* Extend ReferenceEvents
Add ClientId and ClientVersion
Modify all callsites to pass in currentContext if available to fill ClientId and ClientVersion
* Extend ReferenceEvent to save if Send has notes
* Auth/pm-48 (#2680)
* PM-48 - add user's role as a claim and establish access control service
* PM-48 - remove function unrelated to the role claim
* PM-48 - fix whitespace issues
* PM-48 - move registration of CustomClaimsPrincipalFactory, replace role claim type string with constant, streamline code that retrieves the user's role
* Auth/pm-47 (#2699)
* PM-48 - add user's role as a claim and establish access control service
* PM-48 - remove function unrelated to the role claim
* PM-48 - fix whitespace issues
* PM-47 - add list of permission enums, role:permissions mapping, and function that determines if the logged in user has the given permission
* PM-47 - remove unneeded service registration, set role to lowercase
* PM-47 - fix code style issues
* PM-46 - create permission filter attribute (#2753)
* Auth/pm-54 add rbac for users (#2758)
* PM-54 - add permission gates to User elements
* PM-54 - fix formatting
* PM-54 - remove unused function
* PM-54 - fix variable reference, add permission to billing role
* PM-54 - handle Upgrade Premium button functionality and fix spelling
* PM-54 - change permission name to be more accurate
* PM-49 - update role retrieval (#2779)
* Auth/[PM-50] add rbac for logs (#2782)
* PM-50 - add rbac for logs
* PM-50 - remove unnecessary action filter
* PM-51 - add RBAC for tools (#2799)
* Auth/[pm-52] add rbac providers (#2818)
* PM-52 add rbac for providers
* PM-52 - update redirect action
* PM-52 - add back edit functionality and permission
* PM-52 - reverse changes around removing edit functionality
* PM-52 - moved permission check to variable assignement
* PM-53 - add rbac for organizations (#2798)
* PM-52 - add missed permission to billing role (#2836)
* Fixed merge conflicts.
* [PM-1846] Updates to add RBAC back after merge conflicts (#2870)
* Updates to add RBAC to changes from reseller.
* Added back checks for delete and initiating a trial.
* Removed extraneous Razor tag.
---------
Co-authored-by: dgoodman-bw <109169446+dgoodman-bw@users.noreply.github.com>
Co-authored-by: Danielle Goodman <dgoodman@bitwarden.com>
Co-authored-by: Jacob Fink <jfink@bitwarden.com>
* Extract Import-Api endpoints into separate controller
Moved ciphers/import and ciphers/import-organization into new ImportController
Paths have been kept intact for now (no changes on clients needed)
Moved request-models used for import into tools-subfolder
* Update CODEOWNERS for team-tools-dev
* Move HibpController (reports) to tools
* Moving files related to Send
* Moving files related to ReferenceEvent
* Removed unneeded newline
* [EC-1014] Create Organization Status (Pending/Created) (#2610)
* [EC-427] Add columns 'Type' and 'BillingPhone' to Provider table
* [EC-427] Provider table Type and BillingPhone MySql migrations
* [EC-427] Provider table Type and BillingPhone Postgres migrations
* [EC-427] Add mysql migration script
* [EC-427] Add mysql migration script
* [EC-427] Updated Provider sql script to include default column value
* [EC-427] Removed default value from Provider.Type column
* [EC-427] Changed migration script to include a default value constraint instead of updating the null type
* [EC-427] Updated Sql project Provider table script
* [EC-427] Changed migration script to use 'Create OR Alter' for views and sprocs
* [EC-427] Added default values for 'BillingPhone' and 'Type' fields on sprocs [dbo].[Provider_Create] and [dbo].[Provider_Update]
* [EC-427] Adjusting metadata in migration script
* [EC-427] Updated Provider sprocs SQL script files
* [EC-427] Fixed migration script
* [EC-427] Added sqlite migration
* [EC-427] Add missing Provider_Update sproc default value
* [EC-427] Added missing GO action to migration script
* [EC-428] Redirect to Edit after creating Provider
* Revert "[EC-428] Redirect to Edit after creating Provider"
This reverts commit 6347bca1ed.
* [EC-1014] Create OrganizationStatusType and add Status column to Organizations table
* [EC-1014] Added EF migrations
* [EC-1014] dotnet format
* [EC-1014] Changed Organization.Status from SMALLINT to TINYINT
* [EC-1014] Set Organization.Status default value = 1
* [EC-1014] Setting Organization.Status default value as 1
* [EC-459 / EC-428] Admin panel: Add Provider Type to list and creation flow (#2593)
* [EC-427] Add columns 'Type' and 'BillingPhone' to Provider table
* [EC-427] Provider table Type and BillingPhone MySql migrations
* [EC-427] Provider table Type and BillingPhone Postgres migrations
* [EC-427] Add mysql migration script
* [EC-427] Add mysql migration script
* [EC-427] Updated Provider sql script to include default column value
* [EC-427] Removed default value from Provider.Type column
* [EC-427] Changed migration script to include a default value constraint instead of updating the null type
* [EC-427] Updated Sql project Provider table script
* [EC-427] Changed migration script to use 'Create OR Alter' for views and sprocs
* [EC-427] Added default values for 'BillingPhone' and 'Type' fields on sprocs [dbo].[Provider_Create] and [dbo].[Provider_Update]
* [EC-427] Adjusting metadata in migration script
* [EC-427] Updated Provider sprocs SQL script files
* [EC-427] Fixed migration script
* [EC-427] Added sqlite migration
* [EC-427] Add missing Provider_Update sproc default value
* [EC-427] Added missing GO action to migration script
* [EC-459] Added Type column to Providers list
* [EC-428] Added Type, BusinessName and BillingEmail to CreateProviderModel
* [EC-428] Updated Create Provider view to include new fields
* [EC-428] Updated ProviderService to not create a ProviderUser for the type Reseller
* [EC-428] Added custom validation for Provider fields depending on selected Type
* [EC-428] Redirect to Edit after creating Provider
* [EC-428] Setting Provider status as Created for Resellers
* [EC-428] Redirect on Provider creation depending if self host server
* [EC-428] Split ProviderService.CreateAsync into two methods: CreateMspAsync and CreateResellerAsync
* [EC-428] Created ICreateProviderCommand and added service for injection on Admin.Startup
* [EC-428] Modified Provider views to use DisplayName attribute values
* [EC-428] Moved ICreateProviderCommand to Core project
* [EC-428] Adding ICreateProviderCommand injection next to IProviderService
* [EC-428] Moved CreateProviderCommand to Commercial.Core project
* [EC-459] Added Type column to Providers list
* [EC-428] Added Type, BusinessName and BillingEmail to CreateProviderModel
* [EC-428] Updated Create Provider view to include new fields
* [EC-428] Updated ProviderService to not create a ProviderUser for the type Reseller
* [EC-428] Added custom validation for Provider fields depending on selected Type
* [EC-428] Redirect to Edit after creating Provider
* [EC-428] Setting Provider status as Created for Resellers
* [EC-428] Redirect on Provider creation depending if self host server
* [EC-428] Split ProviderService.CreateAsync into two methods: CreateMspAsync and CreateResellerAsync
* [EC-428] Created ICreateProviderCommand and added service for injection on Admin.Startup
* [EC-428] Modified Provider views to use DisplayName attribute values
* [EC-428] Moved ICreateProviderCommand to Core project
* [EC-428] Adding ICreateProviderCommand injection next to IProviderService
* [EC-428] Moved CreateProviderCommand to Commercial.Core project
* [EC-428] Moved CreateProviderCommand to namespace Bit.Commercial.Core.Providers
* [EC-429] Provider details screen updated with Type, BillingPhone and Organization details (#2666)
* [EC-430] Admin portal: Update organization information screen (#2672)
* [EC-430] Added ProviderOrganizationProviderDetailsView to get Provider details for an Organization
* [EC-430] Added Provider information to Organization Edit/View on Admin panel
* [EC-430] Remove "Add to Reseller" button
* [EC-430] Removed unused property OrganizationEditModel.ClientOwnerEmail
* [EC-430] Replaced IProviderOrganizationRepository.GetProviderDetailsByOrganizationAsync with IProviderRepository.GetByOrganizationIdAsync
* [EC-430] Deleted ProviderOrganizationProviderDetails and ProviderOrganizationProviderDetailsReadByOrganizationIdQuery
* [EC-429] Only show Create/Add Existing Organization buttons for Reseller providers (#2723)
* [EC-432] Add existing Organizations to Provider (#2683)
* [EC-432] Added ProviderOrganizationUnassignedOrganizationDetails_Search stored procedure
* [EC-432] Added IProviderOrganizationRepository.SearchAsync
