* Add authz handling for secret access policy reads
* Add the ability to fetch secret access polices from the repository
* refactor response models
* Add new endpoint
* Add new models
* Update repositories
* Add new authz handler
* Add new query
* Add new command
* Add authz, command, and query to DI
* Add new endpoint to controller
* Add query unit tests
* Add api unit tests
* Add api integration tests
* Add the ability to get multi projects access
* Add access policy helper + tests
* Add new data/request models
* Add access policy operations to repo
* Add authz handler for new operations
* Add new controller endpoints
* add updating service account revision
* refactoring replace logic
* model for policies + authz handler + unit tests
* update AP repository
* add new endpoints to controller
* update unit tests and integration tests
---------
Co-authored-by: cd-bitwarden <106776772+cd-bitwarden@users.noreply.github.com>
* Expose access policy discriminators
* Add people policy model and auth handler
* Add unit tests for authz handler
* Add people policies support in repo
* Add new endpoints and request/response models
* Update tests
* Add support CanReadSecret authorization
* Extract base response model for secret
* Add support for SA bulk fetching event logging
* secret repository bug fix
* Add endpoint and request for bulk fetching secrets
* Swap to original reference event
* Add unit tests
* Add integration tests
* Add unit tests for authz handler
* update authz handler tests
---------
* Swagger fixes
Co-Authored-By: Oscar Hinton <Hinton@users.noreply.github.com>
* Make Response Models return Guids instead of strings
* Change strings into guids in ScimApplicationFactory
---------
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* Init ClientSecret migration
* Fix unit tests
* Move to src/Sql/dbo_future
* Formatting changes
* Update migration date for next release
* Swap to just executing sp_refreshview
* Fix formatting
* Add EF Migrations
* Rename to ClientSecretHash
* Fix unit test
* EF column rename
* Batch the migration
* Fix formatting
* Add deprecation notice to property
* Move data migration
* Swap to CREATE OR ALTER
* Move to access query for project commands
* Swap to hasAccess method per action
* Swap to authorization handler pattern
* Move ProjectOperationRequirement to Core
* Add default throw + tests
* Swap to reflection for testing switch
* Wire up read/write for secret list and secret response
* Fix trash
* Remove UserHasReadPermission
* Fix list by project
* Implement admin and service accounts for AccessToSecretAsync
* Resolve feedback
* Fix tests
* Rename function
* Change create to return true, true
* Remove duplicated access check
* Add endpoints to check current user's permission
* Swap to adding current user permission onto GET
* Cleanup DI
* Add ProjectPermissionDetails DTO and query
* code review updates
* Remove assert recent for longer running creates
* Add service account access policy endpoints
* Add unit & integration tests for new endpoints
* Fix formatting on response models
* Cleanup unit tests
* Add permission checks to access policy endpoints
* Fix unit tests
* Add service account grant permission checks
* Add service account grant tests
* Add new endpoint unit tests
* Cleanup unit tests add integration tests
* User permission enum in create tests
* Swap to NotFoundException for access checks
* Add filter for potential grantees
* Add in AccessSecretsManager check and test it
* Add code review updates
* Code review updates
* Refactor potential grantees endpoint
* Code review updates
