1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-26 12:55:17 +01:00
Commit Graph

5157 Commits

Author SHA1 Message Date
Ike
aba2f023cd
[PM-9925] Tokenable for User Verification on Two Factor Authenticator settings (#4558)
* initial changes

* Fixing some bits

* fixing issue when feature flag is `false`; also names;

* consume OTP on read if FF true

* comment typo

* fix formatting

* check access code first to not consume token

* add docs

* revert checking access code first

* update error messages

* remove line number from comment

---------

Co-authored-by: Jake Fink <jfink@bitwarden.com>
2024-07-25 07:51:23 -07:00
renovate[bot]
f211e969c7
[deps] Tools: Update aws-sdk-net monorepo to v3.7.400 (#4555)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-25 13:43:26 +02:00
aj-rosado
ad5549342e
Added externalId column on build collections ciphers table (#4510) 2024-07-24 11:15:55 -04:00
Justin Baur
1e0182008b
[PM-2943] Enable Nullable Repositories in Unowned Files (#4549)
* Enable Nullable In Unowned Repos

* Update More Tests

* Move to One If

* Fix Collections

* Format

* Add Migrations

* Move Pragma Annotation

* Add Better Assert Message
2024-07-24 09:48:09 -04:00
Alex Morask
b5f09c599b
Added SM standalone check to public members controller (#4179) 2024-07-24 09:04:04 -04:00
Thomas Rittson
2d762f8422
[AC-2877] Make OrganizationUser.AccessAll optional (#4521) 2024-07-24 14:29:45 +10:00
Thomas Rittson
1ac2f39623
[AC-2872] Make AccessAll optional in all group sprocs (#4551) 2024-07-24 11:10:12 +10:00
Thomas Rittson
28d45f91aa
Remove FlexibleCollections feature flag (#4481) 2024-07-24 09:03:09 +10:00
Vincent Salucci
903c412943
[AC-2648] Remove Organization.FlexibleCollections from Models (#4529)
* chore: remove FlexibleCollections refs from OrganizationAbility, AC-2648

* chore: remove FlexibleCollections property from OrganizationResponseModel, refs AC-2648

* chore: remove FlexibleCollections from ProfileOrganizationResponseModel and ProfileProviderOrganizationResponseModel, refs AC-2648

* chore: remove FlexibleCollections from SelfHostedOrganizationDetails, refs AC-2648
2024-07-23 16:03:02 -05:00
Addison Beck
6797680654
Handle a previously unhandled null case (#4533) 2024-07-23 16:18:57 -04:00
Jake Fink
8121f898de
[PM-8285] add endpoint for alerting when device lost trust (#4554)
* endpoint for alerting when device lost trust

* get user from current context
2024-07-23 15:45:03 -04:00
Bernd Schoolmann
ce185eb3df
[PM-5963] Fix tde offboarding vault corruption (#4144)
* Attempt to fix tde to mp flow

* Move tde offboarding to dedicated flag

* Add tde offboarding password request

* Validate tde offboarding input

* Correctly check whether tde is active when building trusted device options

* Refactor Tde offboarding into a separate command

* Add unit tests for tde offboarding

* Update tde offboarding request model

* Fix tests

* Fix further tests

* Fix documentation

* Add validation for updatetdepasswordasync key/newmasterpassword

* Add comment explaining test

* Remove unrelated changes
2024-07-23 14:53:08 -04:00
Merissa Weinstein
48f9d09f4e
PM-1688 | individual vault encryption: remove client version restriction (#4198)
* remove server restriction code

* remove client version method check for encryption

---------

Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
2024-07-23 11:44:14 -05:00
Jared Snider
1b5f9e3f3e
Auth/PM-6198 - Registration with Email Verification - Add email clicked endpoint (#4520)
* PM-6198 - RegistrationEmailVerificationTokenable - add new static validate token method

* PM-6198 - Rename RegistrationStart to Registration as we now have to add another anonymous reference event.

* PM-6198 - rest of work

* PM-6198 - Unit test new account controller method.

