1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-24 12:35:25 +01:00
Commit Graph

5229 Commits

Author SHA1 Message Date
Bernd Schoolmann
fae8692d2a
[PM-12607] Move key rotation & validators to km ownership (#4941)
* Move key rotation & validators to km ownership

* Fix build errors

* Fix build errors

* Fix import ordering

* Update validator namespace

* Move key rotation data to km ownership

* Fix linting

* Fix namespaces

* Fix namespace

* Fix namespaces

* Move rotateuserkeycommandtests to km ownership
2024-11-21 19:17:04 +01:00
Vijay Oommen
92b94fd4ee
PM-15066 added drop feature and unit tests. (#5053) 2024-11-20 15:18:05 -05:00
Alex Morask
052235bed6
[PM-15048] Update bank account verification to use descriptor code (#5048)
* Update verify bank account process to use descriptor code

* Run dotnet format
2024-11-20 14:36:50 -05:00
Bernd Schoolmann
eb20adb53e
Add QA flag (#5005)
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: aj-bw <81774843+aj-bw@users.noreply.github.com>
2024-11-20 13:24:29 -05:00
Conner Turnbull
77cde50ee1
Updated customer metadata when updating to use bank account (#5050) 2024-11-20 09:32:53 -05:00
Jimmy Vo
5227ee7d90
[PM-13746] Remove loggedInUserId parameter. (#5033)
1. Remove _organizationService.ValidateOrganizationUserUpdatePermissions since it is not needed for updating group associations.
2. Remove loggedInUserId since it's no longer needed.
3. Update/remove related tests.
2024-11-19 17:19:22 -05:00
Ike
516608560e
Fixing organization Duo configuration verificaiton (#5047)
fix(TwoFactorAuthentication): Duo Configuration Validation method input order fixed for `ClientId`, `ClientSecret` from UpdateRequest object.
2024-11-19 09:41:08 -08:00
Conner Turnbull
44bf5619c8
Updated customer metadata to only store one old btCustomerId (#4997)
* Updated customer metadata to only store one old btCustomerId

* Updated to include case where old key already exists

* Updated SubscriberService to also save btCustomerId_old on the Stripe Customer's metadata

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-19 11:38:30 -05:00
cyprain-okeke
c76d615fad
[PM-13346] Email notification impacts (#5027)
* Changes for the email notification

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Remove Get SponsoringSponsoredEmailAsync method

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Remove unused policyRepository referrence

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Removed unused OrganizationSponsorshipResponse

* Rollback unrelated code changes

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Resolve the failing test

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Method to get policy status without login

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Refactor the email notification

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Remove unused property

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Remove unused property

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Fix line spacing

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* remove extra line

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Refactor base on the pr review

* Remove the unused interface

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add changes for error message for disable policy

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-11-19 17:37:01 +01:00
renovate[bot]
b2b0f1e70e
[deps] Auth: Update bootstrap to v5 [SECURITY] (#4881)
* [deps] Auth: Update bootstrap to v5 [SECURITY]

* Update bootstrap and import dependencies in site.scss

* Update site.scss to include the theme color 'dark'

* Refactor site.scss to merge the 'primary-accent' theme color into the existing theme colors

* Update bootstrap classes for v5

* Refactor form layout in Index.cshtml and AddExistingOrganization.cshtml

* Revert change to the shield icon in the navbar

* Fix organization form select inputs

* Fixed search input sizes

* Fix elements in Providers and Users search

* More bootstrap migration

* Revert change to tax rate delete button

* Add missing label classes in Users/Edit.cshtml

* More component migrations

* Refactor form classes and labels in CreateMsp.cshtml and CreateReseller.cshtml

* Update package dependencies in Sso

* Revert changes to Providers/Edit.cshtml

* Refactor CreateMultiOrganizationEnterprise.cshtml and Providers/Edit.cshtml for bootstrap 5

* Refactor webpack.config.js to use @popperjs/core instead of popper.js

* Remove popperjs package dependency

* Restore Bootstrap 4 link styling behavior

- Remove default text decoration
- Add underline only on hover

* Update Bootstrap to version 5.3.3

* Update deprecated text color classes from 'text-muted' to 'text-body-secondary' across various views

* Refactor provider edit view for bootstrap 5

* Remove underline in Add/Create organization links in provider page

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Rui Tome <rtome@bitwarden.com>
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
2024-11-19 12:04:54 +00:00
Ike
ab5d4738d6
[PM-8107] Remove Duo v2 from server (#4934)
refactor(TwoFactorAuthentication): Remove references to old Duo SDK version 2 code and replace them with the Duo SDK version 4 supported library DuoUniversal code.

