* Move account recovery logic to command
(temporarily duplicated behind feature flag)
* Move permission checks to authorization handler
* Prevent user from recovering provider member account
unless they are also provider member
* Updating the license and org with claims when updating via license token.
* Removing the fature flag check and adding a null check.
* Added to method.
* Add validation to URI Match Default Policy for Single Org prerequisite
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Remove nullable enable; Replace Task.FromResult(0) with Task.CompletedTask
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Add unit test for our new validator
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Improve comments and whitespace for unit test
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Remove unnecessary whitespace in unit test
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Remove unneccessary unit tets
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Re-add using NSubstitute
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Revert unintended changes to AccountControllerTest.cs
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Revert unintended changes to AccountControllerTest.cs
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Revert unintended changes to HubHelpersTest.cs
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Add IEnforceDependentPoliciesEvent interface to UriMatchDefaultPolicyValidator
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
---------
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Update ProviderUserOrganizationDetailsView to include SSO configuration data
* Updated the ProviderUserOrganizationDetailsViewQuery to join with SsoConfigs and select SSO-related fields.
* Modified the SQL view to reflect the inclusion of SSO configuration data.
* Added a new migration script for the updated view structure.
* Add SSO configuration properties to ProviderUserOrganizationDetails model
* Add SSO configuration handling to ProfileProviderOrganizationResponseModel
* Introduced properties for SSO configuration, including SSO enabled status and KeyConnector details.
* Implemented deserialization of SSO configuration data to populate new fields in the response model.
* Add integration tests for ProviderUserRepository.GetManyOrganizationDetailsByUserAsync
* Add BaseUserOrganizationDetails model to encapsulate common properties
* Introduced a new abstract class to define shared properties for organization users and provider organization users
* Add BaseProfileOrganizationResponseModel to encapsulate organization response properties
* Introduced a new abstract class that ensures all properties are fully populated for profile organization responses.
* Update ProviderUserOrganizationDetailsViewQuery to include missing ProviderUserId
* Refactor OrganizationUserOrganizationDetails and ProviderUserOrganizationDetails to inherit from BaseUserOrganizationDetails
* Updated both models to extend BaseUserOrganizationDetails, promoting code reuse and ensure they have the same base properties
* Refactor ProfileOrganizationResponseModel and ProfileProviderOrganizationResponseModel to inherit from BaseProfileOrganizationResponseModel
* Refactor ProviderUserRepositoryTests to improve organization detail assertions
* Consolidated assertions for organization details into a new method, AssertProviderOrganizationDetails, enhancing code readability and maintainability.
* Updated test cases to verify all relevant properties for organizations with and without SSO configurations.
* Add integration test for GetManyDetailsByUserAsync to verify SSO properties
* Implemented a new test case to ensure that the SSO properties are correctly populated for organizations with and without SSO configurations.
* The test verifies the expected behavior of the method when interacting with the user and organization repositories, including cleanup of created entities after the test execution.
* Add unit tests for ProfileOrganizationResponseModel and ProfileProviderOrganizationResponseModel
* Introduced tests to validate the constructors of ProfileOrganizationResponseModel and ProfileProviderOrganizationResponseModel, ensuring that all properties are populated correctly based on the provided organization details.
* Verified expected behavior for both organization and provider models, including SSO configurations and relevant properties.
* Update SyncControllerTests.Get_ProviderPlanTypeProperlyPopulated to nullify SSO configurations in provider user organization details
* Refactor BaseProfileOrganizationResponseModel and ProfileOrganizationResponseModel for null safety
Updated properties in BaseProfileOrganizationResponseModel and ProfileOrganizationResponseModel to support null safety by introducing nullable types where appropriate.
* Enhance null safety in BaseUserOrganizationDetails and OrganizationUserOrganizationDetails
Updated properties in BaseUserOrganizationDetails and OrganizationUserOrganizationDetails to support null safety by introducing nullable types where appropriate, ensuring better handling of potential null values.
* Move common properties from ProfileOrganizationResponseModel to BaseProfileOrganizationResponseModel
* Refactor organization details: Remove BaseUserOrganizationDetails and introduce IProfileMemberOrganizationDetails interface for improved structure and clarity in organization user data management.
* Enhance OrganizationUserOrganizationDetails: Implement IProfileMemberOrganizationDetails interface
* Refactor ProviderUserOrganizationDetails: Implement IProfileMemberOrganizationDetails interface
* Refactor ProfileOrganizationResponseModelTests and ProfileProviderOrganizationResponseModelTests: Update constructors to utilize Organization and ProviderUserOrganizationDetails, enhancing property population and test coverage.