* PM-6198 - Integration test new account controller endpoint
2024-07-22 17:24:42 -04:00
renovate[bot]
45b99336da
[deps] DevOps: Update gh minor (#4539)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-22 17:10:28 -04:00
Jake Fink
fd90bf5f3d
fix logic (#4550) 2024-07-22 19:43:14 +00:00
renovate[bot]
a0599e71eb
[deps] Auth: Update azure azure-sdk-for-net monorepo (#4537)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
2024-07-22 12:37:09 -07:00
renovate[bot]
cca358c88c
[deps] DbOps: Update dbup-sqlserver to v5.0.41 (#4538)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-22 12:14:26 -04:00
Jake Fink
091c03a90c
[PM-9826] Remove validation from 2fa GET and mask sensitive data (#4526)
* remove validation from 2fa GET and mask sensitive data

* skip verification check on put email

* disable verification on send-email and reenable on put email

* validate authenticator on set instead of get

* Revert "validate authenticator on set instead of get"

This reverts commit 7bf2084531.

* fix tests

* fix more tests

* Narrow scope of verify bypass

* Defaulted to false on VerifySecretAsync

* fix default param value

---------

Co-authored-by: Ike Kottlowski <ikottlowski@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
2024-07-22 11:21:14 -04:00
renovate[bot]
4f4750a0a6
[deps] DbOps: Update Microsoft.Extensions.Caching.SqlServer to v8.0.7 (#4485)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-22 10:56:12 -04:00
Matt Bishop
e07befdb6e
Have DbOps own more packages with Renovate (#4542) 2024-07-22 10:39:21 -04:00
renovate[bot]
41830dfcf7
[deps] Tools: Update aws-sdk-net monorepo (#4540)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-22 12:35:06 +02:00
Conner Turnbull
9b9f202f79
Resolved an issue where the API required users to be organization owners when accessing the members page (#4534) 2024-07-19 10:24:48 -04:00
Vince Grassia
81477303e3
Clean up App Services references (#4518) 2024-07-19 10:48:55 +02:00
Bitwarden DevOps
dc2a7b6344
Bumped version to 2024.7.2 (#4532) 2024-07-18 17:49:03 +00:00
Thomas Rittson
f57f98afe4
Drop CollectionCipher V2 sprocs (#4515)
These sprocs were used to remove AccessAll from
cipher access logic. Now the original sprocs have been
updated with the new logic, these v2 sprocs are unused
and are being dropped to complete the EDD cycle.
2024-07-18 08:24:34 +10:00
Thomas Rittson
b4e58ad942
chore: drop CipherRepository v2 sprocs (#4464)
These updated sprocs removed AccessAll from cipher access logic.
The non-versioned sprocs have been updated with the new logic and
these v2 copies are now unused. They are being dropped to complete
the EDD cycle.
2024-07-18 08:22:45 +10:00
Thomas Rittson
b0ea2a25f0
Drop v2 sprocs that added manage permission (#4463)
These sprocs have been copied back to non-versioned names and are no longer in use.
Now we are dropping the v2 sprocs to complete the EDD cycle.
2024-07-18 08:17:25 +10:00
Conner Turnbull
45ec57f81b
[AC-2887] Added Billing Authorization Where Missing (#4525)
* Added missing authorization validation to OrganizationBillingController endpoints

* Moved authorization validation to top of each method

* Resolved broken unit tests and added some new ones
2024-07-17 16:15:28 -04:00
Bernd Schoolmann
88d5a97a86
Fix key rotation being broken due to org ciphers being included (#4522) 2024-07-17 09:21:32 -04:00
Thomas Rittson
59cbe3e428
db migrations - remove comments before parsing secrets (#4519) 2024-07-17 07:03:07 +10:00
Matt Bishop
ad9f48b7be
Remove Sonar source and test path declarations (#4517) 2024-07-16 13:24:25 -04:00
Matt Bishop
4d210170bb
Explicitly specify Sonar source paths (#4516) 2024-07-16 12:01:12 -04:00
Matt Bishop
9960874d2d
Configure Sonar tests and sources (#4505) 2024-07-16 09:15:01 -04:00
Thomas Rittson
5df0e2180d
[AC-2847] Simplify OrganizationUser and Group PUT methods and tests (#4479)
* refactor controller logic
* add additional validation checks to update commands
* refactor and improve tests
2024-07-16 10:47:28 +10:00
Todd Martin
7fee588812
[PM-9522[PM-9758] Add null check for default value to new fields on Bitwarden Portal (#4506) 2024-07-15 17:49:26 -04:00
Conner Turnbull
883a2dad17
[PM-8844] Families sponsorship line items bug (#4440)
* Resovled issue where free families line item isn't removed from the Stripe subscription when the sponsorship isn't in the database

