Merge branch 'main' into SM-1571-DisableSMAdsForUsers

util/DbSeederUtility/DbSeederUtility.csproj

@@ -16,7 +16,7 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="CommandDotNet" Version="7.0.4" />
+    <PackageReference Include="CommandDotNet" Version="7.0.5" />
   </ItemGroup>
 
 </Project>

util/Migrator/DbScripts/2025-11-04_00_BlockClaimedDomainAccountCreationPolicy.sql

@@ -0,0 +1,41 @@
+-- Add stored procedure for checking if a domain has the BlockClaimedDomainAccountCreation policy enabled
+-- This supports the BlockClaimedDomainAccountCreation policy (Type = 19) which prevents users from
+-- creating personal accounts using email addresses from domains claimed by organizations.
+-- The optional @ExcludeOrganizationId parameter allows excluding a specific organization from the check,
+-- enabling users to join the organization that owns their email domain.
+
+CREATE OR ALTER PROCEDURE [dbo].[OrganizationDomain_HasVerifiedDomainWithBlockPolicy]
+    @DomainName NVARCHAR(255),
+    @ExcludeOrganizationId UNIQUEIDENTIFIER = NULL
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    -- Check if any organization has a verified domain matching the domain name
+    -- with the BlockClaimedDomainAccountCreation policy enabled (Type = 19)
+    -- If @ExcludeOrganizationId is provided, exclude that organization from the check
+    IF EXISTS (
+        SELECT 1
+        FROM [dbo].[OrganizationDomain] OD
+        INNER JOIN [dbo].[Organization] O
+            ON OD.OrganizationId = O.Id
+        INNER JOIN [dbo].[Policy] P
+            ON O.Id = P.OrganizationId
+        WHERE OD.DomainName = @DomainName
+            AND OD.VerifiedDate IS NOT NULL
+            AND O.Enabled = 1
+            AND O.UsePolicies = 1
+            AND O.UseOrganizationDomains = 1
+            AND (@ExcludeOrganizationId IS NULL OR O.Id != @ExcludeOrganizationId)
+            AND P.Type = 19  -- BlockClaimedDomainAccountCreation
+            AND P.Enabled = 1
+    )
+    BEGIN
+        SELECT CAST(1 AS BIT) AS HasBlockPolicy
+    END
+    ELSE
+    BEGIN
+        SELECT CAST(0 AS BIT) AS HasBlockPolicy
+    END
+END
+GO

util/Migrator/DbScripts/2025-11-05_00_OrganizationUserUserDetails_ReadByOrganizationIdUserId.sql

@@ -0,0 +1,17 @@
+CREATE OR ALTER PROCEDURE [dbo].[OrganizationUserUserDetails_ReadByOrganizationIdUserId]
+    @OrganizationId UNIQUEIDENTIFIER,
+    @UserId UNIQUEIDENTIFIER
+AS
+BEGIN
+    SET NOCOUNT ON
+
+SELECT
+    *
+FROM
+    [dbo].[OrganizationUserUserDetailsView]
+WHERE
+    [OrganizationId] = @OrganizationId
+AND
+    [UserId] = @UserId
+END
+GO

util/Migrator/DbScripts/2025-11-06_00_ConfirmOrgUser_AddKey.sql

@@ -0,0 +1,30 @@
+CREATE OR ALTER PROCEDURE [dbo].[OrganizationUser_ConfirmById]
+    @Id UNIQUEIDENTIFIER,
+    @UserId UNIQUEIDENTIFIER,
+    @RevisionDate DATETIME2(7),
+    @Key NVARCHAR(MAX) = NULL
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    DECLARE @RowCount INT;
+
+    UPDATE
+        [dbo].[OrganizationUser]
+    SET
+        [Status] = 2, -- Set to Confirmed
+        [RevisionDate] = @RevisionDate,
+        [Key] = @Key
+    WHERE
+        [Id] = @Id
+      AND [Status] = 1 -- Only update if status is Accepted
+
+    SET @RowCount = @@ROWCOUNT;
+
+    IF @RowCount > 0
+        BEGIN
+            EXEC [dbo].[User_BumpAccountRevisionDate] @UserId
+        END
+
+    SELECT @RowCount;
+END

util/Migrator/DbScripts/2025-11-10_00_BumpAccountRevisionDateCipherWithCollection.sql

@@ -0,0 +1,32 @@
+CREATE OR ALTER PROCEDURE [dbo].[Cipher_CreateWithCollections]
+    @Id UNIQUEIDENTIFIER,
+    @UserId UNIQUEIDENTIFIER,
+    @OrganizationId UNIQUEIDENTIFIER,
+    @Type TINYINT,
+    @Data NVARCHAR(MAX),
+    @Favorites NVARCHAR(MAX),
+    @Folders NVARCHAR(MAX),
+    @Attachments NVARCHAR(MAX),
+    @CreationDate DATETIME2(7),
+    @RevisionDate DATETIME2(7),
+    @DeletedDate DATETIME2(7),
+    @Reprompt TINYINT,
+    @Key VARCHAR(MAX) = NULL,
+    @CollectionIds AS [dbo].[GuidIdArray] READONLY,
+    @ArchivedDate DATETIME2(7) = NULL
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    EXEC [dbo].[Cipher_Create] @Id, @UserId, @OrganizationId, @Type, @Data, @Favorites, @Folders,
+        @Attachments, @CreationDate, @RevisionDate, @DeletedDate, @Reprompt, @Key, @ArchivedDate
+
+    DECLARE @UpdateCollectionsSuccess INT
+    EXEC @UpdateCollectionsSuccess = [dbo].[Cipher_UpdateCollections] @Id, @UserId, @OrganizationId, @CollectionIds
+
+    -- Bump the account revision date AFTER collections are assigned.
+    IF @UpdateCollectionsSuccess = 0
+    BEGIN
+        EXEC [dbo].[User_BumpAccountRevisionDateByCipherId] @Id, @OrganizationId
+    END
+END

