* Implement GetByOrganizationAsync method in PolicyRequirementQuery and add corresponding unit tests
* Refactor ConfirmOrganizationUserCommand for clarity and add bulk support
* Update ConfirmOrganizationUserCommandTests to use GetByOrganizationAsync for policy requirement queries
* Add DefaultUserCollectionName property to OrganizationUserBulkConfirmRequestModel with encryption attributes
* Update ConfirmUsersAsync method to include DefaultUserCollectionName parameter in OrganizationUsersController
* Add EnableOrganizationDataOwnershipPolicyAsync method to OrganizationTestHelpers
* Add integration tests for confirming organization users in OrganizationUserControllerTests
- Implemented Confirm_WithValidUser test to verify successful confirmation of a single user.
- Added BulkConfirm_WithValidUsers test to ensure multiple users can be confirmed successfully.
* Refactor organization user confirmation integration tests to also test when the organization data ownership policy is disabled
* Refactor ConfirmOrganizationUserCommand to consolidate confirmation side effects handling
- Replaced single and bulk confirmation side effect methods with a unified HandleConfirmationSideEffectsAsync method.
- Updated related logic to handle confirmed organization users more efficiently.
- Adjusted unit tests to reflect changes in the collection creation process for confirmed users.
* Refactor OrganizationUserControllerTests to simplify feature flag handling and consolidate test logic
- Removed redundant feature flag checks in Confirm and BulkConfirm tests.
- Updated tests to directly enable the Organization Data Ownership policy without conditional checks.
- Ensured verification of DefaultUserCollection for confirmed users remains intact.
* Refactor OrganizationUserControllerTests to enhance clarity and reduce redundancy
- Simplified user creation and confirmation logic in tests by introducing helper methods.
- Consolidated verification of confirmed users and their associated collections.
- Removed unnecessary comments and streamlined test flow for better readability.
* Adding job to update stripe subscriptions and increment seat count when inviting a user.
* Updating name
* Added ef migrations
* Fixing script
* Fixing procedures. Added repo tests.
* Fixed set stored procedure. Fixed parameter name.
* Added tests for database calls and updated stored procedures
* Fixed build for sql file.
* fixing sproc
* File is nullsafe
* Adding view to select from instead of table.
* Updating UpdateSubscriptionStatus to use a CTE and do all the updates in 1 statement.
* Setting revision date when incrementing seat count
* Added feature flag check for the background job.
* Fixing nullable property.
* Removing new table and just adding the column to org. Updating to query and command. Updated tests.
* Adding migration script rename
* Add SyncSeats to Org.sql def
* Adding contraint name
* Removing old table files.
* Added tests
* Upped the frequency to be at the top of every 3rd hour.
* Updating error message.
* Removing extension method
* Changed to GuidIdArray
* Added xml doc and switched class to record
* Refactor ConfirmOrganizationUserCommand to push registration after DB save
* Assert device push registration handling in ConfirmOrganizationUserCommandTests
* [PM-17562] Refactor event integration methods / declarations in ServiceCollectionExtensions
* Refactored ServiceCollectionExtensions to use TryAdd and still launch unique listeneer services
* Updated unit tests to match new generic format for Listeners
* Fix method spacing
* Update README to reflect new integration setup in ServiceCollectionExtensions
* Move interfaces to I prefix; fix typo in subscription
* Fix reference to IIntegrationListenerConfiguration
* Add new feature flag for Members Get Endpoint Optimization
* Add a new version of OrganizationUser_ReadByOrganizationIdWithClaimedDomains that uses CTE for better performance
* Add stored procedure OrganizationUserUserDetails_ReadByOrganizationId_V2 for retrieving user details, group associations, and collection associations by organization ID.
* Add the sql migration script to add the new stored procedures
* Introduce GetManyDetailsByOrganizationAsync_vNext and GetManyByOrganizationWithClaimedDomainsAsync_vNext in IOrganizationUserRepository to enhance performance by reducing database round trips.
* Updated GetOrganizationUsersClaimedStatusQuery to use an optimized query when the feature flag is enabled
* Updated OrganizationUserUserDetailsQuery to use optimized queries when the feature flag is enabled
* Add integration tests for GetManyDetailsByOrganizationAsync_vNext
* Add integration tests for GetManyByOrganizationWithClaimedDomainsAsync_vNext to validate behavior with verified and unverified domains.
* Optimize performance by conditionally setting permissions only for Custom user types in OrganizationUserUserDetailsQuery.
