1
0
mirror of https://github.com/bitwarden/server.git synced 2024-12-01 13:43:23 +01:00
Commit Graph

3552 Commits

Author SHA1 Message Date
renovate[bot]
ef84b06084
[deps]: Update Microsoft.Extensions.Caching.Cosmos to v1.6.1 (#4133)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-28 11:55:28 -04:00
Justin Baur
1ec2aae723
[PM-3581] Fix Postgres Time (#3221)
* Fix Postgres Time

- Migrate Send Tests
- Delete Old Tests

* Formatting

* Update Comment

* Change LaxComparer to Compare Some Milliseconds

* Update Comment
2024-06-28 16:13:02 +02:00
Alex Morask
48430836b6
Fix invoice finalized handler (#4430) 2024-06-28 08:48:56 -04:00
renovate[bot]
04ab3d4c2e
[deps] Auth: Lock file maintenance (#3961)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-27 13:49:22 -07:00
Matt Gibson
77dcf7f339
Log SignalR pushes (#4392)
We are interested in the rate at which signalR notifications are pushed to clients. This enables tracking only of that rate and the type of notification, nothing more identifiable.

Data will be used to determine feasibility of transferring to web push
2024-06-27 13:07:51 -04:00
renovate[bot]
563adf54af
[deps] DbOps: Update EntityFrameworkCore to v8 (major) (#3744)
* [deps] DbOps: Update EntityFrameworkCore to v8

* Only Run EnsureDeleted If Factory Owns Connection

This only worked because of a bug in dotnet/efcore#33930 that was fixed in 8.0.

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2024-06-27 08:45:34 -04:00
Thomas Rittson
d9aa27d4cb
[AC-2204] Finalize sprocs that added the Manage permission (1 of 3) (#4204)
* Copy v2 sprocs and drop v2 suffix
2024-06-27 05:56:37 +10:00
cyprain-okeke
f045d06a9c
[AC-2361] Refactor StripeController (#4136)
* Changes ensures provider_id is handled and stored for Braintree.

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* refactoring of the stripeController class

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Move the constant variables to utility class

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Adding comments to the methods

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add more comments to describe the method

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add the providerId changes

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add the missing providerId

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Fix the IsSponsoredSubscription bug

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-06-26 16:34:16 +01:00
Alex Morask
26575856e6
Remove provider discount for CB (#4277) 2024-06-26 09:33:22 -04:00
Alex Morask
750321afaa
Updated CSV column header, removed invoice PDF URL (#4212) 2024-06-26 09:30:30 -04:00
Alex Morask
e8e725c389
[AC-2795] Add account credit & tax information to provider subscription (#4276)
* Add account credit, suspension and tax information to subscription response

* Run dotnet format'
2024-06-26 09:08:18 -04:00
Thomas Rittson
6646d11074
Turn on Flexible Collections v1 for self-host (#4253) 2024-06-26 06:10:35 +10:00
Todd Martin
8147aca0fd
[PM-7084] Add feature flag for 2FA component refactor (#4229) 2024-06-25 12:16:53 -04:00
renovate[bot]
7129342827
[deps] Platform: Update dotnet monorepo to v6.0.31 (#4027)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-25 09:53:46 -04:00
renovate[bot]
e9ecb1dea6
[deps] Auth: Update DuoUniversal to v1.2.5 (#4216)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-06-24 12:59:46 -07:00
SmithThe4th
d064ee73fc
[PM-8997] Revert restriction for provider users (#4223)
* reverted restriction for provider users

* updated comment
2024-06-24 15:05:25 -04:00
Alex Morask
95f54b616e
[AC-2744] Add provider portal pricing for consolidated billing (#4210)
* Expanded Teams and Enterprise plan with provider seat data

* Updated provider setup process with new plan information

* Updated provider subscription retrieval and update with new plan information

* Updated client invoice report with new plan information

* Fixed tests

* Fix broken test
2024-06-24 11:16:57 -04:00
Alex Morask
fa62b36d44
[AC-2774] Consolidated issues for Consolidated Billing (#4201)
* Add BaseProviderController, update some endpoints to ServiceUser permissions

* Prevent service user from scaling provider seats above seat minimum

* Expand invoice response to include DueDate
2024-06-24 11:15:47 -04:00
renovate[bot]
4a06c82c8d
[deps] Tools: Update aws-sdk-net monorepo (#4219)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-24 13:09:30 +02:00
renovate[bot]
2c70eb9349
[deps] Tools: Update SignalR to v8.0.6 (#4218)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-24 13:05:33 +02:00
renovate[bot]
2b0c0b1f72
[deps] Tools: Update LaunchDarkly.ServerSdk to v8.5.1 (#4217)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-24 12:08:40 +02:00
Thomas Avery
8a1b64a21b
[SM-1075] Fix bulk remove organization users with Secrets Manager (#4197)
* Fix OrganizationUser_DeleteByIds procedure

* Add db migration
2024-06-21 17:29:36 -05:00
renovate[bot]
c4f176a1c2
[deps] Auth: Update Duende.IdentityServer to v7.0.5 (#4169)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-06-21 10:55:06 -07:00
Conner Turnbull
5fd9ab5fa5
Showing Teams Starter option in org edit dropdown in the admin portal if user is on that plan (#4187) 2024-06-21 13:53:10 -04:00
aj-rosado
f275b2567d
[PM-517] Added validation to maximum and minimum expiry date (#4199)
* Added validation to maximum and minimum expiry date

* Updated error text on SendRequestModel

* Add tests to ValidateEdit on SendRequestModel
2024-06-21 13:56:43 +01:00
cyprain-okeke
de56461b97
resolve the issue with error page after cancel (#4193)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-06-21 13:02:27 +01:00
Thomas Rittson
9595252224
[AC-2656] Remove old permissions code from CiphersController (#4186) 2024-06-21 09:57:43 +10:00
Thomas Rittson
6262686c0c
[AC-2699] Remove AccessAll from api request/response models (#4203) 2024-06-21 09:00:01 +10:00
Thomas Avery
01d67dce48
[SM-654] Individual secret permissions (#4160)
* Add new data and request models

* Update authz handlers

* Update secret commands to handle access policy updates

* Update secret repository to handle access policy updates

* Update secrets controller to handle access policy updates

* Add tests

* Add integration tests for secret create
2024-06-20 12:45:28 -05:00
Thomas Avery
0e6e461602
[SM-654] Add support for direct secret permissions at the repo layer (#4156)
* calculate direct secret permissions at the repo layer

* Add integration tests for service account secret access count
2024-06-20 10:40:24 -05:00
cyprain-okeke
7f496e7399
Add a CancelAt to the response (#4205)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-06-20 13:50:42 +01:00
Jared Snider
29b47f72ca
Auth/PM-3833 - Remove Deprecated Register and Prelogin endpoints from API (#4206)
* PM-3833 - API - AccountsController.cs && AccountsController.cs - remove prelogin and register endpoints.

* PM-3833 - Move Request and Response models that were used for Prelogin and PostRegister from API to Identity.

* PM-3833 - FIX LINT

* PM-3833 - Fix issues after merge conflict fixes.

* PM-3833 - Another test fix
2024-06-19 15:11:24 -04:00
Jared Snider
b2b1e3de87
Auth/PM-5092 - Registration with Email verification - Send Email Verification Endpoint (#4173)
* PM-5092 - Add new EnableEmailVerification global setting.

* PM-5092 - WIP - AccountsController.cs - create stub for new     PostRegisterSendEmailVerification

* PM-5092 - RegisterSendEmailVerificationRequestModel

* PM-5092 - Create EmailVerificationTokenable.cs and get started on tests (still WIP).

* PM-5092 - EmailVerificationTokenable.cs finished + tests working.

* PM-5092 - Add token data factory for new EmailVerificationTokenable factory.

* PM-5092 - EmailVerificationTokenable.cs - set expiration to match existing verify email.

* PM-5092 - Get SendVerificationEmailForRegistrationCommand command mostly written + register as scoped.

* PM-5092 - Rename tokenable to be more clear and differentiate it from the existing email verification token.

