1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-25 12:45:18 +01:00
Commit Graph

2936 Commits

Author SHA1 Message Date
Matt Gibson
989d4df599
Direct upload to Azure/Local (#1188)
* Direct upload to azure

To validate file sizes in the event of a rogue client, Azure event webhooks
will be hooked up to AzureValidateFile.
Sends outside of a grace size will be deleted as non-compliant.

TODO: LocalSendFileStorageService direct upload method/endpoint.

* Quick respond to no-body event calls

These shouldn't happen, but might if some errant get requests occur

* Event Grid only POSTS to webhook

* Enable local storage direct file upload

* Increase file size difference leeway

* Upload through service

* Fix LocalFileSendStorage

It turns out that multipartHttpStreams do not have a length
until read. this causes all long files to be "invalid". We need to
write the entire stream, then validate length, just like Azure.

the difference is, We can return an exception to local storage
admonishing the client for lying

* Update src/Api/Utilities/ApiHelpers.cs

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Do not delete directory if it has files

* Allow large uploads for self hosted instances

* Fix formatting

* Re-verfiy access and increment access count on download of Send File

* Update src/Core/Services/Implementations/SendService.cs

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Add back in original Send upload

* Update size and mark as validated upon Send file validation

* Log azure file validation errors

* Lint fix

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-03-21 23:01:19 -05:00
Thomas Rittson
fd42b227b3
Update dev setup guide (#1222)
* Update dev setup guide with current best practice

* Minor amendments to setup instructions

* Move vault_dev migrator script to its own file

* Fix typo, use command line args for SA_PASSWORD

* Move setup guide to its own file

* fix typo
2021-03-22 07:56:31 +10:00
Thomas Rittson
694347e8d3
Fix no licence expiration date on self-hosted (#1217)
* Use our expiration date if no next billing date

* Remove unnecessary null checks

* Remove null check
2021-03-19 08:05:57 +10:00
Daniel James Smith
aea85ea0eb
Fixes #1101: Extend email column length to 256 characters (MSSQL) (#1191)
* Fixes bitwarden/server/#1101 - Extended length of Email column to 256 characters - Installation

* Fixes bitwarden/server/#1101 - Extended length of Email column to 256 characters - User

* Fixes bitwarden/server/#1101 - Extended length of BillingEmail column to 256 characters - Organization

* Fixes bitwarden/server/#1101 - Extended length of Email column to 256 characters - OrganizationUser

* Fixes bitwarden/server/#1101 - Extended length of Email column to 256 characters - EmergencyAccess

* Fixes bitwarden/server/bitwarden#1101 - Fixed issues after PR review
2021-03-18 16:43:49 -04:00
Thomas Rittson
d0f7750650
Don't use dev licensing cert if self-hosted (#1216) 2021-03-18 07:21:00 +10:00
Alex
5876820994
The other outdated link (#1215)
I forgot there was also a PowerShell command.
2021-03-15 09:40:28 -04:00
Yannik Jérôme Büchi
2c0dd4bf88
Update bitwarden.sh (#1203) 2021-03-15 09:29:23 -04:00
Yannik Jérôme Büchi
115948d1d7
Update bitwarden.ps1 (#1202)
* Update bitwarden.ps1

* Update scripts/bitwarden.ps1

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-03-15 09:29:03 -04:00
Daniel James Smith
0f7e8dc806
Fixes #1101: Extend email column length to 256 characters (Postgres) (#1192) 2021-03-12 14:28:30 -05:00
Kendra Todd
39f9f15bd4
Correct localhost port number in README (#1204)
Co-authored-by: Kendra Todd <ktodd@bitwarden.com>
2021-03-11 13:32:41 -07:00
João Miguel Campos
52d29aef94
Add quickfix for problem with src/Identity (#1201) 2021-03-11 11:00:17 -05:00
Thomas Rittson
df7a035d9b
Minor release version bump 1.40.0 (#1199) 2021-03-10 11:19:40 -05:00
Alex
37c7dd713d
Outdated link (#1200)
The anchor https://bitwarden.com/help/article/install-on-premise/#script-commands no longer exist, it should be https://bitwarden.com/help/article/install-on-premise/#script-commands-reference
2021-03-10 08:36:06 -05:00
Matt Gibson
a83cbf965e
MultiplartSectionBody streams have 0 length until read. (#1196) 2021-03-09 10:49:49 -06:00
Matt Gibson
7d5b835a79
Use Any from Linq, not internal Entity Framework Any (#1194) 2021-03-08 15:13:43 -06:00
Matt Gibson
edb13bbba8
Push syncs on Send Access (#1190)
* Push syncs on Send Access

* Revert "Push syncs on Send Access"

This reverts commit 6a3eb7af4f.

