1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-21 12:05:42 +01:00
Commit Graph

5170 Commits

Author SHA1 Message Date
Rui Tomé
4b76008245
[PM-11406] Account Management: Prevent a verified user from deleting their account (#4878)
* Add check for managed user before purging account

* Rename IOrganizationRepository.GetByClaimedUserDomainAsync to GetByVerifiedUserEmailDomainAsync and refactor to return a list. Remove ManagedByOrganizationId from ProfileResponseMode. Add ManagesActiveUser to ProfileOrganizationResponseModel

* Rename the property ManagesActiveUser to UserIsManagedByOrganization

* Remove whole class #nullable enable and add it to specific places

* [PM-11405] Account Deprovisioning: Prevent a verified user from changing their email address

* Remove unnecessary .ToList()

* Refactor IUserService methods GetOrganizationsManagingUserAsync and IsManagedByAnyOrganizationAsync to not return nullable objects. Update ProfileOrganizationResponseModel.UserIsManagedByOrganization to not be nullable

* Prevent deletion of accounts managed by an organization when Account Deprovisioning is enabled

* Add CannotDeleteManagedAccountViewModel and email templates

- Added CannotDeleteManagedAccountViewModel class to handle emails related to preventing deletion of accounts managed by an organization.
- Added HTML and text email templates for sending notifications about the inability to delete an account owned by an organization.
- Updated IMailService interface with a new method to send the cannot delete managed account email.
- Implemented the SendCannotDeleteManagedAccountEmailAsync method in HandlebarsMailService.
- Added a check in UserService to send the cannot delete managed account email if the user is managed by any organization.
- Added a no-op implementation for SendCannotDeleteManagedAccountEmailAsync in NoopMailService.

* Update error message when unable to purge vault for managed account

* Update error message when unable to change email for managed account

* Update error message when unable to delete account when managed by organization

* Update error message in test for deleting organization-owned accounts
2024-11-04 16:37:21 +00:00
Vince Grassia
a2654ce2ee
Bump project version (#4971) 2024-11-04 10:47:38 -05:00
Jonas Hendrickx
d53d9c0600
[PM-14443] Cannot view pending MOE provider page (#4970) 2024-11-04 16:43:48 +01:00
Rui Tomé
60672bbe48
[PM-10323] Remove user verification from organization user deletion methods (#4965) 2024-11-04 14:48:13 +00:00
cyprain-okeke
96862b974f
[PM-14365][Defect] Member of trialing org cannot log in app (#4968)
* decreased authorization level

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add some level of authorization

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* resolve the failing test

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Resolve the failing test

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-11-04 15:15:27 +01:00
cyprain-okeke
df4f8df485
Remove the time threshold feature flag (#4860)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-11-04 12:38:58 +01:00
Jonas Hendrickx
35b0f61986
[PM-13450] Admin: Display Multi-organization Enterprise attributes on provider details (#4955) 2024-11-04 06:45:25 +01:00
cyprain-okeke
fc719efee9
[PM-14365][Defect] Member of trialing org cannot log in app (#4967)
* changes to include subscription status metadata

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Fix the failing test

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Resolve the failing test

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-11-01 17:55:59 +01:00
Alex Morask
f149f247d5
Don't try to credit customer \$0 (#4964) 2024-11-01 12:55:07 -04:00
renovate[bot]
edd31bcf4e
[deps] Auth: Update Duende.IdentityServer to 7.0.8 [SECURITY] (#4953)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-31 14:40:46 -07:00
Matt Bishop
a04df4beba
Device deactivation (#4963)
* Device deactivation

* Check active status in service

* Format and work around potential deadlocks
2024-10-31 17:05:13 -04:00
tangowithfoxtrot
751fd33aef
fix: ensure vault URI is propagated from config.yml (#4925)
* fix: ensure vault URI matches Url from config.yml

* fmt: use camelCase for vaultUri

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2024-10-31 09:13:57 -07:00
Vince Grassia
997bf03d97
Update version to 2024.10.2 (#4962) 2024-10-31 11:40:54 -04:00
Alex Morask
249c39e71e
[PM-14275] Add IsManaged to OrganizationMetadata (#4957)
* Add IsManaged to OrganizationMetadata

* Remove subscription requirement from self-host eligibility check

* Remove unused service

* Run dotnet format
2024-10-31 11:01:37 -04:00
renovate[bot]
2893ca729f
[deps] Billing: Update swashbuckle-aspnetcore monorepo to 6.9.0 (#4948)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-31 11:02:23 +01:00
renovate[bot]
2abd37d2d7
[deps] DevOps: Update gh minor (#4945)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-30 11:23:50 -04:00
Brandon Treston
359c2787ad
[PM-11408] domain verification stat in portal and add cs delete permission (#4943)
* Add delete permission to cs role

* Add domain verification stat to portal

* add feature flag and unit tests

* fix test

* Refactor from PR feedback

* update comment
2024-10-30 10:45:53 -04:00
renovate[bot]
6cc097ec49
[deps] Platform: Update dotnet monorepo (#4886)
* [deps] Platform: Update dotnet monorepo