* PM-5092 - Add new registration verify email method on mail service.

* PM-5092 - Refactor SendVerificationEmailForRegistrationCommand and add call to mail service to send email.

* PM-5092 - NoopMailService.cs needs to implement all interface methods.

* PM-5092 - AccountsController.cs - get PostRegisterSendEmailVerification logic in place.

* PM-5092 - AccountsControllerTests.cs - Add some unit tests - WIP

* PM-5092 - SendVerificationEmailForRegistrationCommandTests

* PM-5092 - Add integration tests for new acct controller method

* PM-5092 - Cleanup unit tests

* PM-5092 - AccountsController.cs - PostRegisterSendEmailVerification - remove modelState invalid check as .NET literally executes this validation pre-method execution.

* PM-5092 - Rename to read better - send verification email > send email verification

* PM-5092 - Revert primary constructor approach so DI works.

* PM-5092 - (1) Cleanup new but now not needed global setting (2) Add custom email for registration verify email.

* PM-5092 - Fix email text

* PM-5092 - (1) Modify ReferenceEvent.cs to allow nullable values for the 2 params which should have been nullable based on the constructor logic (2) Add new ReferenceEventType.cs for email verification register submit (3) Update AccountsController.cs to log new reference event (4) Update tests

* PM-5092 - RegistrationEmailVerificationTokenable - update prefix, purpose, and token id to include registration to differentiate it from the existing email verification token.

* PM-5092 - Per PR feedback, cleanup used dict.

* PM-5092 - formatting pass (manual + dotnet format)

* PM-5092 - Per PR feedback, log reference event after core business logic executes

* PM-5092 - Per PR feedback, add validation + added nullable flag to name as it is optional.

* PM-5092 - Per PR feedback, add constructor validation for required tokenable data

* PM-5092 - RegisterVerifyEmail url now contains email as that is required in client side registration step to create a master key.

* PM-5092 - Add fromEmail flag + some docs

* PM-5092 - ReferenceEvent.cs - Per PR feedback, make SignupInitiationPath and PlanUpgradePath nullable

* PM-5092 - ReferenceEvent.cs - remove nullability per PR feedback

* PM-5092 - Per PR feedback, use default constructor and manually create reference event.

* PM-5092 - Per PR feedback, add more docs!
2024-06-19 13:54:20 -04:00
Thomas Rittson
c375c18257
[AC-2655] Remove old permissions logic from CollectionsController (#4185)
* Replace all old methods with vNext methods

* Remove remaining Flexible Collections checks and remove helper method

* Remove unused private methods

* Update tests
2024-06-18 06:23:32 +10:00
Bernd Schoolmann
3ad4bc1cab
[PM-4371] Implement PRF key rotation (#4157)
* Send rotateable keyset on list webauthn keys

* Implement basic prf key rotation

* Add validator for webauthn rotation

* Fix accounts controller tests

* Add webauthn rotation validator tests

* Introduce separate request model

* Fix tests

* Remove extra empty line

* Remove filtering in validator

* Don't send encrypted private key

* Fix tests

* Implement delegated webauthn db transactions

* Add backward compatibility

* Fix query not working

* Update migration sql

* Update dapper query

* Remove unused helper

* Rename webauthn to WebAuthnLogin

* Fix linter errors

* Fix tests

* Fix tests
2024-06-17 20:46:57 +02:00
Conner Turnbull
732ded52af
Resolved null reference exceptions when removing a families plan sponsorship from Stripe (#4194) 2024-06-17 11:45:55 -04:00
Cesar Gonzalez
6af47faef1
[PM-8027] Adding feature flag to allow us to fallback to the basic approach to field qualification for the inline menu (#4166)
* [PM-8027] Adding feature flag to allow us to fallback to the basic approach to field qualification for the inline menu

* [PM-8027] Adding feature flag to allow us to fallback to the basic approach to field qualification for the inline menu

* [PM-8027] Reverting flag from a fallback flag to an enhancement feature flag
2024-06-17 09:52:17 -05:00
Vincent Salucci
2841c1aba0
fix: remove required annotation for AccessAll, refs PM-8792 (#4191) 2024-06-17 08:08:12 +10:00
Conner Turnbull
b5241f1a97
Added missing enum import (#4192) 2024-06-14 17:05:19 -04:00
Conner Turnbull
721d2969d4
[PM-8830] Billing Enums Rename (#4180)
* Renamed ProductType to ProductTierType

* Renamed Product properties to ProductTier

* Moved ProductTierType to Bit.Core.Billing.Enums namespace from Bit.Core.Enums

* Moved PlanType enum to Bit.Core.Billing.Enums

* Moved StaticStore to Bit.Core.Billing.Models.StaticStore namespace

* Added ProductType enum

* dotnet format
2024-06-14 15:34:47 -04:00
cd-bitwarden
41ed38080f
Revert "[SM-1197] - Duplicate GUIDS Show a more detailed error message if dup…" (#4190)
This reverts commit 43b34c433c.
2024-06-14 17:45:17 +00:00
cd-bitwarden
43b34c433c
[SM-1197] - Duplicate GUIDS Show a more detailed error message if duplicate GUIDS are passed ot g… (#4161)
* Show a more detailed error message if duplicate GUIDS are passed ot get by Ids

* Update test/Api.IntegrationTest/SecretsManager/Controllers/SecretsControllerTests.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/SecretsManager/Models/Request/GetSecretsRequestModel.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Api/SecretsManager/Models/Request/GetSecretsRequestModel.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Making requested changes to tests

* lint fix

* fixing whitespace

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2024-06-14 17:23:23 +00:00
Alex Morask
83604cceb1
[AC-1943] Implement provider client invoice report (#4178)
* Update ProviderInvoiceItem SQL configuration

* Implement provider client invoice export

* Add tests

* Run dotnet format

* Fixed SPROC backwards compatibility issue
2024-06-14 12:26:49 -04:00
renovate[bot]
c8babc5a43
[deps] AC: Update Quartz to v3.9.0 (#4134)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-13 16:16:22 +10:00
André Bispo
7c805904ba
[PM-8814] Add removed EU feature flag to temporarily fix mobile until release rollout (#4177) 2024-06-12 15:43:41 +01:00
Jake Fink
576b78d739
Change error message (#4175) 2024-06-11 16:20:06 -04:00
Conner Turnbull
fc1c488a78
[AC-2567] Billing Performance Improvements (#4143)
* Moved AccountsBilling controller to be owned by Billing

* Added org billing history endpoint

* Updated GetBillingInvoicesAsync to only retrieve paid, open, and uncollectible invoices, and added option to limit results

* Removed invoices and transactions from GetBillingAsync

* Limiting the number of invoices and transactions returned

* Moved Billing models to Billing namespace

* Split billing info and billing history objects

* Removed billing method GetBillingBalanceAndSourceAsync

* Removed unused using

* Cleaned up BillingInfo a bit

* Update migration scripts to use `CREATE OR ALTER` instead of checking for the `OBJECT_ID`

* Applying limit to aggregated invoices after they return from Stripe
2024-06-11 13:55:23 -04:00
cyprain-okeke
f615858724
[AC-1779] Add comment to clarify ExpirationWithoutGracePeriod in OrganizationLicense (#3403)
* add the validation for version 12 and above

* We needed comments only
2024-06-11 15:26:53 +01:00
renovate[bot]
c57091c4b1
[deps] DbOps: Update Microsoft.Data.SqlClient to v5.2.1 (#4170)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-10 12:47:22 -06:00
Ike
fa4dc4aaf2
Fix Duo Universal to work with transitional metadata (#4164) 2024-06-07 12:49:53 -07:00
Rui Tomé
308bd555a4
[AC-2286] Include the OrganizationUserId for each Organization in the user sync data (#4142)
* [AC-2286] Include the OrganizationUserId for each Organization in the user sync data

* Make OrganizationUserId property non-nullable
2024-06-07 13:32:09 -05:00
Thomas Avery
36705790ad
[SM-1293] Add endpoint to fetch secret's access policies (#4146)
* Add authz handling for secret access policy reads