* Push update of Send directly since we can't use SaveSendAsync method
2021-03-05 18:36:20 -06:00
Joseph Flinn
c19121948d
adding docker to the rc branch workflow (#1183) 2021-03-04 13:21:27 -08:00
Joseph Flinn
41341d6807
adding in the docker push for the rc images (#1182) 2021-03-04 09:50:32 -08:00
Joseph Flinn
8ad9a42854
adding release branch build and docker tag/push (#1181) 2021-03-04 09:15:30 -08:00
Thomas Rittson
a18e1b7dca
Exempt owners and admins from single org and 2FA policy (#1171)
* Fix single org policy when creating organization

Exclude owners and admins from policy when creating new org

* Fix single org and 2FA policy on accepting invite

Exclude owners and admins from policies

* Remove looped async calls

* Fix code style and formatting
2021-03-03 08:15:42 +10:00
Matt Gibson
c2d34d7271
Fix send file length always zero (#1175)
* HttpStream must be read prior to knowing it length

We also need to create the send prior to saving the stream so we
have well defined save location. Solve chicken-and-egg problem by saving
the Send twice. This also allows for validation that the stream received
is the same length as that promissed by the content-length header

* Get encrypted file length from request
2021-03-02 09:27:11 -06:00
Matt Gibson
8d5fc21b51
Prepare for send direct upload (#1174)
* Add sendId to path

Event Grid returns the blob path, which will be used to grab a Send and verify file size

* Re-validate access upon file download

Increment access count only when file is downloaded. File
name and size are leaked, but this is a good first step toward
solving the access-download race
2021-03-01 15:01:04 -06:00
vachan-maker
13f12aaf58
Update EmergencyAccessConfirmed.text.hbs (#1172) 2021-03-01 10:49:13 -05:00
Thomas Rittson
3850f0e400
Fix empty grantee or grantor names in emergency access emails (#1162)
* Fix empty grantee or grantor names in emails

* Add migrator dbscript for changes to ReadToNotify
2021-02-26 08:11:58 +10:00
Addison Beck
b21c9042ca
added expiration date and creator identifier to the Send access response model (#1166) 2021-02-25 17:04:53 -05:00
Chad Scharf
2f7c2a64e0
Reference events for Send (#1165) 2021-02-25 13:40:26 -05:00
Vincent Salucci
07427623b3
[Email] Updated welcome email button (#1164) 2021-02-25 11:24:05 -06:00
Matt Gibson
73346b01d1
Add factory to IGlobalSettings DI singleton (#1163)
It turns out Singleton DI of interfaces does not use the specified
instance's Singleton, but just creates its own. This fixes the bug
where classes expecting an IGlobalSettings were given an empty GlobaSettings
instance
2021-02-25 07:00:28 -06:00
Matt Gibson
e350daeeee
Use sas token for send downloads (#1157)
* Remove Url from SendFileModel

Url is now generated on the fly with limited lifetime.

New model houses the download url generated

* Create API endpoint for getting Send file download url

* Generate limited-life Azure download urls

* Lint fix
2021-02-24 13:03:16 -06:00
Addison Beck
f8940e4be5
Checked Emergency Access access type on access initiation (#1160)
* also updated the View method

* removed old code

* naming refactor

* used the right type

* also checked PasswordAsync()

* also checked GetPolicies()
2021-02-23 17:12:52 -05:00
Thomas Rittson
499c30a805
Fix error message if already accepted EA invite (#1159)
* Fix error message if already accepted EA invite

* Fix error message wording depending on EA status
2021-02-24 05:46:52 +10:00
Chad Scharf
cc964ccb9c
Add https://2fa.directory to CSP (#1156)
* Add https://2fa.directory to CSP

* remove old domain for towfactorauth.org
2021-02-22 19:15:58 -05:00
Matt Gibson
5537470703
Use sas token for attachment downloads (#1153)
* Get limited life attachment download URL

This change limits url download to a 1min lifetime.
This requires moving to a new container to allow for non-public blob
access.

