1
0
mirror of https://github.com/bitwarden/server.git synced 2024-12-12 15:26:48 +01:00
Commit Graph

5242 Commits

Author SHA1 Message Date
Ike
c028c68d9c
[PM-6666] Two factor Validator refactor (#4894)
* initial device removal

* Unit Testing

* Finalized tests

* initial commit refactoring two factor

* initial tests

* Unit Tests

* initial device removal

* Unit Testing

* Finalized tests

* initial commit refactoring two factor

* initial tests

* Unit Tests

* Fixing some tests

* renaming and reorganizing

* refactored two factor flows

* fixed a possible issue with object mapping.

* Update TwoFactorAuthenticationValidator.cs

removed unused code
2024-10-24 10:41:25 -07:00
Jared McCannon
0c346d6070
[PM-10314] Auto-enable Single Org when a Domain is Verified (#4897)
Updated domain verification to auto-enable single org policy.
2024-10-24 10:13:45 -05:00
Rui Tomé
a128cf1506
[PM-12758] Add managed status to OrganizationUserDetailsResponseModel and OrganizationUserUserDetailsResponse (#4918)
* Refactor OrganizationUsersController.Get to include organization management status of organization users in details endpoint

* Refactor OrganizationUsersController.Get to include organization management status of an individual user in details endpoint

* Remove redundant .ToDictionary()

* Simpify the property xmldoc

* Name tuple variables in OrganizationUsersController.Get

* Name returned tuple objects in GetDetailsByIdWithCollectionsAsync method in OrganizationUserRepository

* Refactor MembersController.Get to destructure tuple returned by GetDetailsByIdWithCollectionsAsync

* Add test for OrganizationUsersController.Get to assert ManagedByOrganization is set accordingly
2024-10-24 15:39:35 +01:00
Jonas Hendrickx
d38c489443
[PM-13982] [Defect] Can no longer create providers due to foreign key conflict (#4935) 2024-10-24 08:34:27 +02:00
Thomas Rittson
4a1b90db48
Remove bulk-device-approval feature flag definition (#4930) 2024-10-24 08:09:07 +10:00
Jared Snider
e6245bbece
Auth/PM-12613 - Registration with Email Verification - Provider Invite Flow (#4917)
* PM-12613 - Add RegisterUserViaProviderInviteToken flow (needs manual, unit, and integration tests)

* PM-12613 - RegisterUserCommandTests - test register via provider inv

* PM-12613 - AccountsControllerTests.cs - Add integration test for provider

* PM-12613 - Remove comment

* PM-12613 - Add temp logging to help debug integration test failure in pipeline

* PM-12613 - WebApplicationFactoryBase.cs - add ConfigureServices

* PM-12613 - AccountsControllerTests.cs - refactor test to sidestep encryption

* PM-12613 - Per PR feedback, refactor AccountsController.cs and move token type checking into request model.

* PM-12613 - Remove debug writelines

* PM-12613 - Add RegisterFinishRequestModelTests
2024-10-23 18:06:24 -04:00
Jonas Hendrickx
a952d10637
[PM-13447] Add Multi Org Enterprise providers to Admin Console (#4920) 2024-10-23 12:10:50 -04:00
Daniel James Smith
39c560bbdd
Add generator-tools-modernization feature flag (#4933)
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2024-10-23 12:01:23 -04:00
MtnBurrit0
724f2ee5e5
Secure inputs (#4927) 2024-10-22 10:29:57 -06:00
MtnBurrit0
bf976706f7
Manage ephemeral configs (#4926)
* Add ephemeral-environment label and cleanup workflow call

* Update workflow call to main

* switch to process.env
2024-10-22 10:24:25 -06:00
Matt Gibson
f44a59f7a9
Shard notification hub (#4450)
* Allow for binning of comb IDs by date and value

* Introduce notification hub pool

* Replace device type sharding with comb + range sharding

* Fix proxy interface

* Use enumerable services for multiServiceNotificationHub

* Fix push interface usage

* Fix push notification service dependencies

* Fix push notification keys

* Fixup documentation

* Remove deprecated settings

* Fix tests

* PascalCase method names

* Remove unused request model properties

* Remove unused setting

* Improve DateFromComb precision

* Prefer readonly service enumerable

* Pascal case template holes

* Name TryParse methods TryParse

* Apply suggestions from code review

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* AllClients is a set of clients and must be deduplicated

* Fix registration start time

* Add logging to initialization of a notification hub

* more logging

* Add lower level logging for hub settings

* Log when connection is resolved

* Improve log message

* Log pushes to notification hub

* temporarily elevate log messages for visibility

* Log in multi-service when relaying to another push service

* Revert to more reasonable logging free of user information

* Fixup merge

Deleting user was extracted to a command in #4803, this updates that work to use just the device ids as I did elsewhere in abd67e8ec

