1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-29 13:25:17 +01:00
Commit Graph

5157 Commits

Author SHA1 Message Date
Justin Baur
3f1127489d
Print DB Logs (#4754)
* Print DB Logs

* Fake Fail Test

* Remove Test Stuff

* Prefer Long-Hand Options

* Remove Test Failure

* Print deadlocks
2024-09-10 13:22:37 -04:00
Matt Bishop
4f874ff375
Provide client device type and version info in feature flag contexts (#4755) 2024-09-10 12:49:46 -04:00
Jared Snider
ab73eeae16
Auth/PM-11252 - Registration with Email Verification - Adjust url to point to new signup redirect connector (#4691)
* PM-11252 - Registration with Email Verification - Adjust url in email to point to new signup redirect connector.

* PM-11252 - RegisterVerifyEmail - use url fragment structure to obfuscate query params from logging and prevent open redirects.
2024-09-10 11:30:01 -04:00
Rui Tomé
add8783e31
[PM-11667] Remove all code related to the outdated custom permissions 'Edit/Delete Assigned Collections' (#4736) 2024-09-10 15:06:13 +01:00
Thomas Avery
4c0f8d54f3
[PM-10560] Create notification database storage (#4688)
* Add new tables

* Add stored procedures

* Add core entities and models

* Setup EF

* Add repository interfaces

* Add dapper repos

* Add EF repos

* Add order by

* EF updates

* PM-10560: Notifications repository matching requirements.

* PM-10560: Notifications repository matching requirements.

* PM-10560: Migration scripts

* PM-10560: EF index optimizations

* PM-10560: Cleanup

* PM-10560: Priority in natural order, Repository, sql simplifications

* PM-10560: Title column update

* PM-10560: Incorrect EF migration removal

* PM-10560: EF migrations

* PM-10560: Added views, SP naming simplification

* PM-10560: Notification entity Title update, EF migrations

* PM-10560: Removing Notification_ReadByUserId

* PM-10560: Notification ReadByUserIdAndStatus fix

* PM-10560: Notification ReadByUserIdAndStatus fix to be in line with requirements and EF

---------

Co-authored-by: Maciej Zieniuk <mzieniuk@bitwarden.com>
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-09-09 21:52:12 +02:00
Kyle Spearrin
55bf815050
[VULN-45] CSP for Icons Server (#4747)
* CSP for icon server

* default to self

* append
2024-09-09 15:46:01 -04:00
renovate[bot]
b103e8f5d9
[deps] Auth: Update sass-loader to v16.0.1 (#4717)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-09-09 10:20:25 -07:00
renovate[bot]
bb99801e2c
[deps] Auth: Update mini-css-extract-plugin to v2.9.1 (#4716)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-09-09 10:17:01 -07:00
Tom
aa72c0b800
Fixes the dupe issue on group and colletion (#4743) 2024-09-09 11:48:07 -04:00
Alex Morask
afa9620f35
Add billing operations to SSO for OrganizationService dependency (#4750) 2024-09-09 11:06:24 -04:00
Bitwarden DevOps
c112c82ea3
Bumped version to 2024.9.0 (#4749) 2024-09-09 14:55:55 +00:00
Conner Turnbull
46ac2a9b3b
[AC-2568] Added invoices and transaction history endpoints. Added cursor paging for each (#4692)
* Added invoices and transaction history endpoints. Added cursor paging for each

* Removed try/catch since it's handled by middleware. Updated condition to use pattern matching

* Added unit tests for PaymentHistoryService

* Removed organizationId from account billing controller endpoints
2024-09-09 09:38:58 -04:00
Todd Martin
ebf8bc0b85
[PM-11749] Add device type to device trust loss logging (#4742)
* Add device type to trust loss logging.

* Added check for null.
2024-09-06 18:06:39 -04:00
Alex Morask
dd6bc89b19
Upgrade Stripe.net to 45.7.0 (#4744) 2024-09-06 13:30:39 -04:00
Ike
fc587847c3
[PM-6664] base request validator - Two Factor flows integration tests (#4643)
* initial commit added two factor tests

* initial commit

* updated two factor tests

* fixed formatting
2024-09-06 08:05:25 -07:00
Alex Morask
c0a4ba8de1
[AC-2965] Use OrganizationBillingService to purchase org when FF is on (#4737)
* Add PurchaseSubscription to OrganizationBillingService and call from OrganizationService.SignUpAsync when FF is on

* Run dotnet format

* Missed billing service DI for SCIM which uses the OrganizationService
2024-09-06 10:24:05 -04:00
Justin Baur
8491c58595
[PM-11661] Add Feature Flag For Storage Reseed Refactor (#4738) 2024-09-06 09:33:51 -04:00
Shaikh Yaser
c3ba6697e9
Fix typo in OrganizationsController.cs (#4739) 2024-09-06 14:39:01 +10:00
Justin Baur
329eef82cd
Create DataTableBuilder (#4608)
* Add DataTableBuilder Using Expressions

