bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2026-02-26 01:13:35 +00:00
Code Issues Releases Wiki Activity

[PM-32131] Add UseMyItems organization ability (#7014)

Browse Source 
Purpose: UseMyItems is a new organization ability / plan flag
which is automatically enabled where UsePolicies is enabled,
but can be selectively disabled to disable My Items creation
when the Organization Data Ownership policy is turned on.

- new organization table column with all sprocs and views updated
- data migration to enable the feature for all organizations that already use policies (replicating existing behaviour)
- data and api models updated
- added to organization license file so it can be preserved in self-hosted instances
- note that we don't have a plan feature defined for this yet, so it is set based on UsePolicies to match the migration logic. Billing Team have a ticket to add this
This commit is contained in:
Thomas Rittson
2026-02-25 12:52:28 +10:00
committed by GitHub
parent 8f54ac306c
commit e3c392badb
54 changed files with 22386 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
bitwarden_license/src/Commercial.Core/Billing/Providers/Services/BusinessUnitConverter.cs
View File

@@ -65,6 +65,7 @@ public class BusinessUnitConverter(
organization.MaxCollections = updatedPlan.PasswordManager.MaxCollections;
organization.MaxStorageGb = updatedPlan.PasswordManager.BaseStorageGb;
organization.UsePolicies = updatedPlan.HasPolicies;
organization.UseMyItems = updatedPlan.HasPolicies; // TODO: use the plan property when added (PM-32366)
organization.UseSso = updatedPlan.HasSso;
organization.UseOrganizationDomains = updatedPlan.HasOrganizationDomains;
organization.UseGroups = updatedPlan.HasGroups;

1
bitwarden_license/src/Commercial.Core/Billing/Providers/Services/ProviderBillingService.cs
View File

@@ -91,6 +91,7 @@ public class ProviderBillingService(
organization.MaxCollections = plan.PasswordManager.MaxCollections;
organization.MaxStorageGb = plan.PasswordManager.BaseStorageGb;
organization.UsePolicies = plan.HasPolicies;
organization.UseMyItems = plan.HasPolicies; // TODO: use the plan property when added (PM-32366)
organization.UseSso = plan.HasSso;
organization.UseOrganizationDomains = plan.HasOrganizationDomains;
organization.UseGroups = plan.HasGroups;

7
src/Admin/AdminConsole/Controllers/OrganizationsController.cs
View File

@@ -247,6 +247,12 @@ public class OrganizationsController : Controller
[SelfHosted(NotSelfHostedOnly = true)]
public async Task<IActionResult> Edit(Guid id, OrganizationEditModel model)
{
if (!ModelState.IsValid)
{
TempData["Error"] = ModelState.GetErrorMessage();
return RedirectToAction("Edit", new { id });
}
var organization = await _organizationRepository.GetByIdAsync(id);
if (organization == null)
@@ -564,6 +570,7 @@ public class OrganizationsController : Controller
organization.UseAutomaticUserConfirmation = model.UseAutomaticUserConfirmation;
organization.UseDisableSmAdsForUsers = model.UseDisableSmAdsForUsers;
organization.UsePhishingBlocker = model.UsePhishingBlocker;
organization.UseMyItems = model.UseMyItems;
//secrets
organization.SmSeats = model.SmSeats;

17
src/Admin/AdminConsole/Models/OrganizationEditModel.cs
View File

@@ -19,7 +19,7 @@ using Bit.SharedWeb.Utilities;
namespace Bit.Admin.AdminConsole.Models;
public class OrganizationEditModel : OrganizationViewModel
public class OrganizationEditModel : OrganizationViewModel, IValidatableObject
{
private readonly List<Plan> _plans;
@@ -109,6 +109,7 @@ public class OrganizationEditModel : OrganizationViewModel
UseAutomaticUserConfirmation = org.UseAutomaticUserConfirmation;
UseDisableSmAdsForUsers = org.UseDisableSmAdsForUsers;
UsePhishingBlocker = org.UsePhishingBlocker;
UseMyItems = org.UseMyItems;
_plans = plans;
}
@@ -202,6 +203,8 @@ public class OrganizationEditModel : OrganizationViewModel
[Display(Name = "Automatic User Confirmation")]
public bool UseAutomaticUserConfirmation { get; set; }
[Display(Name = "Create My Items for organization ownership")]
public bool UseMyItems { get; set; }
/**
* Creates a Plan[] object for use in Javascript
* This is mapped manually below to provide some type safety in case the plan objects change
@@ -335,6 +338,18 @@ public class OrganizationEditModel : OrganizationViewModel
existingOrganization.UseOrganizationDomains = UseOrganizationDomains;
existingOrganization.UseDisableSmAdsForUsers = UseDisableSmAdsForUsers;
existingOrganization.UsePhishingBlocker = UsePhishingBlocker;
existingOrganization.UseMyItems = UseMyItems;
return existingOrganization;
}
public IEnumerable<ValidationResult> Validate(ValidationContext validationContext)
{
if (UseMyItems && !UsePolicies)
{
var displayName = nameof(UseMyItems).GetDisplayAttribute<OrganizationEditModel>()?.GetName() ?? nameof(UseMyItems);
yield return new ValidationResult(
$"The {displayName} feature requires Policies to be enabled.",
[nameof(UseMyItems)]);
}
}
}

4
src/Admin/AdminConsole/Views/Shared/_OrganizationForm.cshtml
View File

@@ -178,6 +178,10 @@
<input type="checkbox" class="form-check-input" asp-for="UsersGetPremium" disabled='@(canEditPlan ? null : "disabled")'>
<label class="form-check-label" asp-for="UsersGetPremium"></label>
</div>
<div class="form-check">
<input type="checkbox" class="form-check-input" asp-for="UseMyItems" disabled='@(canEditPlan ? null : "disabled")'>
<label class="form-check-label" asp-for="UseMyItems"></label>
</div>
</div>
<div class="col-3">
<h3>Secrets Manager</h3>

4
src/Admin/AdminConsole/Views/Shared/_OrganizationFormScripts.cshtml
View File

@@ -62,8 +62,8 @@
console.log(plan);
// General features
document.getElementById('@(nameof(Model.SelfHost))').checked = plan.hasSelfHost;
document.getElementById('@(nameof(Model.Use2fa))').checked = plan.has2fa;
document.getElementById('@(nameof(Model.UseApi))').checked = plan.hasApi;
document.getElementById('@(nameof(Model.UseGroups))').checked = plan.hasGroups;
@@ -77,8 +77,10 @@
document.getElementById('@(nameof(Model.UseCustomPermissions))').checked = plan.hasCustomPermissions;
// use key connector is intentionally omitted
// Password Manager features
document.getElementById('@(nameof(Model.UseTotp))').checked = plan.hasTotp;
document.getElementById('@(nameof(Model.UsersGetPremium))').checked = plan.usersGetPremium;
document.getElementById('@(nameof(Model.UseMyItems))').checked = plan.hasPolicies; // TODO: use the plan property when added (PM-32366)
document.getElementById('@(nameof(Model.MaxStorageGb))').value =
document.getElementById('@(nameof(Model.MaxStorageGb))').value ||

2
src/Api/AdminConsole/Models/Response/BaseProfileOrganizationResponseModel.cs
View File

@@ -51,6 +51,7 @@ public abstract class BaseProfileOrganizationResponseModel : ResponseModel
UsePhishingBlocker = organizationDetails.UsePhishingBlocker;
UseDisableSMAdsForUsers = organizationDetails.UseDisableSMAdsForUsers;
UsePasswordManager = organizationDetails.UsePasswordManager;
UseMyItems = organizationDetails.UseMyItems;
SelfHost = organizationDetails.SelfHost;
Seats = organizationDetails.Seats;
MaxCollections = organizationDetails.MaxCollections;
@@ -104,6 +105,7 @@ public abstract class BaseProfileOrganizationResponseModel : ResponseModel
public bool UseAutomaticUserConfirmation { get; set; }
public bool UseDisableSMAdsForUsers { get; set; }
public bool UsePhishingBlocker { get; set; }
public bool UseMyItems { get; set; }
public bool SelfHost { get; set; }
public int? Seats { get; set; }
public short? MaxCollections { get; set; }