* Enhance ProviderUserOrganizationDetails: Add UseResetPassword, UseSecretsManager, and UsePasswordManager properties to the query and SQL views
* Update BaseProfileOrganizationResponseModel documentation: Clarify purpose and usage of organization properties for OrganizationUsers and ProviderUsers.
* Rename ProfileOrganizationResponseModel to ProfileMemberOrganizationResponseModel, update references and update related test names
* Add XML documentation for ProfileMemberOrganizationResponseModel and ProfileProviderOrganizationResponseModel to clarify their purpose and relationships
* Remove unnecessary cleanup code from OrganizationUserRepositoryTests
* Remove unnecessary cleanup code from ProviderUserRepositoryTests
* Rename test method in ProviderUserRepositoryTests to improve clarity on property population
* Add CreateFullOrganization method to ProviderUserRepositoryTests for improved organization setup in tests
* Refactor organization creation in tests to use CreateTestOrganizationAsync for consistency and improved setup
* Rename IProfileMemberOrganizationDetails to IProfileOrganizationDetails
* Rename ProfileMemberOrganizationResponseModel back to ProfileOrganizationResponseModel
* Refactor organization response models to remove Family Sponsorship properties from BaseProfileOrganizationResponseModel and reintroduce them in ProfileOrganizationResponseModel. Update related interfaces and tests accordingly.
* Bump date on migration script
* Update OrganizationUserOrganizationDetailsViewQuery to include UseAutomaticUserConfirmation property
* Refactored Azure Service Bus to use the organization id as a partition key
* Use null for partition key instead of empty string when organization id is null
* Add integration tests for GetByUserIdWithPolicyDetailsAsync in OrganizationUserRepository
- Implemented multiple test cases to verify the behavior of GetByUserIdWithPolicyDetailsAsync for different user statuses (Confirmed, Accepted, Invited, Revoked).
- Ensured that the method returns correct policy details based on user status and organization.
- Added tests for scenarios with multiple organizations and non-existing policy types.
- Included checks for provider users and custom user permissions.
These tests enhance coverage and ensure the correctness of policy retrieval logic.
* Add UserProviderAccessView to identify which organizations a user can access as a provider
* Refactor PolicyDetails_ReadByUserId stored procedure to improve user access logic
- Introduced a Common Table Expression (CTE) for organization users to streamline the selection process based on user status and email.
- Added a CTE for providers to enhance clarity and maintainability.
- Updated the main query to utilize the new CTEs, improving readability and performance.
- Ensured that the procedure correctly identifies provider access based on user permissions.
* Refactor OrganizationUser_ReadByUserIdWithPolicyDetails stored procedure to enhance user access logic
- Introduced a Common Table Expression (CTE) for organization users to improve selection based on user status and email.
- Updated the main query to utilize the new CTEs, enhancing readability and performance.
- Adjusted the logic for identifying provider access to ensure accurate policy retrieval based on user permissions.
* Add new SQL migration script to refactor policy details queries
- Created a new view, UserProviderAccessView, to streamline user access to provider organizations.
- Introduced two stored procedures: PolicyDetails_ReadByUserId and OrganizationUser_ReadByUserIdWithPolicyDetails, enhancing the logic for retrieving policy details based on user ID and policy type.
- Utilized Common Table Expressions (CTEs) to improve query readability and performance, ensuring accurate policy retrieval based on user permissions and organization status.
* Remove GetPolicyDetailsByUserIdTests
* Refactor PolicyRequirementQuery to use GetPolicyDetailsByUserIdsAndPolicyType and update unit tests
* Remove GetPolicyDetailsByUserId method from IPolicyRepository and its implementations in PolicyRepository classes
* Revert changes to PolicyDetails_ReadByUserId stored procedure
* Refactor OrganizationUser_ReadByUserIdWithPolicyDetails stored procedure to use UNION instead of OR
* Reduce UserEmail variable size from NVARCHAR(320) to NVARCHAR(256) for consistency in stored procedures
* Bump date on migration script
* Adding AutoConfrim and migrations.
* Add value to Admin Page and update sproc to correct name.
* Correcting license constant.
* Adding feature check back in.
* Fixing sprocs :face_palm:
* Remove Coalesce
* Adding property to plan and model constructor
* Correcting name of column. Cascading change throughout. Updating response models. Updating sprocs and views. Updating migrations
* fixing sproc
* Fixing up license stuff.
