Thomas Rittson
98b7866c95
[AC-2605] Restrict collection access for some custom users ( #4096 )
...
* Make custom users subject to collection settings
Affects ManageUsers and ManageGroups
2024-05-21 10:44:57 +10:00
renovate[bot]
489f6246b1
[deps] Auth: Update DuoUniversal to v1.2.4 ( #4080 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-05-20 14:21:12 -07:00
Alex Morask
0be40d1bd9
[AC-2489] Resolve SM Standalone issues with SCIM & Directory Connector ( #4011 )
...
* Add auto-scale support to standalone SM for SCIM
* Mark users for SM when using SM Stadalone with Directory Connector
2024-05-20 10:22:16 -04:00
Vincent Salucci
febc696c80
[AC-240] - BUG - Confirm Admin/Owners to org when excluded from Single Org Policy ( #4087 )
...
* fix: align policy checks for excluded types, update tests, create fixture, refs AC-240
* fix: update final policy check against other orgs (not including the current), refs AC-240
2024-05-17 14:28:51 -05:00
Conner Turnbull
a60180230d
[AC-2513] Scaling PM seat count with SM seat count ( #4040 )
...
* For SM Trial orgs, now scaling PM seat count with SM seat count adjustments
* Split Billing related organization endpoints into billing owned controller
* Updated billing organizations controller to use a primary constructor to reduce boilerplate
* Fixed error where ID couldn't be mapped to subscription endpoint guid param
* Updated billing OrganizationController endpoints to not manually create the GUID from the string ID
* Banished magic string back to the pit from whence it came
* Resolved errors in unit tests
2024-05-17 14:16:03 -04:00
Conner Turnbull
0b5c21acca
Hiding teams starter option ( #4044 )
2024-05-17 09:21:12 -04:00
Jake Fink
3bb8cce2e6
add login redirect url to identity server ( #4092 )
2024-05-16 15:47:44 -04:00
Conner Turnbull
7d65d8dd4f
Resolved razor syntax error by updating expression to be explicit instead of implicit ( #4094 )
2024-05-16 13:16:01 -04:00
Thomas Rittson
e619508f3f
[AC-2602] Fix error when provider edits existing group ( #4086 )
...
* Add null check to groups endpoint - providers may not be OrgUsers
2024-05-15 15:17:15 +01:00
Alex Morask
fd173e81b6
[AC-2426] Allow editing of client organization name ( #4072 )
...
* Allow editing of client organization name
* Removing unnecessary using for linter
2024-05-14 11:26:08 -04:00
Todd Martin
e93894a6fd
Removed unused feature flags ( #4083 )
...
* Removed unused feature flags
* Removed 2 more flags.
2024-05-14 11:00:32 -04:00
SmithThe4th
b960d25c97
added feature flag constant for vault bullk management action ( #4075 )
2024-05-14 09:45:50 -04:00
Alex Morask
9b9318caac
[AC-2313] Add Gateway fields to Provider edit in Admin ( #4057 )
...
* Formatting
* Add Gateway fields to provider edit
* Remove unnecessary usings
* Thomas' feedback
* Removing unnecessary using for linter
* Removing unused file
* Removing unused file
2024-05-14 09:16:24 -04:00
Addison Beck
989908151d
Remove unneeded using ( #4084 )
2024-05-14 09:59:04 +01:00
cyprain-okeke
f94ddb2a90
[BEEEP][AC-2497] Create unit test for the SubscriptionUpdate classes ( #4054 )
...
* Add unit tests for the StorageSubscriptionUpdateTests.cs
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* remove unwanted comment from the class
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Create a class file and add unit tests for SmSeatSubscriptionUpdateTest.cs
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Add unit test for the secrets manager seat update
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Fix the failing test cases
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Add unit test for service account update
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
---------
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-05-13 20:35:22 +01:00
Todd Martin
7f9d7c0c5d
[PM-7029] Remove conditional logic for KeyRotationImprovements feature flag ( #4002 )
...
* Removed business logic that references flag
* Removed using statement.
* Undid accidental keystroke.
* Removed unused method.
* Removed unused imports.
2024-05-09 13:24:02 -04:00
Ike
479f8319c2
remove alias ( #4058 )
2024-05-09 08:43:43 -07:00
Alex Morask
ac4ccafe19
[AC-2471] Prevent calls to Stripe when unlinking client org has no Stripe objects ( #3999 )
...