* [EC-432] Created controller ProviderOrganizationsController to assign Organizations to a Provider
* [EC-432] Filter existing organizations by plans Enterprise or Team
* [EC-432] Existing Organization name links to edit page
* [EC-432] EF filtering out existing organizations by plan type enterprise or teams
* [EC-432] Creating multiple ProviderOrganization records
* [EC-432] Added ProviderOrganizationUnassignedOrganizationDetails_Search stored procedure
* [EC-432] Added IProviderOrganizationRepository.SearchAsync
* [EC-432] Created controller ProviderOrganizationsController to assign Organizations to a Provider
* [EC-432] Filter existing organizations by plans Enterprise or Team
* [EC-432] Existing Organization name links to edit page
* [EC-432] EF filtering out existing organizations by plan type enterprise or teams
* [EC-432] Creating multiple ProviderOrganization records
* [EC-432] Renamed migration script and added missing sproc
* [EC-432] Saving multiple events for the created ProviderOrganizations
* [EC-432] Included unit testing for ProviderService.AddOrganizations and EventService.LogProviderOrganizationEventsAsync
* [EC-432] Removed async from NoopEventService.LogProviderOrganizationEventsAsync
* [EC-432] Remove unused dependency setup in ProviderServiceTests.AddOrganizations_Success
* [EC-432] Renamed AddOrganizations to AddOrganizationsToReseller and removed addingUserId and key arguments
* [EC-432] Added DisplayName attributes to ProviderOrganizationViewModel and used them in the view
* [EC-432] Reverted changes to input fields
* [EC-432] Moved unassigned organizations search to Organizations repo
* [EC-432] Moved AddExistingOrganization action to ProvidersController
* [EC-432] dotnet format
* [EC-432] Fixed unit test issues
* [EC-432] Removed unnecessary Html.DisplayNameFor for labels
* [EC-432] Renamed OrganizationSearchViewModel to OrganizationUnassignedToProviderSearchViewModel
* [EC-432] Modified IEventService.LogProviderOrganizationEventsAsync to receive an IEnumerable as parameter
* [EC-432] Updated IProviderOrganizationRepository and replaced CreateWithManyOrganizations method with CreateManyAsync
* [EC-432] Deleted ProviderOrganization_CreateWithManyOrganizations
* [AC-432] Simplified Organization_UnassignedToProviderSearch query
* [AC-432] Removed unnecessary setup
* [EC-432] Checking if stored procedure exists before creating
* [EC-432] Renamed migration file to recent date
* [EC-435] Admin Portal: Add new Organization creation flow UI (#2707)
* [EC-435] Created _OrganizationForm partial view. Added actions for creating an Organization assigned to a provider
* [EC-435] Remove logic for creating an organization
* [EC-435] Created partial view _OrganizationFormScripts
* [EC-435] Remove unused ReferenceEventType
* [EC-435] Added TODO comment on Organization Create
* [EC-435] Checking if Provider type is Reseller on creating new assigned organization
* [EC-435] Setting the Organization plan type as TeamsMonthly by default when adding to a provider
* [EC-435] Removing unused buttons
* [EC-435] Switched hidden fields to form submit route value
* [EC-435] Moved _OrganizationForm and _OrganizationFormScripts to Shared folder
* [EC-435] Moved Create organization actions from OrganizationsController to ProvidersController
* [EC-435] Fixing bug on saving Organization that would have BillingEmail as null
* [EC-435] Added null check to Provider
* [EC-435] Moved trial buttons script logic to Edit view
* [AC-431] Add new organization invite process (#2737)
* [EC-435] Created _OrganizationForm partial view. Added actions for creating an Organization assigned to a provider
* [EC-435] Remove logic for creating an organization
* [EC-435] Created partial view _OrganizationFormScripts
* [EC-435] Remove unused ReferenceEventType
* [EC-435] Added TODO comment on Organization Create
* [EC-435] Checking if Provider type is Reseller on creating new assigned organization
* [EC-435] Setting the Organization plan type as TeamsMonthly by default when adding to a provider
* [EC-435] Removing unused buttons
* [EC-435] Switched hidden fields to form submit route value
* [EC-435] Moved _OrganizationForm and _OrganizationFormScripts to Shared folder
* [EC-435] Moved Create organization actions from OrganizationsController to ProvidersController
* [AC-431] Added new ReferenceEventType OrganizationCreatedByAdmin
* [AC-431] Added method IOrganizationService.CreateOrganization
* [AC-431] Creating new Organization with Pending status and assigning to Provider
* [AC-431] Added method to IMailService to send invitation to initialize org
* [AC-431] Added methods CreatePendingOrganization and InitPendingOrganization to IOrganizationService
* [AC-431] Org invite includes initOrganization parameter
* [AC-431] Modified existing Accept organization user action to initialize org
* [AC-431] Updated ProvidersController method name
* [AC-431] Created OrganizationUserInitInvitedViewModel to link to 'accept-init-organization' url
* [AC-431] Added action AcceptInit to OrganizationUsersController
* [AC-431] Resend owner invite
* [AC-431] dotnet format
* [AC-431] Removed unused parameter 'addingUserId' from IProviderService.AddOrganization
* [AC-431] Removed setting manual values for CreationDate and RevisionDate
* [AC-431] Updated OrganizationService.InitPendingOrganization to throw exceptions when the Organization does not meet the required criteria
* [AC-431] Modified OrganizationUserInitInvitedViewModel to inherit properties from OrganizationUserInvitedViewModel
* [AC-431] Removed unecessary parameter check
* [AC-431] Moved method description to IOrganizationService.InitPendingOrganization
* [AC-431] Moved ApplicationCacheService.UpsertOrganizationAbilityAsync and ReferenceEventService.RaiseEventAsync to OrganizationService
* [AC-431] Creating collection after creating organization
* [EC-435] Fixing bug on saving Organization that would have BillingEmail as null
* [AC-431] Deleted OrganizationUserInitInvitedViewModel and added parameter InitOrganization to OrganizationUserInvitedViewModel.cs
* [AC-431] Checking if the user has any existing SingleOrg policies before initializing an Org
* [AC-431] Remove commented code
* [EC-435] Added null check to Provider
* [EC-435] Moved trial buttons script logic to Edit view
* [AC-431] Added EncryptedString attribute to OrganizationUserAcceptInitRequestModel.CollectionName
* [AC-431] Refactored plan check condition
* [AC-431] Remove duplicate _applicationCacheService.UpsertOrganizationAbilityAsync call
* [AC-431] Removed IMailService.SendOrganizationInitInviteEmailAsync
* [AC-431] Added parameters ClaimsPrincipal and IUserService to IOrganizationService.CreatePendingOrganization
* [AC-434] Hide Billing screen for Reseller clients (#2783)
* [AC-434] Added ProviderType to ProfileOrganizationResponseModel
* [AC-434] Migration script
* [AC-434] Fixed indentation on migration script
* [AC-434] Hiding sensitive subscription data if the user does not have permissions
* [AC-434] Fixed missing dependency in unit test
* [AC-434] Altered BillingSubscription.Amount and BillingSubscriptionUpcomingInvoice.Amount to nullable
* [AC-434] Replaced CurrentContext.ManageBilling with ViewBillingHistory, ViewSubscription, EditSubscription and EditPaymentMethods
* [AC-434] Reverted change on BillingSubscription.Amount and now setting Subscription.Items = null when User does not have permission
* [AC-434] Added ProviderOrganizationProviderDetails_ReadByUserId
* [AC-434] Added IProviderOrganizationRepository.GetManyByUserAsync
* [AC-434] Added CurrentContext.GetOrganizationProviderDetails
* [AC-434] Remove unneeded join Organization table
* [AC-1255] Search Existing Organizations by partial Email (#2830)
* [AC-1255] Added email search field input validation
* [AC-1255] Reverted added email pattern
* [AC-1255] Modified Organization search by Email to search using substring
* [AC-1276] Displaying an Organizations pending owners if the Organization is in a Pending status (#2834)
* [AC-432] Checking that an existing Organization is not assigned to any Provider before being assigned (#2840)
* [AC-432] Checking if any of the selected Organizations is already assigned to a Provider
* [AC-432] Changed ProviderOrganization_ReadByOrganizationIds to only get count
* [AC-432] Replaced IProviderOrganizationRepository.GetCountByOrganizationIdsAsync with call to IProviderOrganizationRepository.GetByOrganizationId
* [AC-432] undo new line
* [AC-432] Fixed unit test
* Revert "[AC-432] Replaced IProviderOrganizationRepository.GetCountByOrganizationIdsAsync with call to IProviderOrganizationRepository.GetByOrganizationId"
This reverts commit ee6e095e88.
