1. Remove _organizationService.ValidateOrganizationUserUpdatePermissions since it is not needed for updating group associations.
2. Remove loggedInUserId since it's no longer needed.
3. Update/remove related tests.
refactor(TwoFactorAuthentication): Remove references to old Duo SDK version 2 code and replace them with the Duo SDK version 4 supported library DuoUniversal code.
Increased unit test coverage in the Two Factor Authentication code space. We opted to use DI instead of Inheritance for the Duo and OrganizaitonDuo two factor tokens to increase testability, since creating a testing mock of the Duo.Client was non-trivial.
Reviewed-by: @JaredSnider-Bitwarden
* Remove flag from CreateProviderCommand
* Remove flag from OrganizationsController
* Consolidate provider extensions
* Remove flag from ProvidersController
* Remove flag from CreateMsp.cshtml
* Remove flag from Provider Edit.cshtml
Also ensured the editable Gateway fields show for Multi-organization enterprises
* Remove flag from OrganizationsController
* Remove flag from billing-owned provider controllers
* Remove flag from OrganizationService
* Remove flag from RemoveOrganizationFromProviderCommand
* Remove flag from ProviderService
* Remove flag
* Run dotnet format
* Fix failing tests
* PM-13236 PasswordHealthReportApplications db
* PM-13236 incorporated pr comments
* PM-13236 fixed error in SQL script
* PM-13236 resolve quality scan errors SQL71006, SQL7101, SQL70001
* PM-13236 fixed warnings on procedures
* PM-13236 added efMigrations
* PM-13236 renamed files to PasswordHealthReportApplication (singular)
* PM-13236 changed file name to more appropriate naming
* PM-13236 changed the file name singular
* PM-13236 PasswordHealthReportApplication Entities and Repos
* PM-13236 moved files under tools from core
* PM-13236 Entity PasswordHealthReportApplication namespace changed to tools/entities
* PM-13236 moved Repos and Interfaces to tools
* PM-13236 migrated model to tools namespace
* PM-13236 minor fixes to the unit tests
* PM-13236 fixed script errors during build
* PM-13236 Script to drop PasswordHealthReportApplications if it exists
* PM-13236 fixes to database snapshot
* PM-13236 updated databasesnapshots
* PM-13236 Update database model changes for Mysql
* PM-13236 update model changes for Sqlite
* PM-13236 updated the models to remove commented code
* PM-13236 added correct db snapshot for MySql
* PM-13236 updated database snapshot for Postgres
* PM-13236 updated database snapshot for Sqlite
* PM-13236 removed unwanted directive to fix linting error
* PM-13236 removed redundant script files
* PM-13237 Add entity command and unit tests
* PM-13237 Get query added with unit tests
* PM-13237 Controller to add/get PasswordHealthReportApplication
* PM-13237 Setup dependencies in the EF Service collection extensions
* PM-13237 Added unit tests for ReportsController
* Adding CanToggleState to PoliciesControllers (api/public) endpoints. Added mappings wrapped in feature flag.
* Updated logic for determining CanToggle. Removed setting of toggle from List endpoint. Added new details model for single policy response. Validator now returns after first error.
* PM-13236 PasswordHealthReportApplications db
* PM-13236 incorporated pr comments
* PM-13236 fixed error in SQL script
* PM-13236 resolve quality scan errors SQL71006, SQL7101, SQL70001
* PM-13236 fixed warnings on procedures
* PM-13236 added efMigrations
* PM-13236 renamed files to PasswordHealthReportApplication (singular)
* PM-13236 changed file name to more appropriate naming
* PM-13236 changed the file name singular
* PM-13236 PasswordHealthReportApplication Entities and Repos
* PM-13236 moved files under tools from core
* PM-13236 Entity PasswordHealthReportApplication namespace changed to tools/entities
* PM-13236 moved Repos and Interfaces to tools
* PM-13236 migrated model to tools namespace
* PM-13236 minor fixes to the unit tests
* PM-13236 fixed script errors during build
* PM-13236 Script to drop PasswordHealthReportApplications if it exists
* PM-13236 fixes to database snapshot
* PM-13236 updated databasesnapshots
* PM-13236 Update database model changes for Mysql
* PM-13236 update model changes for Sqlite
* PM-13236 updated the models to remove commented code
* PM-13236 added correct db snapshot for MySql
* PM-13236 updated database snapshot for Postgres
* PM-13236 updated database snapshot for Sqlite
* PM-13236 removed unwanted directive to fix linting error
* PM-13236 removed redundant script files
* Add check for managed user before purging account
* Rename IOrganizationRepository.GetByClaimedUserDomainAsync to GetByVerifiedUserEmailDomainAsync and refactor to return a list. Remove ManagedByOrganizationId from ProfileResponseMode. Add ManagesActiveUser to ProfileOrganizationResponseModel
* Rename the property ManagesActiveUser to UserIsManagedByOrganization
* Remove whole class #nullable enable and add it to specific places
* [PM-11405] Account Deprovisioning: Prevent a verified user from changing their email address
* Remove unnecessary .ToList()
* Refactor IUserService methods GetOrganizationsManagingUserAsync and IsManagedByAnyOrganizationAsync to not return nullable objects. Update ProfileOrganizationResponseModel.UserIsManagedByOrganization to not be nullable
* Prevent deletion of accounts managed by an organization when Account Deprovisioning is enabled
* Add CannotDeleteManagedAccountViewModel and email templates
- Added CannotDeleteManagedAccountViewModel class to handle emails related to preventing deletion of accounts managed by an organization.