Increased unit test coverage in the Two Factor Authentication code space. We opted to use DI instead of Inheritance for the Duo and OrganizaitonDuo two factor tokens to increase testability, since creating a testing mock of the Duo.Client was non-trivial.

Reviewed-by: @JaredSnider-Bitwarden
2024-11-18 15:58:05 -08:00
Alex Morask
e16cad50b1
Add Teams to SCIM API key generation (#5036) 2024-11-15 11:54:23 -05:00
Alex Morask
df21d574e1
[PM-11798] Remove enable-consolidated-billing feature flag (#5028)
* Remove flag from CreateProviderCommand

* Remove flag from OrganizationsController

* Consolidate provider extensions

* Remove flag from ProvidersController

* Remove flag from CreateMsp.cshtml

* Remove flag from Provider Edit.cshtml

Also ensured the editable Gateway fields show for Multi-organization enterprises

* Remove flag from OrganizationsController

* Remove flag from billing-owned provider controllers

* Remove flag from OrganizationService

* Remove flag from RemoveOrganizationFromProviderCommand

* Remove flag from ProviderService

* Remove flag

* Run dotnet format

* Fix failing tests
2024-11-15 09:30:03 -05:00
Shane Melton
eee7494c91
[PM-14373] Introduce SecurityTask database table and repository (#5025)
* [PM-14373] Introduce SecurityTask entity and related enums

* [PM-14373] Add Dapper SecurityTask repository

* [PM-14373] Introduce MSSQL table, view, and stored procedures

* [PM-14373] Add EF SecurityTask repository and type configurations

* [PM-14373] Add EF Migration

* [PM-14373] Add integration tests

* [PM-14373] Formatting

* Typo

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>

* Typo

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>

* [PM-14373] Remove DeleteById sproc

* [PM-14373] SQL formatting

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-14 14:54:20 -08:00
Michał Chęciński
8b1b07884e
Fix github token generating in repository-management.yml workflow (#5038) 2024-11-14 13:47:37 +01:00
cyprain-okeke
3d1cd441a7
Remove the flag for upgrade path dialog (#4956)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-11-14 10:00:29 +01:00
Jonas Hendrickx
6f7cdcfcea
[PM-13783] Battle harden ProviderType enum expansion (#5004)
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-13 15:01:26 +01:00
cyprain-okeke
b1776240ea
Pm 14861 vault items fail to load (#5031)
* Resolve vault items fail to load

* Add hasSubscription to metadata

* Remove unused property

* Fix the failing unit test
2024-11-13 13:19:16 +01:00
Matt Bishop
dfbc400520
Remove FCMv1 feature flag (#5030)
* Remove FCMv1 feature flag

* Killed a using
2024-11-12 15:16:31 -05:00
Alex Morask
a26ba3b330
[PM-14401] Scale MSP on Admin client organization update (#5001)
* Privatize GetAssignedSeatTotalAsync

* Add SeatAdjustmentResultsInPurchase method

* Move adjustment logic to ProviderClientsController.Update

* Remove unused AssignSeatsToClientOrganization method

* Alphabetize ProviderBillingService

* Scale MSP on Admin client organization update

* Run dotnet format

* Patch build process

* Rui's feedback

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-12 14:11:10 -05:00
Jared McCannon
f2bf9ea9f8
[PM-12479] - Adding group-details endpoint (#4959)
 Added group-details endpoint. Moved group auth handler to AdminConsole directory.
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-12 11:25:36 -06:00
Jonas Hendrickx
25afd50ab4
[PM-14798] Update ProviderEventService for multi-organization enterprises (#5026) 2024-11-12 14:53:34 +01:00
Shane Melton
702a81b161
[PM-14418] Add security-tasks feature flag (#5023) 2024-11-11 16:07:21 -05:00
renovate[bot]
db5beb54b5
[deps] Tools: Update aws-sdk-net monorepo (#5017)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
2024-11-11 19:53:33 +01:00
Matt Bishop
eec4a77bda
Check run earlier during setup (#5022) 2024-11-11 13:19:20 -05:00
Vijay Oommen
9fb3f1d346
PM-13237 password health report application add get (#5000)
* PM-13236 PasswordHealthReportApplications db

