1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-22 12:15:36 +01:00
Commit Graph

5144 Commits

Author SHA1 Message Date
Thomas Rittson
374ef95656
Add OrganizationUser_UpdateDataForKeyRotation sproc (#4601) 2024-08-09 08:52:25 +10:00
Thomas Rittson
58a314d9f4
[PM-10360] Drop user cipher and collection details v2 functions (#4588) 2024-08-09 07:33:45 +10:00
renovate[bot]
31412db1a9
[deps] DevOps: Update anchore/scan-action action to v4 (#4606)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-08 16:12:22 -04:00
Mark Youssef
2011e39e0b
Update new user and trial initiation email content (#4571)
* Update new user and trial initiation email content

* Adjust spacing

* Update style and text

* Update to `{{{`
2024-08-08 12:48:44 -07:00
Vincent Salucci
e2110da4a7
fix: restore using core for remaining feature flag references, refs PM-10291 (#4607) 2024-08-08 14:07:05 -05:00
Vincent Salucci
746a35a14a
[PM-10291] Remove Flexible Collections v1 flag from API (#4578)
* chore: remove fc v1 from groups controller, refs PM-10291

* chore: remove fc v1 from organization users controller, refs PM-10291

* chore: remove fc v1 from organizations controller and clean up unsused imports, refs PM-10291

* chore: remove fc v1 from BulkCollectionAuthorizationHandler, refs PM-10291

* chore: remove fc v1 from CiphersCollections, refs PM-10291

* fix: unit tests related to fc v1 flag removal, refs PM-10291

* chore: update AllowAdminAccessToAllCollectionItems to take optional params, increase usage, refs PM-10291

* fix: format files, refs PM-10291

* chore: revert change to helper method, ignore double cache call, refs PM-10291
2024-08-08 12:26:07 -05:00
Rui Tomé
8d69bb0aaa
[AC-1698] Check if a user has 2FA enabled more efficiently (#4524)
* feat: Add stored procedure for reading organization user details with premium access by organization ID

The code changes include:
- Addition of a new stored procedure [dbo].[OrganizationUserUserDetailsWithPremiumAccess_ReadByOrganizationId] to read organization user details with premium access by organization ID
- Modification of the IUserService interface to include an optional parameter for checking two-factor authentication with premium access
- Modification of the UserService class to handle the new optional parameter in the TwoFactorIsEnabledAsync method
- Addition of a new method GetManyDetailsWithPremiumAccessByOrganizationAsync in the IOrganizationUserRepository interface to retrieve organization user details with premium access by organization ID
- Addition of a new view [dbo].[OrganizationUserUserDetailsWithPremiumAccessView] to retrieve organization user details with premium access

* Add IUserRepository.SearchDetailsAsync that includes the field HasPremiumAccess

* Check the feature flag on Admin.UsersController to see if the optimization runs

* Modify PolicyService to run query optimization if the feature flag is enabled

* Refactor the parameter check on UserService.TwoFactorIsEnabledAsync

* Run query optimization on public MembersController if feature flag is enabled

* Restore refactor

* Reverted change used for development

* Add unit tests for OrganizationService.RestoreUser

* Separate new CheckPoliciesBeforeRestoreAsync optimization into new method

* Add more unit tests

* Apply refactor to bulk restore

* Add GetManyDetailsAsync method to IUserRepository. Add ConfirmUsersAsync_vNext method to IOrganizationService

* Add unit tests for ConfirmUser_vNext

* Refactor the optimization to use the new TwoFactorIsEnabledAsync method instead of changing the existing one

* Removed unused sql scripts and added migration script

* Remove unnecessary view

* chore: Remove unused SearchDetailsAsync method from IUserRepository and UserRepository

* refactor: Use UserDetails constructor in UserRepository

* Add summary to IUserRepository.GetManyDetailsAsync

* Add summary descriptions to IUserService.TwoFactorIsEnabledAsync

* Remove obsolete annotation from IUserRepository.UpdateUserKeyAndEncryptedDataAsync

* refactor: Rename UserDetails to UserWithCalculatedPremium across the codebase

* Extract IUserService.TwoFactorIsEnabledAsync into a new TwoFactorIsEnabledQuery class

* Add unit tests for TwoFactorIsEnabledQuery

* Update TwoFactorIsEnabledQueryTests to include additional provider types

* Refactor TwoFactorIsEnabledQuery

* Refactor TwoFactorIsEnabledQuery and update tests

* refactor: Update TwoFactorIsEnabledQueryTests to include test for null TwoFactorProviders

