1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-30 13:33:24 +01:00
Commit Graph

3115 Commits

Author SHA1 Message Date
Chad Scharf
1b8b9b7539
Email length in IdSv4 config needed to be 256 (#1255) 2021-04-01 10:56:55 -04:00
Oscar Hinton
10d9e6c687
Change UserVerificationRequirement to Discouraged (#1250) 2021-03-31 16:20:15 +02:00
Matt Gibson
022e404cc5
Attachment blob upload (#1229)
* Add Cipher attachment upload endpoints

* Add validation bool to attachment storage data

This bool is used to determine whether or not to renew upload links

* Add model to request a new attachment to be made for later upload

* Add model to respond with created attachment.

The two cipher properties represent the two different
cipher model types that can be returned. Cipher Response from
personal items and mini response from organizations

* Create Azure SAS-authorized upload links for both one-shot and block uploads

* Add service methods to handle delayed upload and file size validation

* Add emergency access method for downloading attachments direct from Azure

* Add new attachment storage methods to other services

* Update service interfaces

* Log event grid exceptions

* Limit Send and Attachment Size to 500MB

* capitalize Key property

* Add key validation to Azure Event Grid endpoint

* Delete blob for unexpected blob creation events

* Set Event Grid key at API startup

* Change renew attachment upload url request path to match Send

* Shore up attachment cleanup method.

As long as we have the required information, we should always delete
attachments from each the Repository, the cipher in memory, and the
file storage service to ensure they're all synched.
2021-03-30 18:41:14 -05:00
Thomas Rittson
908decac5e
Add unit test for hiding emails on sends (#1246)
* Add unit test for hiding emails on sends

* Fix dependencies
2021-03-31 07:21:46 +10:00
Thomas Rittson
ea9849245d
Add Fido2 to Portal services (#1248)
* Add Fido2 to Portal services

* Add Fido2 to Sso services
2021-03-31 07:13:59 +10:00
Anish Krishnaswamy
7b2273c46a
Adding logout message when logging out of business portal (#1249) 2021-03-30 16:55:29 -04:00
Daniel Brown
261916daf6
add stackapps.com in global equivalent domains (#1209)
stackapps.com belongs to Stack Exchange
see https://stackexchange.com/sites
2021-03-30 16:40:08 -04:00
Vincent Salucci
296e3d881d
[Reset Password] Enrollment API, Service, and Model updates (#1245)
* [Reset Password] Enrollment API, Service and Model updates

* Added conditional check for calling User's ID
2021-03-30 09:48:52 -05:00
Oscar Hinton
339292f536
Fix emergency access migration not working (#1244) 2021-03-29 17:28:36 +02:00
Thomas Rittson
688cc00d48
Hide email address in Sends (#1234)
* Add send HideEmail to tables and models

* Respect HideEmail setting for Sends

* Recreate SendView to include new HideEmail column

* Enforce new Send policy

* Insert default value for new HideEmail column

* Delete c95d7598-71cc-4eab-8b08-aced0045198b.json

* Remove unrelated files

* Revert disableSendPolicy, add sendOptionsPolicy

* Minor style fixes

* Update SQL project with Send.HideEmail column

* unit test SendOptionsPolicy.DisableHideEmail

* Add SendOptionsPolicy to Portal

* Make HideEmail nullable, fix migrator script

* Remove NOT NULL constraint from HideEmail

* Fix style

* Make HideEmail nullable

* minor fixes to model and error message

* Move SendOptionsExemption banner

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-03-29 07:56:56 +10:00
Kyle Spearrin
94249747b4
Update README.md 2021-03-26 14:18:03 -04:00
Kyle Spearrin
50ddec2504
Update LICENSE_FAQ.md 2021-03-26 14:16:19 -04:00
Kyle Spearrin
48f69b2644
Update LICENSE.txt 2021-03-26 14:09:28 -04:00
Kyle Spearrin
88aa742535
Update LICENSE_BITWARDEN.txt 2021-03-26 14:08:09 -04:00
Kyle Spearrin
d4ae409b04
Update TRADEMARK_GUIDELINES.md 2021-03-26 14:04:27 -04:00
Kyle Spearrin
abca64d822
Create TRADEMARK_GUIDELINES.md 2021-03-26 14:02:08 -04:00
Daniel James Smith
e6902179f8
Fixes: #1101 - Fixed ModelValidators and validation methods (#1242)
* Extend StringLength attributes for emails to 256 char

