1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-26 12:55:17 +01:00
Commit Graph

2819 Commits

Author SHA1 Message Date
Joseph Flinn
41341d6807
adding in the docker push for the rc images (#1182) 2021-03-04 09:50:32 -08:00
Joseph Flinn
8ad9a42854
adding release branch build and docker tag/push (#1181) 2021-03-04 09:15:30 -08:00
Thomas Rittson
a18e1b7dca
Exempt owners and admins from single org and 2FA policy (#1171)
* Fix single org policy when creating organization

Exclude owners and admins from policy when creating new org

* Fix single org and 2FA policy on accepting invite

Exclude owners and admins from policies

* Remove looped async calls

* Fix code style and formatting
2021-03-03 08:15:42 +10:00
Matt Gibson
c2d34d7271
Fix send file length always zero (#1175)
* HttpStream must be read prior to knowing it length

We also need to create the send prior to saving the stream so we
have well defined save location. Solve chicken-and-egg problem by saving
the Send twice. This also allows for validation that the stream received
is the same length as that promissed by the content-length header

* Get encrypted file length from request
2021-03-02 09:27:11 -06:00
Matt Gibson
8d5fc21b51
Prepare for send direct upload (#1174)
* Add sendId to path

Event Grid returns the blob path, which will be used to grab a Send and verify file size

* Re-validate access upon file download

Increment access count only when file is downloaded. File
name and size are leaked, but this is a good first step toward
solving the access-download race
2021-03-01 15:01:04 -06:00
vachan-maker
13f12aaf58
Update EmergencyAccessConfirmed.text.hbs (#1172) 2021-03-01 10:49:13 -05:00
Thomas Rittson
3850f0e400
Fix empty grantee or grantor names in emergency access emails (#1162)
* Fix empty grantee or grantor names in emails

* Add migrator dbscript for changes to ReadToNotify
2021-02-26 08:11:58 +10:00
Addison Beck
b21c9042ca
added expiration date and creator identifier to the Send access response model (#1166) 2021-02-25 17:04:53 -05:00
Chad Scharf
2f7c2a64e0
Reference events for Send (#1165) 2021-02-25 13:40:26 -05:00
Vincent Salucci
07427623b3
[Email] Updated welcome email button (#1164) 2021-02-25 11:24:05 -06:00
Matt Gibson
73346b01d1
Add factory to IGlobalSettings DI singleton (#1163)
It turns out Singleton DI of interfaces does not use the specified
instance's Singleton, but just creates its own. This fixes the bug
where classes expecting an IGlobalSettings were given an empty GlobaSettings
instance
2021-02-25 07:00:28 -06:00
Matt Gibson
e350daeeee
Use sas token for send downloads (#1157)
* Remove Url from SendFileModel

Url is now generated on the fly with limited lifetime.

New model houses the download url generated

* Create API endpoint for getting Send file download url

* Generate limited-life Azure download urls

* Lint fix
2021-02-24 13:03:16 -06:00
Addison Beck
f8940e4be5
Checked Emergency Access access type on access initiation (#1160)
* also updated the View method

* removed old code

* naming refactor

* used the right type

* also checked PasswordAsync()

* also checked GetPolicies()
2021-02-23 17:12:52 -05:00
Thomas Rittson
499c30a805
Fix error message if already accepted EA invite (#1159)
* Fix error message if already accepted EA invite

* Fix error message wording depending on EA status
2021-02-24 05:46:52 +10:00
Chad Scharf
cc964ccb9c
Add https://2fa.directory to CSP (#1156)
* Add https://2fa.directory to CSP

* remove old domain for towfactorauth.org
2021-02-22 19:15:58 -05:00
Matt Gibson
5537470703
Use sas token for attachment downloads (#1153)
* Get limited life attachment download URL

This change limits url download to a 1min lifetime.
This requires moving to a new container to allow for non-public blob
access.

Clients will have to call GetAttachmentData api function to receive the download
URL. For backwards compatibility, attachment URLs are still present, but will not
work for attachments stored in non-public access blobs.

* Make GlobalSettings interface for testing

* Test LocalAttachmentStorageService equivalence

* Remove comment

* Add missing globalSettings using

* Simplify default attachment container

* Default to attachments containe for existing methods

A new upload method will be made for uploading to attachments-v2.
For compatibility for clients which don't use these new methods, we need
to still use the old container. The new container will be used only for
new uploads

* Remove Default MetaData fixture.

* Keep attachments container blob-level security for all instances

* Close unclosed FileStream

* Favor default value for noop services
2021-02-22 15:35:16 -06:00
Kyle Spearrin
78606d5f13
endpoint to display config settings (#1150) 2021-02-18 15:15:08 -05:00
Kyle Spearrin
1ca6e917af
return fa-globe icon when not found (#1149) 2021-02-18 12:18:50 -05:00
Kyle Spearrin
cd2834cc15 Revert "remove premium checks for internal testing"
This reverts commit 26fb6fc3b7.
2021-02-17 13:16:01 -05:00
Thomas Rittson
ad6abaccc8
Fix error message if user already accepted invite (#1140)
* Fix error message if already accepted invitation

