1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-28 13:15:12 +01:00
Commit Graph

4711 Commits

Author SHA1 Message Date
Addison Beck
56c523f76f
Allow for bulk updating AuthRequest database objects (#4053)
* Declare a new repository interface method

To facilitate a new bulk device login request approval workflow in the
admin console we need to update `IAuthRequestRepisitory` (owned by Auth
team) to include an`UpdateManyAsync()` method. It should accept a list
of `AuthRequest` table objects, and implementations will do a very
simple 1:1 update of the passed in data.

This commit adds an `UpdateManyAsync()` method to the
`AuthRequestRepository` interface.

* Stub out method implementations to enable unit testing

This commit stubs out implementations of
`IAuthRequestRepository.UpdateManyAsync()` so the method signature can
be called in unit tests. At this stage the methods are not implemented.

* Assert a happy path integration test

* Establish a user defined SQL type for Auth Requests

To facilitate a bulk update operation for auth requests a new user
defined type will need to be written that can be used as a table input
to the stored procedure. This will follow a similar pattern to how the
`OragnizationSponsorshipType` works and is used by the stored procedure
`OrganizationSponsorship_UpdateMany`.

* Establish a new stored procedure

To facilitate the bulk updating of auth request table objects this
commit adds a new stored procedure to  update a collection of entities
on `AuthRequest` table by their primary key. It updates all properties,
for convention, but the endpoint created later will only change the
`Approved`, `ResponseDate`, `Key`, `MasterPasswordHash`, and
`AuthenticationDate` properties.

* Apply a SQL server migration script

This commit simply applies a migration script containing the new user
defined type and stored procedure comitted previously.

* Enable converting an `IEnumerable<AuthRequest>` to a `DataTable`

The current pattern in place for bulk update stored procedures is to
pass a `DataTable` through Dapper as an input for the update stored
procedure being run. In order to facilitate the new bulk update
procedure for the`AuthRequest` type we need a function added that can
convert an `IEnumerable<AuthRequest>` to a `DataTable`. This is commit
follows the convention of having a static class with a conversion method
in a `Helpers` folder: `AuthRequestHelpers.ToDataTable()`.

* Implement `Dapper/../AuthRequestRepository.UpdateMany()`

This commit implements `AuthRequestRepository.UpdateMany()` for the
Dapper implementation of `AuthRequestRepository`. It connects the stored
procedure, `DataTable` converter, and Dapper-focused unit test commits
written previously into one exposed method that can be referenced by
service callers.

* Implement `EntityFramework/../AuthRequestRepository.UpdateMany()`

This commit implements the new
`IAuthRequestRepository.UpdateManyAsync()`method in the Entity Framework
skew of the repository layer. It checks to make sure the passed in list
has auth requests, converts them all to an Entity Framework entity, and
then uses `UpdateRange` to apply the whole thing over in the database
context.

* Assert that  `UpdateManyAsync` can not create any new auth requests

* Use a json object as stored procedure input

* Fix the build

* Continuing to troubleshoot the build

* Move `AuthRequest_UpdateMany` to the Auth folder

* Remove extra comment

* Delete type that never got used

* intentionally break a test

* Unbreak it
2024-05-22 11:55:31 -05:00
Bitwarden DevOps
e3f3392ec6
Bumped version to 2024.5.1 (#4113) 2024-05-22 14:41:37 +00:00
Thomas Rittson
b679f98c19
[AC-2626] Re-run collection enhancements migration (#4111)
* Re-run collection enhancements migration

* Bump date

* Disambiguate name
2024-05-22 10:15:44 +01:00
renovate[bot]
5ddb854f1a
[deps] Auth: Update azure azure-sdk-for-net monorepo (#3540)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-05-21 13:12:43 -07:00
SmithThe4th
aee180adfc
[PM-8004] Move Unmanaged collection logic out of component for better reuse (#4108)
* Updated sprocs to return unmanaged collection column, updated reponse to return to return unmanaged

