From cb1c12794ff17220ee8b63081773a94f461977e8 Mon Sep 17 00:00:00 2001
From: Alex Morask <144709477+amorask-bitwarden@users.noreply.github.com>
Date: Thu, 6 Mar 2025 13:44:10 -0500
Subject: [PATCH 01/48] Derive item add on status from price metadata (#5389)
---
src/Core/Models/Business/SubscriptionInfo.cs | 7 +++++--
src/Core/Utilities/StaticStore.cs | 17 -----------------
2 files changed, 5 insertions(+), 19 deletions(-)
diff --git a/src/Core/Models/Business/SubscriptionInfo.cs b/src/Core/Models/Business/SubscriptionInfo.cs
index c9c3b31c7f..78a995fb94 100644
--- a/src/Core/Models/Business/SubscriptionInfo.cs
+++ b/src/Core/Models/Business/SubscriptionInfo.cs
@@ -73,8 +73,11 @@ public class SubscriptionInfo
Name = item.Plan.Nickname;
Amount = item.Plan.Amount.GetValueOrDefault() / 100M;
Interval = item.Plan.Interval;
- AddonSubscriptionItem =
- Utilities.StaticStore.IsAddonSubscriptionItem(item.Plan.Id);
+
+ if (item.Metadata != null)
+ {
+ AddonSubscriptionItem = item.Metadata.TryGetValue("isAddOn", out var value) && bool.Parse(value);
+ }
}
Quantity = (int)item.Quantity;
diff --git a/src/Core/Utilities/StaticStore.cs b/src/Core/Utilities/StaticStore.cs
index 24e9ccd7bd..1cae361e29 100644
--- a/src/Core/Utilities/StaticStore.cs
+++ b/src/Core/Utilities/StaticStore.cs
@@ -158,21 +158,4 @@ public static class StaticStore
public static SponsoredPlan GetSponsoredPlan(PlanSponsorshipType planSponsorshipType) =>
SponsoredPlans.FirstOrDefault(p => p.PlanSponsorshipType == planSponsorshipType);
-
- ///
- /// Determines if the stripe plan id is an addon item by checking if the provided stripe plan id
- /// matches either the or
- /// in any .
- ///
- ///
- ///
- /// True if the stripePlanId is a addon product, false otherwise
- ///
- public static bool IsAddonSubscriptionItem(string stripePlanId)
- {
- // TODO: PRICING -> https://bitwarden.atlassian.net/browse/PM-16844
- return Plans.Any(p =>
- p.PasswordManager.StripeStoragePlanId == stripePlanId ||
- (p.SecretsManager?.StripeServiceAccountPlanId == stripePlanId));
- }
}
From 8628206fa90287e1c169c928e5ecad8b14b2210d Mon Sep 17 00:00:00 2001
From: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
Date: Thu, 6 Mar 2025 22:13:02 +0100
Subject: [PATCH 02/48] ArgumentNullException: Value cannot be null in POST
/push/register (#5472)
---
.../Push/Controllers/PushController.cs | 5 +--
.../Push/Controllers/PushControllerTests.cs | 32 +++++++++++++------
2 files changed, 25 insertions(+), 12 deletions(-)
diff --git a/src/Api/Platform/Push/Controllers/PushController.cs b/src/Api/Platform/Push/Controllers/PushController.cs
index 28641a86cf..2a1f2b987d 100644
--- a/src/Api/Platform/Push/Controllers/PushController.cs
+++ b/src/Api/Platform/Push/Controllers/PushController.cs
@@ -43,8 +43,9 @@ public class PushController : Controller
public async Task RegisterAsync([FromBody] PushRegistrationRequestModel model)
{
CheckUsage();
- await _pushRegistrationService.CreateOrUpdateRegistrationAsync(new PushRegistrationData(model.PushToken), Prefix(model.DeviceId),
- Prefix(model.UserId), Prefix(model.Identifier), model.Type, model.OrganizationIds.Select(Prefix), model.InstallationId);
+ await _pushRegistrationService.CreateOrUpdateRegistrationAsync(new PushRegistrationData(model.PushToken),
+ Prefix(model.DeviceId), Prefix(model.UserId), Prefix(model.Identifier), model.Type,
+ model.OrganizationIds?.Select(Prefix) ?? [], model.InstallationId);
}
[HttpPost("delete")]
diff --git a/test/Api.Test/Platform/Push/Controllers/PushControllerTests.cs b/test/Api.Test/Platform/Push/Controllers/PushControllerTests.cs
index 399913a0c4..6df09c17dc 100644
--- a/test/Api.Test/Platform/Push/Controllers/PushControllerTests.cs
+++ b/test/Api.Test/Platform/Push/Controllers/PushControllerTests.cs
