1
0
mirror of https://github.com/bitwarden/server.git synced 2024-12-27 17:47:37 +01:00
Commit Graph

105 Commits

Author SHA1 Message Date
Matt Gibson
8f0115e62f
Check canScale when scaling for sso (#1661)
* Check canScale when scaling for sso

* PR review

Use AutoAddSeats to add seats in a consistent way.
This requires moving user check out of that method.

* User logic moved out of method
2021-10-25 10:19:37 -05:00
Oscar Hinton
c5d5601464
Add support for crypto agent (#1623) 2021-10-25 15:09:14 +02:00
Matt Gibson
18006591fc
Add autoscale to SSO auto provision (#1642) 2021-10-19 07:00:44 -05:00
Joseph Flinn
ee7b608a46
revamping the build scripts (#1620) 2021-10-08 09:53:56 -07:00
Oscar Hinton
79447b6671
Remove Business Portal (#1614) 2021-10-06 10:39:13 +02:00
Oscar Hinton
fbf3e0dcdc
Run full test suite (#1597)
* Run all tests
2021-09-27 19:34:55 +02:00
Addison Beck
bccd7eb0ba
add web fonts directly to styles for web apps (#1598) 2021-09-24 15:55:18 -04:00
Matt Gibson
d39f45c81c
Organization autoscaling (#1585)
* Add autoscale fields to Organization

* Add autoscale setting changes

* Autoscale organizations

updates InviteUsersAsync to support all invite sources.

sends an email to org owners when organization autoscaled

* All organizations autoscale

Disabling autoscaling can be done by setting max seats to current seats.

We only warn about autoscaling on the first autoscaling event.

* Fix tests

* Bug fixes

* Simplify subscription update logic

* Void invoices that fail to delete

Stripe no longer allows deletion of draft invoices that were created as part of subscription updates. It's necessary to void out these invoices without sending tem to the client.

* Notify org owners when their subscription runs out of seats

* Use datetime for notifications

Allows for later re-sending email if we want to periodically remind
owners

* Do not update subscription if it already matches new quatity

* Include all migrations

* Remove unnecessary inline styling

* SubscriptionUpdate handles update decisions

* Remove unnecessary html setter

* PR review

* Use minimum access for class methods
2021-09-23 05:36:08 -05:00
Thomas Rittson
4b346ff7ea
Fix null error when provisioning new SSO user (#1578) 2021-09-10 09:25:08 -04:00
Joseph Flinn
d07a68e3cc
Add configuration support for QA cloud environment (#1572)
* Adding a QA environment specific configuration

* separating the bitwarden environment and stripe environment checks

* adding a logging statement for the PayPal webhook key check

* adding more logging

* switched logging type

* Changing the log level on the PayPal webhook. Removing the debugging log from the Stripe Controller
2021-09-08 13:09:54 -07:00
Thomas Rittson
8f27f21ce0
Remove stale SsoUser objects from database (#1560)
* Add SsoUser_ReadByUserIdOrganizationId

* Automatically reset stale/duplicate Sso links

* Fix typo

* Check for stale Sso link in existing user flow

* Delete any stale user record before provisioning new user

* Check for existing db query before creating

* PR feedback updates

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-09-03 10:54:41 -04:00
Oscar Hinton
69e7c651cd
Remove policies from the portal (#1534) 2021-08-26 19:31:56 +02:00
Oscar Hinton
bc003c4449
Add support for managing organizations through providers using the business portal (#1521) 2021-08-23 07:32:29 -05:00
Oscar Hinton
7058fe3ed0
Bump Saml2 dependency to 2.8.0, which adds support for .NET 5. (#1526) 2021-08-19 04:16:12 -05:00
Joseph Flinn
2e1df91232
Update qa env (#1504)
* deploying directly to the production slot of the App Service

* Update Azure Service Bus package

* adding a app service shutdown to qa

* reverting QA env deploy change

* Update qa-deploy workflow with debugging statement

* Disable start/stop in QA deploy workflow

* Fix UserKdf and UserApiKey migrations to only update null values (#1494)

* Add proper New Relic NuGet package for .NET 5

* Test NewRelic changes

Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
2021-08-10 11:15:16 -07:00
Matt Gibson
842a1c2e37
Tweak provider views (#1499)
* Add Organizations to provider views

Remove enabled/disabled toggle from provider. It's currently not used.

