1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-25 12:45:18 +01:00
Commit Graph

4256 Commits

Author SHA1 Message Date
Rui Tomé
21219262a2
[PM-3779] idor allow the attacker to delete the victim domain (#3308)
* [PM-3779] Added IOrganizationDomainRepository.GetDomainByIdAndOrganizationIdAsync and SQL stored procedure

* [PM-3779] Changed GetOrganizationDomainByIdQuery to also take OrgId as a parameter. Updated existing unit tests and added new. Updated controller to match command changes

* [PM-3779] Removed type from url routes

* [PM-3779] Renamed IGetOrganizationDomainByIdAndOrganizationIdQuery to IGetOrganizationDomainByIdOrganizationIdQuery

* [PM-3779] Renamed GetOrganizationDomainByIdOrganizationIdQueryTests file and added more tests
2023-10-18 11:57:59 +01:00
Rui Tomé
cb73056c42
[AC-1654] idor allow the attacker to disable any one scim provising (#3325)
* [AC-1654] Added IOrganizationConnectionRepository.GetByIdOrganizationIdAsync and modified OrganizationConnectionsController to use it to get a connection matching both Id and OrganizationId

* [AC-1654] Fixed unit tests
2023-10-18 11:39:00 +01:00
Andreas Coroiu
8c77c65ce8
[PM-1222] Passkeys in the Bitwarden vault (#2679)
* [EC-598] feat: add support for saving fido2 keys

* [EC-598] feat: add additional data

* [EC-598] feat: add counter, nonDiscoverableId; remove origin

* [EC-598] fix: previous incomplete commit

* [EC-598] fix: previous incomplete commit.. again

* [EC-598] fix: failed merge

* [EC-598] fix: move files around to match new structure

* [EC-598] feat: add implementation for non-discoverable credentials

* [EC-598] chore: remove some changes introduced by vs

* [EC-598] fix: linting issues

* [PM-1500] Add feature flag to enable pass keys (#2916)

* Added feature flag to enable pass keys

* Renamed enable pass keys to fido2 vault credentials

* only sync fido2key ciphers on clients >=2023.9.0 (#3244)

* Renamed fido2key property username to userDisplayName (#3172)

* [PM-1859] Renamed NonDiscoverableId to credentialId (#3198)

* PM-1859 Refactor to credentialId

* PM-1859 Removed unnecessary import

---------

Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>

* [PM-3807] Store all passkeys as login cipher type (#3261)

* [PM-3807] feat: add discoverable property to fido2key

* [PM-3807] feat: remove standalone Fido2Key

* [PM-3807] chore: clean up unusued constant

* [PM-3807] fix: remove standadlone Fido2Key property that I missed

* [PM-3807] Store passkeys in array (#3268)

* [PM-3807] feat: store passkeys in array

* [PM-3807] amazing adventures with the c# linter

* [PM-3980] Added creationDate property to the Fido2Key object (#3279)

* Added creationDate property to the Fido2Key object

* Fixed lint issues

* fixed comments

* made createionDate required

* [PM-3808] [Storage v2] Add old client/new server backward compatibility (#3262)

* [PM-3807] feat: add discoverable property to fido2key

* [PM-3807] feat: remove standalone Fido2Key

* [PM-3807] chore: clean up unusued constant

* [PM-3808] feat: add fido2 compatibility check before saving ciphers

* Resolved merge conflicts.

* Setting minimum version for QA.

---------

Co-authored-by: Todd Martin <tmartin@bitwarden.com>

* [PM-4054] Rename Fido2Key to Fido2Credential (#3306)

* Add server version compatibility check for Fido2Credentials on sharing with org (#3328)

* Added compatibility checks.

* Refactored into separate methods for easier removal.

* Added check on ShareMany

* Updated method order to be consistent.

* Linting

* Updated minimum server version for release, as well as defaulting the feature on for self-hosted.

* Added trailing space.