* Prevent calls to Stripe when unlinking client org has no Stripe objects
* Thomas' feedback
* Check for stripe when org unlinked from org page
---------
Co-authored-by: Conner Turnbull <cturnbull@bitwarden.com>
2024-05-09 09:20:02 -04:00
Alex Morask
fa7b00a728
Send reference event on payment success for provider ( #4063 )
2024-05-09 09:09:23 -04:00
Thomas Rittson
109cb9f672
Fix 404 error when creating users/groups ( #4066 )
2024-05-08 21:36:53 -05:00
Vincent Salucci
df4d1d5552
[AC-2086] Update CanDelete to handle V1 flag logic ( #3979 )
...
* feat: Update authorization handler to handle V1 collection enhancement, refs AC-2086
* feat: update tests to account for new V1 flag/setting logic, refs AC-2086
* feat: update CanDelete with all collection enhancement combinations, refs AC-2086
* feat: add tests for new delete flows, refs AC-2086
* fix: update new conditionals with bool return value, refs AC-2086
* feat: simplify conditional in regards to LimitCollectionCreationDeletion, refs AC-2086
* feat: simplify AllowAdminAccessToAllCollectionItems conditional, refs AC-2086
* feat: add unit test making sure admins can't delete collections without can manage, refs AC-2086
2024-05-08 18:25:22 -04:00
Shane Melton
45be4d5069
[AC-1707] Restrict provider access to items ( #3881 )
...
* [AC-2274] Introduce CanEditAnyCiphersAsAdminAsync helper to replace EditAnyCollection usage
* [AC-2274] Add unit tests for CanEditAnyCiphersAsAdmin helper
* [AC-2274] Add Jira ticket
* [AC-1707] Add feature flag
* [AC-1707] Update CanEditAnyCiphersAsAdmin to fail for providers when the feature flag is enabled
* [AC-2274] Undo change to purge endpoint
* [AC-2274] Update admin checks to account for unassigned ciphers
* [AC-1707] Fix provider auth checks after merge with main
* [AC-1707] Fix tests after merge
* [AC-1707] Adjust CanEditCipherAsAdmin method to properly account for admin user types
- Fix associated unit tests
* [AC-1707] Formatting
2024-05-07 12:30:48 -07:00
Alex Urbina
1ede40d5e1
DEVOPS-1901 Fix error: az login again to refresh permissions ( #4050 )
...
* DEVOPS-1901 REFACTOR: Remove the Docker image per registry
* DEVOPS-1901 REFACTOR: Docker image removal process in cleanup-after-pr.yml
2024-05-07 19:20:50 +00:00
renovate[bot]
928f94db1f
[deps] Platform: Update Microsoft.AspNetCore.Http to v2.2.2 ( #3753 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-05-07 10:25:46 -07:00
cyprain-okeke
6bdee5dd34
Fix the issue of returning on Error! without descriptive message ( #4056 )
...
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-05-07 17:45:01 +01:00
Jason Ng
ea49ff7dcb
[AC-1121] Update authorization for orphaned collections ( #4047 )
...
* update BulkCollectionAuthorizationHandler to account for orphaned collections
2024-05-07 11:02:59 -04:00
renovate[bot]
9e554006f3
[deps] Auth: Update Microsoft.Azure.Cosmos to v3.39.1 ( #3541 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-05-07 07:49:52 -07:00
Vince Grassia
4a607b7406
Add IgnoreUnmatchedProperties when deserializing YAML ( #4061 )
2024-05-07 13:50:04 +00:00
Bitwarden DevOps
6970207e9e
Bumped version to 2024.5.0 ( #4060 )
2024-05-06 22:36:31 +00:00
Thomas Avery
cd3a45c8c6
[SM-1030] Cleanup old access policy management code ( #4015 )
...
* Remove access selector code
* Cleanup integration tests
2024-05-06 14:56:58 -05:00
cyprain-okeke
3715d7d426
Add providerType as part of the response object ( #4055 )
...
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-05-06 20:21:38 +01:00
Alex Morask
bcfaf55412
[AC-2548] Remove automatic tax collection check from provider creation ( #4042 )
...
* Remove automatic tax collection check
* Fix tests
2024-05-06 11:56:02 -04:00
Jake Fink
2a535ac835
[PM-7919] return exception if trying to overwrite keypair ( #4052 )
...
* return exception if trying to overwrite keypair
* add feature flag
2024-05-06 08:49:18 -04:00
renovate[bot]
90e065556e
[deps] Tools: Update aws-sdk-net monorepo to v3.7.300.86 ( #4049 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-06 13:50:31 +02:00
Shane Melton
6a8d97affb
Add the extension-refresh feature flag ( #4041 )
2024-05-03 16:16:57 -04:00
Todd Martin
5a5e5c5058
Disabled major updates for bootstrap, del, gulp ( #4048 )
2024-05-03 12:04:56 -04:00
Shane Melton
d965166a37
[AC-2084] Include Collection permissions for admin endpoints ( #3793 )
...