* Remove provider Delete

There are implications to deleting providers on the organizations they manage.
We want to think through this flow before allowing delete from the
admin portal.

* Use toastr to display production exception messages.

Update build actions to upgrade npm to v7.

Use a custom error handler in production which displays a toast of the
exception message and redirect to the offending page

* Clarify provider create error message
2021-08-10 11:28:00 -05:00
Matt Gibson
5dc6013e37
Provider qa feedback (#1501)
* Title case buttons

* Throw if provider tries to add a non-business organization

* Allow only one admin OR owner roll in a free org per user

Boolean operators were not properly assocated
and ownership of an org was precluding confirmation into any other
organization

* Limit email length

* Require email domain with top level domain

* Do not allow email domains to end in invalid characters

* Fix free org tests
2021-08-10 11:16:10 -05:00
Addison Beck
152f1f7a9b
Allow Resending Provider Setup Emails From The Admin Portal (#1497)
* Added a button for resending provider setup emails

* Fixed a case typo in a stored procedure

* Turned a couple lines of code into a method call

* Added service level validation against inviting users for MSP invites

* Code review improvements for provider invites

created a factory for provider user invites

wrote tests for provider invite permissions"

* changed a few exception types
2021-08-05 10:39:05 -04:00
Matt Gibson
cfc7fa071b
Record when a provider user accesses a clients vault (#1496)
* Record when a provider user accesses a clients vault

* Do not allow removal from provider unless owner exists

* PR Review

* Null safe event processing
* append `Async` to async methods
2021-08-05 07:50:41 -05:00
Matt Gibson
2298c96e30
Invite Client owner at time of client org creation (#1488) 2021-07-30 08:10:58 -05:00
Matt Gibson
71daef2588
Always enable events for providers (#1487) 2021-07-27 15:44:54 -05:00
Matt Gibson
8e1e2fa2fe
Feature/sync Enable hcaptcha on login (#1469)
* Share globalSettings hcaptcha public key with clients

* Require captcha valid only prior to two factor

users with two factor will have already solved captcha is necessary.
Users without two factor will have`TwoFactorVerified` set to false

* Do not require CaptchaResponse on two-factor requests

* Add option to always require captcha for testing purposes

* Allow for self-hosted instances if they want to use it

* Move refresh suggestion to correct error

* Expect lifetime in helper method

* Add captcha bypass token to successful captcha validations

* Remove twofactorValidated

* PR Feedback
2021-07-21 13:42:06 -05:00
Oscar Hinton
259bf8d760
Add events for Creating, Adding and Removing ProviderOrganizations (#1475) 2021-07-21 19:40:38 +02:00
Oscar Hinton
f6ebb20847
[Provider] Add support for events (#1447) 2021-07-15 16:37:27 +02:00
Oscar Hinton
8ac2dc50af
[Provider] Send email on removal (#1463) 2021-07-15 16:37:16 +02:00
Thomas Rittson
85decfcba2
Fix Return to Vault button (#1426)
* Fix Return to Vault button

* Revert "Fix Return to Vault button"

This reverts commit de625894cf.

* Remove Return to Vault button
2021-07-09 08:02:50 +10:00
Addison Beck
b13dda2799
Postgres & MySql Support For Self-Hosted Installations (#1386)
* EF Database Support Init (#1221)

* scaffolding for ef support

* deleted old postgres repos

* added tables to oncreate

* updated all the things to .NET 5

* Addition to #1221: Migrated DockerFiles from dotnet/3.1 to  5.0 (#1223)

* Migrated DockerFiles from dotnet/3.1 to  5.0

* Migrated SSO/Dockerfile from dotnet 3.1 to 5.0

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>

* EFDatabaseSupport: Updated links and description in README.md and SETUP.md (#1232)

* Updated requirements in README.md

* Updated link to documentation of app-secrets

* upgraded dotnet version to 5.0

* Ef database support implementation examples (#1265)