2
src/Api/AdminConsole/Models/Response/Organizations/OrganizationResponseModel.cs
View File

@@ -76,6 +76,7 @@ public class OrganizationResponseModel : ResponseModel
UseAutomaticUserConfirmation = organization.UseAutomaticUserConfirmation;
UseDisableSmAdsForUsers = organization.UseDisableSmAdsForUsers;
UsePhishingBlocker = organization.UsePhishingBlocker;
UseMyItems = organization.UseMyItems;
}
public Guid Id { get; set; }
@@ -127,6 +128,7 @@ public class OrganizationResponseModel : ResponseModel
public bool UseAutomaticUserConfirmation { get; set; }
public bool UseDisableSmAdsForUsers { get; set; }
public bool UsePhishingBlocker { get; set; }
public bool UseMyItems { get; set; }
}
public class OrganizationSubscriptionResponseModel : OrganizationResponseModel

7
src/Core/AdminConsole/Entities/Organization.cs
View File

@@ -144,6 +144,12 @@ public class Organization : ITableObject<Guid>, IStorableSubscriber, IRevisable
/// </summary>
public bool UsePhishingBlocker { get; set; }
/// <summary>
/// If set to true, My Items collections will be created automatically when the Organization Data Ownership
/// policy is enabled.
/// </summary>
public bool UseMyItems { get; set; }
public void SetNewId()
{
if (Id == default(Guid))
@@ -324,6 +330,7 @@ public class Organization : ITableObject<Guid>, IStorableSubscriber, IRevisable
Use2fa = license.Use2fa;
UseApi = license.UseApi;
UsePolicies = license.UsePolicies;
UseMyItems = license.UseMyItems;
UseSso = license.UseSso;
UseKeyConnector = license.UseKeyConnector;
UseScim = license.UseScim;

1
src/Core/AdminConsole/Models/Data/IProfileOrganizationDetails.cs
View File

@@ -56,4 +56,5 @@ public interface IProfileOrganizationDetails
bool UseDisableSMAdsForUsers { get; set; }
bool UsePhishingBlocker { get; set; }
bool UseMyItems { get; set; }
}

1
src/Core/AdminConsole/Models/Data/Organizations/OrganizationUsers/OrganizationUserOrganizationDetails.cs
View File

@@ -67,4 +67,5 @@ public class OrganizationUserOrganizationDetails : IProfileOrganizationDetails
public bool UseAutomaticUserConfirmation { get; set; }
public bool UseDisableSMAdsForUsers { get; set; }
public bool UsePhishingBlocker { get; set; }
public bool UseMyItems { get; set; }
}

1
src/Core/AdminConsole/Models/Data/Organizations/SelfHostedOrganizationDetails.cs
View File

@@ -159,6 +159,7 @@ public class SelfHostedOrganizationDetails : Organization
UsePhishingBlocker = UsePhishingBlocker,
UseOrganizationDomains = UseOrganizationDomains,
UseAutomaticUserConfirmation = UseAutomaticUserConfirmation,
UseMyItems = UseMyItems,
};
}
}

1
src/Core/AdminConsole/Models/Data/Provider/ProviderUserOrganizationDetails.cs
View File

@@ -58,4 +58,5 @@ public class ProviderUserOrganizationDetails : IProfileOrganizationDetails
public string? ResetPasswordKey { get; set; }
public bool UseDisableSMAdsForUsers { get; set; }
public bool UsePhishingBlocker { get; set; }
public bool UseMyItems { get; set; }
}

2
src/Core/AdminConsole/OrganizationFeatures/OrganizationAbility/OrganizationAbility.cs
View File

@@ -31,6 +31,7 @@ public class OrganizationAbility
UseAutomaticUserConfirmation = organization.UseAutomaticUserConfirmation;
UseDisableSmAdsForUsers = organization.UseDisableSmAdsForUsers;
UsePhishingBlocker = organization.UsePhishingBlocker;
UseMyItems = organization.UseMyItems;
}
public Guid Id { get; set; }
@@ -55,4 +56,5 @@ public class OrganizationAbility
public bool UseAutomaticUserConfirmation { get; set; }
public bool UseDisableSmAdsForUsers { get; set; }
public bool UsePhishingBlocker { get; set; }
public bool UseMyItems { get; set; }
}

1
src/Core/AdminConsole/OrganizationFeatures/Organizations/CloudOrganizationSignUpCommand.cs
View File

@@ -82,6 +82,7 @@ public class CloudOrganizationSignUpCommand(
MaxCollections = plan.PasswordManager.MaxCollections,
MaxStorageGb = (short)(plan.PasswordManager.BaseStorageGb + signup.AdditionalStorageGb),
UsePolicies = plan.HasPolicies,
UseMyItems = plan.HasPolicies, // TODO: use the plan property when added (PM-32366)
UseSso = plan.HasSso,
UseGroups = plan.HasGroups,
UseEvents = plan.HasEvents,

1
src/Core/AdminConsole/OrganizationFeatures/Organizations/ProviderClientOrganizationSignUpCommand.cs
View File

@@ -75,6 +75,7 @@ public class ProviderClientOrganizationSignUpCommand : IProviderClientOrganizati
MaxCollections = plan.PasswordManager.MaxCollections,
MaxStorageGb = plan.PasswordManager.BaseStorageGb,
UsePolicies = plan.HasPolicies,
UseMyItems = plan.HasPolicies, // TODO: use the plan property when added (PM-32366)
UseSso = plan.HasSso,
UseOrganizationDomains = plan.HasOrganizationDomains,
UseGroups = plan.HasGroups,

2
src/Core/AdminConsole/Services/OrganizationFactory.cs
View File

@@ -65,6 +65,7 @@ public static class OrganizationFactory
UseDisableSmAdsForUsers =
claimsPrincipal.GetValue<bool>(OrganizationLicenseConstants.UseDisableSmAdsForUsers),
UsePhishingBlocker = claimsPrincipal.GetValue<bool>(OrganizationLicenseConstants.UsePhishingBlocker),
UseMyItems = claimsPrincipal.GetValue<bool>(OrganizationLicenseConstants.UseMyItems),
};
public static Organization Create(
@@ -117,5 +118,6 @@ public static class OrganizationFactory
UseAutomaticUserConfirmation = license.UseAutomaticUserConfirmation,
UseDisableSmAdsForUsers = license.UseDisableSmAdsForUsers,
UsePhishingBlocker = license.UsePhishingBlocker,
UseMyItems = license.UseMyItems,
};
}

1
src/Core/Billing/Licenses/LicenseConstants.cs
View File

@@ -46,6 +46,7 @@ public static class OrganizationLicenseConstants
public const string UseAutomaticUserConfirmation = nameof(UseAutomaticUserConfirmation);
public const string UseDisableSmAdsForUsers = nameof(UseDisableSmAdsForUsers);
public const string UsePhishingBlocker = nameof(UsePhishingBlocker);
public const string UseMyItems = nameof(UseMyItems);
}
public static class UserLicenseConstants

1
src/Core/Billing/Licenses/Services/Implementations/OrganizationLicenseClaimsFactory.cs
View File

@@ -59,6 +59,7 @@ public class OrganizationLicenseClaimsFactory : ILicenseClaimsFactory<Organizati
new(nameof(OrganizationLicenseConstants.UseAutomaticUserConfirmation), entity.UseAutomaticUserConfirmation.ToString()),
new(nameof(OrganizationLicenseConstants.UseDisableSmAdsForUsers), entity.UseDisableSmAdsForUsers.ToString()),
new(nameof(OrganizationLicenseConstants.UsePhishingBlocker), entity.UsePhishingBlocker.ToString()),
new(nameof(OrganizationLicenseConstants.UseMyItems), entity.UseMyItems.ToString()),
};
if (entity.Name is not null)

