* Add Microsoft Teams integration
* Fix method naming error
* Expand and clean up unit test coverage
* Update with PR feedback
* Add documentation, add In Progress logic/tests for Teams
* Fixed lowercase Slack
* Added docs; Updated PR suggestions;
* Fix broken tests
* feat: migrate DefaultUserCollection to SharedCollection during user deletion
- Implemented migration of DefaultUserCollection to SharedCollection in EF UserRepository before deleting organization users.
- Updated stored procedures User_DeleteById and User_DeleteByIds to include migration logic.
- Added new migration script for updating stored procedures.
* Add unit test for user deletion and DefaultUserCollection migration
- Implemented a new test to verify the migration of DefaultUserCollection to SharedCollection during user deletion in UserRepository.
- The test ensures that the user is deleted and the associated collection is updated correctly.
* Refactor user deletion process in UserRepository
- Moved migrating DefaultUserCollection to SharedCollection to happen before the deletion of user-related entities.
- Updated the deletion logic to use ExecuteDeleteAsync for improved performance and clarity.
- Ensured that all related entities are removed in a single transaction to maintain data integrity.
* Add unit test for DeleteManyAsync in UserRepository
- Implemented a new test to verify the deletion of multiple users and the migration of their DefaultUserCollections to SharedCollections.
- Ensured that both users are deleted and their associated collections are updated correctly in a single transaction.
* Refactor UserRepositoryTests to use test user creation methods and streamline collection creation
* Ensure changes are saved after deleting users in bulk
* Refactor UserRepository to simplify migration queries and remove unnecessary loops for better performance
* Refactor UserRepository to encapsulate DefaultUserCollection migration logic in a separate method
* Refactor UserRepository to optimize deletion queries by using joins instead of subqueries for improved performance
* Refactor UserRepositoryTest DeleteManyAsync_Works to ensure GroupUser and CollectionUser deletion
---------
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* Adding new logging for secrets
* fixing secrest controller tests
* fixing the tests
* Server side changes for adding ProjectId to Event table, adding Project event logging to projectsController
* Rough draft with TODO's need to work on EventRepository.cs, and ProjectRepository.cs
* Undoing changes to make projects soft delete, we want those to be fully deleted still. Adding GetManyTrashedSecretsByIds to secret repo so we can get soft deleted secrets, getSecrets in eventsController takes in orgdId, so that we can check the permission even if the secret was permanently deleted and doesn' thave the org Id set. Adding Secret Perm Deleted, and Restored to event logs
* db changes
* fixing the way we log events
* Trying to undo some manual changes that should have been migrations
* adding migration files
* fixing test
* setting up userid for project controller tests
* adding sql
* sql
* Rename file
* Trying to get it to for sure add the column before we try and update sprocs
* Adding code to refresh the view to include ProjectId I hope
* code improvements
* Suggested changes
* suggested changes
* trying to fix sql issues
* fixing swagger issue
* Update src/Core/SecretsManager/Repositories/Noop/NoopSecretRepository.cs
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Suggested changes
* Adding event logging for machine accounts
* fixing two tests
* trying to fix all tests
* trying to fix tests
* fixing test
* Migrations
* fix
* updating eps
* adding migration
* Adding missing SQL changes
* updating sql
* fixing sql
* running migration again
* fixing sql
* adding query to add grantedSErviceAccountId to event table
* Suggested improvements
* removing more migrations
* more removal
* removing all migrations to them redo them
* redoing migration
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* do not purge ciphers in the default collection
* Update `DeleteByOrganizationId` procedure to be more performant based on PR review feedback
* update EF integration for purge to match new SQL implementation
* update Cipher_DeleteByOrganizationId based on PR feedback from dbops team
* fix(pending-auth-request-view): [PM-25453] Bugfix Auth Requests Multiple Users Same Device - fixed view to allow for multiple users for each device when partitioning for the auth request view.
* PM-23754 initial commit
* pm-23754 fixing controller tests
* pm-23754 adding commands and queries
* pm-23754 adding endpoints, command/queries, repositories, and sql migrations
* pm-23754 add new sql scripts
* PM-23754 adding sql scripts
* pm-23754
* PM-23754 fixing migration script
* PM-23754 fixing migration script again
* PM-23754 fixing migration script validation
* PM-23754 fixing db validation script issue
* PM-23754 fixing endpoint and db validation
* PM-23754 fixing unit tests
* PM-23754 fixing implementation based on comments and tests
* PM-23754 updating logging statements
* PM-23754 making changes based on PR comments.