* Updating org view
* Code review changes and renames :face_palm:
* Refershing additional views
* Last two fixes.
* Implement IOnPolicyPreUpdateEvent for FreeFamiliesForEnterprisePolicyValidator and add corresponding unit tests
* Implement IEnforceDependentPoliciesEvent in MaximumVaultTimeoutPolicyValidator
* Rename test methods in FreeFamiliesForEnterprisePolicyValidatorTests for consistency
* Implement IPolicyValidationEvent and IEnforceDependentPoliciesEvent in RequireSsoPolicyValidator and enhance unit tests
* Implement IPolicyValidationEvent and IEnforceDependentPoliciesEvent in ResetPasswordPolicyValidator and add unit tests
* Implement IOnPolicyPreUpdateEvent in TwoFactorAuthenticationPolicyValidator and add unit tests
* Implement IPolicyValidationEvent and IOnPolicyPreUpdateEvent in SingleOrgPolicyValidator with corresponding unit tests
* Implement IOnPolicyPostUpdateEvent in OrganizationDataOwnershipPolicyValidator and add unit tests for ExecutePostUpsertSideEffectAsync
* Refactor policy validation logic in VNextSavePolicyCommand to simplify enabling and disabling requirements checks
* Refactor VNextSavePolicyCommand to replace IEnforceDependentPoliciesEvent with IPolicyUpdateEvent and update related tests
* Add AddPolicyUpdateEvents method and update service registration for policy update events
* Add Microsoft Teams integration
* Fix method naming error
* Expand and clean up unit test coverage
* Update with PR feedback
* Add documentation, add In Progress logic/tests for Teams
* Fixed lowercase Slack
* Added docs; Updated PR suggestions;
* Fix broken tests
* Refactor Slack Callback
* Add more safety to state param, clarify if logic, update tests
* Added an additional 2 possible cases to test: integration is not a slack integration, and the integration has already been claimed
* Implement SonarQube suggestion
* Adjusted org hash to include timestamp; addressed PR feedback
* Adding new logging for secrets
* fixing secrest controller tests
* fixing the tests
* Server side changes for adding ProjectId to Event table, adding Project event logging to projectsController
* Rough draft with TODO's need to work on EventRepository.cs, and ProjectRepository.cs
* Undoing changes to make projects soft delete, we want those to be fully deleted still. Adding GetManyTrashedSecretsByIds to secret repo so we can get soft deleted secrets, getSecrets in eventsController takes in orgdId, so that we can check the permission even if the secret was permanently deleted and doesn' thave the org Id set. Adding Secret Perm Deleted, and Restored to event logs
* db changes
* fixing the way we log events
* Trying to undo some manual changes that should have been migrations
* adding migration files
* fixing test
* setting up userid for project controller tests
* adding sql
* sql
* Rename file
* Trying to get it to for sure add the column before we try and update sprocs
* Adding code to refresh the view to include ProjectId I hope
* code improvements
* Suggested changes
* suggested changes
* trying to fix sql issues
* fixing swagger issue
* Update src/Core/SecretsManager/Repositories/Noop/NoopSecretRepository.cs
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Suggested changes
* Adding event logging for machine accounts
* fixing two tests
* trying to fix all tests
* trying to fix tests
* fixing test
* Migrations
* fix
* updating eps
* adding migration
* Adding missing SQL changes
* updating sql
* fixing sql
* running migration again
* fixing sql
* adding query to add grantedSErviceAccountId to event table
* Suggested improvements
* removing more migrations
* more removal
* removing all migrations to them redo them
* redoing migration
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Use single method for default collection creation
* Use GenerateComb to create sequential guids
* Pre-sort data for SqlBulkCopy
* Add SqlBulkCopy options per dbops recommendations
* feat(policies): add URI Match Defaults organizational policy
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* feat(policies): remove unecessary model and org feature
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
---------
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
- create vNext command
- restructure command to simplify logic
- move validation to a separate class
- implement result types using OneOf library and demo
their use here
* [PM-25088] add feature flag for new premium subscription flow
* [PM-25088] refactor premium endpoint
* forgot the punctuation change in the test
* [PM-25088] - pr feedback
* [PM-25088] - pr feedback round two
* Event integration updates and cleanups
* Add Datadog integration
* Update README to include link to Datadog PR
* Move doc update into the Datadog PR; Fix empty message on ArgumentException
* Adjust exception message
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Removed unnecessary nullable enable; Moved Docs link to PR into this PR
* Remove unnecessary nullable enable calls
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Add new event types for collection management settings in EventType enum
* Refactor collection management settings update process in OrganizationsController and IOrganizationService.