1
src/Core/Billing/Organizations/Commands/UpdateOrganizationLicenseCommand.cs
View File

@@ -88,6 +88,7 @@ public class UpdateOrganizationLicenseCommand : IUpdateOrganizationLicenseComman
license.UseAutomaticUserConfirmation = claimsPrincipal.GetValue<bool>(OrganizationLicenseConstants.UseAutomaticUserConfirmation);
license.UseDisableSmAdsForUsers = claimsPrincipal.GetValue<bool>(OrganizationLicenseConstants.UseDisableSmAdsForUsers);
license.UsePhishingBlocker = claimsPrincipal.GetValue<bool>(OrganizationLicenseConstants.UsePhishingBlocker);
license.UseMyItems = claimsPrincipal.GetValue<bool>(OrganizationLicenseConstants.UseMyItems);
license.MaxStorageGb = claimsPrincipal.GetValue<short?>(OrganizationLicenseConstants.MaxStorageGb);
license.InstallationId = claimsPrincipal.GetValue<Guid>(OrganizationLicenseConstants.InstallationId);
license.LicenseType = claimsPrincipal.GetValue<LicenseType>(OrganizationLicenseConstants.LicenseType);

8
src/Core/Billing/Organizations/Models/OrganizationLicense.cs
View File

@@ -156,6 +156,7 @@ public class OrganizationLicense : ILicense
public bool UseAdminSponsoredFamilies { get; set; }
public bool UseAutomaticUserConfirmation { get; set; }
public bool UseDisableSmAdsForUsers { get; set; }
public bool UseMyItems { get; set; }
public string Hash { get; set; }
public string Signature { get; set; }
public string Token { get; set; }
@@ -232,7 +233,8 @@ public class OrganizationLicense : ILicense
!p.Name.Equals(nameof(UseOrganizationDomains)) &&
!p.Name.Equals(nameof(UseAutomaticUserConfirmation)) &&
!p.Name.Equals(nameof(UseDisableSmAdsForUsers)) &&
!p.Name.Equals(nameof(UsePhishingBlocker)))
!p.Name.Equals(nameof(UsePhishingBlocker)) &&
!p.Name.Equals(nameof(UseMyItems)))
.OrderBy(p => p.Name)
.Select(p => $"{p.Name}:{Core.Utilities.CoreHelpers.FormatLicenseSignatureValue(p.GetValue(this, null))}")
.Aggregate((c, n) => $"{c}|{n}");
@@ -428,6 +430,7 @@ public class OrganizationLicense : ILicense
var useOrganizationDomains = claimsPrincipal.GetValue<bool>(nameof(UseOrganizationDomains));
var useAutomaticUserConfirmation = claimsPrincipal.GetValue<bool>(nameof(UseAutomaticUserConfirmation));
var useDisableSmAdsForUsers = claimsPrincipal.GetValue<bool>(nameof(UseDisableSmAdsForUsers));
var useMyItems = claimsPrincipal.GetValue<bool>(nameof(UseMyItems));
var claimedPlanType = claimsPrincipal.GetValue<PlanType>(nameof(PlanType));
@@ -465,7 +468,8 @@ public class OrganizationLicense : ILicense
useAdminSponsoredFamilies == organization.UseAdminSponsoredFamilies &&
useOrganizationDomains == organization.UseOrganizationDomains &&
useAutomaticUserConfirmation == organization.UseAutomaticUserConfirmation &&
useDisableSmAdsForUsers == organization.UseDisableSmAdsForUsers;
useDisableSmAdsForUsers == organization.UseDisableSmAdsForUsers &&
useMyItems == organization.UseMyItems;
}

1
src/Core/Billing/Premium/Commands/UpgradePremiumToOrganizationCommand.cs
View File

@@ -148,6 +148,7 @@ public class UpgradePremiumToOrganizationCommand(
MaxCollections = targetPlan.PasswordManager.MaxCollections,
MaxStorageGb = targetPlan.PasswordManager.BaseStorageGb,
UsePolicies = targetPlan.HasPolicies,
UseMyItems = targetPlan.HasPolicies, // TODO: use the plan property when added (PM-32366)
UseSso = targetPlan.HasSso,
UseGroups = targetPlan.HasGroups,
UseEvents = targetPlan.HasEvents,

1
src/Core/Billing/Subscriptions/Commands/RestartSubscriptionCommand.cs
View File

@@ -82,6 +82,7 @@ public class RestartSubscriptionCommand(
organization.Plan = newPlan.Name;
organization.SelfHost = newPlan.HasSelfHost;
organization.UsePolicies = newPlan.HasPolicies;
organization.UseMyItems = newPlan.HasPolicies; // TODO: use the plan property when added (PM-32366)
organization.UseGroups = newPlan.HasGroups;
organization.UseDirectory = newPlan.HasDirectory;
organization.UseEvents = newPlan.HasEvents;

1
src/Core/OrganizationFeatures/OrganizationSubscriptions/UpgradeOrganizationPlanCommand.cs
View File

@@ -259,6 +259,7 @@ public class UpgradeOrganizationPlanCommand : IUpgradeOrganizationPlanCommand
organization.UseApi = newPlan.HasApi;
organization.SelfHost = newPlan.HasSelfHost;
organization.UsePolicies = newPlan.HasPolicies;
organization.UseMyItems = newPlan.HasPolicies; // TODO: use the plan property when added (PM-32366)
organization.MaxStorageGb = (short)(newPlan.PasswordManager.BaseStorageGb + upgrade.AdditionalStorageGb);
organization.UseSso = newPlan.HasSso;
organization.UseOrganizationDomains = newPlan.HasOrganizationDomains;

3
src/Infrastructure.EntityFramework/AdminConsole/Repositories/OrganizationRepository.cs
View File

@@ -139,7 +139,8 @@ public class OrganizationRepository : Repository<Core.AdminConsole.Entities.Orga
UseAdminSponsoredFamilies = e.UseAdminSponsoredFamilies,
UseAutomaticUserConfirmation = e.UseAutomaticUserConfirmation,
UseDisableSmAdsForUsers = e.UseDisableSmAdsForUsers,
UsePhishingBlocker = e.UsePhishingBlocker
UsePhishingBlocker = e.UsePhishingBlocker,
UseMyItems = e.UseMyItems
}).ToListAsync();
}
}

3
src/Infrastructure.EntityFramework/AdminConsole/Repositories/Queries/OrganizationUserOrganizationDetailsViewQuery.cs
View File

@@ -76,7 +76,8 @@ public class OrganizationUserOrganizationDetailsViewQuery : IQuery<OrganizationU
UseOrganizationDomains = o.UseOrganizationDomains,
UseAutomaticUserConfirmation = o.UseAutomaticUserConfirmation,
UseDisableSMAdsForUsers = o.UseDisableSmAdsForUsers,
UsePhishingBlocker = o.UsePhishingBlocker
UsePhishingBlocker = o.UsePhishingBlocker,
UseMyItems = o.UseMyItems
};
return query;
}

3
src/Infrastructure.EntityFramework/AdminConsole/Repositories/Queries/ProviderUserOrganizationDetailsViewQuery.cs
View File

@@ -62,7 +62,8 @@ public class ProviderUserOrganizationDetailsViewQuery : IQuery<ProviderUserOrgan
SsoEnabled = x.ss.Enabled,
SsoConfig = x.ss.Data,
UseDisableSMAdsForUsers = x.o.UseDisableSmAdsForUsers,
UsePhishingBlocker = x.o.UsePhishingBlocker
UsePhishingBlocker = x.o.UsePhishingBlocker,
UseMyItems = x.o.UseMyItems
});
}
}

