* feat: remove invalid email response and instead return email and OTP required to protect against enumeration attacks.
* fix: fixing tests and dotnet format
* Handle missing Braintree customer in GetPaymentMethodQuery
* Allow addition of PayPal payment method when bad Braintree customer ID is linked
* Run dotnet format
* feat: Add initial DeleteEmergencyContactCommand
* chore: remove nullable enable and add comments
* test: add tests for new delete command
* test: update tests to test IMailer was called.
* feat: add delete by GranteeId and allow for multiple grantors to be contacted.
* feat: add DeleteMany stored procedure for EmergencyAccess
* test: add database tests for new SP
* feat: commands use DeleteManyById for emergencyAccessDeletes
* claude: send one email per grantor instead of a bulk email to all grantors. Modified tests to validate.
* feat: change revision dates for confirmed grantees;
* feat: add AccountRevisionDate bump for grantee users in the confirmed status
* test: update integration test to validate only confirmed users are updated as well as proper deletion of emergency access
* [PM-29599] create proration preview endpoint
* forgot to inject user and fixing stripe errors
* updated proration preview and upgrade to be consistent
also using the correct proration behavior and making the upgrade flow start a trial
* missed using the billing address
* changes to proration behavior
and returning more properties from the proration endpoint
* missed in refactor
* pr feedback
* Initial implementation of new policy query
* Remove unused using
* Adjusts method name to better match repository method
* Correct namespace
* Initial refactor of policy loading
* Add xml doc, incorporate shim data model
* Updates usages to reflect new shim model
* Prune extranneous data from policy detail response model, format code
* Fix broken test, delete inapplicable test
* Adds test cases covering query
* Adjust codebase to use new PolicyQueryçˆ
* Format code
* Fix incorrect mock on test
* Fix formatting
* Adjust method name
* More naming adjustments
* Add PolicyData constructor, update test usages
* Rename PolicyData -> PolicyStatus
* Remove unused using
* [PM-31394] use email address hash for send access email verification
* [PM-31394] fixing identity server tests for send access
* [PM-31394] fixing more identity server tests for send access
* fix(logging): [PM-28877] Remove Config for PII Logging - Removed all references to logging being set to true even in dev environment.
* fix(logging): [PM-28877] Remove Config for PII Logging - Fixed up with a better understanding of the original ask.
* fix(logging): [PM-28877] Remove Config for PII Logging - Removed all show pii.
* Update email and text templates for Domain Claimed by Organization notification
- Changed the heading to "What this means for you" for clarity.
- Revised bullet points to better reflect user experience and responsibilities within the organization.
- Updated the phrasing of the help article reference for consistency.
* Fix HandlebarsMailService claimed domain email
* Add default collection name to call stack for restore user command
* Committing feature flag and request model.
* Added tests
* fix for tests.
* added empty string to test
* figured out the mystery commit.
* added vnext onto method name.
* updating tests and command to include feature flag
* moved event call
* last few changes.
* opting for null instead of empty string.
* models, entity, and stored procs updated to work with EmailHashes with migrations
* configure data protection for EmailHashes
* update SendAuthenticationQuery to use EmailHashes and perform validation
* respond to Claude's comments and update tests
* fix send.sql alignment
Co-authored-by: mkincaid-bw <mkincaid@bitwarden.com>
---------
Co-authored-by: Alex Dragovich <46065570+itsadrago@users.noreply.github.com>
Co-authored-by: mkincaid-bw <mkincaid@bitwarden.com>
* Add restore and revoke to public api
* Follow naming conventions
* Use POST instead of PUT
* hello claude
* Update test names
* Actually fix test names
* Add JsonConstructor attr
* Fix test
* Initial refactor
* Add WebauthnPRFOptions to syncResponse
* MAYBE: Use KM owned ResponseModel?
* REVERT ^- Keep using PrfUnlockOptions for simplicity
This reverts commit 5a34e7dfa8.
* UserDecryptionOptions: Only send one credential
* format
* Update UserDecryptionOptions.cs
* format
* Added feature flag (#6600)
* Enhance MasterPasswordPolicyData with validation attributes
Added data annotations for MinComplexity and MinLength properties to enforce validation rules. MinComplexity must be between 0 and 4, and MinLength must be between 12 and 128.
* Implement model validation in PolicyDataValidator and enhance error handling
Added a ValidateModel method to enforce validation rules for policy data. Updated error messages to provide clearer feedback on validation failures. Enhanced unit tests to cover new validation scenarios for MinLength and MinComplexity properties.
* Update PoliciesControllerTests to reflect new validation rules for MinComplexity and MinLength
Modified test cases to use updated values for MinComplexity (4) and MinLength (128). Added new tests to verify that excessive values for these properties return BadRequest responses. Ensured consistency across integration tests for both Admin and Public controllers.
* Enhance MasterPasswordPolicyData with XML documentation for properties
Added XML documentation comments for MinComplexity and MinLength properties to clarify their purpose and constraints. This improves code readability and provides better context for developers using the model.
* Add unit tests for PolicyDataValidator to validate minLength and minComplexity rules
Implemented new test cases to verify the behavior of the ValidateAndSerialize method in PolicyDataValidator. Tests cover scenarios for minimum and maximum values, as well as edge cases for invalid inputs, ensuring robust validation for MasterPassword policy data.
* feat(emergency-access) [PM-29584]: Add email template.
* refactor(emergency-access) [PM-29584]: Move Emergency Access to Auth/UserFeatures.
* refactor(emergency-access) [PM-29584]: Move EmergencyAccess tests to UserFeatures space.
* feat(emergency-access) [PM-29584]: Add compiled EmergencyAccess templates.
* test(emergency-access) [PM-29584]: Add mailer-specific tests.
* refactor(emergency-access) [PM-29584]: Move mail to UserFeatures area.
* feat(emergency-access) [PM-29584]: Update link for help pages, not web vault.
* test(emergency-access) [PM-29584]: Update mail tests for new URL and single responsibility.
* refactor(emergency-access) [PM-29584]: Add comments for added test.
This config may be used when a load balancer in front of Bitwarden is
first verifying an auth cookie issued by an IdP before proxying the
request to Bitwarden.
* Fix null reference when restoring invited users in Free orgs
Add null check before querying for other free org ownership. Invited
users don't have a UserId yet, causing NullReferenceException.
* Add regression test for restoring revoked invited users with null UserId.
* Exclude invited users from claimed domain checks.
These users should be excluded by the JOIN on
UserId, but it's a known issue that some invited
users have this FK set.
