1
0
mirror of https://github.com/bitwarden/server.git synced 2024-12-27 17:47:37 +01:00
Commit Graph

3021 Commits

Author SHA1 Message Date
Vincent Salucci
c56dd04096
[Reset Password] Email template (#1353) 2021-05-26 16:54:25 -05:00
Vincent Salucci
d7f3507d44
[Reset Password] Added new event type for admin password reset (#1350) 2021-05-26 15:51:54 -05:00
Oscar Hinton
d4cf6d929a
Bulk Confirm (#1345)
* Add support for bulk confirm

* Add missing sproc to migration

* Change ConfirmUserAsync to internally use ConfirmUsersAsync

* Refactor to be a bit more readable

* Change BulkReinvite and BulkRemove to return a list of errors/success

* Refactor

* Fix removing owner preventing removing non owners

* Add another unit test

* Use fixtures for OrganizationUser and Policies

* Fix spelling
2021-05-25 19:23:47 +02:00
Thomas Rittson
93fd1c9c9a
Prevent sole owner from downgrading permissions (#1348) 2021-05-25 08:14:11 +10:00
Chad Scharf
423c062877
Self hosted web version bump v2.20.3 (#1347) 2021-05-21 16:35:06 -04:00
Oscar Hinton
61307e11b0
Provider: Initial db structure (#1309)
* Initial db structure
2021-05-20 14:39:26 +02:00
Vincent Salucci
c7f88ae430
[Reset Password] Get/Post Org Keys and API updates (#1323)
* [Reset Password] Organization Keys APIs

* Updated details response to include private key and added more security checks for reset password methods

* Added org type and policy security checks to the enrollment api

* Updated based on PR feedback

* Added org user type permission checks

* Added TODO for email to user

* Removed unecessary policyRepository object
2021-05-19 09:40:32 -05:00
Thomas Rittson
982e26cbfd
"Auto-fill on page load" options (#986)
* add autofill on page load options to login models

* Remove autofillOnPageLoadOptions enum
2021-05-18 10:08:42 +10:00
Matt Gibson
6ace7daf53
Abbreviate long transaction names (#1339) 2021-05-17 14:30:56 -05:00
Vince Grassia
b806b64c10
Pin versions of actions in workflow (#1337) 2021-05-17 15:15:01 -04:00
Oscar Hinton
7439dd4fb1
Self-Hosted release, v1.41.3 (#1338) 2021-05-17 20:51:29 +02:00
Oscar Hinton
2b6c5bcd31
Fix bulk api (#1335) 2021-05-17 20:07:41 +02:00
Matt Gibson
785e788cb6
Support large organization sync (#1311)
* Increase organization max seat size from 30k to 2b (#1274)

* Increase organization max seat size from 30k to 2b

* PR review. Do not modify unless state matches expected

* Organization sync simultaneous event reporting (#1275)

* Split up azure messages according to max size

* Allow simultaneous login of organization user events

* Early resolve small event lists

* Clarify logic

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Improve readability

This comes at the cost of multiple serializations, but the
 improvement in wire-time should more than make up for this
 on message where serialization time matters

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Queue emails (#1286)

* Extract common Azure queue methods

* Do not use internal entity framework namespace

* Prefer IEnumerable to IList unless needed

All of these implementations were just using `Count == 1`,
which is easily replicated. This will be used when abstracting Azure queues

* Add model for azure queue message

* Abstract Azure queue for reuse

* Creat service to enqueue mail messages for later processing

Azure queue mail service uses Azure queues.
Blocking just blocks until all the work is done -- This is
how emailing works today

* Provide mail queue service to DI

* Queue organization invite emails for later processing

All emails can later be added to this queue

* Create Admin hosted service to process enqueued mail messages

* Prefer constructors to static generators

* Mass delete organization users (#1287)

* Add delete many to Organization Users

* Correct formatting

* Remove erroneous migration

* Clarify parameter name

* Formatting fixes

* Simplify bump account revision sproc

* Formatting fixes

* Match file names to objects

* Indicate if large import is expected

* Early pull all existing users we were planning on inviting (#1290)

* Early pull all existing users we were planning on inviting

* Improve sproc name

* Batch upsert org users (#1289)

* Add UpsertMany sprocs to OrganizationUser

* Add method to create TVPs from any object.