9
src/Sql/dbo/Stored Procedures/Organization_Create.sql
View File

@@ -61,7 +61,8 @@ CREATE PROCEDURE [dbo].[Organization_Create]
@SyncSeats BIT = 0,
@UseAutomaticUserConfirmation BIT = 0,
@UsePhishingBlocker BIT = 0,
@UseDisableSmAdsForUsers BIT = 0
@UseDisableSmAdsForUsers BIT = 0,
@UseMyItems BIT = 0
AS
BEGIN
SET NOCOUNT ON
@@ -131,7 +132,8 @@ BEGIN
[UseAutomaticUserConfirmation],
[UsePhishingBlocker],
[MaxStorageGbIncreased],
[UseDisableSmAdsForUsers]
[UseDisableSmAdsForUsers],
[UseMyItems]
)
VALUES
(
@@ -198,6 +200,7 @@ BEGIN
@UseAutomaticUserConfirmation,
@UsePhishingBlocker,
@MaxStorageGb,
@UseDisableSmAdsForUsers
@UseDisableSmAdsForUsers,
@UseMyItems
);
END

5
src/Sql/dbo/Stored Procedures/Organization_ReadAbilities.sql
View File

@@ -28,9 +28,10 @@ BEGIN
[LimitItemDeletion],
[UseOrganizationDomains],
[UseAdminSponsoredFamilies],
[UseAutomaticUserConfirmation],
[UseAutomaticUserConfirmation],
[UsePhishingBlocker],
[UseDisableSmAdsForUsers]
[UseDisableSmAdsForUsers],
[UseMyItems]
FROM
[dbo].[Organization]
END

6
src/Sql/dbo/Stored Procedures/Organization_Update.sql
View File

@@ -61,7 +61,8 @@ CREATE PROCEDURE [dbo].[Organization_Update]
@SyncSeats BIT = 0,
@UseAutomaticUserConfirmation BIT = 0,
@UsePhishingBlocker BIT = 0,
@UseDisableSmAdsForUsers BIT = 0
@UseDisableSmAdsForUsers BIT = 0,
@UseMyItems BIT = 0
AS
BEGIN
SET NOCOUNT ON
@@ -131,7 +132,8 @@ BEGIN
[UseAutomaticUserConfirmation] = @UseAutomaticUserConfirmation,
[UsePhishingBlocker] = @UsePhishingBlocker,
[MaxStorageGbIncreased] = @MaxStorageGb,
[UseDisableSmAdsForUsers] = @UseDisableSmAdsForUsers
[UseDisableSmAdsForUsers] = @UseDisableSmAdsForUsers,
[UseMyItems] = @UseMyItems
WHERE
[Id] = @Id;
END

1
src/Sql/dbo/Tables/Organization.sql
View File

@@ -63,6 +63,7 @@ CREATE TABLE [dbo].[Organization] (
[MaxStorageGbIncreased] SMALLINT NULL,
[UsePhishingBlocker] BIT NOT NULL CONSTRAINT [DF_Organization_UsePhishingBlocker] DEFAULT (0),
[UseDisableSmAdsForUsers] BIT NOT NULL CONSTRAINT [DF_Organization_UseDisableSmAdsForUsers] DEFAULT (0),
[UseMyItems] BIT NOT NULL CONSTRAINT [DF_Organization_UseMyItems] DEFAULT (0),
CONSTRAINT [PK_Organization] PRIMARY KEY CLUSTERED ([Id] ASC)
);

3
src/Sql/dbo/Views/OrganizationUserOrganizationDetailsView.sql
View File

@@ -57,7 +57,8 @@ SELECT
OS.[IsAdminInitiated],
O.[UseAutomaticUserConfirmation],
O.[UsePhishingBlocker],
O.[UseDisableSmAdsForUsers]
O.[UseDisableSmAdsForUsers],
O.[UseMyItems]
FROM
[dbo].[OrganizationUser] OU
LEFT JOIN

3
src/Sql/dbo/Views/OrganizationView.sql
View File

@@ -63,6 +63,7 @@ SELECT
[SyncSeats],
[UseAutomaticUserConfirmation],
[UsePhishingBlocker],
[UseDisableSmAdsForUsers]
[UseDisableSmAdsForUsers],
[UseMyItems]
FROM
[dbo].[Organization]

3
src/Sql/dbo/Views/ProviderUserProviderOrganizationDetailsView.sql
View File

@@ -46,7 +46,8 @@ SELECT
SS.[Enabled] SsoEnabled,
SS.[Data] SsoConfig,
O.[UsePhishingBlocker],
O.[UseDisableSmAdsForUsers]
O.[UseDisableSmAdsForUsers],
O.[UseMyItems]
FROM
[dbo].[ProviderUser] PU
INNER JOIN

1
test/Core.Test/Billing/Models/Business/OrganizationLicenseTests.cs
View File

@@ -216,6 +216,7 @@ If you believe you need to change the version for a valid reason, please discuss
UseAdminSponsoredFamilies = false,
UseDisableSmAdsForUsers = false,
UsePhishingBlocker = false,
UseMyItems = false,
};
}

9
test/Core.Test/Billing/Organizations/Commands/UpdateOrganizationLicenseCommandTests.cs
View File

@@ -92,8 +92,7 @@ public class UpdateOrganizationLicenseCommandTests
"Id", "MaxStorageGb", "Issued", "Refresh", "Version", "Trial", "LicenseType",
"Hash", "Signature", "SignatureBytes", "InstallationId", "Expires",
"ExpirationWithoutGracePeriod", "Token", "LimitCollectionCreationDeletion",
"LimitCollectionCreation", "LimitCollectionDeletion", "AllowAdminAccessToAllCollectionItems",
"UseOrganizationDomains", "UseAdminSponsoredFamilies", "UseAutomaticUserConfirmation", "UsePhishingBlocker", "UseDisableSmAdsForUsers") &&
"LimitCollectionCreation", "LimitCollectionDeletion", "AllowAdminAccessToAllCollectionItems") &&
// Same property but different name, use explicit mapping
org.ExpirationDate == license.Expires));
}
@@ -169,7 +168,8 @@ public class UpdateOrganizationLicenseCommandTests
new(OrganizationLicenseConstants.ExpirationWithoutGracePeriod, DateTime.Now.AddMonths(12).ToString("O")),
new(OrganizationLicenseConstants.Trial, "false"),
new(OrganizationLicenseConstants.LimitCollectionCreationDeletion, "true"),
new(OrganizationLicenseConstants.AllowAdminAccessToAllCollectionItems, "true")
new(OrganizationLicenseConstants.AllowAdminAccessToAllCollectionItems, "true"),
new(OrganizationLicenseConstants.UseMyItems, "true")
};
var claimsPrincipal = new ClaimsPrincipal(new ClaimsIdentity(claims));
@@ -236,7 +236,8 @@ public class UpdateOrganizationLicenseCommandTests
org.UseAdminSponsoredFamilies == true &&
org.UseAutomaticUserConfirmation == true &&
org.UseDisableSmAdsForUsers == true &&
org.UsePhishingBlocker == true));
org.UsePhishingBlocker == true &&
org.UseMyItems));
}
finally
{

76
test/Infrastructure.IntegrationTest/AdminConsole/Migrations/UseMyItemsDataMigrationTests.cs Normal file
View File

