (#3089)

* Revert changes to ReferenceEvent code (#3091)

* Revert changes to ReferenceEvent code

This will be done in AC-1481

* Revert ReferenceEventType change

* Move NoopServiceAccountRepository to SM and update namespace

* [AC-1462] Add secrets manager service accounts autoscaling commands (#3059)

* Adding the Secret manager to the Plan List

* Adding the unit test for the StaticStoreTests class

* Fix whitespace formatting

* Fix whitespace formatting

* Price update

* Resolving the PR comments

* Resolving PR comments

* Fixing the whitespace

* only password manager plans are return for now

* format whitespace

* Resolve the test issue

* Fixing the failing test

* Refactoring the Plan separation

* add a unit test for SingleOrDefault

* Fix the whitespace format

* Separate the PM and SM plans

* Fixing the whitespace

* Remove unnecessary directive

* Fix imports ordering

* Fix imports ordering

* Resolve imports ordering

* Fixing imports ordering

* Fix response model, add MaxProjects

* Fix filename

* Fix format

* Fix: seat price should match annual/monthly

* Fix service account annual pricing

* Changes for secret manager signup and upgradeplan

* Changes for secrets manager signup and upgrade

* refactoring the code

* Format whitespace

* remove unnecessary using directive

* Changes for subscription Update

* Update the seatAdjustment and update

* Resolve the PR comment on Subscription creation

* Resolve PR comment

* Add password manager to the error message

* Add UseSecretsManager to the event log

* Resolve PR comment on plan validation

* Resolving pr comments for service account count

* Resolving pr comments for service account count

* Resolve the pr comments

* Remove the store procedure that is no-longer needed

* Add a new class for update subscription

* Modify the Update subscription for sm

* Add the missing property

* Rename a property properly

* Resolving the PR comment

* Resolve PR comments

* Resolving PR comments

* Resolving the Pr comments

* Resolving some PR comments

* Resolving the PR comments

* Resolving the build identity build

* Add additional Validation

* Resolve the Lint issues

* remove unnecessary using directive

* Remove the white spaces

* Adding unit test for the stripe payment

* Remove the incomplete test

* Fixing the failing test

* Fix the failing test

* Fix the fail test on organization service

* Fix the failing unit test

* Fix the whitespace format

* Fix the failing test

* Fix the whitespace format

* resolve pr comments

* Fix the lint message

* refactor the code

* Fix the failing Test

* adding a new endpoint

* Remove the unwanted code

* Changes for Command and Queries

* changes for command and queries

* Fix the Lint issues

* Fix imports ordering

* Resolve the PR comments

* resolve pr comments

* Resolve pr comments

* Fix the failing test on adjustSeatscommandtests

* Fix the failing test

* Fix the whitespaces

* resolve failing test

* rename a property

* Resolve the pr comments

* refactoring the existing implementation

* Resolve the whitespaces format issue

* Resolve the pr comments

* [AC-1462] Created IAvailableServiceAccountsQuery along its implementation and with unit tests

* [AC-1462] Renamed ICountNewServiceAccountSlotsRequiredQuery

* [AC-1462] Added IAutoscaleServiceAccountsCommand and implementation

* Add more unit testing

* fix the whitespaces issues

* [AC-1462] Added unit tests for AutoscaleServiceAccountsCommand

* Add more unit test

* Remove unnecessary directive

* Resolve some pr comments

* Adding more unit test

* adding more test

* add more test

* Resolving some pr comments

* Resolving some pr comments

* Resolving some pr comments

* resolve some pr comments

* Resolving pr comments

* remove whitespaces

* remove white spaces

* Resolving pr comments

* resolving pr comments and fixing white spaces

* resolving the lint error

* Run dotnet format

* resolving the pr comments

* Add a missing properties to plan response model

* Add the email sender for sm seat and service acct

* Add the email sender for sm seat and service acct

* Fix the failing test after email sender changes

* Add staticstorewrapper to properly test the plans

* Add more test and validate the existing test

* Fix the white spaces issues

* Remove staticstorewrapper and fix the test

* fix a null issue on autoscaling

* Suggestion: do all seat calculations in update model

* Resolve some pr comments

* resolving some pr comments

* Return value is unnecessary

* Resolve the failing test

* resolve pr comments

* Resolve the pr comments

* Resolving admin api failure and adding more test

* Resolve the issue failing admin project

* Fixing the failed test

* Clarify naming and add comments

* Clarify naming conventions

* Dotnet format

* Fix the failing dependency

* remove similar test

* [AC-1462] Rewrote AutoscaleServiceAccountsCommand to use UpdateSecretsManagerSubscriptionCommand which has the same logic