Uses DbOrder attribute to generate.
Sproc will fail unless TVP column order matches that of the db type

* Combine migrations

* Correct formatting

* Include sql objects in sql project

* Keep consisten parameter names

* Batch deletes for performance

* Correct formatting

* consolidate migrations

* Use batch methods in OrganizationImport

* Declare @BatchSize

* Transaction names limited to 32 chars

Drop sproc before creating it if it exists

* Update import tests

* Allow for more users in org upgrades

* Fix formatting

* Improve class hierarchy structure

* Use name tuple types

* Fix formatting

* Front load all reflection

* Format constructor

* Simplify ToTvp as class-specific extension

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-05-17 09:43:02 -05:00
Chad Scharf
738a4c2bac
Version bump 1.41.3 (#1336) 2021-05-17 10:22:21 -04:00
Oscar Hinton
7a7668b754
Add API for bulk removal of org users (#1320)
* Add API for bulk removal of org users

* Refactor OrganizationService, extract some common code.

* Add tests for DeleteUserAsync

* Add tests for DeleteUsers

* Formating

* Update test/Core.Test/Services/OrganizationServiceTests.cs

added a space

Co-authored-by: Addison Beck <abeck@bitwarden.com>
2021-05-17 10:10:44 +02:00
Oscar Hinton
4258076bae
Prevent error when using WebAuthn as non premium user (#1331) 2021-05-17 09:39:40 +02:00
Contribucious
785705342c
Add amazon.{pl,se} to Amazon equivalent domains (#1219) 2021-05-15 15:27:31 -04:00
chi
ebf12ecfca
Update EmergencyAccessConfirmed.html.hbs (#1329)
Corrected type in emergency access confirmation message body.
2021-05-14 18:19:46 -04:00
Justin Baur
b3ccc652f4
Properly qualify namespace (#1328) 2021-05-13 18:06:16 -04:00
Justin Baur
0e1ab99e25
Cleanup Projects (#1324)
* Update bitwarden_license projects

* Added tests to verify resource names

* Remove unneeded assembly attributes

* Standardized namespace

* Remove .GetTypeInfo()
2021-05-13 17:14:56 -04:00
Kyle Spearrin
b150f5977e
add support for postal and multi service mail delivery (#1326)
* adds suppose for postal and multi service mail delivery

* adjust tags

* dont need settings checks in multi-service
2021-05-13 15:18:42 -04:00
Chad Scharf
571862a7ac
Self-Hosted release, v1.41.2 (#1327) 2021-05-13 15:11:29 -04:00
Vincent Salucci
ae38c33e05
[Reset Password] Enterprise Policy (#1315)
* [Reset Password] Enterprise Policy

* Created UI for policy/edit policy // Updated TODOs for policy dependent checks

* Updated reset password data model field name to be more descriptive

* Update title to Master Password Reset

* Updated PoliciesModel, Policy Model spacing, and strings
2021-05-12 14:47:00 -05:00
Oscar Hinton
a47b86a995
Remove U2F APIs again (#1319)
* Revert "U2F (#1304)"

This reverts commit ce4f025a0c.

* Avoid removing WebAuthn fixes
2021-05-12 19:48:00 +02:00
Justin Baur
d21ca83a20
Add Directory.Build.props (#1314)
* Add Directory.Build.props

* Remove unneeded props
2021-05-12 13:03:21 -04:00
Oscar Hinton
cb9ed50248
Discourage user verification on WebAuthn enroll (#1322) 2021-05-12 18:46:35 +02:00
Oscar Hinton
e7892d8a28
Resolved build issue introduced in #1267 (#1318) 2021-05-12 16:27:01 +02:00
Oscar Hinton
e2f633dace
Bulk re-invite of org users (#1316)
* Add APIs for Bulk reinvinte