util/Migrator/DbScripts/2025-11-12_00_AddMaxStorageGbIncreased.sql

@@ -0,0 +1,350 @@
+-- Add MaxStorageGbIncreased column to User table
+IF COL_LENGTH('[dbo].[User]', 'MaxStorageGbIncreased') IS NULL
+BEGIN
+    ALTER TABLE [dbo].[User] ADD [MaxStorageGbIncreased] SMALLINT NULL;
+END
+GO
+
+-- Add MaxStorageGbIncreased column to Organization table
+IF COL_LENGTH('[dbo].[Organization]', 'MaxStorageGbIncreased') IS NULL
+BEGIN
+    ALTER TABLE [dbo].[Organization] ADD [MaxStorageGbIncreased] SMALLINT NULL;
+END
+GO
+
+-- Update UserView to use COALESCE for MaxStorageGb
+CREATE OR ALTER VIEW [dbo].[UserView]
+AS
+SELECT
+    [Id],
+    [Name],
+    [Email],
+    [EmailVerified],
+    [MasterPassword],
+    [MasterPasswordHint],
+    [Culture],
+    [SecurityStamp],
+    [TwoFactorProviders],
+    [TwoFactorRecoveryCode],
+    [EquivalentDomains],
+    [ExcludedGlobalEquivalentDomains],
+    [AccountRevisionDate],
+    [Key],
+    [PublicKey],
+    [PrivateKey],
+    [Premium],
+    [PremiumExpirationDate],
+    [RenewalReminderDate],
+    [Storage],
+    COALESCE([MaxStorageGbIncreased], [MaxStorageGb]) AS [MaxStorageGb],
+    [Gateway],
+    [GatewayCustomerId],
+    [GatewaySubscriptionId],
+    [ReferenceData],
+    [LicenseKey],
+    [ApiKey],
+    [Kdf],
+    [KdfIterations],
+    [KdfMemory],
+    [KdfParallelism],
+    [CreationDate],
+    [RevisionDate],
+    [ForcePasswordReset],
+    [UsesKeyConnector],
+    [FailedLoginCount],
+    [LastFailedLoginDate],
+    [AvatarColor],
+    [LastPasswordChangeDate],
+    [LastKdfChangeDate],
+    [LastKeyRotationDate],
+    [LastEmailChangeDate],
+    [VerifyDevices],
+    [SecurityState],
+    [SecurityVersion],
+    [SignedPublicKey]
+FROM
+    [dbo].[User]
+GO
+
+-- Update OrganizationView to use COALESCE for MaxStorageGb
+CREATE OR ALTER VIEW [dbo].[OrganizationView]
+AS
+SELECT
+    [Id],
+    [Identifier],
+    [Name],
+    [BusinessName],
+    [BusinessAddress1],
+    [BusinessAddress2],
+    [BusinessAddress3],
+    [BusinessCountry],
+    [BusinessTaxNumber],
+    [BillingEmail],
+    [Plan],
+    [PlanType],
+    [Seats],
+    [MaxCollections],
+    [UsePolicies],
+    [UseSso],
+    [UseGroups],
+    [UseDirectory],
+    [UseEvents],
+    [UseTotp],
+    [Use2fa],
+    [UseApi],
+    [UseResetPassword],
+    [SelfHost],
+    [UsersGetPremium],
+    [Storage],
+    COALESCE([MaxStorageGbIncreased], [MaxStorageGb]) AS [MaxStorageGb],
+    [Gateway],
+    [GatewayCustomerId],
+    [GatewaySubscriptionId],
+    [ReferenceData],
+    [Enabled],
+    [LicenseKey],
+    [PublicKey],
+    [PrivateKey],
+    [TwoFactorProviders],
+    [ExpirationDate],
+    [CreationDate],
+    [RevisionDate],
+    [OwnersNotifiedOfAutoscaling],
+    [MaxAutoscaleSeats],
+    [UseKeyConnector],
+    [UseScim],
+    [UseCustomPermissions],
+    [UseSecretsManager],
+    [Status],
+    [UsePasswordManager],
+    [SmSeats],
+    [SmServiceAccounts],
+    [MaxAutoscaleSmSeats],
+    [MaxAutoscaleSmServiceAccounts],
+    [SecretsManagerBeta],
+    [LimitCollectionCreation],
+    [LimitCollectionDeletion],
+    [LimitItemDeletion],
+    [AllowAdminAccessToAllCollectionItems],
+    [UseRiskInsights],
+    [UseOrganizationDomains],
+    [UseAdminSponsoredFamilies],
+    [SyncSeats],
+    [UseAutomaticUserConfirmation]
+FROM
+    [dbo].[Organization]
+GO
+
+
+-- Update OrganizationUserOrganizationDetailsView
+CREATE OR ALTER VIEW [dbo].[OrganizationUserOrganizationDetailsView]
+AS
+SELECT
+    OU.[UserId],
+    OU.[OrganizationId],
+    OU.[Id] OrganizationUserId,
+    O.[Name],
+    O.[Enabled],
+    O.[PlanType],
+    O.[UsePolicies],
+    O.[UseSso],
+    O.[UseKeyConnector],
+    O.[UseScim],
+    O.[UseGroups],
+    O.[UseDirectory],
+    O.[UseEvents],
+    O.[UseTotp],
+    O.[Use2fa],
+    O.[UseApi],
+    O.[UseResetPassword],
+    O.[SelfHost],
+    O.[UsersGetPremium],
+    O.[UseCustomPermissions],
+    O.[UseSecretsManager],
+    O.[Seats],
+    O.[MaxCollections],
+    COALESCE(O.[MaxStorageGbIncreased], O.[MaxStorageGb]) AS [MaxStorageGb],
+    O.[Identifier],
+    OU.[Key],
+    OU.[ResetPasswordKey],
+    O.[PublicKey],
+    O.[PrivateKey],
+    OU.[Status],
+    OU.[Type],
+    SU.[ExternalId] SsoExternalId,
+    OU.[Permissions],
+    PO.[ProviderId],
+    P.[Name] ProviderName,
+    P.[Type] ProviderType,
+    SS.[Enabled] SsoEnabled,
+    SS.[Data] SsoConfig,
+    OS.[FriendlyName] FamilySponsorshipFriendlyName,
+    OS.[LastSyncDate] FamilySponsorshipLastSyncDate,
+    OS.[ToDelete] FamilySponsorshipToDelete,
+    OS.[ValidUntil] FamilySponsorshipValidUntil,
+    OU.[AccessSecretsManager],
+    O.[UsePasswordManager],
+    O.[SmSeats],
+    O.[SmServiceAccounts],
+    O.[LimitCollectionCreation],
+    O.[LimitCollectionDeletion],
+    O.[AllowAdminAccessToAllCollectionItems],
+    O.[UseRiskInsights],
+    O.[LimitItemDeletion],
+    O.[UseAdminSponsoredFamilies],
+    O.[UseOrganizationDomains],
+    OS.[IsAdminInitiated],
+    O.[UseAutomaticUserConfirmation]
+FROM
+    [dbo].[OrganizationUser] OU
+LEFT JOIN
+    [dbo].[Organization] O ON O.[Id] = OU.[OrganizationId]
+LEFT JOIN
+    [dbo].[SsoUser] SU ON SU.[UserId] = OU.[UserId] AND SU.[OrganizationId] = OU.[OrganizationId]
+LEFT JOIN
+    [dbo].[ProviderOrganization] PO ON PO.[OrganizationId] = O.[Id]
+LEFT JOIN
+    [dbo].[Provider] P ON P.[Id] = PO.[ProviderId]
+LEFT JOIN
+    [dbo].[SsoConfig] SS ON SS.[OrganizationId] = OU.[OrganizationId]
+LEFT JOIN
+    [dbo].[OrganizationSponsorship] OS ON OS.[SponsoringOrganizationUserID] = OU.[Id]
+GO
+
+-- Update ProviderUserProviderOrganizationDetailsView
+CREATE OR ALTER VIEW [dbo].[ProviderUserProviderOrganizationDetailsView]
+AS
+SELECT
+    PU.[UserId],
+    PO.[OrganizationId],
+    O.[Name],
+    O.[Enabled],
+    O.[UsePolicies],
+    O.[UseSso],
+    O.[UseKeyConnector],
+    O.[UseScim],
+    O.[UseGroups],
+    O.[UseDirectory],
+    O.[UseEvents],
+    O.[UseTotp],
+    O.[Use2fa],