* [AC-1462] Deleted IAutoscaleServiceAccountsCommand as the logic will be moved to UpdateSecretsManagerSubscriptionCommand

* [AC-1462] Created method AdjustSecretsManagerServiceAccountsAsync

* [AC-1462] Changed SecretsManagerSubscriptionUpdate to only be set by its constructor

* [AC-1462] Added check to CountNewServiceAccountSlotsRequiredQuery and revised unit tests

* [AC-1462] Revised logic for CountNewServiceAccountSlotsRequiredQuery and fixed unit tests

* [AC-1462] Changed SecretsManagerSubscriptionUpdate to receive Organization as a parameter and fixed the unit tests

* [AC-1462] Renamed IUpdateSecretsManagerSubscriptionCommand methods UpdateSubscriptionAsync and AdjustServiceAccountsAsync

* [AC-1462] Rewrote unit test UpdateSubscriptionAsync_ValidInput_Passes

* [AC-1462] Registered CountNewServiceAccountSlotsRequiredQuery for dependency injection

* [AC-1462] Added parameter names to SecretsManagerSubscriptionUpdateRequestModel

* [AC-1462] Updated SecretsManagerSubscriptionUpdate logic to handle null parameters. Revised the unit tests to test null values

---------

Co-authored-by: cyprain-okeke <cokeke@bitwarden.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* Add UsePasswordManager to sync data (#3114)

* [AC-1522] Fix service account check on upgrading (#3111)

* Resolved the checkmarx issues

* [AC-1521] Address checkmarx security feedback (#3124)

* Reinstate target attribute but add noopener noreferrer

* Update date on migration script

* Remove unused constant

* Revert "Remove unused constant"

This reverts commit 4fcb9da4d6.

This is required to make feature flags work on the client

* [AC-1458] Add Endpoint And Service Logic for secrets manager to existing subscription (#3087)

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>

* Remove duplicate migrations from incorrectly resolved merge

* [AC-1468] Modified CountNewServiceAccountSlotsRequiredQuery to return zero if organization has SecretsManagerBeta == true (#3112)

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>

* [Ac 1563] Unable to load billing and subscription related pages for non-enterprise organizations (#3138)

* Resolve the failing family plan

* resolve issues

* Resolve code related pr comments

* Resolve test related comments

* Resolving or comments

* [SM-809] Add service account slot limit check (#3093)

* Add service account slot limit check

* Add query to DI

* [AC-1462] Registered CountNewServiceAccountSlotsRequiredQuery for dependency injection

* remove duplicate DI entry

* Update unit tests

* Remove comment

* Code review updates

---------

Co-authored-by: cyprain-okeke <cokeke@bitwarden.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Rui Tome <rtome@bitwarden.com>

* [AC-1461] Secrets manager seat autoscaling (#3121)

* Add autoscaling code to invite user, save user, and bulk enable SM
  flows

* Add tests

* Delete command for BulkEnableSecretsManager

* circular dependency between OrganizationService and
  UpdateSecretsManagerSubscriptionCommand - fixed by temporarily
  duplicating ReplaceAndUpdateCache

* Unresolvable dependencies in other services - fixed by temporarily
  registering noop services and moving around some DI code

All should be resolved in PM-1880

* Refactor: improve the update object and use it to adjust values,
  remove excess interfaces on the command

* Handle autoscaling-specific errors

---------

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>

* Move bitwarden_license include reference into conditional block

* [AC 1526]Show current SM seat and service account usage in Bitwarden Portal (#3142)