* PM-13236 incorporated pr comments

* PM-13236 fixed error in SQL script

* PM-13236 resolve quality scan errors SQL71006, SQL7101, SQL70001

* PM-13236 fixed warnings on procedures

* PM-13236 added efMigrations

* PM-13236 renamed files to PasswordHealthReportApplication (singular)

* PM-13236 changed file name to more appropriate naming

* PM-13236 changed the file name singular

* PM-13236 PasswordHealthReportApplication Entities and Repos

* PM-13236 moved files under tools from core

* PM-13236 Entity PasswordHealthReportApplication namespace changed to tools/entities

* PM-13236 moved Repos and Interfaces to tools

* PM-13236 migrated model to tools namespace

* PM-13236 minor fixes to the unit tests

* PM-13236 fixed script errors during build

* PM-13236 Script to drop PasswordHealthReportApplications if it exists

* PM-13236 fixes to database snapshot

* PM-13236 updated databasesnapshots

* PM-13236 Update database model changes for Mysql

* PM-13236 update model changes for Sqlite

* PM-13236 updated the models to remove commented code

* PM-13236 added correct db snapshot for MySql

* PM-13236 updated database snapshot for Postgres

* PM-13236 updated database snapshot for Sqlite

* PM-13236 removed unwanted directive to fix linting error

* PM-13236 removed redundant script files

* PM-13237 Add entity command and unit tests

* PM-13237 Get query added with unit tests

* PM-13237 Controller to add/get PasswordHealthReportApplication

* PM-13237 Setup dependencies in the EF Service collection extensions

* PM-13237 Added unit tests for ReportsController
2024-11-11 12:54:52 -05:00
Tom
0e23a07bbc
[PM-13298] Modify members access logic (#4876)
* Initial refactor of members acess

* Refactor of the members access report to include a list of ciphers

* Saving ciphers to parent object

* Missed saving the response model

* bit.core change and updating references. Removing unused refs

* Removing commented code

* Adding Bit to the namespaces

* The mapping to the response model missed setting the UserId
2024-11-11 11:18:10 -05:00
Jared McCannon
1dec51bf5a
[PM-13014] - Add CanToggleStatus property to PolicyRepsonseModel based on Policy Validators (#4940)
* Adding CanToggleState to PoliciesControllers (api/public) endpoints. Added mappings wrapped in feature flag.

* Updated logic for determining CanToggle. Removed setting of toggle from List endpoint. Added new details model for single policy response. Validator now returns after first error.
2024-11-11 09:52:42 -06:00
Alex Morask
2e635c9505
Create ProviderInvoiceItems for empty invoices (#5021) 2024-11-11 10:02:21 -05:00
Alex Urbina
89be2f495a
Fix Hackerone Report ID 2830741 (#5010) 2024-11-08 20:41:58 +00:00
Jimmy Vo
aa3d71607f
PM-13763 Move ResetPasswordEnrolled to response model (#4983)
to adhere to Liskov Substitution Principle. Ensures request models inherit only relevant properties.
2024-11-08 15:02:51 -05:00
MtnBurrit0
a56f3a587c
Update logic to handle pull_request_target (#5008)
- Removing the grep and create a conditional based on GITHUB_EVENT_NAME
2024-11-08 11:58:07 -07:00
Vijay Oommen
7cf6742595
PM-13236 - Password Health Report Application - entities repos (#4974)
* PM-13236 PasswordHealthReportApplications db

* PM-13236 incorporated pr comments

* PM-13236 fixed error in SQL script

* PM-13236 resolve quality scan errors SQL71006, SQL7101, SQL70001

* PM-13236 fixed warnings on procedures

* PM-13236 added efMigrations

* PM-13236 renamed files to PasswordHealthReportApplication (singular)

