1
0
mirror of https://github.com/bitwarden/server.git synced 2024-12-02 13:53:23 +01:00
Commit Graph

3682 Commits

Author SHA1 Message Date
renovate[bot]
9ec95dbeee
[deps] DbOps: Update Microsoft.Data.SqlClient to 5.2.2 (#4718)
* [deps] DbOps: Update Microsoft.Data.SqlClient to 5.2.2

* Remove our Azure.Identity reference that previously patched what this PR is now doing

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-09-04 17:43:05 -04:00
Tom
af3797c540
[AC-2614] Member Access Report Endpoint (#4599)
* Initial draft of moving the org user controller details method into a query

* Removing comments and addressing pr items

* Adding the org users query to core

* Adding the member access report

* Addressing some pr concerns and refactoring to be more efficient

* Some minor changes to the way properties are spelled

* Setting authorization to organization

* Adding the permissions check for reports and comments

* removing unnecessary usings

* Removing ciphers controller change that was a mistake

* There was a duplication issue in getting collections for users grabbing groups

* Adding comments to the CreateReport method

* Only get the user collections by userId

* Some finaly refactoring

* Adding the no group, no collection, and no perms local strings

* Modifying and adding query test cases

* Removing unnecessary permissions code in query

* Added mapping for id and UsesKeyConnector to MemberAccessReportModel (#4681)

* Moving test cases from controller fully into the query.

---------

Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
Co-authored-by: aj-rosado <109146700+aj-rosado@users.noreply.github.com>
2024-09-04 14:33:33 -04:00
Jonathan Prusik
fdf6d8f9c3
add feature flag for improved combined card expiry date autofill (#4732) 2024-09-04 13:43:59 -04:00
Rui Tomé
471851978b
[PM-10325] Rename OrganizationUser Delete and BulkDelete endpoints to Remove and BulkRemove (#4711)
* Rename IDeleteOrganizationUserCommand to IRemoveOrganizationUserCommand

* Rename IOrganizationService DeleteUser methods to RemoveUser

* Rename API endpoints for deleting organization users to "Remove"

* chore: Rename Delete method to Remove in MembersController
2024-09-04 11:18:23 +01:00
renovate[bot]
b40bf11884
[deps] Tools: Update aws-sdk-net monorepo (#4720)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-03 14:57:46 +02:00
renovate[bot]
774ef713fc
[deps] Tools: Update LaunchDarkly.ServerSdk to 8.5.2 (#4719)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-02 11:49:44 +02:00
Thomas Rittson
0da62f9cee
[PM-10368] Drop Group.AccessAll (#4700)
- Add default constraint
- Update sprocs to remove column
- Drop column
2024-09-02 15:01:32 +10:00
renovate[bot]
0d11e03bf7
[deps] AC: Update DnsClient to 1.8.0 (#4587)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-02 11:41:16 +10:00
Todd Martin
c3b84884b8
Fix linting issue on Constants from adding feature flag (#4715) 2024-08-30 16:45:38 -04:00
Todd Martin
3ecb900709
Added persist-popup-view feature flag (#4714) 2024-08-30 16:19:18 -04:00
Justin Baur
d4122d1fb6
Switch to UtcDateTime (#4710) 2024-08-29 10:27:41 -04:00
renovate[bot]
0d61f30d53
[deps] Auth: Update webpack to v5.94.0 [SECURITY] (#4707)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-28 11:10:40 -04:00
Alex Morask
3c86ec6a35
[AC-2959] ACH Direct Debit POC (#4703)
* Refactor: Rename some methods and models for consistency

This commit contains no logic changes at all. It's entirely comprised of renames of existing models and methods to bring our codebase more in line with our app's functionality and terminology.

* Add feature flag: AC-2476-deprecate-stripe-sources-api

* Standardize error responses from applicable billing controllers

During my work on CB, I found that just using the built-in TypedResults errors results in the client choking on the response because it's looking for the ErrroResponseModel. The new BaseBillingController provides Error utilities to return TypedResults wrapping that model so the client can process it.

* Add feature flagged payment method endoints to OrganizationBillingController

* Run dotnet format
2024-08-28 10:48:14 -04:00
renovate[bot]
20478949d8
[deps] Billing: Update swashbuckle-aspnetcore monorepo to v6.7.3 (#4650)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-28 09:18:57 -04:00
renovate[bot]
ec05077b5c
[deps] Auth: Lock file maintenance (#4541)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-08-27 17:08:48 -07:00
Justin Baur
13ad872f51
Resolve Vault and DB Warnings (#4646)
* Resolve Vault Warnings

* Resolve DB Warnings
2024-08-27 19:05:34 -04:00
Addison Beck
acb71d87d9
Log events from the import organization flow (#4632)
* Log events from the import organization flow