* changes base on the tickets request

* Code refactoring

* Removed the unwanted method

* Add implementation to the new method

* Resolve some pr comments

* resolve lint issue

* resolve pr comments

* add the new noop files

* Add new noop file and resolve some pr comments

* resolve pr comments

* removed unused method

---------

Co-authored-by: Shane Melton <smelton@bitwarden.com>
Co-authored-by: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
Co-authored-by: Colton Hurst <colton@coltonhurst.com>
Co-authored-by: cyprain-okeke <cokeke@bitwarden.com>
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
Co-authored-by: Conner Turnbull <cturnbull@bitwarden.com>
Co-authored-by: Rui Tome <rtome@bitwarden.com>
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2023-08-04 21:51:12 +00:00
Rui Tomé
78588d0246
[PM-3007] Caching user policies on PolicyService variable (#3117)
* [PM-3007] Caching user policies on PolicyService variable

* [PM-3007] Added missing newlines on sql files
2023-08-03 18:36:47 +01:00
Rui Tomé
d94a54516e
[AC-1344] Provider users unable to bulk restore vault items for client organizations (#2871)
* [AC-1344] Added method PutRestoreManyAdmin to CiphersController and refactored PutRestoreMany

* [AC-1344] Fixed unit test

* [AC-1344] Removed comment

* [AC-1344] Fixed sql.csproj

* [AC-1344] Added check for empty or null array; added more unit tests
2023-08-02 16:22:37 +01:00
Álison Fernandes
35111382e5
[AC-1486] Feature: SM Billing (#3073)
* [AC-1423] Add AddonProduct and BitwardenProduct properties to BillingSubscriptionItem (#3037)

* [AC-1423] Add AddonProduct and BitwardenProduct properties to BillingSubscriptionItem

* [AC-1423] Add helper to StaticStore.cs to find a Plan by StripePlanId

* [AC-1423] Use the helper method to set SubscriptionInfo.BitwardenProduct

* Add SecretsManagerBilling feature flag to Constants

* [AC 1409] Secrets Manager Subscription Stripe Integration  (#3019)

* [AC-1418] Add missing SecretsManagerPlan property to OrganizationResponseModel (#3055)

* [AC 1460] Update Stripe Configuration (#3070)

* [AC 1410] Secrets Manager subscription adjustment back-end changes (#3036)

* Create UpgradeSecretsManagerSubscription command

* [AC-1495] Extract UpgradePlanAsync into a command (#3081)

* This is a pure lift & shift with no refactors

* [AC-1503] Fix Stripe integration on organization upgrade (#3084)

* Fix SM parameters not being passed to Stripe

* [AC-1504] Allow SM max autoscale limits to be disabled (#3085)

* [AC-1488] Changed SM Signup and Upgrade paths to set SmServiceAccounts to include the plan BaseServiceAccount (#3086)

* [AC-1510] Enable access to Secrets Manager to Organization owner for new Subscription (#3089)

* Revert changes to ReferenceEvent code (#3091)

This will be done in AC-1481

* Add UsePasswordManager to sync data (#3114)

* [AC-1522] Fix service account check on upgrading (#3111)

* [AC-1521] Address checkmarx security feedback (#3124)

* Reinstate target attribute but add noopener noreferrer

* Update date on migration script

---------

Co-authored-by: Shane Melton <smelton@bitwarden.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: cyprain-okeke <cokeke@bitwarden.com>
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
Co-authored-by: Conner Turnbull <cturnbull@bitwarden.com>
Co-authored-by: Rui Tome <rtome@bitwarden.com>
2023-07-25 08:05:05 +10:00
Federico Maccaroni
10782d55f3
[PM-2682] Fix v0 attachments migration on share cipher with org (#3051)
* PM-2682 Fix v0 attachments migration on share cipher with org

* PM-2682 Fix format

* PM-2682 Fix tests recursion

* Update src/Core/Vault/Models/Data/CipherAttachment.cs

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

---------

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2023-07-21 16:08:08 -03:00
Conner Turnbull
a61290a3c8
[AC-1508] Stripe changes for the EU datacenter (#3092)
* Added region to customer metadata