* Resolve review comments.
2021-05-12 11:18:25 +02:00
Sang
69c2673f1f
Write GroupService unit tests (#1267)
* Write GroupService tests

* Rewrite with AutoFixture, improve tests

* Resolve PR comments

* Rename OrganizationCustomization

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2021-05-11 21:36:23 -05:00
Chad Scharf
5a7b00c037
Update issue template (#1317)
* Update Issue Template to match other repos

* Removed version number ref

* Add language asking to refrain from version bumps
2021-05-11 20:41:01 -04:00
Joseph Flinn
353b007bca
Update docker signing (#1310)
* removing the unneeded docker repo keys

* adding some testing code

* fixing notary install location

* installed notary in home directory without relying on the PATH var

* adding notary config for testing

* commenting out branch conditionals so that the pipeline will run a test on a non-master/rc branch

* trying to track down the docker trust files

* changing to the home directory to install notary

* testing with out all of the notary testing stuff

* uncommenting the code after testing

* updating the release workflow with the delegate-2 key
2021-05-11 12:49:08 -07:00
Matt Gibson
354ff6e2cb
Fix skip sso for apikey login (#1308)
* Improve mixing SSO login error

* Skip SSO requirement for API key logins

* Bypass MFA for apikey logins
2021-05-10 11:13:37 -05:00
Vincent Salucci
70ab5b25a1
[Reset Password] Organization Key Pair (#1292)
* [Reset Password] Organization Key Pair

* Fixed type in Organization_ReadAbilites sproc

* Fixed broken unit test by making sure premium addon was false

* Updated PublicKey decorator and removed unecessary validation
2021-05-06 14:53:12 -05:00
Oscar Hinton
cae204cb7c
Refactor WebAuthn IoC container (#1302)
* Refactor WebAuthn IoC container

* Move to AddDefaultServices
2021-05-06 10:17:12 +02:00
Chad Scharf
7cae9d5e47
Version bump, 1.41.2 (#1305) 2021-05-05 12:33:11 -04:00
Oscar Hinton
ce4f025a0c
U2F (#1304)
* Delete U2F tokens alongside WebAuthn

* Bring back u2f apis
2021-05-05 16:14:49 +02:00
Chad Scharf
f0baf7e6a4 Revert "Added fido2 registration to other services"
This reverts part of commit 8f64f4a99f.
2021-05-04 23:49:22 -04:00
Chad Scharf
fc146d27ce
Added fido2 registration to other services (#1299) 2021-05-04 23:43:16 -04:00
Joseph Flinn
5095d8eb49
removing the unused environment in the prod deploy (#1298) 2021-05-04 13:50:44 -07:00
Joseph Flinn
a6265885ad
Automating Server Release/Deploy for QA Env (#1281)
* initial success caching test

* updating status testing

* fixing the fail check

* fixing bash if syntax

* changing the way of testing since you can't change workflow inputs between re-runs

* trying out different bash syntax

* removing the export to env

* adding in last run status check

* switching up the last_run_status file handling since it doesn't look like it is working correctly