* Add the ability to fetch secret access polices from the repository

* refactor response models

* Add new endpoint
2024-06-07 12:08:38 -05:00
renovate[bot]
a1d609b208
[deps] DbOps: Update EntityFrameworkCore (#3981)
* [deps] DbOps: Update EntityFrameworkCore

* Update linq2db Package

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2024-06-07 09:55:59 -04:00
Alex Morask
725fc2eed3
[AC-1943] Add ProviderInvoiceItem table (#4163)
* Add ProviderInvoiceItem table

* Run dotnet format
2024-06-06 13:25:13 -04:00
cyprain-okeke
fef34d845f
Add additional return properties ti providerSubscriptionResponse (#4159)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-06-06 15:54:08 +01:00
Ike
97b3f3e7ee
[PM-5216] User and Organization Duo Request and Response Model refactor (#4126)
* inital changes

* add provider GatewayType migrations

* db provider migrations

* removed duo migrations added v2 metadata to duo response

* removed helper scripts

* remove signature from org duo

* added backward compatibility for Duo v2

* added tests for duo request + response models

* refactors to TwoFactorController

* updated test methods to be compartmentalized by usage

* fix organization add duo

* Assert.Empty() fix for validator
2024-06-05 11:42:02 -07:00
Alex Morask
a0a7654077
[AC-1942] Add endpoint to get provider invoices (#4158)
* Added endpoint to get provider invoices

* Added missing properties of invoice

* Run dotnet format'
2024-06-05 13:33:28 -04:00
Conner Turnbull
4a6113dc86
[AC-2386][AC-2750] Updated BitPay controller to add transactions and account credit for providers (#4153) 2024-06-04 14:58:21 -04:00
Thomas Rittson
cae417e2a2
[AC-2317] Public API - remove old permissions code (#4125)
* Remove FlexibleCollections checks from Public API controllers

* Remove AccessAll from Public API

* Update tests
2024-06-04 08:58:44 +10:00
Thomas Rittson
2c40dc0602
[AC-2654] Remove old permissions code from OrganizationUsersController (#4149) 2024-06-04 08:47:12 +10:00
Thomas Rittson
80793d1ffa
[AC-2653] Remove old permissions code from GroupsController (#4148) 2024-06-04 08:46:48 +10:00
Thomas Rittson
fe76de63a0
Fix optional properties being required in public api (#4150) 2024-06-04 08:17:01 +10:00
Conner Turnbull
395d6e845c
[AC-2678] Enterprise to Families Sponsorship Bugs (#4118)
* Removed prorationDate as it wasn't used, and wasn't needed

* Fixed logic to detect if a subscription was sponsored

* Moved OrganizationSponsorshipsController.cs to Billing folder
2024-06-03 13:18:46 -04:00
Alex Morask
9eec986c1c
Added gateway links to Provider edit in Admin (#4145) 2024-06-03 11:51:41 -04:00
Alex Morask
2b43cde99b
[AC-1938] Update provider payment method (#4140)
* Refactored GET provider subscription

Refactoring this endpoint and its associated tests in preparation for the addition of more endpoints that share similar patterns

* Replaced StripePaymentService call in AccountsController, OrganizationsController

This was made in error during a previous PR. Since this is not related to Consolidated Billing, we want to try not to include it in these changes.

* Removing GetPaymentInformation call from ProviderBillingService

This method is a good call for the SubscriberService as we'll want to extend the functionality to all subscriber types

* Refactored GetTaxInformation to use Billing owned DTO

* Add UpdateTaxInformation to SubscriberService

* Added GetTaxInformation and UpdateTaxInformation endpoints to ProviderBillingController

* Added controller to manage creation of Stripe SetupIntents

With the deprecation of the Sources API, we need to move the bank account creation process to using SetupIntents. This controller brings both the creation of "card" and "us_bank_account" SetupIntents
under billing management.

* Added UpdatePaymentMethod method to SubscriberService

This method utilizes the SetupIntents created by the StripeController from the previous commit when a customer adds a card or us_bank_account payment method (Stripe). We need to cache the most recent SetupIntent for the subscriber so that we know which PaymentMethod is their most recent even when it hasn't been confirmed yet.

* Refactored GetPaymentMethod to use billing owned DTO and check setup intents

* Added GetPaymentMethod and UpdatePaymentMethod endpoints to ProviderBillingController

* Re-added GetPaymentInformation endpoint to consolidate API calls on the payment method page

* Added VerifyBankAccount endpoint to ProviderBillingController in order to finalize bank account payment methods

* Updated BitPayInvoiceRequestModel to support providers

* run dotnet format

* Conner's feedback

* Run dotnet format'
2024-06-03 11:00:52 -04:00
Jake Fink
b072fc56b1
[PM-6794] block legacy users from authN (#4088)
* block legacy users from authN

* undo change to GetDeviceFromRequest

* lint

* add feature flag

* format

* add web vault url to error message

* fix test

* format
2024-06-03 09:19:56 -04:00
Thomas Rittson
357ac4f40a
[AC-292] Public Api - allow configuration of custom permissions (#4022)
* Also refactor OrganizationService user invite methods
2024-05-31 09:23:31 +10:00
Bernd Schoolmann
0189952e1f
[PM-5938] Prevent permanent vault coruption on key-rotation with desycned vault (#4098)
* Add check to verify the vault state for rotation is not obviously desynced (empty)

* Add unit test for key rotation guardrail

* Move de-synced vault detection to validators

* Add tests
2024-05-30 11:08:26 +02:00
cyprain-okeke
f73b7c7fa8
[AC-2706] [Defect] ProviderId does not populate when payment for provider subscription is created/updated (#4138)
* Resolve the issue of not updating the db

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Resolve the failing test

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-05-29 18:49:19 +01:00
renovate[bot]
9da75fc78f
[deps] Tools: Update aws-sdk-net monorepo (#4131)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-28 16:24:04 +02:00
Addison Beck
98a191a5e8
Allow for bulk processing new login device requests (#4064)
* Define a model for updating many auth requests

In order to facilitate a command method that can update many auth
requests at one time a new model must be defined that accepts valid
input for the command's needs. To achieve this a new file has been
created at
`Core/AdminConsole/OrganizationAuth/Models/OrganizationAuthRequestUpdateCommandModel.cs`
that contains a class of the same name. It's properties match those that
need to come from any calling API request models to fulfill the request.

* Declare a new command interface method

Calling API functions of the `UpdateOrganizationAuthRequestCommand` need
a function that can accept many auth request response objects and
process them as approved or denied. To achieve this a new function has
been added to `IUpdateOrganizationAuthRequestCommand` called
`UpdateManyAsync()` that accepts an
`IEnumberable<OrganizationAuthRequest>` and returns a `Task`.
Implementations of this interface method will be used to bulk process
auth requests as approved or denied.

* Stub out method implementation for unit testing

To facilitate a bulk device login request approval workflow in the admin
console `UpdateOrganizationAuthRequestCommand` needs to be updated to
include an `UpdateMany()` method. It should accept a list of
`OrganizationAuthRequestUpdateCommandModel` objects, perform some simple
data validation checks, and then pass those along to
`AuthRequestRepository` for updating in the database.

This commit stubs out this method for the purpose of writing unit tests.
At this stage the method throws a `NotImplementedException()`. It will
be expand after writing assertions.

* Inject `IAuthRequestRepository` into `UpdateOrganizationAuthCommand`

The updates to `UpdateOrganizationAuthRequestCommand` require a new
direct dependency on `IAuthRequestRepository`. This commit simply
registers this dependency in the `UpdateOrganizationAuthRequest`
constructor for use in unit tests and the `UpdateManyAsync()`
implementation.