* Updated webhook to filter out events for other DCs

* Flipped ternary to be positive, fixed indentation

* Updated to allow for unit testing andupdated tests

---------

Co-authored-by: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
2023-07-20 17:00:40 -04:00
Shane Melton
a095e02e86
[AC-1435] Single Organization policy prerequisite for Account Recovery policy (#3082)
* [AC-1435] Automatically enable Single Org policy when selecting TDE

* [AC-1435] Add test for automatic policy enablement

* [AC-1435] Prevent disabling single org when account recovery is enabled

* [AC-1435] Require Single Org policy when enabling Account recovery

* [AC-1435] Add unit test to check for account recovery policy when attempting to disable single org

* [AC-1435] Add test to verify single org policy is enabled for account recovery policy

* [AC-1435] Fix failing test
2023-07-18 10:00:49 -05:00
Colton Hurst
a565b19ffb
SM-768: Update EFCore and related packages to >= 7.0 (#3006)
* SM-768: Update EFCore and related packages to >= 7.0

* SM-768: Update more packages for the EF 7 upgrade

* SM-768: Update the PostgreSQL package

* SM-768: Run dotnet restore --force-evaluate

* SM-768: Revert package upgrades for 3 projects

* SM-768: Update the dotnet-ef tool
2023-07-07 09:56:31 -04:00
Vincent Salucci
3b4c8afea0
[AC-1191] TDE admin approval email (#3044)
* feat: add new command for updating request and emailing user, refs AC-1191

* feat: inject service with organization service collection extensions, refs AC-1191

* feat: add function to send admin approval email to mail services (interface/noop/handlebars), refs AC-1191

* feat: add html/text mail templates and add view model for email data, refs AC-1191

* feat: update org auth request controller to use new command during auth request update, refs AC-1191

* fix: dotnet format, refs AC-1191

* refactor: update user not found error, FirstOrDefault for enum type display name, refs AC-1191

* refactor: update user not found to log error instead of throws, refs AC-1191

* fix: remove whitespace lint errors, refs AC-1191

* refactor: update hardcoded UTC timezone string, refs AC-1191

* refactor: add unit test for new command, refs AC-1191

* refactor: improve enum name fallback and identifier string creation, refs AC-1191

* refactor: add addtional unit tests, refs AC-1191

* refactor: update success test to use more generated params, refs AC-1191

* fix: dotnet format...again, refs AC-1191

* refactor: make UTC display a constant for handlebars mail service, refs AC-1191

* refactor: update displayTypeIdentifer to displayTypeAndIdentifier for clarity, refs AC-1191
2023-07-06 10:03:49 -05:00
Thomas Avery
74ab7e8672
[SM-771] Add new endpoint for bulk enabling users for Secrets Manager (#3020)
* Add new endpoint for bulk enabling users for sm

* Review updates
2023-06-29 12:42:44 -04:00
Justin Baur
3bffd480cb
Pin Microsoft.AspNetCore.Http (#3001) 2023-06-29 08:37:58 -05:00
SmithThe4th
e96fc56dc2
[SG-497] BEEEP - Health Checks API Project (#2237)
* health check services added

* health check extension added

* added get connection string

* made changes to hrslth check method

* Added database health check

* added identity server health check

* added identity server health check

* Added logger publisher

* latest changes

* removed file

* Added mail server check for dev

* Added authorization to health check url path

* commented

* Added exception to switch

* Removed exclude code coverage

* Added health check for redis

* Added todos

* Added storage queue checks

* Added checks for mail

* Removed unused references and fixed linting issue

* Lint issues

* Moved healthchecks to sharedWeb project and exposed builder as a parameter to configure more health checks based on a project

* Added health check to API project

* dependencies updated

* Removed ef core health check dependencies

* Added checks to only add a health check when the connection string exists, moved health check from startup to extension class

* Merged with master and fixed conflicts

* Fixed lint issues

* Added check for amazon ses

* merged with master

* fixed lint

* Removed Amazon SES health check
2023-06-26 15:04:21 -04:00
Matt Bishop
53327b1993
[PM-2633] Warnings cleanup (#3010)
* Warnings cleanup

