1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-25 12:45:18 +01:00
Commit Graph

3222 Commits

Author SHA1 Message Date
Thomas Rittson
c2975b003d
[Key Connector] Fix policy checks and other pre-reqs (#1711)
* Require SSO Policy to enable Key Connector

* Require that SSO is enabled to use Key Connector

* Fix error messages

"Key Connector" instead of "KeyConnector"

* Refactor dependent policy checks to handle expansion

* Block disabling Sso Policy if using Key Connector

* Update tests for policies required by Key Connector

* Fix tests

* Add test for Key Connector to require Sso Policy

* Add test: Sso config must be enabled to use Key Connector
2021-11-15 19:25:10 +10:00
Oscar Hinton
f1c41257b3
Allow disabling key connector if no user is enrolled (#1712) 2021-11-12 14:38:31 +01:00
Addison Beck
6b629feb03
[bug] Drop unused db column UsesCryptoAgent (#1704) 2021-11-09 12:33:18 -05:00
Kyle Spearrin
77f9f5fe72
remove dynamic names from admin confirm dialogs (#1703) 2021-11-09 12:13:23 -05:00
Kyle Spearrin
327e784336
Added middleware for general security headers (#1700) 2021-11-09 11:37:14 -05:00
Kyle Spearrin
f26a235964
set MaxResponseContentBufferSize to 5 MB (#1702) 2021-11-09 11:32:23 -05:00
Kyle Spearrin
2f0638ce8c
sanitize notification hub tag inputs (#1697) 2021-11-09 11:25:18 -05:00
Kyle Spearrin
fcc1a4e10c
add missing csrf token validation to admin (#1696) 2021-11-09 11:22:08 -05:00
Kyle Spearrin
9582e94232
add ::ffff: to internal ip check (#1701)
* add ::ffff: to internal ip check

* check StartsWith
2021-11-09 11:16:54 -05:00
Oscar Hinton
fd37cb5a12
Add support for Key Connector OTP and account migration (#1663)
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2021-11-09 16:37:32 +01:00
Thomas Rittson
f6bc35b2d0
Fix typos in EF migrations (#1693)
* Fix typos in postgres migrations

* Fix extension of migration script
2021-11-09 07:40:01 +10:00
Kyle Spearrin
7cc7b84eaf
use fixed-time comparison of secrets (#1698) 2021-11-08 15:55:42 -05:00
Vince Grassia
c07794e907
Change Release workflow to allow releases from 'rc' and 'hotfix' branches (#1690) 2021-11-08 13:39:32 -05:00
Kyle Spearrin
5aa492e886
validate service url schema (#1695) 2021-11-08 11:47:03 -05:00
Oscar Hinton
1aa25f2712
Add checks for vault timeout policy (#1694) 2021-11-08 14:37:40 +01:00
Donald Nairn
7837a850eb
Fix minor typos in docs (#1692) 2021-11-08 12:43:14 +01:00
Kyle Spearrin
10c5a29c47
Prevent XSS possibility from SSO SAML Service URLs (#1691)
* validate sso service urls for HTML meta chars

* also check for double quotes
2021-11-05 14:49:45 -04:00
Joseph Flinn
68e20fe649
Updating the swashbuckle package in Api (#1685) 2021-11-04 09:29:19 -07:00
Thomas Rittson
0cb8da2fd8
Add Field.LinkedId (#1617) 2021-11-04 07:27:15 +10:00
Thomas Rittson
98c167b1c1
Improve local dev setup for SSO project (#1664)
* Add default SSO appsettings for development

* Add Sso project to setup_secrets.ps1 script

* Use hashmap instead of array
2021-11-03 07:12:43 +10:00
Thomas Rittson
e57bef6af4
Fix policy enforcement against invited users (#1680) 2021-11-03 07:08:13 +10:00
Chad Scharf
07b8e2a946
Self-Hosted Server Release v1.44.1 (#1683)
Self-Hosted Server Release v1.44.1 with Web v2.24.2
2021-11-02 13:22:17 -04:00
Joseph Flinn
630376400f
Dependency updates (#1681)
* fix: util/Nginx/Dockerfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277346
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277349
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277350
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1569403
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1569406

* fix: util/Nginx/Dockerfile-k8s to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277346
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277349
- https://snyk.io/vuln/SNYK-DEBIAN10-LIBXML2-1277350
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1569403
- https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1569406

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
2021-11-02 09:49:00 -07:00
Thomas Rittson
7473a96b27
Update PR template to remind about EF migrations (#1679)
* Update PR template to remind about EF migrations

* Update wording
2021-11-02 08:22:17 +10:00
Justin Baur
4c9d9b248c
Fix bug in TaxInfo (#1682)
* Fixed bug in TaxInfo