* Write tests

* Rename `UpdateManyAsync()` to `UpdateAsync`

* Drop the `CommandModel` suffix

* Invert business logic update filters

* Rework everything to be more model-centric

* Bulk send push notifications

* Write tests that validate the command as a whole

* Fix a test that I broke by mistake

* Swap to using await instead of chained methods for processing

* Seperate a function arguement into a variable declaration

* Ungeneric-ify the processor

* Adjust ternary formatting

* Adjust naming of methods regarding logging organization events

* Throw an exception if Process is called with no auth request loaded

* Rename `_updates` -> `_update`

* Rename email methods

* Stop returning `this`

* Allow callbacks to be null

* Make some assertions about the state of a processed auth request

* Be more terse about arguements in happy path test

* Remove unneeded null check

* Expose an endpoint for bulk processing of organization auth requests  (#4077)

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2024-05-27 11:56:52 +10:00
Thomas Rittson
0d2e953459
Remove obsolete permissions code from ImportCiphersController (#4124) 2024-05-27 10:58:04 +10:00
Thomas Rittson
62c90bc50a
Remove FlexibleCollections check from OrganizationsController (#4123) 2024-05-27 10:57:54 +10:00
aj-rosado
6a0eae417d
Added MemberAccessReport to feature flags (#4114) 2024-05-24 16:51:32 +01:00
Merissa Weinstein
a5ec675cc8
remove onboarding feature flag (#4085) 2024-05-24 10:15:00 -05:00
Cesar Gonzalez
517fa1edf7
[PM-5295] Implement feature flag that allows us to fallback to using the TreeWalker API in the extension when collecting page details for autofill (#4076) 2024-05-24 10:13:17 -05:00
Rui Tomé
5fabad35c7
[AC-2328] Add a Bulk OrganizationUsersController.GetResetPasswordDetails endpoint (#4079)
* Add new stored procedure for reading reset password details for multiple organization user IDs

* Add method IOrganizationUserRepository.GetManyResetPasswordDetailsByOrganizationUserAsync

* Add new API endpoint for getting reset password details for multiple organization users

* Add unit tests for bulk OrganizationUsersController.GetResetPasswordDetails

* Add alias to sql query result column

* Add constructor for automatic mapping

* Fix http method type for endpoint

* dotnet format

* Simplify the constructor in the OrganizationUserResetPasswordDetails

* Refactor stored procedure and repository method names for retrieving account recovery details

* Add integration tests for GetManyAccountRecoveryDetailsByOrganizationUserAsync

* Lock endpoint behind BulkDeviceApproval feature flag

* Update feature flag key value
2024-05-24 11:20:54 +01:00
Thomas Rittson
be41865b59
[AC-2522] Remove collection enhancements opt-in (#4110)
* Delete controller endpoint
* Delete command
* Drop sproc
2024-05-24 09:00:04 +10:00
cyprain-okeke
ba93c0008b
[AC-2381][AC-2382] As a billing system, I need to store a transaction when a charge has succeeded for a provider (#4115)
* Add the providerId to the transaction object

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Refactor to check if providerId hasValue before return

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-05-23 16:28:56 +01:00
cyprain-okeke
cb9ec27228
Include the ProviderId to transaction object (#4116)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-05-23 16:23:14 +01:00
Alex Morask
06910175e2
[AC-2576] Replace Billing commands and queries with services (#4070)
* Replace SubscriberQueries with SubscriberService

* Replace OrganizationBillingQueries with OrganizationBillingService

* Replace ProviderBillingQueries with ProviderBillingService, move to Commercial

* Replace AssignSeatsToClientOrganizationCommand with ProviderBillingService, move to commercial

* Replace ScaleSeatsCommand with ProviderBillingService and move to Commercial

* Replace CancelSubscriptionCommand with SubscriberService

* Replace CreateCustomerCommand with ProviderBillingService and move to Commercial

* Replace StartSubscriptionCommand with ProviderBillingService and moved to Commercial

* Replaced RemovePaymentMethodCommand with SubscriberService

* Formatting

* Used dotnet format this time

* Changing ProviderBillingService to scoped

* Found circular dependency'

* One more time with feeling

* Formatting

* Fix error in remove org from provider

* Missed test fix in conflit

* [AC-1937] Server: Implement endpoint to retrieve provider payment information (#4107)

* Move the gettax and paymentmethod from stripepayment class

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add the method to retrieve the tax and payment details

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add unit tests for the paymentInformation method

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add the endpoint to retrieve paymentinformation

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add unit tests to the SubscriberService

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Remove the getTaxInfoAsync update reference

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
Co-authored-by: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
2024-05-23 10:17:00 -04:00
cyprain-okeke
a9ab894893
Send upcoming invoice to provider billing email (#4112)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-05-23 11:40:51 +01:00
Thomas Rittson
b2693913bf
[AC-2521] Remove FlexibleCollectionsSignUp feature flag (#4109)
* Remove FlexibleCollectionsSignUp feature flag

* Always set Organization.FlexibleCollections to true

* Remove explicit assignment of LimitCollectionCreationDeletion so it defaults to false
2024-05-23 09:15:12 +10:00
Kyle Spearrin
4264fc0729
[PM-7004] Org Admin Initiate Delete (#3905)
* org delete

* move org id to URL path

* tweaks

* lint fixes

* Update src/Core/Services/Implementations/HandlebarsMailService.cs

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>

* Update src/Core/Services/Implementations/HandlebarsMailService.cs

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>

* PR feedback

* fix id

* [PM-7004] Move OrgDeleteTokenable to AdminConsole ownership

* [PM-7004] Add consolidated billing logic into organization delete request acceptance endpoint

* [PM-7004] Delete unused IOrganizationService.DeleteAsync(Organization organization, string token) method

* [PM-7004] Fix unit tests

* [PM-7004] Update delete organization request email templates

* Add success message when initiating organization deletion

* Refactor OrganizationsController request delete initiation action to handle exceptions

---------

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
Co-authored-by: Rui Tome <rtome@bitwarden.com>
2024-05-22 17:59:19 +01:00
Addison Beck
56c523f76f
Allow for bulk updating AuthRequest database objects (#4053)
* Declare a new repository interface method

To facilitate a new bulk device login request approval workflow in the
admin console we need to update `IAuthRequestRepisitory` (owned by Auth
team) to include an`UpdateManyAsync()` method. It should accept a list
of `AuthRequest` table objects, and implementations will do a very
simple 1:1 update of the passed in data.

This commit adds an `UpdateManyAsync()` method to the
`AuthRequestRepository` interface.

* Stub out method implementations to enable unit testing

This commit stubs out implementations of
`IAuthRequestRepository.UpdateManyAsync()` so the method signature can
be called in unit tests. At this stage the methods are not implemented.

* Assert a happy path integration test

* Establish a user defined SQL type for Auth Requests

To facilitate a bulk update operation for auth requests a new user
defined type will need to be written that can be used as a table input
to the stored procedure. This will follow a similar pattern to how the
`OragnizationSponsorshipType` works and is used by the stored procedure
`OrganizationSponsorship_UpdateMany`.

* Establish a new stored procedure

To facilitate the bulk updating of auth request table objects this
commit adds a new stored procedure to  update a collection of entities
on `AuthRequest` table by their primary key. It updates all properties,
for convention, but the endpoint created later will only change the
`Approved`, `ResponseDate`, `Key`, `MasterPasswordHash`, and
`AuthenticationDate` properties.

* Apply a SQL server migration script

This commit simply applies a migration script containing the new user
defined type and stored procedure comitted previously.

* Enable converting an `IEnumerable<AuthRequest>` to a `DataTable`

The current pattern in place for bulk update stored procedures is to
pass a `DataTable` through Dapper as an input for the update stored
procedure being run. In order to facilitate the new bulk update
procedure for the`AuthRequest` type we need a function added that can
convert an `IEnumerable<AuthRequest>` to a `DataTable`. This is commit
follows the convention of having a static class with a conversion method
in a `Helpers` folder: `AuthRequestHelpers.ToDataTable()`.

* Implement `Dapper/../AuthRequestRepository.UpdateMany()`

This commit implements `AuthRequestRepository.UpdateMany()` for the
Dapper implementation of `AuthRequestRepository`. It connects the stored
procedure, `DataTable` converter, and Dapper-focused unit test commits
written previously into one exposed method that can be referenced by
service callers.