* Use an interface for the `OrganizationUser` object used to log events

* Log import events as being from the public api if they are

* Add logging for created groups

* Log proper group ids

* Fix tests

* Also log update events for groups

* Remove private API `import` endpoint

* Make `eventSystemUser` non-nullable for `ImportAsync`

* Fix tests

* Delete `ImportOrganizationUsersRequestModel`

* Fix tests
2024-08-28 08:19:48 +10:00
renovate[bot]
6764131934
[deps] Auth: Update sass to v1.77.8 (#4659)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-08-27 11:14:48 -07:00
renovate[bot]
b5bdc0718d
[deps] Platform: Update dotnet monorepo to v8.0.8 (#4653)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-27 14:14:16 -04:00
GSWXXN
46955d469b
fix: Fix null handling in SendLicenseExpiredAsync method (#3122) 2024-08-27 13:21:24 -04:00
Todd Martin
0a6c35e56c
Updated bootstrap to 5.3.3 (#4697)
* Updated bootstrap to 5.3.3

* Removed locking of bootstrap version
2024-08-27 09:24:02 -07:00
renovate[bot]
e65cf19873
[deps] Tools: Update aws-sdk-net monorepo (#4683)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-27 14:03:26 +02:00
renovate[bot]
ccf2ebd142
[deps] Auth: Update azure azure-sdk-for-net monorepo (#4658)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-08-26 14:44:26 -07:00
renovate[bot]
c1d22d19f9
[deps]: Update MessagePack to v2.5.172 (#4586)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-08-26 11:04:35 -07:00
cyprain-okeke
e2ec1c4950
[PM-1635] Invalid license error is inaccurate (#4631)
* Resolve the unclear error messages

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Refactor to return the errormessage from userLicense

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Resolve the pr comments

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* resolve the error returned message

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add period at the end of error messages

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-08-26 14:12:58 +01:00
Bernd Schoolmann
a5363c1513
Allow localhost callback on desktop (#4649) 2024-08-26 15:11:48 +02:00
Thomas Rittson
22bd755b3c
[AC-10362] Remove OrganizationUser.AccessAll from code (#4622)
* Remove OrganizationUser.AccessAll from code

* Add shadow property

* Remove remaining reference

* dotnet format

* Fix tests

* Bump migration dates
2024-08-26 12:03:44 +01:00
Tom
78beac9f19
Added the AccessReports permission to enable report viewing (#4648) 2024-08-26 12:59:49 +02:00
Matt Gibson
aa66b5ad11
Remove hints from responses (#4635) 2024-08-23 13:51:21 -04:00
Conner Turnbull
8ab19c7b00
F4E validation (#4690)
* F4E validation

* Fix broken tests
2024-08-22 15:10:03 +00:00
Cesar Gonzalez
abc5d813f2
[PM-10669] Feature flag for notification bar add login improvements (#4676) 2024-08-21 22:04:08 -05:00
Conner Turnbull
dcc199bcce
[AC-2950] Added logs when validating an existing sponsorship (#4592)
* Added logs when validating an existing sponsorship

* Removed early return in CancelSponsorshipAsync when validating a sponsorship

* Added missing logging messages
2024-08-21 15:20:53 -04:00
Alex Morask
b9d75326a7
Removed feature flag and unused endpoint (#4677) 2024-08-21 10:44:14 -04:00
renovate[bot]
f754317dd4
[deps] Auth: Update Otp.NET to v1.4.0 (#4656)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-08-21 07:12:31 -07:00
Rui Tomé
15511df644
[PM-10589] Update database defaults for collection management settings (#4623)
* [PM-10589] Update database defaults for collection management settings

* Update default values for 'LimitCollectionCreationDeletion' and 'AllowAdminAccessToAllCollectionItems' in Organization table

* Add checks before column constraint drop and constraint creation
2024-08-21 13:18:21 +01:00
Matt Gibson
0ed1f5e2de
Update user last password change (#4685) 2024-08-20 19:20:56 -04:00
Thomas Rittson
9a7165b489
[AC-2972] AC Team ownership: Events (2/2) (#4675) 2024-08-21 09:03:26 +10:00
Conner Turnbull
fb270b538e
No longer sending upcoming invoice reminder for invoices with a $0 balance (#4593) 2024-08-20 15:36:15 -04:00
Matt Bishop
eb72a70bcf
Update public suffix list (#4684) 2024-08-20 15:31:58 -04:00
Daniel García
1a584b4477
[PM-9361] Generate Swagger specs in CI for the SDK (#4428)
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
2024-08-20 15:34:22 +02:00
renovate[bot]
8253de350b
[deps] DbOps: Update EntityFrameworkCore to v8.0.8 (#4651)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-19 14:21:16 -04:00
renovate[bot]
c60e85a0c5
[deps] DbOps: Update Microsoft.Azure.Cosmos to v3.42.0 (#4661)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-19 14:18:03 -04:00
Justin Baur
0e95f6752d
Handle Constant Expression Warning (#4613)
* Add Collections Tests

* Update CollectionRepository Implementation

* Test Adding And Deleting Through Replace

* Format

* Fix Most Test Warnings

* Format

* Handle Constant Expression Warning

* Revert AccountRevisionDate Changes

* Revert RevisionData Changes More Exactly
2024-08-19 09:11:42 -04:00
renovate[bot]
8e9d130574
[deps] Tools: Update aws-sdk-net monorepo to v3.7.400.7 (#4654)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-19 12:18:50 +02:00
Thomas Rittson
0230013b20
[AC-2972] AC Team ownership: Events (#4647)
* Move Event domain under AC Team ownership
2024-08-19 08:00:17 +10:00
Justin Baur
faa9afbe5e
Resolve Billing and Secrets Manager Code (#4645)
* Resolve Billing Warnings