* Added a few more tests to TaxInfoTests

* Added tests for HasTaxId
2021-11-01 12:13:31 -04:00
SudoEvan
dcc11e3819
Added unit tests for StrictEmailAddressListAttribute in Bit.Core.Utilities (#1652)
* Added unit tests for StrictEmailAddressListAttribute in Bit.Core.Utilities

* Fixed list format; added a null test on StrictEmailAddressListAttribute in Utilities
2021-10-29 12:24:53 -04:00
Justin Baur
114f58aa8e
Fix tests (#1675)
* Fix SendServiceTests that arose from merge

* Fixed SendService tests to be inline with spec

* Reorder usings
2021-10-28 15:47:58 -04:00
Justin Baur
d854332643
Unit Tests for hot spots (#1454)
* Add TaxInfoTests

* Add UserTests

* Add SendServicTests

* Added IconFetchingServicesTests

* Add endline
2021-10-28 14:30:41 -04:00
Joseph Flinn
7d6f7436a8
Version Bump 1.44.1 (#1674) 2021-10-27 15:35:55 -07:00
Joseph Flinn
19ca3ee374
Enabling deploys to the QA environment from branches with slashes in the name (#1673) 2021-10-27 12:44:54 -07:00
Matt Gibson
cb815c2f14
Allow managers to create self-assigned collections (#1672) 2021-10-27 13:06:23 -05:00
Joseph Flinn
52d1bade06
Hotfix/release workflow (#1671)
* fixing release workflow app service deploys

* adding the release branch as a conditional to the docker-stub build

* Add in missing 'if' statement for 'release' branch in Docker Stub step

Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
2021-10-27 08:45:33 -07:00
Thomas Rittson
818b3b5d9d
Add PR template (#1668) 2021-10-27 19:01:00 +10:00
Joseph Flinn
8683cbfe33
fixing parameter mismatch (#1670) 2021-10-26 19:18:54 -07:00
Joseph Flinn
fa1989bfed
fixing the error in the release workflow (#1669) 2021-10-26 18:56:06 -07:00
Joseph Flinn
e2c8fa7002
Replacing the DCT setup. There was a sneaky line that was different which is making our build of the EventsProcessor image break (#1667) 2021-10-26 15:02:19 -07:00
Joseph Flinn
9a629a410c
Allow Docker access to new release branching strategy (#1666)
* allowing the new release branch to push its docker images

* Switching to our action to set up DCT
2021-10-26 14:22:47 -07:00
Joseph Flinn
f783770fcd
Version bump to 1.44.0 (#1665) 2021-10-26 13:47:34 -07:00
Matt Gibson
8f0115e62f
Check canScale when scaling for sso (#1661)
* Check canScale when scaling for sso

* PR review

Use AutoAddSeats to add seats in a consistent way.
This requires moving user check out of that method.

* User logic moved out of method
2021-10-25 10:19:37 -05:00
Oscar Hinton
c5d5601464
Add support for crypto agent (#1623) 2021-10-25 15:09:14 +02:00
Daniel James Smith
dea694193f
Add teams trial button to Edit Org Page (#1662)
* Add teams trial button to Edit Org Page

* Fix formatting
2021-10-25 14:28:17 +02:00
Joseph Flinn
f3d6a43025
Change protected release branch to release (#1656)
* Adding a contraint around the new release branch strategy

* Adding a constraint on what CI code can be used to release the release branch

* updating the self host docker image building and releasing

* removing master branch release ci code execution

* updating some verbiage
2021-10-22 08:41:38 -07:00
Vince Grassia
7da15af92f
Add New Relic monitoring package to Notifications project (#1643) 2021-10-22 10:22:25 -04:00
Matt Gibson
e744ffe499
Default autoscaling to off (#1659)
* Default autoscaling to off

* Update util/Migrator/DbScripts/2021-10-21_00_DefaultAutoscaleLimitToCurrentSeats.sql

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Update util/Migrator/DbScripts/2021-10-21_00_DefaultAutoscaleLimitToCurrentSeats.sql

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Update util/MySqlMigrations/Scripts/2021-10-21_00_SetMaxAutoscaleSeatCount.sql

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-10-22 08:11:14 -05:00
Ben Gray
4edc75d21d
Fix proper naming and download link (#1660) 2021-10-22 09:59:09 +02:00
Joseph Flinn
423ff99bda
Disabling the temporary prod-deploy workflow (#1655) 2021-10-21 10:31:26 -07:00
Matt Gibson
5d163eb5bd
Only check assigned collections if lacking privs for all (#1657) 2021-10-20 16:17:40 -05:00
Kyle Spearrin
de3f1005fc
add various status counts to org information (#1647) 2021-10-20 17:10:51 -04:00
Matt Gibson
216395f541
Create collections allows view all access (#1653)
* Create collections allows view all access

* Add missing permission to read users
2021-10-20 10:31:17 -05:00
Robyn MacCallum
033509745a
Server setup documation updates (#1654)
* Add note to help others if they run into the same issue during setup.

* Added some more info
2021-10-20 09:55:02 -04:00