+    O.[UseApi],
+    O.[UseResetPassword],
+    O.[UseSecretsManager],
+    O.[UsePasswordManager],
+    O.[SelfHost],
+    O.[UsersGetPremium],
+    O.[UseCustomPermissions],
+    O.[Seats],
+    O.[MaxCollections],
+    COALESCE(O.[MaxStorageGbIncreased], O.[MaxStorageGb]) AS [MaxStorageGb],
+    O.[Identifier],
+    PO.[Key],
+    O.[PublicKey],
+    O.[PrivateKey],
+    PU.[Status],
+    PU.[Type],
+    PO.[ProviderId],
+    PU.[Id] ProviderUserId,
+    P.[Name] ProviderName,
+    O.[PlanType],
+    O.[LimitCollectionCreation],
+    O.[LimitCollectionDeletion],
+    O.[AllowAdminAccessToAllCollectionItems],
+    O.[UseRiskInsights],
+    O.[UseAdminSponsoredFamilies],
+    P.[Type] ProviderType,
+    O.[LimitItemDeletion],
+    O.[UseOrganizationDomains],
+    O.[UseAutomaticUserConfirmation],
+    SS.[Enabled] SsoEnabled,
+    SS.[Data] SsoConfig
+FROM
+    [dbo].[ProviderUser] PU
+INNER JOIN
+    [dbo].[ProviderOrganization] PO ON PO.[ProviderId] = PU.[ProviderId]
+INNER JOIN
+    [dbo].[Organization] O ON O.[Id] = PO.[OrganizationId]
+INNER JOIN
+    [dbo].[Provider] P ON P.[Id] = PU.[ProviderId]
+LEFT JOIN
+    [dbo].[SsoConfig] SS ON SS.[OrganizationId] = O.[Id]
+GO
+
+-- Refresh views that reference Organization table
+EXEC sp_refreshview N'[dbo].[OrganizationCipherDetailsCollectionsView]';
+EXEC sp_refreshview N'[dbo].[OrganizationUserOrganizationDetailsView]';
+EXEC sp_refreshview N'[dbo].[ProviderOrganizationOrganizationDetailsView]';
+EXEC sp_refreshview N'[dbo].[ProviderUserProviderOrganizationDetailsView]';
+GO
+
+-- Refresh views that reference User table
+EXEC sp_refreshview N'[dbo].[EmergencyAccessDetailsView]';
+EXEC sp_refreshview N'[dbo].[OrganizationUserUserDetailsView]';
+EXEC sp_refreshview N'[dbo].[ProviderUserUserDetailsView]';
+EXEC sp_refreshview N'[dbo].[UserEmailDomainView]';
+GO
+
+-- Refresh stored procedures that reference UserView
+EXEC sp_refreshsqlmodule N'[dbo].[Notification_ReadByUserIdAndStatus]';
+EXEC sp_refreshsqlmodule N'[dbo].[OrganizationUser_ReadById]';
+EXEC sp_refreshsqlmodule N'[dbo].[OrganizationUser_ReadByIds]';
+EXEC sp_refreshsqlmodule N'[dbo].[OrganizationUser_ReadByOrganizationId]';
+EXEC sp_refreshsqlmodule N'[dbo].[OrganizationUser_ReadByOrganizationIdEmail]';
+EXEC sp_refreshsqlmodule N'[dbo].[OrganizationUser_ReadByOrganizationIdUserId]';
+EXEC sp_refreshsqlmodule N'[dbo].[OrganizationUser_ReadByOrganizationIdWithClaimedDomains]';
+EXEC sp_refreshsqlmodule N'[dbo].[OrganizationUser_ReadByOrganizationIdWithClaimedDomains_V2]';
+EXEC sp_refreshsqlmodule N'[dbo].[OrganizationUser_ReadByUserId]';
+EXEC sp_refreshsqlmodule N'[dbo].[OrganizationUser_ReadByUserIds]';
+EXEC sp_refreshsqlmodule N'[dbo].[OrganizationUser_ReadByUserIdWithPolicyDetails]';
+EXEC sp_refreshsqlmodule N'[dbo].[OrganizationUser_ReadOccupiedSeatCountByOrganizationId]';
+EXEC sp_refreshsqlmodule N'[dbo].[OrganizationUser_ReadOccupiedSmSeatCountByOrganizationId]';
+EXEC sp_refreshsqlmodule N'[dbo].[ProviderUser_ReadById]';
+EXEC sp_refreshsqlmodule N'[dbo].[ProviderUser_ReadByIds]';
+EXEC sp_refreshsqlmodule N'[dbo].[ProviderUser_ReadByOrganizationIdStatus]';
+EXEC sp_refreshsqlmodule N'[dbo].[ProviderUser_ReadByProviderId]';
+EXEC sp_refreshsqlmodule N'[dbo].[ProviderUser_ReadByProviderIdUserId]';
+EXEC sp_refreshsqlmodule N'[dbo].[ProviderUser_ReadByUserId]';
+EXEC sp_refreshsqlmodule N'[dbo].[User_ReadByEmail]';
+EXEC sp_refreshsqlmodule N'[dbo].[User_ReadByEmails]';
+EXEC sp_refreshsqlmodule N'[dbo].[User_ReadById]';
+EXEC sp_refreshsqlmodule N'[dbo].[User_ReadByIds]';
+EXEC sp_refreshsqlmodule N'[dbo].[User_ReadByIdsWithCalculatedPremium]';
+EXEC sp_refreshsqlmodule N'[dbo].[User_ReadByPremium]';
+EXEC sp_refreshsqlmodule N'[dbo].[User_ReadBySsoUserOrganizationIdExternalId]';
+EXEC sp_refreshsqlmodule N'[dbo].[User_Search]';
+GO
+
+-- Refresh stored procedures that reference OrganizationView
+EXEC sp_refreshsqlmodule N'[dbo].[Organization_GetOrganizationsForSubscriptionSync]';
+EXEC sp_refreshsqlmodule N'[dbo].[Organization_ReadByClaimedUserEmailDomain]';
+EXEC sp_refreshsqlmodule N'[dbo].[Organization_ReadByEnabled]';
+EXEC sp_refreshsqlmodule N'[dbo].[Organization_ReadById]';
+EXEC sp_refreshsqlmodule N'[dbo].[Organization_ReadByIdentifier]';
+EXEC sp_refreshsqlmodule N'[dbo].[Organization_ReadByLicenseKey]';
+EXEC sp_refreshsqlmodule N'[dbo].[Organization_ReadByProviderId]';
+EXEC sp_refreshsqlmodule N'[dbo].[Organization_ReadByUserId]';
+EXEC sp_refreshsqlmodule N'[dbo].[Organization_ReadManyByIds]';
+EXEC sp_refreshsqlmodule N'[dbo].[Organization_ReadOccupiedSeatCountByOrganizationId]';
+EXEC sp_refreshsqlmodule N'[dbo].[Organization_Search]';
+EXEC sp_refreshsqlmodule N'[dbo].[Organization_UnassignedToProviderSearch]';
+EXEC sp_refreshsqlmodule N'[dbo].[OrganizationDomainSsoDetails_ReadByEmail]';
+EXEC sp_refreshsqlmodule N'[dbo].[PolicyDetails_ReadByOrganizationId]';
+EXEC sp_refreshsqlmodule N'[dbo].[PolicyDetails_ReadByUserId]';
+EXEC sp_refreshsqlmodule N'[dbo].[PolicyDetails_ReadByUserIdsPolicyType]';
+EXEC sp_refreshsqlmodule N'[dbo].[ProviderOrganization_ReadById]';
+EXEC sp_refreshsqlmodule N'[dbo].[ProviderOrganization_ReadByOrganizationId]';
+EXEC sp_refreshsqlmodule N'[dbo].[ProviderOrganization_ReadCountByOrganizationIds]';
+EXEC sp_refreshsqlmodule N'[dbo].[ProviderOrganizationProviderDetails_ReadByUserId]';
+EXEC sp_refreshsqlmodule N'[dbo].[VerifiedOrganizationDomainSsoDetails_ReadByEmail]';
+GO
+
+-- Refresh stored procedures that reference OrganizationUserOrganizationDetailsView
+EXEC sp_refreshsqlmodule N'[dbo].[OrganizationUserOrganizationDetails_ReadByUserIdStatus]';
+EXEC sp_refreshsqlmodule N'[dbo].[OrganizationUserOrganizationDetails_ReadByUserIdStatusOrganizationId]';
+GO
+
+-- Refresh stored procedures that reference ProviderUserProviderOrganizationDetailsView
+EXEC sp_refreshsqlmodule N'[dbo].[ProviderUserProviderOrganizationDetails_ReadByUserIdStatus]';
+GO
+