# Conflicts:
# util/Migrator/DbScripts/2023-03-22_00_ProviderAddExistingOrganizations.sql
* [AC-432] Created new migration script for ProviderOrganization_ReadCountByOrganizationIds
* LaunchDarkly service
* Load file-based flag values, properly support offline only when self-host
* Simplify tests
* Use interface for LD settings
* Remove tests that will provide inconsistent results depending on machine setup and file fallback
* Fall back to offline mode more actively
* Drive fallback file path with setting
* move UpdateLicenseAsync from service to command
* create new SelfHostedOrganizationDetails view model and move license validation logic there
* move occupied seat count logic to database level
* [SG-696] Organization Domain Claiming DB Objects and Migrations (#2394)
* model organization domain claiming
* Added migration scripts and db objects for mssql
* create and implement sql repository abstraction
* Added ef migrations for mysql and postgres. Removed time without timezone in previous migration
* made update on sql migration to use create or alter statement
* removed active column from OrganizationDomain table and decided to go with the hard delete approach
* Ran dotnet restore evaluate
* created DNS service verification using DNSClient (#2401)
* [SG-678] Api Endpoints for Domain Claiming (#2430)
* Added stored procedure to read claimed domains
* Updated Organization Domain Repository to include method to get claimed domains
* Updated domain entity and added request model
* Implemented organization domain respository and regsitered it in the various extensions
* Added create endpoint, request, responses and command
* Added endpoint to get domain by domain entry id
* Ran lint fix
* Added new stored procedure to get domains by organizattion id
* Moved migration scripts to init migration and added new procedure
* Renamed from domainId to Id
* Added and implemented GetDomainByOrganizationId
* Completed GetDomainByOrgId endpoint and started work on verify domain endpoint
* Updated the OrganizationDomain update procedure
* Added delete command and include other endpoints in the controller
* Remove test item from controller
* Remove test item from controller
* Changed access to allow admin, owners and manage sso roles
* changed logic for setting the initial value for the NextRunCount
* Renamed NextRunCount to JobRunCount
* Renamed NextRunCount to JobRunCount on mysql
* Renamed NextRunCount to JobRunCount on postgres
* Removed chaining pattern and added logic to get next run date
* Lint fix
* Added stored procedure to get organization sso details by email address
* Added endpoint to get sso details of an organization with email
* Added organizationDomainRepository to OrganizationController test
* merged with master and fixed conflicts
* [SG-661] Background Domain Verification Service (#2455)
* Added stored procedure to read claimed domains
* Updated Organization Domain Repository to include method to get claimed domains
* Updated domain entity and added request model
* Implemented organization domain respository and regsitered it in the various extensions
* Added create endpoint, request, responses and command
* Added endpoint to get domain by domain entry id
* Ran lint fix
* Added new stored procedure to get domains by organizattion id
* Moved migration scripts to init migration and added new procedure
* Renamed from domainId to Id
* Added and implemented GetDomainByOrganizationId
* Completed GetDomainByOrgId endpoint and started work on verify domain endpoint
* Updated the OrganizationDomain update procedure
* Added delete command and include other endpoints in the controller
* Remove test item from controller
* Remove test item from controller
* Changed access to allow admin, owners and manage sso roles
* Added stored procedure to get unverified domains by nextrundate
* Renamed stored procedure name
* Added domain verification service interface
* Added GetManyByNextRunDate to repository
* Added verification domain service implementation
* changed logic for setting the initial value for the NextRunCount
* This commit should be signed using my SSH key
* Renamed NextRunCount to JobRunCount
* Renamed NextRunCount to JobRunCount on mysql
* Renamed NextRunCount to JobRunCount on postgres
* Removed chaining pattern and added logic to get next run date
* Lint fix
* Implemented EF core version on the repository
* Created background job implementation and logic
* popped stash
* Updated stored procedure and EF script
* Lint fix
* Added logic to set next job count and the next run date when a verification is false
* Added logic to set next job count and the next run date when a verification is false
* Updated stored procedure name on repository
* Removed test trigger
* Lint fix
* Added trigger for job
* Added job count update after successful domain verification
* Lint fix
* Lint fix
* [SG-682] Add Event Log Entries to Organization Domain (#2492)
* Added domain name property to Event related objects
* Added organization domain claiming event types
* Created migration script and updated related event scripts to include domanName
* Added EF Migrations
* Renamed postres script file extension
* Added DomainName property to response model
* Added abstraction to interface
* Added system name to enum
* dotnet formattinfg fix
* Added events to organization domain actions
* Added LastCheckedDate property to domain
* Migrations and stored procedure updates with new column
* Added new stored procedure to get domain by org id and domain name
* Log organization domain event abstract method
* Ef migrattion to add new LastCheckedDate column
* Added duplicate domain exception
* Modified create command to include domain verification and last checked date and renamed methods used
* removed variable
* changed service lifetime
* Renamed trigger
* Initialed property in constructor
* Ensured domain name is stored as lower case
* Fixed suggestions from review
* Fixed suggestions from review
* Return Conflict Status on Organization Domain APIs (#2498)
* Added conflict response to end point to help translate error message on the client better
* Added conflict response to end point to help translate error message on the client better
* Set message with exception message or generic message
* Added last check date to response model (#2499)
* Fix/Check to throw exception when domain is claimed by another organization (#2503)
* Added check to ensure domain claimed by another organization cannot be verified
* Made error message consistent
* [SG-660] Organization Domain Maintenance (#2502)
* Added email template
* Mail service abstraction and implementation
* Mail template model
* Initial delete job commit
* Added SPs to get all unverifed domains after 72 hours and another to delete unverified domains after 7 days
* Moved all organization domain scripts to single file
* Added new scripts implementation for sqlserver and EF core
* Renamed service
* Formatting fix
* Added background service to send warning email and delete expired domains
* Renamed variable
* Added implementation for email warning to organization admins and for deleting expired domains after 7 days
* Added formatting
* Modified read if expired script to limit result to 4 days
* Added send mail abstract method and implementation
* Model used in build mail body
* Completed maintenace service
* Added comment to make logic clear
* Fixed cron expression (#2505)
* Modified procedure and methods to handle flexible verification adn expiration period (#2517)
* Merged with master
* [SG-908] Unit Tests for Organization Domain Claiming Feature (#2522)
* added test controlleer class
* added unit test for create command
* Added query tests
* Added tests for delete and verify command
* Formated code and added some more unit tests
* Fixed lint
* Added log event assertion to create command tests
* Added log event assertion to delete command tests
* Added unit tests for organization domain controller
* Added unit tests for organization domain service
* Modified test after merge
* fixed comment
* fixed comment
* fixed lint
* Defect/SG-977 - Org domain event logs missing details (#2573)
* SG-977 - (1) Refactor EventSystemUser.SSO to be EventSystemUser.DomainVerification to better match SCIM property and for easier display and translation on web client (2) Add new DeviceType of Server to be used on SCIM and Domain Verification logs so event log will show Server as client.
* SG-977 - SCIM bugfix - Restoring / Revoking user access via Jumpcloud activation / suspension did not properly log the events as SCIM events so the client side showed Unknown for both Client and Member.
