1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-21 12:05:42 +01:00
Commit Graph

5211 Commits

Author SHA1 Message Date
renovate[bot]
edd31bcf4e
[deps] Auth: Update Duende.IdentityServer to 7.0.8 [SECURITY] (#4953)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-31 14:40:46 -07:00
Matt Bishop
a04df4beba
Device deactivation (#4963)
* Device deactivation

* Check active status in service

* Format and work around potential deadlocks
2024-10-31 17:05:13 -04:00
tangowithfoxtrot
751fd33aef
fix: ensure vault URI is propagated from config.yml (#4925)
* fix: ensure vault URI matches Url from config.yml

* fmt: use camelCase for vaultUri

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2024-10-31 09:13:57 -07:00
Vince Grassia
997bf03d97
Update version to 2024.10.2 (#4962) 2024-10-31 11:40:54 -04:00
Alex Morask
249c39e71e
[PM-14275] Add IsManaged to OrganizationMetadata (#4957)
* Add IsManaged to OrganizationMetadata

* Remove subscription requirement from self-host eligibility check

* Remove unused service

* Run dotnet format
2024-10-31 11:01:37 -04:00
renovate[bot]
2893ca729f
[deps] Billing: Update swashbuckle-aspnetcore monorepo to 6.9.0 (#4948)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-31 11:02:23 +01:00
renovate[bot]
2abd37d2d7
[deps] DevOps: Update gh minor (#4945)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-30 11:23:50 -04:00
Brandon Treston
359c2787ad
[PM-11408] domain verification stat in portal and add cs delete permission (#4943)
* Add delete permission to cs role

* Add domain verification stat to portal

* add feature flag and unit tests

* fix test

* Refactor from PR feedback

* update comment
2024-10-30 10:45:53 -04:00
renovate[bot]
6cc097ec49
[deps] Platform: Update dotnet monorepo (#4886)
* [deps] Platform: Update dotnet monorepo

* Update patch version on missed monorepo packages

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Addison Beck <github@addisonbeck.com>
2024-10-28 13:35:14 -04:00
Brandon Treston
7f4bde1b6c
[PM-13730] Return Policy object instead of NotFoundException (#4911)
* Return Policy object instead of NotFoundException

* Add unit tests, change orgId type to Guid

* Fix test cases, throw exception when manage not allowed
2024-10-28 12:33:22 -04:00
Rui Tomé
c126fee296
[PM-11405] Account Management: Prevent a verified user from changing their email address (#4875)
* Add check for managed user before purging account

* Rename IOrganizationRepository.GetByClaimedUserDomainAsync to GetByVerifiedUserEmailDomainAsync and refactor to return a list. Remove ManagedByOrganizationId from ProfileResponseMode. Add ManagesActiveUser to ProfileOrganizationResponseModel

* Rename the property ManagesActiveUser to UserIsManagedByOrganization

* Remove whole class #nullable enable and add it to specific places

* [PM-11405] Account Deprovisioning: Prevent a verified user from changing their email address

* Remove unnecessary .ToList()

* Refactor IUserService methods GetOrganizationsManagingUserAsync and IsManagedByAnyOrganizationAsync to not return nullable objects. Update ProfileOrganizationResponseModel.UserIsManagedByOrganization to not be nullable

* Update error message when unable to purge vault for managed account

* Update error message when unable to change email for managed account

* Update expected error messages on unit tests

* Add TestFeatureService to Api.IntegrationTest.Helpers and use it on ApiApplicationFactory to be able to enable specific features for each test

* Add CreateVerifiedDomainAsync method to OrganizationTestHelpers

* Add tests to AccountsControllerTest to prevent changing email for managed accounts

* Remove setting the feature flag value in ApiApplicationFactory and set it on AccountsControllerTest

* Remove TestFeatureService class from Api.IntegrationTest.Helpers
2024-10-28 16:12:13 +00:00
renovate[bot]
cc6e41b42a
[deps] DbOps: Update Microsoft.Azure.Cosmos to 3.45.0 (#4949)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-28 10:29:34 -04:00
renovate[bot]
109ba14cf4
[deps] Tools: Update aws-sdk-net monorepo (#4946)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-28 10:02:40 +01:00
renovate[bot]
e2a69c432c
[deps] Tools: Update LaunchDarkly.ServerSdk to 8.6.0 (#4950)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-28 10:00:33 +01:00
Ike
d0c9953444
[PM-8213] Feature flag for new-device-verification (#4944) 2024-10-26 12:43:27 -04:00
Jonas Hendrickx
53ad9df003
[PM-13451] Update subscription setup process to support MOE providers (#4937) 2024-10-25 03:56:03 +02:00
Thomas Rittson
6272e84c92
Remove feature flag (#4931)
Co-authored-by: MtnBurrit0 <77340197+mimartin12@users.noreply.github.com>
2024-10-25 10:17:28 +10:00
Matt Gibson
f43f59e4b4
Register noop notification registration service for self host lacking necessary data (#4939) 2024-10-24 15:45:13 -04:00
Vince Grassia
9a499df0e7
BRE-344 - Add PR logic to Repository Management workflow (#4938) 2024-10-24 13:15:16 -06:00
Ike
c028c68d9c
[PM-6666] Two factor Validator refactor (#4894)
* initial device removal

* Unit Testing

* Finalized tests

* initial commit refactoring two factor

* initial tests

* Unit Tests

* initial device removal

* Unit Testing

* Finalized tests

* initial commit refactoring two factor

* initial tests

* Unit Tests

* Fixing some tests

* renaming and reorganizing

* refactored two factor flows

* fixed a possible issue with object mapping.