* One-line response with null

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Remove condition

* Fix lint from suggestion

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2023-06-16 10:02:05 -04:00
cyprain-okeke
5a12db18d1
[AC-1408] Update plan to include secrets manager (#2942)
* Adding the Secret manager to the Plan List

* Adding the unit test for the StaticStoreTests class

* Fix whitespace formatting

* Fix whitespace formatting

* Price update

* Resolving the PR comments

* Resolving PR comments

* Fixing the whitespace

* only password manager plans are return for now

* format whitespace

* Resolve the test issue

* Fixing the failing test

* Refactoring the Plan separation

* add a unit test for SingleOrDefault

* Fix the whitespace format

* Separate the PM and SM plans

* Fixing the whitespace

* Remove unnecessary directive

* Fix imports ordering

* Fix imports ordering

* Resolve imports ordering

* Fixing imports ordering

* Fix response model, add MaxProjects

* Fix filename

* Fix format

* Fix: seat price should match annual/monthly

* Fix service account annual pricing

* Name the sm service account planId properly

* Update the secrets manager plan

* correcting the wrong amount for the seats

---------

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2023-06-16 11:12:38 +01:00
Shane Melton
904b2fe205
[AC-1192] Create endpoints for new Device Approvals page (#2993)
* [AC-1192] Create new OrganizationAuthRequestsController.cs

* [AC-1192] Introduce OrganizationAdminAuthRequest model

* [AC-1192] Add GetManyPendingByOrganizationId method to AuthRequest repository

* [AC-1192] Add new list pending organization auth requests endpoint

* [AC-1192] Add new GetManyAdminApprovalsByManyIdsAsync method to the AuthRequestRepository

* [AC-1192] Make the response device identifier optional for admin approval requests

* [AC-1192] Add endpoint for bulk denying admin device auth requests

* [AC-1192] Add OrganizationUserId to PendingOrganizationAuthRequestResponseModel

* [AC-1192] Add UpdateAuthRequest endpoint and logic to OrganizationAuthRequestsController

* [AC-1192] Secure new endpoints behind TDE feature flag

* [AC-1192] Formatting

* [AC-1192] Add sql migration script

* [AC-1192] Add optional OrganizationId column to AuthRequest entity

- Rename migration script to match existing formatting
- Add new column
- Add migration scripts
- Update new sprocs to filter/join on OrganizationId
- Update old sprocs to include OrganizationId

* [AC-1192] Format migration scripts

* [AC-1192] Fix failing AuthRequest EF unit test

* [AC-1192] Make OrganizationId optional in updated AuthRequest sprocs for backwards compatability

* [AC-1192] Fix missing comma in migration file

* [AC-1192] Rename Key to EncryptedUserKey to be more descriptive

* [AC-1192] Move request validation into helper method to reduce repetition

* [AC-1192] Return UnauthorizedAccessException instead of NotFound when user is missing permission

* [AC-1192] Introduce FeatureUnavailableException

* [AC-1192] Introduce RequireFeatureAttribute

* [AC-1192] Utilize the new RequireFeatureAttribute in the OrganizationAuthRequestsController

* [AC-1192] Attempt to fix out of sync database migration by moving new OrganizationId column

* [AC-1192] More attempts to sync database migrations

* [AC-1192] Formatting

* [AC-1192] Remove unused reference to FeatureService

* [AC-1192] Change Id types from String to Guid

* [AC-1192] Add EncryptedString attribute

* [AC-1192] Remove redundant OrganizationId property

* [AC-1192] Switch to projection for OrganizationAdminAuthRequest mapping

- Add new OrganizationUser relationship to EF entity
- Replace AuthRequest DBContext config with new IEntityTypeConfiguration
- Add navigation property to AuthRequest entity configuration for OrganizationUser
- Update EF AuthRequestRepository to use new mapping and navigation properties

* [AC-1192] Remove OrganizationUser navigation property
2023-06-15 14:54:08 -07:00
Rui Tomé
746dec6496
[PM-1270] Throw error when removing master password reset policy with TDE enabled (#2964)
* [PM-1270] Updated PolicyService to throw an exception in case TDE is enabled and the user is trying to turn off the master password reset policy or tries to remove auto-enrollment

