1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-26 12:55:17 +01:00
Commit Graph

4400 Commits

Author SHA1 Message Date
Conner Turnbull
a2e6550b61
[PM-5766] Enabled Automatic Tax for all customers (#3685)
* Removed TaxRate logic when creating or updating a Stripe subscription and replaced it with AutomaticTax enabled flag

* Updated Stripe webhook to update subscription to automatically calculate tax

* Removed TaxRate unit tests since Stripe now handles tax

* Removed test proration logic

* Including taxInfo when updating payment method

* Adding the address to the upgrade free org flow if it doesn't exist

* Fixed failing tests and added a new test to validate that the customer is updated
2024-01-29 09:48:59 -05:00
aj-rosado
c2b4ee7eac
[AC-1782] Import can manage (#3453)
* Changed Import permissions validation to check if the user CanCreate a Collection

* Corrected authorized to import validation allowing import without collections when the user is admin

* Added validation to check if user can import ciphers into existing collections

* swapped feature flag flexible collections with org property

* Removed unused feature service from ImportCiphersController

* Improved code readability

* added null protection against empty org when checking for FlexibleCollections flag
2024-01-29 14:46:34 +00:00
Todd Martin
114b72d738
[PM-5638] Bump minimum client version for vault item encryption (#3711)
Co-authored-by: Carlos Gonçalves <cgoncalves@bitwarden.com>
2024-01-26 17:00:37 -05:00
Matt Bishop
59b40f36d9
Feature flag code reference collection (#3444)
* Feature flag code reference collection

* Provide project

* Try another key

* Use different workflow

* Touch a feature flag to test detection

* Adjust permissions

* Remove another flag

* Bump workflow

* Add label

* Undo changes to constants

* One more test

* Fix logic

* Identify step

* Try modified

* Adjust a flag

* Remove test

* Try with Boolean

* Changed

* Undo flag change again

* Ignore Renovate

Co-authored-by: MtnBurrit0 <77340197+mimartin12@users.noreply.github.com>

* Line break

---------

Co-authored-by: MtnBurrit0 <77340197+mimartin12@users.noreply.github.com>
2024-01-26 14:20:12 -05:00
Todd Martin
2763345e9e
[PM-3777[PM-3633] Update minimum KDF iterations when creating new User record (#3687)
* Updated minimum iterations on new Users to the default.

* Fixed test I missed.
2024-01-25 10:59:53 -05:00
Rui Tomé
bac06763f5
[AC-1682] Flexible collections: data migrations for deprecated permissions (#3437)
* [AC-1682] Data migrations for OrgUsers or Groups with AccessAll enabled

* [AC-1682] Added script to update [dbo].[CollectionUser] with [Manage] = 1 for all users with Manager role or 'EditAssignedCollections' permission

* [AC-1682] Updated sql data migration procedures with performance recommendations

* [AC-1682] Moved data migration scripts to DbScripts_transition folder

* Apply suggestions from code review: Remove Manage permission from Collection assignments

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [AC-1682] Removed unnecessary Collection table join on ManagersEditAssignedCollectionUsers sql script

* [AC-1682] Change JOIN to INNER JOIN in SQL scripts

* [AC-1682] Renamed sql script to recent date and added correct order to file name

* [AC-1682] Add new rows to CollectionUser for Managers and users with EditAssignedCollections permission assigned to groups with collection access

* [AC-1682] Update FC data migration scripts to clear AccessAll flags and set all Managers to Users

* [AC-1682] Updated data migration scripts to bump the account revision date

* [AC-1682] Created Organization_EnableCollectionEnhancements to migrate organization data for flexible collections

* [AC-1682] Added script to migrate all organization data for flexible collections

* [AC-1682] Deleted old data migration scripts

* Revert "[AC-1682] Deleted old data migration scripts"

This reverts commit 54cc6fab8f.