* [AC-2084] Add documentation to existing collection repository getters
* [AC-2084] Add new CollectionAdminDetails model
* [AC-2084] Add SQL and migration scripts
* [AC-2084] Introduce new repository methods to include permission details for collections
* [AC-2084] Add EF repository methods and integration tests
* [AC-2084] Update CollectionsController and response models
* [AC-2084] Fix failing SqlServer test
* [AC-2084] Clean up admin endpoint response models
- vNext endpoints should now always return CollectionDetailsResponse models
- Update constructors in CollectionDetailsResponseModel to be more explicit and add named static constructors for additional clarity
* [AC-2084] Fix failing tests
* [AC-2084] Fix potential provider/member bug
* [AC-2084] Fix broken collections controller
* [AC-2084] Cleanup collection response model types and constructors
* [AC-2084] Remove redundant authorization check
* [AC-2084] Cleanup ambiguous model name
* [AC-2084] Add GroupBy clause to sprocs
* [AC-2084] Add GroupBy logic to EF repository
* [AC-2084] Update collection repository tests
* [AC-2084] Update migration script date
* Update migration script date
---------
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: kejaeger <138028972+kejaeger@users.noreply.github.com>
2024-05-03 09:33:06 -04:00
cyprain-okeke
25c87214ff
Fix typo in 'Provider' spelling ( #4043 )
...
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-05-02 22:50:10 +01:00
Kyle Spearrin
c045739325
[PM-6977] Migrate to FCM v1 (redo) ( #4046 )
...
* revert changes again
* use IServiceProvider
* fix test
2024-05-02 16:37:06 -04:00
rkac-bw
b40d9ab70d
Set mysql version to 8.0 in docker compose, prevent upgrading to 8.4 ( #4045 )
...
* Set mysql version to 8.0 in docker compose to prevent upgrading to 8.4 for now
* touched file to trigger test
* revert tocuhed file
2024-05-02 14:05:49 -06:00
Thomas Avery
7f8cea58d0
[SM-923] Add project service accounts access policies management endpoints ( #3993 )
...
* Add new models
* Update repositories
* Add new authz handler
* Add new query
* Add new command
* Add authz, command, and query to DI
* Add new endpoint to controller
* Add query unit tests
* Add api unit tests
* Add api integration tests
2024-05-02 11:06:20 -05:00
Thomas Rittson
e302ee1520
[AC-2170] Group modal - limit admin access - collections tab ( #3998 )
...
* Update GroupsController POST and PUT to respect collection management settings
2024-05-02 09:55:16 +10:00
Thomas Rittson
f0b9391249
Prevent user from adding themselves to collection ( #4037 )
2024-05-02 08:32:50 +10:00
Matt Gibson
bc0a35259d
Add events collection to full server launch configs ( #4039 )
2024-05-01 13:43:31 -04:00
Thomas Avery
29a69b76a4
[SM-1222] Add event and reference event logging to secrets sync ( #4031 )
2024-05-01 12:31:58 -05:00
Thomas Avery
ebd88393c8
[SM-910] Add service account granted policies management endpoints ( #3736 )
...
* Add the ability to get multi projects access
* Add access policy helper + tests
* Add new data/request models
* Add access policy operations to repo
* Add authz handler for new operations
* Add new controller endpoints
* add updating service account revision
2024-05-01 11:47:11 -05:00
cyprain-okeke
a14646eaad
resolve the text style ( #4038 )
...
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-05-01 17:00:39 +01:00
Thomas Rittson
5012d56e5a
[AC-2538] Limit admin access - fix ManageUsers custom permission ( #4032 )
...
* Fix issue where ManageUsers custom permission could not
grant access to collections
* Split ModifyAccess operation to ModifyUserAccess and
ModifyGroupAccess to reflect more granular operations
2024-05-01 10:06:24 +10:00
cyprain-okeke
3749fa6113
resolve the issue ( #4035 )
...
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-04-30 19:20:48 +01:00
Shane Melton
8e7bd79d9a
[AC-2274] Restrict Admin POST/PUT/DELETE Cipher Endpoints for V1 FC ( #3879 )
...
* [AC-2274] Introduce CanEditAnyCiphersAsAdminAsync helper to replace EditAnyCollection usage
* [AC-2274] Add unit tests for CanEditAnyCiphersAsAdmin helper
* [AC-2274] Add Jira ticket
* [AC-2274] Undo change to purge endpoint
* [AC-2274] Update admin checks to account for unassigned ciphers
---------
Co-authored-by: kejaeger <138028972+kejaeger@users.noreply.github.com>
2024-04-30 10:28:16 -07:00