* Resolve SM Warnings
2024-08-17 07:06:31 -04:00
Justin Baur
abb223aabb
Resolves Auth Warnings (#4642)
* Resolve Auth Warnings

* Move Assertion

* ClaimsPrincipal is actually nullable
2024-08-16 09:32:25 -04:00
Addison Beck
07ef299f1e
Add AccountDeprovisioning feature flag (#4640) 2024-08-16 10:06:10 +01:00
Justin Baur
c37f4b45a7
Make AC Repos Nullable (#4610) 2024-08-15 20:47:21 -04:00
renovate[bot]
2096923853
[deps] Tools: Update SignalR to v8.0.8 (#4633)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-15 15:29:51 +02:00
renovate[bot]
15be1053fc
[deps] Tools: Update aws-sdk-net monorepo to v3.7.400.5 (#4634)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-15 15:28:25 +02:00
Justin Baur
3d7fe4f8af
Update ReplaceAsync Implementation in EF CollectionRepository (#4611)
* Add Collections Tests

* Update CollectionRepository Implementation

* Test Adding And Deleting Through Replace

* Format
2024-08-14 13:50:29 -04:00
Kyle Spearrin
db4ff79c91
[AC-2928] Create automatic app login policy (#4562)
* Create automatic app login policy

* IDP Auto Submit Feature Flag (#4564)

---------

Co-authored-by: Cesar Gonzalez <cgonzalez@bitwarden.com>
2024-08-14 14:44:22 +00:00
renovate[bot]
613429d176
[deps] Billing: Update Braintree to v5.26.0 (#4543)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Alex Morask <144709477+amorask-bitwarden@users.noreply.github.com>
2024-08-14 10:06:43 -04:00
Thomas Rittson
f21d43f252
Fix bug: using wrong id 2024-08-14 10:58:27 +10:00
Thomas Rittson
cb3850c098
Proof of concept for strategy pattern 2024-08-14 10:50:56 +10:00
Matt Czech
2b1f23641b
[PM-10517] [PM-10516] Add feature flags for native carousel and create account flows (#4605)
Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com>
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-08-13 15:54:34 -04:00
renovate[bot]
923725c258
[deps] Billing: Update Serilog.AspNetCore to v8.0.2 (#4584)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Alex Morask <144709477+amorask-bitwarden@users.noreply.github.com>
2024-08-13 15:24:00 -04:00
renovate[bot]
86cd03ce52
[deps] Billing: Update swashbuckle-aspnetcore monorepo to v6.7.0 (#4545)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Alex Morask <144709477+amorask-bitwarden@users.noreply.github.com>
2024-08-13 15:10:46 -04:00
Vincent Salucci
253ad9c74f
chore: remove fc v1 feature flag, remove obsolete feature service calls from tests, refs PM-10295 (#4618) 2024-08-13 11:20:05 -05:00
Bernd Schoolmann
1442bf94ae
Fix send rotation error message (#4624) 2024-08-13 11:41:27 -04:00
Thomas Rittson
f04c3b8e54
[PM-10361] Remove Group.AccessAll from code (#4614)
* Remove Group.AccessAll from code

* Add shadow property config and migration
2024-08-13 08:54:03 +10:00
renovate[bot]
1589291ecd
[deps] Tools: Update aws-sdk-net monorepo to v3.7.400.4 (#4602)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-12 12:25:29 +02:00
Thomas Rittson
916be50e66
[PM-10349] Drop Organization.FlexibleCollections column (#4583) 2024-08-12 08:28:13 +10:00
Alex Morask
de1a816b07
Handle tax_id_invalid error (#4609) 2024-08-09 14:13:54 -04:00
Justin Baur
56d6c91b25
Enable Nullable In Auth Repositories (#4600) 2024-08-09 09:31:06 -04:00
Thomas Rittson
374ef95656
Add OrganizationUser_UpdateDataForKeyRotation sproc (#4601) 2024-08-09 08:52:25 +10:00
Thomas Rittson
58a314d9f4
[PM-10360] Drop user cipher and collection details v2 functions (#4588) 2024-08-09 07:33:45 +10:00
Mark Youssef
2011e39e0b
Update new user and trial initiation email content (#4571)
* Update new user and trial initiation email content

* Adjust spacing

* Update style and text

* Update to `{{{`
2024-08-08 12:48:44 -07:00
Vincent Salucci
e2110da4a7
fix: restore using core for remaining feature flag references, refs PM-10291 (#4607) 2024-08-08 14:07:05 -05:00
Vincent Salucci
746a35a14a
[PM-10291] Remove Flexible Collections v1 flag from API (#4578)
* chore: remove fc v1 from groups controller, refs PM-10291

* chore: remove fc v1 from organization users controller, refs PM-10291

* chore: remove fc v1 from organizations controller and clean up unsused imports, refs PM-10291

* chore: remove fc v1 from BulkCollectionAuthorizationHandler, refs PM-10291

* chore: remove fc v1 from CiphersCollections, refs PM-10291

* fix: unit tests related to fc v1 flag removal, refs PM-10291

* chore: update AllowAdminAccessToAllCollectionItems to take optional params, increase usage, refs PM-10291

