* First pass at adding Automatic User Confirmation Policy.
* Adding edge case tests. Adding side effect of updating organization feature. Removing account recovery restriction from validation.
* Added implementation for the vnext save
* Added documentation to different event types with remarks. Updated IPolicyValidator xml docs.
* Remove EventBasedOrganizationIntegrations feature flag
* Remove unnecessary nullable enable
* Refactored service collection extensions to follow a more direct path: ASB, RabbitMQ, Azure Queue, Repository, No-op
* Use TryAdd instead of Add
* new feature flag
* first pass at changes
* safeguard against billing-pricing not being deployed yet
* handle families pre migration plan
* wrong stripe id
* tests
* unit tests
* Add PolicyValidatorsRefactor constant to FeatureFlagKeys in Constants.cs
* Add Metadata property and ToSavePolicyModel method to PolicyUpdateRequestModel
* Refactor PoliciesController to utilize IVNextSavePolicyCommand based on feature flag
- Added IFeatureService and IVNextSavePolicyCommand dependencies to PoliciesController.
- Updated PutVNext method to conditionally use VNextSavePolicyCommand or SavePolicyCommand based on the PolicyValidatorsRefactor feature flag.
- Enhanced unit tests to verify behavior for both enabled and disabled states of the feature flag.
* Update public PoliciesController to to utilize IVNextSavePolicyCommand based on feature flag
- Introduced IFeatureService and IVNextSavePolicyCommand to manage policy saving based on the PolicyValidatorsRefactor feature flag.
- Updated the Put method to conditionally use the new VNextSavePolicyCommand or the legacy SavePolicyCommand.
- Added unit tests to validate the behavior of the Put method for both enabled and disabled states of the feature flag.
* Refactor VerifyOrganizationDomainCommand to utilize IVNextSavePolicyCommand based on feature flag
- Added IFeatureService and IVNextSavePolicyCommand dependencies to VerifyOrganizationDomainCommand.
- Updated EnableSingleOrganizationPolicyAsync method to conditionally use VNextSavePolicyCommand or SavePolicyCommand based on the PolicyValidatorsRefactor feature flag.
- Enhanced unit tests to validate the behavior when the feature flag is enabled.
* Enhance SsoConfigService to utilize IVNextSavePolicyCommand based on feature flag
- Added IFeatureService and IVNextSavePolicyCommand dependencies to SsoConfigService.
- Updated SaveAsync method to conditionally use VNextSavePolicyCommand or SavePolicyCommand based on the PolicyValidatorsRefactor feature flag.
- Added unit tests to validate the behavior when the feature flag is enabled.
* Refactor SavePolicyModel to simplify constructor usage by removing EmptyMetadataModel parameter. Update related usages across the codebase to reflect the new constructor overloads.
* Update PolicyUpdateRequestModel to make Metadata property nullable for improved null safety
* Enhance PolicyRequestModel and SavePolicyRequest with validation for policy data and metadata.
* Add integration tests for policy updates to validate handling of invalid data types in PolicyRequestModel and SavePolicyRequest.
* Add missing using
* Update PolicyRequestModel for null safety by making Data and ValidateAndSerializePolicyData nullable
* Add integration tests for public PoliciesController to validate handling of invalid data types in policy updates.
* Add PolicyDataValidator class for validating and serializing policy data and metadata based on policy type.
* Refactor PolicyRequestModel, SavePolicyRequest, and PolicyUpdateRequestModel to utilize PolicyDataValidator for data validation and serialization, removing redundant methods and improving code clarity.
* Update PolicyRequestModel and SavePolicyRequest to initialize Data and Metadata properties with empty dictionaries.
* Refactor PolicyDataValidator to remove null checks for input data in validation methods
* Rename test methods in SavePolicyRequestTests to reflect handling of empty data and metadata, and remove null assignments in test cases for improved clarity.
* Enhance error handling in PolicyDataValidator to include field-specific details in BadRequestException messages.
* Enhance PoliciesControllerTests to verify error messages for BadRequest responses by checking for specific field names in the response content.
* refactor: Update PolicyRequestModel and SavePolicyRequest to use nullable dictionaries for Data and Metadata properties; enhance validation methods in PolicyDataValidator to handle null cases.