util/Migrator/DbScripts/2025-11-21_00_AddUsePhishingBlockerToOrganization.sql

@@ -0,0 +1,382 @@
+
+/* Introduce new column 'UsePhishingBlocker' not nullable with default of 0  */
+IF COL_LENGTH('[dbo].[Organization]', 'UsePhishingBlocker') is NULL
+BEGIN
+    ALTER TABLE [dbo].[Organization] ADD [UsePhishingBlocker] bit NOT NULL CONSTRAINT [DF_Organization_UsePhishingBlocker] default (0)
+END
+GO
+
+/* Update existing stored procedures to include the new column - UsePhishingBlocker */
+CREATE OR ALTER PROCEDURE [dbo].[Organization_Create]
+    @Id UNIQUEIDENTIFIER OUTPUT,
+    @Identifier NVARCHAR(50),
+    @Name NVARCHAR(50),
+    @BusinessName NVARCHAR(50),
+    @BusinessAddress1 NVARCHAR(50),
+    @BusinessAddress2 NVARCHAR(50),
+    @BusinessAddress3 NVARCHAR(50),
+    @BusinessCountry VARCHAR(2),
+    @BusinessTaxNumber NVARCHAR(30),
+    @BillingEmail NVARCHAR(256),
+    @Plan NVARCHAR(50),
+    @PlanType TINYINT,
+    @Seats INT,
+    @MaxCollections SMALLINT,
+    @UsePolicies BIT,
+    @UseSso BIT,
+    @UseGroups BIT,
+    @UseDirectory BIT,
+    @UseEvents BIT,
+    @UseTotp BIT,
+    @Use2fa BIT,
+    @UseApi BIT,
+    @UseResetPassword BIT,
+    @SelfHost BIT,
+    @UsersGetPremium BIT,
+    @Storage BIGINT,
+    @MaxStorageGb SMALLINT,
+    @Gateway TINYINT,
+    @GatewayCustomerId VARCHAR(50),
+    @GatewaySubscriptionId VARCHAR(50),
+    @ReferenceData VARCHAR(MAX),
+    @Enabled BIT,
+    @LicenseKey VARCHAR(100),
+    @PublicKey VARCHAR(MAX),
+    @PrivateKey VARCHAR(MAX),
+    @TwoFactorProviders NVARCHAR(MAX),
+    @ExpirationDate DATETIME2(7),
+    @CreationDate DATETIME2(7),
+    @RevisionDate DATETIME2(7),
+    @OwnersNotifiedOfAutoscaling DATETIME2(7),
+    @MaxAutoscaleSeats INT,
+    @UseKeyConnector BIT = 0,
+    @UseScim BIT = 0,
+    @UseCustomPermissions BIT = 0,
+    @UseSecretsManager BIT = 0,
+    @Status TINYINT = 0,
+    @UsePasswordManager BIT = 1,
+    @SmSeats INT = null,
+    @SmServiceAccounts INT = null,
+    @MaxAutoscaleSmSeats INT= null,
+    @MaxAutoscaleSmServiceAccounts INT = null,
+    @SecretsManagerBeta BIT = 0,
+    @LimitCollectionCreation BIT = NULL,
+    @LimitCollectionDeletion BIT = NULL,
+    @AllowAdminAccessToAllCollectionItems BIT = 0,
+    @UseRiskInsights BIT = 0,
+    @LimitItemDeletion BIT = 0,
+    @UseOrganizationDomains BIT = 0,
+    @UseAdminSponsoredFamilies BIT = 0,
+    @SyncSeats BIT = 0,
+    @UseAutomaticUserConfirmation BIT = 0,
+    @UsePhishingBlocker BIT = 0
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    INSERT INTO [dbo].[Organization]
+        (
+        [Id],
+        [Identifier],
+        [Name],
+        [BusinessName],
+        [BusinessAddress1],
+        [BusinessAddress2],
+        [BusinessAddress3],
+        [BusinessCountry],
+        [BusinessTaxNumber],
+        [BillingEmail],
+        [Plan],
+        [PlanType],
+        [Seats],
+        [MaxCollections],
+        [UsePolicies],
+        [UseSso],
+        [UseGroups],
+        [UseDirectory],
+        [UseEvents],
+        [UseTotp],
+        [Use2fa],
+        [UseApi],
+        [UseResetPassword],
+        [SelfHost],
+        [UsersGetPremium],
+        [Storage],
+        [MaxStorageGb],
+        [Gateway],
+        [GatewayCustomerId],
+        [GatewaySubscriptionId],
+        [ReferenceData],
+        [Enabled],
+        [LicenseKey],
+        [PublicKey],
+        [PrivateKey],
+        [TwoFactorProviders],
+        [ExpirationDate],
+        [CreationDate],
+        [RevisionDate],
+        [OwnersNotifiedOfAutoscaling],
+        [MaxAutoscaleSeats],
+        [UseKeyConnector],
+        [UseScim],
+        [UseCustomPermissions],
+        [UseSecretsManager],
+        [Status],
+        [UsePasswordManager],
+        [SmSeats],
+        [SmServiceAccounts],
+        [MaxAutoscaleSmSeats],
+        [MaxAutoscaleSmServiceAccounts],
+        [SecretsManagerBeta],
+        [LimitCollectionCreation],
+        [LimitCollectionDeletion],
+        [AllowAdminAccessToAllCollectionItems],
+        [UseRiskInsights],
+        [LimitItemDeletion],
+        [UseOrganizationDomains],
+        [UseAdminSponsoredFamilies],
+        [SyncSeats],
+        [UseAutomaticUserConfirmation],
+        [UsePhishingBlocker]
+        )
+    VALUES
+        (
+            @Id,
+            @Identifier,
+            @Name,
+            @BusinessName,
+            @BusinessAddress1,
+            @BusinessAddress2,
+            @BusinessAddress3,
+            @BusinessCountry,
+            @BusinessTaxNumber,
+            @BillingEmail,
+            @Plan,
+            @PlanType,
+            @Seats,
+            @MaxCollections,
+            @UsePolicies,
+            @UseSso,
+            @UseGroups,
+            @UseDirectory,
+            @UseEvents,
+            @UseTotp,
+            @Use2fa,
+            @UseApi,
+            @UseResetPassword,
+            @SelfHost,
+            @UsersGetPremium,
+            @Storage,
+            @MaxStorageGb,
+            @Gateway,
+            @GatewayCustomerId,
+            @GatewaySubscriptionId,
+            @ReferenceData,
+            @Enabled,
+            @LicenseKey,
+            @PublicKey,
+            @PrivateKey,
+            @TwoFactorProviders,
+            @ExpirationDate,
+            @CreationDate,
+            @RevisionDate,
+            @OwnersNotifiedOfAutoscaling,
+            @MaxAutoscaleSeats,
+            @UseKeyConnector,
+            @UseScim,
+            @UseCustomPermissions,
+            @UseSecretsManager,
+            @Status,
+            @UsePasswordManager,
+            @SmSeats,
+            @SmServiceAccounts,
+            @MaxAutoscaleSmSeats,
+            @MaxAutoscaleSmServiceAccounts,
+            @SecretsManagerBeta,
+            @LimitCollectionCreation,
+            @LimitCollectionDeletion,
+            @AllowAdminAccessToAllCollectionItems,
+            @UseRiskInsights,
+            @LimitItemDeletion,
+            @UseOrganizationDomains,
+            @UseAdminSponsoredFamilies,
+            @SyncSeats,
+            @UseAutomaticUserConfirmation,
+            @UsePhishingBlocker
+        );
+END
+GO
+
+/* Update existing stored procedures to include the new column - UsePhishingBlocker */
+CREATE OR ALTER PROCEDURE [dbo].[Organization_ReadAbilities]
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    SELECT
+        [Id],
+        [UseEvents],
+        [Use2fa],
+        CASE
+        WHEN [Use2fa] = 1 AND [TwoFactorProviders] IS NOT NULL AND [TwoFactorProviders] != '{}' THEN
+            1
+        ELSE
+            0
+        END AS [Using2fa],
+        [UsersGetPremium],
+        [UseCustomPermissions],
+        [UseSso],
+        [UseKeyConnector],
+        [UseScim],
+        [UseResetPassword],
+        [UsePolicies],
+        [Enabled],
+        [LimitCollectionCreation],
+        [LimitCollectionDeletion],
+        [AllowAdminAccessToAllCollectionItems],
+        [UseRiskInsights],
+        [LimitItemDeletion],
+        [UseOrganizationDomains],
+        [UseAdminSponsoredFamilies],
+        [UseAutomaticUserConfirmation],
+        [UsePhishingBlocker]
+    FROM
+        [dbo].[Organization]
+END
+GO
+
+/* Update existing stored procedures to include the new column - UsePhishingBlocker */
+CREATE OR ALTER PROCEDURE [dbo].[Organization_Update]
+    @Id UNIQUEIDENTIFIER,
+    @Identifier NVARCHAR(50),
+    @Name NVARCHAR(50),
+    @BusinessName NVARCHAR(50),
+    @BusinessAddress1 NVARCHAR(50),
+    @BusinessAddress2 NVARCHAR(50),
+    @BusinessAddress3 NVARCHAR(50),
+    @BusinessCountry VARCHAR(2),
+    @BusinessTaxNumber NVARCHAR(30),
+    @BillingEmail NVARCHAR(256),
+    @Plan NVARCHAR(50),
+    @PlanType TINYINT,
+    @Seats INT,
+    @MaxCollections SMALLINT,
+    @UsePolicies BIT,
+    @UseSso BIT,
+    @UseGroups BIT,
+    @UseDirectory BIT,
+    @UseEvents BIT,
+    @UseTotp BIT,
+    @Use2fa BIT,
+    @UseApi BIT,
+    @UseResetPassword BIT,
+    @SelfHost BIT,
+    @UsersGetPremium BIT,
+    @Storage BIGINT,
+    @MaxStorageGb SMALLINT,
+    @Gateway TINYINT,
+    @GatewayCustomerId VARCHAR(50),
+    @GatewaySubscriptionId VARCHAR(50),
+    @ReferenceData VARCHAR(MAX),
+    @Enabled BIT,
+    @LicenseKey VARCHAR(100),
+    @PublicKey VARCHAR(MAX),
+    @PrivateKey VARCHAR(MAX),
+    @TwoFactorProviders NVARCHAR(MAX),
+    @ExpirationDate DATETIME2(7),
+    @CreationDate DATETIME2(7),
+    @RevisionDate DATETIME2(7),
+    @OwnersNotifiedOfAutoscaling DATETIME2(7),
+    @MaxAutoscaleSeats INT,
+    @UseKeyConnector BIT = 0,
+    @UseScim BIT = 0,
+    @UseCustomPermissions BIT = 0,
+    @UseSecretsManager BIT = 0,
+    @Status TINYINT = 0,
+    @UsePasswordManager BIT = 1,
+    @SmSeats INT = null,
+    @SmServiceAccounts INT = null,
+    @MaxAutoscaleSmSeats INT = null,
+    @MaxAutoscaleSmServiceAccounts INT = null,
+    @SecretsManagerBeta BIT = 0,
+    @LimitCollectionCreation BIT = null,
+    @LimitCollectionDeletion BIT = null,
+    @AllowAdminAccessToAllCollectionItems BIT = 0,
+    @UseRiskInsights BIT = 0,
+    @LimitItemDeletion BIT = 0,
+    @UseOrganizationDomains BIT = 0,
+    @UseAdminSponsoredFamilies BIT = 0,
+    @SyncSeats BIT = 0,
+    @UseAutomaticUserConfirmation BIT = 0,
+    @UsePhishingBlocker BIT = 0
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    UPDATE
+        [dbo].[Organization]
+    SET
+        [Identifier] = @Identifier,
+        [Name] = @Name,
+        [BusinessName] = @BusinessName,
+        [BusinessAddress1] = @BusinessAddress1,
+        [BusinessAddress2] = @BusinessAddress2,
+        [BusinessAddress3] = @BusinessAddress3,
+        [BusinessCountry] = @BusinessCountry,
+        [BusinessTaxNumber] = @BusinessTaxNumber,
+        [BillingEmail] = @BillingEmail,
+        [Plan] = @Plan,
+        [PlanType] = @PlanType,
+        [Seats] = @Seats,
+        [MaxCollections] = @MaxCollections,
+        [UsePolicies] = @UsePolicies,
+        [UseSso] = @UseSso,
+        [UseGroups] = @UseGroups,
+        [UseDirectory] = @UseDirectory,
+        [UseEvents] = @UseEvents,
+        [UseTotp] = @UseTotp,
+        [Use2fa] = @Use2fa,
+        [UseApi] = @UseApi,
+        [UseResetPassword] = @UseResetPassword,
+        [SelfHost] = @SelfHost,
+        [UsersGetPremium] = @UsersGetPremium,
+        [Storage] = @Storage,
+        [MaxStorageGb] = @MaxStorageGb,
+        [Gateway] = @Gateway,
+        [GatewayCustomerId] = @GatewayCustomerId,
+        [GatewaySubscriptionId] = @GatewaySubscriptionId,
+        [ReferenceData] = @ReferenceData,
+        [Enabled] = @Enabled,
+        [LicenseKey] = @LicenseKey,
+        [PublicKey] = @PublicKey,
+        [PrivateKey] = @PrivateKey,
+        [TwoFactorProviders] = @TwoFactorProviders,
+        [ExpirationDate] = @ExpirationDate,
+        [CreationDate] = @CreationDate,
+        [RevisionDate] = @RevisionDate,
+        [OwnersNotifiedOfAutoscaling] = @OwnersNotifiedOfAutoscaling,
+        [MaxAutoscaleSeats] = @MaxAutoscaleSeats,
+        [UseKeyConnector] = @UseKeyConnector,
+        [UseScim] = @UseScim,
+        [UseCustomPermissions] = @UseCustomPermissions,
+        [UseSecretsManager] = @UseSecretsManager,
+        [Status] = @Status,
+        [UsePasswordManager] = @UsePasswordManager,
+        [SmSeats] = @SmSeats,
+        [SmServiceAccounts] = @SmServiceAccounts,
+        [MaxAutoscaleSmSeats] = @MaxAutoscaleSmSeats,
+        [MaxAutoscaleSmServiceAccounts] = @MaxAutoscaleSmServiceAccounts,
+        [SecretsManagerBeta] = @SecretsManagerBeta,
+        [LimitCollectionCreation] = @LimitCollectionCreation,
+        [LimitCollectionDeletion] = @LimitCollectionDeletion,
+        [AllowAdminAccessToAllCollectionItems] = @AllowAdminAccessToAllCollectionItems,
+        [UseRiskInsights] = @UseRiskInsights,
+        [LimitItemDeletion] = @LimitItemDeletion,
+        [UseOrganizationDomains] = @UseOrganizationDomains,
+        [UseAdminSponsoredFamilies] = @UseAdminSponsoredFamilies,
+        [SyncSeats] = @SyncSeats,
+        [UseAutomaticUserConfirmation] = @UseAutomaticUserConfirmation,
+        [UsePhishingBlocker] = @UsePhishingBlocker
+    WHERE
+        [Id] = @Id;
+END