* fix: format files, refs PM-10291

* chore: revert change to helper method, ignore double cache call, refs PM-10291
2024-08-08 12:26:07 -05:00
Rui Tomé
8d69bb0aaa
[AC-1698] Check if a user has 2FA enabled more efficiently (#4524)
* feat: Add stored procedure for reading organization user details with premium access by organization ID

The code changes include:
- Addition of a new stored procedure [dbo].[OrganizationUserUserDetailsWithPremiumAccess_ReadByOrganizationId] to read organization user details with premium access by organization ID
- Modification of the IUserService interface to include an optional parameter for checking two-factor authentication with premium access
- Modification of the UserService class to handle the new optional parameter in the TwoFactorIsEnabledAsync method
- Addition of a new method GetManyDetailsWithPremiumAccessByOrganizationAsync in the IOrganizationUserRepository interface to retrieve organization user details with premium access by organization ID
- Addition of a new view [dbo].[OrganizationUserUserDetailsWithPremiumAccessView] to retrieve organization user details with premium access

* Add IUserRepository.SearchDetailsAsync that includes the field HasPremiumAccess

* Check the feature flag on Admin.UsersController to see if the optimization runs

* Modify PolicyService to run query optimization if the feature flag is enabled

* Refactor the parameter check on UserService.TwoFactorIsEnabledAsync

* Run query optimization on public MembersController if feature flag is enabled

* Restore refactor

* Reverted change used for development

* Add unit tests for OrganizationService.RestoreUser

* Separate new CheckPoliciesBeforeRestoreAsync optimization into new method

* Add more unit tests

* Apply refactor to bulk restore

* Add GetManyDetailsAsync method to IUserRepository. Add ConfirmUsersAsync_vNext method to IOrganizationService

* Add unit tests for ConfirmUser_vNext

* Refactor the optimization to use the new TwoFactorIsEnabledAsync method instead of changing the existing one

* Removed unused sql scripts and added migration script

* Remove unnecessary view

* chore: Remove unused SearchDetailsAsync method from IUserRepository and UserRepository

* refactor: Use UserDetails constructor in UserRepository

* Add summary to IUserRepository.GetManyDetailsAsync

* Add summary descriptions to IUserService.TwoFactorIsEnabledAsync

* Remove obsolete annotation from IUserRepository.UpdateUserKeyAndEncryptedDataAsync

* refactor: Rename UserDetails to UserWithCalculatedPremium across the codebase

* Extract IUserService.TwoFactorIsEnabledAsync into a new TwoFactorIsEnabledQuery class

* Add unit tests for TwoFactorIsEnabledQuery

* Update TwoFactorIsEnabledQueryTests to include additional provider types

* Refactor TwoFactorIsEnabledQuery

* Refactor TwoFactorIsEnabledQuery and update tests

* refactor: Update TwoFactorIsEnabledQueryTests to include test for null TwoFactorProviders

* refactor: Improve TwoFactorIsEnabledQuery and update tests

* refactor: Improve TwoFactorIsEnabledQuery and update tests

* Remove empty <returns> from summary

* Update User_ReadByIdsWithCalculatedPremium stored procedure to accept JSON array of IDs
2024-08-08 15:43:45 +01:00
Maciej Zieniuk
77f8cc58e8
SM-1146: Secrets Manager total counts (#4200)
* SM-1146: SM Organization Counts for Projects, Secrets, Machine Accounts

* SM-1146: Project total counts

* SM-1146: models object renames

* SM-1146: Service Account total counts

* SM-1146: Unit test coverage for counts controller

* SM-1146: Counts controller simplification, UT update

* SM-1146: Service Account total counts from Service Account auth user

* SM-1146: Integration Tests for total counts controller

* SM-1146: Explicitly denying access for Service Accounts

* SM-1146: Fix broken ProjectsController integration test

* SM-1146: Integration tests for counts controller

* SM-1146: Explicitly denying access for Service Accounts cleanup

* SM-1146: Test cleanup

* SM-1146: PR review comments fix

* SM-1146: People, Service Accounts positive count on write access

* Update bitwarden_license/src/Commercial.Infrastructure.EntityFramework/SecretsManager/Repositories/ProjectRepository.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2024-08-08 15:12:52 +02:00
renovate[bot]
c757bf351c
[PM-9811][deps] Tools: Update MailKit to v4.7.1.1 (#4511)
* [deps] Tools: Update MailKit to v4.7.1.1

* Remove explicit reference to System.Formats.Asn1 because it's resolved downstream with MimeKit 4.7.1

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2024-08-08 11:03:18 +02:00
Cesar Gonzalez
92eac5b59f
[PM-8841] Adding feature flag to allow us to toggle delaying the FIDO2 page-script content script injection within mv2 (#4598) 2024-08-07 10:42:00 -05:00
Conner Turnbull
722dedf10d
Added all missing plan fields to GetPlansHelper (#4597) 2024-08-07 11:22:45 -04:00
Conner Turnbull
4de0f2d783
Checking if seats and storage have values before setting them to default (#4596) 2024-08-07 11:22:09 -04:00
Conner Turnbull
452646be8c
HTML encoding email address when sending trial init email (#4594) 2024-08-06 19:21:04 +00:00
Vincent Salucci
f49fb3a891
[PM-10292] Remove Flexible Collections v1 from Core (#4579)
* chore: remove fc v1 from OrganizationService, refs PM-10292