Introduced UpdateCollectionManagementSettingsAsync method to streamline updates and logging for collection management settings.
* Add unit tests for collection management settings updates in OrganizationsController and OrganizationService.
Implemented tests to verify the successful update of collection management settings and the logging of specific events when settings are changed. Added error handling for cases where the organization is not found.
* Refactor collection management settings handling in OrganizationsController and IOrganizationService.
Updated the UpdateCollectionManagementSettingsAsync method to accept a single settings object, simplifying the parameter list and improving code readability. Introduced a new OrganizationCollectionManagementSettings model to encapsulate collection management settings. Adjusted related tests to reflect these changes.
* Add Obsolete attribute to Organization_CollectionManagement_Updated event in EventType enum
* Add SsoEnabled field to OrganizationUserOrganizationDetailsView
- Updated OrganizationUserOrganizationDetailsViewQuery to include SsoEnabled property.
- Modified SQL view to select SsoEnabled from SsoConfig.
- Created migration script to alter the view and refresh dependent views.
* Enhance OrganizationUserRepositoryTests to include SSO configuration
- Added ISsoConfigRepository dependency to GetManyDetailsByUserAsync test.
- Created SsoConfigurationData instance and integrated SSO configuration checks in assertions.
- Updated tests to validate SSO-related properties in the response model.
* Add SSO properties to ProfileOrganizationResponseModel and OrganizationUserOrganizationDetails
- Introduced SsoEnabled and SsoMemberDecryptionType fields in ProfileOrganizationResponseModel.
- Added SsoEnabled property to OrganizationUserOrganizationDetails for enhanced SSO configuration support.
* Adding new logging for secrets
* fixing secrest controller tests
* fixing the tests
* Server side changes for adding ProjectId to Event table, adding Project event logging to projectsController
* Rough draft with TODO's need to work on EventRepository.cs, and ProjectRepository.cs
* Undoing changes to make projects soft delete, we want those to be fully deleted still. Adding GetManyTrashedSecretsByIds to secret repo so we can get soft deleted secrets, getSecrets in eventsController takes in orgdId, so that we can check the permission even if the secret was permanently deleted and doesn' thave the org Id set. Adding Secret Perm Deleted, and Restored to event logs
* db changes
* fixing the way we log events
* Trying to undo some manual changes that should have been migrations
* adding migration files
* fixing test
* setting up userid for project controller tests
* adding sql
* sql
* Rename file
* Trying to get it to for sure add the column before we try and update sprocs
* Adding code to refresh the view to include ProjectId I hope
* code improvements
* Suggested changes
* suggested changes
* trying to fix sql issues
* fixing swagger issue
* Update src/Core/SecretsManager/Repositories/Noop/NoopSecretRepository.cs
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Suggested changes
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Add IResendOrganizationInviteCommand and ResendOrganizationInviteCommand implementation
* Add unit tests for ResendOrganizationInviteCommand to validate invite resend functionality
* Refactor Organizations, OrganizationUsers, and Members controllers to use IResendInviteCommand for invite resending functionality
* Fix Organizations, OrganizationUsers, and Members controllers to replace IResendInviteCommand with IResendOrganizationInviteCommand
* Remove ResendInviteAsync method from IOrganizationService and its implementation in OrganizationService to streamline invite management functionality.
* Add IResendOrganizationInviteCommand registration in OrganizationServiceCollectionExtensions
* Update the OrganizationUserController integration Confirm tests to handle the Owner type
* Refactor ConfirmOrganizationUserCommand to simplify side-effect handling in organization user confirmation.
Update IPolicyRequirementQuery to return eligible org user IDs for policy enforcement.
Update tests for method signature changes and default collection creation logic.
* Refactor UpdateOrganizationUserCommand to validate and filter out DefaultUserCollections during user updates.
* Enhance UpdateOrganizationUserCommandTests to filter out DefaultUserCollections during user updates, ensuring only shared collections are processed. Updated test logic to reflect new filtering behavior.
* Add integration test for updating organization user with existing default collection. The test verifies successful updates to user permissions, group access, and collection access, ensuring correct handling of shared and default collections.
* Refactor UpdateOrganizationUserCommand to separate the collection validation and DefaultUserCollection filtering
* Refactored integration test setup/assertion for clarity