* Update patch version on missed monorepo packages

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Addison Beck <github@addisonbeck.com>
2024-10-28 13:35:14 -04:00
Brandon Treston
7f4bde1b6c
[PM-13730] Return Policy object instead of NotFoundException (#4911)
* Return Policy object instead of NotFoundException

* Add unit tests, change orgId type to Guid

* Fix test cases, throw exception when manage not allowed
2024-10-28 12:33:22 -04:00
Rui Tomé
c126fee296
[PM-11405] Account Management: Prevent a verified user from changing their email address (#4875)
* Add check for managed user before purging account

* Rename IOrganizationRepository.GetByClaimedUserDomainAsync to GetByVerifiedUserEmailDomainAsync and refactor to return a list. Remove ManagedByOrganizationId from ProfileResponseMode. Add ManagesActiveUser to ProfileOrganizationResponseModel

* Rename the property ManagesActiveUser to UserIsManagedByOrganization

* Remove whole class #nullable enable and add it to specific places

* [PM-11405] Account Deprovisioning: Prevent a verified user from changing their email address

* Remove unnecessary .ToList()

* Refactor IUserService methods GetOrganizationsManagingUserAsync and IsManagedByAnyOrganizationAsync to not return nullable objects. Update ProfileOrganizationResponseModel.UserIsManagedByOrganization to not be nullable

* Update error message when unable to purge vault for managed account

* Update error message when unable to change email for managed account

* Update expected error messages on unit tests

* Add TestFeatureService to Api.IntegrationTest.Helpers and use it on ApiApplicationFactory to be able to enable specific features for each test

* Add CreateVerifiedDomainAsync method to OrganizationTestHelpers

* Add tests to AccountsControllerTest to prevent changing email for managed accounts

* Remove setting the feature flag value in ApiApplicationFactory and set it on AccountsControllerTest

* Remove TestFeatureService class from Api.IntegrationTest.Helpers
2024-10-28 16:12:13 +00:00
renovate[bot]
cc6e41b42a
[deps] DbOps: Update Microsoft.Azure.Cosmos to 3.45.0 (#4949)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-28 10:29:34 -04:00
renovate[bot]
109ba14cf4
[deps] Tools: Update aws-sdk-net monorepo (#4946)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-28 10:02:40 +01:00
renovate[bot]
e2a69c432c
[deps] Tools: Update LaunchDarkly.ServerSdk to 8.6.0 (#4950)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-28 10:00:33 +01:00
Ike
d0c9953444
[PM-8213] Feature flag for new-device-verification (#4944) 2024-10-26 12:43:27 -04:00
Jonas Hendrickx
53ad9df003
[PM-13451] Update subscription setup process to support MOE providers (#4937) 2024-10-25 03:56:03 +02:00
Thomas Rittson
6272e84c92
Remove feature flag (#4931)
Co-authored-by: MtnBurrit0 <77340197+mimartin12@users.noreply.github.com>
2024-10-25 10:17:28 +10:00
Matt Gibson
f43f59e4b4
Register noop notification registration service for self host lacking necessary data (#4939) 2024-10-24 15:45:13 -04:00
Vince Grassia
9a499df0e7
BRE-344 - Add PR logic to Repository Management workflow (#4938) 2024-10-24 13:15:16 -06:00
Ike
c028c68d9c
[PM-6666] Two factor Validator refactor (#4894)
* initial device removal

* Unit Testing

* Finalized tests

* initial commit refactoring two factor

* initial tests

* Unit Tests

* initial device removal

* Unit Testing

* Finalized tests

* initial commit refactoring two factor

* initial tests

* Unit Tests

* Fixing some tests

* renaming and reorganizing

* refactored two factor flows

* fixed a possible issue with object mapping.

* Update TwoFactorAuthenticationValidator.cs

removed unused code
2024-10-24 10:41:25 -07:00
Jared McCannon
0c346d6070
[PM-10314] Auto-enable Single Org when a Domain is Verified (#4897)
Updated domain verification to auto-enable single org policy.
2024-10-24 10:13:45 -05:00
Rui Tomé
a128cf1506
[PM-12758] Add managed status to OrganizationUserDetailsResponseModel and OrganizationUserUserDetailsResponse (#4918)
* Refactor OrganizationUsersController.Get to include organization management status of organization users in details endpoint

* Refactor OrganizationUsersController.Get to include organization management status of an individual user in details endpoint

* Remove redundant .ToDictionary()

* Simpify the property xmldoc

* Name tuple variables in OrganizationUsersController.Get

* Name returned tuple objects in GetDetailsByIdWithCollectionsAsync method in OrganizationUserRepository

* Refactor MembersController.Get to destructure tuple returned by GetDetailsByIdWithCollectionsAsync