* chore: remove fc v1 from CollectionService, refs PM-10292

* chore: remove fc v1 from OrganizationCiphersQuery, refs PM-10292

* fix: update CollectionServiceTests, refs PM-10292
2024-08-06 11:14:16 -05:00
Bernd Schoolmann
7d48102865
[PM-7742] Set hasManageResetPasswordPermission for owner and admin invitees (#4528)
* Set hasManageResetPasswordPermission for owner and admin invitees

* Make userdecryptionoptionsbuilder ignore orgusertype if orguser is null
2024-08-06 11:22:10 +02:00
Vincent Salucci
4d3c1c5a5c
chore: remove AllowAdminAccessToAllCollectionItems ref along with feature service call, refs AC-2683 (#4535) 2024-08-05 13:56:46 -05:00
Alex Morask
2157df9ac8
[AC-2942] Sync seat minimum updates from Admin to Stripe (#4580)
* Sync stripe when seat minimums are updated from admin portal

* Add unit tests

* Run dotnet format
2024-08-05 14:45:33 -04:00
Cesar Gonzalez
02fe8777ce
[PM-10420] Generate identity fill script refactor feature flag (#4577) 2024-08-05 12:04:23 -05:00
Alex Morask
a2e1eb79d2
[AC-2947] Fix provider account credit display (#4590)
* Fix provider account credit

* Fix test
2024-08-05 11:02:17 -04:00
renovate[bot]
1f09233760
[deps] Tools: Update aws-sdk-net monorepo to v3.7.400.2 (#4572)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-02 14:02:05 +02:00
Oscar Hinton
f5c771a057
[PM-10261] Migrate from gulp to webpack (#4569)
* Migrate from gulp to bootstrap

* Remove auto build since it breaks tests
2024-07-31 15:41:55 -04:00
renovate[bot]
3cccb6fead
[deps] Auth: Update Duende.IdentityServer to v7.0.6 [SECURITY] (#4573)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-31 15:19:45 -04:00
Alex Morask
398741cec4
[AC-2888] Improve consolidated billing error handling (#4548)
* Fix error handling in provider setup process

This update ensures that when 'enable-consolidated-billing' is on, any exception thrown during the Stripe customer or subscription setup process for the provider will block the remainder of the setup process so the provider does not enter an invalid state

* Refactor the way BillingException is thrown

Made it simpler to just use the exception constructor and also ensured it was added to the exception handling middleware so it could provide a simple response to the client

* Handle all Stripe exceptions in exception handling middleware

* Fixed error response output for billing's provider controllers

* Cleaned up billing owned provider controllers

Changes were made based on feature updates by product and stuff that's no longer needed. No need to expose sensitive endpoints when they're not being used.

* Reafctored get invoices

Removed unnecssarily bloated method from SubscriberService

* Updated error handling for generating the client invoice report

* Moved get provider subscription to controller

This is only used once and the service layer doesn't seem like the correct choice anymore when thinking about error handling with retrieval

* Handled bad request for update tax information

* Split out Stripe configuration from unauthorization

* Run dotnet format

* Addison's feedback
2024-07-31 09:26:44 -04:00
Todd Martin
bc8d03da6c
Added flag. (#4560) 2024-07-30 10:19:36 -04:00
Alex Morask
ef24724e8c
Set client org max storage to 1GB (#4567) 2024-07-29 17:13:52 -04:00
Conner Turnbull
656e0c20f9
[PM-5093][PM-7325] Added trial initiation email verification endpoint (#4221)
* Added trial initiation user verification endpoint

* Added explanatory comment for why we add artificial delay

* Updated RegistrationStart to Registration reference event

* Ensure that productTier query param is an int

* Added email value to trial initiation email
2024-07-29 14:18:12 -04:00
Daniel James Smith
2b738a5a4c
Set column type for externalId (#4566)
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2024-07-29 15:41:55 +02:00
Conner Turnbull
de79d57d6e
[AC-2820] Updated org edit form scripts to dynamically update expected values (#4439)
* Updated org edit form scripts to dynamically update expected values

* Added script to update null values on organization table

* Updated script to only add MaxStorageGb for premium tiers. Removed setting of seats since it's not a valid edge case

* Updated GetPlansHelper() to not use annonymous properties
2024-07-29 09:06:10 -04:00
Jared Snider
54bd5fa894
Auth/PM-10130 - Registration with Email Verification - Respect Self-hosted Disable Open Registration flag (#4561)
* PM-10130 - Registration with email verification - respect self hosted disable open registration setting properly in non-org invite scenarios.

* PM-10130 - Fix unit tests.