* Run autoformat to fix lint errors
* SG-977 - Fixed broken test due to new device type logic in event service
* SG-976 - Add admin log and clean up log verbiage for domain verification (#2574)
* SG-976 - Add admin log and clean up log verbiage for domain verification
* SG-976 - (1) Use logInformation extension without exception (2) Clarify verbiage of logs
* SG-955 - On domain verification error or failure, set last checked da… (#2541)
* SG-955 - On domain verification error or failure, set last checked date on the org domain.
* SG-955 - Refactoring VerifyOrganizationDomain event logging to avoid duplication and increase efficiency (based on Gbubemi's PR feedback)
* Org Domain Background Verification service - set last checked date (#2599)
* Refactored OrganizationDomain repository to work with latest changes on code base
* Fixed formatting
* [SG-957] Cannot Delete Organizations due to FK Constraint (#2602)
* Added stored procedure to fix FX contstraint issue when deleting an organization
* Update stored procedures related to organization delete with OrganizationDomain_OrganizationDelete SP
* Fixed formatting
* Updated SP
* SG-990 - Log expired domains that are going to be deleted.
* Fix lint errors with auto format
* /home/runner/work/server/server/src/Core/OrganizationFeatures/OrganizationServiceCollectionExtensions.cs(107,2): error FINALNEWLINE: Fix final newline. Insert '\n'.
* Added missing bracket to fix compile error.
* Added imports for Domain Claiming classes that were lost on merge.
* Fixing broken unit tests + adding proper behavior for newly added SCIM logic changing device type
* Fix lint errors again
* Included domain name set in constructor (#2618)
* [SG-1001] Error Thrown When Verifying Sub Domains (#2621)
* Renamed exception to a more generic name that receives error message from the dns client and also added updates to job count and next run date
* Improved error logs by adding dns client error message
* Fixed formatting
* [SG-1001] Added event logs when a domain is not verified due to thrown exception (#2623)
* Added eevent logs when a domain is not verified due to thrown exception
* Fixed formatting
* Org Domain Verification - Small refactor to improve method/model name… (#2641)
* Org Domain Verification - Small refactor to improve method/model names and method locations - required refactoring of controller routes (I confirmed all behavior still functional)
* Fixed organization test controller issue
* Fixed lint
* Autoformat org domain controller
* Removing whitespace for lint argh, why does Rider not do this.
---------
Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
* Tweak name of Request model to match Response model for ClaimedOrgDomain call
* [SG-1009] Users with Custom Role and "Manage SSO" permission don't receive verification failed email (#2645)
* Modified condition to pick up unverified domains after said period
* Fix to get emails of custom users with manage sso rights
* Formatted code
* Removed return that made background job exit on successful validation (#2648)
* [SG-1014] Unit Tests for Get Organization Sso Details (#2655)
* Added unit tests for GetOrgDomainSsoDetails
* renamed variable
* Adjust OrganizationDomainSsoDetails_ReadByEmail to use outer join so … (#2657)
* Adjust OrganizationDomainSsoDetails_ReadByEmail to use outer join so that claimed domain results will come back if an org has not yet setup a policy
* Removed migration as not needed
* Updated OrganizationDomainSsoDetails_ReadByEmail from original creation migration to use outer join & handle null policy results (and still return results)
* Fixed lint formatting
---------
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
* [EC-634] Extract GenerateLicenseAsync to a query (#2373)
* [EC-637] Add license sync to server (#2453)
* [EC-1036] Show correct license sync date (#2626)
* Update method name per new pattern
* Add Sqlite as EF DB provider
Note: In-memory sqlite does not work across projects, since the migrator
only runs on the Admin project
Co-authored-by: Justin Baur <justindbaur@users.noreply.github.com>
* Include example sqlite connection string
* Add migrator assembly to sqlite connection
* Update initial migration to current schema state
* dotnet format 🤖
* Update package locks
* Respect name set in BW_SSL_KEY for cert generation (#2490)
(cherry picked from commit 2469e10110)
* [PS-2016] Add ability to change UID/GID for Bitwarden unified (#2495)
(cherry picked from commit c6fbe8cc44)
* Add SqliteMigrations project to unified Dockerfile
Co-authored-by: Justin Baur <justindbaur@users.noreply.github.com>
Co-authored-by: accolon <mail@accolon.net>
Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
* [EC-343] Added column 'UseCustomPermissions' to Organization table
* [EC-343] Added 'UseCustomPermissions' to Api responses
* [EC-343] Added 'UseCustomPermissions' to Admin view
* [EC-343] Add constraint to Organization table to have default UseCustomPermissions value
* [EC-343] Recreate OrganizationView to include UseCustomPermissions column
* [EC-343] Add MySql EF migrations
* [EC-343] Add Postgres EF migrations
* Revert "[EC-343] Add Postgres EF migrations"
This reverts commit 8f1654cb7d.
* [EC-343] Add Postgres migrations and script
* [EC-343] dotnet format
* [EC-343] Set 'Custom Permissions' feature as unchecked for teams plan
* [EC-343] Add CustomPermissions to plan upgrades
* [EC-343] Update CURRENT_LICENSE_FILE_VERSION
* [EC-343] Enable 'Custom Permissions' on Enterprise 2019 plan
* [EC-343] Updated migration script to include Enterprise 2019 plan
* [EC-343] Update CURRENT_LICENSE_FILE_VERSION to 10
* [EC-343] Move logic checking if Organization can use custom permissions to OrganizationService
* [EC-343] Add unit tests to validate UseCustomPermissions check
* [EC-343] Revert UseCustomPermissionsFlag migration
* [EC-343] Fix typo in OrganizationUserOrganizationDetailsViewQuery
* [EC-343] Add Postgres migrations without affecting other datetime column
* [EC-343] Create ValidateOrganizationCustomPermissionsEnabledAsync. Add more unit tests around CustomPermissions check
* [EC-343] Add curly brackets to if condition
* [EC-343] Rename unit tests
* Add logging to token usages
* Add settings manipulation of log levels
* Maintain no logging for dev
* Log exception causing Token failure in TryUnprotect
* dotnet format 🤖
* Added deconstruction operator on new debug logs.
* Split off log level settings into separate files
* Improve log messages
* dotnet format 🤖
* Fix token serialization
* Final review notes
Co-authored-by: Todd Martin <>
* [SG-549] Commit Initial AuthRequest Repository (#2174)
* Model Passwordless
* Scaffold database for Passwordless
* Implement SQL Repository
* [SG-167] Base Passwordless API (#2185)
* Implement Passwordless notifications
* Implement Controller
* Add documentation to BaseRequestValidator
* Register AuthRequestRepo
* Remove ExpirationDate from the AuthRequest table
* [SG-407] Create job to delete expired requests (#2187)
* chore: init
* remove exp date
* fix: log name
* [SG-167] Added fingerprint phrase to response model. (#2233)
* Remove FailedLoginAttempt logic
* Block unknown devices
* Add EF Support for passwordless
* Got SignalR working for responses
* Added delete job method to EF repo
* Implement a GetMany API endpoint for AuthRequests
* Ran dotnet format
* Fix a merge issues
* Redated migration scripts
* tried sorting sqlproj
* Remove FailedLoginAttempts from SQL
* Groom Postgres script
* Remove extra commas from migration script
* Correct isSpent()
* [SG-167] Adde identity validation for passwordless requests. Registered IAuthRepository.
* [SG-167] Added origin of the request to response model
* Use display name for device identifier in response
* Add datetime conversions back to postgres migration script
* [SG-655] Add anonymous endpoint for checking if a device & user combo match
* [review] Consolidate error conditions
Co-authored-by: Brandon Maharaj <107377945+BrandonM-Bitwarden@users.noreply.github.com>
Co-authored-by: André Filipe da Silva Bispo <andrefsbispo@hotmail.com>
Co-authored-by: André Bispo <abispo@bitwarden.com>
* Add config endpoint with version and gitHash in response
* Remove gitHash from version, formatting and other improvements
* change name of variable in ConfigController
* Update to properly get gitHash
* SM-94: Add global settings for api url
* SM-94: ConfigController cleanup
* SM-94: Make version and gitHash available for all projects, using AssemblyHelper
* Update ConfigResponseModel GetVersion() call
* Change AssemblyHelpers.cs to use the UTF-8 charset
* SM-94: Use AssemblyHelpers.GetVersion and deprecate CoreHelpers.GetVersion
* SM-90: Add other BaseServiceUriSettings urls
* SM-94: Fix dotnet format issue
* remove old GetVersion method
* Add back the linebreak
* Fix typo in Directory.Build.props
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* [fix] Clear the page on Stripe Subscription search change
[SG-404]
* [fix] Ensure page is null when selecting all Stripe Subscriptions for an action
[SG-404]
* [feat] Allow Stripe Subscriptions to be filtered by a test clock
[SG-404]
* Upgrade AspNetCoreRateLimiter and enable redis distributed cache for rate limiting.