* test: Add integration tests for handling policies with null data in PoliciesController
* fix: Catch specific JsonException in PolicyDataValidator to improve error handling
* test: Add unit tests for PolicyDataValidator to validate and serialize policy data and metadata
* test: Update PolicyDataValidatorTests to validate organization data ownership metadata
* Move account recovery logic to command
(temporarily duplicated behind feature flag)
* Move permission checks to authorization handler
* Prevent user from recovering provider member account
unless they are also provider member
* Add validation to URI Match Default Policy for Single Org prerequisite
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Remove nullable enable; Replace Task.FromResult(0) with Task.CompletedTask
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Add unit test for our new validator
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Improve comments and whitespace for unit test
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Remove unnecessary whitespace in unit test
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Remove unneccessary unit tets
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Re-add using NSubstitute
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Revert unintended changes to AccountControllerTest.cs
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Revert unintended changes to AccountControllerTest.cs
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Revert unintended changes to HubHelpersTest.cs
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Add IEnforceDependentPoliciesEvent interface to UriMatchDefaultPolicyValidator
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
---------
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Refactored Azure Service Bus to use the organization id as a partition key
* Use null for partition key instead of empty string when organization id is null
* Add integration tests for GetByUserIdWithPolicyDetailsAsync in OrganizationUserRepository
- Implemented multiple test cases to verify the behavior of GetByUserIdWithPolicyDetailsAsync for different user statuses (Confirmed, Accepted, Invited, Revoked).
- Ensured that the method returns correct policy details based on user status and organization.
- Added tests for scenarios with multiple organizations and non-existing policy types.
- Included checks for provider users and custom user permissions.
These tests enhance coverage and ensure the correctness of policy retrieval logic.
* Add UserProviderAccessView to identify which organizations a user can access as a provider
* Refactor PolicyDetails_ReadByUserId stored procedure to improve user access logic
- Introduced a Common Table Expression (CTE) for organization users to streamline the selection process based on user status and email.
- Added a CTE for providers to enhance clarity and maintainability.
- Updated the main query to utilize the new CTEs, improving readability and performance.
- Ensured that the procedure correctly identifies provider access based on user permissions.
* Refactor OrganizationUser_ReadByUserIdWithPolicyDetails stored procedure to enhance user access logic
- Introduced a Common Table Expression (CTE) for organization users to improve selection based on user status and email.
- Updated the main query to utilize the new CTEs, enhancing readability and performance.
- Adjusted the logic for identifying provider access to ensure accurate policy retrieval based on user permissions.
* Add new SQL migration script to refactor policy details queries
- Created a new view, UserProviderAccessView, to streamline user access to provider organizations.
- Introduced two stored procedures: PolicyDetails_ReadByUserId and OrganizationUser_ReadByUserIdWithPolicyDetails, enhancing the logic for retrieving policy details based on user ID and policy type.
- Utilized Common Table Expressions (CTEs) to improve query readability and performance, ensuring accurate policy retrieval based on user permissions and organization status.
* Remove GetPolicyDetailsByUserIdTests
* Refactor PolicyRequirementQuery to use GetPolicyDetailsByUserIdsAndPolicyType and update unit tests
* Remove GetPolicyDetailsByUserId method from IPolicyRepository and its implementations in PolicyRepository classes
* Revert changes to PolicyDetails_ReadByUserId stored procedure
* Refactor OrganizationUser_ReadByUserIdWithPolicyDetails stored procedure to use UNION instead of OR
* Reduce UserEmail variable size from NVARCHAR(320) to NVARCHAR(256) for consistency in stored procedures
* Bump date on migration script
* Implement IOnPolicyPreUpdateEvent for FreeFamiliesForEnterprisePolicyValidator and add corresponding unit tests
* Implement IEnforceDependentPoliciesEvent in MaximumVaultTimeoutPolicyValidator
* Rename test methods in FreeFamiliesForEnterprisePolicyValidatorTests for consistency
* Implement IPolicyValidationEvent and IEnforceDependentPoliciesEvent in RequireSsoPolicyValidator and enhance unit tests
* Implement IPolicyValidationEvent and IEnforceDependentPoliciesEvent in ResetPasswordPolicyValidator and add unit tests
* Implement IOnPolicyPreUpdateEvent in TwoFactorAuthenticationPolicyValidator and add unit tests
* Implement IPolicyValidationEvent and IOnPolicyPreUpdateEvent in SingleOrgPolicyValidator with corresponding unit tests
* Implement IOnPolicyPostUpdateEvent in OrganizationDataOwnershipPolicyValidator and add unit tests for ExecutePostUpsertSideEffectAsync