@@ -0,0 +1,76 @@
using Bit.Core.AdminConsole.Entities;
using Bit.Core.Repositories;
using Bit.Infrastructure.IntegrationTest.Services;
using Xunit;
namespace Bit.Infrastructure.IntegrationTest.AdminConsole.Migrations;
public class UseMyItemsDataMigrationTests
{
private const string _migrationName = "UseMyItemsDataMigration";
[Theory, DatabaseData(MigrationName = _migrationName)]
public async Task Migration_WithUsePoliciesEnabled_SetsUseMyItemsToTrue(
IOrganizationRepository organizationRepository,
IMigrationTesterService migrationTester)
{
// Arrange
var organization = await SetupOrganization(organizationRepository, usePolicies: true);
// Verify initial state
Assert.True(organization.UsePolicies);
Assert.False(organization.UseMyItems);
// Act
migrationTester.ApplyMigration();
// Assert
var migratedOrganization = await organizationRepository.GetByIdAsync(organization.Id);
Assert.NotNull(migratedOrganization);
Assert.True(migratedOrganization.UsePolicies);
Assert.True(migratedOrganization.UseMyItems);
}
[Theory, DatabaseData(MigrationName = _migrationName)]
public async Task Migration_WithUsePoliciesDisabled_LeavesUseMyItemsFalse(
IOrganizationRepository organizationRepository,
IMigrationTesterService migrationTester)
{
// Arrange
var organization = await SetupOrganization(organizationRepository, usePolicies: false);
// Verify initial state
Assert.False(organization.UsePolicies);
Assert.False(organization.UseMyItems);
// Act
migrationTester.ApplyMigration();
// Assert
var migratedOrganization = await organizationRepository.GetByIdAsync(organization.Id);
Assert.NotNull(migratedOrganization);
Assert.False(migratedOrganization.UsePolicies);
Assert.False(migratedOrganization.UseMyItems);
}
/// <summary>
/// Helper method to create a test organization with specified UsePolicies value.
/// UseMyItems is always initialized to false to simulate pre-migration state.
/// </summary>
private static async Task<Organization> SetupOrganization(
IOrganizationRepository organizationRepository,
bool usePolicies,
string identifier = "test")
{
// CreateTestOrganizationAsync sets UsePolicies = true by default
var organization = await organizationRepository.CreateTestOrganizationAsync(identifier: identifier);
// Override to test both true and false scenarios
organization.UsePolicies = usePolicies;
organization.UseMyItems = false; // Simulate pre-migration state
await organizationRepository.ReplaceAsync(organization);
return organization;
}
}

621
util/Migrator/DbScripts/2026-02-24_00_AddUseMyItemsToOrganization.sql Normal file
View File