* Implement `EntityFramework/../AuthRequestRepository.UpdateMany()`

This commit implements the new
`IAuthRequestRepository.UpdateManyAsync()`method in the Entity Framework
skew of the repository layer. It checks to make sure the passed in list
has auth requests, converts them all to an Entity Framework entity, and
then uses `UpdateRange` to apply the whole thing over in the database
context.

* Assert that  `UpdateManyAsync` can not create any new auth requests

* Use a json object as stored procedure input

* Fix the build

* Continuing to troubleshoot the build

* Move `AuthRequest_UpdateMany` to the Auth folder

* Remove extra comment

* Delete type that never got used

* intentionally break a test

* Unbreak it
2024-05-22 11:55:31 -05:00
renovate[bot]
5ddb854f1a
[deps] Auth: Update azure azure-sdk-for-net monorepo (#3540)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-05-21 13:12:43 -07:00
SmithThe4th
aee180adfc
[PM-8004] Move Unmanaged collection logic out of component for better reuse (#4108)
* Updated sprocs to return unmanaged collection column, updated reponse to return to return unmanaged

* reformatted sproc
2024-05-21 14:42:47 -04:00
Jason Ng
87865e8f5c
[AC-2447] Update PutCollection to return Unavailable cipher when last Can Manage Access is Removed (#4074)
* update CiphersController to return a unavailable value to the client so it can determine if the user removed the final Can Manage access of an item
2024-05-21 11:31:22 -04:00
renovate[bot]
f2242186d0
[deps] Tools: Update aws-sdk-net monorepo (#4104)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-21 12:00:17 +02:00
renovate[bot]
74fff55c18
[deps] Tools: Update SignalR to v8.0.5 (#4103)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-21 11:56:09 +02:00
renovate[bot]
1b47d23774
[deps] Tools: Update MailKit to v4.6.0 (#4106)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-21 11:53:40 +02:00
renovate[bot]
476e5adfbe
[deps] Tools: Update LaunchDarkly.ServerSdk to v8.5.0 (#4105)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-21 11:51:40 +02:00
Thomas Rittson
53ed608ba1
[AC-2604] Fix aggregation of CollectionGroup permissions (#4097)
* Fix aggregation of CollectionGroup permissions - use MAX on Manage column instead of MIN
2024-05-21 14:40:05 +10:00
Thomas Rittson
98b7866c95
[AC-2605] Restrict collection access for some custom users (#4096)
* Make custom users subject to collection settings
  Affects ManageUsers and ManageGroups
2024-05-21 10:44:57 +10:00
renovate[bot]
489f6246b1
[deps] Auth: Update DuoUniversal to v1.2.4 (#4080)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-05-20 14:21:12 -07:00
Alex Morask
0be40d1bd9
[AC-2489] Resolve SM Standalone issues with SCIM & Directory Connector (#4011)
* Add auto-scale support to standalone SM for SCIM

* Mark users for SM when using SM Stadalone with Directory Connector
2024-05-20 10:22:16 -04:00
Vincent Salucci
febc696c80
[AC-240] - BUG - Confirm Admin/Owners to org when excluded from Single Org Policy (#4087)
* fix: align policy checks for excluded types, update tests, create fixture, refs AC-240

* fix: update final policy check against other orgs (not including the current), refs AC-240
2024-05-17 14:28:51 -05:00
Conner Turnbull
a60180230d
[AC-2513] Scaling PM seat count with SM seat count (#4040)
* For SM Trial orgs, now scaling PM seat count with SM seat count adjustments

* Split Billing related organization endpoints into billing owned controller

* Updated billing organizations controller to use a primary constructor to reduce boilerplate

* Fixed error where ID couldn't be mapped to subscription endpoint guid param

* Updated billing OrganizationController endpoints to not manually create the GUID from the string ID

* Banished magic string back to the pit from whence it came

* Resolved errors in unit tests
2024-05-17 14:16:03 -04:00
Conner Turnbull
0b5c21acca
Hiding teams starter option (#4044) 2024-05-17 09:21:12 -04:00
Jake Fink
3bb8cce2e6
add login redirect url to identity server (#4092) 2024-05-16 15:47:44 -04:00
Conner Turnbull
7d65d8dd4f
Resolved razor syntax error by updating expression to be explicit instead of implicit (#4094) 2024-05-16 13:16:01 -04:00
Thomas Rittson
e619508f3f
[AC-2602] Fix error when provider edits existing group (#4086)
* Add null check to groups endpoint - providers may not be OrgUsers
2024-05-15 15:17:15 +01:00
Alex Morask
fd173e81b6
[AC-2426] Allow editing of client organization name (#4072)
* Allow editing of client organization name

* Removing unnecessary using for linter
2024-05-14 11:26:08 -04:00
Todd Martin
e93894a6fd
Removed unused feature flags (#4083)
* Removed unused feature flags

* Removed 2 more flags.
2024-05-14 11:00:32 -04:00
SmithThe4th
b960d25c97
added feature flag constant for vault bullk management action (#4075) 2024-05-14 09:45:50 -04:00
Alex Morask
9b9318caac
[AC-2313] Add Gateway fields to Provider edit in Admin (#4057)
* Formatting

* Add Gateway fields to provider edit

* Remove unnecessary usings

* Thomas' feedback

* Removing unnecessary using for linter

* Removing unused file

* Removing unused file
2024-05-14 09:16:24 -04:00
Addison Beck
989908151d
Remove unneeded using (#4084) 2024-05-14 09:59:04 +01:00
Todd Martin
7f9d7c0c5d
[PM-7029] Remove conditional logic for KeyRotationImprovements feature flag (#4002)
* Removed business logic that references flag

* Removed using statement.

* Undid accidental keystroke.

* Removed unused method.

* Removed unused imports.
2024-05-09 13:24:02 -04:00
Ike
479f8319c2
remove alias (#4058) 2024-05-09 08:43:43 -07:00
Alex Morask
ac4ccafe19
[AC-2471] Prevent calls to Stripe when unlinking client org has no Stripe objects (#3999)
* Prevent calls to Stripe when unlinking client org has no Stripe objects

* Thomas' feedback

* Check for stripe when org unlinked from org page

---------

Co-authored-by: Conner Turnbull <cturnbull@bitwarden.com>
2024-05-09 09:20:02 -04:00
Alex Morask
fa7b00a728
Send reference event on payment success for provider (#4063) 2024-05-09 09:09:23 -04:00
Thomas Rittson
109cb9f672
Fix 404 error when creating users/groups (#4066) 2024-05-08 21:36:53 -05:00
Vincent Salucci
df4d1d5552
[AC-2086] Update CanDelete to handle V1 flag logic (#3979)
* feat: Update authorization handler to handle V1 collection enhancement, refs AC-2086

* feat: update tests to account for new V1 flag/setting logic, refs AC-2086

* feat: update CanDelete with all collection enhancement combinations, refs AC-2086

* feat: add tests for new delete flows, refs AC-2086

* fix: update new conditionals with bool return value, refs AC-2086

* feat: simplify conditional in regards to LimitCollectionCreationDeletion, refs AC-2086

* feat: simplify AllowAdminAccessToAllCollectionItems conditional, refs AC-2086

* feat: add unit test making sure admins can't delete collections without can manage, refs AC-2086
2024-05-08 18:25:22 -04:00
Shane Melton
45be4d5069
[AC-1707] Restrict provider access to items (#3881)
* [AC-2274] Introduce CanEditAnyCiphersAsAdminAsync helper to replace EditAnyCollection usage

* [AC-2274] Add unit tests for CanEditAnyCiphersAsAdmin helper

* [AC-2274] Add Jira ticket

* [AC-1707] Add feature flag

* [AC-1707] Update CanEditAnyCiphersAsAdmin to fail for providers when the feature flag is enabled

* [AC-2274] Undo change to purge endpoint

* [AC-2274] Update admin checks to account for unassigned ciphers

* [AC-1707] Fix provider auth checks after merge with main

* [AC-1707] Fix tests after merge

* [AC-1707] Adjust CanEditCipherAsAdmin method to properly account for admin user types