* mostly finished testing the user repo

* finished testing user repo

* finished org, user, ssoconfig, and ssouser ef implementations

* removed unused prop

* fixed a sql file

* fixed a spacing issue

* fixed a spacing issue

* removed extra database creation

* refactoring

* MsSql => SqlServer

* refactoring

* code review fixes

* build fix

* code review

* continued attempts to fix the the build

* skipped another test

* finished all create test

* initial pass at several repos

* continued building out repos

* initial pass at several repos

* initial pass at device repo

* initial pass at collection repo

* initial run of all Entity Framework implementations

* signup, signin, create/edit ciphers works

* sync working

* all web vault pages seem to load with 100% 200s

* bulkcopy, folders, and favorites

* group and collection management

* sso, groups, emergency access, send

* get basic creates matching on all repos

* got everything building again post merge

* removed some IDE config files

* cleanup

* no more notimplemented methods in the cipher repo

* no more not implementeds everywhere

* cleaned up schema/navigation properties and fixed tests

* removed a sql comment that was written in c# style

* fixed build issues from merge

* removed unsupported db providers

* formatting

* code review refactors

* naming cleanup for queries

* added provider methods

* cipher repo cleanup

* implemented several missing procedures from the EF implementation surround account revision dates, keys, and storage

* fixed the build

* added a null check

* consolidated some cipher repo methods

* formatting fix

* cleaned up indentation of queries

* removed .idea file

* generated postgres migrations

* added mysql migrations

* formatting

* Bug Fixes & Formatting

* Formatting

* fixed a bug with bulk import when using MySql

* code review fixes

* fixed the build

* implemented new methods

* formatting

* fixed the build

* cleaned up select statements in ef queries

* formatting

* formatting

* formatting

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2021-07-08 16:35:48 +00:00
Vincent Salucci
be13eb153a
[Reset Password v1] - Make auto enrollment required when enabled (#1412)
* [Reset Password v1] - Make auto enrollment required when enabled

* Removed unnecessary imports
2021-07-08 10:48:43 -05:00
Oscar Hinton
feb3106f37
[Provider] Create and access child organizations (#1427) 2021-07-08 17:05:32 +02:00
Vince Grassia
bdcfbb3b43
Allow for changing database name (#1397)
* Remove hard coded database name

* Update permissions on build scripts

* Update Setup project and run scripts for configuring database name

* Remove hyphen from database name flag

* Update with suggested changes, still needs testing

* Revert SQL statements to concatenantion for testing

* Fix typo

* Update util/Setup/EnvironmentFileBuilder.cs

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Update SQL commands to prevent SQL injection attacks

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-07-02 10:52:34 -04:00
Matt Gibson
30ea8b728d
Split dev env settings to development settings file (#1424)
* Move dev urls to appsettings.Development.json

* Move bitwarden license dev urls
2021-07-01 11:11:02 -05:00
Oscar Hinton
43f7271147
[Provider] Setup provider (#1378) 2021-06-30 09:35:26 +02:00
Oscar Hinton
1796b1dd8e
Disable launchBrowser launchSetting (#1400) 2021-06-16 18:36:23 +02:00
Vince Grassia
21003c61ab
Update output directory for dotnet builds (#1358)
* Update output directory for dotnet builds

* Update Dotnet build output path
2021-05-27 12:16:12 -04:00
Justin Baur
0e1ab99e25
Cleanup Projects (#1324)
* Update bitwarden_license projects

* Added tests to verify resource names

* Remove unneeded assembly attributes

* Standardized namespace

* Remove .GetTypeInfo()
2021-05-13 17:14:56 -04:00
Vincent Salucci
ae38c33e05
[Reset Password] Enterprise Policy (#1315)
* [Reset Password] Enterprise Policy

* Created UI for policy/edit policy // Updated TODOs for policy dependent checks

* Updated reset password data model field name to be more descriptive

* Update title to Master Password Reset

* Updated PoliciesModel, Policy Model spacing, and strings
2021-05-12 14:47:00 -05:00
Oscar Hinton
cae204cb7c
Refactor WebAuthn IoC container (#1302)
* Refactor WebAuthn IoC container