@@ -0,0 +1,621 @@
-- Add UseMyItems column to Organization table
IF COL_LENGTH('[dbo].[Organization]', 'UseMyItems') IS NULL
BEGIN
ALTER TABLE [dbo].[Organization]
ADD [UseMyItems] BIT NOT NULL CONSTRAINT [DF_Organization_UseMyItems] DEFAULT (0);
END
GO
-- Update Organization_Create stored procedure to include UseMyItems
CREATE OR ALTER PROCEDURE [dbo].[Organization_Create]
@Id UNIQUEIDENTIFIER OUTPUT,
@Identifier NVARCHAR(50),
@Name NVARCHAR(50),
@BusinessName NVARCHAR(50),
@BusinessAddress1 NVARCHAR(50),
@BusinessAddress2 NVARCHAR(50),
@BusinessAddress3 NVARCHAR(50),
@BusinessCountry VARCHAR(2),
@BusinessTaxNumber NVARCHAR(30),
@BillingEmail NVARCHAR(256),
@Plan NVARCHAR(50),
@PlanType TINYINT,
@Seats INT,
@MaxCollections SMALLINT,
@UsePolicies BIT,
@UseSso BIT,
@UseGroups BIT,
@UseDirectory BIT,
@UseEvents BIT,
@UseTotp BIT,
@Use2fa BIT,
@UseApi BIT,
@UseResetPassword BIT,
@SelfHost BIT,
@UsersGetPremium BIT,
@Storage BIGINT,
@MaxStorageGb SMALLINT,
@Gateway TINYINT,
@GatewayCustomerId VARCHAR(50),
@GatewaySubscriptionId VARCHAR(50),
@ReferenceData VARCHAR(MAX),
@Enabled BIT,
@LicenseKey VARCHAR(100),
@PublicKey VARCHAR(MAX),
@PrivateKey VARCHAR(MAX),
@TwoFactorProviders NVARCHAR(MAX),
@ExpirationDate DATETIME2(7),
@CreationDate DATETIME2(7),
@RevisionDate DATETIME2(7),
@OwnersNotifiedOfAutoscaling DATETIME2(7),
@MaxAutoscaleSeats INT,
@UseKeyConnector BIT = 0,
@UseScim BIT = 0,
@UseCustomPermissions BIT = 0,
@UseSecretsManager BIT = 0,
@Status TINYINT = 0,
@UsePasswordManager BIT = 1,
@SmSeats INT = null,
@SmServiceAccounts INT = null,
@MaxAutoscaleSmSeats INT= null,
@MaxAutoscaleSmServiceAccounts INT = null,
@SecretsManagerBeta BIT = 0,
@LimitCollectionCreation BIT = NULL,
@LimitCollectionDeletion BIT = NULL,
@AllowAdminAccessToAllCollectionItems BIT = 0,
@UseRiskInsights BIT = 0,
@LimitItemDeletion BIT = 0,
@UseOrganizationDomains BIT = 0,
@UseAdminSponsoredFamilies BIT = 0,
@SyncSeats BIT = 0,
@UseAutomaticUserConfirmation BIT = 0,
@UsePhishingBlocker BIT = 0,
@UseDisableSmAdsForUsers BIT = 0,
@UseMyItems BIT = 0
AS
BEGIN
SET NOCOUNT ON
INSERT INTO [dbo].[Organization]
(
[Id],
[Identifier],
[Name],
[BusinessName],
[BusinessAddress1],
[BusinessAddress2],
[BusinessAddress3],
[BusinessCountry],
[BusinessTaxNumber],
[BillingEmail],
[Plan],
[PlanType],
[Seats],
[MaxCollections],
[UsePolicies],
[UseSso],
[UseGroups],
[UseDirectory],
[UseEvents],
[UseTotp],
[Use2fa],
[UseApi],
[UseResetPassword],
[SelfHost],
[UsersGetPremium],
[Storage],
[MaxStorageGb],
[Gateway],
[GatewayCustomerId],
[GatewaySubscriptionId],
[ReferenceData],
[Enabled],
[LicenseKey],
[PublicKey],
[PrivateKey],
[TwoFactorProviders],
[ExpirationDate],
[CreationDate],
[RevisionDate],
[OwnersNotifiedOfAutoscaling],
[MaxAutoscaleSeats],
[UseKeyConnector],
[UseScim],
[UseCustomPermissions],
[UseSecretsManager],
[Status],
[UsePasswordManager],
[SmSeats],
[SmServiceAccounts],
[MaxAutoscaleSmSeats],
[MaxAutoscaleSmServiceAccounts],
[SecretsManagerBeta],
[LimitCollectionCreation],
[LimitCollectionDeletion],
[AllowAdminAccessToAllCollectionItems],
[UseRiskInsights],
[LimitItemDeletion],
[UseOrganizationDomains],
[UseAdminSponsoredFamilies],
[SyncSeats],
[UseAutomaticUserConfirmation],
[UsePhishingBlocker],
[MaxStorageGbIncreased],
[UseDisableSmAdsForUsers],
[UseMyItems]
)
VALUES
(
@Id,
@Identifier,
@Name,
@BusinessName,
@BusinessAddress1,
@BusinessAddress2,
@BusinessAddress3,
@BusinessCountry,
@BusinessTaxNumber,
@BillingEmail,
@Plan,
@PlanType,
@Seats,
@MaxCollections,
@UsePolicies,
@UseSso,
@UseGroups,
@UseDirectory,
@UseEvents,
@UseTotp,
@Use2fa,
@UseApi,
@UseResetPassword,
@SelfHost,
@UsersGetPremium,
@Storage,
@MaxStorageGb,
@Gateway,
@GatewayCustomerId,
@GatewaySubscriptionId,
@ReferenceData,
@Enabled,
@LicenseKey,
@PublicKey,
@PrivateKey,
@TwoFactorProviders,
@ExpirationDate,
@CreationDate,
@RevisionDate,
@OwnersNotifiedOfAutoscaling,
@MaxAutoscaleSeats,
@UseKeyConnector,
@UseScim,
@UseCustomPermissions,
@UseSecretsManager,
@Status,
@UsePasswordManager,
@SmSeats,
@SmServiceAccounts,
@MaxAutoscaleSmSeats,
@MaxAutoscaleSmServiceAccounts,
@SecretsManagerBeta,
@LimitCollectionCreation,
@LimitCollectionDeletion,
@AllowAdminAccessToAllCollectionItems,
@UseRiskInsights,
@LimitItemDeletion,
@UseOrganizationDomains,
@UseAdminSponsoredFamilies,
@SyncSeats,
@UseAutomaticUserConfirmation,
@UsePhishingBlocker,
@MaxStorageGb,
@UseDisableSmAdsForUsers,
@UseMyItems
);
END
GO
-- Update Organization_Update stored procedure to include UseMyItems
CREATE OR ALTER PROCEDURE [dbo].[Organization_Update]
@Id UNIQUEIDENTIFIER,
@Identifier NVARCHAR(50),
@Name NVARCHAR(50),
@BusinessName NVARCHAR(50),
@BusinessAddress1 NVARCHAR(50),
@BusinessAddress2 NVARCHAR(50),
@BusinessAddress3 NVARCHAR(50),
@BusinessCountry VARCHAR(2),
@BusinessTaxNumber NVARCHAR(30),
@BillingEmail NVARCHAR(256),
@Plan NVARCHAR(50),
@PlanType TINYINT,
@Seats INT,
@MaxCollections SMALLINT,
@UsePolicies BIT,
@UseSso BIT,
@UseGroups BIT,
@UseDirectory BIT,
@UseEvents BIT,
@UseTotp BIT,
@Use2fa BIT,
@UseApi BIT,
@UseResetPassword BIT,
@SelfHost BIT,
@UsersGetPremium BIT,
@Storage BIGINT,
@MaxStorageGb SMALLINT,
@Gateway TINYINT,
@GatewayCustomerId VARCHAR(50),
@GatewaySubscriptionId VARCHAR(50),
@ReferenceData VARCHAR(MAX),
@Enabled BIT,
@LicenseKey VARCHAR(100),
@PublicKey VARCHAR(MAX),
@PrivateKey VARCHAR(MAX),
@TwoFactorProviders NVARCHAR(MAX),
@ExpirationDate DATETIME2(7),
@CreationDate DATETIME2(7),
@RevisionDate DATETIME2(7),
@OwnersNotifiedOfAutoscaling DATETIME2(7),
@MaxAutoscaleSeats INT,
@UseKeyConnector BIT = 0,
@UseScim BIT = 0,
@UseCustomPermissions BIT = 0,
@UseSecretsManager BIT = 0,
@Status TINYINT = 0,
@UsePasswordManager BIT = 1,
@SmSeats INT = null,
@SmServiceAccounts INT = null,
@MaxAutoscaleSmSeats INT = null,
@MaxAutoscaleSmServiceAccounts INT = null,
@SecretsManagerBeta BIT = 0,
@LimitCollectionCreation BIT = null,
@LimitCollectionDeletion BIT = null,
@AllowAdminAccessToAllCollectionItems BIT = 0,
@UseRiskInsights BIT = 0,
@LimitItemDeletion BIT = 0,
@UseOrganizationDomains BIT = 0,
@UseAdminSponsoredFamilies BIT = 0,
@SyncSeats BIT = 0,
@UseAutomaticUserConfirmation BIT = 0,
@UsePhishingBlocker BIT = 0,
@UseDisableSmAdsForUsers BIT = 0,
@UseMyItems BIT = 0
AS
BEGIN
SET NOCOUNT ON
UPDATE
[dbo].[Organization]
SET
[Identifier] = @Identifier,
[Name] = @Name,
[BusinessName] = @BusinessName,
[BusinessAddress1] = @BusinessAddress1,
[BusinessAddress2] = @BusinessAddress2,
[BusinessAddress3] = @BusinessAddress3,
[BusinessCountry] = @BusinessCountry,
[BusinessTaxNumber] = @BusinessTaxNumber,
[BillingEmail] = @BillingEmail,
[Plan] = @Plan,
[PlanType] = @PlanType,
[Seats] = @Seats,
[MaxCollections] = @MaxCollections,
[UsePolicies] = @UsePolicies,
[UseSso] = @UseSso,
[UseGroups] = @UseGroups,
[UseDirectory] = @UseDirectory,
[UseEvents] = @UseEvents,
[UseTotp] = @UseTotp,
[Use2fa] = @Use2fa,
[UseApi] = @UseApi,
[UseResetPassword] = @UseResetPassword,
[SelfHost] = @SelfHost,
[UsersGetPremium] = @UsersGetPremium,
[Storage] = @Storage,
[MaxStorageGb] = @MaxStorageGb,
[Gateway] = @Gateway,
[GatewayCustomerId] = @GatewayCustomerId,
[GatewaySubscriptionId] = @GatewaySubscriptionId,
[ReferenceData] = @ReferenceData,
[Enabled] = @Enabled,