- Fix associated unit tests

* [AC-1707] Formatting
2024-05-07 12:30:48 -07:00
cyprain-okeke
6bdee5dd34
Fix the issue of returning on Error! without descriptive message (#4056)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-05-07 17:45:01 +01:00
Jason Ng
ea49ff7dcb
[AC-1121] Update authorization for orphaned collections (#4047)
* update BulkCollectionAuthorizationHandler to account for orphaned collections
2024-05-07 11:02:59 -04:00
renovate[bot]
9e554006f3
[deps] Auth: Update Microsoft.Azure.Cosmos to v3.39.1 (#3541)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-05-07 07:49:52 -07:00
Thomas Avery
cd3a45c8c6
[SM-1030] Cleanup old access policy management code (#4015)
* Remove access selector code

* Cleanup integration tests
2024-05-06 14:56:58 -05:00
cyprain-okeke
3715d7d426
Add providerType as part of the response object (#4055)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-05-06 20:21:38 +01:00
Alex Morask
bcfaf55412
[AC-2548] Remove automatic tax collection check from provider creation (#4042)
* Remove automatic tax collection check

* Fix tests
2024-05-06 11:56:02 -04:00
Jake Fink
2a535ac835
[PM-7919] return exception if trying to overwrite keypair (#4052)
* return exception if trying to overwrite keypair

* add feature flag
2024-05-06 08:49:18 -04:00
renovate[bot]
90e065556e
[deps] Tools: Update aws-sdk-net monorepo to v3.7.300.86 (#4049)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-06 13:50:31 +02:00
Shane Melton
6a8d97affb
Add the extension-refresh feature flag (#4041) 2024-05-03 16:16:57 -04:00
Shane Melton
d965166a37
[AC-2084] Include Collection permissions for admin endpoints (#3793)
* [AC-2084] Add documentation to existing collection repository getters

* [AC-2084] Add new CollectionAdminDetails model

* [AC-2084] Add SQL and migration scripts

* [AC-2084] Introduce new repository methods to include permission details for collections

* [AC-2084] Add EF repository methods and integration tests

* [AC-2084] Update CollectionsController and response models

* [AC-2084] Fix failing SqlServer test

* [AC-2084] Clean up admin endpoint response models
- vNext endpoints should now always return CollectionDetailsResponse models
- Update constructors in CollectionDetailsResponseModel to be more explicit and add named static constructors for additional clarity

* [AC-2084] Fix failing tests

* [AC-2084] Fix potential provider/member bug

* [AC-2084] Fix broken collections controller

* [AC-2084] Cleanup collection response model types and constructors

* [AC-2084] Remove redundant authorization check

* [AC-2084] Cleanup ambiguous model name

* [AC-2084] Add GroupBy clause to sprocs

* [AC-2084] Add GroupBy logic to EF repository

* [AC-2084] Update collection repository tests

* [AC-2084] Update migration script date

* Update migration script date

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: kejaeger <138028972+kejaeger@users.noreply.github.com>
2024-05-03 09:33:06 -04:00
cyprain-okeke
25c87214ff
Fix typo in 'Provider' spelling (#4043)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-05-02 22:50:10 +01:00
Kyle Spearrin
c045739325
[PM-6977] Migrate to FCM v1 (redo) (#4046)
* revert changes again

* use IServiceProvider

* fix test
2024-05-02 16:37:06 -04:00
Thomas Avery
7f8cea58d0
[SM-923] Add project service accounts access policies management endpoints (#3993)
* Add new models

* Update repositories

* Add new authz handler

* Add new query

* Add new command

* Add authz, command, and query to DI

* Add new endpoint to controller

* Add query unit tests

* Add api unit tests

* Add api integration tests
2024-05-02 11:06:20 -05:00
Thomas Rittson
e302ee1520
[AC-2170] Group modal - limit admin access - collections tab (#3998)
* Update GroupsController POST and PUT to respect collection management settings
2024-05-02 09:55:16 +10:00
Thomas Rittson
f0b9391249
Prevent user from adding themselves to collection (#4037) 2024-05-02 08:32:50 +10:00
Thomas Avery
29a69b76a4
[SM-1222] Add event and reference event logging to secrets sync (#4031) 2024-05-01 12:31:58 -05:00
Thomas Avery
ebd88393c8
[SM-910] Add service account granted policies management endpoints (#3736)
* Add the ability to get multi projects access

* Add access policy helper + tests

* Add new data/request models

* Add access policy operations to repo

* Add authz handler for new operations

* Add new controller endpoints

* add updating service account revision
2024-05-01 11:47:11 -05:00
cyprain-okeke
a14646eaad
resolve the text style (#4038)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-05-01 17:00:39 +01:00
Thomas Rittson
5012d56e5a
[AC-2538] Limit admin access - fix ManageUsers custom permission (#4032)
* Fix issue where ManageUsers custom permission could not
  grant access to collections
* Split ModifyAccess operation to ModifyUserAccess and
  ModifyGroupAccess to reflect more granular operations
2024-05-01 10:06:24 +10:00
cyprain-okeke
3749fa6113
resolve the issue (#4035)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-04-30 19:20:48 +01:00
Shane Melton
8e7bd79d9a
[AC-2274] Restrict Admin POST/PUT/DELETE Cipher Endpoints for V1 FC (#3879)
* [AC-2274] Introduce CanEditAnyCiphersAsAdminAsync helper to replace EditAnyCollection usage

* [AC-2274] Add unit tests for CanEditAnyCiphersAsAdmin helper

* [AC-2274] Add Jira ticket

* [AC-2274] Undo change to purge endpoint

* [AC-2274] Update admin checks to account for unassigned ciphers

---------

Co-authored-by: kejaeger <138028972+kejaeger@users.noreply.github.com>
2024-04-30 10:28:16 -07:00
renovate[bot]
79a4cbaa09
[PM-7335] [deps] Auth: Update Duende.IdentityServer to v7 (#3709)
* [deps] Auth: Update Duende.IdentityServer to v7

* Fixes for upgrade incompatibility

* Update configuration file used in a test

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-04-30 09:50:36 -07:00
Todd Martin
e74d299e6b
[PM-1449] Add email-verification flag (#4033) 2024-04-30 12:43:12 -04:00
Alex Morask
ccaee0b719
Stopped subtracting grace period from expiration date when license is in trial (#3991) 2024-04-30 10:55:05 -04:00
SmithThe4th
cb55699d80
get updated cipher and used that in the response model (#4030) 2024-04-29 16:12:42 -04:00
renovate[bot]
ba4c2639b7
[deps] Auth: Update del to v6.1.1 (#3607)
* [deps] Auth: Update del to v6.1.1

* fix bootstrap

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike Kottlowski <ikottlowski@bitwarden.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-04-29 10:59:59 -07:00
Thomas Rittson
ba36b2d26a
[AC-2172] Member modal - limit admin access (#3934)
* update OrganizationUsersController PUT and POST
* enforces new collection access checks when updating members
* refactor BulkCollectionAuthorizationHandler to avoid repeated db calls
2024-04-29 11:02:06 +10:00
Ike
8142ba7bf2
target bootstrap v4.6.2 (#4024) 2024-04-26 17:40:45 -07:00
SmithThe4th
e2d445dd3c
Changed PutCollections response model to return collection ids (#4023) 2024-04-26 16:27:00 -04:00
Rui Tomé
b3e5076128
[AC-1978] Flexible collections: EF data migrations for deprecated permissions (#3969)
* [AC-1682] Added MySql migration and script

(cherry picked from commit d367f6de6b)

* [AC-1682] Added Postgres migration and script

(cherry picked from commit 9bde1604da)

* [AC-1682] Added Sqlite migration and script

(cherry picked from commit 262887f9c3)

* [AC-1682] dotnet format

(cherry picked from commit 00eea0621c)

* [AC-1682] Fixed Sqlite query

(cherry picked from commit 26f5bf8afd)

* [AC-1682] Drop temp tables if they exist when starting the scripts

(cherry picked from commit c20912f95c)

* [AC-1682] Removed MySql transaction from script because EF migration already wraps it under its own transaction

(cherry picked from commit 7b54d78d67)

* [AC-1682] Setting FlexibleCollections = 1 only for Orgs that had data migrated in previous steps

