* EF Database Support Init (#1221)
* scaffolding for ef support
* deleted old postgres repos
* added tables to oncreate
* updated all the things to .NET 5
* Addition to #1221: Migrated DockerFiles from dotnet/3.1 to 5.0 (#1223)
* Migrated DockerFiles from dotnet/3.1 to 5.0
* Migrated SSO/Dockerfile from dotnet 3.1 to 5.0
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* EFDatabaseSupport: Updated links and description in README.md and SETUP.md (#1232)
* Updated requirements in README.md
* Updated link to documentation of app-secrets
* upgraded dotnet version to 5.0
* Ef database support implementation examples (#1265)
* mostly finished testing the user repo
* finished testing user repo
* finished org, user, ssoconfig, and ssouser ef implementations
* removed unused prop
* fixed a sql file
* fixed a spacing issue
* fixed a spacing issue
* removed extra database creation
* refactoring
* MsSql => SqlServer
* refactoring
* code review fixes
* build fix
* code review
* continued attempts to fix the the build
* skipped another test
* finished all create test
* initial pass at several repos
* continued building out repos
* initial pass at several repos
* initial pass at device repo
* initial pass at collection repo
* initial run of all Entity Framework implementations
* signup, signin, create/edit ciphers works
* sync working
* all web vault pages seem to load with 100% 200s
* bulkcopy, folders, and favorites
* group and collection management
* sso, groups, emergency access, send
* get basic creates matching on all repos
* got everything building again post merge
* removed some IDE config files
* cleanup
* no more notimplemented methods in the cipher repo
* no more not implementeds everywhere
* cleaned up schema/navigation properties and fixed tests
* removed a sql comment that was written in c# style
* fixed build issues from merge
* removed unsupported db providers
* formatting
* code review refactors
* naming cleanup for queries
* added provider methods
* cipher repo cleanup
* implemented several missing procedures from the EF implementation surround account revision dates, keys, and storage
* fixed the build
* added a null check
* consolidated some cipher repo methods
* formatting fix
* cleaned up indentation of queries
* removed .idea file
* generated postgres migrations
* added mysql migrations
* formatting
* Bug Fixes & Formatting
* Formatting
* fixed a bug with bulk import when using MySql
* code review fixes
* fixed the build
* implemented new methods
* formatting
* fixed the build
* cleaned up select statements in ef queries
* formatting
* formatting
* formatting
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Remove hard coded database name
* Update permissions on build scripts
* Update Setup project and run scripts for configuring database name
* Remove hyphen from database name flag
* Update with suggested changes, still needs testing
* Revert SQL statements to concatenantion for testing
* Fix typo
* Update util/Setup/EnvironmentFileBuilder.cs
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
* Update SQL commands to prevent SQL injection attacks
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
* Add support for bulk confirm
* Add missing sproc to migration
* Change ConfirmUserAsync to internally use ConfirmUsersAsync
* Refactor to be a bit more readable
* Change BulkReinvite and BulkRemove to return a list of errors/success
* Refactor
* Fix removing owner preventing removing non owners
* Add another unit test
* Use fixtures for OrganizationUser and Policies
* Fix spelling
* Increase organization max seat size from 30k to 2b (#1274)
* Increase organization max seat size from 30k to 2b
* PR review. Do not modify unless state matches expected
* Organization sync simultaneous event reporting (#1275)
* Split up azure messages according to max size
* Allow simultaneous login of organization user events
* Early resolve small event lists
* Clarify logic
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
* Improve readability
This comes at the cost of multiple serializations, but the
improvement in wire-time should more than make up for this
on message where serialization time matters
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
* Queue emails (#1286)
* Extract common Azure queue methods
* Do not use internal entity framework namespace
* Prefer IEnumerable to IList unless needed
All of these implementations were just using `Count == 1`,
which is easily replicated. This will be used when abstracting Azure queues
* Add model for azure queue message
* Abstract Azure queue for reuse
* Creat service to enqueue mail messages for later processing
Azure queue mail service uses Azure queues.