- Added HTML and text email templates for sending notifications about the inability to delete an account owned by an organization.
- Updated IMailService interface with a new method to send the cannot delete managed account email.
- Implemented the SendCannotDeleteManagedAccountEmailAsync method in HandlebarsMailService.
- Added a check in UserService to send the cannot delete managed account email if the user is managed by any organization.
- Added a no-op implementation for SendCannotDeleteManagedAccountEmailAsync in NoopMailService.
* Update error message when unable to purge vault for managed account
* Update error message when unable to change email for managed account
* Update error message when unable to delete account when managed by organization
* Update error message in test for deleting organization-owned accounts
* changes to include subscription status metadata
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Fix the failing test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the failing test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
---------
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Add delete permission to cs role
* Add domain verification stat to portal
* add feature flag and unit tests
* fix test
* Refactor from PR feedback
* update comment
* Return Policy object instead of NotFoundException
* Add unit tests, change orgId type to Guid
* Fix test cases, throw exception when manage not allowed
* Add check for managed user before purging account
* Rename IOrganizationRepository.GetByClaimedUserDomainAsync to GetByVerifiedUserEmailDomainAsync and refactor to return a list. Remove ManagedByOrganizationId from ProfileResponseMode. Add ManagesActiveUser to ProfileOrganizationResponseModel
* Rename the property ManagesActiveUser to UserIsManagedByOrganization
* Remove whole class #nullable enable and add it to specific places
* [PM-11405] Account Deprovisioning: Prevent a verified user from changing their email address
* Remove unnecessary .ToList()
* Refactor IUserService methods GetOrganizationsManagingUserAsync and IsManagedByAnyOrganizationAsync to not return nullable objects. Update ProfileOrganizationResponseModel.UserIsManagedByOrganization to not be nullable
* Update error message when unable to purge vault for managed account
* Update error message when unable to change email for managed account
* Update expected error messages on unit tests
* Add TestFeatureService to Api.IntegrationTest.Helpers and use it on ApiApplicationFactory to be able to enable specific features for each test
* Add CreateVerifiedDomainAsync method to OrganizationTestHelpers
* Add tests to AccountsControllerTest to prevent changing email for managed accounts
* Remove setting the feature flag value in ApiApplicationFactory and set it on AccountsControllerTest
* Remove TestFeatureService class from Api.IntegrationTest.Helpers
* Refactor OrganizationUsersController.Get to include organization management status of organization users in details endpoint
* Refactor OrganizationUsersController.Get to include organization management status of an individual user in details endpoint
* Remove redundant .ToDictionary()
* Simpify the property xmldoc
* Name tuple variables in OrganizationUsersController.Get
* Name returned tuple objects in GetDetailsByIdWithCollectionsAsync method in OrganizationUserRepository
* Refactor MembersController.Get to destructure tuple returned by GetDetailsByIdWithCollectionsAsync
* Add test for OrganizationUsersController.Get to assert ManagedByOrganization is set accordingly
* Allow for binning of comb IDs by date and value
* Introduce notification hub pool
* Replace device type sharding with comb + range sharding
* Fix proxy interface
* Use enumerable services for multiServiceNotificationHub
* Fix push interface usage
* Fix push notification service dependencies
* Fix push notification keys
* Fixup documentation
* Remove deprecated settings
* Fix tests
* PascalCase method names
* Remove unused request model properties
* Remove unused setting
* Improve DateFromComb precision
* Prefer readonly service enumerable
* Pascal case template holes
* Name TryParse methods TryParse
* Apply suggestions from code review
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* AllClients is a set of clients and must be deduplicated
* Fix registration start time
* Add logging to initialization of a notification hub
* more logging
* Add lower level logging for hub settings
* Log when connection is resolved
* Improve log message
* Log pushes to notification hub
* temporarily elevate log messages for visibility
* Log in multi-service when relaying to another push service
* Revert to more reasonable logging free of user information
* Fixup merge
Deleting user was extracted to a command in #4803, this updates that work to use just the device ids as I did elsewhere in abd67e8ec
* Do not use bouncy castle exception types
* Add required services for logging
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
* Add check for managed user before purging account
* Rename IOrganizationRepository.GetByClaimedUserDomainAsync to GetByVerifiedUserEmailDomainAsync and refactor to return a list. Remove ManagedByOrganizationId from ProfileResponseMode. Add ManagesActiveUser to ProfileOrganizationResponseModel