* Removed extra assignment

---------

Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
Co-authored-by: Carlos Gonçalves <carlosmaccam@gmail.com>
Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com>
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
2023-10-17 12:17:13 -04:00
cyprain-okeke
8177821e8b
[AC 1451] Refactor staticstore plans and consuming logic (#3164)
* refactor the plan and create new objects

* initial commit

* Add new plan types

* continue the refactoring by adding new plantypes

* changes for plans

* Refactoring continues

* making changes for plan

* Fixing the failing test

* Fixing  whitespace

* Fix some in correct values

* Resolve the plan data

* rearranging the plan

* Make the plan more immutable

* Resolve the lint errors

* Fix the failing test

* Add custom plan

* Fix the failing test

* Fix the failing test

* resolve the failing addons after refactoring

* Refactoring

* Merge branch 'master' into ac-1451/refactor-staticstore-plans-and-consuming-logic

* merge from master

* Merge branch 'master' into ac-1451/refactor-staticstore-plans-and-consuming-logic

* format whitespace

* resolve the conflict

* Fix some pr comments

* Fixing some of the pr comments

* fixing some of the pr comments

* Resolve some pr comments

* Resolve pr comments

* Resolves some pr comments

* Resolving some or comments

* Resolve a failing test

* fix the failing test

* Resolving some pr comments

* Fix the failing test

* resolve pr comment

* add a using statement fir a failing test

---------

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2023-10-17 15:56:35 +01:00
Matt Gibson
1c3bd4d252
bump minor sdk version (#3347) 2023-10-17 09:22:38 -04:00
Thomas Avery
69529d394b
[SM-891] Include Secrets Manager in organization license for self-hosting (#3222)
* Remove self-hosted restrictions from SM endpoints

* Add SM properties to organization license
2023-10-16 15:47:12 -05:00
Michał Chęciński
eec2763e78
Automate Lock File Generation (#3345) 2023-10-16 16:33:29 +02:00
cd-bitwarden
b772784af3
[SM-896] restricting access to disabled orgs (#3287)
* restricting access to disabled orgs

* Unit Test Updates

* Update test/Api.IntegrationTest/SecretsManager/Controllers/AccessPoliciesControllerTests.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Covering all test cases

* making organization enabled NOT default

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2023-10-16 14:29:02 +00:00
Michał Chęciński
4ff41e9604
Add gitkeep files to preserve DbScript folders even if there's no sql scripts in them (#3341) 2023-10-13 15:05:27 +02:00
Oscar Hinton
27314ac375
Add identity tests to test solution (#3342) 2023-10-13 14:15:11 +02:00
MtnBurrit0
f228dcd668
Rename DbScripts_future and DbScripts_data_migrations (#3192)
* Rename DbScripts_future and DbScripts_data_migrations

* Rename embeded folder name

* Remove new files from stale PR

---------

Co-authored-by: Michał Chęciński <mchecinski@bitwarden.com>
Co-authored-by: Michał Chęciński <michal.checinski@outlook.com>
2023-10-12 12:42:28 -06:00
Thomas Rittson
53f5eee215
[AC-1638] Disallow Secrets Manager for MSP-managed organizations (#3297)
* Block MSPs from creating orgs with SM

* Block MSPs from adding SM to a managed org

* Prevent manually adding SM to an MSP-managed org

* Revert "Prevent manually adding SM to an MSP-managed org"

This change is no longer required

This reverts commit 51b086243b.

* Block provider from adding org with SM

* Update error message when adding existing org with SM to provider

* Update check to match client

* Revert "Update check to match client"

This reverts commit f195c1c1f6.
2023-10-12 15:56:50 +01:00
Justin Baur
79648b311e
[PM-3555] Remove ClearTracker() (#3213)
* Remove ClearTracker

* Remove from CipherRepositoryTests
2023-10-12 11:15:02 +02:00
Alex Morask
b2af73f00f
[PM-212] Sync Organization Billing Email from Stripe Webhook (#3305)
* Add StripeFacade and StripeEventService

* Add StripeEventServiceTests

* Handle customer.updated event in StripeController
2023-10-11 15:57:51 -04:00
Daniel James Smith
3a71e7b081
Add tech-leads as default owners (#3330)
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2023-10-06 18:28:02 +02:00
renovate[bot]
4dcd467a5f
Update crazy-max/ghaction-import-gpg action to v6 (#3315)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-10-05 14:59:23 -04:00
renovate[bot]
8c3ca2f1fa
Update bitwarden/gh-actions digest to f112580 (#3314)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-10-05 14:58:13 -04:00
Conner Turnbull
cc68d84301
Added billing patterns to codeowners (#3322) 2023-10-04 12:05:44 -04:00
Todd Martin
9af9d121bf
Updated client minimum version to reflect previous hotfixes. (#3311) 2023-09-29 15:44:54 -04:00
Alex Morask
46117b194e
Return discount info in Subscription responses [AC-1657] (#3278)
* Return whether customer has Stripe discount applied from /api/accounts/subscription