- Upgrades AspNetCoreRateLimiter to 4.0.2, which required updating NewtonSoft.Json to 13.0.1.
- Replaces Microsoft.Extensions.Caching.Redis with Microsoft.Extensions.Caching.StackExchangeRedis as the original was deprecated and conflicted with the latest AspNetCoreRateLimiter
- Adds startup task to Program.cs for Api/Identity projects to support AspNetCoreRateLimiters breaking changes for seeding its stores.
- Adds a Redis connection string option to GlobalSettings
Signed-off-by: Shane Melton <smelton@bitwarden.com>
* Cleanup Redis distributed cache registration
- Add new AddDistributedCache service collection extension to add either a Memory or Redis distributed cache.
- Remove distributed cache registration from Identity service collection extension.
- Add IpRateLimitSeedStartupService.cs to run at application startup to seed the Ip rate limiting policies.
Signed-off-by: Shane Melton <smelton@bitwarden.com>
* Add caching configuration to SSO Startup.cs
Signed-off-by: Shane Melton <smelton@bitwarden.com>
* Add ProjectName as an instance name for Redis options
Signed-off-by: Shane Melton <smelton@bitwarden.com>
* Use distributed cache in CustomIpRateLimitMiddleware.cs
Signed-off-by: Shane Melton <smelton@bitwarden.com>
* Undo changes to Program.cs and launchSettings.json
* Move new service collection extensions to SharedWeb
* Upgrade Caching.StackExchangeRedis package to v6
* Cleanup and fix leftover merge conflicts
* Remove use of Newtonsoft.Json in distributed cache extensions
* Cleanup more formatting
* Fix formatting
* Fix startup issue caused by merge and fix integration test
Signed-off-by: Shane Melton <smelton@bitwarden.com>
* Linting fix
Signed-off-by: Shane Melton <smelton@bitwarden.com>
* scim project stub
* some scim models and v2 controllers
* implement some v2 scim endpoints
* fix spacing
* api key auth
* EC-261 - SCIM Org API Key and connection type config
* EC-261 - Fix lint errors/formatting
* updates for okta implementation testing
* fix var ref
* updates from testing with Okta
* implement scim context via provider parsing
* support single and list of ids for add/remove groups
* log ops not handled
* touch up scim context
* group list filtering
* EC-261 - Additional SCIM provider types
* EC-265 - UseScim flag and license update
* EC-265 - SCIM provider type of default (0)
* EC-265 - Add Scim URL and update connection validation
* EC-265 - Model validation and cleanup for SCIM keys
* implement scim org connection
* EC-265 - Ensure ServiceUrl is not persisted to DB
* EC-265 - Exclude provider type from DB if not configured
* EC-261 - EF Migrations for SCIM
* add docker builds for scim
* EC-261 - Fix failing permissions tests
* EC-261 - Fix unit tests and pgsql migrations
* Formatting fixes from linter
* EC-265 - Remove service URL from scim config
* EC-265 - Fix unit tests, removed wayward validation
* EC-265 - Require self-hosted for billing sync org conn
* EC-265 - Fix formatting issues - whitespace
* EC-261 - PR feedback and cleanup
* scim constants rename
* no scim settings right now
* update project name
* delete package lock
* update appsettings configs for scim
* use default scim provider for context
Co-authored-by: Kyle Spearrin <kyle.spearrin@gmail.com>
* PS-293: Get latest version no comes from GitHub instead of DockerHub.
* PS-293: format fixes
* PS-293: code refactor and clean up
* PS-293: deserialization to class, argument typification.
* PS-293: formating fix
* PS-293: Moved ProjectType to HomeController
* PS-293: updated version endpoint to CDN
* PS-293: Update endpoint to CF protected
* Add api integration tests
* Add some stuff
* Make program mockable
* Work on IntegrationTests for Identity
* Formatting
* Update packages.lock.json
* Update more packages.lock.json
* Update all packages.lock.json
* Fix InMemory configuration
* Actually fix test configuration
* Fix tests for CI
* Fix event service
* Force EF EventRepository
* Add client_credentials test
* Remove Api.IntegrationTest
* Remove Api Program changes
* Cleanup
* Add more Auth-Email tests
* Run formatting
* Address some PR feedback
* Move integration stuff to it's own common project
* Ran linter
* Add shared project to test solution
* Remove sln changes
* Clean usings
* Add more coverage
* Address PR feedback
* Families for enterprise/split up organization sponsorship service (#1829)
* Split OrganizationSponsorshipService into commands
* Use tokenable for token validation
* Use interfaces to set up for DI
* Use commands over services
* Move service tests to command tests
* Value types can't be null
* Run dotnet format
* Update src/Core/OrganizationFeatures/OrganizationSponsorships/FamiliesForEnterprise/CancelSponsorshipCommand.cs
Co-authored-by: Justin Baur <admin@justinbaur.com>
* Fix controller tests
Co-authored-by: Justin Baur <admin@justinbaur.com>
* Families for enterprise/split up organization sponsorship service (#1875)
* Split OrganizationSponsorshipService into commands
* Use tokenable for token validation
* Use interfaces to set up for DI
* Use commands over services
* Move service tests to command tests
* Value types can't be null
* Run dotnet format
* Update src/Core/OrganizationFeatures/OrganizationSponsorships/FamiliesForEnterprise/CancelSponsorshipCommand.cs
Co-authored-by: Justin Baur <admin@justinbaur.com>
* Fix controller tests
* Split create and send sponsorships
* Split up create sponsorship
* Add self hosted commands to dependency injection
* Add field to store cloud billing sync key on self host instances
* Fix typo
* Fix data protector purpose of sponsorship offers
* Split cloud and selfhosted sponsorship offer tokenable
* Generate offer from self hosted with all necessary auth data
* Add Required properties to constructor
* Split up cancel sponsorship command
* Split revoke sponsorship command between cloud and self hosted
* Fix/f4e multiple sponsorships (#1838)
* Use sponosorship from validate to redeem
* Update tests
* Format
* Remove sponsorship service
* Run dotnet format
* Fix self hosted only controller attribute
* Clean up file structure and fixes
* Remove unneeded tokenables
* Remove obsolete commands
* Do not require file/class prefix if unnecessary
* Update Organizaiton sprocs
* Remove unnecessary models
* Fix tests
* Generalize LicenseService path calculation
Use async file read and deserialization
* Use interfaces for testability
* Remove unused usings
* Correct test direction
* Test license reading
* remove unused usings
* Format
Co-authored-by: Justin Baur <admin@justinbaur.com>
* Improve DataProtectorTokenFactory test coverage (#1884)
* Add encstring to server
* Test factory
Co-authored-by: Carlos Muentes <cmuentes@bitwarden.com>
* Format
* Remove SymmetricKeyProtectedString
Not needed
* Set ForcInvalid
Co-authored-by: Carlos Muentes <cmuentes@bitwarden.com>
* Feature/self f4e/api keys (#1896)
* Add in ApiKey
* Work on API Key table
* Work on apikey table
* Fix response model
* Work on information for UI
* Work on last sync date
* Work on sync status
* Work on auth
* Work on tokenable
* Work on merge
* Add custom requirement
* Add policy
* Run formatting
* Work on EF Migrations
* Work on OrganizationConnection
* Work on database
* Work on additional database table
* Run formatting
* Small fixes
* More cleanup
* Cleanup
* Add RevisionDate
* Add GO
* Finish Sql project
* Add newlines
* Fix stored proc file
* Fix sqlproj
* Add newlines
* Fix table
* Add navigation property
* Delete Connections when organization is deleted
* Add connection validation
* Start adding ID column
* Work on ID column
* Work on SQL migration
* Work on migrations
* Run formatting
* Fix test build
* Fix sprocs
* Work on migrations
* Fix Create table
* Fix sproc
* Add prints to migration
* Add default value
* Update EF migrations
* Formatting
* Add to integration tests
* Minor fixes
* Formatting
* Cleanup
* Address PR feedback
* Address more PR feedback
* Fix formatting
* Fix formatting
* Fix
* Address PR feedback
* Remove accidential change
* Fix SQL build
* Run formatting
* Address PR feedback
* Add sync data to OrganizationUserOrgDetails
* Add comments
* Remove OrganizationConnectionService interface
* Remove unused using
* Address PR feedback
* Formatting
* Minor fix
* Feature/self f4e/update db (#1930)
* Fix migration
* Fix TimesRenewed
* Add comments
* Make two properties non-nullable
* Remove need for SponsoredOrg on SH (#1934)
* Remove need for SponsoredOrg on SH
* Add Family prefix
* Add check for enterprise org on BillingSync key (#1936)
* [PS-10] Feature/sponsorships removed at end of term (#1938)
* Rename commands to min unique names
* Inject revoke command based on self hosting
* WIP: Remove/Revoke marks to delete
* Complete WIP
* Improve remove/revoke tests
* PR review
* Fail validation if sponsorship has failed to sync for 6 months