* [AC-1682] Modified AccessAllCollectionUsers script to bump revision date by each OrgUser

* [AC-1682] Update data migration script to only enable collection enhancements for organizations that have not yet migrated

* [AC-1682] Updated AccessAllCollectionGroups migration script to use User_BumpAccountRevisionDateByCollectionId

* [AC-1682] Bumped up the date on data migration scripts

* [AC-1682] Added back batching system to AccessAllCollectionUsers data migration script

* [AC-1682] Added data migration script to set FlexibleCollections = 1 for all orgs

* [AC-1682] Modified data migration script to contain multiple transactions

* [AC-1682] Deleted old data migration scripts

* [AC-1682] Placed temp tables outside transactions

* [AC-1682] Removed batching from AllOrgsEnableCollectionEnhancements script

* [AC-1682] Removed bulk data migration script

* [AC-1682] Refactor stored procedure to enable collection enhancements

* [AC-1682] Added missing where clause

* [AC-1682] Modified data migration script to have just one big transaction

* [AC-1682] Combining all updated OrganizationUserIds to bump all revision dates at the same time

* Update src/Sql/dbo/Stored Procedures/Organization_EnableCollectionEnhancements.sql

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [AC-1682] Renamed aliases

* [AC-1682] Simplified inner queries

* [AC-1682] Bumping each modified groups RevisionDate

* [AC-1682] Removed updating CollectionUser existing records with [ReadOnly] = 0 and [HidePasswords] = 0

* [AC-1682] Updating OrganizationUser RevisionDate

* [AC-1682] Updated the stored procedure file

* [AC-1682] Selecting distinct values to insert into CollectionUser table

* Revert "[AC-1682] Removed updating CollectionUser existing records with [ReadOnly] = 0 and [HidePasswords] = 0"

This reverts commit 086c88f3c6.

* [AC-1682] Bumped up the date on the migration script

* [AC-1682] Updating OrganizationUser RevisionDate

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2024-01-25 14:08:09 +00:00
Andreas Coroiu
c4625c6c94
[PM-5819] fix: return empty string if name is null (#3691) 2024-01-25 14:50:13 +01:00
Thomas Rittson
10f590b4e7
[AC-2026] Add flexible collections opt-in endpoint (#3643)
Stored procedure to be added in AC-1682
2024-01-25 16:57:57 +10:00
Ike
0deb13791a
[PM-4614] Updating Duo to SDK v4 for Universal Prompt (#3664)
* added v4 updates

* Fixed packages.

* Null checks and OrganizationDuo

* enable backwards compatibility support

* updated validation

* Update DuoUniversalPromptService.cs

add JIRA ticket for cleanup

* Update BaseRequestValidator.cs

* updates to names and comments

* fixed tests

* fixed validation errros and authURL

* updated naming

* Filename change

* Update BaseRequestValidator.cs
2024-01-24 10:13:00 -08:00
Matt Bishop
7577da083c
Remove unused ACT test (#3701) 2024-01-24 13:08:57 -05:00
Matt Gibson
8dc8b681bb
Vault/pm 4185/checksum uris (#3418)
* Add checksum to Login Uri models

* Revert "Revert "Add checksum to Login Uri models (#3318)" (#3417)"

This reverts commit b44887d125.

* PM-4810 Bumped up minimum version

---------

Co-authored-by: Carlos Gonçalves <cgoncalves@bitwarden.com>
Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
Co-authored-by: Carlos Gonçalves <carlosmaccam@gmail.com>
2024-01-24 17:23:09 +00:00
Shane Melton
99762667e9
[AC-1890] Include collection permission details in PUT/POST response (#3658)
* [Ac-1890] Return CollectionDetailsResponseModel for collection PUT/POST endpoints when a userId is available in the current context

* [AC-1890] Fix broken tests

* [AC-1890] Update to use Organization FC column
2024-01-24 08:26:37 -08:00
Vince Grassia
243e1de4ee
Update Renovate config (#3700) 2024-01-24 15:26:05 +00:00
Daniel James Smith
0389c1d0dd
Update paths to point to main instead of master (#3699)
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2024-01-24 09:48:03 -05:00
Daniel James Smith
17ebbe9d9f
[AC-2021] Bump import limits (#3698)
* Increase individual import limits