* Return whether customer has Stripe discount applied from /api/organizations/{id}/subscription
2023-09-29 12:29:43 -04:00
github-actions[bot]
12b03482ae
Bumped version to 2023.9.1 (#3309)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2023-09-29 15:40:07 +00:00
Michał Chęciński
3e90f57797
[DEVOPS-1519] Add transition mode to mssql migrator utility (#3259)
* Add RerunableSqlTableJournal

* Add extension to use rerunable sql table journal

* Use rerunable sql journal

* format

* Enable logging

* FIx

* Disable logging

* Rename to SqlTableJournalExtensions

* Move RerunableSqlTableJournal to Extension class

* Fix usings

* Add rerunable schema

* Format

* Fix typo

* Enable logging in db migrator

* add rerunable column in dbo migrations table migration

* Trying

* Fix journal table name

* Trying to migrate first

* After migration

* Testing

* Add update from rerunable to not rerunable script

* Change name

* Add rerunable option and script folder name

* Add rerunable options and folder

* Fix

* Add transition (aka rerunable) migrations to Setup

* Parse parameters on migrator utility

* Fix sql scripts

* Remove CreateSchemaTableSql as it'll be migrated using migration

* Embed dbScripts_data_migration folder

* Remove testing sql script

* Add optins parsing nuget for msSqlMigratorUtility

* Fix sql journal

* Ran dotnet format

* Comment out index

* ▫️Revert "Comment out index"

This reverts commit df15fa91e0.

* Disable logging

* Add newline

* Rename rerunable to repeatable

* remove repeatable journal

* Remove migration adding the repeatable column in  dbo.Migrations table

* Add using

* Enable log for testing

* Disable logging in the setup

* Remove unused method

* Add migrator constants

* Use constants in yet another place

* Fix

* Add constant

* Fix

* Fix
2023-09-28 16:29:52 +02:00
Todd Martin
7ede956c32
Individual Vault Item Encryption Feature (#3256)
* [SG-966] [SG-967] Add new cipher properties, update DB objects and create migrations (#2681)

* Updated cipher entity with two new columns

* Added sqlserver mifgration and updated applicable stored procedures and table

* Added EF Migrations

* Made changes to response model to include new column properties

* Fixed formatting

* Modified scripts to reflect suggestions made on PR

* Added column to cipher table using default

* Include constraint in create cipher table script

* Added key and forcerotatekey property to request model (#2716)

* Added key update on the Cipher_UpdateWithCollection stored procedure, ef (#2855)

* Added key and forceKeyRotation to BuildCiphersTable method (#2893)

* [PM-2211] Remove forceKeyRotation column (#2921)

* Removed forceKeyRotation column

* Adjusted date for migrtaion file

* Passed key column to update cipher script to update cipher key when it is rotated (#2967)

* [PM-2448] Update CipherDetails_Update SP to update attachment column (#2992)

* Updated the cipherdetails_update stored procedure to update the attachement column when encrypted with the cipher key

* Moved migration and renamed old migration file

* Fixed lint issues

* Fixed lint issues

* renamed sqlserver migration to have a more recent date

* [PM-2548] Added validation to edit and add attachments methods (#3130)

* PM-2548 Added validation to edit and add attachments methods

* PM-2548 Moved the validation to a private method

* PM-2548 Minor refactor

* Bumped up minimum version

* Bumped up minimum version

* Changed version for tests purposes

* Bumped up minimum version

* Updated encryption minimum version to match clients for QA.

* PM-3976 Passed Key column to update cipher on bulk edit (#3299)

* Updated minimum client version in preparation for release.

* Renamed migration with current date. (#3303)

---------

Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
Co-authored-by: Carlos Gonçalves <cgoncalves@bitwarden.com>
Co-authored-by: Carlos Gonçalves <carlosmaccam@gmail.com>
2023-09-28 08:45:13 -04:00
renovate[bot]
464dac8f4d
Update bitwarden/gh-actions digest to fdcf1fc (#3230)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-26 10:30:28 -04:00
Matt Bishop
9db1007df6
Only log errors with LaunchDarkly (#3298) 2023-09-25 15:32:06 -04:00
Alex Morask
0b72eb8e45
Admin: Update Stripe Customer Email on Organization Edit (#3281)
* Admin: Update Stripe customer email on organization billing email update