* updating migration scripts
* removing old migration files
* update code based testing for whole data object for OrganizationReport and add a stored procedure.
* updating services, unit tests, repository tests
* fixing unit tests
* fixing migration script
* fixing migration script again
* fixing migration script
* another fix
* fixing sql file, updating controller to account for different orgIds in the url and body.
* updating error message in controllers without a body
* making a change to the command
* Refactor ReportsController by removing organization reports
The IDropOrganizationReportCommand is no longer needed
* will code based on PR comments.
* fixing unit test
* fixing migration script based on last changes.
* adding another check in endpoint and adding unit tests
* fixing route parameter.
* PM-23754 updating data fields to return just the column
* PM-23754 fixing repository method signatures
* PM-23754 making change to orgId parameter through out code to align with api naming
---------
Co-authored-by: Tom <144813356+ttalty@users.noreply.github.com>
* Add SsoEnabled field to OrganizationUserOrganizationDetailsView
- Updated OrganizationUserOrganizationDetailsViewQuery to include SsoEnabled property.
- Modified SQL view to select SsoEnabled from SsoConfig.
- Created migration script to alter the view and refresh dependent views.
* Enhance OrganizationUserRepositoryTests to include SSO configuration
- Added ISsoConfigRepository dependency to GetManyDetailsByUserAsync test.
- Created SsoConfigurationData instance and integrated SSO configuration checks in assertions.
- Updated tests to validate SSO-related properties in the response model.
* Add SSO properties to ProfileOrganizationResponseModel and OrganizationUserOrganizationDetails
- Introduced SsoEnabled and SsoMemberDecryptionType fields in ProfileOrganizationResponseModel.
- Added SsoEnabled property to OrganizationUserOrganizationDetails for enhanced SSO configuration support.
If user cleanly follow install instructions Setup app will create nginx
`default.conf` (and other files) with `644` permission owned by
`bitwarden:bitwarden`.
During Nginx entrypoint script it copies generated `default.conf` to
`/etc/nginx/conf.d/` but without `-p` flag new file permissions would be
`root:root 644`.
Then during startup Nginx will start as `bitwarden` user, which will not
cause any issues by itself as `default.conf` is still readable by the
world.
The issue is that for some reason some users have their Nginx config
file (or sometimes even entire `bwdata` recursively) have `600` or `700`
permissions. In this case Nginx will fail to start due to `default.conf`
not readable by `bitwarden` user.
I assume that root cause is that some users mistakenly run `sudo chmod
-R 700 /opt/bitwarden` from Linux installation guide after they have run
`./bitwarden.sh install`. Or maybe some older version of Setup app where
creating `default.conf` with `600` permissions and users are using very
legacy installations.
Whatever may be the case I do not see any harm with copying with `-p` it
even looks to me that this was the intended behavior. This will both fix
the issue for mentioned users and preserve permission structure aligned
with other files.
* Adding new logging for secrets
* fixing secrest controller tests
* fixing the tests
* Server side changes for adding ProjectId to Event table, adding Project event logging to projectsController
* Rough draft with TODO's need to work on EventRepository.cs, and ProjectRepository.cs
* Undoing changes to make projects soft delete, we want those to be fully deleted still. Adding GetManyTrashedSecretsByIds to secret repo so we can get soft deleted secrets, getSecrets in eventsController takes in orgdId, so that we can check the permission even if the secret was permanently deleted and doesn' thave the org Id set. Adding Secret Perm Deleted, and Restored to event logs
* db changes
* fixing the way we log events
* Trying to undo some manual changes that should have been migrations
* adding migration files
* fixing test
* setting up userid for project controller tests
* adding sql
* sql
* Rename file
* Trying to get it to for sure add the column before we try and update sprocs
* Adding code to refresh the view to include ProjectId I hope
* code improvements
* Suggested changes
* suggested changes
* trying to fix sql issues
* fixing swagger issue
* Update src/Core/SecretsManager/Repositories/Noop/NoopSecretRepository.cs
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Suggested changes
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* migrate default collection to a shared collection when users are removed
* remove redundant logic
* fix test
* fix tests
* fix test
* clean up
* add migrations
* run dotnet format
* clean up, refactor duplicate logic to sproc, wip integration test
* fix sql
* add migration for new sproc
* integration test wip
* integration test wip
* integration test wip
* integration test wip
* fix integration test LINQ expression
* fix using wrong Id
* wip integration test for DeleteManyAsync
* fix LINQ
* only set DefaultUserEmail when it is null in sproc
* check for null
* spelling, separate create and update request models
* fix test
* fix child class
* refactor sproc
* clean up
* more cleanup
* fix tests
* fix user email
* remove unneccesary test
* add DefaultUserCollectionEmail to EF query
* fix test
* fix EF logic to match sprocs
* clean up logic
* cleanup
* add metrics endpoint for an organization to return completed and total security tasks
* refactor metrics fetch to use sql sproc for efficiency rather than having to pull all security task data
* add separate response model for security task metrics endpoint
* Pascal Case to match existing implementations
* refactor org to organization for consistency with other methods
* alter security task endpoint:
- remove "count" from variable naming
- update sproc naming
* remove enablement check
* replace orgId with organizationId
* Adding job to update stripe subscriptions and increment seat count when inviting a user.