* Create UserEmailDomainView to extract email domains from users' email addresses
* Create stored procedure Organization_ReadByClaimedUserEmailDomain_V2 that uses UserEmailDomainView to fetch Email domains
* Add GetByVerifiedUserEmailDomainAsync_vNext method to IOrganizationRepository and its implementations
* Refactor OrganizationUser_ReadByOrganizationIdWithClaimedDomains_V2 stored procedure to use UserEmailDomainView for email domain extraction, improving query efficiency and clarity.
* Enhance IOrganizationUserRepository with detailed documentation for GetManyDetailsByOrganizationAsync method, clarifying its purpose and performance optimizations. Added remarks for better understanding of its functionality.
* Fix missing newline at the end of Organization_ReadByClaimedUserEmailDomain_V2.sql to adhere to coding standards.
* Update the database migration script to include UserEmailDomainView
* Bumped the date on the migration script
* Remove GetByVerifiedUserEmailDomainAsync_vNext method and its stored procedure.
* Refactor UserEmailDomainView index creation to check for existence before creation
* Update OrganizationUser_ReadByOrganizationIdWithClaimedDomains_V2 to use CTE and add indexes
* Remove creation of unique clustered index from UserEmailDomainView and related migration script adjustments
* Update indexes and sproc
* Fix index name when checking if it already exists
* Bump up date on migration script
* Add SelfHostedOrganizationSignUpCommand for organization sign-up process
Method extracted from OrganizationService
* Register SelfHostedOrganizationSignUpCommand for dependency injection
* Add unit tests for SelfHostedOrganizationSignUpCommand
* Refactor SelfHostedOrganizationLicensesController to use ISelfHostedOrganizationSignUpCommand
* Remove SignUpAsync method and related validation from IOrganizationService and OrganizationService
* Move ISelfHostedOrganizationSignUpCommand into a separate file and update references
* Enable null safety in SelfHostedOrganizationSignUpCommand and update ISelfHostedOrganizationSignUpCommand interface to reflect nullable types for organizationUser and collectionName.
* feat: exclude DefaultUserCollection from GetManyByOrganizationIdWithPermissionsAsync
Updated EF implementation, SQL procedure, and unit test to verify that default user collections are filtered from results
* Update the public CollectionsController.Get method to return a NotFoundResult for collections of type DefaultUserCollection.
* Add unit tests for the public CollectionsController
* Update ICollectionRepository.GetManyByOrganizationIdAsync to exclude results of the type DefaultUserCollection
Modified the SQL stored procedure and the EF query to reflect this change and added a new integration test to ensure the functionality works as expected.
* Refactor CollectionsController to remove unused IApplicationCacheService dependency
* Update IOrganizationUserRepository.GetDetailsByIdWithCollectionsAsync to exclude DefaultUserCollections
* Update IOrganizationUserRepository.GetManyDetailsByOrganizationAsync to exclude DefaultUserCollections
* Undo change to GetByIdWithCollectionsAsync
* Update integration test to verify exclusion of DefaultUserCollection in OrganizationUserRepository.GetDetailsByIdWithCollectionsAsync
* Clarify documentation in ICollectionRepository to specify that GetManyByOrganizationIdWithAccessAsync returns only shared collections belonging to the organization.
* Add Arrange, Act, and Assert comments to CollectionsControllerTests
* Created ReadAllOrganizationUsersBasicInformationRequirement for use with Authorize attribute.
* Removed unused req and Handler and tests. Moved to new auth attribute
* Moved tests to integration tests with new response.
* Removed tests that were migrated to integration tests.
* Made string params Guids instead of parsing them manually in methods.
* Admin and Owner added to requirement.
* Added XML docs for basic get endpoint. Removed unused. Added another auth check. Inverted if check.
* Removed unused endpoint
* Added tests for requirement
* Added checks for both User and Custom
* Added org id check to validate the user being requested belongs to the org in the route.
* typo
* Moved license models to billing
* Moved LicensingService to billing
* Moved license command and queries to billing
* Moved LicenseController to billing
* [PM-17562] Add HEC integration support
* Re-ordered parameters per PR suggestion
* Apply suggestions from code review
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Refactored webhook request model validation to be more clear
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Add CreateCollectionCommand and associated interface with validation logic
* Implement CreateCollectionCommand to handle collection creation with organization checks and access permissions.
* Introduce ICreateCollectionCommand interface for defining the collection creation contract.
* Add unit tests for CreateCollectionCommand to validate various scenarios including permission checks and error handling.
* Add UpdateCollectionCommand and associated interface with validation logic
* Implement UpdateCollectionCommand to handle collection updates with organization checks and access permissions.
* Introduce IUpdateCollectionCommand interface for defining the collection update contract.
