1
0
mirror of https://github.com/bitwarden/server.git synced 2024-12-01 13:43:23 +01:00
Commit Graph

5192 Commits

Author SHA1 Message Date
Brandon Treston
f30f247c64
[PM-11409] prevent managed user from leaving managing organization (#4995)
* prevent managed user from leaving managing organization

* fix org check to be specific to single org

* simplify logic
2024-11-12 11:52:44 +01:00
renovate[bot]
88323f4fde
[deps]: Update Microsoft.NET.Test.Sdk to 17.11.1 (#4830)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-11-12 11:52:44 +01:00
Cy Okeke
b163129bec
resolve conflict
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-11-12 11:51:51 +01:00
Nick Krantz
5ac559665b
[PM-13839][PM-13840] Admin Console Collections (#4922)
* add collectionIds to the response of `{id}/admin`

- They're now needed in the admin console when add/editing a cipher.
- Prior to this there was no way to edit collection when editing a cipher. Assigning collections was a separate workflow

* return cipher from collections endpoint
2024-11-12 11:50:56 +01:00
Matt Bishop
be2b75574a
Check run permissions for secrets usage (#4992) 2024-11-12 11:50:56 +01:00
Todd Martin
e7a9568900
Add back provider keys on TwoFactorProviders response (#4991) 2024-11-12 11:50:56 +01:00
Justin Baur
c954a9fed5
Add MariaDB test (#4989)
* Add MariaDB Test

* Use Correct Syntax

* Use Container Name

* Add Port

* Remove MySQL Thing

* Remove Another Thing

* Different Port Syntax

* Add Back Skipped Checks

* Use Correct Connection String in Test Setup

* Update .github/workflows/test-database.yml

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>

* Update .github/workflows/test-database.yml

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>

* Use MariaDB 10

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-12 11:50:55 +01:00
holow29
dba182d6a8
Update 2024-09-05_00_SyncDuoVersionFourMetadataToVersionTwo.sql (#4982)
Fix MariaDB compatibility with JSON_EXTRACT

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-12 11:50:55 +01:00
Justin Baur
2c57dbbd87
Move Packages to Platform Ownership (#4988) 2024-11-12 11:50:55 +01:00
Matt Bishop
6a74feaf1a
Check for secrets on Docker builds (#4985) 2024-11-12 11:50:55 +01:00
Matt Bishop
41e41e0b1e
Check for secrets on database test report upload (#4984) 2024-11-12 11:50:55 +01:00
Jonas Hendrickx
ba23f885a7
[PM-14456] Return provider type when getting provider's subscription (#4972) 2024-11-12 11:50:54 +01:00
Jonas Hendrickx
14a397c1e1
[PM-13450] Change Client Plan when Provider's Plan changes. (#4980) 2024-11-12 11:50:54 +01:00
Jonas Hendrickx
c5ae849b97
[PM-13470] Allow creating clients for Multi-organization enterprise (#4977) 2024-11-12 11:50:54 +01:00
Bernd Schoolmann
319b13d87e
[PM-10394] Add new item type ssh key (#4575)
* Add ssh key item type

* Add fingerprint

* Limit ssh key ciphers to new clients

* Fix enc string length for 4096 bit rsa keys

* Remove keyAlgorithm from ssh cipher

* Add featureflag and exclude mobile from sync

* Add ssh-agent flag
2024-11-12 11:50:54 +01:00
Todd Martin
4fa1f0d725
Removed eu-environment feature flag (#4966) 2024-11-12 11:50:54 +01:00
Cy Okeke
be832de470
resolve conflict
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-11-12 11:50:11 +01:00
Vince Grassia
d5f2eeee1c
Add version bump task (#4976) 2024-11-12 11:49:06 +01:00
Alex Morask
3b6b5eccd9
[PM-11345] Add SCIM to Teams Plan (#4924)
* Add SCIM to Teams

* Robert's feedback

* Feedback
2024-11-12 11:49:06 +01:00
Vijay Oommen
043b591e66
PM-13236 PasswordHealthReportApplication DB Tables (#4958)
* PM-13236 PasswordHealthReportApplications db

* PM-13236 incorporated pr comments

* PM-13236 fixed error in SQL script

* PM-13236 resolve quality scan errors SQL71006, SQL7101, SQL70001

* PM-13236 fixed warnings on procedures

* PM-13236 added efMigrations

* PM-13236 renamed files to PasswordHealthReportApplication (singular)