util/Migrator/DbScripts/2025-11-21_01_AddUsePhishingBlockerToViews.sql

@@ -0,0 +1,241 @@
+/* Adds the UsePhishingBlocker column to the OrganizationUserOrganizationDetailsView view. */
+CREATE OR ALTER VIEW [dbo].[OrganizationUserOrganizationDetailsView]
+AS
+SELECT
+    OU.[UserId],
+    OU.[OrganizationId],
+    OU.[Id] OrganizationUserId,
+    O.[Name],
+    O.[Enabled],
+    O.[PlanType],
+    O.[UsePolicies],
+    O.[UseSso],
+    O.[UseKeyConnector],
+    O.[UseScim],
+    O.[UseGroups],
+    O.[UseDirectory],
+    O.[UseEvents],
+    O.[UseTotp],
+    O.[Use2fa],
+    O.[UseApi],
+    O.[UseResetPassword],
+    O.[SelfHost],
+    O.[UsersGetPremium],
+    O.[UseCustomPermissions],
+    O.[UseSecretsManager],
+    O.[Seats],
+    O.[MaxCollections],
+    COALESCE(O.[MaxStorageGbIncreased], O.[MaxStorageGb]) AS [MaxStorageGb],
+    O.[Identifier],
+    OU.[Key],
+    OU.[ResetPasswordKey],
+    O.[PublicKey],
+    O.[PrivateKey],
+    OU.[Status],
+    OU.[Type],
+    SU.[ExternalId] SsoExternalId,
+    OU.[Permissions],
+    PO.[ProviderId],
+    P.[Name] ProviderName,
+    P.[Type] ProviderType,
+    SS.[Enabled] SsoEnabled,
+    SS.[Data] SsoConfig,
+    OS.[FriendlyName] FamilySponsorshipFriendlyName,
+    OS.[LastSyncDate] FamilySponsorshipLastSyncDate,
+    OS.[ToDelete] FamilySponsorshipToDelete,
+    OS.[ValidUntil] FamilySponsorshipValidUntil,
+    OU.[AccessSecretsManager],
+    O.[UsePasswordManager],
+    O.[SmSeats],
+    O.[SmServiceAccounts],
+    O.[LimitCollectionCreation],
+    O.[LimitCollectionDeletion],
+    O.[AllowAdminAccessToAllCollectionItems],
+    O.[UseRiskInsights],
+    O.[LimitItemDeletion],
+    O.[UseAdminSponsoredFamilies],
+    O.[UseOrganizationDomains],
+    OS.[IsAdminInitiated],
+    O.[UseAutomaticUserConfirmation],
+    O.[UsePhishingBlocker]
+FROM
+    [dbo].[OrganizationUser] OU
+LEFT JOIN
+    [dbo].[Organization] O ON O.[Id] = OU.[OrganizationId]
+LEFT JOIN
+    [dbo].[SsoUser] SU ON SU.[UserId] = OU.[UserId] AND SU.[OrganizationId] = OU.[OrganizationId]
+LEFT JOIN
+    [dbo].[ProviderOrganization] PO ON PO.[OrganizationId] = O.[Id]
+LEFT JOIN
+    [dbo].[Provider] P ON P.[Id] = PO.[ProviderId]
+LEFT JOIN
+    [dbo].[SsoConfig] SS ON SS.[OrganizationId] = OU.[OrganizationId]
+LEFT JOIN
+    [dbo].[OrganizationSponsorship] OS ON OS.[SponsoringOrganizationUserID] = OU.[Id]
+GO
+
+/* Updates the ProviderUserProviderOrganizationDetailsView view to include the UsePhishingBlocker column. */
+CREATE OR ALTER VIEW [dbo].[ProviderUserProviderOrganizationDetailsView]
+AS
+SELECT
+    PU.[UserId],
+    PO.[OrganizationId],
+    O.[Name],
+    O.[Enabled],
+    O.[UsePolicies],
+    O.[UseSso],
+    O.[UseKeyConnector],
+    O.[UseScim],
+    O.[UseGroups],
+    O.[UseDirectory],
+    O.[UseEvents],
+    O.[UseTotp],
+    O.[Use2fa],
+    O.[UseApi],
+    O.[UseResetPassword],
+    O.[UseSecretsManager],
+    O.[UsePasswordManager],
+    O.[SelfHost],
+    O.[UsersGetPremium],
+    O.[UseCustomPermissions],
+    O.[Seats],
+    O.[MaxCollections],
+    COALESCE(O.[MaxStorageGbIncreased], O.[MaxStorageGb]) AS [MaxStorageGb],
+    O.[Identifier],
+    PO.[Key],
+    O.[PublicKey],
+    O.[PrivateKey],
+    PU.[Status],
+    PU.[Type],
+    PO.[ProviderId],
+    PU.[Id] ProviderUserId,
+    P.[Name] ProviderName,
+    O.[PlanType],
+    O.[LimitCollectionCreation],
+    O.[LimitCollectionDeletion],
+    O.[AllowAdminAccessToAllCollectionItems],
+    O.[UseRiskInsights],
+    O.[UseAdminSponsoredFamilies],
+    P.[Type] ProviderType,
+    O.[LimitItemDeletion],
+    O.[UseOrganizationDomains],
+    O.[UseAutomaticUserConfirmation],
+    SS.[Enabled] SsoEnabled,
+    SS.[Data] SsoConfig,
+    O.[UsePhishingBlocker]
+FROM
+    [dbo].[ProviderUser] PU
+INNER JOIN
+    [dbo].[ProviderOrganization] PO ON PO.[ProviderId] = PU.[ProviderId]
+INNER JOIN
+    [dbo].[Organization] O ON O.[Id] = PO.[OrganizationId]
+INNER JOIN
+    [dbo].[Provider] P ON P.[Id] = PU.[ProviderId]
+LEFT JOIN
+    [dbo].[SsoConfig] SS ON SS.[OrganizationId] = O.[Id]
+GO
+
+/* Updates the OrganizationView view to include the UsePhishingBlocker column. */
+CREATE OR ALTER VIEW [dbo].[OrganizationView]
+AS
+SELECT
+    [Id],
+    [Identifier],
+    [Name],
+    [BusinessName],
+    [BusinessAddress1],
+    [BusinessAddress2],
+    [BusinessAddress3],
+    [BusinessCountry],
+    [BusinessTaxNumber],
+    [BillingEmail],
+    [Plan],
+    [PlanType],
+    [Seats],
+    [MaxCollections],
+    [UsePolicies],
+    [UseSso],
+    [UseGroups],
+    [UseDirectory],
+    [UseEvents],
+    [UseTotp],
+    [Use2fa],
+    [UseApi],
+    [UseResetPassword],
+    [SelfHost],
+    [UsersGetPremium],
+    [Storage],
+    COALESCE([MaxStorageGbIncreased], [MaxStorageGb]) AS [MaxStorageGb],
+    [Gateway],
+    [GatewayCustomerId],
+    [GatewaySubscriptionId],
+    [ReferenceData],
+    [Enabled],
+    [LicenseKey],
+    [PublicKey],
+    [PrivateKey],
+    [TwoFactorProviders],
+    [ExpirationDate],
+    [CreationDate],
+    [RevisionDate],
+    [OwnersNotifiedOfAutoscaling],
+    [MaxAutoscaleSeats],
+    [UseKeyConnector],
+    [UseScim],
+    [UseCustomPermissions],
+    [UseSecretsManager],
+    [Status],
+    [UsePasswordManager],
+    [SmSeats],
+    [SmServiceAccounts],
+    [MaxAutoscaleSmSeats],
+    [MaxAutoscaleSmServiceAccounts],
+    [SecretsManagerBeta],
+    [LimitCollectionCreation],
+    [LimitCollectionDeletion],
+    [LimitItemDeletion],
+    [AllowAdminAccessToAllCollectionItems],
+    [UseRiskInsights],
+    [UseOrganizationDomains],
+    [UseAdminSponsoredFamilies],
+    [SyncSeats],
+    [UseAutomaticUserConfirmation],
+    [UsePhishingBlocker]
+FROM
+    [dbo].[Organization]
+GO
+
+
+--Manually refresh [dbo].[OrganizationUserOrganizationDetailsView]
+IF OBJECT_ID('[dbo].[OrganizationUserOrganizationDetailsView]') IS NOT NULL
+    BEGIN
+        EXECUTE sp_refreshsqlmodule N'[dbo].[OrganizationUserOrganizationDetailsView]';
+    END
+GO
+
+--Manually refresh [dbo].[ProviderUserProviderOrganizationDetailsView]
+IF OBJECT_ID('[dbo].[ProviderUserProviderOrganizationDetailsView]') IS NOT NULL
+    BEGIN
+        EXECUTE sp_refreshsqlmodule N'[dbo].[ProviderUserProviderOrganizationDetailsView]';
+    END
+GO
+
+--Manually refresh [dbo].[OrganizationView]
+IF OBJECT_ID('[dbo].[OrganizationView]') IS NOT NULL
+    BEGIN
+        EXECUTE sp_refreshsqlmodule N'[dbo].[OrganizationView]';
+    END
+GO
+
+--Manually refresh [dbo].[OrganizationCipherDetailsCollectionsView]
+IF OBJECT_ID('[dbo].[OrganizationCipherDetailsCollectionsView]') IS NOT NULL
+    BEGIN
+        EXECUTE sp_refreshsqlmodule N'[dbo].[OrganizationCipherDetailsCollectionsView]';
+    END
+GO
+--Manually refresh [dbo].[ProviderOrganizationOrganizationDetailsView]
+IF OBJECT_ID('[dbo].[ProviderOrganizationOrganizationDetailsView]') IS NOT NULL
+    BEGIN
+        EXECUTE sp_refreshsqlmodule N'[dbo].[ProviderOrganizationOrganizationDetailsView]';
+    END
+GO