* Add unit tests for UpdateCollectionCommand to validate various scenarios including permission checks and error handling.
* Add scoped services for collection commands
* Register ICreateCollectionCommand and IUpdateCollectionCommand in the service collection for handling collection creation and updates.
* Refactor CollectionsController to use command interfaces for collection creation and updates
* Updated CollectionsController to utilize ICreateCollectionCommand and IUpdateCollectionCommand for handling collection creation and updates, replacing calls to ICollectionService.
* Adjusted related unit tests to verify the new command implementations.
* Refactor ICollectionService and CollectionService to remove SaveAsync method
* Removed the SaveAsync method from ICollectionService and its implementation in CollectionService.
* Updated related tests in CollectionServiceTests to reflect the removal of SaveAsync, ensuring existing functionality remains intact.
* Remove unused organization repository dependency from CollectionServiceTests
* Add validation to CreateCollectionCommand to prevent creation of DefaultUserCollection type
* Implemented a check in CreateCollectionCommand to throw a BadRequestException if a collection of type DefaultUserCollection is attempted to be created.
* Added a unit test to verify that the exception is thrown with the correct message when attempting to create a collection of this type.
* Add validation to DeleteCollectionCommand to prevent deletion of DefaultUserCollection type
* Implemented checks in DeleteAsync and DeleteManyAsync methods to throw a BadRequestException if a collection of type DefaultUserCollection is attempted to be deleted.
* Added unit tests to verify that the exceptions are thrown with the correct messages when attempting to delete collections of this type.
* Add validation in UpdateCollectionCommand to prevent editing DefaultUserCollection type
* Implemented a check in UpdateAsync to throw a BadRequestException if a collection of type DefaultUserCollection is attempted to be updated.
* Added a unit test to verify that the exception is thrown with the correct message when attempting to update a collection of this type.
* Add validation in UpdateOrganizationUserCommand to prevent modification of DefaultUserCollection type
* Implemented a check to throw a BadRequestException if an attempt is made to modify member access for collections of type DefaultUserCollection.
* Added a unit test to ensure the exception is thrown with the correct message when this condition is met.
* Add validation in UpdateGroupCommand to prevent modification of DefaultUserCollection type
* Implemented a check to throw a BadRequestException if an attempt is made to modify group access for collections of type DefaultUserCollection.
* Added a unit test to ensure the exception is thrown with the correct message when this condition is met.
* Add validation in BulkAddCollectionAccessCommand to prevent addition of collections of DefaultUserCollection type
* Implemented a check to throw a BadRequestException if an attempt is made to add access to collections of type DefaultUserCollection.
* Added a unit test to ensure the exception is thrown with the correct message when this condition is met.
* Add validation in CollectionService to prevent modification of DefaultUserCollection type
* Implemented a check in DeleteUserAsync to throw a BadRequestException if an attempt is made to modify member access for collections of type DefaultUserCollection.
* Added a unit test to ensure the exception is thrown with the correct message when this condition is met.
* Implement a check to throw a BadRequestException if an attempt is made to modify member access for collections of type DefaultUserCollection.
* Add validation in CollectionsController to prevent deletion of DefaultUserCollection type
* Implemented a check to return a BadRequestObjectResult if an attempt is made to delete a collection of type DefaultUserCollection.