* adding push trigger

* fixing typo

* adding date to the cache key and adding a bit more logging

* fixing restore key

* trying a different way of logging both successes and failures

* fixing typo

* reorganizing the random success/fail

* trying different bash

* fixing binary operator

* adding in success flag checks

* increasing the odds of success

* trying to fix weird problem

* changing dquotes to squotes

* testing failure and always() flow

* adding in a release pipeline

* adding in the manual trigger for the release pipeline

* fixing the bash for loop for tagging and switching to the rc image for release

* adding docker trust to the pull task

* fixing bash array typo

* removing build task

* adding the dotnet tool restore back in to hopefully restore swagger

* adding an Api build to build the swagger docs

* working on build workflow

* testing cache between jobs

* Adding in steps

* fixing the last line

* updating the build workflow

* adding manual trigger for build workflow

* moving the matrix values to the env section of the task

* changing the envs

* using env template replacement

* removing the unique id since I don't think I need it

* testing the cache

* commenting out the docker push

* adding the env vars back to the cache task

* adding envs to test

* fixing the path issue

* resetting the build workflow back to serial build/docker

* Adding in the qa release workflow

* removing unneccessary dependency

* parameterizing the project file names

* forcing gulp install

* installing gulp globally

* reorganizing to see if gulp works

* removing the awkward paths

* fixing typo

* commenting out all non-api matrix for easier testing

* trying to zip the build for deploy

* adding in the base path for the test

* replacing the web app name

* adding a specific slotname

* adding the env into the package path for the deployment

* trying to fix the zip

* setting up all of the other deploys

* switching the secrets over to be environment secrets

* adding in production automation with the deploys commented out

* removing the master branch from the QA deploy

* adding in the dependancy on the setup

* changing the tag

* trying a different ref

* renaming the deployment slot to staging

* trying a different slot name

* resetting the qa deploy to the original

* moving the secrets

* updating the qa deploy with the db reset/update stubs

* updating the deploy task dependencies

* adding missing update-db command placeholder

* trying a string for the inputs

* moving the input check into the steps instead of the job level so that the job completes

* testing azure kv

* fixing typo

* Change id to retrieve-secrets

* Fix typo

* testing the rest of the QA app service deployments

* updating the name of the QA AZ creds secret and migrating the disabled prod deploy jobs to use the prod AZ secrets

* adding in the additional key vault secrets and fixing some other mistakes

* fixing one of the other preview versions

* removing newline for testing commit

* fixing typo

* fixing a secret name typo

* moving the secrets to the env to test their outputs

* adding missing k

* Update build workflow with environment variables for Docker Trust

* removing the unneeded env vars

* Update build and release workflow using Azure secrets as env variables

* Clean up output of NuGet version

* Fix capitalization

* Fix variable names for Docker Trust Setup

* fixing the dashes in the env ids

* switching the dev tag for qa when pushing

* commenting out the test for the pipeline testing

* removing all of the testing code and blockers

Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
2021-05-04 13:41:49 -07:00
Oscar Hinton
6ada46f906
Fix password re-prompt not working in org view (#1296)
* Fix password reprompt not working in org view

* Also fix Cipher_UpdateWithCollections and CipherDetails_CreateWithCollections. Rename migration script
2021-05-04 20:36:35 +02:00
Chad Scharf
179e6aa76b
enable default appsettings for self hosted - bwlic (#1288) 2021-04-30 15:00:57 -04:00
Oscar Hinton
2054e5a926
Password re-prompt (#1269)
* Add support for password re-prompt
2021-04-29 15:43:44 +02:00
Chad Scharf
17db94190e
Test 1: add acr_values return validation value (#1285)
* Part 1: add acr_values return validation value

* Update acr return value validation from OIDC specs

* acr validation prompt clarification
2021-04-27 15:17:03 -04:00
Matt Gibson
1bd515e8f0
Refuse upload renew if a file is validated (#1284)
Download should return regardless of file validation state
2021-04-26 14:36:06 -05:00
Thomas Rittson
de155c78ad Enforce SSO "Want assertions signed" option (#1270)
* Enforce SSO Want Assertions Signed option

* Simplify changes and code style

* Fix style

* Check Issuer entityID before assertion signature
2021-04-21 11:06:30 -04:00
Vincent Salucci
477f679fc6
[Reset Password] Admin reset actions (#1272)
* [Reset Password] Admin reset actions

* Updated thrown except for permission collision

* Updated GET/PUT password reset to use orgUser.Id for db operations
2021-04-20 16:58:57 -05:00
Joseph Flinn
ba36afe69c
Adding the events processor container image (#1271) 2021-04-15 08:28:55 -07:00
Matt Gibson
b68c841e56
Move renew endpoint to fix overlapping endpoint issue (#1266) 2021-04-12 09:44:45 -05:00
Kyle Spearrin
83e68bce06
enable default appsettings for self hosted installs (#1263)
* enable default appsettings for self hosted installs

* change setters to use arrow functions

* fix tests

* fix global settings ref
2021-04-09 09:48:43 -04:00