* [PM-1270] Added unit tests around the checks for turning off the master password reset policy or removing auto-enrollment

* [PM-1270] Fixed existing unit test SaveAsync_NewPolicy_Created

* [PM-1270] Removed unused method mock on unit test
2023-06-07 09:56:31 +01:00
cyprain-okeke
662ac7f059
Signups Fail for Organization & User Names >30 Characters (#2923)
* Add a length limit to include only the LEFT 30

* Resolving PR comment

* Fix the failing test

* Add a comment to stripepayment

* Refactoring the code
2023-05-19 18:45:47 +01:00
Rui Tomé
04e18ee8e7
[AC-621] Added possibility of adding users through SCIM to an Organization without a confirmed Owner (#2846)
* [AC-621] Added possibility of adding users through SCIM to an Organization without a confirmed Owner

* [AC-621] Passing EventSystemUser argument for HasConfirmedOwnersExceptAsync in user delete actions by SCIM

* [AC-624] Removed EventSystemUser parameter from IOrganizationService.HasConfirmedOwnersExceptAsync

* [AC-621] Added IProviderUserRepository.GetManyOrganizationDetailsByOrganizationAsync

* [AC-621] Updated OrganizationService.HasConfirmedOwnersExceptAsync to use IProviderUserRepository.GetManyOrganizationDetailsByOrganizationAsync to check for any confirmed provider users

* [AC-621] Removed unused EventSystemUser parameters

* [AC-621] Refactored ProviderUserRepository.GetManyByOrganizationAsync to return ProviderUser objects

* [AC-621] Removed default parameter value for Status
2023-05-17 16:39:08 +01:00
Rui Tomé
bcf096971b
[PM-1879] Allow custom users to grant the same custom permissions that they have (#2897)
* [PM-1879] Replaced JsonSerializer.Serialize with CoreHelpers.ClassToJsonData

* [PM-1879] Changed OrganizationService.SaveUserAsync to check Custom permissions

* [PM-1879] Added unit tests for saving Custom permissions using a Custom user

* [PM-1879] Added method OrganizationUser.GetPermissions to deserialize the Permissions property

* [PM-1879] Refactored ValidateCustomPermissionsGrant to return bool

* [PM-1879] Added unit test SaveUser_WithCustomPermission_WhenUpgradingToAdmin_Throws
2023-05-17 14:17:37 +01:00
Jim Hays
8262af3c53
[PM-1969] Spellcheck other (#2878)
* Fix typo in error message: 'Unkown' -> 'Unknown'

* Fix typos in error message

* Fix typo in example text: 'licence' -> 'license'

* Fix typo in validation: 'Ooganization' -> 'Organization'

* Fix typo in text string: 'compatibilty' -> 'compatibility'

* Fix typo: 'ProviderDisllowedOrganizationTypes' -> 'ProviderDisallowedOrganizationTypes'

* Fix typo: 'NSubstitueVersion' -> 'NSubstituteVersion'

* Fix typo: 'CreateIntialInvite' -> 'CreateInitialInvite'

* Fix typo: '_queuryScheme' -> '_queryScheme'

* Fix typo: 'GetApplicationCacheServiceBusSubcriptionName' -> 'GetApplicationCacheServiceBusSubscriptionName'

* Fix typo: 'metaDataRespository' -> 'metaDataRepository'

* Fix typo: 'cipherAttachements' -> 'cipherAttachments'

* Fix typo: 'savedEmergencyAccesss' -> 'savedEmergencyAccesses'

* Fix typo: 'owerOrgUser' -> 'ownerOrgUser'

* Fix typo: 'Organiation' -> 'Organization'

* Fix typo: 'extistingUser' -> 'existingUser'

* Fix typo: 'availibleAccess' -> 'availableAccess'

* Fix typo: 'HasEnouphStorage' -> 'HasEnoughStorage'

* Fix typo: 'extistingOrg' -> 'existingOrg'

* Fix typo: 'subcriber' -> 'subscriber'

* Fix typo: 'availibleCollections' -> 'availableCollections'

* Fix typo: 'Succes' -> 'Success'

* Fix typo: 'CreateAsync_UpdateWithCollecitons_Works' -> 'CreateAsync_UpdateWithCollections_Works'

* Fix typo: 'BadInsallationId' -> 'BadInstallationId'

* Fix typo: 'OrgNotFamiles' -> 'OrgNotFamilies'

* Revert "Fix typo: 'Organiation' -> 'Organization'"

This reverts commit 8aadad1c25.