* PM-10130 - Update integration tests.
2024-07-26 13:30:47 -04:00
cyprain-okeke
f9017f8e8c
Add a flag for ac-2708 task (#4536)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-07-26 14:55:29 +00:00
Thomas Rittson
ffdc40b21c
[AC-2881] Remove Organization.FlexibleCollections from code (#4552)
* Remove Organization.FlexibleCollections from code

* Drop Organization.FlexibleCollections column in EF databases
(MSSQL column to be retained for 1 additional deployment to support rollback in cloud)
2024-07-26 15:07:33 +10:00
Thomas Rittson
f9a1a6fc95
Remove GroupsComponentRefactor flag (#4556) 2024-07-26 09:59:10 +10:00
Thomas Rittson
abcde39353
Remove TODO from OrganizationLicense (#4553) 2024-07-26 07:15:30 +10:00
cd-bitwarden
9560a32495
[SM-1211] Adding API endpoint to send out Access Request for SM to Admins, addi… (#4155)
* Adding API endpoint to send out Access Request for SM to Admins, adding email template

* Fixing email template HTML, adding tests

* fixing tests

* fixing lint

* Moving files to proper locations

* fixing build error relating to not removing some old code

* Updating namespaces and removing unused using statements

* Dependency injection fix

* Fixing tests and moving them to proper files

* lint

* format fixes

* dotnet format fix

* small fixes

* removing using directive's that aren't needed

* Update bitwarden_license/test/Commercial.Core.Test/SecretsManager/Commands/PasswordManager/RequestSMAccessCommandTests.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Core/MailTemplates/Handlebars/SecretsManagerAccessRequest.text.hbs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update bitwarden_license/src/Commercial.Core/SecretsManager/Commands/PasswordManager/RequestSMAccessCommand.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Changes requested by Thomas

* Lint fixes

* Suggested changes from Maceij

* Current state of tests

* Fixing tests and getting the core.csproj file from main

* Reverting csproj file change

* Removing usings directory

* dotnet format

* Fixing test

* Update bitwarden_license/test/Commercial.Core.Test/SecretsManager/Commands/Requests/RequestSMAccessCommandTests.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update test/Api.Test/SecretsManager/Controllers/RequestSMAccessControllerTests.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Thomas requested changes

* Fixing 500 error when user name is null

* Prettier error message if user sends over an whitespace string

* Fixing word wrapping issue in email contents

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2024-07-25 11:04:05 -04:00
Ike
aba2f023cd
[PM-9925] Tokenable for User Verification on Two Factor Authenticator settings (#4558)
* initial changes

* Fixing some bits

* fixing issue when feature flag is `false`; also names;

* consume OTP on read if FF true

* comment typo

* fix formatting

* check access code first to not consume token

* add docs

* revert checking access code first

* update error messages

* remove line number from comment

---------

Co-authored-by: Jake Fink <jfink@bitwarden.com>
2024-07-25 07:51:23 -07:00
renovate[bot]
f211e969c7
[deps] Tools: Update aws-sdk-net monorepo to v3.7.400 (#4555)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-25 13:43:26 +02:00
aj-rosado
ad5549342e
Added externalId column on build collections ciphers table (#4510) 2024-07-24 11:15:55 -04:00
Justin Baur
1e0182008b
[PM-2943] Enable Nullable Repositories in Unowned Files (#4549)
* Enable Nullable In Unowned Repos

* Update More Tests

* Move to One If

* Fix Collections

* Format

* Add Migrations

* Move Pragma Annotation

* Add Better Assert Message
2024-07-24 09:48:09 -04:00
Alex Morask
b5f09c599b
Added SM standalone check to public members controller (#4179) 2024-07-24 09:04:04 -04:00
Thomas Rittson
2d762f8422
[AC-2877] Make OrganizationUser.AccessAll optional (#4521) 2024-07-24 14:29:45 +10:00
Thomas Rittson
1ac2f39623
[AC-2872] Make AccessAll optional in all group sprocs (#4551) 2024-07-24 11:10:12 +10:00
Thomas Rittson
28d45f91aa
Remove FlexibleCollections feature flag (#4481) 2024-07-24 09:03:09 +10:00
Vincent Salucci
903c412943
[AC-2648] Remove Organization.FlexibleCollections from Models (#4529)
* chore: remove FlexibleCollections refs from OrganizationAbility, AC-2648

* chore: remove FlexibleCollections property from OrganizationResponseModel, refs AC-2648

* chore: remove FlexibleCollections from ProfileOrganizationResponseModel and ProfileProviderOrganizationResponseModel, refs AC-2648

* chore: remove FlexibleCollections from SelfHostedOrganizationDetails, refs AC-2648
2024-07-23 16:03:02 -05:00
Addison Beck
6797680654
Handle a previously unhandled null case (#4533) 2024-07-23 16:18:57 -04:00
Jake Fink
8121f898de
[PM-8285] add endpoint for alerting when device lost trust (#4554)
* endpoint for alerting when device lost trust

* get user from current context
2024-07-23 15:45:03 -04:00
Bernd Schoolmann
ce185eb3df
[PM-5963] Fix tde offboarding vault corruption (#4144)
* Attempt to fix tde to mp flow

* Move tde offboarding to dedicated flag

* Add tde offboarding password request

* Validate tde offboarding input

* Correctly check whether tde is active when building trusted device options

* Refactor Tde offboarding into a separate command

* Add unit tests for tde offboarding

* Update tde offboarding request model

* Fix tests

* Fix further tests

* Fix documentation

* Add validation for updatetdepasswordasync key/newmasterpassword

* Add comment explaining test

* Remove unrelated changes
2024-07-23 14:53:08 -04:00
Merissa Weinstein
48f9d09f4e
PM-1688 | individual vault encryption: remove client version restriction (#4198)
* remove server restriction code

* remove client version method check for encryption

---------

Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
2024-07-23 11:44:14 -05:00
Jared Snider
1b5f9e3f3e
Auth/PM-6198 - Registration with Email Verification - Add email clicked endpoint (#4520)
* PM-6198 - RegistrationEmailVerificationTokenable - add new static validate token method

* PM-6198 - Rename RegistrationStart to Registration as we now have to add another anonymous reference event.