* Add test for OrganizationUsersController.Get to assert ManagedByOrganization is set accordingly
2024-10-24 15:39:35 +01:00
Jonas Hendrickx
d38c489443
[PM-13982] [Defect] Can no longer create providers due to foreign key conflict (#4935) 2024-10-24 08:34:27 +02:00
Thomas Rittson
4a1b90db48
Remove bulk-device-approval feature flag definition (#4930) 2024-10-24 08:09:07 +10:00
Jared Snider
e6245bbece
Auth/PM-12613 - Registration with Email Verification - Provider Invite Flow (#4917)
* PM-12613 - Add RegisterUserViaProviderInviteToken flow (needs manual, unit, and integration tests)

* PM-12613 - RegisterUserCommandTests - test register via provider inv

* PM-12613 - AccountsControllerTests.cs - Add integration test for provider

* PM-12613 - Remove comment

* PM-12613 - Add temp logging to help debug integration test failure in pipeline

* PM-12613 - WebApplicationFactoryBase.cs - add ConfigureServices

* PM-12613 - AccountsControllerTests.cs - refactor test to sidestep encryption

* PM-12613 - Per PR feedback, refactor AccountsController.cs and move token type checking into request model.

* PM-12613 - Remove debug writelines

* PM-12613 - Add RegisterFinishRequestModelTests
2024-10-23 18:06:24 -04:00
Jonas Hendrickx
a952d10637
[PM-13447] Add Multi Org Enterprise providers to Admin Console (#4920) 2024-10-23 12:10:50 -04:00
Daniel James Smith
39c560bbdd
Add generator-tools-modernization feature flag (#4933)
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2024-10-23 12:01:23 -04:00
MtnBurrit0
724f2ee5e5
Secure inputs (#4927) 2024-10-22 10:29:57 -06:00
MtnBurrit0
bf976706f7
Manage ephemeral configs (#4926)
* Add ephemeral-environment label and cleanup workflow call

* Update workflow call to main

* switch to process.env
2024-10-22 10:24:25 -06:00
Matt Gibson
f44a59f7a9
Shard notification hub (#4450)
* Allow for binning of comb IDs by date and value

* Introduce notification hub pool

* Replace device type sharding with comb + range sharding

* Fix proxy interface

* Use enumerable services for multiServiceNotificationHub

* Fix push interface usage

* Fix push notification service dependencies

* Fix push notification keys

* Fixup documentation

* Remove deprecated settings

* Fix tests

* PascalCase method names

* Remove unused request model properties

* Remove unused setting

* Improve DateFromComb precision

* Prefer readonly service enumerable

* Pascal case template holes

* Name TryParse methods TryParse

* Apply suggestions from code review

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* AllClients is a set of clients and must be deduplicated

* Fix registration start time

* Add logging to initialization of a notification hub

* more logging

* Add lower level logging for hub settings

* Log when connection is resolved

* Improve log message

* Log pushes to notification hub

* temporarily elevate log messages for visibility

* Log in multi-service when relaying to another push service

* Revert to more reasonable logging free of user information

* Fixup merge

Deleting user was extracted to a command in #4803, this updates that work to use just the device ids as I did elsewhere in abd67e8ec

* Do not use bouncy castle exception types

* Add required services for logging

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
2024-10-22 12:20:57 -04:00
Michał Chęciński
00bfcb5fa5
[BRE-101] Remove dept-devops from CODEOWNERS (#4176) 2024-10-22 10:37:43 -04:00
Rui Tomé
7b5e0e4a64
[PM-13836] Refactor IPolicyService to remove unnecessary IOrganizationService dependency (#4914) 2024-10-22 10:38:01 +01:00
Thomas Rittson
dfa411131d
[PM-13322] [BEEEP] Add PolicyValidators and refactor policy save logic (#4877) 2024-10-22 09:18:34 +10:00
Vince Grassia
75cc907785
Bump version to 2024.10.1 (#4921) 2024-10-21 20:55:12 +00:00
Alex Morask
a2109175b0
Add self-host eligibility to organization metadata (#4867) 2024-10-21 14:02:21 -04:00
Thomas Avery
2c4dd3ea12
Fix swap notification commands to use UtcNow (#4919) 2024-10-21 12:10:03 -05:00
Jonas Hendrickx
f82c0e3742
[PM-10703] Admin Portal Selecting Families plan does not check default features (#4859) 2024-10-21 17:57:18 +02:00
Alex Morask
f61a017c17
[PM-13834] Skip providers that have no clients during migration (#4913)
* Skip providers that have no clients during migration

* Remove enabled requirement from migrator
2024-10-21 08:54:15 -04:00
Alex Morask
5d15750b80
[PM-13717] Fix legacy credit rebate for migrated MSPs (#4906)
* Fix legacy credit rebate for migrated MSPs

* Run dotnet format
2024-10-21 08:54:06 -04:00
Opeyemi
c809794642
[BRE-372] - Clean up document start (#4915) 2024-10-21 13:11:59 +01:00
rkac-bw
27760bd190
[PM-13843] Optimize collectioncipher readbyuserid (#4916)
* Optimise stored procedure Collectioncipher_ReadByUserId

* Optimise stored procedure Collectioncipher_ReadByUserId

* Optimise stored procedure Collectioncipher_ReadByUserId
2024-10-18 11:28:31 -06:00