* Increase organizational import limits

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2024-01-24 11:18:20 +00:00
Vince Grassia
26ee43b770
Update logic for Docker image tag (#3695) 2024-01-23 21:03:11 +00:00
Matt Bishop
c63db733e0
Workflow linting and test separation (#3684)
* Workflow linting and test separation

* Name linting step

* Few more renames

* Database testing consolidation

* Few more renames and tweaks
2024-01-23 13:24:52 -05:00
Vincent Salucci
aeca1722fc
[AC-1880] - Public API - Update collection permission associations with Manage property (#3656)
* Add missing hide-passwords permission to api models

* Update src/Api/Auth/Models/Public/AssociationWithPermissionsBaseModel.cs

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* Rename ToSelectionReadOnly to ToCollectionAccessSelection

* Remove Required attribute which would break backwards compatability

* Update src/Api/Auth/Models/Public/Request/AssociationWithPermissionsRequestModel.cs

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* feat: add Manage property to collection permissions associations, refs AC-1880

* feat: throw if not allowed to send manage property, refs AC-1880

* fix: format, refs AC-1880

* feat: replace ambiguous call for all organizations in cache with specific orgId, refs AC-1880

* feat: move all property assignements back into CollectionAccessSelection init, refs AC-1880

* feat: align bad request messaging, refs AC-1880

---------

Co-authored-by: Daniel James Smith <djsmith@web.de>
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2024-01-22 10:44:33 -06:00
Shane Melton
e6bb6e1114
[PM-5788] Ensure Collection Service respects Flexible Collections falg (#3686)
* [PM-5788] Ensure the organization has FC enabled before enforcing a user/group with Manage permissions

* [PM-5788] Fix unit test
2024-01-22 08:05:42 -08:00
Thomas Rittson
77698c3ee2
[AC-2052] Block Manager role and AccessAll if using FlexibleCollections (#3671)
* Also don't assign AccessAll to the first orgUser if using Flexible Collections
2024-01-22 08:56:20 +10:00
Kyle Spearrin
4b6299a055
[PM-5149] unique SP entity id for organization sso configs (#3520)
* org specific sp entity id

* updates

* dont default true
2024-01-18 16:54:01 -05:00
Oscar Hinton
ef359c3cf1
[PM-5566] Remove U2F keys from TwoFactorProviders (#3645)
* Remove U2F keys from TwoFactorProviders

* Remove U2f from Premium check.
2024-01-18 11:54:57 -05:00
Matt Bishop
974d23efdd
Establish IFeatureService as scoped (#3679)
* Establish IFeatureService as scoped

* Lint

* Feedback around injection
2024-01-18 09:47:34 -05:00
renovate[bot]
cd006f3779
[deps] Platform: Update Microsoft.Data.SqlClient to v5.1.4 (#3680)
* [deps] Platform: Update Microsoft.Data.SqlClient to v5.1.4

* Remove Explicit Dep

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2024-01-17 15:43:40 -05:00
Thomas Avery
880ceafe9f
[BEEEP] [SM-1059] Add missing auth table indexes to EF config (#3625)
* Add missing indexes to EF auth tables

* Add EF migrations
2024-01-17 10:42:43 -06:00
Thomas Rittson
96f9fbb951
[AC-2027] Update Flexible Collections logic to use organization property (#3644)
* Update optionality to use org.FlexibleCollections