* PM-6198 - rest of work

* PM-6198 - Unit test new account controller method.

* PM-6198 - Integration test new account controller endpoint
2024-07-22 17:24:42 -04:00
Jake Fink
fd90bf5f3d
fix logic (#4550) 2024-07-22 19:43:14 +00:00
renovate[bot]
a0599e71eb
[deps] Auth: Update azure azure-sdk-for-net monorepo (#4537)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-07-22 12:37:09 -07:00
Jake Fink
091c03a90c
[PM-9826] Remove validation from 2fa GET and mask sensitive data (#4526)
* remove validation from 2fa GET and mask sensitive data

* skip verification check on put email

* disable verification on send-email and reenable on put email

* validate authenticator on set instead of get

* Revert "validate authenticator on set instead of get"

This reverts commit 7bf2084531.

* fix tests

* fix more tests

* Narrow scope of verify bypass

* Defaulted to false on VerifySecretAsync

* fix default param value

---------

Co-authored-by: Ike Kottlowski <ikottlowski@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
2024-07-22 11:21:14 -04:00
renovate[bot]
4f4750a0a6
[deps] DbOps: Update Microsoft.Extensions.Caching.SqlServer to v8.0.7 (#4485)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-22 10:56:12 -04:00
renovate[bot]
41830dfcf7
[deps] Tools: Update aws-sdk-net monorepo (#4540)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-22 12:35:06 +02:00
Conner Turnbull
9b9f202f79
Resolved an issue where the API required users to be organization owners when accessing the members page (#4534) 2024-07-19 10:24:48 -04:00
Thomas Rittson
f57f98afe4
Drop CollectionCipher V2 sprocs (#4515)
These sprocs were used to remove AccessAll from
cipher access logic. Now the original sprocs have been
updated with the new logic, these v2 sprocs are unused
and are being dropped to complete the EDD cycle.
2024-07-18 08:24:34 +10:00
Thomas Rittson
b4e58ad942
chore: drop CipherRepository v2 sprocs (#4464)
These updated sprocs removed AccessAll from cipher access logic.
The non-versioned sprocs have been updated with the new logic and
these v2 copies are now unused. They are being dropped to complete
the EDD cycle.
2024-07-18 08:22:45 +10:00
Thomas Rittson
b0ea2a25f0
Drop v2 sprocs that added manage permission (#4463)
These sprocs have been copied back to non-versioned names and are no longer in use.
Now we are dropping the v2 sprocs to complete the EDD cycle.
2024-07-18 08:17:25 +10:00
Conner Turnbull
45ec57f81b
[AC-2887] Added Billing Authorization Where Missing (#4525)
* Added missing authorization validation to OrganizationBillingController endpoints

* Moved authorization validation to top of each method

* Resolved broken unit tests and added some new ones
2024-07-17 16:15:28 -04:00
Bernd Schoolmann
88d5a97a86
Fix key rotation being broken due to org ciphers being included (#4522) 2024-07-17 09:21:32 -04:00
Thomas Rittson
5df0e2180d
[AC-2847] Simplify OrganizationUser and Group PUT methods and tests (#4479)
* refactor controller logic
* add additional validation checks to update commands
* refactor and improve tests
2024-07-16 10:47:28 +10:00
Todd Martin
7fee588812
[PM-9522[PM-9758] Add null check for default value to new fields on Bitwarden Portal (#4506) 2024-07-15 17:49:26 -04:00
Conner Turnbull
883a2dad17
[PM-8844] Families sponsorship line items bug (#4440)
* Resovled issue where free families line item isn't removed from the Stripe subscription when the sponsorship isn't in the database

* Moved SponsorOrganizationSubscriptionUpdate to Billing namespace
2024-07-15 13:39:28 -04:00
Cesar Gonzalez
60cdf9d3a7
[PM-9267] Add Inline Menu Positioning Improvements Fature Flag (#4387) 2024-07-15 17:20:44 +00:00
renovate[bot]
6ab57bcc5b
[deps] Tools: Update aws-sdk-net monorepo (#4512)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-15 16:39:59 +02:00
Vincent Salucci
02b3453cd5
[AC-2646] Remove FC MVP dead code from Core (#4281)
* chore: remove fc refs in CreateGroup and UpdateGroup commands, refs AC-2646

* chore: remove fc refs and update interface to represent usage/get rid of double enumeration warnings, refs AC-2646