* Move to AddDefaultServices
2021-05-06 10:17:12 +02:00
Chad Scharf
7cae9d5e47
Version bump, 1.41.2 (#1305) 2021-05-05 12:33:11 -04:00
Chad Scharf
f0baf7e6a4 Revert "Added fido2 registration to other services"
This reverts part of commit 8f64f4a99f.
2021-05-04 23:49:22 -04:00
Chad Scharf
fc146d27ce
Added fido2 registration to other services (#1299) 2021-05-04 23:43:16 -04:00
Chad Scharf
179e6aa76b
enable default appsettings for self hosted - bwlic (#1288) 2021-04-30 15:00:57 -04:00
Chad Scharf
17db94190e
Test 1: add acr_values return validation value (#1285)
* Part 1: add acr_values return validation value

* Update acr return value validation from OIDC specs

* acr validation prompt clarification
2021-04-27 15:17:03 -04:00
Thomas Rittson
de155c78ad Enforce SSO "Want assertions signed" option (#1270)
* Enforce SSO Want Assertions Signed option

* Simplify changes and code style

* Fix style

* Check Issuer entityID before assertion signature
2021-04-21 11:06:30 -04:00
Chad Scharf
1b8b9b7539
Email length in IdSv4 config needed to be 256 (#1255) 2021-04-01 10:56:55 -04:00
Thomas Rittson
ea9849245d
Add Fido2 to Portal services (#1248)
* Add Fido2 to Portal services

* Add Fido2 to Sso services
2021-03-31 07:13:59 +10:00
Thomas Rittson
688cc00d48
Hide email address in Sends (#1234)
* Add send HideEmail to tables and models

* Respect HideEmail setting for Sends

* Recreate SendView to include new HideEmail column

* Enforce new Send policy

* Insert default value for new HideEmail column

* Delete c95d7598-71cc-4eab-8b08-aced0045198b.json

* Remove unrelated files

* Revert disableSendPolicy, add sendOptionsPolicy

* Minor style fixes

* Update SQL project with Send.HideEmail column

* unit test SendOptionsPolicy.DisableHideEmail

* Add SendOptionsPolicy to Portal

* Make HideEmail nullable, fix migrator script

* Remove NOT NULL constraint from HideEmail

* Fix style

* Make HideEmail nullable

* minor fixes to model and error message

* Move SendOptionsExemption banner

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-03-29 07:56:56 +10:00
Thomas Rittson
df7a035d9b
Minor release version bump 1.40.0 (#1199) 2021-03-10 11:19:40 -05:00
Matt Gibson
5537470703
Use sas token for attachment downloads (#1153)
* Get limited life attachment download URL

This change limits url download to a 1min lifetime.
This requires moving to a new container to allow for non-public blob
access.

Clients will have to call GetAttachmentData api function to receive the download
URL. For backwards compatibility, attachment URLs are still present, but will not
work for attachments stored in non-public access blobs.

* Make GlobalSettings interface for testing

* Test LocalAttachmentStorageService equivalence

* Remove comment

* Add missing globalSettings using

* Simplify default attachment container

* Default to attachments containe for existing methods

A new upload method will be made for uploading to attachments-v2.
For compatibility for clients which don't use these new methods, we need
to still use the old container. The new container will be used only for
new uploads

* Remove Default MetaData fixture.

* Keep attachments container blob-level security for all instances

* Close unclosed FileStream

* Favor default value for noop services
2021-02-22 15:35:16 -06:00
Chad Scharf
6cc317c4ba
SSO - Added custom scopes and claim types for OIDC (#1133)
* SSO - Added custom scopes and claim types for OIDC

* Removed redundant field labels

* Added acr_values to OIDC config + request
2021-02-10 12:00:12 -05:00
Matt Gibson
edd4bc2623
Add disable send policy (#1130)
* Add Disable Send policy

* Test DisableSend policy

* PR Review

* Update tests for using CurrentContext

This required making an interface for CurrentContext and mocking out
the members used. The interface can be expanded as needed for tests.

I moved CurrentContext to a folder, which changes the namespace
and causes a lot of file touches, but most are just adding a reference

* Fix failing test

* Update exemption to include all exempt users

* Move all CurrentContext usages to ICurrentContext

* PR review. Match messaging with Web
2021-02-04 12:54:21 -06:00