Also break old feature flag key to ensure it's never enabled

* Add logic to set defaults for collection management setting

* Update optionality logic to use org property

* Add comments

* Add helper method for getting individual orgAbility

* Fix validate user update permissions interface

* Fix tests

* dotnet format

* Fix more tests

* Simplify self-hosted update logic

* Fix mapping

* Use new getOrganizationAbility method

* Refactor invite and save orgUser methods

Pass in whole organization object instead of using OrganizationAbility

* fix CipherService tests

* dotnet format

* Remove manager check to simplify this set of changes

* Misc cleanup before review

* Fix undefined variable

* Refactor bulk-access endpoint to avoid early repo call

* Restore manager check

* Add tests for UpdateOrganizationLicenseCommand

* Add nullable regions

* Delete unused dependency

* dotnet format

* Fix test
2024-01-17 12:33:35 +00:00
renovate[bot]
ef37cdc71a
[deps] Billing: Update Braintree to v5.23.0 (#3678)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-16 15:47:26 -05:00
renovate[bot]
f09bc43b04
[deps] Billing: Update BenchmarkDotNet to v0.13.12 (#3677)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-16 15:46:22 -05:00
Bitwarden DevOps
dca8d00f54
Bumped version to 2024.1.2 (#3674) 2024-01-16 17:02:24 +00:00
Bitwarden DevOps
40d5e6ac73
Bumped version to 2024.1.1 (#3673) 2024-01-16 14:39:33 +00:00
Matt Bishop
b97a1a9ed2
[PM-5519] [PM-5526] [PM-5624] [PM-5600] More Grant SQL fixes (#3668)
* SQLite scripts to apply autoincrementing Id key

* Drop erroneous Id column if created
2024-01-16 09:08:55 -05:00
Matt Bishop
c12c09897b
Remove Renovate .NET constraint (#3670) 2024-01-16 09:08:09 -05:00
Alex Morask
52f3fa0f95
Make billing email field uneditable for organizations' (#3591)
Co-authored-by: Conner Turnbull <133619638+cturnbull-bitwarden@users.noreply.github.com>
2024-01-16 08:38:20 -05:00
renovate[bot]
2df5fe1340
[deps] SM: Update EntityFrameworkCore to v7.0.15 (#3666)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-12 16:30:23 -07:00
renovate[bot]
da907c879b
[deps] SM: Update Dapper to v2.1.28 (#3665)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-12 16:18:05 -05:00
Alex Morask
95139def0f
[AC-1758] Implement RemoveOrganizationFromProviderCommand (#3515)
* Add RemovePaymentMethod to StripePaymentService

* Add SendProviderUpdatePaymentMethod to HandlebarsMailService

* Add RemoveOrganizationFromProviderCommand

* Use RemoveOrganizationFromProviderCommand in ProviderOrganizationController

* Remove RemoveOrganizationAsync from ProviderService

* Add RemoveOrganizationFromProviderCommandTests

* PR review feedback and refactoring

* Remove RemovePaymentMethod from StripePaymentService

* Review feedback

* Add Organization RisksSubscriptionFailure endpoint

* fix build error

* Review feedback

* [AC-1359] Bitwarden Portal Unlink Provider Buttons (#3588)

* Added ability to unlink organization from provider from provider edit page

* Refreshing provider edit page after removing an org

* Added button to organization to remove the org from the provider

* Updated based on product feedback

* Removed organization name from alert message

* Temporary logging

* Remove coupon from Stripe org after disconnected from MSP

* Updated test

* Change payment terms on org disconnect from MSP

* Set Stripe account email to new billing email

* Remove logging

---------

Co-authored-by: Conner Turnbull <133619638+cturnbull-bitwarden@users.noreply.github.com>
Co-authored-by: Conner Turnbull <cturnbull@bitwarden.com>
2024-01-12 10:38:47 -05:00
Daniel James Smith
505508a416
[PM-5553] Move Org-Export to tools (#3639)
* Move Org-Export to tools

* Make linter happy

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2024-01-12 15:13:29 +00:00
Thomas Rittson
297cc8c8e1
SwaggerUI - persist authorization in dev mode (#3655) 2024-01-12 08:14:12 +10:00
Matt Bishop
db4d7aa609
[PM-5519] [PM-5526] [PM-5624] [PM-5600] Tweak EF settings for MySQL grant auto-increment (#3662)
* Tweak EF settings for grant auto-increment

