* enable cors headers for icons program
- This is needed now that browsers can hit the change-password-uri path via API call
* Add absolute route for change-password-uri
* feat: add policy to API startup and Policies class to hold the static strings
* test: add snapshot testing for constants to help with rust mappings
* doc: add docs for send access
* Add new event types for collection management settings in EventType enum
* Refactor collection management settings update process in OrganizationsController and IOrganizationService.
Introduced UpdateCollectionManagementSettingsAsync method to streamline updates and logging for collection management settings.
* Add unit tests for collection management settings updates in OrganizationsController and OrganizationService.
Implemented tests to verify the successful update of collection management settings and the logging of specific events when settings are changed. Added error handling for cases where the organization is not found.
* Refactor collection management settings handling in OrganizationsController and IOrganizationService.
Updated the UpdateCollectionManagementSettingsAsync method to accept a single settings object, simplifying the parameter list and improving code readability. Introduced a new OrganizationCollectionManagementSettings model to encapsulate collection management settings. Adjusted related tests to reflect these changes.
* Add Obsolete attribute to Organization_CollectionManagement_Updated event in EventType enum
* Add SsoEnabled field to OrganizationUserOrganizationDetailsView
- Updated OrganizationUserOrganizationDetailsViewQuery to include SsoEnabled property.
- Modified SQL view to select SsoEnabled from SsoConfig.
- Created migration script to alter the view and refresh dependent views.
* Enhance OrganizationUserRepositoryTests to include SSO configuration
- Added ISsoConfigRepository dependency to GetManyDetailsByUserAsync test.
- Created SsoConfigurationData instance and integrated SSO configuration checks in assertions.
- Updated tests to validate SSO-related properties in the response model.
* Add SSO properties to ProfileOrganizationResponseModel and OrganizationUserOrganizationDetails
- Introduced SsoEnabled and SsoMemberDecryptionType fields in ProfileOrganizationResponseModel.
- Added SsoEnabled property to OrganizationUserOrganizationDetails for enhanced SSO configuration support.
* changes to implement the email
* Refactoring and fix the unit testing
* refactor the code and remove used method
* Fix the failing test
* Update the email templates
* remove the extra space here
* Refactor the descriptions
* Fix the wrong subject header
* Add the in the hyperlink rather than just Help center
* Add constant for CipherRepositoryBulkResourceCreation in FeatureFlagKeys
* Add bulk creation methods for Ciphers, Folders, and CollectionCiphers in BulkResourceCreationService
- Implemented CreateCiphersAsync, CreateFoldersAsync, CreateCollectionCiphersAsync, and CreateTempCiphersAsync methods for bulk insertion.
- Added helper methods to build DataTables for Ciphers, Folders, and CollectionCiphers.
- Enhanced error handling for empty collections during bulk operations.
* Refactor CipherRepository to utilize BulkResourceCreationService
- Introduced IFeatureService to manage feature flag checks for bulk operations.
- Updated methods to conditionally use BulkResourceCreationService for creating Ciphers, Folders, and CollectionCiphers based on feature flag status.
- Enhanced existing bulk copy logic to maintain functionality while integrating feature flag checks.
* Add InlineFeatureService to DatabaseDataAttribute for feature flag management
- Introduced EnabledFeatureFlags property to DatabaseDataAttribute for configuring feature flags.
- Integrated InlineFeatureService to provide feature flag checks within the service collection.
- Enhanced GetData method to utilize feature flags for conditional service registration.
* Add tests for bulk creation of Ciphers in CipherRepositoryTests
- Implemented tests for bulk creation of Ciphers, Folders, and Collections with feature flag checks.
- Added test cases for updating multiple Ciphers to validate bulk update functionality.
- Enhanced existing test structure to ensure comprehensive coverage of bulk operations in the CipherRepository.
* Refactor BulkResourceCreationService to use dynamic types for DataColumns
- Updated DataColumn definitions in BulkResourceCreationService to utilize the actual types of properties from the cipher object instead of hardcoded types.
- Simplified the assignment of nullable properties to directly use their values, improving code readability and maintainability.
* Update BulkResourceCreationService to use specific types for DataColumns
- Changed DataColumn definitions to use specific types (short and string) instead of dynamic types based on cipher properties.
- Improved handling of nullable properties when assigning values to DataTable rows, ensuring proper handling of DBNull for null values.
* Refactor CipherRepositoryTests for improved clarity and consistency
- Renamed test methods to better reflect their purpose and improve readability.
- Updated test data to use more descriptive names for users, folders, and collections.
- Enhanced test structure with clear Arrange, Act, and Assert sections for better understanding of test flow.
- Ensured all tests validate the expected outcomes for bulk operations with feature flag checks.
* Update CipherRepositoryBulkResourceCreation feature flag key
* Refactor DatabaseDataAttribute usage in CipherRepositoryTests to use array syntax for EnabledFeatureFlags
* Update CipherRepositoryTests to use GenerateComb for generating unique IDs
* Refactor CipherRepository methods to accept a boolean parameter for enabling bulk resource creation based on feature flags. Update tests to verify functionality with and without the feature flag enabled.
* Refactor CipherRepository and related services to support new methods for bulk resource creation without boolean parameters.
* Improve swagger OperationIDs: Part 1
* Fix tests and fmt
* Improve docs and add more tests
* Fmt
* Improve Swagger OperationIDs for Auth
* Fix review feedback
* Use generic getcustomattributes
* Format
* replace swaggerexclude by split+obsolete
* Format
* Some remaining excludes
If user cleanly follow install instructions Setup app will create nginx
`default.conf` (and other files) with `644` permission owned by
`bitwarden:bitwarden`.
During Nginx entrypoint script it copies generated `default.conf` to
`/etc/nginx/conf.d/` but without `-p` flag new file permissions would be
`root:root 644`.
Then during startup Nginx will start as `bitwarden` user, which will not
cause any issues by itself as `default.conf` is still readable by the
world.
The issue is that for some reason some users have their Nginx config
file (or sometimes even entire `bwdata` recursively) have `600` or `700`
permissions. In this case Nginx will fail to start due to `default.conf`
not readable by `bitwarden` user.
I assume that root cause is that some users mistakenly run `sudo chmod
-R 700 /opt/bitwarden` from Linux installation guide after they have run
`./bitwarden.sh install`. Or maybe some older version of Setup app where
creating `default.conf` with `600` permissions and users are using very
legacy installations.
Whatever may be the case I do not see any harm with copying with `-p` it
even looks to me that this was the intended behavior. This will both fix
the issue for mentioned users and preserve permission structure aligned
with other files.
* Move PushType to Platform Folder
- Move the PushType next to the rest of push notification code
- Specifically exclude it from needing Platform code review
- Add tests establishing rules Platform has for usage of this enum, making it safe to have no owner
* Move NotificationHub code into Platform/Push directory
* Update NotificationHub namespace imports
* Add attribute for storing push type metadata
* Rename Push Engines to have PushEngine suffix
* Move Push Registration items to their own directory
* Push code move
* Add expected usage comment
* Add Push feature registration method
- Make method able to be called multipes times with no ill effects
* Add Push Registration service entrypoint and tests
* Use new service entrypoints
* Test changes
* add ChangePasswordUri controller and service to Icons
* add individual settings for change password uri
* add logging to change password uri controller
* use custom http client that follows redirects
* add ChangePasswordUriService tests
* remove unneeded null check
* fix copy pasta - changePasswordUriSettings
* add `HelpUsersUpdatePasswords` policy
* Remove policy for change password uri - this was removed from scope
* fix nullable warnings