(cherry picked from commit 28bba94d81)

* [AC-1682] Updated queries to check for OrganizationId

(cherry picked from commit a957530d5e)

* [AC-1682] Fixed MySql script

(cherry picked from commit deee483ab7)

* [AC-1682] Fixed Postgres query

(cherry picked from commit c3ca9ec3c8)

* [AC-1682] Fix Sqlite query

(cherry picked from commit fada0a81bf)

* [AC-1682] Reverted scripts back to enabling Flexible Collections to all existing Orgs

(cherry picked from commit bd3b21b969)

* [AC-1682] Removed dropping temporary table from scripts

(cherry picked from commit eb7794d592)

* [AC-1682] Removed other temp table drops

(cherry picked from commit 26768b7bf8)

* [AC-1978] Fix issue that allows the web app to have the user type Manager available

(cherry picked from commit 2890f78870)

* [AC-1682] Bump dates on migration scripts

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2024-04-26 14:11:29 +01:00
Rui Tomé
d2abf5b2d7
[AC-2323] Flexible collections: automatically migrate data for all Organizations (#3927)
* [AC-2323] Added script to migrate all sql organizations to use flexible collections

* [AC-2323] Overriding FlexibleCollectionsSignup to true for local usage

* [AC-2323] Fix script comment

* [AC-2323] Fixed typo

* [AC-2323] Bump up date on migration script

* [AC-2323] Bump migration script date

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2024-04-26 14:11:00 +01:00
Alex Morask
186afbc162
Updated CB to use both flag and provider status. (#4005) 2024-04-25 15:27:00 -04:00
Thomas Avery
a7b992d424
[SM-1150] Add secret sync endpoint (#3906)
* Add SecretsSyncQuery

* Add SecretsSync to controller

* Add unit tests

* Add integration tests

* update repo layer
2024-04-25 10:34:08 -05:00
Alex Morask
f7aa56b324
Handle case where Stripe IDs do not relate to Stripe entities (#4021) 2024-04-25 11:07:47 -04:00
renovate[bot]
78b57ba99f
[deps] Tools: Update aws-sdk-net monorepo to v3.7.300.81 (#4019)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-04-25 15:42:53 +02:00
renovate[bot]
be05050e68
[deps] Tools: Update LaunchDarkly.ServerSdk to v8.4.0 (#4020)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-04-25 15:41:18 +02:00
Alex Morask
eac2b9f0b8
[AC-2488] Return default state for billing metadata when Organization has no Stripe entities (#4018)
* Return default state for billing metadata when no stripe entities

* Fix tests
2024-04-25 09:21:05 -04:00
Alex Morask
b12e881ece
[AC-2488] Add billing endpoint to determine SM standalone for organization (#4014)
* Add billing endpoint to determine SM standalone for org.

* Add missing attribute
2024-04-24 16:29:04 -04:00
cyprain-okeke
d3c964887f
[AC-2512] Admin: Seat Minimum input fields are showing for Reseller-type providers (#4013)
* resolve the issue

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* remove the unused reference

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-04-24 20:37:21 +01:00
renovate[bot]
9de222d13c
[deps] Auth: Update bootstrap to v5 (#3610)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-04-23 12:41:22 -07:00
renovate[bot]
dd3f094f22
[deps] Auth: Update DuoUniversal to v1.2.3 (#3866)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-04-23 11:39:52 -07:00
renovate[bot]
1e88adc7fa
[deps] Auth: Update sass to v1.75.0 (#3609)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-04-23 10:19:30 -07:00
renovate[bot]
8ffc589dd2
[deps] Auth: Update jquery to v3.7.1 (#3608)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-04-23 09:56:17 -07:00
Kyle Spearrin
3c76f48bdc
Revert "[PM-6977] Migrate to FCM v1 (#3917)" (#4009)
This reverts commit dd8d5955a4.
2024-04-23 13:59:28 +00:00
Kyle Spearrin
dd8d5955a4
[PM-6977] Migrate to FCM v1 (#3917)
* fcmv1 update

* try without nested data obj

* type must be a string

* fcmv1 migration flag

* lint fixes

* fix tests

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-04-23 12:58:35 +01:00
Conner Turnbull
28e8287451
Updated missing logic for 2023 plans (#4000) 2024-04-19 13:15:35 -04:00
Addison Beck
87f710803d
Refactor PolicyService.SaveAsync() (#4001)
* Move dependent policy checks to a dedicated function

* Invert conditional

* Extract enable logic
2024-04-19 10:53:24 -05:00
Alex Morask
821f7620b6
[AC-2461] Scale provider seats on client organization deletion (#3996)
* Scaled provider seats on client organization deletion

* Thomas' feedback
2024-04-19 10:09:18 -04:00
Conner Turnbull
e6bd8779a6
Updated GetIdsByMetadata to support providerId (#3994)
* Refactored the charge succeeded handler a bit

* If refund charge is received, and we don't have a parent transaction stored already, attempt to create one

* Converted else if structure to switch-case

* Moved logic for invoice.upcoming to a private method

* Moved logic for charge.succeeded to a private method

* Moved logic for charge.refunded to a private method

* Moved logic for invoice.payment_succeeded to a private method

* Updated invoice.payment_failed to match the rest

* Updated invoice.created to match the rest with some light refactors

* Added method comment to HandlePaymentMethodAttachedAsync

* Moved logic for customer.updated to a private method

* Updated logger in default case

* Separated customer.subscription.deleted and customer.subscription.updated to be in their own blocks

* Moved logic for customer.subscription.deleted to a private method

* Moved logic for customer.subscription.updated to a private method

* Merged customer sub updated or deleted to switch

* No longer checking if the user has premium before disabling it since the service already checks

* Moved webhook secret parsing logic to private method

* Moved casting of event to specific object down to handler

* Reduced nesting throughout

* When removing secrets manager, now deleting 100% off password manager discount for SM trials

* Added method comment and reduced nesting in RemovePasswordManagerCouponIfRemovingSecretsManagerTrialAsync

* Updated GetIdsByMetadata to support providerId
2024-04-19 09:33:26 -04:00
Conner Turnbull
0171a3150e
[AC-2427] update discount logic for complimentary password manager (#3990)
* Refactored the charge succeeded handler a bit

* If refund charge is received, and we don't have a parent transaction stored already, attempt to create one

* Converted else if structure to switch-case

* Moved logic for invoice.upcoming to a private method

* Moved logic for charge.succeeded to a private method

* Moved logic for charge.refunded to a private method

* Moved logic for invoice.payment_succeeded to a private method

* Updated invoice.payment_failed to match the rest

* Updated invoice.created to match the rest with some light refactors

* Added method comment to HandlePaymentMethodAttachedAsync

* Moved logic for customer.updated to a private method

* Updated logger in default case

* Separated customer.subscription.deleted and customer.subscription.updated to be in their own blocks

* Moved logic for customer.subscription.deleted to a private method

* Moved logic for customer.subscription.updated to a private method

* Merged customer sub updated or deleted to switch

* No longer checking if the user has premium before disabling it since the service already checks

* Moved webhook secret parsing logic to private method

* Moved casting of event to specific object down to handler

* Reduced nesting throughout

* When removing secrets manager, now deleting 100% off password manager discount for SM trials

* Added method comment and reduced nesting in RemovePasswordManagerCouponIfRemovingSecretsManagerTrialAsync
2024-04-19 09:15:48 -04:00
Addison Beck
19a7aa500d
Properly handle new policy enrollments in the public API (#4003)
* Test the use case

* Properly instantiate model from null

* Rename query parameter
2024-04-18 17:04:04 -05:00
Alex Morask
9827ee5f6a
[AC-2420] Fix customer discount ID and SM invite validation (#3966)
* Fix customer discount ID and SM update validation

* Replace constructor needed for autofixture
2024-04-18 11:11:37 -04:00
Colton Hurst
49ed5af517
SM-1179: Rename service accounts to machine accounts (#3974) 2024-04-18 11:01:08 -04:00
Rui Tomé
92716fe319
[PM-3176] Extract IOrganizationService.SaveUserAsync to a command (#3894)
* [PM-3176] Extract IOrganizationService.SaveUserAsync to a command