* refactor: Improve TwoFactorIsEnabledQuery and update tests

* refactor: Improve TwoFactorIsEnabledQuery and update tests

* Remove empty <returns> from summary

* Update User_ReadByIdsWithCalculatedPremium stored procedure to accept JSON array of IDs
2024-08-08 15:43:45 +01:00
Vince Grassia
19dc7c339b
Remove reference to missing job (#4595) 2024-08-08 14:42:58 +01:00
Maciej Zieniuk
77f8cc58e8
SM-1146: Secrets Manager total counts (#4200)
* SM-1146: SM Organization Counts for Projects, Secrets, Machine Accounts

* SM-1146: Project total counts

* SM-1146: models object renames

* SM-1146: Service Account total counts

* SM-1146: Unit test coverage for counts controller

* SM-1146: Counts controller simplification, UT update

* SM-1146: Service Account total counts from Service Account auth user

* SM-1146: Integration Tests for total counts controller

* SM-1146: Explicitly denying access for Service Accounts

* SM-1146: Fix broken ProjectsController integration test

* SM-1146: Integration tests for counts controller

* SM-1146: Explicitly denying access for Service Accounts cleanup

* SM-1146: Test cleanup

* SM-1146: PR review comments fix

* SM-1146: People, Service Accounts positive count on write access

* Update bitwarden_license/src/Commercial.Infrastructure.EntityFramework/SecretsManager/Repositories/ProjectRepository.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2024-08-08 15:12:52 +02:00
Bitwarden DevOps
bb02bdb3e8
Bumped version to 2024.7.4 (#4603) 2024-08-08 11:59:26 +00:00
renovate[bot]
c757bf351c
[PM-9811][deps] Tools: Update MailKit to v4.7.1.1 (#4511)
* [deps] Tools: Update MailKit to v4.7.1.1

* Remove explicit reference to System.Formats.Asn1 because it's resolved downstream with MimeKit 4.7.1

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2024-08-08 11:03:18 +02:00
Cesar Gonzalez
92eac5b59f
[PM-8841] Adding feature flag to allow us to toggle delaying the FIDO2 page-script content script injection within mv2 (#4598) 2024-08-07 10:42:00 -05:00
Conner Turnbull
722dedf10d
Added all missing plan fields to GetPlansHelper (#4597) 2024-08-07 11:22:45 -04:00
Conner Turnbull
4de0f2d783
Checking if seats and storage have values before setting them to default (#4596) 2024-08-07 11:22:09 -04:00
Conner Turnbull
452646be8c
HTML encoding email address when sending trial init email (#4594) 2024-08-06 19:21:04 +00:00
Vincent Salucci
f49fb3a891
[PM-10292] Remove Flexible Collections v1 from Core (#4579)
* chore: remove fc v1 from OrganizationService, refs PM-10292

* chore: remove fc v1 from CollectionService, refs PM-10292

* chore: remove fc v1 from OrganizationCiphersQuery, refs PM-10292

* fix: update CollectionServiceTests, refs PM-10292
2024-08-06 11:14:16 -05:00
Bernd Schoolmann
7d48102865
[PM-7742] Set hasManageResetPasswordPermission for owner and admin invitees (#4528)
* Set hasManageResetPasswordPermission for owner and admin invitees

* Make userdecryptionoptionsbuilder ignore orgusertype if orguser is null
2024-08-06 11:22:10 +02:00
Vincent Salucci
4d3c1c5a5c
chore: remove AllowAdminAccessToAllCollectionItems ref along with feature service call, refs AC-2683 (#4535) 2024-08-05 13:56:46 -05:00
Alex Morask
2157df9ac8
[AC-2942] Sync seat minimum updates from Admin to Stripe (#4580)
* Sync stripe when seat minimums are updated from admin portal

* Add unit tests

* Run dotnet format
2024-08-05 14:45:33 -04:00
Cesar Gonzalez
02fe8777ce
[PM-10420] Generate identity fill script refactor feature flag (#4577) 2024-08-05 12:04:23 -05:00
Alex Morask
a2e1eb79d2
[AC-2947] Fix provider account credit display (#4590)
* Fix provider account credit

* Fix test
2024-08-05 11:02:17 -04:00
renovate[bot]
1f09233760
[deps] Tools: Update aws-sdk-net monorepo to v3.7.400.2 (#4572)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-02 14:02:05 +02:00
Oscar Hinton
f5c771a057
[PM-10261] Migrate from gulp to webpack (#4569)
* Migrate from gulp to bootstrap