util/Migrator/DbScripts/2025-11-24_00_CipherDetailsCreateWithCollections.sql

@@ -0,0 +1,39 @@
+CREATE OR ALTER PROCEDURE [dbo].[CipherDetails_CreateWithCollections]
+    @Id UNIQUEIDENTIFIER,
+    @UserId UNIQUEIDENTIFIER,
+    @OrganizationId UNIQUEIDENTIFIER,
+    @Type TINYINT,
+    @Data NVARCHAR(MAX),
+    @Favorites NVARCHAR(MAX), -- not used
+    @Folders NVARCHAR(MAX), -- not used
+    @Attachments NVARCHAR(MAX), -- not used
+    @CreationDate DATETIME2(7),
+    @RevisionDate DATETIME2(7),
+    @FolderId UNIQUEIDENTIFIER,
+    @Favorite BIT,
+    @Edit BIT, -- not used
+    @ViewPassword BIT, -- not used
+    @Manage BIT, -- not used
+    @OrganizationUseTotp BIT, -- not used
+    @DeletedDate DATETIME2(7),
+    @Reprompt TINYINT,
+    @Key VARCHAR(MAX) = NULL,
+    @CollectionIds AS [dbo].[GuidIdArray] READONLY,
+    @ArchivedDate DATETIME2(7) = NULL
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    EXEC [dbo].[CipherDetails_Create] @Id, @UserId, @OrganizationId, @Type, @Data, @Favorites, @Folders,
+        @Attachments, @CreationDate, @RevisionDate, @FolderId, @Favorite, @Edit, @ViewPassword, @Manage,
+        @OrganizationUseTotp, @DeletedDate, @Reprompt, @Key, @ArchivedDate
+
+    DECLARE @UpdateCollectionsSuccess INT
+    EXEC @UpdateCollectionsSuccess = [dbo].[Cipher_UpdateCollections] @Id, @UserId, @OrganizationId, @CollectionIds
+
+    -- Bump the account revision date AFTER collections are assigned.
+    IF @UpdateCollectionsSuccess = 0
+    BEGIN
+        EXEC [dbo].[User_BumpAccountRevisionDateByCipherId] @Id, @OrganizationId
+    END
+END

util/MsSqlMigratorUtility/MsSqlMigratorUtility.csproj

@@ -10,7 +10,7 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="CommandDotNet" Version="7.0.4" />
+    <PackageReference Include="CommandDotNet" Version="7.0.5" />
     <PackageReference Include="Microsoft.Extensions.Logging" Version="8.0.1" />
     <PackageReference Include="Microsoft.Extensions.Logging.Console" Version="8.0.1" />
   </ItemGroup>

util/MySqlMigrations/Migrations/20251112155802_AddMaxStorageGbIncreasedColumn.cs

@@ -0,0 +1,37 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Bit.MySqlMigrations.Migrations;
+
+/// <inheritdoc />
+public partial class AddMaxStorageGbIncreasedColumn : Migration
+{
+    /// <inheritdoc />
+    protected override void Up(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.AddColumn<short>(
+            name: "MaxStorageGbIncreased",
+            table: "User",
+            type: "smallint",
+            nullable: true);
+
+        migrationBuilder.AddColumn<short>(
+            name: "MaxStorageGbIncreased",
+            table: "Organization",
+            type: "smallint",
+            nullable: true);
+    }
+
+    /// <inheritdoc />
+    protected override void Down(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.DropColumn(
+            name: "MaxStorageGbIncreased",
+            table: "User");
+
+        migrationBuilder.DropColumn(
+            name: "MaxStorageGbIncreased",
+            table: "Organization");
+    }
+}

util/MySqlMigrations/Migrations/20251121193008_2025-11-21_00_AddUsePhishingBlockerToOrganization.cs

@@ -0,0 +1,28 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Bit.MySqlMigrations.Migrations;
+
+/// <inheritdoc />
+public partial class _20251121_00_AddUsePhishingBlockerToOrganization : Migration
+{
+    /// <inheritdoc />
+    protected override void Up(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.AddColumn<bool>(
+            name: "UsePhishingBlocker",
+            table: "Organization",
+            type: "tinyint(1)",
+            nullable: false,
+            defaultValue: false);
+    }
+
+    /// <inheritdoc />
+    protected override void Down(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.DropColumn(
+            name: "UsePhishingBlocker",
+            table: "Organization");
+    }
+}

util/MySqlMigrations/Migrations/DatabaseContextModelSnapshot.cs

@@ -247,6 +247,9 @@ namespace Bit.MySqlMigrations.Migrations
                     b.Property<bool>("UsePasswordManager")
                         .HasColumnType("tinyint(1)");
 
+                    b.Property<bool>("UsePhishingBlocker")
+                        .HasColumnType("tinyint(1)");
+
                     b.Property<bool>("UsePolicies")
                         .HasColumnType("tinyint(1)");
 

util/PostgresMigrations/Migrations/20251112155845_AddMaxStorageGbIncreasedColumn.cs

@@ -0,0 +1,37 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Bit.PostgresMigrations.Migrations;
+
+/// <inheritdoc />
+public partial class AddMaxStorageGbIncreasedColumn : Migration
+{
+    /// <inheritdoc />
+    protected override void Up(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.AddColumn<short>(
+            name: "MaxStorageGbIncreased",
+            table: "User",
+            type: "smallint",
+            nullable: true);
+
+        migrationBuilder.AddColumn<short>(
+            name: "MaxStorageGbIncreased",
+            table: "Organization",
+            type: "smallint",
+            nullable: true);
+    }
+
+    /// <inheritdoc />
+    protected override void Down(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.DropColumn(
+            name: "MaxStorageGbIncreased",
+            table: "User");
+
+        migrationBuilder.DropColumn(
+            name: "MaxStorageGbIncreased",
+            table: "Organization");
+    }
+}

util/PostgresMigrations/Migrations/20251121193002_2025-11-21_00_AddUsePhishingBlockerToOrganization.cs