Blocking just blocks until all the work is done -- This is
how emailing works today
* Provide mail queue service to DI
* Queue organization invite emails for later processing
All emails can later be added to this queue
* Create Admin hosted service to process enqueued mail messages
* Prefer constructors to static generators
* Mass delete organization users (#1287)
* Add delete many to Organization Users
* Correct formatting
* Remove erroneous migration
* Clarify parameter name
* Formatting fixes
* Simplify bump account revision sproc
* Formatting fixes
* Match file names to objects
* Indicate if large import is expected
* Early pull all existing users we were planning on inviting (#1290)
* Early pull all existing users we were planning on inviting
* Improve sproc name
* Batch upsert org users (#1289)
* Add UpsertMany sprocs to OrganizationUser
* Add method to create TVPs from any object.
Uses DbOrder attribute to generate.
Sproc will fail unless TVP column order matches that of the db type
* Combine migrations
* Correct formatting
* Include sql objects in sql project
* Keep consisten parameter names
* Batch deletes for performance
* Correct formatting
* consolidate migrations
* Use batch methods in OrganizationImport
* Declare @BatchSize
* Transaction names limited to 32 chars
Drop sproc before creating it if it exists
* Update import tests
* Allow for more users in org upgrades
* Fix formatting
* Improve class hierarchy structure
* Use name tuple types
* Fix formatting
* Front load all reflection
* Format constructor
* Simplify ToTvp as class-specific extension
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
* [Reset Password] Organization Key Pair
* Fixed type in Organization_ReadAbilites sproc
* Fixed broken unit test by making sure premium addon was false
* Updated PublicKey decorator and removed unecessary validation
* Fix password reprompt not working in org view
* Also fix Cipher_UpdateWithCollections and CipherDetails_CreateWithCollections. Rename migration script
* Add send HideEmail to tables and models
* Respect HideEmail setting for Sends
* Recreate SendView to include new HideEmail column
* Enforce new Send policy
* Insert default value for new HideEmail column
* Delete c95d7598-71cc-4eab-8b08-aced0045198b.json
* Remove unrelated files
* Revert disableSendPolicy, add sendOptionsPolicy
* Minor style fixes
* Update SQL project with Send.HideEmail column
* unit test SendOptionsPolicy.DisableHideEmail
* Add SendOptionsPolicy to Portal
* Make HideEmail nullable, fix migrator script
* Remove NOT NULL constraint from HideEmail
* Fix style
* Make HideEmail nullable
* minor fixes to model and error message
* Move SendOptionsExemption banner
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
Fix column `NULL`ness for OrganizationUser table in Upgrade script; prior PR I missed in the upgrade script submitted that the ALTER COLUMN statement incorrectly set the column to `NOT NULL` when the table definition had it correctly as `NULL`.
* Update dev setup guide with current best practice
* Minor amendments to setup instructions
* Move vault_dev migrator script to its own file
* Fix typo, use command line args for SA_PASSWORD
* Move setup guide to its own file
* fix typo
* Delete sends belonging to user on user delete
* Update User_DeleteById.sql
* Clean up bad autoformats
Co-authored-by: Addison Beck <abeck@bitwarden.com>
Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
Co-authored-by: Addison Beck <abeck@bitwarden.com>
* Implemented Custom role and permissions
* Converted permissions columns to a json blob
* Code review fixes for Permissions
* sql build fix
* Update Permissions.cs
* formatting
* Update IOrganizationService.cs
* reworked a conditional
* built out tests for relevant organization service methods
* removed unused usings
* fixed a broken test and a bad empty string init
* removed 'Attribute' from some attribute instances
* Return revised ciphers on restore api call
* Return restored date from restore sproc
* Test Restore updates passed in ciphers
This is necessary for CipherController to appropriately return the
up-to-date ciphers without an extra db call to read them.
