* PM-23754 initial commit
* pm-23754 fixing controller tests
* pm-23754 adding commands and queries
* pm-23754 adding endpoints, command/queries, repositories, and sql migrations
* pm-23754 add new sql scripts
* PM-23754 adding sql scripts
* pm-23754
* PM-23754 fixing migration script
* PM-23754 fixing migration script again
* PM-23754 fixing migration script validation
* PM-23754 fixing db validation script issue
* PM-23754 fixing endpoint and db validation
* PM-23754 fixing unit tests
* PM-23754 fixing implementation based on comments and tests
* PM-23754 updating logging statements
* PM-23754 making changes based on PR comments.
* updating migration scripts
* removing old migration files
* update code based testing for whole data object for OrganizationReport and add a stored procedure.
* updating services, unit tests, repository tests
* fixing unit tests
* fixing migration script
* fixing migration script again
* fixing migration script
* another fix
* fixing sql file, updating controller to account for different orgIds in the url and body.
* updating error message in controllers without a body
* making a change to the command
* Refactor ReportsController by removing organization reports
The IDropOrganizationReportCommand is no longer needed
* will code based on PR comments.
* fixing unit test
* fixing migration script based on last changes.
* adding another check in endpoint and adding unit tests
* fixing route parameter.
* PM-23754 updating data fields to return just the column
* PM-23754 fixing repository method signatures
* PM-23754 making change to orgId parameter through out code to align with api naming
---------
Co-authored-by: Tom <144813356+ttalty@users.noreply.github.com>
* Add SsoEnabled field to OrganizationUserOrganizationDetailsView
- Updated OrganizationUserOrganizationDetailsViewQuery to include SsoEnabled property.
- Modified SQL view to select SsoEnabled from SsoConfig.
- Created migration script to alter the view and refresh dependent views.
* Enhance OrganizationUserRepositoryTests to include SSO configuration
- Added ISsoConfigRepository dependency to GetManyDetailsByUserAsync test.
- Created SsoConfigurationData instance and integrated SSO configuration checks in assertions.
- Updated tests to validate SSO-related properties in the response model.
* Add SSO properties to ProfileOrganizationResponseModel and OrganizationUserOrganizationDetails
- Introduced SsoEnabled and SsoMemberDecryptionType fields in ProfileOrganizationResponseModel.
- Added SsoEnabled property to OrganizationUserOrganizationDetails for enhanced SSO configuration support.
If user cleanly follow install instructions Setup app will create nginx
`default.conf` (and other files) with `644` permission owned by
`bitwarden:bitwarden`.
During Nginx entrypoint script it copies generated `default.conf` to
`/etc/nginx/conf.d/` but without `-p` flag new file permissions would be
`root:root 644`.
Then during startup Nginx will start as `bitwarden` user, which will not
cause any issues by itself as `default.conf` is still readable by the
world.
The issue is that for some reason some users have their Nginx config
file (or sometimes even entire `bwdata` recursively) have `600` or `700`
permissions. In this case Nginx will fail to start due to `default.conf`
not readable by `bitwarden` user.
I assume that root cause is that some users mistakenly run `sudo chmod
-R 700 /opt/bitwarden` from Linux installation guide after they have run
`./bitwarden.sh install`. Or maybe some older version of Setup app where
creating `default.conf` with `600` permissions and users are using very
legacy installations.
Whatever may be the case I do not see any harm with copying with `-p` it
even looks to me that this was the intended behavior. This will both fix
the issue for mentioned users and preserve permission structure aligned
with other files.