* Feature/do not accept old self host sponsorships (#1939)
* Do not accept >6mo old self-hosted sponsorships
* Give disabled grace period of 3 months
* Fix issues of Sql.proj differing from migration outcome (#1942)
* Fix issues of Sql.proj differing from migration outcome
* Yoink int tests
* Add missing assert helpers
* Feature/org sponsorship sync (#1922)
* Self-hosted side sync first pass
TODO:
* flush out org sponsorship model
* implement cloud side
* process cloud-side response and update self-hosted records
* sync scaffolding second pass
* remove list of Org User ids from sync and begin work on SelfHostedRevokeSponsorship
* allow authenticated http calls from server to return a result
* update models
* add logic for sync and change offer email template
* add billing sync key and hide CreateSponsorship without user
* fix tests
* add job scheduling
* add authorize attributes to endpoints
* separate models into data/model and request/response
* batch sync more, add EnableCloudCommunication for testing
* send emails in bulk
* make userId and sponsorshipType non nullable
* batch more on self hosted side of sync
* remove TODOs and formatting
* changed logic of cloud sync
* let BaseIdentityClientService handle all logging
* call sync from scheduled job on self host
* create bulk db operations for OrganizationSponsorships
* remove SponsoredOrgId from sync, return default from server http call
* validate BillingSyncKey during sync
revert changes to CreateSponsorshipCommand
* revert changes to ICreateSponsorshipCommand
* add some tests
* add DeleteExpiredSponsorshipsJob
* add cloud sync test
* remove extra method
* formatting
* prevent new sponsorships from disabled orgs
* update packages
* - pulled out send sponsorship command dependency from sync on cloud
- don't throw error when sponsorships are empty
- formatting
* formatting models
* more formatting
* remove licensingService dependency from selfhosted sync
* use installation urls and formatting
* create constructor for RequestModel and formatting
* add date parameter to OrganizationSponsorship_DeleteExpired
* add new migration
* formatting
* rename OrganizationCreateSponsorshipRequestModel to OrganizationSponsorshipCreateRequestModel
* prevent whole sync from failing if one sponsorship type is unsupported
* deserialize config and billingsynckey from org connection
* alter log message when sync disabled
* Add grace period to disabled orgs
* return early on self hosted if there are no sponsorships in database
* rename BillingSyncConfig
* send sponsorship offers from controller
* allow config to be a null object
* better exception handling in sync scheduler
* add ef migrations
* formatting
* fix tests
* fix validate test
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Fix OrganizationApiKey issues (#1941)
Co-authored-by: Justin Baur <admin@justinbaur.com>
* Feature/org sponsorship self hosted tests (#1947)
* Self-hosted side sync first pass
TODO:
* flush out org sponsorship model
* implement cloud side
* process cloud-side response and update self-hosted records
* sync scaffolding second pass
* remove list of Org User ids from sync and begin work on SelfHostedRevokeSponsorship
* allow authenticated http calls from server to return a result
* update models
* add logic for sync and change offer email template
* add billing sync key and hide CreateSponsorship without user
* fix tests
* add job scheduling
* add authorize attributes to endpoints
* separate models into data/model and request/response
* batch sync more, add EnableCloudCommunication for testing
* send emails in bulk
* make userId and sponsorshipType non nullable
* batch more on self hosted side of sync
* remove TODOs and formatting
* changed logic of cloud sync
* let BaseIdentityClientService handle all logging
* call sync from scheduled job on self host
* create bulk db operations for OrganizationSponsorships
* remove SponsoredOrgId from sync, return default from server http call
* validate BillingSyncKey during sync
revert changes to CreateSponsorshipCommand
* revert changes to ICreateSponsorshipCommand
* add some tests
* add DeleteExpiredSponsorshipsJob
* add cloud sync test
* remove extra method
* formatting
* prevent new sponsorships from disabled orgs
* update packages
* - pulled out send sponsorship command dependency from sync on cloud
- don't throw error when sponsorships are empty
- formatting
* formatting models
* more formatting
* remove licensingService dependency from selfhosted sync
* use installation urls and formatting
* create constructor for RequestModel and formatting
* add date parameter to OrganizationSponsorship_DeleteExpired
* add new migration
* formatting
* rename OrganizationCreateSponsorshipRequestModel to OrganizationSponsorshipCreateRequestModel
* prevent whole sync from failing if one sponsorship type is unsupported
* deserialize config and billingsynckey from org connection
* add mockHttp nuget package and use httpclientfactory
* fix current tests
* WIP of creating tests
* WIP of new self hosted tests
* WIP self hosted tests
* finish self hosted tests
* formatting
* format of interface
* remove extra config file
* added newlines
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Fix Organization_DeleteById (#1950)
* Fix Organization_Delete
* Fix L
* [PS-4] block enterprise user from sponsoring itself (#1943)
* [PS-248] Feature/add connections enabled endpoint (#1953)
* Move Organization models to sub namespaces
* Add Organization Connection api endpoints
* Get all connections rather than just enabled ones
* Add missing services to DI
* pluralize private api endpoints
* Add type protection to org connection request/response
* Fix route
* Use nullable Id to signify no connection
* Test Get Connections enabled
* Fix data discoverer
* Also drop this sproc for rerunning
* Id is the OUTPUT of create sprocs
* Fix connection config parsing
* Linter fixes
* update sqlproj file name
* Use param xdocs on methods
* Simplify controller path attribute
* Use JsonDocument to avoid escaped json in our response/request strings
* Fix JsonDoc tests
* Linter fixes
* Fix ApiKey Command and add tests (#1949)
* Fix ApiKey command
* Formatting
* Fix test failures introduced in #1943 (#1957)
* Remove "Did you know?" copy from emails. (#1962)
* Remove "Did you know"
* Remove jsonIf helper
* Feature/fix send single sponsorship offer email (#1956)
* Fix sponsorship offer email
* Do not sanitize org name
* PR feedback
* Feature/f4e sync event [PS-75] (#1963)
* Create sponsorship sync event type
* Add InstallationId to Event model
* Add combinatorics-based test case generators
* Log sponsorships sync event on sync
* Linter and test fixes
* Fix failing test
* Migrate sprocs and view
* Remove unused `using`s
* [PS-190] Add manual sync trigger in self hosted (#1955)
* WIP add button to admin project for billing sync
* add connection table to view page
* minor fixes for self hosted side of sync
* fixes number of bugs for cloud side of sync
* deserialize before returning for some reason
* add json attributes to return models
* list of sponsorships parameter is immutable, add secondary list
* change sproc name
* add error handling
* Fix tests
* modify call to connection
* Update src/Admin/Controllers/OrganizationsController.cs
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* undo change to sproc name
* simplify logic
* Update src/Core/OrganizationFeatures/OrganizationSponsorships/FamiliesForEnterprise/Cloud/CloudSyncSponsorshipsCommand.cs
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* register services despite if self hosted or cloud
* remove json properties
* revert merge conflict
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Update OrganizationSponsorship valid until when updating org expirati… (#1966)
* Update OrganizationSponsorship valid until when updating org expiration date
* Linter fixes
* [PS-7] change revert email copy and add ValidUntil to sponsorship (#1965)
* change revert email copy and add ValidUntil to sponsorship
* add 15 days if no ValidUntil
* Chore/merge/self hosted families for enterprise (#1972)
* Log swallowed HttpRequestExceptions (#1866)
Co-authored-by: Hinton <oscar@oscarhinton.com>
* Allow for utilization of readonly db connection (#1937)
* Bump the pin of the download-artifacts action to bypass the broken GitHub api (#1952)
* Bumped version to 1.48.0 (#1958)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* [EC-160] Give Provider Users access to all org ciphers and collections (#1959)
* Bumped version to 1.48.1 (#1961)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* Avoid sending "user need confirmation" emails when there are no org admins (#1960)
* Remove noncompliant users for new policies (#1951)
* [PS-284] Allow installation clients to not need a user. (#1968)
* Allow installation clients to not need a user.