* Update TwoFactorAuthenticationValidator.cs

removed unused code
2024-10-24 10:41:25 -07:00
Jared McCannon
0c346d6070
[PM-10314] Auto-enable Single Org when a Domain is Verified (#4897)
Updated domain verification to auto-enable single org policy.
2024-10-24 10:13:45 -05:00
Rui Tomé
a128cf1506
[PM-12758] Add managed status to OrganizationUserDetailsResponseModel and OrganizationUserUserDetailsResponse (#4918)
* Refactor OrganizationUsersController.Get to include organization management status of organization users in details endpoint

* Refactor OrganizationUsersController.Get to include organization management status of an individual user in details endpoint

* Remove redundant .ToDictionary()

* Simpify the property xmldoc

* Name tuple variables in OrganizationUsersController.Get

* Name returned tuple objects in GetDetailsByIdWithCollectionsAsync method in OrganizationUserRepository

* Refactor MembersController.Get to destructure tuple returned by GetDetailsByIdWithCollectionsAsync

* Add test for OrganizationUsersController.Get to assert ManagedByOrganization is set accordingly
2024-10-24 15:39:35 +01:00
Jonas Hendrickx
d38c489443
[PM-13982] [Defect] Can no longer create providers due to foreign key conflict (#4935) 2024-10-24 08:34:27 +02:00
Thomas Rittson
4a1b90db48
Remove bulk-device-approval feature flag definition (#4930) 2024-10-24 08:09:07 +10:00
Jared Snider
e6245bbece
Auth/PM-12613 - Registration with Email Verification - Provider Invite Flow (#4917)
* PM-12613 - Add RegisterUserViaProviderInviteToken flow (needs manual, unit, and integration tests)

* PM-12613 - RegisterUserCommandTests - test register via provider inv

* PM-12613 - AccountsControllerTests.cs - Add integration test for provider

* PM-12613 - Remove comment

* PM-12613 - Add temp logging to help debug integration test failure in pipeline

* PM-12613 - WebApplicationFactoryBase.cs - add ConfigureServices

* PM-12613 - AccountsControllerTests.cs - refactor test to sidestep encryption

* PM-12613 - Per PR feedback, refactor AccountsController.cs and move token type checking into request model.

* PM-12613 - Remove debug writelines

* PM-12613 - Add RegisterFinishRequestModelTests
2024-10-23 18:06:24 -04:00
Jonas Hendrickx
a952d10637
[PM-13447] Add Multi Org Enterprise providers to Admin Console (#4920) 2024-10-23 12:10:50 -04:00
Daniel James Smith
39c560bbdd
Add generator-tools-modernization feature flag (#4933)
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2024-10-23 12:01:23 -04:00
MtnBurrit0
724f2ee5e5
Secure inputs (#4927) 2024-10-22 10:29:57 -06:00
MtnBurrit0
bf976706f7
Manage ephemeral configs (#4926)
* Add ephemeral-environment label and cleanup workflow call

* Update workflow call to main

* switch to process.env
2024-10-22 10:24:25 -06:00
Matt Gibson
f44a59f7a9
Shard notification hub (#4450)
* Allow for binning of comb IDs by date and value

* Introduce notification hub pool

* Replace device type sharding with comb + range sharding

* Fix proxy interface

* Use enumerable services for multiServiceNotificationHub

* Fix push interface usage

* Fix push notification service dependencies

* Fix push notification keys

* Fixup documentation

* Remove deprecated settings

* Fix tests

* PascalCase method names

* Remove unused request model properties

* Remove unused setting

* Improve DateFromComb precision

* Prefer readonly service enumerable

* Pascal case template holes

* Name TryParse methods TryParse

* Apply suggestions from code review

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* AllClients is a set of clients and must be deduplicated

* Fix registration start time

* Add logging to initialization of a notification hub

* more logging

* Add lower level logging for hub settings

* Log when connection is resolved

* Improve log message

* Log pushes to notification hub

* temporarily elevate log messages for visibility

* Log in multi-service when relaying to another push service

* Revert to more reasonable logging free of user information

* Fixup merge

Deleting user was extracted to a command in #4803, this updates that work to use just the device ids as I did elsewhere in abd67e8ec