* Rename the property ManagesActiveUser to UserIsManagedByOrganization
* Remove whole class #nullable enable and add it to specific places
* Remove unnecessary .ToList()
* Refactor IUserService methods GetOrganizationsManagingUserAsync and IsManagedByAnyOrganizationAsync to not return nullable objects. Update ProfileOrganizationResponseModel.UserIsManagedByOrganization to not be nullable
* Update error message when unable to purge vault for managed account
* Add HasConfirmedOwnersExceptQuery class, interface and unit tests
* Register IHasConfirmedOwnersExceptQuery for dependency injection
* Replace OrganizationService.HasConfirmedOwnersExceptAsync with HasConfirmedOwnersExceptQuery
* Refactor DeleteManagedOrganizationUserAccountCommand to use IHasConfirmedOwnersExceptQuery
* Fix unit tests
* Extract IOrganizationService.RemoveUserAsync into IRemoveOrganizationUserCommand; Update unit tests
* Extract IOrganizationService.RemoveUsersAsync into IRemoveOrganizationUserCommand; Update unit tests
* Refactor RemoveUserAsync(Guid organizationId, Guid userId) to use ValidateDeleteUser
* Refactor RemoveOrganizationUserCommandTests to use more descriptive method names
* Refactor controller actions to accept Guid directly instead of parsing strings
* Add unit tests for removing OrganizationUser by UserId
* Refactor remove OrganizationUser by UserId method
* Add summary to IHasConfirmedOwnersExceptQuery
* Added /domain/sso/verified to organization controller
* Restricting sproc to only return verified domains if the org has sso. Adding name. corrected route. removed not found exception. Adding the sproc definition to the SQL project
* PM-11123: Notification Status Details view
* PM-11123: Test Typo
* PM-11123: New line missing
* PM-11123: Delete unnecessary field
* PM-11123: Moved NotificationStatusDetails to Models/Data
* PM-11123: Service layer
* PM-11123: Service layer for Notification Center
* PM-11123: Throw error on unsupported requirement
* PM-11123: Missing await
* PM-11123: Cleanup
* PM-11123: Unit Test coverage
* PM-11123: Flipping the authorization logic to be exact match of fail, formatting
* PM-11123: Async warning
* PM-11123: Using AuthorizeOrThrowAsync, removal of redundant set new id
* PM-11123: UT typo
* PM-11123: UT fix
* Add HasVerifiedDomainsAsync method to IOrganizationDomainService
* Add GetManagedUserIdsByOrganizationIdAsync method to IOrganizationUserRepository and the corresponding queries
* Fix case on the sproc OrganizationUser_ReadManagedIdsByOrganizationId parameter
* Update the EF query to use the Email from the User table
* dotnet format
* Fix IOrganizationDomainService.HasVerifiedDomainsAsync by checking that domains have been Verified and add unit tests
* Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync
* Fix domain queries
* Add OrganizationUserRepository integration tests
* Add summary to IOrganizationDomainService.HasVerifiedDomainsAsync
* chore: Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync to GetManyIdsManagedByOrganizationIdAsync
* Add IsManagedByAnyOrganizationAsync method to IUserRepository
* Add integration tests for UserRepository.IsManagedByAnyOrganizationAsync
* Refactor to IUserService.IsManagedByAnyOrganizationAsync and IOrganizationService.GetUsersOrganizationManagementStatusAsync
* chore: Refactor IsManagedByAnyOrganizationAsync method in UserService
* Refactor IOrganizationService.GetUsersOrganizationManagementStatusAsync to return IDictionary<Guid, bool>
* Extract IOrganizationService.GetUsersOrganizationManagementStatusAsync into a query
* Update comments in OrganizationDomainService to use proper capitalization
* Move OrganizationDomainService to AdminConsole ownership and update namespace
* feat: Add support for organization domains in enterprise plans
* feat: Add HasOrganizationDomains property to OrganizationAbility class
* refactor: Update GetOrganizationUsersManagementStatusQuery to use IApplicationCacheService
* Remove HasOrganizationDomains and use UseSso to check if Organization can have Verified Domains
* Refactor UserService.IsManagedByAnyOrganizationAsync to simply check the UseSso flag
* Add new event types for organization user deletion and voluntary departure
* Add DeleteManagedOrganizationUserAccountCommand to remove user and delete account
* Refactor DeleteManagedOrganizationUserAccountCommand to use orgUser.Id instead of orgUser.UserId.Value
* Add DeleteManagedOrganizationUserAccountCommandTests
* Add an endpoint to the OrganizationUsersController to delete a user account managed by an organization
* Add unit tests for OrganizationUsersController.DeleteAccount
* Add an endpoint to the OrganizationUsersController to bulk delete user accounts managed by an organization
* Add unit tests for OrganizationUsersController.BulkDeleteAccount
* Gate new endpoints behind feature flag
* Remove duplicate migration
* Remove unnecessary _userService.GetProperUserId
* Add PremiumUserSale
* Add PremiumUserBillingService
* Integrate into UserService behind FF
* Update invoice.created handler to bill newly created PayPal customers
* Run dotnet format
* Add OrganizationUserMiniDetails endpoint, models and authorization
* Restrict access to current OrganizationUserUserDetails endpoint
Both are behind feature flags