* Run formatting
Co-authored-by: Andrei <30410186+Manolachi@users.noreply.github.com>
Co-authored-by: Hinton <oscar@oscarhinton.com>
Co-authored-by: sneakernuts <671942+sneakernuts@users.noreply.github.com>
Co-authored-by: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Justin Baur <136baur@gmail.com>
* Fix/license file not found (#1974)
* Handle null license
* Throw hint message if license is not found by the admin project.
* Use CloudOrganizationId from Connection config
* Change test to support change
* Fix test
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Feature/f4e selfhosted rename migration to .sql (#1971)
* rename migration to .sql
* format
* Add unit tests to self host F4E (#1975)
* Work on tests
* Added more tests
* Run linting
* Address PR feedback
* Fix AssertRecent
* Linting
* Fixed empty tests
* Fix/misc self hosted f4e (#1973)
* Allow setting of ApiUri
* Return updates sponsorshipsData objects
* Bind arguments by name
* Greedy load sponsorships to email.
When upsert was called, it creates Ids on _all_ records, which meant
that the lazy-evaluation from this call always returned an empty list.
* add scope for sync command DI in job. simplify error logic
* update the sync job to get CloudOrgId from the BillingSyncKey
Co-authored-by: Jacob Fink <jfink@bitwarden.com>
* Chore/merge/self hosted families for enterprise (#1987)
* Log swallowed HttpRequestExceptions (#1866)
Co-authored-by: Hinton <oscar@oscarhinton.com>
* Allow for utilization of readonly db connection (#1937)
* Bump the pin of the download-artifacts action to bypass the broken GitHub api (#1952)
* Bumped version to 1.48.0 (#1958)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* [EC-160] Give Provider Users access to all org ciphers and collections (#1959)
* Bumped version to 1.48.1 (#1961)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* Avoid sending "user need confirmation" emails when there are no org admins (#1960)
* Remove noncompliant users for new policies (#1951)
* [PS-284] Allow installation clients to not need a user. (#1968)
* Allow installation clients to not need a user.
* Run formatting
* Use accept flow for sponsorship offers (#1964)
* PS-82 check send 2FA email for new devices on TwoFactorController send-email-login (#1977)
* [Bug] Skip WebAuthn 2fa event logs during login flow (#1978)
* [Bug] Supress WebAuthn 2fa event logs during login process
* Formatting
* Simplified method call with new paramter input
* Update RealIps Description (#1980)
Describe the syntax of the real_ips configuration key with an example, to prevent type errors in the `setup` container when parsing `config.yml`
* add proper URI validation to duo host (#1984)
* captcha scores (#1967)
* captcha scores
* some api fixes
* check bot on captcha attribute
* Update src/Core/Services/Implementations/HCaptchaValidationService.cs
Co-authored-by: e271828- <e271828-@users.noreply.github.com>
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
Co-authored-by: e271828- <e271828-@users.noreply.github.com>
* ensure no path specific in duo host (#1985)
Co-authored-by: Andrei <30410186+Manolachi@users.noreply.github.com>
Co-authored-by: Hinton <oscar@oscarhinton.com>
Co-authored-by: sneakernuts <671942+sneakernuts@users.noreply.github.com>
Co-authored-by: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Justin Baur <136baur@gmail.com>
Co-authored-by: Federico Maccaroni <fedemkr@gmail.com>
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Jordan Cooks <notnamed@users.noreply.github.com>
Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
Co-authored-by: e271828- <e271828-@users.noreply.github.com>
* Address feedback (#1990)
Co-authored-by: Justin Baur <admin@justinbaur.com>
Co-authored-by: Carlos Muentes <cmuentes@bitwarden.com>
Co-authored-by: Jake Fink <jfink@bitwarden.com>
Co-authored-by: Justin Baur <136baur@gmail.com>
Co-authored-by: Andrei <30410186+Manolachi@users.noreply.github.com>
Co-authored-by: Hinton <oscar@oscarhinton.com>
Co-authored-by: sneakernuts <671942+sneakernuts@users.noreply.github.com>
Co-authored-by: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Federico Maccaroni <fedemkr@gmail.com>
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Jordan Cooks <notnamed@users.noreply.github.com>
Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
Co-authored-by: e271828- <e271828-@users.noreply.github.com>
* Add self-host option to migration runner
* Add Self-host launch options
* Add self-hosted settings override
Let's a single secrets/env config file control both
cloud and self-hosted settings by allowing
overrides to cloud settings with self-hosted
* Allow dev-signed licenses on dev self-hosted
* Allow setting bitwarden cloud api url
Useful for testing api integration between installations and cloud
* Remove testing echoes
* Remove run config property groups
* Use `getopts` for options
* Pass in full environment
* Start switch to System.Text.Json
* Work on switching to System.Text.Json
* Main work on STJ refactor
* Fix build errors
* Run formatting
* Delete unused file
* Use legacy for two factor providers
* Run formatter
* Add TokenProviderTests
* Run formatting
* Fix merge issues
* Switch to use JsonSerializer
* Address PR feedback
* Fix formatting
* Ran formatter
* Switch to async
* Ensure Enums are serialized as strings
* Fix formatting
* Enqueue single items as arrays
* Remove CreateAsync method on AzureQueueService
* Add autoscale fields to Organization
* Add autoscale setting changes
* Autoscale organizations
updates InviteUsersAsync to support all invite sources.
sends an email to org owners when organization autoscaled
* All organizations autoscale
Disabling autoscaling can be done by setting max seats to current seats.
We only warn about autoscaling on the first autoscaling event.
* Fix tests
* Bug fixes
* Simplify subscription update logic
* Void invoices that fail to delete
Stripe no longer allows deletion of draft invoices that were created as part of subscription updates. It's necessary to void out these invoices without sending tem to the client.
* Notify org owners when their subscription runs out of seats
* Use datetime for notifications
Allows for later re-sending email if we want to periodically remind
owners
* Do not update subscription if it already matches new quatity
* Include all migrations
* Remove unnecessary inline styling
* SubscriptionUpdate handles update decisions
* Remove unnecessary html setter
* PR review
* Use minimum access for class methods
* Adding a QA environment specific configuration
* separating the bitwarden environment and stripe environment checks
* adding a logging statement for the PayPal webhook key check
* adding more logging
* switched logging type
* Changing the log level on the PayPal webhook. Removing the debugging log from the Stripe Controller
Objective
The "Enterprise Trial button" was missing the admin reset feature on press. Add the checkbox to selected features when pressed.