* Format

* Unwrap Underlying Enum Type

* Formatting
2024-09-05 20:44:45 -04:00
Todd Martin
ec2522de8b
[PM-11619] Replace cipher encryption feature flag with server-side flag (#4694) 2024-09-05 16:25:53 -04:00
Ike
fa5d6712c5
[PM-6664] Base Request Validator Unit Tests and Resource Owner integration Tests (#4582)
* intial commit

* Some UnitTests for the VerifyAsync flows

* WIP org two factor

* removed useless tests

* added ResourceOwnerValidation integration tests

* fixing formatting

* addressing comments

* removed comment
2024-09-05 11:17:15 -07:00
Jonas Hendrickx
64a7cba013
PM-7999 | Reseller billing e-mail can be blank causing downstream errors for org creation (#4733) 2024-09-05 15:37:20 +01:00
Alex Urbina
d71916aee5
BRE-141 Refactor Release workflow to split deploy/publish steps in a separate publish workflow (#4731)
* BRE-141 REFACTOR: Release workflow to split deploy/publish steps in a separate publish workflow

* BRE-141 ADD: update-deployment job in publish workflow
2024-09-05 08:19:56 -06:00
Conner Turnbull
b6075dff52
Commented out unreachable code (#4735)
* Commented out unreachable code

* Suppressed compiler warning "async method lacks await"
2024-09-05 13:23:43 +00:00
renovate[bot]
371d51b9c8
[deps] Billing: Update BenchmarkDotNet to v0.14.0 (#4660)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-05 09:05:26 -04:00
renovate[bot]
9ec95dbeee
[deps] DbOps: Update Microsoft.Data.SqlClient to 5.2.2 (#4718)
* [deps] DbOps: Update Microsoft.Data.SqlClient to 5.2.2

* Remove our Azure.Identity reference that previously patched what this PR is now doing

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-09-04 17:43:05 -04:00
Tom
af3797c540
[AC-2614] Member Access Report Endpoint (#4599)
* Initial draft of moving the org user controller details method into a query

* Removing comments and addressing pr items

* Adding the org users query to core

* Adding the member access report

* Addressing some pr concerns and refactoring to be more efficient

* Some minor changes to the way properties are spelled

* Setting authorization to organization

* Adding the permissions check for reports and comments

* removing unnecessary usings

* Removing ciphers controller change that was a mistake

* There was a duplication issue in getting collections for users grabbing groups

* Adding comments to the CreateReport method

* Only get the user collections by userId

* Some finaly refactoring

* Adding the no group, no collection, and no perms local strings

* Modifying and adding query test cases

* Removing unnecessary permissions code in query

* Added mapping for id and UsesKeyConnector to MemberAccessReportModel (#4681)

* Moving test cases from controller fully into the query.

---------

Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
Co-authored-by: aj-rosado <109146700+aj-rosado@users.noreply.github.com>
2024-09-04 14:33:33 -04:00
Jonathan Prusik
fdf6d8f9c3
add feature flag for improved combined card expiry date autofill (#4732) 2024-09-04 13:43:59 -04:00
renovate[bot]
8891540972
[deps] DevOps: Update gh minor (#4723)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-04 09:44:19 -04:00
Rui Tomé
471851978b
[PM-10325] Rename OrganizationUser Delete and BulkDelete endpoints to Remove and BulkRemove (#4711)
* Rename IDeleteOrganizationUserCommand to IRemoveOrganizationUserCommand

* Rename IOrganizationService DeleteUser methods to RemoveUser

* Rename API endpoints for deleting organization users to "Remove"

* chore: Rename Delete method to Remove in MembersController
2024-09-04 11:18:23 +01:00
renovate[bot]
b40bf11884
[deps] Tools: Update aws-sdk-net monorepo (#4720)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-03 14:57:46 +02:00
Rui Tomé
f5caecc6d6
[AC-1722] Deprecate "Edit/Delete Assigned Collections" custom permissions (#4604)
* Add SQL script to migrate custom users with specific permissions to User type

Remove 'editAssignedCollections' and 'deleteAssignedCollections' properties from Permissions in OrganizationUser table. Migrate custom users who only have these permissions to the User type.

* Add MySQL migration to migrate custom users with specific permissions to User type

* Add Postgres migration to migrate custom users with specific permissions to User type

* Add Sqlite migration to migrate custom users with specific permissions to User type

* Update AutoFixture usage in tests to resolve creating ILogger mock instances

* Update EF integration tests database contexts to use each respective Migrations assembly. Configure Sqlite instance

* Add RunMigration method to BaseEntityFrameworkRepository

* Add FinalFlexibleCollectionsDataMigrationsTests

* Improve data migration efficiency by using OPENJSON instead of multiple JSON_EXTRACT

* Add batching to the sql data migrations

* Update DbMigrator to run a specific script based on its name

* Update DatabaseDataAttribute to be able to test a specific migration

* Add reference to the migration projects to Infrastructure.IntegrationTest

* Add integration test to test the migration FinalFlexibleCollectionsDataMigrations

* Remove EFIntegration tests and remove RunMigration method from BaseEntityFrameworkRepository

* Add IMigrationTesterService and implementations for SQL and EF migrations

* Add FinalFlexibleCollectionsDataMigrationsTests and remove test from OrganizationUserRepositoryTests

* Update sql data migration script based on performance feedback

* Bump date on EF migration scripts

* Add xmldoc comments to IMigrationTesterService and each implementation

* Bump up the date on the EF migration scripts

* Bump up dates on EF migrations

* Added tests to assert no unwanted changes are made to the permissions json. Refactor tests.