* Refactor policy validation logic in VNextSavePolicyCommand to simplify enabling and disabling requirements checks
* Refactor VNextSavePolicyCommand to replace IEnforceDependentPoliciesEvent with IPolicyUpdateEvent and update related tests
* Add AddPolicyUpdateEvents method and update service registration for policy update events
* Add Microsoft Teams integration
* Fix method naming error
* Expand and clean up unit test coverage
* Update with PR feedback
* Add documentation, add In Progress logic/tests for Teams
* Fixed lowercase Slack
* Added docs; Updated PR suggestions;
* Fix broken tests
* Refactor Slack Callback
* Add more safety to state param, clarify if logic, update tests
* Added an additional 2 possible cases to test: integration is not a slack integration, and the integration has already been claimed
* Implement SonarQube suggestion
* Adjusted org hash to include timestamp; addressed PR feedback
* Use single method for default collection creation
* Use GenerateComb to create sequential guids
* Pre-sort data for SqlBulkCopy
* Add SqlBulkCopy options per dbops recommendations
- create vNext command
- restructure command to simplify logic
- move validation to a separate class
- implement result types using OneOf library and demo
their use here
* Event integration updates and cleanups
* Add Datadog integration
* Update README to include link to Datadog PR
* Move doc update into the Datadog PR; Fix empty message on ArgumentException
* Adjust exception message
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Removed unnecessary nullable enable; Moved Docs link to PR into this PR
* Remove unnecessary nullable enable calls
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Add new event types for collection management settings in EventType enum
* Refactor collection management settings update process in OrganizationsController and IOrganizationService.
Introduced UpdateCollectionManagementSettingsAsync method to streamline updates and logging for collection management settings.
* Add unit tests for collection management settings updates in OrganizationsController and OrganizationService.
Implemented tests to verify the successful update of collection management settings and the logging of specific events when settings are changed. Added error handling for cases where the organization is not found.
* Refactor collection management settings handling in OrganizationsController and IOrganizationService.
Updated the UpdateCollectionManagementSettingsAsync method to accept a single settings object, simplifying the parameter list and improving code readability. Introduced a new OrganizationCollectionManagementSettings model to encapsulate collection management settings. Adjusted related tests to reflect these changes.
* Add Obsolete attribute to Organization_CollectionManagement_Updated event in EventType enum
* Add IResendOrganizationInviteCommand and ResendOrganizationInviteCommand implementation
* Add unit tests for ResendOrganizationInviteCommand to validate invite resend functionality
* Refactor Organizations, OrganizationUsers, and Members controllers to use IResendInviteCommand for invite resending functionality
* Fix Organizations, OrganizationUsers, and Members controllers to replace IResendInviteCommand with IResendOrganizationInviteCommand
* Remove ResendInviteAsync method from IOrganizationService and its implementation in OrganizationService to streamline invite management functionality.
* Add IResendOrganizationInviteCommand registration in OrganizationServiceCollectionExtensions
* Update the OrganizationUserController integration Confirm tests to handle the Owner type
* Refactor ConfirmOrganizationUserCommand to simplify side-effect handling in organization user confirmation.
Update IPolicyRequirementQuery to return eligible org user IDs for policy enforcement.
Update tests for method signature changes and default collection creation logic.
* Refactor UpdateOrganizationUserCommand to validate and filter out DefaultUserCollections during user updates.
* Enhance UpdateOrganizationUserCommandTests to filter out DefaultUserCollections during user updates, ensuring only shared collections are processed. Updated test logic to reflect new filtering behavior.
* Add integration test for updating organization user with existing default collection. The test verifies successful updates to user permissions, group access, and collection access, ensuring correct handling of shared and default collections.
* Refactor UpdateOrganizationUserCommand to separate the collection validation and DefaultUserCollection filtering
* Refactored integration test setup/assertion for clarity
* Implement GetByOrganizationAsync method in PolicyRequirementQuery and add corresponding unit tests
* Refactor ConfirmOrganizationUserCommand for clarity and add bulk support
* Update ConfirmOrganizationUserCommandTests to use GetByOrganizationAsync for policy requirement queries
* Add DefaultUserCollectionName property to OrganizationUserBulkConfirmRequestModel with encryption attributes
* Update ConfirmUsersAsync method to include DefaultUserCollectionName parameter in OrganizationUsersController
* Add EnableOrganizationDataOwnershipPolicyAsync method to OrganizationTestHelpers
* Add integration tests for confirming organization users in OrganizationUserControllerTests
- Implemented Confirm_WithValidUser test to verify successful confirmation of a single user.