* Updating name
* Added ef migrations
* Fixing script
* Fixing procedures. Added repo tests.
* Fixed set stored procedure. Fixed parameter name.
* Added tests for database calls and updated stored procedures
* Fixed build for sql file.
* fixing sproc
* File is nullsafe
* Adding view to select from instead of table.
* Updating UpdateSubscriptionStatus to use a CTE and do all the updates in 1 statement.
* Setting revision date when incrementing seat count
* Added feature flag check for the background job.
* Fixing nullable property.
* Removing new table and just adding the column to org. Updating to query and command. Updated tests.
* Adding migration script rename
* Add SyncSeats to Org.sql def
* Adding contraint name
* Removing old table files.
* Added tests
* Upped the frequency to be at the top of every 3rd hour.
* Updating error message.
* Removing extension method
* Changed to GuidIdArray
* Added xml doc and switched class to record
* feat: exclude DefaultUserCollection from GetManyByOrganizationIdWithPermissionsAsync
Updated EF implementation, SQL procedure, and unit test to verify that default user collections are filtered from results
* Update the public CollectionsController.Get method to return a NotFoundResult for collections of type DefaultUserCollection.
* Add unit tests for the public CollectionsController
* Update ICollectionRepository.GetManyByOrganizationIdAsync to exclude results of the type DefaultUserCollection
Modified the SQL stored procedure and the EF query to reflect this change and added a new integration test to ensure the functionality works as expected.
* Refactor CollectionsController to remove unused IApplicationCacheService dependency
* Update IOrganizationUserRepository.GetDetailsByIdWithCollectionsAsync to exclude DefaultUserCollections
* Update IOrganizationUserRepository.GetManyDetailsByOrganizationAsync to exclude DefaultUserCollections
* Undo change to GetByIdWithCollectionsAsync
* Update integration test to verify exclusion of DefaultUserCollection in OrganizationUserRepository.GetDetailsByIdWithCollectionsAsync
* Clarify documentation in ICollectionRepository to specify that GetManyByOrganizationIdWithAccessAsync returns only shared collections belonging to the organization.
* Update IOrganizationUserRepository.ReplaceAsync to preserve existing access to collections of the type DefaultUserCollection
* Refactor ICollectionRepository.GetManyByOrganizationIdAsync logic to include default user collections
* Add stored procedure Collection_ReadSharedCollectionsByOrganizationId to retrieve collections by organization ID, excluding default user collections.
* Add GetManySharedCollectionsByOrganizationIdAsync method to ICollectionRepository and its implementations to retrieve collections excluding default user collections.
* Add unit test for GetManySharedCollectionsByOrganizationIdAsync method in CollectionRepositoryTests to verify retrieval of collections excluding default user collections.
* Refactor controllers to use GetManySharedCollectionsByOrganizationIdAsync for retrieving shared collections
* Update unit tests to use GetManySharedCollectionsByOrganizationIdAsync for verifying shared collections retrieval
* Revert CiphersController.CanEditItemsInCollections to use GetManyByOrganizationIdAsync for retrieving organization collections
* Update stored procedures to retrieve only DefaultUserCollection by modifying the WHERE clause in Collection_ReadSharedCollectionsByOrganizationId.sql and its corresponding migration script.