* Revert "Fix typos in error message"

This reverts commit 81d201fc09.

---------

Co-authored-by: Daniel James Smith <djsmith@web.de>
2023-05-17 12:14:36 +02:00
Rui Tomé
8d3fe12170
[EC-787] Create a method in PolicyService to check if a policy applies to a user (#2537)
* [EC-787] Add new stored procedure OrganizationUser_ReadByUserIdWithPolicyDetails

* [EC-787] Add new method IOrganizationUserRepository.GetByUserIdWithPolicyDetailsAsync

* [EC-787] Add OrganizationUserPolicyDetails to represent policies applicable to a specific user

* [EC-787] Add method IPolicyService.GetPoliciesApplicableToUser to filter the obtained policy data

* [EC-787] Returning PolicyData on stored procedures

* [EC-787] Changed GetPoliciesApplicableToUserAsync to return ICollection

* [EC-787] Switched all usings of IPolicyRepository.GetManyByTypeApplicableToUserIdAsync to IPolicyService.GetPoliciesApplicableToUserAsync

* [EC-787] Removed policy logic from BaseRequestValidator and added usage of IPolicyService.GetPoliciesApplicableToUserAsync

* [EC-787] Added unit tests for IPolicyService.GetPoliciesApplicableToUserAsync

* [EC-787] Added unit tests for OrganizationUserRepository.GetByUserIdWithPolicyDetailsAsync

* [EC-787] Changed integration test to check for single result

* [EC-787] Marked IPolicyRepository methods GetManyByTypeApplicableToUserIdAsync and GetCountByTypeApplicableToUserIdAsync as obsolete

* [EC-787] Returning OrganizationUserId on OrganizationUser_ReadByUserIdWithPolicyDetails

* [EC-787] Remove deprecated stored procedures Policy_CountByTypeApplicableToUser, Policy_ReadByTypeApplicableToUser and function PolicyApplicableToUser

* [EC-787] Added method IPolicyService.AnyPoliciesApplicableToUserAsync

* [EC-787] Removed 'OrganizationUserType' parameter from queries

* [EC-787] Formatted OrganizationUserPolicyDetailsCompare

* [EC-787] Renamed SQL migration files

* [EC-787] Changed OrganizationUser_ReadByUserIdWithPolicyDetails to return Permissions json

* [EC-787] Refactored excluded user types for each Policy

* [EC-787] Updated dates on dbo_future files

* [EC-787] Remove dbo_future files from sql proj

* [EC-787] Added parameter PolicyType to IOrganizationUserRepository.GetByUserIdWithPolicyDetailsAsync

* [EC-787] Rewrote OrganizationUser_ReadByUserIdWithPolicyDetails and added parameter for PolicyType

* Update util/Migrator/DbScripts/2023-03-10_00_OrganizationUserReadByUserIdWithPolicyDetails.sql

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2023-05-12 08:22:19 +01:00
Matt Bishop
99b0953acd
Remove Secrets Manager LaunchDarkly feature flag (#2925) 2023-05-11 10:27:58 -04:00
Shane Melton
620a7e0a8d
[AC-1145] Add trusted devices option to SSO Config Data (#2909)
* [AC-1145] Add TDE feature flag

* [AC-1145] Update .gitignore to ignore flags.json in the Api project

* [AC-1145] Introduce MemberDecryptionType property on SsoConfigurationData

* [AC-1145] Add MemberDecryptionType to the SsoConfigurationDataRequest model

* [AC-1145] Automatically enable password reset policy on TDE selection

* [AC-1145] Remove references to obsolete KeyConnectorEnabled field

* [AC-1145] Formatting

* [AC-1145] Update XML doc reference to MemberDecryptionType
2023-05-10 12:52:08 -07:00
Justin Baur
5a850f48e2
[PM-1807] Add Auth Request Service (#2900)
* Refactor AuthRequest Logic into Service