[LicenseKey] = @LicenseKey,
[PublicKey] = @PublicKey,
[PrivateKey] = @PrivateKey,
[TwoFactorProviders] = @TwoFactorProviders,
[ExpirationDate] = @ExpirationDate,
[CreationDate] = @CreationDate,
[RevisionDate] = @RevisionDate,
[OwnersNotifiedOfAutoscaling] = @OwnersNotifiedOfAutoscaling,
[MaxAutoscaleSeats] = @MaxAutoscaleSeats,
[UseKeyConnector] = @UseKeyConnector,
[UseScim] = @UseScim,
[UseCustomPermissions] = @UseCustomPermissions,
[UseSecretsManager] = @UseSecretsManager,
[Status] = @Status,
[UsePasswordManager] = @UsePasswordManager,
[SmSeats] = @SmSeats,
[SmServiceAccounts] = @SmServiceAccounts,
[MaxAutoscaleSmSeats] = @MaxAutoscaleSmSeats,
[MaxAutoscaleSmServiceAccounts] = @MaxAutoscaleSmServiceAccounts,
[SecretsManagerBeta] = @SecretsManagerBeta,
[LimitCollectionCreation] = @LimitCollectionCreation,
[LimitCollectionDeletion] = @LimitCollectionDeletion,
[AllowAdminAccessToAllCollectionItems] = @AllowAdminAccessToAllCollectionItems,
[UseRiskInsights] = @UseRiskInsights,
[LimitItemDeletion] = @LimitItemDeletion,
[UseOrganizationDomains] = @UseOrganizationDomains,
[UseAdminSponsoredFamilies] = @UseAdminSponsoredFamilies,
[SyncSeats] = @SyncSeats,
[UseAutomaticUserConfirmation] = @UseAutomaticUserConfirmation,
[UsePhishingBlocker] = @UsePhishingBlocker,
[MaxStorageGbIncreased] = @MaxStorageGb,
[UseDisableSmAdsForUsers] = @UseDisableSmAdsForUsers,
[UseMyItems] = @UseMyItems
WHERE
[Id] = @Id;
END
GO
-- Update Organization_ReadAbilities stored procedure to include UseMyItems
CREATE OR ALTER PROCEDURE [dbo].[Organization_ReadAbilities]
AS
BEGIN
SET NOCOUNT ON
SELECT
[Id],
[UseEvents],
[Use2fa],
CASE
WHEN [Use2fa] = 1 AND [TwoFactorProviders] IS NOT NULL AND [TwoFactorProviders] != '{}' THEN
1
ELSE
0
END AS [Using2fa],
[UsersGetPremium],
[UseCustomPermissions],
[UseSso],
[UseKeyConnector],
[UseScim],
[UseResetPassword],
[UsePolicies],
[Enabled],
[LimitCollectionCreation],
[LimitCollectionDeletion],
[AllowAdminAccessToAllCollectionItems],
[UseRiskInsights],
[LimitItemDeletion],
[UseOrganizationDomains],
[UseAdminSponsoredFamilies],
[UseAutomaticUserConfirmation],
[UsePhishingBlocker],
[UseDisableSmAdsForUsers],
[UseMyItems]
FROM
[dbo].[Organization]
END
GO
-- Update OrganizationView to include UseMyItems
CREATE OR ALTER VIEW [dbo].[OrganizationView]
AS
SELECT
[Id],
[Identifier],
[Name],
[BusinessName],
[BusinessAddress1],
[BusinessAddress2],
[BusinessAddress3],
[BusinessCountry],
[BusinessTaxNumber],
[BillingEmail],
[Plan],
[PlanType],
[Seats],
[MaxCollections],
[UsePolicies],
[UseSso],
[UseGroups],
[UseDirectory],
[UseEvents],
[UseTotp],
[Use2fa],
[UseApi],
[UseResetPassword],
[SelfHost],
[UsersGetPremium],
[Storage],
COALESCE([MaxStorageGbIncreased], [MaxStorageGb]) AS [MaxStorageGb],
[Gateway],
[GatewayCustomerId],
[GatewaySubscriptionId],
[ReferenceData],
[Enabled],
[LicenseKey],
[PublicKey],
[PrivateKey],
[TwoFactorProviders],
[ExpirationDate],
[CreationDate],
[RevisionDate],
[OwnersNotifiedOfAutoscaling],
[MaxAutoscaleSeats],
[UseKeyConnector],
[UseScim],
[UseCustomPermissions],
[UseSecretsManager],
[Status],
[UsePasswordManager],
[SmSeats],
[SmServiceAccounts],
[MaxAutoscaleSmSeats],
[MaxAutoscaleSmServiceAccounts],
[SecretsManagerBeta],
[LimitCollectionCreation],
[LimitCollectionDeletion],
[LimitItemDeletion],
[AllowAdminAccessToAllCollectionItems],
[UseRiskInsights],
[UseOrganizationDomains],
[UseAdminSponsoredFamilies],
[SyncSeats],
[UseAutomaticUserConfirmation],
[UsePhishingBlocker],
[UseDisableSmAdsForUsers],
[UseMyItems]
FROM
[dbo].[Organization]
GO
-- Update OrganizationUserOrganizationDetailsView to include UseMyItems
CREATE OR ALTER VIEW [dbo].[OrganizationUserOrganizationDetailsView]
AS
SELECT
OU.[UserId],
OU.[OrganizationId],
OU.[Id] OrganizationUserId,
O.[Name],
O.[Enabled],
O.[PlanType],
O.[UsePolicies],
O.[UseSso],
O.[UseKeyConnector],
O.[UseScim],
O.[UseGroups],
O.[UseDirectory],
O.[UseEvents],
O.[UseTotp],
O.[Use2fa],
O.[UseApi],
O.[UseResetPassword],
O.[SelfHost],
O.[UsersGetPremium],
O.[UseCustomPermissions],
O.[UseSecretsManager],
O.[Seats],
O.[MaxCollections],
COALESCE(O.[MaxStorageGbIncreased], O.[MaxStorageGb]) AS [MaxStorageGb],
O.[Identifier],
OU.[Key],
OU.[ResetPasswordKey],
O.[PublicKey],
O.[PrivateKey],
OU.[Status],
OU.[Type],
SU.[ExternalId] SsoExternalId,
OU.[Permissions],
PO.[ProviderId],
P.[Name] ProviderName,
P.[Type] ProviderType,
SS.[Enabled] SsoEnabled,
SS.[Data] SsoConfig,
OS.[FriendlyName] FamilySponsorshipFriendlyName,
OS.[LastSyncDate] FamilySponsorshipLastSyncDate,
OS.[ToDelete] FamilySponsorshipToDelete,
OS.[ValidUntil] FamilySponsorshipValidUntil,
OU.[AccessSecretsManager],
O.[UsePasswordManager],
O.[SmSeats],
O.[SmServiceAccounts],
O.[LimitCollectionCreation],
O.[LimitCollectionDeletion],
O.[AllowAdminAccessToAllCollectionItems],
O.[UseRiskInsights],
O.[LimitItemDeletion],
O.[UseAdminSponsoredFamilies],
O.[UseOrganizationDomains],
OS.[IsAdminInitiated],
O.[UseAutomaticUserConfirmation],
O.[UsePhishingBlocker],
O.[UseDisableSmAdsForUsers],
O.[UseMyItems]
FROM
[dbo].[OrganizationUser] OU
LEFT JOIN
[dbo].[Organization] O ON O.[Id] = OU.[OrganizationId]
LEFT JOIN
[dbo].[SsoUser] SU ON SU.[UserId] = OU.[UserId] AND SU.[OrganizationId] = OU.[OrganizationId]
LEFT JOIN
[dbo].[ProviderOrganization] PO ON PO.[OrganizationId] = O.[Id]
LEFT JOIN
[dbo].[Provider] P ON P.[Id] = PO.[ProviderId]
LEFT JOIN
[dbo].[SsoConfig] SS ON SS.[OrganizationId] = OU.[OrganizationId]
LEFT JOIN
[dbo].[OrganizationSponsorship] OS ON OS.[SponsoringOrganizationUserID] = OU.[Id]
GO
-- Update ProviderUserProviderOrganizationDetailsView to include UseMyItems
CREATE OR ALTER VIEW [dbo].[ProviderUserProviderOrganizationDetailsView]
AS
SELECT
PU.[UserId],
PO.[OrganizationId],
O.[Name],
O.[Enabled],
O.[UsePolicies],
O.[UseSso],
O.[UseKeyConnector],
O.[UseScim],
O.[UseGroups],
O.[UseDirectory],
O.[UseEvents],
O.[UseTotp],
O.[Use2fa],
O.[UseApi],
O.[UseResetPassword],
O.[UseSecretsManager],
O.[UsePasswordManager],
O.[SelfHost],
O.[UsersGetPremium],
O.[UseCustomPermissions],
O.[Seats],
O.[MaxCollections],
COALESCE(O.[MaxStorageGbIncreased], O.[MaxStorageGb]) AS [MaxStorageGb],
O.[Identifier],
PO.[Key],
O.[PublicKey],
O.[PrivateKey],
PU.[Status],
PU.[Type],
PO.[ProviderId],
PU.[Id] ProviderUserId,
P.[Name] ProviderName,
O.[PlanType],
O.[LimitCollectionCreation],
O.[LimitCollectionDeletion],
O.[AllowAdminAccessToAllCollectionItems],
O.[UseRiskInsights],
O.[UseAdminSponsoredFamilies],
P.[Type] ProviderType,
O.[LimitItemDeletion],
O.[UseOrganizationDomains],
O.[UseAutomaticUserConfirmation],
SS.[Enabled] SsoEnabled,
SS.[Data] SsoConfig,
O.[UsePhishingBlocker],
O.[UseDisableSmAdsForUsers],
O.[UseMyItems]
FROM
[dbo].[ProviderUser] PU
INNER JOIN
[dbo].[ProviderOrganization] PO ON PO.[ProviderId] = PU.[ProviderId]
INNER JOIN
[dbo].[Organization] O ON O.[Id] = PO.[OrganizationId]
INNER JOIN
[dbo].[Provider] P ON P.[Id] = PU.[ProviderId]
LEFT JOIN
[dbo].[SsoConfig] SS ON SS.[OrganizationId] = O.[Id]
GO
-- Refresh dependent views
EXEC sp_refreshview '[dbo].[OrganizationCipherDetailsCollectionsView]';
GO
EXEC sp_refreshview '[dbo].[ProviderOrganizationOrganizationDetailsView]';
GO
EXEC sp_refreshview '[dbo].[UserPremiumAccessView]';
GO