* Remove unused test method for handling DefaultUserCollection in CollectionsControllerTests
* Update UpdateOrganizationUserCommandTests to use OrganizationUserType for user updates
* [PM-17562] Add integration filter support
* Repond to PR feedback; Remove Date-related filters
* Use tables to format the filter class descriptions
* [PM-17562] Add database support for integration filters (#5988)
* [PM-17562] Add database support for integration filters
* Respond to PR review - fix database scripts
* Further database updates; fix Filters to be last in views, stored procs, etc
* Fix for missing nulls in stored procedures in main migration script
* Reorder Filters to the bottom of OrganizationIntegrationConfiguration
* Separate out the creation of filters from the IntegrationFilterService to IntegrationFIlterFactory
* Move properties to static readonly field
* Fix unit tests failing from merge
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* [PM-17562] Update documentation for event integrations
* Fix SonarQube suggestion, bring ASB event listener in line with integration listener
* Apply suggestions from code review
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Updates to README - PR fixes, additional context, tense alignment
* Add links to different sections; remove inline code formatting in favor of single bacticks for JSON
* [PM-17562] Add aupport for Auth on Webhook integration requests
* Repsond to PR feedback - move optional params to end, add tests for optional cases
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Implement ResellerClientOrganizationSignUpCommand for signing up reseller client organizations with email invitations and error handling
* Refactor ProvidersController to replace IOrganizationService with IResellerClientOrganizationSignUpCommand for organization sign-up process
* Remove CreatePendingOrganization method from IOrganizationService and its implementation in OrganizationService
* Add IResellerClientOrganizationSignUpCommand to service collection for organization sign-up
* Add comment to clarify organization deletion process in ResellerClientOrganizationSignUpCommand
* [PM-17562] Fix flickering unit test - WebhookIntegrationHandlerTests
* Adjust to using TimeProvider and exact time matches
* Refactored RabittMqIntegrationListenerService and Tests to align on TimeProvider. Cleaned up tests that do not need to use DateTime.UtcNow
* [PM-17562] Update documentation for event integrations
* Fix SonarQube suggestion, bring ASB event listener in line with integration listener
* Apply suggestions from code review
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Updates to README - PR fixes, additional context, tense alignment
* Fix the formatting for inlined code snippets
* Add links to different sections; remove inline code formatting in favor of single bacticks for JSON
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Add RequiresDefaultCollection method to PersonalOwnershipPolicyRequirement
* Add CreateDefaultLocation feature flag to Constants.cs
* Add DefaultUserCollectionName property to OrganizationUserConfirmRequestModel with encryption attributes
* Update PersonalOwnershipPolicyRequirement instantiation in tests to use constructor with parameters instead of property assignment
* Enhance ConfirmOrganizationUserCommand to support default user collection creation. Added logic to check if a default collection is required based on organization policies and feature flags. Updated ConfirmUserAsync method signature to include an optional defaultUserCollectionName parameter. Added corresponding tests to validate the new functionality.
* Refactor Confirm method in OrganizationUsersController to use Guid parameters directly, simplifying the code. Updated ConfirmUserAsync call to include DefaultUserCollectionName from the input model.
* Move logic for handling confirmation side effects into a separate method
* Refactor PersonalOwnershipPolicyRequirement to use enum for ownership state
- Introduced PersonalOwnershipState enum to represent allowed and restricted states.
- Updated PersonalOwnershipPolicyRequirement constructor and properties to utilize the new enum.
- Modified related classes and tests to reflect changes in ownership state handling.
* implement the seat decrease error message
* Resolve the comment regarding abstraction
* Resolved the database failure
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the failing test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the failing test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the failing upgrade test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the failing test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the failing test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Removed the unused method
* Remove the total calculation from the stored procedure
* Refactoring base on pr feedback
* Refactoring base on pr feedback
* Resolve the fauiling database
* Resolve the failing database test
* Resolve the database test
* Remove duplicate migrations
* resolve the failing test
* Removed the unneeded change
* remove this file
* Reverted Deleted migration
* revert the added space
* resolve the stored procedure name
* Rename the migration name
* Updated the stored procedure name
* Revert the changes on the sproc
* Revert unrelated changes
* Remove the unused method
* improved the xmldoc
* Add an integration testing
* Add the use of helper test class
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the failing test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the failing test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* remove object look up
* Resolve message rollback
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
---------
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* [PM-17562] Add strict delay support for RabbitMQ
* fix lint error
* Added more robust FailureReason handling and some additional tests
* Fix two issues noted by SonarQube
* Fix typo; Add alternate handling if MessageId is null or empty
* Set MessageId on all message publishers
* Avoid multiple lookups in dictionaries
* Consistency in fallback to empty CollectionIds
* Readability at the cost of lines changed
* Readability
* Changes after running dotnet format
* Remove gathering and reporting of ReferenceEvents
* Fix test that relied on reference events throwing
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* [PM-17562] Add Azure Service Bus support for event integration retries
* Cleanup AzureServiceBusIntegrationListenerService.cs; add nullable
* Removed IntegrationHandlerBase* since it is no longer used (We removed the subclasses previously)
* Changed strategy to assume ApplyRetry always gives us a non-null DelayUntilDate; Added test to confirm as well
* Add RequireTwoFactorPolicyRequirement and its factory with unit tests
* Implemented RequireTwoFactorPolicyRequirement to enforce two-factor authentication policies.
* Created RequireTwoFactorPolicyRequirementFactory to generate policy requirements based on user status.
* Added unit tests for the factory to validate behavior with various user statuses and policy details.
* Enhance AcceptOrgUserCommand to use IPolicyRequirementQuery for two-factor authentication validation
* Update ConfirmOrganizationUserCommand to use RequireTwoFactorPolicyRequirement to check for 2FA requirement
* Implement CanAcceptInvitation and CanBeConfirmed methods in RequireTwoFactorPolicyRequirement; update tests to reflect new logic for two-factor authentication policy handling.