* reformatted sproc
2024-05-21 14:42:47 -04:00
Alex Urbina
b863454a4e
BRE-40 Add step to report upcoming release version to Slack (#4090)
* BRE-40 ADD: step to report upcoming release version to Slack

* BRE-40 ADD: AZURE_KV_CI_SERVICE_PRINCIPAL secret to version-bump.yml workflow
2024-05-21 16:54:07 +00:00
Jason Ng
87865e8f5c
[AC-2447] Update PutCollection to return Unavailable cipher when last Can Manage Access is Removed (#4074)
* update CiphersController to return a unavailable value to the client so it can determine if the user removed the final Can Manage access of an item
2024-05-21 11:31:22 -04:00
renovate[bot]
f2242186d0
[deps] Tools: Update aws-sdk-net monorepo (#4104)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-21 12:00:17 +02:00
renovate[bot]
74fff55c18
[deps] Tools: Update SignalR to v8.0.5 (#4103)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-21 11:56:09 +02:00
renovate[bot]
1b47d23774
[deps] Tools: Update MailKit to v4.6.0 (#4106)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-21 11:53:40 +02:00
renovate[bot]
476e5adfbe
[deps] Tools: Update LaunchDarkly.ServerSdk to v8.5.0 (#4105)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-21 11:51:40 +02:00
Thomas Rittson
53ed608ba1
[AC-2604] Fix aggregation of CollectionGroup permissions (#4097)
* Fix aggregation of CollectionGroup permissions - use MAX on Manage column instead of MIN
2024-05-21 14:40:05 +10:00
Thomas Rittson
98b7866c95
[AC-2605] Restrict collection access for some custom users (#4096)
* Make custom users subject to collection settings
  Affects ManageUsers and ManageGroups
2024-05-21 10:44:57 +10:00
renovate[bot]
489f6246b1
[deps] Auth: Update DuoUniversal to v1.2.4 (#4080)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-05-20 14:21:12 -07:00
Alex Morask
0be40d1bd9
[AC-2489] Resolve SM Standalone issues with SCIM & Directory Connector (#4011)
* Add auto-scale support to standalone SM for SCIM

* Mark users for SM when using SM Stadalone with Directory Connector
2024-05-20 10:22:16 -04:00
Vincent Salucci
febc696c80
[AC-240] - BUG - Confirm Admin/Owners to org when excluded from Single Org Policy (#4087)
* fix: align policy checks for excluded types, update tests, create fixture, refs AC-240

* fix: update final policy check against other orgs (not including the current), refs AC-240
2024-05-17 14:28:51 -05:00
Conner Turnbull
a60180230d
[AC-2513] Scaling PM seat count with SM seat count (#4040)
* For SM Trial orgs, now scaling PM seat count with SM seat count adjustments

* Split Billing related organization endpoints into billing owned controller

* Updated billing organizations controller to use a primary constructor to reduce boilerplate

* Fixed error where ID couldn't be mapped to subscription endpoint guid param

* Updated billing OrganizationController endpoints to not manually create the GUID from the string ID

* Banished magic string back to the pit from whence it came

* Resolved errors in unit tests
2024-05-17 14:16:03 -04:00
Conner Turnbull
0b5c21acca
Hiding teams starter option (#4044) 2024-05-17 09:21:12 -04:00
Jake Fink
3bb8cce2e6
add login redirect url to identity server (#4092) 2024-05-16 15:47:44 -04:00
Conner Turnbull
7d65d8dd4f
Resolved razor syntax error by updating expression to be explicit instead of implicit (#4094) 2024-05-16 13:16:01 -04:00
Thomas Rittson
e619508f3f
[AC-2602] Fix error when provider edits existing group (#4086)
* Add null check to groups endpoint - providers may not be OrgUsers
2024-05-15 15:17:15 +01:00
Alex Morask
fd173e81b6
[AC-2426] Allow editing of client organization name (#4072)
* Allow editing of client organization name

* Removing unnecessary using for linter
2024-05-14 11:26:08 -04:00
Todd Martin
e93894a6fd
Removed unused feature flags (#4083)
* Removed unused feature flags