* Add missing SELECT
* Initial commit of provisioning updates
* Updated strings
* removed extra BANG
* Separated orgUsers db lookup - prioritized existing user Id
* Updated create sso record method // Added sproc for org/email retrieval
* Implemented tax collection for subscriptions
* Cleanup for Sales Tax
* Cleanup for Sales Tax
* Changes a constraint to an index for checking purposes
* Added and implemented a ReadById method for TaxRate
* Code review fixes for Tax Rate implementation
* Code review fixes for Tax Rate implementation
* Made the SalesTax migration script rerunnable
* added column ApiKey to dbo.User
* added dbo.User.ApiKey to User_Update
* added dbo.User.ApiKey to User_Create
* wrote migration script for implementing dbo.User.ApiKey
* Added ApiKey prop to the User table model
* Created AccountsController method for getting a user's API Key
* Created AccountsController method for rotating a user API key
* Added support to ApiClient for passed-through ClientSecrets when the request comes from the cli
* Added a new conditional to ClientStore to account for user API keys
* Wrote unit tests for new user API Key methods
* Added a refresh of dbo.UserView to new migration script for ApiKey
* Let client_credentials grants into the custom token logic
* Cleanup for ApiKey auth in the CLI feature
* Created user API key on registration
* Removed uneeded code for user API keys
* Changed a .Contains() to a .StartsWith() in ClientStore
* Changed index that an array is searched on
* Added more claims to the user apikey clients
* Moved some claim finding logic to a helper method
* Initial commit of require sso authentication policy enforcement
* Updated sproc to send UseSso flag // Updated base validator to send back error message // Added changes to EntityFramework (just so its there for the future
* Update policy name // adjusted conditional to demorgan's
* Updated sproc // Added migrator script
* Added .sql file extension to DeleteOrgUserWithOrg migrator script
* Added policy // edit // strings // validation to business portal
* Change requests from review // Added Owner & Admin exemption
* Updated repository function used to get org user's type
* Updated with requested changes
* added OnlyOrg to PolicyType enum
* blocked accepting new org invitations if OnlyOrg is relevant to the userOrg
* blocked creating new orgs if already in an org with OnlyOrg enabled
* created email alert for OnlyOrg policy
* removed users & sent alerts when appropriate for the OnlyOrg policy
* added method to noop mail service
* cleanup for OnlyOrg policy server logic
* blocked confirming new org users if they have violated the OnlyOrg policy since accepting
* added localization strings needed for the OnlyOrg policy
* allowed OnlyOrg policy configuration from the portal
* used correct localization key for onlyorg
* formatting and messaging changes for OnlyOrg
* formatting
* messaging change
* code review changes for onlyorg
* slimmed down a conditional
* optimized getting many orgUser records from many userIds
* removed a test file
* sql formatting
* weirdness
* trying to resolve git diff formatting issues
* facilitate linking/unlinking existing users from an sso enabled org
* added user_identifier to identity methods for sso
* moved sso user delete method to account controller
* fixed a broken test
* Update AccountsController.cs
* facilitate linking/unlinking existing users from an sso enabled org
* added user_identifier to identity methods for sso
* moved sso user delete method to account controller
* fixed a broken test
* added a token to the existing user sso link flow
* added a token to the existing user sso link flow
* fixed a typo
* added an event log for unlink ssoUser records
* fixed a merge issue
* fixed a busted test
* fixed a busted test
* ran a formatter over everything & changed .vscode settings in .gitignore
* chagned a variable to use string interpolation
* removed a blank line
* Changed TokenPurpose enum to a static class of strings
* code review cleanups
* formatting fix
* Changed parameters & logging for delete sso user
* changed th method used to get organization user for deleting sso user records
Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
* Sso user table, model and repo stubbed out
* switch to nullable org id, bigint id
* update GetBySsoUserAsync
* cleanup migrator file
* fix EF user repo
* fix pg repo
* is `IS NULL` checks
* unique indexes
* update migration scripts
* add another unique index
* remove old script
* do not follow local hosts or ip addresses
* remove cron from mssql
* migration script
* Use joins instead of temp tables
* update migration script with join changes
Google (terrible) and OpenDNS (questionable at best) are not ideal for privacy-minded users. Both Cloudflare DNS and Quad9 at least claim to drop logs, each of them have widely-reported response times, and they're sufficiently established with over a year of service.
* Use user primary group if not root
* Do not run getent on MacOS
* Simplify UID/GID management
* Make uid.env backward compatible in run.sh
* Merge install.sh with run.sh to avoid duplicating code
Especially the UID/GID management one
* Generate correct OS name
* Be sure to keep old behavior for backward compatiblilty
* Get the colors back from install.sh