* Adding new logging for secrets
* fixing secrest controller tests
* fixing the tests
* Server side changes for adding ProjectId to Event table, adding Project event logging to projectsController
* Rough draft with TODO's need to work on EventRepository.cs, and ProjectRepository.cs
* Undoing changes to make projects soft delete, we want those to be fully deleted still. Adding GetManyTrashedSecretsByIds to secret repo so we can get soft deleted secrets, getSecrets in eventsController takes in orgdId, so that we can check the permission even if the secret was permanently deleted and doesn' thave the org Id set. Adding Secret Perm Deleted, and Restored to event logs
* db changes
* fixing the way we log events
* Trying to undo some manual changes that should have been migrations
* adding migration files
* fixing test
* setting up userid for project controller tests
* adding sql
* sql
* Rename file
* Trying to get it to for sure add the column before we try and update sprocs
* Adding code to refresh the view to include ProjectId I hope
* code improvements
* Suggested changes
* suggested changes
* trying to fix sql issues
* fixing swagger issue
* Update src/Core/SecretsManager/Repositories/Noop/NoopSecretRepository.cs
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Suggested changes
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* migrate default collection to a shared collection when users are removed
* remove redundant logic
* fix test
* fix tests
* fix test
* clean up
* add migrations
* run dotnet format
* clean up, refactor duplicate logic to sproc, wip integration test
* fix sql
* add migration for new sproc
* integration test wip
* integration test wip
* integration test wip
* integration test wip
* fix integration test LINQ expression
* fix using wrong Id
* wip integration test for DeleteManyAsync
* fix LINQ
* only set DefaultUserEmail when it is null in sproc
* check for null
* spelling, separate create and update request models
* fix test
* fix child class
* refactor sproc
* clean up
* more cleanup
* fix tests
* fix user email
* remove unneccesary test
* add DefaultUserCollectionEmail to EF query
* fix test
* fix EF logic to match sprocs
* clean up logic
* cleanup
* add metrics endpoint for an organization to return completed and total security tasks
* refactor metrics fetch to use sql sproc for efficiency rather than having to pull all security task data
* add separate response model for security task metrics endpoint
* Pascal Case to match existing implementations
* refactor org to organization for consistency with other methods
* alter security task endpoint:
- remove "count" from variable naming
- update sproc naming
* remove enablement check
* replace orgId with organizationId
* Adding job to update stripe subscriptions and increment seat count when inviting a user.
* Updating name
* Added ef migrations
* Fixing script
* Fixing procedures. Added repo tests.
* Fixed set stored procedure. Fixed parameter name.
* Added tests for database calls and updated stored procedures
* Fixed build for sql file.
* fixing sproc
* File is nullsafe
* Adding view to select from instead of table.
* Updating UpdateSubscriptionStatus to use a CTE and do all the updates in 1 statement.
* Setting revision date when incrementing seat count
* Added feature flag check for the background job.
* Fixing nullable property.
* Removing new table and just adding the column to org. Updating to query and command. Updated tests.
* Adding migration script rename
* Add SyncSeats to Org.sql def
* Adding contraint name
* Removing old table files.
* Added tests
* Upped the frequency to be at the top of every 3rd hour.
* Updating error message.
* Removing extension method
* Changed to GuidIdArray
* Added xml doc and switched class to record
* feat: exclude DefaultUserCollection from GetManyByOrganizationIdWithPermissionsAsync
Updated EF implementation, SQL procedure, and unit test to verify that default user collections are filtered from results
* Update the public CollectionsController.Get method to return a NotFoundResult for collections of type DefaultUserCollection.
* Add unit tests for the public CollectionsController
* Update ICollectionRepository.GetManyByOrganizationIdAsync to exclude results of the type DefaultUserCollection
Modified the SQL stored procedure and the EF query to reflect this change and added a new integration test to ensure the functionality works as expected.
* Refactor CollectionsController to remove unused IApplicationCacheService dependency
* Update IOrganizationUserRepository.GetDetailsByIdWithCollectionsAsync to exclude DefaultUserCollections
* Update IOrganizationUserRepository.GetManyDetailsByOrganizationAsync to exclude DefaultUserCollections
* Undo change to GetByIdWithCollectionsAsync
* Update integration test to verify exclusion of DefaultUserCollection in OrganizationUserRepository.GetDetailsByIdWithCollectionsAsync
* Clarify documentation in ICollectionRepository to specify that GetManyByOrganizationIdWithAccessAsync returns only shared collections belonging to the organization.