* PM-13236 changed file name to more appropriate naming

* PM-13236 changed the file name singular

* PM-13236 PasswordHealthReportApplication Entities and Repos

* PM-13236 moved files under tools from core

* PM-13236 Entity PasswordHealthReportApplication namespace changed to tools/entities

* PM-13236 moved Repos and Interfaces to tools

* PM-13236 migrated model to tools namespace

* PM-13236 minor fixes to the unit tests

* PM-13236 fixed script errors during build

* PM-13236 Script to drop PasswordHealthReportApplications if it exists

* PM-13236 fixes to database snapshot

* PM-13236 updated databasesnapshots

* PM-13236 Update database model changes for Mysql

* PM-13236 update model changes for Sqlite

* PM-13236 updated the models to remove commented code

* PM-13236 added correct db snapshot for MySql

* PM-13236 updated database snapshot for Postgres

* PM-13236 updated database snapshot for Sqlite

* PM-13236 removed unwanted directive to fix linting error

* PM-13236 removed redundant script files
2024-11-08 11:28:56 -05:00
Matt Bishop
e7cbdaa469
Only build Unified on main branch pushes (#5006) 2024-11-08 10:31:18 -05:00
Matt Bishop
fcb706b9c5
Catch PR targets for certain build operations (#5003)
* Catch PR targets for certain build operations

* Support EE
2024-11-07 17:11:01 -05:00
Matt Bishop
21b7c3b73a
Support client version prerelease flag in context and LD targeting (#4994)
* Support client version prerelease flag in context and LD targeting

* Use integer instead of Boolean
2024-11-07 16:13:57 -05:00
renovate[bot]
d6e624d639
[deps] Tools: Update aws-sdk-net monorepo (#4993)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-11-07 20:39:36 +01:00
Jason Ng
fda7c4912a
[PM-8682] added flags for new device verification notice (#4999) 2024-11-07 14:30:29 -05:00
Brandon Treston
ebd78ff30d
[PM-11408] Remove cs delete permission (#4998)
* remove user delete permission from CS role
2024-11-07 14:14:42 -05:00
Brandon Treston
15bc5060c6
[PM-11409] prevent managed user from leaving managing organization (#4995)
* prevent managed user from leaving managing organization

* fix org check to be specific to single org

* simplify logic
2024-11-07 14:10:00 -05:00
renovate[bot]
4adcecb80a
[deps]: Update Microsoft.NET.Test.Sdk to 17.11.1 (#4830)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-11-07 11:51:39 -05:00
Brandon Treston
82cd1a8b1a
add feature flag (#4987) 2024-11-07 11:30:26 -05:00
Nick Krantz
72736db4b6
[PM-13839][PM-13840] Admin Console Collections (#4922)
* add collectionIds to the response of `{id}/admin`

- They're now needed in the admin console when add/editing a cipher.
- Prior to this there was no way to edit collection when editing a cipher. Assigning collections was a separate workflow

* return cipher from collections endpoint
2024-11-07 10:21:48 -06:00
Matt Bishop
f7957f7053
Check run permissions for secrets usage (#4992) 2024-11-07 09:56:57 -05:00
Todd Martin
b07df10335
Add back provider keys on TwoFactorProviders response (#4991) 2024-11-06 18:12:59 -05:00
Justin Baur
b5014ed6d8
Add MariaDB test (#4989)
* Add MariaDB Test

* Use Correct Syntax

* Use Container Name

* Add Port

* Remove MySQL Thing

* Remove Another Thing

* Different Port Syntax

* Add Back Skipped Checks

* Use Correct Connection String in Test Setup

* Update .github/workflows/test-database.yml

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>

* Update .github/workflows/test-database.yml

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>

* Use MariaDB 10

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-06 21:51:10 +00:00
holow29
639ee5780b
Update 2024-09-05_00_SyncDuoVersionFourMetadataToVersionTwo.sql (#4982)
Fix MariaDB compatibility with JSON_EXTRACT

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-06 13:45:09 -08:00
Justin Baur
355ebfa889
Move Packages to Platform Ownership (#4988) 2024-11-06 19:36:07 +00:00
Matt Bishop
e7bd31c009
Check for secrets on Docker builds (#4985) 2024-11-06 13:56:12 -05:00
Matt Bishop
d63e18ec7a
Check for secrets on database test report upload (#4984) 2024-11-06 11:38:25 -05:00