* chore: remove org/provider service fc callers, refs AC-2646

* chore: remove collection service fc callers, refs AC-2646

* chore: remove cipher service import ciphers fc callers, refs AC-2646

* fix: UpdateOrganizationUserCommandTests collections to list, refs AC-2646

* fix: update CreateGroupCommandTests, refs AC-2646

* fix: adjust UpdateGroupCommandTests, refs AC-2646

* fix: adjust UpdateOrganizationUserCommandTests for FC always true, refs AC-2646

* fix: update CollectionServiceTests, refs AC-2646

* fix: remove unnecessary test with fc disabled, refs AC-2646

* fix: update tests to account for AccessAll removal and Manager removal, refs AC-2646

* chore: remove dependence on FC flag for tests, refs AC-2646
2024-07-12 12:25:04 -05:00
Thomas Rittson
25dc0c9178
Remove FC MVP code from Bitwarden Portal (#4492) 2024-07-12 06:13:41 +10:00
Thomas Rittson
7fe4fe16cb
[AC-1331] Remove Manager role - final (#4493)
* Remove OrganizationUserType.Manager

* Add EnumDataType validation to prevent invalid enum values
2024-07-12 06:13:10 +10:00
Kyle Spearrin
d2567dd42d
[PM-5518] Refactor Email Token Providers (#3784)
* new email token providers

* move email redaction to core helpers

* make token options configurable

* protected setters on options

* fix email token provider tests

* fix core tests

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-07-11 14:39:27 -04:00
Justin Baur
1292736f54
[PM-7682] Add Explicit Reference to Microsoft.AspNetCore.DataProtection (#4010)
* Add Explicit Reference to Microsoft.AspNetCore.DataProtection

* Use Version That Doesn't Cause Downgrade

* Update src/Core/Core.csproj

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-07-11 12:02:42 -04:00
Conner Turnbull
5ccb4072a3
[AC-2766] famlies sponsorship upcoming invoice email (#4181)
* Getting the fresh invoice if the subscription was updated when validation the families sponsorship

* Getting fresh invoice after validation families sponsorship fails

* Also updating invoice line items
2024-07-11 15:51:04 +00:00
renovate[bot]
b6940f3184
[deps] Tools: Update MailKit to v4.7.0 (#4499)
* [deps] Tools: Update MailKit to v4.7.0

* Add explicit reference to System.Formats.Asn1 to address Microsoft Security Advisory CVE-2024-38095

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2024-07-11 17:33:25 +02:00
Alex Morask
a51e4c0a7c
Used PO ID instead of Org ID on accident (#4500) 2024-07-11 11:22:15 -04:00
Justin Baur
cf8ec4ed41
Add Explicit Version Reference for Azure.Identity (#4501)
* Explicit Bump to Azure.Identity

* Remove Change That Was Just For Testing
2024-07-11 11:12:34 -04:00
renovate[bot]
b1816b7af1
[deps] Tools: Update SignalR to v8.0.7 (#4497)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-11 16:16:49 +02:00
Rui Tomé
3bbac5693f
[AC-2824] Change DuplicateAuthRequestException to Inherit from BadRequestException for Correct 400 Status Code (#4470) 2024-07-11 14:46:18 +01:00
renovate[bot]
491add3363
[deps] Tools: Update aws-sdk-net monorepo (#4498)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-11 15:37:53 +02:00
renovate[bot]
085fe88d23
[deps] Platform: Update dotnet monorepo to v8 (major) (#3745)
* [deps] Platform: Update dotnet monorepo to v8

* Bump Microsoft.Extensions.DependencyInjection.Abstractions

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2024-07-11 09:05:40 -04:00
Thomas Rittson
ca50eb8fe3
[AC-2741] Turn on BulkDeviceApproval feature for self-host (#4453)
Also remove the feature flagging on server, but keep definition
for old clients
2024-07-11 08:38:06 +10:00
Thomas Rittson
8f70dd98ba
[AC-2732] Remove AccessAll - Bump account revision date sprocs (#4490)
* Remove AccessAll logic from bump account revision date sprocs
and corresponding EF methods
2024-07-11 08:01:39 +10:00
Thomas Rittson
4ab608a636
[AC-2733] Remove AccessAll - misc sprocs (#4477)
Remove AccessAll logic from miscellaneous sprocs
and corresponding EF queries
2024-07-11 08:00:28 +10:00
Alex Morask
de1b5371b4
[AC-2849] Update organization autoscaling error message when managed by CB MSP (#4489)
* Update autoscaling error message for CB MSP organizations

* Run dotnet format

* Update error message per Product requirements
2024-07-10 10:16:51 -04:00
Bernd Schoolmann
79a5ed42d5
[PM-4154] Add PM-4154-bulk-encryption-service feature flag (#4091)
* Add multi-worker encryption service feature flag

* Rename flag to BulkEncryptionService
2024-07-10 10:01:26 -04:00
Conner Turnbull
9e78236a72
Removed automatic tax feature flag (#4487) 2024-07-10 07:32:41 -04:00
Vincent Salucci
ff8a436cd4
chore: remove UnassignedItemBanners feature flag and API endpoint, refs AC-2520 (#4461) 2024-07-09 15:59:41 -05:00
renovate[bot]
41135c866d
[deps] DbOps: Update EntityFrameworkCore to v8.0.7 (#4484)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-09 12:11:35 -04:00