@@ -0,0 +1,28 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Bit.PostgresMigrations.Migrations;
+
+/// <inheritdoc />
+public partial class _20251121_00_AddUsePhishingBlockerToOrganization : Migration
+{
+    /// <inheritdoc />
+    protected override void Up(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.AddColumn<bool>(
+            name: "UsePhishingBlocker",
+            table: "Organization",
+            type: "boolean",
+            nullable: false,
+            defaultValue: false);
+    }
+
+    /// <inheritdoc />
+    protected override void Down(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.DropColumn(
+            name: "UsePhishingBlocker",
+            table: "Organization");
+    }
+}

util/PostgresMigrations/Migrations/DatabaseContextModelSnapshot.cs

@@ -249,6 +249,9 @@ namespace Bit.PostgresMigrations.Migrations
                     b.Property<bool>("UsePasswordManager")
                         .HasColumnType("boolean");
 
+                    b.Property<bool>("UsePhishingBlocker")
+                        .HasColumnType("boolean");
+
                     b.Property<bool>("UsePolicies")
                         .HasColumnType("boolean");
 

util/RustSdk/rust/Cargo.lock

@@ -23,7 +23,7 @@ version = "0.5.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d122413f284cf2d62fb1b7db97e02edb8cda96d769b16e443a4f6195e35662b0"
 dependencies = [
- "crypto-common",
+ "crypto-common 0.1.6",
  "generic-array",
 ]
 
@@ -65,9 +65,9 @@ dependencies = [
 
 [[package]]
 name = "argon2"
-version = "0.5.3"
+version = "0.6.0-rc.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3c3610892ee6e0cbce8ae2700349fcf8f98adb0dbfbee85aec3c9179d29cc072"
+checksum = "e1a213fe583d472f454ae47407edc78848bebd950493528b1d4f7327a7dc335f"
 dependencies = [
  "base64ct",
  "blake2",
@@ -135,7 +135,7 @@ checksum = "1b8e56985ec62d17e9c1001dc89c88ecd7dc08e47eba5ec7c29c7b5eeecde967"
 [[package]]
 name = "bitwarden-api-api"
 version = "1.0.0"
-source = "git+https://github.com/bitwarden/sdk-internal.git?rev=1461b3ba6bb6e2d0114770eb4572a1398b4789ef#1461b3ba6bb6e2d0114770eb4572a1398b4789ef"
+source = "git+https://github.com/bitwarden/sdk-internal.git?rev=7080159154a42b59028ccb9f5af62bf087e565f9#7080159154a42b59028ccb9f5af62bf087e565f9"
 dependencies = [
  "async-trait",
  "reqwest",
@@ -150,7 +150,7 @@ dependencies = [
 [[package]]
 name = "bitwarden-api-identity"
 version = "1.0.0"
-source = "git+https://github.com/bitwarden/sdk-internal.git?rev=1461b3ba6bb6e2d0114770eb4572a1398b4789ef#1461b3ba6bb6e2d0114770eb4572a1398b4789ef"
+source = "git+https://github.com/bitwarden/sdk-internal.git?rev=7080159154a42b59028ccb9f5af62bf087e565f9#7080159154a42b59028ccb9f5af62bf087e565f9"
 dependencies = [
  "async-trait",
  "reqwest",
@@ -165,7 +165,7 @@ dependencies = [
 [[package]]
 name = "bitwarden-core"
 version = "1.0.0"
-source = "git+https://github.com/bitwarden/sdk-internal.git?rev=1461b3ba6bb6e2d0114770eb4572a1398b4789ef#1461b3ba6bb6e2d0114770eb4572a1398b4789ef"
+source = "git+https://github.com/bitwarden/sdk-internal.git?rev=7080159154a42b59028ccb9f5af62bf087e565f9#7080159154a42b59028ccb9f5af62bf087e565f9"
 dependencies = [
  "async-trait",
  "bitwarden-api-api",
@@ -196,7 +196,7 @@ dependencies = [
 [[package]]
 name = "bitwarden-crypto"
 version = "1.0.0"
-source = "git+https://github.com/bitwarden/sdk-internal.git?rev=1461b3ba6bb6e2d0114770eb4572a1398b4789ef#1461b3ba6bb6e2d0114770eb4572a1398b4789ef"
+source = "git+https://github.com/bitwarden/sdk-internal.git?rev=7080159154a42b59028ccb9f5af62bf087e565f9#7080159154a42b59028ccb9f5af62bf087e565f9"
 dependencies = [
  "aes",
  "argon2",
@@ -234,7 +234,7 @@ dependencies = [
 [[package]]
 name = "bitwarden-encoding"
 version = "1.0.0"
-source = "git+https://github.com/bitwarden/sdk-internal.git?rev=1461b3ba6bb6e2d0114770eb4572a1398b4789ef#1461b3ba6bb6e2d0114770eb4572a1398b4789ef"
+source = "git+https://github.com/bitwarden/sdk-internal.git?rev=7080159154a42b59028ccb9f5af62bf087e565f9#7080159154a42b59028ccb9f5af62bf087e565f9"
 dependencies = [
  "data-encoding",
  "data-encoding-macro",
@@ -245,7 +245,7 @@ dependencies = [
 [[package]]
 name = "bitwarden-error"
 version = "1.0.0"
-source = "git+https://github.com/bitwarden/sdk-internal.git?rev=1461b3ba6bb6e2d0114770eb4572a1398b4789ef#1461b3ba6bb6e2d0114770eb4572a1398b4789ef"
+source = "git+https://github.com/bitwarden/sdk-internal.git?rev=7080159154a42b59028ccb9f5af62bf087e565f9#7080159154a42b59028ccb9f5af62bf087e565f9"
 dependencies = [
  "bitwarden-error-macro",
 ]
@@ -253,7 +253,7 @@ dependencies = [
 [[package]]
 name = "bitwarden-error-macro"
 version = "1.0.0"
-source = "git+https://github.com/bitwarden/sdk-internal.git?rev=1461b3ba6bb6e2d0114770eb4572a1398b4789ef#1461b3ba6bb6e2d0114770eb4572a1398b4789ef"
+source = "git+https://github.com/bitwarden/sdk-internal.git?rev=7080159154a42b59028ccb9f5af62bf087e565f9#7080159154a42b59028ccb9f5af62bf087e565f9"
 dependencies = [
  "darling",
  "proc-macro2",
@@ -264,7 +264,7 @@ dependencies = [
 [[package]]
 name = "bitwarden-state"
 version = "1.0.0"
-source = "git+https://github.com/bitwarden/sdk-internal.git?rev=1461b3ba6bb6e2d0114770eb4572a1398b4789ef#1461b3ba6bb6e2d0114770eb4572a1398b4789ef"
+source = "git+https://github.com/bitwarden/sdk-internal.git?rev=7080159154a42b59028ccb9f5af62bf087e565f9#7080159154a42b59028ccb9f5af62bf087e565f9"
 dependencies = [
  "async-trait",
  "bitwarden-error",
@@ -282,7 +282,7 @@ dependencies = [
 [[package]]
 name = "bitwarden-threading"
 version = "1.0.0"
-source = "git+https://github.com/bitwarden/sdk-internal.git?rev=1461b3ba6bb6e2d0114770eb4572a1398b4789ef#1461b3ba6bb6e2d0114770eb4572a1398b4789ef"
+source = "git+https://github.com/bitwarden/sdk-internal.git?rev=7080159154a42b59028ccb9f5af62bf087e565f9#7080159154a42b59028ccb9f5af62bf087e565f9"
 dependencies = [
  "bitwarden-error",
  "log",
@@ -295,7 +295,7 @@ dependencies = [
 [[package]]
 name = "bitwarden-uuid"
 version = "1.0.0"
-source = "git+https://github.com/bitwarden/sdk-internal.git?rev=1461b3ba6bb6e2d0114770eb4572a1398b4789ef#1461b3ba6bb6e2d0114770eb4572a1398b4789ef"
+source = "git+https://github.com/bitwarden/sdk-internal.git?rev=7080159154a42b59028ccb9f5af62bf087e565f9#7080159154a42b59028ccb9f5af62bf087e565f9"
 dependencies = [
  "bitwarden-uuid-macro",
 ]
@@ -303,7 +303,7 @@ dependencies = [
 [[package]]
 name = "bitwarden-uuid-macro"
 version = "1.0.0"
-source = "git+https://github.com/bitwarden/sdk-internal.git?rev=1461b3ba6bb6e2d0114770eb4572a1398b4789ef#1461b3ba6bb6e2d0114770eb4572a1398b4789ef"
+source = "git+https://github.com/bitwarden/sdk-internal.git?rev=7080159154a42b59028ccb9f5af62bf087e565f9#7080159154a42b59028ccb9f5af62bf087e565f9"
 dependencies = [
  "quote",
  "syn",
@@ -311,11 +311,11 @@ dependencies = [
 