* Remove auto build since it breaks tests
2024-07-31 15:41:55 -04:00
renovate[bot]
3cccb6fead
[deps] Auth: Update Duende.IdentityServer to v7.0.6 [SECURITY] (#4573)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-31 15:19:45 -04:00
Alex Morask
398741cec4
[AC-2888] Improve consolidated billing error handling (#4548)
* Fix error handling in provider setup process

This update ensures that when 'enable-consolidated-billing' is on, any exception thrown during the Stripe customer or subscription setup process for the provider will block the remainder of the setup process so the provider does not enter an invalid state

* Refactor the way BillingException is thrown

Made it simpler to just use the exception constructor and also ensured it was added to the exception handling middleware so it could provide a simple response to the client

* Handle all Stripe exceptions in exception handling middleware

* Fixed error response output for billing's provider controllers

* Cleaned up billing owned provider controllers

Changes were made based on feature updates by product and stuff that's no longer needed. No need to expose sensitive endpoints when they're not being used.

* Reafctored get invoices

Removed unnecssarily bloated method from SubscriberService

* Updated error handling for generating the client invoice report

* Moved get provider subscription to controller

This is only used once and the service layer doesn't seem like the correct choice anymore when thinking about error handling with retrieval

* Handled bad request for update tax information

* Split out Stripe configuration from unauthorization

* Run dotnet format

* Addison's feedback
2024-07-31 09:26:44 -04:00
Bitwarden DevOps
85ddd080cb
Bumped version to 2024.7.3 (#4570) 2024-07-30 15:07:46 +00:00
Todd Martin
bc8d03da6c
Added flag. (#4560) 2024-07-30 10:19:36 -04:00
Alex Morask
ef24724e8c
Set client org max storage to 1GB (#4567) 2024-07-29 17:13:52 -04:00
Conner Turnbull
656e0c20f9
[PM-5093][PM-7325] Added trial initiation email verification endpoint (#4221)
* Added trial initiation user verification endpoint

* Added explanatory comment for why we add artificial delay

* Updated RegistrationStart to Registration reference event

* Ensure that productTier query param is an int

* Added email value to trial initiation email
2024-07-29 14:18:12 -04:00
Daniel James Smith
2b738a5a4c
Set column type for externalId (#4566)
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2024-07-29 15:41:55 +02:00
Conner Turnbull
de79d57d6e
[AC-2820] Updated org edit form scripts to dynamically update expected values (#4439)
* Updated org edit form scripts to dynamically update expected values

* Added script to update null values on organization table

* Updated script to only add MaxStorageGb for premium tiers. Removed setting of seats since it's not a valid edge case

* Updated GetPlansHelper() to not use annonymous properties
2024-07-29 09:06:10 -04:00
Jared Snider
54bd5fa894
Auth/PM-10130 - Registration with Email Verification - Respect Self-hosted Disable Open Registration flag (#4561)
* PM-10130 - Registration with email verification - respect self hosted disable open registration setting properly in non-org invite scenarios.

* PM-10130 - Fix unit tests.

* PM-10130 - Update integration tests.
2024-07-26 13:30:47 -04:00
cyprain-okeke
f9017f8e8c
Add a flag for ac-2708 task (#4536)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-07-26 14:55:29 +00:00
Thomas Rittson
ffdc40b21c
[AC-2881] Remove Organization.FlexibleCollections from code (#4552)
* Remove Organization.FlexibleCollections from code

* Drop Organization.FlexibleCollections column in EF databases
(MSSQL column to be retained for 1 additional deployment to support rollback in cloud)
2024-07-26 15:07:33 +10:00
Thomas Rittson
f9a1a6fc95
Remove GroupsComponentRefactor flag (#4556) 2024-07-26 09:59:10 +10:00
Thomas Rittson
abcde39353
Remove TODO from OrganizationLicense (#4553) 2024-07-26 07:15:30 +10:00
cd-bitwarden
9560a32495
[SM-1211] Adding API endpoint to send out Access Request for SM to Admins, addi… (#4155)
* Adding API endpoint to send out Access Request for SM to Admins, adding email template

* Fixing email template HTML, adding tests

* fixing tests

* fixing lint

* Moving files to proper locations

* fixing build error relating to not removing some old code

* Updating namespaces and removing unused using statements

* Dependency injection fix

* Fixing tests and moving them to proper files

* lint

* format fixes

* dotnet format fix

* small fixes

* removing using directive's that aren't needed

* Update bitwarden_license/test/Commercial.Core.Test/SecretsManager/Commands/PasswordManager/RequestSMAccessCommandTests.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update src/Core/MailTemplates/Handlebars/SecretsManagerAccessRequest.text.hbs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update bitwarden_license/src/Commercial.Core/SecretsManager/Commands/PasswordManager/RequestSMAccessCommand.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Changes requested by Thomas