* Do not use bouncy castle exception types

* Add required services for logging

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
2024-10-22 12:20:57 -04:00
Michał Chęciński
00bfcb5fa5
[BRE-101] Remove dept-devops from CODEOWNERS (#4176) 2024-10-22 10:37:43 -04:00
Rui Tomé
7b5e0e4a64
[PM-13836] Refactor IPolicyService to remove unnecessary IOrganizationService dependency (#4914) 2024-10-22 10:38:01 +01:00
Thomas Rittson
dfa411131d
[PM-13322] [BEEEP] Add PolicyValidators and refactor policy save logic (#4877) 2024-10-22 09:18:34 +10:00
Vince Grassia
75cc907785
Bump version to 2024.10.1 (#4921) 2024-10-21 20:55:12 +00:00
Alex Morask
a2109175b0
Add self-host eligibility to organization metadata (#4867) 2024-10-21 14:02:21 -04:00
Thomas Avery
2c4dd3ea12
Fix swap notification commands to use UtcNow (#4919) 2024-10-21 12:10:03 -05:00
Jonas Hendrickx
f82c0e3742
[PM-10703] Admin Portal Selecting Families plan does not check default features (#4859) 2024-10-21 17:57:18 +02:00
Alex Morask
f61a017c17
[PM-13834] Skip providers that have no clients during migration (#4913)
* Skip providers that have no clients during migration

* Remove enabled requirement from migrator
2024-10-21 08:54:15 -04:00
Alex Morask
5d15750b80
[PM-13717] Fix legacy credit rebate for migrated MSPs (#4906)
* Fix legacy credit rebate for migrated MSPs

* Run dotnet format
2024-10-21 08:54:06 -04:00
Opeyemi
c809794642
[BRE-372] - Clean up document start (#4915) 2024-10-21 13:11:59 +01:00
rkac-bw
27760bd190
[PM-13843] Optimize collectioncipher readbyuserid (#4916)
* Optimise stored procedure Collectioncipher_ReadByUserId

* Optimise stored procedure Collectioncipher_ReadByUserId

* Optimise stored procedure Collectioncipher_ReadByUserId
2024-10-18 11:28:31 -06:00
Addison Beck
91409a45f0
Split Organization.LimitCollectionCreationDeletion into two separate business rules (#4730)
* Add feature flag

* Promoted the new Entiy Framework properties

* Deprecate the old property

* Update references

* Fix mispelling

* Re-add contextual comment regarding dropped license properties

* Add back deleted assertion for deprecated property

* Add back removed fixture property assignment

* Improve feature toggling scenerios for self hosted org creation/update

* Unblock `PutCollectionManagement` for self host

* Simplify logic of a couple of conditionals

* Feature toggle route unblocking

* Adjust logic collection creation/deletion authorization handler

* Create tests

* Fix bug caught by tests

* Fix bugs caught during manual testing

* Remove remark about license
2024-10-18 11:00:01 -04:00
Jared McCannon
4fec7cadb7
[PM-13722] Refactor ValidateOrganizationsDomainAsync (#4905)
Refactored ValidateOrganizationsDomainAsync to use VerifyOrganizationDomainAsync
2024-10-18 07:45:34 -05:00
Matt Bishop
1d3188d3f5
Remove unused MessagePack dependency (#4909) 2024-10-17 17:30:54 -04:00
AJ
1fb366d42b
Replace github.ref with GITHUB_REF in build.yml scripts (#4857)
Data should be separated from code where possible to avoid injection (CWE-78).

* https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#understanding-the-risk-of-script-injections
* https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables
2024-10-17 11:50:31 -04:00
Rui Tomé
d6cd73cfcc
[PM-11404] Account Management: Prevent a verified user from purging their vault (#4853)
* Add check for managed user before purging account

* Rename IOrganizationRepository.GetByClaimedUserDomainAsync to GetByVerifiedUserEmailDomainAsync and refactor to return a list. Remove ManagedByOrganizationId from ProfileResponseMode. Add ManagesActiveUser to ProfileOrganizationResponseModel

* Rename the property ManagesActiveUser to UserIsManagedByOrganization

* Remove whole class #nullable enable and add it to specific places

* Remove unnecessary .ToList()

* Refactor IUserService methods GetOrganizationsManagingUserAsync and IsManagedByAnyOrganizationAsync to not return nullable objects. Update ProfileOrganizationResponseModel.UserIsManagedByOrganization to not be nullable

* Update error message when unable to purge vault for managed account
2024-10-17 16:06:32 +01:00
renovate[bot]
245e2e4d52
[deps] DevOps: Update gh minor (#4885)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-17 10:42:44 -04:00
renovate[bot]
8e62e9eb38
[deps] DevOps: Update anchore/scan-action action to v5 (#4892)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-17 10:42:26 -04:00
Benson Bird
da0421890f
[PM-12777] Fixed Issue #4034, API endpoint now handles optional parameters (#4812)
* resolves issue #4043 default values for itemsPerPage and startIndex