* Do not use bouncy castle exception types

* Add required services for logging

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
2024-10-22 12:20:57 -04:00
Michał Chęciński
00bfcb5fa5
[BRE-101] Remove dept-devops from CODEOWNERS (#4176) 2024-10-22 10:37:43 -04:00
Rui Tomé
7b5e0e4a64
[PM-13836] Refactor IPolicyService to remove unnecessary IOrganizationService dependency (#4914) 2024-10-22 10:38:01 +01:00
Thomas Rittson
dfa411131d
[PM-13322] [BEEEP] Add PolicyValidators and refactor policy save logic (#4877) 2024-10-22 09:18:34 +10:00
Vince Grassia
75cc907785
Bump version to 2024.10.1 (#4921) 2024-10-21 20:55:12 +00:00
Alex Morask
a2109175b0
Add self-host eligibility to organization metadata (#4867) 2024-10-21 14:02:21 -04:00
Thomas Avery
2c4dd3ea12
Fix swap notification commands to use UtcNow (#4919) 2024-10-21 12:10:03 -05:00
Jonas Hendrickx
f82c0e3742
[PM-10703] Admin Portal Selecting Families plan does not check default features (#4859) 2024-10-21 17:57:18 +02:00
Alex Morask
f61a017c17
[PM-13834] Skip providers that have no clients during migration (#4913)
* Skip providers that have no clients during migration

* Remove enabled requirement from migrator
2024-10-21 08:54:15 -04:00
Alex Morask
5d15750b80
[PM-13717] Fix legacy credit rebate for migrated MSPs (#4906)
* Fix legacy credit rebate for migrated MSPs

* Run dotnet format
2024-10-21 08:54:06 -04:00
Opeyemi
c809794642
[BRE-372] - Clean up document start (#4915) 2024-10-21 13:11:59 +01:00
rkac-bw
27760bd190
[PM-13843] Optimize collectioncipher readbyuserid (#4916)
* Optimise stored procedure Collectioncipher_ReadByUserId

* Optimise stored procedure Collectioncipher_ReadByUserId

* Optimise stored procedure Collectioncipher_ReadByUserId
2024-10-18 11:28:31 -06:00
Addison Beck
91409a45f0
Split Organization.LimitCollectionCreationDeletion into two separate business rules (#4730)
* Add feature flag

* Promoted the new Entiy Framework properties

* Deprecate the old property

* Update references

* Fix mispelling

* Re-add contextual comment regarding dropped license properties

* Add back deleted assertion for deprecated property

* Add back removed fixture property assignment

* Improve feature toggling scenerios for self hosted org creation/update

* Unblock `PutCollectionManagement` for self host

* Simplify logic of a couple of conditionals

* Feature toggle route unblocking

* Adjust logic collection creation/deletion authorization handler

* Create tests

* Fix bug caught by tests

* Fix bugs caught during manual testing

* Remove remark about license
2024-10-18 11:00:01 -04:00
Jared McCannon
4fec7cadb7
[PM-13722] Refactor ValidateOrganizationsDomainAsync (#4905)
Refactored ValidateOrganizationsDomainAsync to use VerifyOrganizationDomainAsync
2024-10-18 07:45:34 -05:00
Matt Bishop
1d3188d3f5
Remove unused MessagePack dependency (#4909) 2024-10-17 17:30:54 -04:00
AJ
1fb366d42b
Replace github.ref with GITHUB_REF in build.yml scripts (#4857)
Data should be separated from code where possible to avoid injection (CWE-78).

* https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#understanding-the-risk-of-script-injections
* https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables
2024-10-17 11:50:31 -04:00
Rui Tomé
d6cd73cfcc
[PM-11404] Account Management: Prevent a verified user from purging their vault (#4853)
* Add check for managed user before purging account

* Rename IOrganizationRepository.GetByClaimedUserDomainAsync to GetByVerifiedUserEmailDomainAsync and refactor to return a list. Remove ManagedByOrganizationId from ProfileResponseMode. Add ManagesActiveUser to ProfileOrganizationResponseModel

* Rename the property ManagesActiveUser to UserIsManagedByOrganization

* Remove whole class #nullable enable and add it to specific places

* Remove unnecessary .ToList()

* Refactor IUserService methods GetOrganizationsManagingUserAsync and IsManagedByAnyOrganizationAsync to not return nullable objects. Update ProfileOrganizationResponseModel.UserIsManagedByOrganization to not be nullable

* Update error message when unable to purge vault for managed account
2024-10-17 16:06:32 +01:00
renovate[bot]
245e2e4d52
[deps] DevOps: Update gh minor (#4885)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-17 10:42:44 -04:00
renovate[bot]
8e62e9eb38
[deps] DevOps: Update anchore/scan-action action to v5 (#4892)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-17 10:42:26 -04:00
Benson Bird
da0421890f
[PM-12777] Fixed Issue #4034, API endpoint now handles optional parameters (#4812)
* resolves issue #4043 default values for itemsPerPage and startIndex

* UsersController#Get now uses a queryParamModel
Co-authored-by: Ahmad Mustafa Jebran <jebran.mustafa@gmail.com>
Co-authored-by: Luris Solis <solisluris@gmail.com>

* Test now passes, default 50 is represented

---------

Co-authored-by: Jared McCannon <jmccannon@bitwarden.com>
2024-10-17 09:03:26 -05:00
Thomas Rittson
7a509d20da
Remove OpenLDAP docker configuration (#4902)
This has been moved to the Directory Connector repository.
2024-10-17 07:50:42 +10:00