* PM-13236 changed file name to more appropriate naming

* PM-13236 changed the file name singular

* PM-13236 removed the entity file

* PM-13236 Moved PasswordHealthReportApplication entity to src/core/tools/entities
2024-11-12 11:49:05 +01:00
Rui Tomé
0a1238f887
[PM-11406] Account Management: Prevent a verified user from deleting their account (#4878)
* Add check for managed user before purging account

* Rename IOrganizationRepository.GetByClaimedUserDomainAsync to GetByVerifiedUserEmailDomainAsync and refactor to return a list. Remove ManagedByOrganizationId from ProfileResponseMode. Add ManagesActiveUser to ProfileOrganizationResponseModel

* Rename the property ManagesActiveUser to UserIsManagedByOrganization

* Remove whole class #nullable enable and add it to specific places

* [PM-11405] Account Deprovisioning: Prevent a verified user from changing their email address

* Remove unnecessary .ToList()

* Refactor IUserService methods GetOrganizationsManagingUserAsync and IsManagedByAnyOrganizationAsync to not return nullable objects. Update ProfileOrganizationResponseModel.UserIsManagedByOrganization to not be nullable

* Prevent deletion of accounts managed by an organization when Account Deprovisioning is enabled

* Add CannotDeleteManagedAccountViewModel and email templates

- Added CannotDeleteManagedAccountViewModel class to handle emails related to preventing deletion of accounts managed by an organization.
- Added HTML and text email templates for sending notifications about the inability to delete an account owned by an organization.
- Updated IMailService interface with a new method to send the cannot delete managed account email.
- Implemented the SendCannotDeleteManagedAccountEmailAsync method in HandlebarsMailService.
- Added a check in UserService to send the cannot delete managed account email if the user is managed by any organization.
- Added a no-op implementation for SendCannotDeleteManagedAccountEmailAsync in NoopMailService.

* Update error message when unable to purge vault for managed account

* Update error message when unable to change email for managed account

* Update error message when unable to delete account when managed by organization

* Update error message in test for deleting organization-owned accounts
2024-11-12 11:49:05 +01:00
Vince Grassia
e0e24db445
Bump project version (#4971) 2024-11-12 11:49:05 +01:00
Jonas Hendrickx
b8caa36c0e
[PM-14443] Cannot view pending MOE provider page (#4970) 2024-11-12 11:49:04 +01:00
Cy Okeke
00d041837f
Changes for email notification 2024-11-12 11:23:28 +01:00
Cy Okeke
ef4bedb616
Changes for email notification 2024-11-12 11:23:00 +01:00
Rui Tomé
60672bbe48
[PM-10323] Remove user verification from organization user deletion methods (#4965) 2024-11-04 14:48:13 +00:00
cyprain-okeke
96862b974f
[PM-14365][Defect] Member of trialing org cannot log in app (#4968)
* decreased authorization level

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add some level of authorization

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* resolve the failing test

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Resolve the failing test

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-11-04 15:15:27 +01:00
cyprain-okeke
df4f8df485
Remove the time threshold feature flag (#4860)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-11-04 12:38:58 +01:00
Jonas Hendrickx
35b0f61986
[PM-13450] Admin: Display Multi-organization Enterprise attributes on provider details (#4955) 2024-11-04 06:45:25 +01:00
cyprain-okeke
fc719efee9
[PM-14365][Defect] Member of trialing org cannot log in app (#4967)
* changes to include subscription status metadata

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Fix the failing test

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Resolve the failing test

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-11-01 17:55:59 +01:00
Alex Morask
f149f247d5
Don't try to credit customer \$0 (#4964) 2024-11-01 12:55:07 -04:00
renovate[bot]
edd31bcf4e
[deps] Auth: Update Duende.IdentityServer to 7.0.8 [SECURITY] (#4953)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-31 14:40:46 -07:00
Matt Bishop
a04df4beba
Device deactivation (#4963)
* Device deactivation

* Check active status in service

* Format and work around potential deadlocks
2024-10-31 17:05:13 -04:00
tangowithfoxtrot
751fd33aef
fix: ensure vault URI is propagated from config.yml (#4925)
* fix: ensure vault URI matches Url from config.yml

