6e7c5b172c
* Add Manage permission to UserCipherDetails and CipherDetails_ReadByIdUserId * Add Manage property to CipherDetails and UserCipherDetailsQuery * Add integration test for CipherRepository Manage permission rules * Update CipherDetails_ReadWithoutOrganizationsByUserId to include Manage permission * Refactor UserCipherDetailsQuery to include detailed permission and organization properties * Refactor CipherRepositoryTests to improve test organization and readability - Split large test method into smaller, focused methods - Added helper methods for creating test data and performing assertions - Improved test coverage for cipher permissions in different scenarios - Maintained existing test logic while enhancing code structure * Refactor CipherRepositoryTests to consolidate cipher permission tests - Removed redundant helper methods for permission assertions - Simplified test methods for GetCipherPermissionsForOrganizationAsync, GetManyByUserIdAsync, and GetByIdAsync - Maintained existing test coverage for cipher manage permissions - Improved code readability and reduced code duplication * Add integration test for CipherRepository group collection manage permissions - Added new test method GetCipherPermissionsForOrganizationAsync_ManageProperty_RespectsCollectionGroupRules - Implemented helper method CreateCipherInOrganizationCollectionWithGroup to support group-based collection permission testing - Verified manage permissions are correctly applied based on group collection access settings * Add @Manage parameter to Cipher stored procedures - Updated CipherDetails_Create, CipherDetails_CreateWithCollections, and CipherDetails_Update stored procedures - Added @Manage parameter with comment "-- not used" - Included new stored procedure implementations in migration script - Consistent with previous work on adding Manage property to cipher details * Update UserCipherDetails functions to reorder Manage and ViewPassword columns * [PM-18086] Add CanRestore and CanDelete authorization methods. * [PM-18086] Address code review feedback. * [PM-18086] Add missing part. * [PM-18087] Add CipherPermissionsResponseModel for cipher permissions * Add GetManyOrganizationAbilityAsync method to application cache service * Add organization ability context to cipher response models This change introduces organization ability context to various cipher response models across multiple controllers. The modifications include: - Updating CipherResponseModel to include permissions based on user and organization ability - Modifying CiphersController methods to fetch and pass organization abilities - Updating SyncController to include organization abilities in sync response - Adding organization ability context to EmergencyAccessController response generation * Remove organization ability context from EmergencyAccessController This change simplifies the EmergencyAccessController by removing unnecessary organization ability fetching and passing. Since emergency access only retrieves personal ciphers, the organization ability context is no longer needed in the response generation. * Remove unused IApplicationCacheService from EmergencyAccessController * Refactor EmergencyAccessViewResponseModel constructor Remove unnecessary JsonConstructor attribute and simplify constructor initialization for EmergencyAccessViewResponseModel * Refactor organization ability retrieval in CiphersController Extract methods to simplify organization ability fetching for ciphers, reducing code duplication and improving readability. Added two private helper methods: - GetOrganizationAbilityAsync: Retrieves organization ability for a single cipher - GetManyOrganizationAbilitiesAsync: Retrieves organization abilities for multiple ciphers * Update CiphersControllerTests to use GetUserByPrincipalAsync Modify test methods to: - Replace GetProperUserId with GetUserByPrincipalAsync - Use User object instead of separate userId - Update mocking to return User object - Ensure user ID is correctly set in test scenarios * Refactor CipherPermissionsResponseModel to use constructor-based initialization * Refactor CipherPermissionsResponseModel to use record type and init-only properties * [PM-18086] Undo files * [PM-18086] Undo files * Refactor organization abilities retrieval in cipher-related controllers and models - Update CiphersController to use GetOrganizationAbilitiesAsync instead of individual methods - Modify CipherResponseModel and CipherDetailsResponseModel to accept organization abilities dictionary - Update CipherPermissionsResponseModel to handle organization abilities lookup - Remove deprecated organization ability retrieval methods - Simplify sync and emergency access response model handling of organization abilities * Remove GetManyOrganizationAbilityAsync method - Delete unused method from IApplicationCacheService interface - Remove corresponding implementation in InMemoryApplicationCacheService - Continues cleanup of organization ability retrieval methods * Update CiphersControllerTests to include organization abilities retrieval - Add organization abilities retrieval in test setup for PutCollections_vNext method - Ensure consistent mocking of IApplicationCacheService in test scenarios * Update error message for missing organization ability --------- Co-authored-by: Jimmy Vo <huynhmaivo82@gmail.com> |
||
|---|---|---|
| .checkmarx | ||
| .config | ||
| .devcontainer | ||
| .git-hooks | ||
| .github | ||
| .run | ||
| .vscode | ||
| bitwarden_license | ||
| dev | ||
| perf | ||
| src | ||
| test | ||
| util | ||
| .dockerignore | ||
| .editorconfig | ||
| .git-blame-ignore-revs | ||
| .gitattributes | ||
| .gitignore | ||
| bitwarden-server.sln | ||
| CONTRIBUTING.md | ||
| Directory.Build.props | ||
| global.json | ||
| LICENSE_AGPL.txt | ||
| LICENSE_BITWARDEN.txt | ||
| LICENSE_FAQ.md | ||
| LICENSE.txt | ||
| README.md | ||
| SECURITY.md | ||
| TRADEMARK_GUIDELINES.md | ||
The Bitwarden Server project contains the APIs, database, and other core infrastructure items needed for the "backend" of all bitwarden client applications.
The server project is written in C# using .NET Core with ASP.NET Core. The database is written in T-SQL/SQL Server. The codebase can be developed, built, run, and deployed cross-platform on Windows, macOS, and Linux distributions.
Developer Documentation
Please refer to the Server Setup Guide in the Contributing Documentation for build instructions, recommended tooling, code style tips, and lots of other great information to get you started.
Deploy
You can deploy Bitwarden using Docker containers on Windows, macOS, and Linux distributions. Use the provided PowerShell and Bash scripts to get started quickly. Find all of the Bitwarden images on Docker Hub.
Full documentation for deploying Bitwarden with Docker can be found in our help center at: https://help.bitwarden.com/article/install-on-premise/
Requirements
- Docker
- Docker Compose (already included with some Docker installations)
These dependencies are free to use.
Linux & macOS
curl -s -L -o bitwarden.sh \
"https://func.bitwarden.com/api/dl/?app=self-host&platform=linux" \
&& chmod +x bitwarden.sh
./bitwarden.sh install
./bitwarden.sh start
Windows
Invoke-RestMethod -OutFile bitwarden.ps1 `
-Uri "https://func.bitwarden.com/api/dl/?app=self-host&platform=windows"
.\bitwarden.ps1 -install
.\bitwarden.ps1 -start
We're Hiring!
Interested in contributing in a big way? Consider joining our team! We're hiring for many positions. Please take a look at our Careers page to see what opportunities are currently open as well as what it's like to work at Bitwarden.
Contribute
Code contributions are welcome! Please commit any pull requests against the main branch. Learn more about how to contribute by reading the Contributing Guidelines. Check out the Contributing Documentation for how to get started with your first contribution.
Security audits and feedback are welcome. Please open an issue or email us privately if the report is sensitive in nature. You can read our security policy in the SECURITY.md file. We also run a program on HackerOne.
No grant of any rights in the trademarks, service marks, or logos of Bitwarden is made (except as may be necessary to comply with the notice requirements as applicable), and use of any Bitwarden trademarks must comply with Bitwarden Trademark Guidelines.
Dotnet-format
Consider installing our git pre-commit hook for automatic formatting.
git config --local core.hooksPath .git-hooks