* Refactor AcceptOrgUserCommand to enforce two-factor authentication policy based on feature flag; update validation logic and tests accordingly.
* Enhance ConfirmOrganizationUserCommand to validate two-factor authentication policy based on feature flag; refactor validation logic and update related tests for improved policy handling.
* Remove unused method and its dependencies from OrganizationService.
* Implement CanBeRestored method in RequireTwoFactorPolicyRequirement to determine user restoration eligibility based on two-factor authentication status; add corresponding unit tests for various scenarios.
* Update RestoreOrganizationUserCommand to use IPolicyRequirementQuery for two-factor authentication policies checks
* Remove redundant vNext tests
* Add TwoFactorPoliciesForActiveMemberships property to RequireTwoFactorPolicyRequirement and corresponding unit tests for policy retrieval based on user status
* Refactor UserService to integrate IPolicyRequirementQuery for two-factor authentication policy checks
* Add XML documentation for TwoFactorPoliciesForActiveMemberships property in RequireTwoFactorPolicyRequirement to clarify its purpose and return value.
* Add exception documentation for ValidateTwoFactorAuthenticationPolicyAsync method in ConfirmOrganizationUserCommand to clarify error handling for users without two-step login enabled.
* Update comments in AcceptOrgUserCommand and ConfirmOrganizationUserCommand to clarify handling of two-step login and 2FA policy checks.
* Add RequireTwoFactorPolicyRequirementFactory to PolicyServiceCollectionExtensions
* Refactor two-factor authentication policy checks in AcceptOrgUserCommand and ConfirmOrganizationUserCommand to streamline validation logic and improve clarity. Update RequireTwoFactorPolicyRequirement to provide a method for checking if two-factor authentication is required for an organization. Adjust related unit tests accordingly.
* Add PolicyRequirements namespace
* Update comments in AcceptOrgUserCommand and ConfirmOrganizationUserCommand to clarify two-factor authentication policy requirements and exception handling.
* Refactor RequireTwoFactorPolicyRequirement to return tuples of (OrganizationId, OrganizationUserId) for active memberships requiring two-factor authentication. Update UserService and related tests to reflect this change.
* Refactor AcceptOrgUserCommand: delegate feature flag check to the ValidateTwoFactorAuthenticationPolicyAsync method
* Skip policy check if two-step login is enabled for the user
* Refactor ConfirmOrganizationUserCommand to streamline two-factor authentication policy validation logic
* Refactor AcceptOrgUserCommand to simplify two-factor authentication check by removing intermediate variable
* Update documentation in RequireTwoFactorPolicyRequirement to clarify the purpose of the IsTwoFactorRequiredForOrganization
* Refactor AcceptOrgUserCommandTests to remove redundant two-factor authentication checks and simplify test setup
* Refactor AcceptOrgUserCommand and ConfirmOrganizationUserCommand to streamline two-factor authentication checks by removing redundant conditions and simplifying logic flow.
* Rename removeOrgUserTasks variable in UserService
* Refactor RestoreOrganizationUserCommand to simplify two-factor authentication compliance checks by consolidating logic into a new method, IsTwoFactorRequiredForOrganizationAsync.
* Remove outdated two-factor authentication validation documentation from AcceptOrgUserCommand
* Invert two-factor compliance check in RestoreOrganizationUserCommand to ensure correct validation of organization user policies.
* Refactor UserService to enhance two-factor compliance checks by optimizing organization retrieval and logging when no organizations require two-factor authentication.
* Extract OrganizationService.SignupClientAsync into new ResellerClientOrganizationSignUpCommand
* Refactor ResellerClientOrganizationSignUpCommand to remove unused dependencies and simplify SignupClientAsync method signature
* Add unit tests for ResellerClientOrganizationSignUpCommand
* Rename SignUpProviderClientOrganizationCommand
* Rename ProviderClientOrganizationSignUpCommand
* Register ProviderClientOrganizationSignUpCommand for dependency injection
* Refactor ProviderService to use IProviderClientOrganizationSignUpCommand for organization signup process
* Refactor error handling in ProviderClientOrganizationSignUpCommand to use constants for error messages
* Remove SignupClientAsync method from IOrganizationService and OrganizationService, along with associated unit tests
* Set automatic tax to enabled and tax exempt to reverse where applicable when ff is on
* Fix and add tests
* Run dotnet format
* Run dotnet format
* PM-21745: Resolve defect
* PM-21770: Resolve defect
* Run dotnet format'