* Lint fixes

* Suggested changes from Maceij

* Current state of tests

* Fixing tests and getting the core.csproj file from main

* Reverting csproj file change

* Removing usings directory

* dotnet format

* Fixing test

* Update bitwarden_license/test/Commercial.Core.Test/SecretsManager/Commands/Requests/RequestSMAccessCommandTests.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Update test/Api.Test/SecretsManager/Controllers/RequestSMAccessControllerTests.cs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Thomas requested changes

* Fixing 500 error when user name is null

* Prettier error message if user sends over an whitespace string

* Fixing word wrapping issue in email contents

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2024-07-25 11:04:05 -04:00
Ike
aba2f023cd
[PM-9925] Tokenable for User Verification on Two Factor Authenticator settings (#4558)
* initial changes

* Fixing some bits

* fixing issue when feature flag is `false`; also names;

* consume OTP on read if FF true

* comment typo

* fix formatting

* check access code first to not consume token

* add docs

* revert checking access code first

* update error messages

* remove line number from comment

---------

Co-authored-by: Jake Fink <jfink@bitwarden.com>
2024-07-25 07:51:23 -07:00
renovate[bot]
f211e969c7
[deps] Tools: Update aws-sdk-net monorepo to v3.7.400 (#4555)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-25 13:43:26 +02:00
aj-rosado
ad5549342e
Added externalId column on build collections ciphers table (#4510) 2024-07-24 11:15:55 -04:00
Justin Baur
1e0182008b
[PM-2943] Enable Nullable Repositories in Unowned Files (#4549)
* Enable Nullable In Unowned Repos

* Update More Tests

* Move to One If

* Fix Collections

* Format

* Add Migrations

* Move Pragma Annotation

* Add Better Assert Message
2024-07-24 09:48:09 -04:00
Alex Morask
b5f09c599b
Added SM standalone check to public members controller (#4179) 2024-07-24 09:04:04 -04:00
Thomas Rittson
2d762f8422
[AC-2877] Make OrganizationUser.AccessAll optional (#4521) 2024-07-24 14:29:45 +10:00
Thomas Rittson
1ac2f39623
[AC-2872] Make AccessAll optional in all group sprocs (#4551) 2024-07-24 11:10:12 +10:00
Thomas Rittson
28d45f91aa
Remove FlexibleCollections feature flag (#4481) 2024-07-24 09:03:09 +10:00
Vincent Salucci
903c412943
[AC-2648] Remove Organization.FlexibleCollections from Models (#4529)
* chore: remove FlexibleCollections refs from OrganizationAbility, AC-2648

* chore: remove FlexibleCollections property from OrganizationResponseModel, refs AC-2648

* chore: remove FlexibleCollections from ProfileOrganizationResponseModel and ProfileProviderOrganizationResponseModel, refs AC-2648

* chore: remove FlexibleCollections from SelfHostedOrganizationDetails, refs AC-2648
2024-07-23 16:03:02 -05:00
Addison Beck
6797680654
Handle a previously unhandled null case (#4533) 2024-07-23 16:18:57 -04:00
Jake Fink
8121f898de
[PM-8285] add endpoint for alerting when device lost trust (#4554)
* endpoint for alerting when device lost trust

* get user from current context
2024-07-23 15:45:03 -04:00
Bernd Schoolmann
ce185eb3df
[PM-5963] Fix tde offboarding vault corruption (#4144)
* Attempt to fix tde to mp flow

* Move tde offboarding to dedicated flag

* Add tde offboarding password request

* Validate tde offboarding input

* Correctly check whether tde is active when building trusted device options

* Refactor Tde offboarding into a separate command

* Add unit tests for tde offboarding

* Update tde offboarding request model

* Fix tests

* Fix further tests

* Fix documentation

* Add validation for updatetdepasswordasync key/newmasterpassword

* Add comment explaining test

* Remove unrelated changes
2024-07-23 14:53:08 -04:00
Merissa Weinstein
48f9d09f4e
PM-1688 | individual vault encryption: remove client version restriction (#4198)
* remove server restriction code

* remove client version method check for encryption

---------

Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
2024-07-23 11:44:14 -05:00