* Update IOrganizationUserRepository.ReplaceAsync to preserve existing access to collections of the type DefaultUserCollection
* Refactor ICollectionRepository.GetManyByOrganizationIdAsync logic to include default user collections
* Add stored procedure Collection_ReadSharedCollectionsByOrganizationId to retrieve collections by organization ID, excluding default user collections.
* Add GetManySharedCollectionsByOrganizationIdAsync method to ICollectionRepository and its implementations to retrieve collections excluding default user collections.
* Add unit test for GetManySharedCollectionsByOrganizationIdAsync method in CollectionRepositoryTests to verify retrieval of collections excluding default user collections.
* Refactor controllers to use GetManySharedCollectionsByOrganizationIdAsync for retrieving shared collections
* Update unit tests to use GetManySharedCollectionsByOrganizationIdAsync for verifying shared collections retrieval
* Revert CiphersController.CanEditItemsInCollections to use GetManyByOrganizationIdAsync for retrieving organization collections
* Update stored procedures to retrieve only DefaultUserCollection by modifying the WHERE clause in Collection_ReadSharedCollectionsByOrganizationId.sql and its corresponding migration script.
* Update EF CollectionRepository.GetManySharedCollectionsByOrganizationIdAsync to filter collections by SharedCollection
* Update OrganizationUserRepository.GetManyDetailsByOrganizationAsync_vNext to only include Shared collections
* Update comments in stored procedure and migration script to clarify filtering for SharedCollections only
* Add new feature flag for Members Get Endpoint Optimization
* Add a new version of OrganizationUser_ReadByOrganizationIdWithClaimedDomains that uses CTE for better performance
* Add stored procedure OrganizationUserUserDetails_ReadByOrganizationId_V2 for retrieving user details, group associations, and collection associations by organization ID.
* Add the sql migration script to add the new stored procedures
* Introduce GetManyDetailsByOrganizationAsync_vNext and GetManyByOrganizationWithClaimedDomainsAsync_vNext in IOrganizationUserRepository to enhance performance by reducing database round trips.
* Updated GetOrganizationUsersClaimedStatusQuery to use an optimized query when the feature flag is enabled
* Updated OrganizationUserUserDetailsQuery to use optimized queries when the feature flag is enabled
* Add integration tests for GetManyDetailsByOrganizationAsync_vNext
* Add integration tests for GetManyByOrganizationWithClaimedDomainsAsync_vNext to validate behavior with verified and unverified domains.
* Optimize performance by conditionally setting permissions only for Custom user types in OrganizationUserUserDetailsQuery.
* Create UserEmailDomainView to extract email domains from users' email addresses
* Create stored procedure Organization_ReadByClaimedUserEmailDomain_V2 that uses UserEmailDomainView to fetch Email domains
* Add GetByVerifiedUserEmailDomainAsync_vNext method to IOrganizationRepository and its implementations
* Refactor OrganizationUser_ReadByOrganizationIdWithClaimedDomains_V2 stored procedure to use UserEmailDomainView for email domain extraction, improving query efficiency and clarity.
* Enhance IOrganizationUserRepository with detailed documentation for GetManyDetailsByOrganizationAsync method, clarifying its purpose and performance optimizations. Added remarks for better understanding of its functionality.
* Fix missing newline at the end of Organization_ReadByClaimedUserEmailDomain_V2.sql to adhere to coding standards.
* Update the database migration script to include UserEmailDomainView
* Bumped the date on the migration script
* Remove GetByVerifiedUserEmailDomainAsync_vNext method and its stored procedure.