* Moved SponsorOrganizationSubscriptionUpdate to Billing namespace
2024-07-15 13:39:28 -04:00
Cesar Gonzalez
60cdf9d3a7
[PM-9267] Add Inline Menu Positioning Improvements Fature Flag (#4387) 2024-07-15 17:20:44 +00:00
Bitwarden DevOps
802d6ecafd
Bumped version to 2024.7.1 (#4513) 2024-07-15 16:49:34 +00:00
renovate[bot]
6ab57bcc5b
[deps] Tools: Update aws-sdk-net monorepo (#4512)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-15 16:39:59 +02:00
Vincent Salucci
02b3453cd5
[AC-2646] Remove FC MVP dead code from Core (#4281)
* chore: remove fc refs in CreateGroup and UpdateGroup commands, refs AC-2646

* chore: remove fc refs and update interface to represent usage/get rid of double enumeration warnings, refs AC-2646

* chore: remove org/provider service fc callers, refs AC-2646

* chore: remove collection service fc callers, refs AC-2646

* chore: remove cipher service import ciphers fc callers, refs AC-2646

* fix: UpdateOrganizationUserCommandTests collections to list, refs AC-2646

* fix: update CreateGroupCommandTests, refs AC-2646

* fix: adjust UpdateGroupCommandTests, refs AC-2646

* fix: adjust UpdateOrganizationUserCommandTests for FC always true, refs AC-2646

* fix: update CollectionServiceTests, refs AC-2646

* fix: remove unnecessary test with fc disabled, refs AC-2646

* fix: update tests to account for AccessAll removal and Manager removal, refs AC-2646

* chore: remove dependence on FC flag for tests, refs AC-2646
2024-07-12 12:25:04 -05:00
Thomas Rittson
25dc0c9178
Remove FC MVP code from Bitwarden Portal (#4492) 2024-07-12 06:13:41 +10:00
Thomas Rittson
7fe4fe16cb
[AC-1331] Remove Manager role - final (#4493)
* Remove OrganizationUserType.Manager

* Add EnumDataType validation to prevent invalid enum values
2024-07-12 06:13:10 +10:00
Kyle Spearrin
d2567dd42d
[PM-5518] Refactor Email Token Providers (#3784)
* new email token providers

* move email redaction to core helpers

* make token options configurable

* protected setters on options

* fix email token provider tests

* fix core tests

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-07-11 14:39:27 -04:00
Justin Baur
1292736f54
[PM-7682] Add Explicit Reference to Microsoft.AspNetCore.DataProtection (#4010)
* Add Explicit Reference to Microsoft.AspNetCore.DataProtection

* Use Version That Doesn't Cause Downgrade

* Update src/Core/Core.csproj

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-07-11 12:02:42 -04:00
Conner Turnbull
5ccb4072a3
[AC-2766] famlies sponsorship upcoming invoice email (#4181)
* Getting the fresh invoice if the subscription was updated when validation the families sponsorship

* Getting fresh invoice after validation families sponsorship fails

* Also updating invoice line items
2024-07-11 15:51:04 +00:00
renovate[bot]
b6940f3184
[deps] Tools: Update MailKit to v4.7.0 (#4499)
* [deps] Tools: Update MailKit to v4.7.0

* Add explicit reference to System.Formats.Asn1 to address Microsoft Security Advisory CVE-2024-38095

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2024-07-11 17:33:25 +02:00
Alex Morask
a51e4c0a7c
Used PO ID instead of Org ID on accident (#4500) 2024-07-11 11:22:15 -04:00
Justin Baur
cf8ec4ed41
Add Explicit Version Reference for Azure.Identity (#4501)
* Explicit Bump to Azure.Identity

* Remove Change That Was Just For Testing
2024-07-11 11:12:34 -04:00
renovate[bot]
b1816b7af1
[deps] Tools: Update SignalR to v8.0.7 (#4497)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-11 16:16:49 +02:00