* Go back to zero generated default as that doesn't matter

* Explicit value generation callout

* Go with custom SQL for direct automatic increment

* Proper column creation

* Lint
2024-01-11 16:06:29 -05:00
Matt Bishop
23f9d2261d
[PM-5548] Eliminate in-app purchase logic (#3640)
* Eliminate in-app purchase logic

* Totally remove obsolete and unused properties / types

* Remove unused enum values

* Restore token update
2024-01-11 15:26:32 -05:00
Todd Martin
b9c6e00c2d
[PM-5659] Add null check on policy query when building invite link (#3659)
* Added null check on policy query.

* PM-5659 - OrganizationServiceTests.cs - Add test for scenario in which an org has never turned on the RequireSSO policy and it will be null

* dotnet format

---------

Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2024-01-11 09:58:15 -05:00
Thomas Rittson
b829812a3f
[AC-2025] Add Organization.FlexibleCollections to database and sprocs (#3642)
* Add Organization.FlexibleCollections property and column

* Add new property to OrganizationAbility

* Add SQL and EF migrations
2024-01-11 13:25:57 +10:00
Kyle Spearrin
6fbb790988
use proper Grant entity model for Dapper mapping (#3657) 2024-01-10 14:18:08 -05:00
Thomas Avery
3392ede534
[BEEEP][SM-1062] Add missing table indexes to EF config (#3628)
* Add missing EF indexes

* Add EF migrations

* move configs

* regenerate migrations
2024-01-10 12:03:16 -06:00
Todd Martin
956efbdb39
[PM-2260] Remove TDE feature flag (#3614)
* Remove TDE feature flag.

* Removed references to feature service from decryption options builder.

* Removed redundant references.

* Removed test that is no longer valid, as it was testing the feature flag.

* Removed remainder of TDE feature check.
2024-01-10 12:33:19 -05:00
Matt Bishop
06d0d933ee
Add Entity Framework paths as owned by DbOps (#3654) 2024-01-10 10:52:54 -05:00
Kyle Spearrin
a6db79f613
[PM-5645] Cosmos DB Grant Storage (#3634)
* table storage grants

* simple shard on storage accounts

* use is not

* cosmos grant repo

* remove single storage connection string

* some fixes to dapper grant repo

* pattern matching

* add fallback to base PersistedGrantStore

* service collection extension cleanup

* cleanup

* remove unused Id

* empty string rowkey

* fix sharding method logic

* ttl for cosmos

* make ttl an int

* fixes to cosmos implementation

* fix partition key values

* catch notfound exceptions

* indenting

* update grantitem with custom serialization

* use new transform helpers

* grantloader perf test tool

* ref

* remove grant loader project

* remove table storage implementation

* remove table storage stuff

* all redis fallback to build to null

* revert sln file change

* EOF new line

* remove trailing comma

* lint fixes

* add grant to names

* move cosmos serilaizer to utils

* add some .net 8 keyed service comments

* EnableContentResponseOnWrite

* Fix type in EF grant repository
2024-01-10 12:59:16 +00:00
Daniel James Smith
03cbc7983b
[PM-2730] Add missing hide-passwords permission to api models (#3125)
* Add missing hide-passwords permission to api models

* Update src/Api/Auth/Models/Public/AssociationWithPermissionsBaseModel.cs

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* Rename ToSelectionReadOnly to ToCollectionAccessSelection

* Remove Required attribute which would break backwards compatability

* Update src/Api/Auth/Models/Public/Request/AssociationWithPermissionsRequestModel.cs

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2024-01-09 22:32:14 +01:00
Thomas Avery
a480bd16e4
[BEEEP] [SM-1060] Add missing tools table indexes to EF config (#3626)
* Add missing indexes

* Add EF migrations
2024-01-09 09:46:45 -06:00
renovate[bot]
8daa754ecb
[deps] Tools: Update aws-sdk-net monorepo to v3.7.300.31 (#3649)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-08 13:36:01 +01:00