* UsersController#Get now uses a queryParamModel
Co-authored-by: Ahmad Mustafa Jebran <jebran.mustafa@gmail.com>
Co-authored-by: Luris Solis <solisluris@gmail.com>

* Test now passes, default 50 is represented

---------

Co-authored-by: Jared McCannon <jmccannon@bitwarden.com>
2024-10-17 09:03:26 -05:00
Thomas Rittson
7a509d20da
Remove OpenLDAP docker configuration (#4902)
This has been moved to the Directory Connector repository.
2024-10-17 07:50:42 +10:00
Thomas Rittson
a587de4226
[PM-13646] Revert disabling policies when org plan is changed
This reverts commit fd8c1aae02.
2024-10-16 17:49:17 +01:00
Thomas Avery
c643f8fd31
Add Key Management team to code owners (#4899) 2024-10-16 10:08:49 -05:00
Rui Tomé
93e49ffe74
[AC-607] Extract IOrganizationService.DeleteUserAsync into IRemoveOrganizationUserCommand (#4803)
* Add HasConfirmedOwnersExceptQuery class, interface and unit tests

* Register IHasConfirmedOwnersExceptQuery for dependency injection

* Replace OrganizationService.HasConfirmedOwnersExceptAsync with HasConfirmedOwnersExceptQuery

* Refactor DeleteManagedOrganizationUserAccountCommand to use IHasConfirmedOwnersExceptQuery

* Fix unit tests

* Extract IOrganizationService.RemoveUserAsync into IRemoveOrganizationUserCommand; Update unit tests

* Extract IOrganizationService.RemoveUsersAsync into IRemoveOrganizationUserCommand; Update unit tests

* Refactor RemoveUserAsync(Guid organizationId, Guid userId) to use ValidateDeleteUser

* Refactor RemoveOrganizationUserCommandTests to use more descriptive method names

* Refactor controller actions to accept Guid directly instead of parsing strings

* Add unit tests for removing OrganizationUser by UserId

* Refactor remove OrganizationUser by UserId method

* Add summary to IHasConfirmedOwnersExceptQuery
2024-10-16 10:33:00 +01:00
Vince Grassia
7408f3ee02
BRE-344 - Create Repository Management workflow (#4863) 2024-10-15 11:02:53 -04:00
renovate[bot]
82f24ba0a5
[deps] Tools: Update aws-sdk-net monorepo (#4887)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-15 14:29:22 +02:00
renovate[bot]
7a5faae496
[deps] Billing: Update swashbuckle-aspnetcore monorepo to 6.8.1 (#4884)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
2024-10-15 12:46:29 +01:00
renovate[bot]
80ffc271b2
[deps] DbOps: Update Microsoft.Azure.Cosmos to 3.44.0 (#4889)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-14 18:22:13 -04:00
renovate[bot]
7835d80630
[deps] Billing: Update Serilog.AspNetCore to 8.0.3 (#4883)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-14 16:28:53 +01:00
renovate[bot]
7d35435a22
[deps] Billing: Update Kralizek.AutoFixture.Extensions.MockHttp to 2.1.0 (#4888)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-14 12:15:04 +01:00
renovate[bot]
1b701688d8
[deps] Billing: Update Serilog.Sinks.SyslogMessages to v4 (#4890)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-14 11:25:56 +01:00
renovate[bot]
6f840758e5
[deps] Auth: Lock file maintenance (#4724)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-11 17:09:47 -07:00
renovate[bot]
9c5be222f3
[deps] Auth: Update webpack to v5.95.0 (#4822)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-11 15:46:35 -07:00
renovate[bot]
50f2ba88be
[deps] Auth: Update sass-loader to v16.0.2 (#4816)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-11 15:28:38 -07:00
renovate[bot]
fde807fd49
[deps] Auth: Update sass to v1.79.5 (#4777)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-10-11 14:03:32 -07:00
Ike
96f697babd
revert to bootstrap 4 (#4879) 2024-10-11 12:23:25 -07:00
Ike
22dd957543
[PM-10742] Pull Device verification into testable service (#4851)
* initial device removal

* Unit Testing

* Added unit tests fixed validator null checks

* Finalized tests

* formatting

* fixed test

* lint

* addressing review notes

* comments
2024-10-10 17:26:17 -07:00
MtnBurrit0
96f58dc309
BRE-349: Call _update_ephemeral_tags workflow (#4850)
* Kick off ephemeral environment updates

* Fix missing ,

* Switch to head_ref

* Update to `main`
2024-10-10 09:49:04 -06:00
Todd Martin
d4c486e189
[PM-12429] Remove authenticator token flag from business logic on 2FA controller (#4868)
* Removed flag from business logic on 2FA controller

* Linting.
2024-10-09 13:47:14 -04:00
Alex Morask
c4e79ae9e9
Register IDistributedCache in billing (#4872) 2024-10-09 12:51:08 -04:00