 [[package]]
 name = "blake2"
-version = "0.10.6"
+version = "0.11.0-rc.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "46502ad458c9a52b69d4d4d32775c788b7a1b85e8bc9d482d92250fc0e3f8efe"
+checksum = "679065eb2b85a078ace42411e657bef3a6afe93a40d1b9cb04e39ca303cc3f36"
 dependencies = [
- "digest",
+ "digest 0.11.0-rc.4",
 ]
 
 [[package]]
@@ -327,6 +327,15 @@ dependencies = [
  "generic-array",
 ]
 
+[[package]]
+name = "block-buffer"
+version = "0.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "96eb4cdd6cf1b31d671e9efe75c5d1ec614776856cefbe109ca373554a6d514f"
+dependencies = [
+ "hybrid-array",
+]
+
 [[package]]
 name = "block-padding"
 version = "0.3.3"
@@ -460,7 +469,7 @@ version = "0.4.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad"
 dependencies = [
- "crypto-common",
+ "crypto-common 0.1.6",
  "inout",
  "zeroize",
 ]
@@ -558,6 +567,15 @@ dependencies = [
  "typenum",
 ]
 
+[[package]]
+name = "crypto-common"
+version = "0.2.0-rc.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "919bd05924682a5480aec713596b9e2aabed3a0a6022fab6847f85a99e5f190a"
+dependencies = [
+ "hybrid-array",
+]
+
 [[package]]
 name = "csbindgen"
 version = "1.9.3"
@@ -577,7 +595,7 @@ dependencies = [
  "cfg-if",
  "cpufeatures",
  "curve25519-dalek-derive",
- "digest",
+ "digest 0.10.7",
  "fiat-crypto",
  "rustc_version",
  "subtle",
@@ -683,9 +701,20 @@ version = "0.10.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292"
 dependencies = [
- "block-buffer",
+ "block-buffer 0.10.4",
  "const-oid",
- "crypto-common",
+ "crypto-common 0.1.6",
+ "subtle",
+]
+
+[[package]]
+name = "digest"
+version = "0.11.0-rc.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ea390c940e465846d64775e55e3115d5dc934acb953de6f6e6360bc232fe2bf7"
+dependencies = [
+ "block-buffer 0.11.0",
+ "crypto-common 0.2.0-rc.5",
  "subtle",
 ]
 
@@ -952,7 +981,7 @@ version = "0.12.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e"
 dependencies = [
- "digest",
+ "digest 0.10.7",
 ]
 
 [[package]]
@@ -995,6 +1024,15 @@ version = "1.10.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6dbf3de79e51f3d586ab4cb9d5c3e2c14aa28ed23d180cf89b4df0454a69cc87"
 
+[[package]]
+name = "hybrid-array"
+version = "0.4.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f471e0a81b2f90ffc0cb2f951ae04da57de8baa46fa99112b062a5173a5088d0"
+dependencies = [
+ "typenum",
+]
+
 [[package]]
 name = "hyper"
 version = "1.6.0"
@@ -1476,12 +1514,12 @@ checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e"
 
 [[package]]
 name = "password-hash"
-version = "0.5.0"
+version = "0.6.0-rc.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "346f04948ba92c43e8469c1ee6736c7563d71012b17d40745260fe106aac2166"
+checksum = "a7d47a2d1aee5a339aa6c740d9128211a8a3d2bdf06a13e01b3f8a0b5c49b9db"
 dependencies = [
  "base64ct",
- "rand_core 0.6.4",
+ "rand_core 0.10.0-rc-2",
  "subtle",
 ]
 
@@ -1491,7 +1529,7 @@ version = "0.12.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f8ed6a7761f76e3b9f92dfb0a60a6a6477c61024b775147ff0973a02653abaf2"
 dependencies = [
- "digest",
+ "digest 0.10.7",
 ]
 
 [[package]]
@@ -1721,6 +1759,12 @@ dependencies = [
  "getrandom 0.3.3",
 ]
 
+[[package]]
+name = "rand_core"
+version = "0.10.0-rc-2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "104a23e4e8b77312a823b6b5613edbac78397e2f34320bc7ac4277013ec4478e"
+
 [[package]]
 name = "rayon"
 version = "1.10.0"
@@ -1851,7 +1895,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "78928ac1ed176a5ca1d17e578a1825f3d81ca54cf41053a592584b020cfd691b"
 dependencies = [
  "const-oid",
- "digest",
+ "digest 0.10.7",
  "num-bigint-dig",
  "num-integer",
  "num-traits",
@@ -2225,7 +2269,7 @@ checksum = "e3bf829a2d51ab4a5ddf1352d8470c140cadc8301b2ae1789db023f01cedd6ba"
 dependencies = [
  "cfg-if",
  "cpufeatures",
- "digest",
+ "digest 0.10.7",
 ]
 
 [[package]]
@@ -2236,7 +2280,7 @@ checksum = "a7507d819769d01a365ab707794a4084392c824f54a7a6a7862f8c3d0892b283"
 dependencies = [
  "cfg-if",
  "cpufeatures",
- "digest",
+ "digest 0.10.7",
 ]
 
 [[package]]
@@ -2251,7 +2295,7 @@ version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de"
 dependencies = [
- "digest",
+ "digest 0.10.7",
  "rand_core 0.6.4",
 ]
 
@@ -2606,7 +2650,7 @@ version = "0.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "fc1de2c688dc15305988b563c3854064043356019f97a4b46276fe734c4f07ea"
 dependencies = [
- "crypto-common",
+ "crypto-common 0.1.6",
  "subtle",
 ]
 

util/RustSdk/rust/Cargo.toml

@@ -13,8 +13,8 @@ crate-type = ["cdylib"]
 
 [dependencies]
 base64 = "0.22.1"
-bitwarden-core = { git = "https://github.com/bitwarden/sdk-internal.git", rev = "1461b3ba6bb6e2d0114770eb4572a1398b4789ef" }
-bitwarden-crypto = { git = "https://github.com/bitwarden/sdk-internal.git", rev = "1461b3ba6bb6e2d0114770eb4572a1398b4789ef" }
+bitwarden-core = { git = "https://github.com/bitwarden/sdk-internal.git", rev = "7080159154a42b59028ccb9f5af62bf087e565f9" }
+bitwarden-crypto = { git = "https://github.com/bitwarden/sdk-internal.git", rev = "7080159154a42b59028ccb9f5af62bf087e565f9" }
 serde = "=1.0.219"
 serde_json = "=1.0.141"
 

util/SqliteMigrations/Migrations/20251112155857_AddMaxStorageGbIncreasedColumn.cs

@@ -0,0 +1,37 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Bit.SqliteMigrations.Migrations;
+
+/// <inheritdoc />
+public partial class AddMaxStorageGbIncreasedColumn : Migration
+{
+    /// <inheritdoc />
+    protected override void Up(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.AddColumn<short>(
+            name: "MaxStorageGbIncreased",
+            table: "User",
+            type: "INTEGER",
+            nullable: true);
+
+        migrationBuilder.AddColumn<short>(
+            name: "MaxStorageGbIncreased",
+            table: "Organization",
+            type: "INTEGER",
+            nullable: true);
+    }
+
+    /// <inheritdoc />
+    protected override void Down(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.DropColumn(
+            name: "MaxStorageGbIncreased",
+            table: "User");
+
+        migrationBuilder.DropColumn(
+            name: "MaxStorageGbIncreased",
+            table: "Organization");
+    }
+}

util/SqliteMigrations/Migrations/20251121193012_2025-11-21_00_AddUsePhishingBlockerToOrganization.cs

@@ -0,0 +1,28 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Bit.SqliteMigrations.Migrations;
+
+/// <inheritdoc />
+public partial class _20251121_00_AddUsePhishingBlockerToOrganization : Migration
+{
+    /// <inheritdoc />
+    protected override void Up(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.AddColumn<bool>(
+            name: "UsePhishingBlocker",
+            table: "Organization",
+            type: "INTEGER",
+            nullable: false,
+            defaultValue: false);
+    }
+
+    /// <inheritdoc />
+    protected override void Down(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.DropColumn(
+            name: "UsePhishingBlocker",
+            table: "Organization");
+    }
+}

util/SqliteMigrations/Migrations/DatabaseContextModelSnapshot.cs

@@ -242,6 +242,9 @@ namespace Bit.SqliteMigrations.Migrations
                     b.Property<bool>("UsePasswordManager")
                         .HasColumnType("INTEGER");
 
+                    b.Property<bool>("UsePhishingBlocker")
+                        .HasColumnType("INTEGER");
+
                     b.Property<bool>("UsePolicies")
                         .HasColumnType("INTEGER");