* Update EF CollectionRepository.GetManySharedCollectionsByOrganizationIdAsync to filter collections by SharedCollection
* Update OrganizationUserRepository.GetManyDetailsByOrganizationAsync_vNext to only include Shared collections
* Update comments in stored procedure and migration script to clarify filtering for SharedCollections only
* Add new feature flag for Members Get Endpoint Optimization
* Add a new version of OrganizationUser_ReadByOrganizationIdWithClaimedDomains that uses CTE for better performance
* Add stored procedure OrganizationUserUserDetails_ReadByOrganizationId_V2 for retrieving user details, group associations, and collection associations by organization ID.
* Add the sql migration script to add the new stored procedures
* Introduce GetManyDetailsByOrganizationAsync_vNext and GetManyByOrganizationWithClaimedDomainsAsync_vNext in IOrganizationUserRepository to enhance performance by reducing database round trips.
* Updated GetOrganizationUsersClaimedStatusQuery to use an optimized query when the feature flag is enabled
* Updated OrganizationUserUserDetailsQuery to use optimized queries when the feature flag is enabled
* Add integration tests for GetManyDetailsByOrganizationAsync_vNext
* Add integration tests for GetManyByOrganizationWithClaimedDomainsAsync_vNext to validate behavior with verified and unverified domains.
* Optimize performance by conditionally setting permissions only for Custom user types in OrganizationUserUserDetailsQuery.
* Create UserEmailDomainView to extract email domains from users' email addresses
* Create stored procedure Organization_ReadByClaimedUserEmailDomain_V2 that uses UserEmailDomainView to fetch Email domains
* Add GetByVerifiedUserEmailDomainAsync_vNext method to IOrganizationRepository and its implementations
* Refactor OrganizationUser_ReadByOrganizationIdWithClaimedDomains_V2 stored procedure to use UserEmailDomainView for email domain extraction, improving query efficiency and clarity.
* Enhance IOrganizationUserRepository with detailed documentation for GetManyDetailsByOrganizationAsync method, clarifying its purpose and performance optimizations. Added remarks for better understanding of its functionality.
* Fix missing newline at the end of Organization_ReadByClaimedUserEmailDomain_V2.sql to adhere to coding standards.
* Update the database migration script to include UserEmailDomainView
* Bumped the date on the migration script
* Remove GetByVerifiedUserEmailDomainAsync_vNext method and its stored procedure.
* Refactor UserEmailDomainView index creation to check for existence before creation
* Update OrganizationUser_ReadByOrganizationIdWithClaimedDomains_V2 to use CTE and add indexes
* Remove creation of unique clustered index from UserEmailDomainView and related migration script adjustments
* Update indexes and sproc
* Fix index name when checking if it already exists
* Bump up date on migration script
* Document database projects and complete EDD support
* Remove an old remnant of a now-unused 'future' state
* Sync finalization scripts
* Fix conflict
* Fix some script issues
* feat: exclude DefaultUserCollection from GetManyByOrganizationIdWithPermissionsAsync
Updated EF implementation, SQL procedure, and unit test to verify that default user collections are filtered from results
* Update the public CollectionsController.Get method to return a NotFoundResult for collections of type DefaultUserCollection.
* Add unit tests for the public CollectionsController
* Update ICollectionRepository.GetManyByOrganizationIdAsync to exclude results of the type DefaultUserCollection
Modified the SQL stored procedure and the EF query to reflect this change and added a new integration test to ensure the functionality works as expected.
* Refactor CollectionsController to remove unused IApplicationCacheService dependency
* Update IOrganizationUserRepository.GetDetailsByIdWithCollectionsAsync to exclude DefaultUserCollections
* Update IOrganizationUserRepository.GetManyDetailsByOrganizationAsync to exclude DefaultUserCollections
* Undo change to GetByIdWithCollectionsAsync
* Update integration test to verify exclusion of DefaultUserCollection in OrganizationUserRepository.GetDetailsByIdWithCollectionsAsync
* Clarify documentation in ICollectionRepository to specify that GetManyByOrganizationIdWithAccessAsync returns only shared collections belonging to the organization.
* Add Arrange, Act, and Assert comments to CollectionsControllerTests
* Add Config Option For Disabling Built In MSSQL Container
* fix: flip bool condition and make it nullable
* fake commit to kick off an ephemeral environment
* Revert "fake commit to kick off an ephemeral environment"
This reverts commit 818f65f4d2.
* Changed the new setting to not be nullable.
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