* Add Tests & Run Formatting

* Register Service

* Add Tests From PR Feedback

Co-authored-by: Jared Snider <jsnider@bitwarden.com>

---------

Co-authored-by: Jared Snider <jsnider@bitwarden.com>
2023-05-09 12:39:33 -04:00
Jim Hays
f9038472ce
Fix typos in comments (#2876) 2023-05-09 17:38:47 +02:00
Vincent Salucci
9a1a369472
[AC-1201] refactor: move all SCIM related files into the AdminConsole scope (#2841)
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2023-04-19 09:31:00 +10:00
Daniel James Smith
4e7b9d2edd
[PM-328] Move files for team-tools (#2857)
* Extract Import-Api endpoints into separate controller

Moved ciphers/import and ciphers/import-organization into new ImportController
Paths have been kept intact for now (no changes on clients needed)
Moved request-models used for import into tools-subfolder

* Update CODEOWNERS for team-tools-dev

* Move HibpController (reports) to tools

* Moving files related to Send

* Moving files related to ReferenceEvent

* Removed unneeded newline
2023-04-18 14:05:17 +02:00
Jake Fink
88dd745070
[PM-1188] Server owner auth migration (#2825)
* [PM-1188] add sso project to auth

* [PM-1188] move sso api models to auth

* [PM-1188] fix sso api model namespace & imports

* [PM-1188] move core files to auth

* [PM-1188] fix core sso namespace & models

* [PM-1188] move sso repository files to auth

* [PM-1188] fix sso repo files namespace & imports

* [PM-1188] move sso sql files to auth folder

* [PM-1188] move sso test files to auth folders

* [PM-1188] fix sso tests namespace & imports

* [PM-1188] move auth api files to auth folder

* [PM-1188] fix auth api files namespace & imports

* [PM-1188] move auth core files to auth folder

* [PM-1188] fix auth core files namespace & imports

* [PM-1188] move auth email templates to auth folder

* [PM-1188] move auth email folder back into shared directory

* [PM-1188] fix auth email names

* [PM-1188] move auth core models to auth folder

* [PM-1188] fix auth model namespace & imports

* [PM-1188] add entire Identity project to auth codeowners

* [PM-1188] fix auth orm files namespace & imports

* [PM-1188] move auth orm files to auth folder

* [PM-1188] move auth sql files to auth folder

* [PM-1188] move auth tests to auth folder

* [PM-1188] fix auth test files namespace & imports

* [PM-1188] move emergency access api files to auth folder

* [PM-1188] fix emergencyaccess api files namespace & imports

* [PM-1188] move emergency access core files to auth folder

* [PM-1188] fix emergency access core files namespace & imports

* [PM-1188] move emergency access orm files to auth folder

* [PM-1188] fix emergency access orm files namespace & imports

* [PM-1188] move emergency access sql files to auth folder

* [PM-1188] move emergencyaccess test files to auth folder

* [PM-1188] fix emergency access test files namespace & imports

* [PM-1188] move captcha files to auth folder

* [PM-1188] fix captcha files namespace & imports

* [PM-1188] move auth admin files into auth folder

* [PM-1188] fix admin auth files namespace & imports
- configure mvc to look in auth folders for views

* [PM-1188] remove extra imports and formatting

* [PM-1188] fix ef auth model imports

* [PM-1188] fix DatabaseContextModelSnapshot paths

* [PM-1188] fix grant import in ef

* [PM-1188] update sqlproj

* [PM-1188] move missed sqlproj files

* [PM-1188] move auth ef models out of auth folder

* [PM-1188] fix auth ef models namespace

* [PM-1188] remove auth ef models unused imports

* [PM-1188] fix imports for auth ef models

* [PM-1188] fix more ef model imports

* [PM-1188] fix file encodings
2023-04-14 13:25:56 -04:00