Code Changes
Add checked property for UseResetPassword
* added enum values for new events
* hooked up directory sync event
* upgraded the OrganizationUpgrade ReferenceEvent
* Added metadata to the OrganizationUserInvited event noting if this is the first event sent from an organization
* Added metadata to the AdjustedSeats event
* Implemented vaultImported event
* Implemented FirstGroupAdded event
* Implemented FirstCollectionAdded event
* Implemented FirstSecretAdded event type
* Implemented SalesAssisted reference event
* changed events to match updated requirements
* renamed an event enum
* deploying directly to the production slot of the App Service
* Update Azure Service Bus package
* adding a app service shutdown to qa
* reverting QA env deploy change
* Update qa-deploy workflow with debugging statement
* Disable start/stop in QA deploy workflow
* Fix UserKdf and UserApiKey migrations to only update null values (#1494)
* Add proper New Relic NuGet package for .NET 5
* Test NewRelic changes
Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
* Add Organizations to provider views
Remove enabled/disabled toggle from provider. It's currently not used.
* Remove provider Delete
There are implications to deleting providers on the organizations they manage.
We want to think through this flow before allowing delete from the
admin portal.
* Use toastr to display production exception messages.
Update build actions to upgrade npm to v7.
Use a custom error handler in production which displays a toast of the
exception message and redirect to the offending page
* Clarify provider create error message
* Added a button for resending provider setup emails
* Fixed a case typo in a stored procedure
* Turned a couple lines of code into a method call
* Added service level validation against inviting users for MSP invites
* Code review improvements for provider invites
created a factory for provider user invites
wrote tests for provider invite permissions"
* changed a few exception types
* increasing the log levels on all of the services to prevent logging successes
* resetting the default logging and adding in constraints in logging in Production
* EF Database Support Init (#1221)
* scaffolding for ef support
* deleted old postgres repos
* added tables to oncreate
* updated all the things to .NET 5
* Addition to #1221: Migrated DockerFiles from dotnet/3.1 to 5.0 (#1223)
* Migrated DockerFiles from dotnet/3.1 to 5.0
* Migrated SSO/Dockerfile from dotnet 3.1 to 5.0
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* EFDatabaseSupport: Updated links and description in README.md and SETUP.md (#1232)
* Updated requirements in README.md
* Updated link to documentation of app-secrets
* upgraded dotnet version to 5.0
* Ef database support implementation examples (#1265)
* mostly finished testing the user repo
* finished testing user repo
* finished org, user, ssoconfig, and ssouser ef implementations
* removed unused prop
* fixed a sql file
* fixed a spacing issue
* fixed a spacing issue
* removed extra database creation
* refactoring
* MsSql => SqlServer
* refactoring
* code review fixes
* build fix
* code review
* continued attempts to fix the the build
* skipped another test
* finished all create test
* initial pass at several repos
* continued building out repos
* initial pass at several repos
* initial pass at device repo
* initial pass at collection repo
* initial run of all Entity Framework implementations
* signup, signin, create/edit ciphers works
* sync working
* all web vault pages seem to load with 100% 200s
* bulkcopy, folders, and favorites
* group and collection management
* sso, groups, emergency access, send
* get basic creates matching on all repos
* got everything building again post merge
* removed some IDE config files
* cleanup
* no more notimplemented methods in the cipher repo
* no more not implementeds everywhere
* cleaned up schema/navigation properties and fixed tests
* removed a sql comment that was written in c# style
* fixed build issues from merge
* removed unsupported db providers
* formatting
* code review refactors
* naming cleanup for queries
* added provider methods
* cipher repo cleanup
* implemented several missing procedures from the EF implementation surround account revision dates, keys, and storage
* fixed the build
* added a null check
* consolidated some cipher repo methods
* formatting fix
* cleaned up indentation of queries
* removed .idea file
* generated postgres migrations
* added mysql migrations
* formatting
* Bug Fixes & Formatting
* Formatting
* fixed a bug with bulk import when using MySql
* code review fixes
* fixed the build
* implemented new methods
* formatting
* fixed the build
* cleaned up select statements in ef queries
* formatting
* formatting
* formatting
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Revert "Encode into b64 to avoid illegal xml encoding when sending to Azure (#1425)"
This reverts commit 2c9a5bb4ab.
* Azure queue to use base64 encoding universally
* Ensure byte size calc is using encoded byte count
* Remove message text extension from blockIP svc
* Remove unused using on blockIp hosted service
* Encode into b64 to avoid illegal xml encoding when sending to Azure
* Revert "Encode into b64 to avoid illegal xml encoding when sending to Azure"
This reverts commit d50de941da.
* HtmlEncode strings if they use multi-byte characters
* Add serializer to event processor
* Rename to used class
* Formatting
* PR feedback
* Increase organization max seat size from 30k to 2b (#1274)
* Increase organization max seat size from 30k to 2b
* PR review. Do not modify unless state matches expected
* Organization sync simultaneous event reporting (#1275)
* Split up azure messages according to max size
* Allow simultaneous login of organization user events
* Early resolve small event lists
* Clarify logic
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
* Improve readability
This comes at the cost of multiple serializations, but the
improvement in wire-time should more than make up for this
on message where serialization time matters
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
* Queue emails (#1286)
* Extract common Azure queue methods
* Do not use internal entity framework namespace
* Prefer IEnumerable to IList unless needed
All of these implementations were just using `Count == 1`,
which is easily replicated. This will be used when abstracting Azure queues
* Add model for azure queue message
* Abstract Azure queue for reuse
* Creat service to enqueue mail messages for later processing
Azure queue mail service uses Azure queues.
Blocking just blocks until all the work is done -- This is
how emailing works today
* Provide mail queue service to DI
* Queue organization invite emails for later processing
All emails can later be added to this queue
* Create Admin hosted service to process enqueued mail messages
* Prefer constructors to static generators
* Mass delete organization users (#1287)
* Add delete many to Organization Users
* Correct formatting
* Remove erroneous migration
* Clarify parameter name
* Formatting fixes
* Simplify bump account revision sproc
* Formatting fixes
* Match file names to objects
* Indicate if large import is expected
* Early pull all existing users we were planning on inviting (#1290)
* Early pull all existing users we were planning on inviting
* Improve sproc name
* Batch upsert org users (#1289)
* Add UpsertMany sprocs to OrganizationUser
* Add method to create TVPs from any object.
Uses DbOrder attribute to generate.
Sproc will fail unless TVP column order matches that of the db type
* Combine migrations
* Correct formatting
* Include sql objects in sql project
* Keep consisten parameter names
* Batch deletes for performance
* Correct formatting
* consolidate migrations
* Use batch methods in OrganizationImport
* Declare @BatchSize
* Transaction names limited to 32 chars
Drop sproc before creating it if it exists
* Update import tests
* Allow for more users in org upgrades
* Fix formatting
* Improve class hierarchy structure
* Use name tuple types
* Fix formatting
* Front load all reflection
* Format constructor
* Simplify ToTvp as class-specific extension
Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
* Get limited life attachment download URL
This change limits url download to a 1min lifetime.
This requires moving to a new container to allow for non-public blob
access.
Clients will have to call GetAttachmentData api function to receive the download
URL. For backwards compatibility, attachment URLs are still present, but will not
work for attachments stored in non-public access blobs.
* Make GlobalSettings interface for testing
* Test LocalAttachmentStorageService equivalence
* Remove comment
* Add missing globalSettings using
* Simplify default attachment container
* Default to attachments containe for existing methods
A new upload method will be made for uploading to attachments-v2.
For compatibility for clients which don't use these new methods, we need
to still use the old container. The new container will be used only for
new uploads
* Remove Default MetaData fixture.
* Keep attachments container blob-level security for all instances
* Close unclosed FileStream
* Favor default value for noop services
* Add Disable Send policy
* Test DisableSend policy
* PR Review
* Update tests for using CurrentContext
This required making an interface for CurrentContext and mocking out
the members used. The interface can be expanded as needed for tests.
I moved CurrentContext to a folder, which changes the namespace
and causes a lot of file touches, but most are just adding a reference
* Fix failing test
* Update exemption to include all exempt users
* Move all CurrentContext usages to ICurrentContext
* PR review. Match messaging with Web
* Implemented tax collection for subscriptions
* Cleanup for Sales Tax
* Cleanup for Sales Tax
* Changes a constraint to an index for checking purposes
* Added and implemented a ReadById method for TaxRate
* Code review fixes for Tax Rate implementation
* Code review fixes for Tax Rate implementation
* Made the SalesTax migration script rerunnable