* Revert changes made to DbMigrator and refactor SqlMigrationTesterService to not use it.

* Add method description

* Fix test to assert no changes are made to custom user

* Remove unnecessary COALESCE and SELECT CASE

* Unident lines on SQL script

* Update DatabaseDataAttribute MigrationName property to be nullable

* Fix null reference checks

* Remove unnecessary COALESCE from Postgres script

* Bump dates on migration scripts

* Bump up dates on EF migrations

* Add migration tests for handling null

* Add test for non json values

* Fix test

* Remove migrations

* Recreate EF migrations

* Update Postgres data migration script to check for valid JSON in Permissions column

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2024-09-02 11:04:55 +01:00
renovate[bot]
774ef713fc
[deps] Tools: Update LaunchDarkly.ServerSdk to 8.5.2 (#4719)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-02 11:49:44 +02:00
Thomas Rittson
0da62f9cee
[PM-10368] Drop Group.AccessAll (#4700)
- Add default constraint
- Update sprocs to remove column
- Drop column
2024-09-02 15:01:32 +10:00
renovate[bot]
0d11e03bf7
[deps] AC: Update DnsClient to 1.8.0 (#4587)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-02 11:41:16 +10:00
Todd Martin
c3b84884b8
Fix linting issue on Constants from adding feature flag (#4715) 2024-08-30 16:45:38 -04:00
Todd Martin
3ecb900709
Added persist-popup-view feature flag (#4714) 2024-08-30 16:19:18 -04:00
Justin Baur
d4122d1fb6
Switch to UtcDateTime (#4710) 2024-08-29 10:27:41 -04:00
renovate[bot]
0d61f30d53
[deps] Auth: Update webpack to v5.94.0 [SECURITY] (#4707)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-28 11:10:40 -04:00
Alex Morask
3c86ec6a35
[AC-2959] ACH Direct Debit POC (#4703)
* Refactor: Rename some methods and models for consistency

This commit contains no logic changes at all. It's entirely comprised of renames of existing models and methods to bring our codebase more in line with our app's functionality and terminology.

* Add feature flag: AC-2476-deprecate-stripe-sources-api

* Standardize error responses from applicable billing controllers

During my work on CB, I found that just using the built-in TypedResults errors results in the client choking on the response because it's looking for the ErrroResponseModel. The new BaseBillingController provides Error utilities to return TypedResults wrapping that model so the client can process it.

* Add feature flagged payment method endoints to OrganizationBillingController

* Run dotnet format
2024-08-28 10:48:14 -04:00
renovate[bot]
20478949d8
[deps] Billing: Update swashbuckle-aspnetcore monorepo to v6.7.3 (#4650)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-28 09:18:57 -04:00
renovate[bot]
ec05077b5c
[deps] Auth: Lock file maintenance (#4541)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-08-27 17:08:48 -07:00
Justin Baur
13ad872f51
Resolve Vault and DB Warnings (#4646)
* Resolve Vault Warnings

* Resolve DB Warnings
2024-08-27 19:05:34 -04:00
Addison Beck
acb71d87d9
Log events from the import organization flow (#4632)
* Log events from the import organization flow

* Use an interface for the `OrganizationUser` object used to log events

* Log import events as being from the public api if they are

* Add logging for created groups

* Log proper group ids

* Fix tests

* Also log update events for groups

* Remove private API `import` endpoint

* Make `eventSystemUser` non-nullable for `ImportAsync`

* Fix tests

* Delete `ImportOrganizationUsersRequestModel`

* Fix tests
2024-08-28 08:19:48 +10:00
renovate[bot]
6764131934
[deps] Auth: Update sass to v1.77.8 (#4659)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-08-27 11:14:48 -07:00
renovate[bot]
b5bdc0718d
[deps] Platform: Update dotnet monorepo to v8.0.8 (#4653)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-27 14:14:16 -04:00
GSWXXN
46955d469b
fix: Fix null handling in SendLicenseExpiredAsync method (#3122) 2024-08-27 13:21:24 -04:00
Todd Martin
0a6c35e56c
Updated bootstrap to 5.3.3 (#4697)
* Updated bootstrap to 5.3.3

* Removed locking of bootstrap version
2024-08-27 09:24:02 -07:00
renovate[bot]
e65cf19873
[deps] Tools: Update aws-sdk-net monorepo (#4683)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-27 14:03:26 +02:00
Justin Baur
35f59daceb
Add Pending Model Checks (#4629)
* Add Pending Model Checks

* Update This File Reference

* Don't Use Title Case

* Include ConnectionString

* Remove --connection arg

* Add Fake Model Change

* Remove Fake Change
2024-08-27 07:32:32 -04:00