* Modified validations to check email lengths > 256
2021-03-25 14:21:23 -04:00
Matt Gibson
584d3e771c
Throw error if not enough seats available for a sync (#1241)
* BadRequest if a sync cannot be completed due to seat count

* Comment the reason for the suppressed exception
2021-03-25 08:42:04 -05:00
Chad Scharf
c09ae5f906
ReferenceEvent Rebilled missing data (#1240) 2021-03-24 15:27:16 -04:00
Chad Scharf
a2f33176aa
Fix column NULLness for OrganizationUser table (#1239)
Fix column `NULL`ness for OrganizationUser table in Upgrade script; prior PR I missed in the upgrade script submitted that the ALTER COLUMN statement incorrectly set the column to `NOT NULL` when the table definition had it correctly as `NULL`.
2021-03-24 12:50:57 -04:00
Daniel James Smith
41ec23631a
Fixed badge link to open workflows on master (#1238) 2021-03-24 10:13:37 -04:00
Matt Gibson
7e127cec13
Support encrypted RSA 4096 keys (#1236)
Testing showed 4096 keys with minimal comments resulted in 4680
characters. Round to 5000 for a buffer.
2021-03-23 16:40:28 -05:00
Vincent Salucci
0cfd50382d
[Reset Password] Update all existing tables/sprocs/migrator scripts (#1235) 2021-03-23 16:04:11 -05:00
Daniel James Smith
fccf5cc00e
Remove appveyor.yml and replaced badge in README.md (#1231)
* Remove appveyor.yml

* Replaced appveyor badge with GitHub workflow badge
2021-03-23 16:25:23 -04:00
Joseph Flinn
7bb26a7203
K8s Proxy CI Build (#1233)
* adding the new k8s-proxy container to the server build

* updating the file path fore the new dockerfile
2021-03-23 11:19:01 -07:00
Oscar Hinton
07f37d1f74
WebAuthn (#903) 2021-03-22 23:21:43 +01:00
Oscar Hinton
905b4b06da
Add identifiers to Triggers and Jobs (#1230) 2021-03-22 20:54:12 +01:00
Vincent Salucci
7309a37bdc
[Bug] Updated incorrect formatting/spelling on migrator script (#1228) 2021-03-22 10:24:28 -05:00
curlew
455e4b25cf
Add protonmail/protonvpn global equivalent domains (#1224) 2021-03-22 11:08:34 -04:00
Matt Gibson
989d4df599
Direct upload to Azure/Local (#1188)
* Direct upload to azure

To validate file sizes in the event of a rogue client, Azure event webhooks
will be hooked up to AzureValidateFile.
Sends outside of a grace size will be deleted as non-compliant.

TODO: LocalSendFileStorageService direct upload method/endpoint.

* Quick respond to no-body event calls

These shouldn't happen, but might if some errant get requests occur

* Event Grid only POSTS to webhook

* Enable local storage direct file upload

* Increase file size difference leeway

* Upload through service

* Fix LocalFileSendStorage

It turns out that multipartHttpStreams do not have a length
until read. this causes all long files to be "invalid". We need to
write the entire stream, then validate length, just like Azure.

the difference is, We can return an exception to local storage
admonishing the client for lying

* Update src/Api/Utilities/ApiHelpers.cs

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Do not delete directory if it has files

* Allow large uploads for self hosted instances

* Fix formatting

* Re-verfiy access and increment access count on download of Send File

* Update src/Core/Services/Implementations/SendService.cs

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Add back in original Send upload

* Update size and mark as validated upon Send file validation

* Log azure file validation errors

* Lint fix

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-03-21 23:01:19 -05:00
Thomas Rittson
fd42b227b3
Update dev setup guide (#1222)
* Update dev setup guide with current best practice

* Minor amendments to setup instructions

* Move vault_dev migrator script to its own file

* Fix typo, use command line args for SA_PASSWORD

* Move setup guide to its own file

* fix typo
2021-03-22 07:56:31 +10:00
Thomas Rittson
694347e8d3
Fix no licence expiration date on self-hosted (#1217)
* Use our expiration date if no next billing date