* Refactor UserEmailDomainView index creation to check for existence before creation
* Update OrganizationUser_ReadByOrganizationIdWithClaimedDomains_V2 to use CTE and add indexes
* Remove creation of unique clustered index from UserEmailDomainView and related migration script adjustments
* Update indexes and sproc
* Fix index name when checking if it already exists
* Bump up date on migration script
* Document database projects and complete EDD support
* Remove an old remnant of a now-unused 'future' state
* Sync finalization scripts
* Fix conflict
* Fix some script issues
* feat: exclude DefaultUserCollection from GetManyByOrganizationIdWithPermissionsAsync
Updated EF implementation, SQL procedure, and unit test to verify that default user collections are filtered from results
* Update the public CollectionsController.Get method to return a NotFoundResult for collections of type DefaultUserCollection.
* Add unit tests for the public CollectionsController
* Update ICollectionRepository.GetManyByOrganizationIdAsync to exclude results of the type DefaultUserCollection
Modified the SQL stored procedure and the EF query to reflect this change and added a new integration test to ensure the functionality works as expected.
* Refactor CollectionsController to remove unused IApplicationCacheService dependency
* Update IOrganizationUserRepository.GetDetailsByIdWithCollectionsAsync to exclude DefaultUserCollections
* Update IOrganizationUserRepository.GetManyDetailsByOrganizationAsync to exclude DefaultUserCollections
* Undo change to GetByIdWithCollectionsAsync
* Update integration test to verify exclusion of DefaultUserCollection in OrganizationUserRepository.GetDetailsByIdWithCollectionsAsync
* Clarify documentation in ICollectionRepository to specify that GetManyByOrganizationIdWithAccessAsync returns only shared collections belonging to the organization.
* Add Arrange, Act, and Assert comments to CollectionsControllerTests
* Add Config Option For Disabling Built In MSSQL Container
* fix: flip bool condition and make it nullable
* fake commit to kick off an ephemeral environment
* Revert "fake commit to kick off an ephemeral environment"
This reverts commit 818f65f4d2.
* Changed the new setting to not be nullable.
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
* Feat(pm-20348):
* Add migration scripts for Read Pending Auth Requests by UserId stored procedure and new `view` for pending AuthRequest.
* View only returns the most recent pending authRequest, or none at all if the most recent is answered.
* Implement stored procedure in AuthRequestRepository for both Dapper and Entity Framework.
* Update AuthRequestController to query the new View to get a user's most recent pending auth requests response includes the requesting deviceId.
* Doc:
* Move summary xml comments to interface.
* Added comments for the AuthRequestService.
* Test:
* Added testing for AuthRequestsController.
* Added testing for repositories.
* Added integration tests for multiple auth requests but only returning the most recent.
* mark all notifications associated with a security task as deleted when the task is completed
* fix spelling
* formatting
* refactor "Active" to "NonDeleted"
* refactor "Active" to "NonDeleted" for stored procedure
* only send notifications per user for each notification
* move notification status updates into the DB layer to save on multiple queries and insertions from the C#
* Only return UserIds from db layer
* omit userId from `MarkTaskAsCompletedCommand` query.