* Removed 2 more flags.
2024-05-14 11:00:32 -04:00
SmithThe4th
b960d25c97
added feature flag constant for vault bullk management action (#4075) 2024-05-14 09:45:50 -04:00
Alex Morask
9b9318caac
[AC-2313] Add Gateway fields to Provider edit in Admin (#4057)
* Formatting

* Add Gateway fields to provider edit

* Remove unnecessary usings

* Thomas' feedback

* Removing unnecessary using for linter

* Removing unused file

* Removing unused file
2024-05-14 09:16:24 -04:00
Addison Beck
989908151d
Remove unneeded using (#4084) 2024-05-14 09:59:04 +01:00
cyprain-okeke
f94ddb2a90
[BEEEP][AC-2497] Create unit test for the SubscriptionUpdate classes (#4054)
* Add unit tests for the StorageSubscriptionUpdateTests.cs

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* remove unwanted comment from the class

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Create a class file and add unit tests for SmSeatSubscriptionUpdateTest.cs

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add unit test for the secrets manager seat update

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Fix the failing test cases

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add unit test for service account update

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-05-13 20:35:22 +01:00
Todd Martin
7f9d7c0c5d
[PM-7029] Remove conditional logic for KeyRotationImprovements feature flag (#4002)
* Removed business logic that references flag

* Removed using statement.

* Undid accidental keystroke.

* Removed unused method.

* Removed unused imports.
2024-05-09 13:24:02 -04:00
Ike
479f8319c2
remove alias (#4058) 2024-05-09 08:43:43 -07:00
Alex Morask
ac4ccafe19
[AC-2471] Prevent calls to Stripe when unlinking client org has no Stripe objects (#3999)
* Prevent calls to Stripe when unlinking client org has no Stripe objects

* Thomas' feedback

* Check for stripe when org unlinked from org page

---------

Co-authored-by: Conner Turnbull <cturnbull@bitwarden.com>
2024-05-09 09:20:02 -04:00
Alex Morask
fa7b00a728
Send reference event on payment success for provider (#4063) 2024-05-09 09:09:23 -04:00
Thomas Rittson
109cb9f672
Fix 404 error when creating users/groups (#4066) 2024-05-08 21:36:53 -05:00
Vincent Salucci
df4d1d5552
[AC-2086] Update CanDelete to handle V1 flag logic (#3979)
* feat: Update authorization handler to handle V1 collection enhancement, refs AC-2086

* feat: update tests to account for new V1 flag/setting logic, refs AC-2086

* feat: update CanDelete with all collection enhancement combinations, refs AC-2086

* feat: add tests for new delete flows, refs AC-2086

* fix: update new conditionals with bool return value, refs AC-2086

* feat: simplify conditional in regards to LimitCollectionCreationDeletion, refs AC-2086

* feat: simplify AllowAdminAccessToAllCollectionItems conditional, refs AC-2086

* feat: add unit test making sure admins can't delete collections without can manage, refs AC-2086
2024-05-08 18:25:22 -04:00
Shane Melton
45be4d5069
[AC-1707] Restrict provider access to items (#3881)
* [AC-2274] Introduce CanEditAnyCiphersAsAdminAsync helper to replace EditAnyCollection usage

* [AC-2274] Add unit tests for CanEditAnyCiphersAsAdmin helper

* [AC-2274] Add Jira ticket

* [AC-1707] Add feature flag

* [AC-1707] Update CanEditAnyCiphersAsAdmin to fail for providers when the feature flag is enabled

* [AC-2274] Undo change to purge endpoint

* [AC-2274] Update admin checks to account for unassigned ciphers

* [AC-1707] Fix provider auth checks after merge with main

* [AC-1707] Fix tests after merge

* [AC-1707] Adjust CanEditCipherAsAdmin method to properly account for admin user types