* Conner's feedback
2023-09-25 10:16:19 -04:00
Cesar Gonzalez
44baba9229
[PM-4075] Setup Feature Flag for Browser Fileless Import (#3296) 2023-09-25 13:16:21 +00:00
renovate[bot]
e3dc515062
Update actions/checkout action to v4.1.0 (#3293)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-25 08:34:54 -04:00
Matt Bishop
bfe71e5056
Delete NuGet config (#3290) 2023-09-22 11:18:59 -04:00
Thomas Avery
46faecaade
[SM-755] Add EF Secrets Manager cleanup on deletes (#3228)
* Add Delete Cascade for EF AccessPolicy table

* Add AP removal on EF user deletion

* Remove SM entities on EF org delete
2023-09-21 17:22:08 -05:00
Conner Turnbull
90d600db9d
[PM-2961] Upgrade Braintree (#3206)
* Upgraded Braintree to 5.19.0

* Force evaluate of nuget packages

---------

Co-authored-by: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
2023-09-20 14:11:29 -04:00
Thomas Rittson
0af5eaec7d
Remove sm-ga-billing feature flag (#3254) 2023-09-20 09:36:36 +10:00
github-actions[bot]
f29a142c80
Bumped version to 2023.9.0 (#3280)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2023-09-19 09:49:25 -04:00
Todd Martin
2149266199
Migration to remove WebAuthn 2FA method from Free users (#3271)
* Created migration for review.

* Added in check for org users that have Premium through their org.

* Commented out UPDATE for testing.

* Changes from PR Review

* Added U2F handling.

* Address PR feedback

* Updated to use string for type comparision due to bad data in Prod database.

* Added revision date to update and uncommented update for migration run.
2023-09-18 18:36:26 -04:00
renovate[bot]
4100372401
Update actions/checkout action to v4 (#3257)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-18 10:47:07 -04:00
renovate[bot]
876274b39e
Update gh minor (#3077)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-18 10:39:38 -04:00
Ike
cd0f8ce411
only tracking TOTPs in cache (#3275) 2023-09-15 13:38:56 -07:00
Oscar Hinton
8b30b3c7fd
Refresh lockfiles (#3274) 2023-09-15 15:49:34 -04:00
Jared Snider
227178980a
PM-3925 - Tech Debt - Add missed tests for SSO Email 2FA Tokenable (#3270)
* PM-3925 - (1) Slightly refactor SsoEmail2faSessionTokenable to provide public static GetTokenLifeTime() method for testing  (2) Add missed tests to SsoEmail2faSessionTokenable

* PM-3925 - Take into account PR feedback
2023-09-15 14:54:52 -04:00
Justin Baur
c08a48cd19
Bump SignalR Redis Package (#3272) 2023-09-15 09:56:21 -04:00
Oscar Hinton
1fcf070765
Setup secrets, use switch instead of bool (#3269) 2023-09-14 14:39:13 +02:00
Alex Morask
f080763b6c
Add -legacy flag to openssl invocations (#3265) 2023-09-13 15:17:19 -04:00
Ike
d3aceea377
no longer cache remember me token (#3267) 2023-09-13 09:08:25 -04:00
Ike
b6d32129e6
made cache key more unique (#3266) 2023-09-12 13:39:14 -07:00
Joseph Flinn
0be766c98a
Manually move data migration scripts (#3264) 2023-09-12 07:34:50 -07:00
Jake Fink
f909563211
[PM-3487] prevent account enumeration on auth request endpoint (#3239) 2023-09-11 10:23:32 -04:00
Ike
917c657439
PM-2128 Enforce one time use of TOTP (#3152)
* enforcing one time MFA token use

* Updated cache TTL

* renamed the cache

* removed IP limit, added comment, updated cache Key

* fixed build errors
2023-09-09 17:35:08 -04:00
Thomas Avery
4b482f0a34
[SM-918] Enforce project maximums on import (#3253)
* Refactor MaxProjectsQuery for multiple adds

* Update unit tests

* Add max project enforcement to imports
2023-09-07 17:51:35 -05:00
Conner Turnbull
2aaef3cf64
[PM-289] Add taxIdType for more countries in TaxInfo (#3186)
* Add taxIdType for more countries in TaxInfo

* Removed Afghanistan tax ID

* Normalize country code in tax info model
2023-09-07 16:54:56 +00:00
Thomas Avery
b8b2efa767
Remove indexing from data migration (#3247) 2023-09-07 11:33:46 -05:00