* fmt: use camelCase for vaultUri

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2024-10-31 09:13:57 -07:00
Vince Grassia
997bf03d97
Update version to 2024.10.2 (#4962) 2024-10-31 11:40:54 -04:00
Alex Morask
249c39e71e
[PM-14275] Add IsManaged to OrganizationMetadata (#4957)
* Add IsManaged to OrganizationMetadata

* Remove subscription requirement from self-host eligibility check

* Remove unused service

* Run dotnet format
2024-10-31 11:01:37 -04:00
renovate[bot]
2893ca729f
[deps] Billing: Update swashbuckle-aspnetcore monorepo to 6.9.0 (#4948)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-31 11:02:23 +01:00
renovate[bot]
2abd37d2d7
[deps] DevOps: Update gh minor (#4945)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-30 11:23:50 -04:00
Brandon Treston
359c2787ad
[PM-11408] domain verification stat in portal and add cs delete permission (#4943)
* Add delete permission to cs role

* Add domain verification stat to portal

* add feature flag and unit tests

* fix test

* Refactor from PR feedback

* update comment
2024-10-30 10:45:53 -04:00
renovate[bot]
6cc097ec49
[deps] Platform: Update dotnet monorepo (#4886)
* [deps] Platform: Update dotnet monorepo

* Update patch version on missed monorepo packages

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Addison Beck <github@addisonbeck.com>
2024-10-28 13:35:14 -04:00
Brandon Treston
7f4bde1b6c
[PM-13730] Return Policy object instead of NotFoundException (#4911)
* Return Policy object instead of NotFoundException

* Add unit tests, change orgId type to Guid

* Fix test cases, throw exception when manage not allowed
2024-10-28 12:33:22 -04:00
Rui Tomé
c126fee296
[PM-11405] Account Management: Prevent a verified user from changing their email address (#4875)
* Add check for managed user before purging account

* Rename IOrganizationRepository.GetByClaimedUserDomainAsync to GetByVerifiedUserEmailDomainAsync and refactor to return a list. Remove ManagedByOrganizationId from ProfileResponseMode. Add ManagesActiveUser to ProfileOrganizationResponseModel

* Rename the property ManagesActiveUser to UserIsManagedByOrganization

* Remove whole class #nullable enable and add it to specific places

* [PM-11405] Account Deprovisioning: Prevent a verified user from changing their email address

* Remove unnecessary .ToList()

* Refactor IUserService methods GetOrganizationsManagingUserAsync and IsManagedByAnyOrganizationAsync to not return nullable objects. Update ProfileOrganizationResponseModel.UserIsManagedByOrganization to not be nullable

* Update error message when unable to purge vault for managed account

* Update error message when unable to change email for managed account

* Update expected error messages on unit tests

* Add TestFeatureService to Api.IntegrationTest.Helpers and use it on ApiApplicationFactory to be able to enable specific features for each test

* Add CreateVerifiedDomainAsync method to OrganizationTestHelpers

* Add tests to AccountsControllerTest to prevent changing email for managed accounts

* Remove setting the feature flag value in ApiApplicationFactory and set it on AccountsControllerTest

* Remove TestFeatureService class from Api.IntegrationTest.Helpers
2024-10-28 16:12:13 +00:00
renovate[bot]
cc6e41b42a
[deps] DbOps: Update Microsoft.Azure.Cosmos to 3.45.0 (#4949)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-28 10:29:34 -04:00
renovate[bot]
109ba14cf4
[deps] Tools: Update aws-sdk-net monorepo (#4946)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-28 10:02:40 +01:00
renovate[bot]
e2a69c432c
[deps] Tools: Update LaunchDarkly.ServerSdk to 8.6.0 (#4950)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-10-28 10:00:33 +01:00
Ike
d0c9953444
[PM-8213] Feature flag for new-device-verification (#4944) 2024-10-26 12:43:27 -04:00
Jonas Hendrickx
53ad9df003
[PM-13451] Update subscription setup process to support MOE providers (#4937) 2024-10-25 03:56:03 +02:00
Thomas Rittson
6272e84c92
Remove feature flag (#4931)
Co-authored-by: MtnBurrit0 <77340197+mimartin12@users.noreply.github.com>
2024-10-25 10:17:28 +10:00
Matt Gibson
f43f59e4b4
Register noop notification registration service for self host lacking necessary data (#4939) 2024-10-24 15:45:13 -04:00
Vince Grassia
9a499df0e7
BRE-344 - Add PR logic to Repository Management workflow (#4938) 2024-10-24 13:15:16 -06:00