14
util/Migrator/DbScripts/2026-02-24_01_UseMyItemsDataMigration.sql Normal file
View File

@@ -0,0 +1,14 @@
-- Enable UseMyItems for all organizations with UsePolicies enabled
-- Batch to avoid table locks
DECLARE @BatchSize INT = 1000;
DECLARE @RowsAffected INT = 1;
WHILE @RowsAffected > 0
BEGIN
UPDATE TOP (@BatchSize) [dbo].[Organization]
SET [UseMyItems] = 1
WHERE [UsePolicies] = 1
AND [UseMyItems] = 0;
SET @RowsAffected = @@ROWCOUNT;
END

3568
util/MySqlMigrations/Migrations/20260224100000_AddUseMyItemsToOrganization.Designer.cs generated Normal file
View File

File diff suppressed because it is too large Load Diff

28
util/MySqlMigrations/Migrations/20260224100000_AddUseMyItemsToOrganization.cs Normal file
View File

@@ -0,0 +1,28 @@
using Microsoft.EntityFrameworkCore.Migrations;
#nullable disable
namespace Bit.MySqlMigrations.Migrations;
/// <inheritdoc />
public partial class AddUseMyItemsToOrganization : Migration
{
/// <inheritdoc />
protected override void Up(MigrationBuilder migrationBuilder)
{
migrationBuilder.AddColumn<bool>(
name: "UseMyItems",
table: "Organization",
type: "tinyint(1)",
nullable: false,
defaultValue: false);
}
/// <inheritdoc />
protected override void Down(MigrationBuilder migrationBuilder)
{
migrationBuilder.DropColumn(
name: "UseMyItems",
table: "Organization");
}
}

3568
util/MySqlMigrations/Migrations/20260224100001_UseMyItemsDataMigration.Designer.cs generated Normal file
View File

File diff suppressed because it is too large Load Diff

29
util/MySqlMigrations/Migrations/20260224100001_UseMyItemsDataMigration.cs Normal file
View File

@@ -0,0 +1,29 @@
using Microsoft.EntityFrameworkCore.Migrations;
#nullable disable
namespace Bit.MySqlMigrations.Migrations;
/// <inheritdoc />
public partial class UseMyItemsDataMigration : Migration
{
/// <inheritdoc />
protected override void Up(MigrationBuilder migrationBuilder)
{
migrationBuilder.Sql(@"
UPDATE `Organization`
SET `UseMyItems` = 1
WHERE `UsePolicies` = 1;
");
}
/// <inheritdoc />
protected override void Down(MigrationBuilder migrationBuilder)
{
migrationBuilder.Sql(@"
UPDATE `Organization`
SET `UseMyItems` = 0
WHERE `UsePolicies` = 1;
");
}
}

3
util/MySqlMigrations/Migrations/DatabaseContextModelSnapshot.cs
View File

@@ -241,6 +241,9 @@ namespace Bit.MySqlMigrations.Migrations
b.Property<bool>("UseKeyConnector")
.HasColumnType("tinyint(1)");
b.Property<bool>("UseMyItems")
.HasColumnType("tinyint(1)");
b.Property<bool>("UseOrganizationDomains")
.HasColumnType("tinyint(1)");

3574
util/PostgresMigrations/Migrations/20260224100000_AddUseMyItemsToOrganization.Designer.cs generated Normal file
View File

File diff suppressed because it is too large Load Diff

28
util/PostgresMigrations/Migrations/20260224100000_AddUseMyItemsToOrganization.cs Normal file
View File

@@ -0,0 +1,28 @@
using Microsoft.EntityFrameworkCore.Migrations;
#nullable disable
namespace Bit.PostgresMigrations.Migrations;
/// <inheritdoc />
public partial class AddUseMyItemsToOrganization : Migration
{
/// <inheritdoc />
protected override void Up(MigrationBuilder migrationBuilder)
{
migrationBuilder.AddColumn<bool>(
name: "UseMyItems",
table: "Organization",
type: "boolean",
nullable: false,
defaultValue: false);
}
/// <inheritdoc />
protected override void Down(MigrationBuilder migrationBuilder)
{
migrationBuilder.DropColumn(
name: "UseMyItems",
table: "Organization");
}
}

3574
util/PostgresMigrations/Migrations/20260224100001_UseMyItemsDataMigration.Designer.cs generated Normal file
View File

File diff suppressed because it is too large Load Diff

29
util/PostgresMigrations/Migrations/20260224100001_UseMyItemsDataMigration.cs Normal file
View File

@@ -0,0 +1,29 @@
using Microsoft.EntityFrameworkCore.Migrations;
#nullable disable
namespace Bit.PostgresMigrations.Migrations;
/// <inheritdoc />
public partial class UseMyItemsDataMigration : Migration
{
/// <inheritdoc />
protected override void Up(MigrationBuilder migrationBuilder)
{
migrationBuilder.Sql(@"
UPDATE ""Organization""
SET ""UseMyItems"" = true
WHERE ""UsePolicies"" = true;
");
}
/// <inheritdoc />
protected override void Down(MigrationBuilder migrationBuilder)
{
migrationBuilder.Sql(@"
UPDATE ""Organization""
SET ""UseMyItems"" = false
WHERE ""UsePolicies"" = true;
");
}
}

3
util/PostgresMigrations/Migrations/DatabaseContextModelSnapshot.cs
View File

@@ -243,6 +243,9 @@ namespace Bit.PostgresMigrations.Migrations
b.Property<bool>("UseKeyConnector")
.HasColumnType("boolean");
b.Property<bool>("UseMyItems")
.HasColumnType("boolean");
b.Property<bool>("UseOrganizationDomains")
.HasColumnType("boolean");

3557
util/SqliteMigrations/Migrations/20260224100000_AddUseMyItemsToOrganization.Designer.cs generated Normal file
View File

File diff suppressed because it is too large Load Diff

28
util/SqliteMigrations/Migrations/20260224100000_AddUseMyItemsToOrganization.cs Normal file
View File

@@ -0,0 +1,28 @@
using Microsoft.EntityFrameworkCore.Migrations;
#nullable disable
namespace Bit.SqliteMigrations.Migrations;
/// <inheritdoc />
public partial class AddUseMyItemsToOrganization : Migration
{
/// <inheritdoc />
protected override void Up(MigrationBuilder migrationBuilder)
{
migrationBuilder.AddColumn<bool>(
name: "UseMyItems",
table: "Organization",
type: "INTEGER",
nullable: false,
defaultValue: false);
}
/// <inheritdoc />
protected override void Down(MigrationBuilder migrationBuilder)
{
migrationBuilder.DropColumn(
name: "UseMyItems",
table: "Organization");
}
}

3557
util/SqliteMigrations/Migrations/20260224100001_UseMyItemsDataMigration.Designer.cs generated Normal file
View File

File diff suppressed because it is too large Load Diff

29
util/SqliteMigrations/Migrations/20260224100001_UseMyItemsDataMigration.cs Normal file
View File

@@ -0,0 +1,29 @@
using Microsoft.EntityFrameworkCore.Migrations;
#nullable disable
namespace Bit.SqliteMigrations.Migrations;
/// <inheritdoc />
public partial class UseMyItemsDataMigration : Migration
{
/// <inheritdoc />
protected override void Up(MigrationBuilder migrationBuilder)
{
migrationBuilder.Sql(@"
UPDATE Organization
SET UseMyItems = 1
WHERE UsePolicies = 1;
");
}
/// <inheritdoc />
protected override void Down(MigrationBuilder migrationBuilder)
{
migrationBuilder.Sql(@"
UPDATE Organization
SET UseMyItems = 0
WHERE UsePolicies = 1;
");
}
}

3
util/SqliteMigrations/Migrations/DatabaseContextModelSnapshot.cs
View File

@@ -236,6 +236,9 @@ namespace Bit.SqliteMigrations.Migrations
b.Property<bool>("UseKeyConnector")
.HasColumnType("INTEGER");
b.Property<bool>("UseMyItems")
.HasColumnType("INTEGER");
b.Property<bool>("UseOrganizationDomains")
.HasColumnType("INTEGER");