* Remove unnecessary null checks

* Remove null check
2021-03-19 08:05:57 +10:00
Daniel James Smith
aea85ea0eb
Fixes #1101: Extend email column length to 256 characters (MSSQL) (#1191)
* Fixes bitwarden/server/#1101 - Extended length of Email column to 256 characters - Installation

* Fixes bitwarden/server/#1101 - Extended length of Email column to 256 characters - User

* Fixes bitwarden/server/#1101 - Extended length of BillingEmail column to 256 characters - Organization

* Fixes bitwarden/server/#1101 - Extended length of Email column to 256 characters - OrganizationUser

* Fixes bitwarden/server/#1101 - Extended length of Email column to 256 characters - EmergencyAccess

* Fixes bitwarden/server/bitwarden#1101 - Fixed issues after PR review
2021-03-18 16:43:49 -04:00
Thomas Rittson
d0f7750650
Don't use dev licensing cert if self-hosted (#1216) 2021-03-18 07:21:00 +10:00
Alex
5876820994
The other outdated link (#1215)
I forgot there was also a PowerShell command.
2021-03-15 09:40:28 -04:00
Yannik Jérôme Büchi
2c0dd4bf88
Update bitwarden.sh (#1203) 2021-03-15 09:29:23 -04:00
Yannik Jérôme Büchi
115948d1d7
Update bitwarden.ps1 (#1202)
* Update bitwarden.ps1

* Update scripts/bitwarden.ps1

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-03-15 09:29:03 -04:00
Daniel James Smith
0f7e8dc806
Fixes #1101: Extend email column length to 256 characters (Postgres) (#1192) 2021-03-12 14:28:30 -05:00
Kendra Todd
39f9f15bd4
Correct localhost port number in README (#1204)
Co-authored-by: Kendra Todd <ktodd@bitwarden.com>
2021-03-11 13:32:41 -07:00
João Miguel Campos
52d29aef94
Add quickfix for problem with src/Identity (#1201) 2021-03-11 11:00:17 -05:00
Thomas Rittson
df7a035d9b
Minor release version bump 1.40.0 (#1199) 2021-03-10 11:19:40 -05:00
Alex
37c7dd713d
Outdated link (#1200)
The anchor https://bitwarden.com/help/article/install-on-premise/#script-commands no longer exist, it should be https://bitwarden.com/help/article/install-on-premise/#script-commands-reference
2021-03-10 08:36:06 -05:00
Matt Gibson
a83cbf965e
MultiplartSectionBody streams have 0 length until read. (#1196) 2021-03-09 10:49:49 -06:00
Matt Gibson
7d5b835a79
Use Any from Linq, not internal Entity Framework Any (#1194) 2021-03-08 15:13:43 -06:00
Matt Gibson
edb13bbba8
Push syncs on Send Access (#1190)
* Push syncs on Send Access

* Revert "Push syncs on Send Access"

This reverts commit 6a3eb7af4f.

* Push update of Send directly since we can't use SaveSendAsync method
2021-03-05 18:36:20 -06:00
Joseph Flinn
c19121948d
adding docker to the rc branch workflow (#1183) 2021-03-04 13:21:27 -08:00
Joseph Flinn
41341d6807
adding in the docker push for the rc images (#1182) 2021-03-04 09:50:32 -08:00
Joseph Flinn
8ad9a42854
adding release branch build and docker tag/push (#1181) 2021-03-04 09:15:30 -08:00
Thomas Rittson
a18e1b7dca
Exempt owners and admins from single org and 2FA policy (#1171)
* Fix single org policy when creating organization

Exclude owners and admins from policy when creating new org

* Fix single org and 2FA policy on accepting invite

Exclude owners and admins from policies

* Remove looped async calls

* Fix code style and formatting
2021-03-03 08:15:42 +10:00
Matt Gibson
c2d34d7271
Fix send file length always zero (#1175)
* HttpStream must be read prior to knowing it length

We also need to create the send prior to saving the stream so we
have well defined save location. Solve chicken-and-egg problem by saving
the Send twice. This also allows for validation that the stream received
is the same length as that promissed by the content-length header

* Get encrypted file length from request
2021-03-02 09:27:11 -06:00