Clients will have to call GetAttachmentData api function to receive the download
URL. For backwards compatibility, attachment URLs are still present, but will not
work for attachments stored in non-public access blobs.

* Make GlobalSettings interface for testing

* Test LocalAttachmentStorageService equivalence

* Remove comment

* Add missing globalSettings using

* Simplify default attachment container

* Default to attachments containe for existing methods

A new upload method will be made for uploading to attachments-v2.
For compatibility for clients which don't use these new methods, we need
to still use the old container. The new container will be used only for
new uploads

* Remove Default MetaData fixture.

* Keep attachments container blob-level security for all instances

* Close unclosed FileStream

* Favor default value for noop services
2021-02-22 15:35:16 -06:00
Kyle Spearrin
78606d5f13
endpoint to display config settings (#1150) 2021-02-18 15:15:08 -05:00
Kyle Spearrin
1ca6e917af
return fa-globe icon when not found (#1149) 2021-02-18 12:18:50 -05:00
Kyle Spearrin
cd2834cc15 Revert "remove premium checks for internal testing"
This reverts commit 26fb6fc3b7.
2021-02-17 13:16:01 -05:00
Thomas Rittson
ad6abaccc8
Fix error message if user already accepted invite (#1140)
* Fix error message if already accepted invitation

* Improve error message wording

* Use consistent capitalization of organization
2021-02-17 09:28:49 +10:00
Oscar Hinton
979eb4a842
Run Quartz in clustered mode (#1123) 2021-02-12 13:49:11 +01:00
Thomas Rittson
61ee3f1e45
Let Manage Users permission see group membership (#1135) 2021-02-12 08:14:00 +10:00
Chad Scharf
f3bff938c4
Added ability to bulk-upload tax rates (#1139) 2021-02-11 16:39:27 -05:00
Jungley
7065bba56f
支持更多的 nginx 配置 (#1136) 2021-02-11 16:11:36 -05:00
Kyle Spearrin
c3a99402f8
adjust date validation for send (#1137) 2021-02-11 14:39:21 -05:00
Kyle Spearrin
7c9ea83ad2
HTML encode sanitized inputs for email templates (#1138) 2021-02-11 14:39:13 -05:00
Chad Scharf
6cc317c4ba
SSO - Added custom scopes and claim types for OIDC (#1133)
* SSO - Added custom scopes and claim types for OIDC

* Removed redundant field labels

* Added acr_values to OIDC config + request
2021-02-10 12:00:12 -05:00
Thomas Rittson
9f42357705
Improved handling of grantor access to organizations after takeover (refactored) (#1134)
* Revert "Only return policy in TakeoverResponse if Owner"

This reverts commit b20e6f5e85.

* Revert "Return grantor policy info in TakeoverResponse"

This reverts commit 204217a5e0.

* Add endpoint to get grantor policies on takeover
2021-02-10 09:06:42 +10:00
Thomas Rittson
d51b592cb5
Improved handling of grantor access to organizations after takeover (#1132)
* Remove grantor from orgs after takeover

* Return grantor policy info in TakeoverResponse

* Only return policy in TakeoverResponse if Owner
2021-02-09 06:33:03 +10:00
Matt Gibson
79cc6df0fd
Delete sends belonging to user on user delete (#1116)
* Delete sends belonging to user on user delete

* Update User_DeleteById.sql

* Clean up bad autoformats

Co-authored-by: Addison Beck <abeck@bitwarden.com>

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
Co-authored-by: Addison Beck <abeck@bitwarden.com>
2021-02-05 12:37:55 -06:00
Matt Gibson
edd4bc2623
Add disable send policy (#1130)
* Add Disable Send policy

* Test DisableSend policy

* PR Review

* Update tests for using CurrentContext

This required making an interface for CurrentContext and mocking out
the members used. The interface can be expanded as needed for tests.

I moved CurrentContext to a folder, which changes the namespace
and causes a lot of file touches, but most are just adding a reference

* Fix failing test

* Update exemption to include all exempt users

* Move all CurrentContext usages to ICurrentContext

* PR review. Match messaging with Web
2021-02-04 12:54:21 -06:00
Chad Scharf
19e7ce8519
self-hosted server release, v1.39.4 (#1125) 2021-02-02 12:23:27 -05:00
Addison Beck
cf84453492
added a few global domains (#1129)
* added a few global domains

* fixed a domain
2021-02-02 11:15:33 -05:00