- Fix associated unit tests

* [AC-1707] Formatting
2024-05-07 12:30:48 -07:00
Alex Urbina
1ede40d5e1
DEVOPS-1901 Fix error: az login again to refresh permissions (#4050)
* DEVOPS-1901 REFACTOR: Remove the Docker image per registry

* DEVOPS-1901 REFACTOR: Docker image removal process in cleanup-after-pr.yml
2024-05-07 19:20:50 +00:00
renovate[bot]
928f94db1f
[deps] Platform: Update Microsoft.AspNetCore.Http to v2.2.2 (#3753)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-05-07 10:25:46 -07:00
cyprain-okeke
6bdee5dd34
Fix the issue of returning on Error! without descriptive message (#4056)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-05-07 17:45:01 +01:00
Jason Ng
ea49ff7dcb
[AC-1121] Update authorization for orphaned collections (#4047)
* update BulkCollectionAuthorizationHandler to account for orphaned collections
2024-05-07 11:02:59 -04:00
renovate[bot]
9e554006f3
[deps] Auth: Update Microsoft.Azure.Cosmos to v3.39.1 (#3541)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-05-07 07:49:52 -07:00
Vince Grassia
4a607b7406
Add IgnoreUnmatchedProperties when deserializing YAML (#4061) 2024-05-07 13:50:04 +00:00
Bitwarden DevOps
6970207e9e
Bumped version to 2024.5.0 (#4060) 2024-05-06 22:36:31 +00:00
Thomas Avery
cd3a45c8c6
[SM-1030] Cleanup old access policy management code (#4015)
* Remove access selector code

* Cleanup integration tests
2024-05-06 14:56:58 -05:00
cyprain-okeke
3715d7d426
Add providerType as part of the response object (#4055)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-05-06 20:21:38 +01:00
Alex Morask
bcfaf55412
[AC-2548] Remove automatic tax collection check from provider creation (#4042)
* Remove automatic tax collection check

* Fix tests
2024-05-06 11:56:02 -04:00
Jake Fink
2a535ac835
[PM-7919] return exception if trying to overwrite keypair (#4052)
* return exception if trying to overwrite keypair

* add feature flag
2024-05-06 08:49:18 -04:00
renovate[bot]
90e065556e
[deps] Tools: Update aws-sdk-net monorepo to v3.7.300.86 (#4049)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-06 13:50:31 +02:00
Shane Melton
6a8d97affb
Add the extension-refresh feature flag (#4041) 2024-05-03 16:16:57 -04:00
Todd Martin
5a5e5c5058
Disabled major updates for bootstrap, del, gulp (#4048) 2024-05-03 12:04:56 -04:00
Shane Melton
d965166a37
[AC-2084] Include Collection permissions for admin endpoints (#3793)
* [AC-2084] Add documentation to existing collection repository getters

* [AC-2084] Add new CollectionAdminDetails model

* [AC-2084] Add SQL and migration scripts

* [AC-2084] Introduce new repository methods to include permission details for collections

* [AC-2084] Add EF repository methods and integration tests

* [AC-2084] Update CollectionsController and response models

* [AC-2084] Fix failing SqlServer test

* [AC-2084] Clean up admin endpoint response models
- vNext endpoints should now always return CollectionDetailsResponse models
- Update constructors in CollectionDetailsResponseModel to be more explicit and add named static constructors for additional clarity

* [AC-2084] Fix failing tests

* [AC-2084] Fix potential provider/member bug

* [AC-2084] Fix broken collections controller

* [AC-2084] Cleanup collection response model types and constructors

* [AC-2084] Remove redundant authorization check

* [AC-2084] Cleanup ambiguous model name

* [AC-2084] Add GroupBy clause to sprocs

* [AC-2084] Add GroupBy logic to EF repository

* [AC-2084] Update collection repository tests

* [AC-2084] Update migration script date

* Update migration script date

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: kejaeger <138028972+kejaeger@users.noreply.github.com>
2024-05-03 09:33:06 -04:00
cyprain-okeke
25c87214ff
Fix typo in 'Provider' spelling (#4043)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-05-02 22:50:10 +01:00