* [PM-3176] Enabled nullable on command

* [PM-3176] Removed check that was not working
2024-04-18 11:42:30 +01:00
cyprain-okeke
6672019122
[AC-1218] Add ability to delete Provider Portals (#3973)
* add new classes

* initial commit

* revert the changes on this files

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* revert unnecessary changes

* Add a model

* add the delete token endpoint

* add a unit test for delete provider

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* add the delete provider method

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* resolve the failing test

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* resolve the delete request redirect issue

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* changes to correct the json issue

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* resolve errors

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* resolve pr comment

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* move ProviderDeleteTokenable to the adminConsole

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add feature flag

* resolve pr comments

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* add some unit test

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* resolve the failing test

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* resolve test

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* add the remove feature flag

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* [AC-2378] Added `ProviderId` to PayPal transaction model (#3995)

* Added ProviderId to PayPal transaction model

* Fixed issue with parsing provider id

* [AC-1923] Add endpoint to create client organization (#3977)

* Add new endpoint for creating client organizations in consolidated billing

* Create empty org and then assign seats for code re-use

* Fixes made from debugging client side

* few more small fixes

* Vincent's feedback

* Bumped version to 2024.4.1 (#3997)

* [AC-1923] Add endpoint to create client organization (#3977)

* Add new endpoint for creating client organizations in consolidated billing

* Create empty org and then assign seats for code re-use

* Fixes made from debugging client side

* few more small fixes

* Vincent's feedback

* [AC-1923] Add endpoint to create client organization (#3977)

* Add new endpoint for creating client organizations in consolidated billing

* Create empty org and then assign seats for code re-use

* Fixes made from debugging client side

* few more small fixes

* Vincent's feedback

* add changes after merge conflict

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
Co-authored-by: Conner Turnbull <133619638+cturnbull-bitwarden@users.noreply.github.com>
Co-authored-by: Alex Morask <144709477+amorask-bitwarden@users.noreply.github.com>
Co-authored-by: Bitwarden DevOps <106330231+bitwarden-devops-bot@users.noreply.github.com>
2024-04-17 10:09:53 +01:00
Alex Morask
c4ba0dc2a5
[AC-1923] Add endpoint to create client organization (#3977)
* Add new endpoint for creating client organizations in consolidated billing

* Create empty org and then assign seats for code re-use

* Fixes made from debugging client side

* few more small fixes

* Vincent's feedback
2024-04-16 13:55:00 -04:00
Conner Turnbull
73e049f878
[AC-2378] Added ProviderId to PayPal transaction model (#3995)
* Added ProviderId to PayPal transaction model

* Fixed issue with parsing provider id
2024-04-16 17:50:12 +00:00
Thomas Rittson
44412844a0
[AC-2169] Group modal - limit admin access - members tab (#3975)
* Prevent Admins from adding themselves to groups
if they cannot manage all collections and items
2024-04-16 11:39:51 +10:00
renovate[bot]
0512102189
[deps] Tools: Update Handlebars.Net to v2.1.6 (#3982)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-04-15 16:56:50 +02:00
renovate[bot]
64c239674f
[deps] Tools: Update SignalR to v8.0.4 (#3984)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-04-15 13:28:19 +02:00
renovate[bot]
b73bcc9e4e
[deps] Tools: Update aws-sdk-net monorepo to v3.7.300.74 (#3985)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-04-15 13:18:10 +02:00
renovate[bot]
9377f93965
[deps] Tools: Update SendGrid to v9.29.3 (#3983)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-04-15 11:36:53 +02:00
renovate[bot]
7d161f0c2b
[deps] Tools: Update LaunchDarkly.ServerSdk to v8.3.0 (#3986)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-04-15 11:34:07 +02:00
renovate[bot]
312680b495
[deps] Tools: Update MailKit to v4.5.0 (#3987)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-04-15 11:29:30 +02:00
Conner Turnbull
6d2b47f036
Removed business name from org edit (#3970) 2024-04-12 10:17:34 -04:00
Thomas Rittson
66f0c4b982
Enable unassigned items banner for self-host (#3978) 2024-04-12 06:40:43 -05:00
cyprain-okeke
736a6f19a5
resolve the issue with changes of payment method (#3976)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-04-11 15:19:28 +01:00
Alex Morask
3cdfbdb22d
Start subscription for provider during setup process. (#3957) 2024-04-10 14:10:53 -04:00
Thomas Rittson
2c36784cda
[AC-2436] Show unassigned items banner (#3967)
* Add endpoint

* Add feature flag

* Only show banner for flexible collections orgs (to avoid affecting self-host)
2024-04-10 09:06:43 -05:00
Jason Ng
c15574721d
AC-2330 add response to put method for updating cipher collections (#3964)
Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
2024-04-09 10:39:26 -04:00
Kyle Spearrin
40221f578f
[PM-6339] Shard notification hub clients across multiple accounts (#3812)
* WIP registration updates

* fix deviceHubs

* addHub inline in ctor

* adjust setttings for hub reg

* send to all clients

* fix multiservice push

* use notification hub type

* feedback

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-04-08 15:39:44 -04:00
Vincent Salucci
de8b7b14b8
feat: generate txt record server-side and remove initial domain verification, refs AC-2350 (#3940) 2024-04-08 14:32:20 -05:00
Conner Turnbull
9a2d383417
[AC-2211] SM Changes (#3938)
* SM changes

* Teams starter bugs
2024-04-08 14:42:01 -04:00
Conner Turnbull
03e65f6d1d
[AC-2416] Resolved Stripe refunds not creating a transaction (#3962)
* Resolved NullReferenceException when refunding a charge

* Downgraded log message for PayPal to warning
2024-04-08 09:40:43 -04:00
cyprain-okeke
5bd2c424aa
[AC-2262] As a Bitwarden Admin, I need a ways to set and update an MSP's minimum seats (#3956)
* initial commit

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* add the feature flag

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add featureflag for create and edit html pages

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-04-05 15:50:28 +01:00
Jake Fink
108d22f484
[BEEEP] begin 2fa integration tests for identity (#3843)
* begin 2fa integration tests for identity
- fix org mappings and query

* add key length to doc

* lint
2024-04-05 09:30:42 -04:00
Colton Hurst
b164f24c99
SM-1119: Rename service accounts to machine accounts (#3958)
* SM-1119: Rename service accounts to machine accounts

* SM-1119: Undo system management portal changes
2024-04-05 08:54:36 -04:00
Matt Bishop
88f34836f2
Event processor tuning (#3945) 2024-04-02 15:45:18 -04:00
Alex Morask
a048d6d9e3
[AC-1795] Provide extra subscription info when past due (#3950)
* Provide past due data on subscription

* Add feature flag
2024-04-02 13:21:40 -04:00
cyprain-okeke
48da6eba1c
[PM-3891] Remove the dollar threshold changes and Implement time-based threshold (#3948)
* implement time threshold

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* add code to make failed payment is tried

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
Co-authored-by: Conner Turnbull <133619638+cturnbull-bitwarden@users.noreply.github.com>
2024-04-02 17:36:53 +01:00
Alex Morask
f0b7074219
Propagate org status from selfhost model (#3930) 2024-04-02 09:29:41 -04:00
Alex Morask
a39a498790
Prevent NRE for missing upcoming invoice when sub is pending cancelation (#3920) 2024-04-02 09:28:57 -04:00
renovate[bot]
b9049cd699
[deps] DbOps: Update Dapper to v2.1.35 (#3947)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-04-01 09:46:58 -04:00
Alex Morask
2f9daf2149
Update response code (#3949) 2024-04-01 09:13:55 -04:00
renovate[bot]
66593297b9
[deps] Billing: Update Serilog.Sinks.SyslogMessages to v3.0.2 (#3946)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-04-01 08:46:25 -04:00
renovate[bot]
10d132aa22
[deps] DbOps: Update Microsoft.Data.SqlClient to v5.2.0 (#3944)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-03-29 13:50:24 -04:00