- Added BulkConfirm_WithValidUsers test to ensure multiple users can be confirmed successfully.
* Refactor organization user confirmation integration tests to also test when the organization data ownership policy is disabled
* Refactor ConfirmOrganizationUserCommand to consolidate confirmation side effects handling
- Replaced single and bulk confirmation side effect methods with a unified HandleConfirmationSideEffectsAsync method.
- Updated related logic to handle confirmed organization users more efficiently.
- Adjusted unit tests to reflect changes in the collection creation process for confirmed users.
* Refactor OrganizationUserControllerTests to simplify feature flag handling and consolidate test logic
- Removed redundant feature flag checks in Confirm and BulkConfirm tests.
- Updated tests to directly enable the Organization Data Ownership policy without conditional checks.
- Ensured verification of DefaultUserCollection for confirmed users remains intact.
* Refactor OrganizationUserControllerTests to enhance clarity and reduce redundancy
- Simplified user creation and confirmation logic in tests by introducing helper methods.
- Consolidated verification of confirmed users and their associated collections.
- Removed unnecessary comments and streamlined test flow for better readability.
* Adding job to update stripe subscriptions and increment seat count when inviting a user.
* Updating name
* Added ef migrations
* Fixing script
* Fixing procedures. Added repo tests.
* Fixed set stored procedure. Fixed parameter name.
* Added tests for database calls and updated stored procedures
* Fixed build for sql file.
* fixing sproc
* File is nullsafe
* Adding view to select from instead of table.
* Updating UpdateSubscriptionStatus to use a CTE and do all the updates in 1 statement.
* Setting revision date when incrementing seat count
* Added feature flag check for the background job.
* Fixing nullable property.
* Removing new table and just adding the column to org. Updating to query and command. Updated tests.
* Adding migration script rename
* Add SyncSeats to Org.sql def
* Adding contraint name
* Removing old table files.
* Added tests
* Upped the frequency to be at the top of every 3rd hour.
* Updating error message.
* Removing extension method
* Changed to GuidIdArray
* Added xml doc and switched class to record
* Refactor ConfirmOrganizationUserCommand to push registration after DB save
* Assert device push registration handling in ConfirmOrganizationUserCommandTests
* [PM-17562] Refactor event integration methods / declarations in ServiceCollectionExtensions
* Refactored ServiceCollectionExtensions to use TryAdd and still launch unique listeneer services
* Updated unit tests to match new generic format for Listeners
* Fix method spacing
* Update README to reflect new integration setup in ServiceCollectionExtensions
* Move interfaces to I prefix; fix typo in subscription
* Fix reference to IIntegrationListenerConfiguration
* Add SelfHostedOrganizationSignUpCommand for organization sign-up process
Method extracted from OrganizationService
* Register SelfHostedOrganizationSignUpCommand for dependency injection
* Add unit tests for SelfHostedOrganizationSignUpCommand
* Refactor SelfHostedOrganizationLicensesController to use ISelfHostedOrganizationSignUpCommand
* Remove SignUpAsync method and related validation from IOrganizationService and OrganizationService
* Move ISelfHostedOrganizationSignUpCommand into a separate file and update references
* Enable null safety in SelfHostedOrganizationSignUpCommand and update ISelfHostedOrganizationSignUpCommand interface to reflect nullable types for organizationUser and collectionName.
* Created ReadAllOrganizationUsersBasicInformationRequirement for use with Authorize attribute.
* Removed unused req and Handler and tests. Moved to new auth attribute
* Moved tests to integration tests with new response.
* Removed tests that were migrated to integration tests.
* Made string params Guids instead of parsing them manually in methods.
* Admin and Owner added to requirement.
* Added XML docs for basic get endpoint. Removed unused. Added another auth check. Inverted if check.
* Removed unused endpoint
* Added tests for requirement
* Added checks for both User and Custom
* Added org id check to validate the user being requested belongs to the org in the route.
* typo
* Moved license models to billing
* Moved LicensingService to billing
* Moved license command and queries to billing
* Moved LicenseController to billing
* [PM-17562] Add HEC integration support
* Re-ordered parameters per PR suggestion
* Apply suggestions from code review
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Refactored webhook request model validation to be more clear
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