* Improve error message wording

* Use consistent capitalization of organization
2021-02-17 09:28:49 +10:00
Oscar Hinton
979eb4a842
Run Quartz in clustered mode (#1123) 2021-02-12 13:49:11 +01:00
Thomas Rittson
61ee3f1e45
Let Manage Users permission see group membership (#1135) 2021-02-12 08:14:00 +10:00
Chad Scharf
f3bff938c4
Added ability to bulk-upload tax rates (#1139) 2021-02-11 16:39:27 -05:00
Jungley
7065bba56f
支持更多的 nginx 配置 (#1136) 2021-02-11 16:11:36 -05:00
Kyle Spearrin
c3a99402f8
adjust date validation for send (#1137) 2021-02-11 14:39:21 -05:00
Kyle Spearrin
7c9ea83ad2
HTML encode sanitized inputs for email templates (#1138) 2021-02-11 14:39:13 -05:00
Chad Scharf
6cc317c4ba
SSO - Added custom scopes and claim types for OIDC (#1133)
* SSO - Added custom scopes and claim types for OIDC

* Removed redundant field labels

* Added acr_values to OIDC config + request
2021-02-10 12:00:12 -05:00
Thomas Rittson
9f42357705
Improved handling of grantor access to organizations after takeover (refactored) (#1134)
* Revert "Only return policy in TakeoverResponse if Owner"

This reverts commit b20e6f5e85.

* Revert "Return grantor policy info in TakeoverResponse"

This reverts commit 204217a5e0.

* Add endpoint to get grantor policies on takeover
2021-02-10 09:06:42 +10:00
Thomas Rittson
d51b592cb5
Improved handling of grantor access to organizations after takeover (#1132)
* Remove grantor from orgs after takeover

* Return grantor policy info in TakeoverResponse

* Only return policy in TakeoverResponse if Owner
2021-02-09 06:33:03 +10:00
Matt Gibson
79cc6df0fd
Delete sends belonging to user on user delete (#1116)
* Delete sends belonging to user on user delete

* Update User_DeleteById.sql

* Clean up bad autoformats

Co-authored-by: Addison Beck <abeck@bitwarden.com>

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
Co-authored-by: Addison Beck <abeck@bitwarden.com>
2021-02-05 12:37:55 -06:00
Matt Gibson
edd4bc2623
Add disable send policy (#1130)
* Add Disable Send policy

* Test DisableSend policy

* PR Review

* Update tests for using CurrentContext

This required making an interface for CurrentContext and mocking out
the members used. The interface can be expanded as needed for tests.

I moved CurrentContext to a folder, which changes the namespace
and causes a lot of file touches, but most are just adding a reference

* Fix failing test

* Update exemption to include all exempt users

* Move all CurrentContext usages to ICurrentContext

* PR review. Match messaging with Web
2021-02-04 12:54:21 -06:00
Chad Scharf
19e7ce8519
self-hosted server release, v1.39.4 (#1125) 2021-02-02 12:23:27 -05:00
Addison Beck
cf84453492
added a few global domains (#1129)
* added a few global domains

* fixed a domain
2021-02-02 11:15:33 -05:00
Chad Scharf
360be1245f
Fix command name for renewcert (from renewcrt) (#1128)
Command name should match the help page and list commands output. Also fixed help site link.
2021-02-02 09:23:38 -05:00
Chad Scharf
6d8e37ebf6
Patch release version bump, 1.39.4 (#1124) 2021-02-01 18:43:32 -05:00
Addison Beck
00853bc250
Import Invite Error (#1121)
* throw error if user is already invited on import

* added back the single InviteUser OrgService method
2021-01-30 17:56:37 -05:00
Oscar Hinton
3ba832b440
Changed Emergency Access job frequency to hourly (#1120) 2021-01-29 23:32:00 +01:00
Chad Scharf
ee05b8af84
self-hosted version bump v1.39.3 (#1114) 2021-01-27 17:19:02 -05:00
Chad Scharf
2380bba577
version bump 1.39.3 (#1113) 2021-01-27 17:00:56 -05:00
Chad Scharf
e869b4df63
Add external amr to auth method claims accepted (#1112) 2021-01-27 10:53:27 -05:00
Chad Scharf
421fbffd42
self-hosted version bump v1.39.1, web v2.18.1 (#1111) 2021-01-26 12:08:17 -05:00
Addison Beck
445ce33c47
check that SingleOrg policy is enabled before saying users cant create new orgs (#1110)
* check that SingleOrg policy is enabled before saying users cant create new orgs

* fixed org user kick check for SingleOrg

* code review cleanup
2021-01-25 11:19:33 -05:00
Addison Beck
bc4eeff604
changed the address data used to pull sales tax for premium subscriptions (#1109)
* changed the address data used to pull sales tax for premium subscriptions

* nulled checked for extra safety

* fixes null check
2021-01-25 09:56:53 -05:00
Addison Beck
b8a2158626
enabled send and added send sync notifications (#1106) 2021-01-22 16:16:40 -05:00
Vincent Salucci
3555b15b91
[Email] Update welcome content (#1092)
* Initial commit of welcome email update

* Final revisions and updated hosted image urls

* added dynamic year // updated verbiage // fixed typo in text template

* Updated verbiage // changed mustache accessor // updated how year is generated
2021-01-21 14:57:13 -06:00
Chad Scharf
85edc03461
Add SAML 2.0 metadata export for dynamic SPs (#1094) 2021-01-21 15:54:46 -05:00
Chad Scharf
bc1a20101a
Self hosted release - v1.39.0 (#1103) 2021-01-21 14:56:53 -05:00
Joseph Flinn
970712e014
making the bash script command sections a bit easier to read (#1085) 2021-01-21 14:49:40 -05:00
Joseph Flinn
2dc0fe3b31
Bwsh surpress warnings (#1084)
* surpessing the missing docker networks message in the bash script when the docker-compose project is already down

* surpressing the missing docker network warnings in the powershell script
2021-01-21 14:49:27 -05:00
Joseph Flinn
5059e0a693
fixing the letsencrypt cert generation command in the powershell command (#1102) 2021-01-20 18:33:00 -05:00