The userId from the notification will be used
* update UserIds
* consistency in comments regarding `taskId` and `UserId`
* cascade delete NotificationStatus entities
* add userId to test for foreign constraint
* add missing properties for Notification
* add check for foreign key
* [PM-17562] Add integration filter support
* Repond to PR feedback; Remove Date-related filters
* Use tables to format the filter class descriptions
* [PM-17562] Add database support for integration filters (#5988)
* [PM-17562] Add database support for integration filters
* Respond to PR review - fix database scripts
* Further database updates; fix Filters to be last in views, stored procs, etc
* Fix for missing nulls in stored procedures in main migration script
* Reorder Filters to the bottom of OrganizationIntegrationConfiguration
* Separate out the creation of filters from the IntegrationFilterService to IntegrationFIlterFactory
* Move properties to static readonly field
* Fix unit tests failing from merge
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* PM-20574 fixing namespaces on reporting work that got moved over from tools
* PM-20574 adding tables, stored procedures, and migration files
* PM-20574 adding dapper and ef repos and migrations
* PM-20574 changing table and repo names as requested
* PM-20574 updating sql scripts to new names
* PM-20574 updating sql scripts
* PM-20574 updating migration script for org delete by id
* PM-20574 adding mysql migration
* PM-20574 updating sql migration to fix database test
* PM-20574 fixing migration script
* PM-20574 fixing migration script
* PM-20574 fixing table scripts
* PM-20574 fixing table scripts
* PM-20574 fixing migration script formatting
* PM-20574 fixing syntax in migration script
* PM-20574 fixing file names and extensions
* PM-20574 fixing sql file
* PM-20574 fixing sql
* PM-20574 fixing directory for entities and removing scripts from other databases
* PM-20574 generating new migration scripts
* PM-20574 fixed reference to a stored proc
* PM-20574 adding index in scripts and missing table
* PM-20574 fixing merge conflicts
* PM-20574 set OUTPUT param for Id property in create and update proc
* PM-20574 add CreateDate to the update proc
* PM-20574 amend update proc for OrganizationApplication by adding createDate
* PM-20574 formatted sql and updated as per PR comments
* PM-20574 updated script to fix build error
* PM-20574 fixed inconsistency in db script
* PM-20574 removed revisionDate, update procedures and used views
* PM-20574 removed RevisionDate from designer files
* PM-20574 removed revisionDate column that was missed previously
* PM-20574 added revision date back into the mix
* PM-20574 updated database script to fix build error
* PM-20574 fixed a procedure issue
* PM-20574 fix dB build error
* PM-020574 fixed additional PR comments - files cleaned up
* PM-20574 updated procedure was inconsistent
* Update 2025-06-13-00_OrganizationReport.sql
---------
Co-authored-by: voommen-livefront <voommen@livefront.com>
* implement the seat decrease error message
* Resolve the comment regarding abstraction
* Resolved the database failure
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the failing test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the failing test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the failing upgrade test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the failing test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the failing test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Removed the unused method
* Remove the total calculation from the stored procedure
* Refactoring base on pr feedback
* Refactoring base on pr feedback
* Resolve the fauiling database
* Resolve the failing database test
* Resolve the database test
* Remove duplicate migrations
* resolve the failing test
* Removed the unneeded change
* remove this file
* Reverted Deleted migration
* revert the added space
* resolve the stored procedure name
* Rename the migration name
* Updated the stored procedure name
* Revert the changes on the sproc
* Revert unrelated changes
* Remove the unused method
* improved the xmldoc
* Add an integration testing
* Add the use of helper test class
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the failing test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the failing test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* remove object look up
* Resolve message rollback
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
---------
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Avoid multiple lookups in dictionaries
* Consistency in fallback to empty CollectionIds
* Readability at the cost of lines changed
* Readability
* Changes after running dotnet format
* [PM-19282] Update SsoUser ExternalId column size to 300
* [PM-19282] Add migration to update SsoUser ExternalId column size to 300 for MySQL, PostgreSQL, and SQLite
* [PM-19282] Update SsoUser ExternalId column size conditionally based on existing schema
* Bumped date on migration script name
* Changes to resolve sponsorship showing in individual vault
* Resolve the failing unit test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the failing test
* Resolve the failing test
* Resolve the failing test
* fix make IsAdminInitiated nullable
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Add the isAdminInitiated property
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the database error
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the failing unit test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the scan error
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the database issue
* resolve the database build error
* Resolve the database build error
* Resolve the synchronization issue
---------
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
Adds a database seeder which can be used standalone using a CLI for seeding your local development environment, or used in unit tests to seed complex scenarios.
---------
Co-authored-by: Robert Y <rkac@bitwarden.com>