@@ -243,20 +243,22 @@ public class PushControllerTests
PushToken = "test-push-token",
UserId = userId.ToString(),
Type = DeviceType.Android,
- Identifier = identifier.ToString()
+ Identifier = identifier.ToString(),
}));
Assert.Equal("Not correctly configured for push relays.", exception.Message);
await sutProvider.GetDependency().Received(0)
- .CreateOrUpdateRegistrationAsync(Arg.Any(), Arg.Any(), Arg.Any(), Arg.Any(),
- Arg.Any(), Arg.Any>(), Arg.Any());
+ .CreateOrUpdateRegistrationAsync(Arg.Any(), Arg.Any(), Arg.Any(),
+ Arg.Any(), Arg.Any(), Arg.Any>(), Arg.Any());
}
[Theory]
- [BitAutoData]
- public async Task? RegisterAsync_ValidModel_CreatedOrUpdatedRegistration(SutProvider sutProvider,
- Guid installationId, Guid userId, Guid identifier, Guid deviceId, Guid organizationId)
+ [BitAutoData(false)]
+ [BitAutoData(true)]
+ public async Task RegisterAsync_ValidModel_CreatedOrUpdatedRegistration(bool haveOrganizationId,
+ SutProvider sutProvider, Guid installationId, Guid userId, Guid identifier, Guid deviceId,
+ Guid organizationId)
{
sutProvider.GetDependency().SelfHosted = false;
sutProvider.GetDependency().InstallationId.Returns(installationId);
@@ -273,19 +275,29 @@ public class PushControllerTests
UserId = userId.ToString(),
Type = DeviceType.Android,
Identifier = identifier.ToString(),
- OrganizationIds = [organizationId.ToString()],
+ OrganizationIds = haveOrganizationId ? [organizationId.ToString()] : null,
InstallationId = installationId
};
await sutProvider.Sut.RegisterAsync(model);
await sutProvider.GetDependency().Received(1)
- .CreateOrUpdateRegistrationAsync(Arg.Is(data => data == new PushRegistrationData(model.PushToken)), expectedDeviceId, expectedUserId,
+ .CreateOrUpdateRegistrationAsync(
+ Arg.Is(data => data == new PushRegistrationData(model.PushToken)),
+ expectedDeviceId, expectedUserId,
expectedIdentifier, DeviceType.Android, Arg.Do>(organizationIds =>
{
+ Assert.NotNull(organizationIds);
var organizationIdsList = organizationIds.ToList();
- Assert.Contains(expectedOrganizationId, organizationIdsList);
- Assert.Single(organizationIdsList);
+ if (haveOrganizationId)
+ {
+ Assert.Contains(expectedOrganizationId, organizationIdsList);
+ Assert.Single(organizationIdsList);
+ }
+ else
+ {
+ Assert.Empty(organizationIdsList);
+ }
}), installationId);
}
}
From bea0d0d76f0057796f279e34516953b168a668b2 Mon Sep 17 00:00:00 2001
From: Github Actions
Date: Thu, 6 Mar 2025 21:51:25 +0000
Subject: [PATCH 03/48] Bumped version to 2025.2.4
---
Directory.Build.props | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Directory.Build.props b/Directory.Build.props
index 403bf843d1..03594371e9 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -3,7 +3,7 @@
net8.0
- 2025.2.3
+ 2025.2.4
Bit.$(MSBuildProjectName)
enable
From 6cb97d9bf9c02d4036a549bd140030f9206f8b5a Mon Sep 17 00:00:00 2001
From: Jared McCannon
Date: Thu, 6 Mar 2025 20:32:21 -0600
Subject: [PATCH 04/48] [PM-18972] - Fix query for Org By User Domain (#5474)
* Changed query to avoid table scan. Added index to speed up query as well.
---
.../Repositories/OrganizationRepository.cs | 34 +++++++++++++------
...anization_ReadByClaimedUserEmailDomain.sql | 21 ++++++++----
src/Sql/dbo/Tables/OrganizationDomain.sql | 5 +++
..._ReadByClaimedUserEmailDomain_AndIndex.sql | 31 +++++++++++++++++
4 files changed, 73 insertions(+), 18 deletions(-)
create mode 100644 util/Migrator/DbScripts/2025-03-06_00_ReadByClaimedUserEmailDomain_AndIndex.sql
diff --git a/src/Infrastructure.EntityFramework/AdminConsole/Repositories/OrganizationRepository.cs b/src/Infrastructure.EntityFramework/AdminConsole/Repositories/OrganizationRepository.cs
index ea4e1334c6..6fc42b699d 100644
--- a/src/Infrastructure.EntityFramework/AdminConsole/Repositories/OrganizationRepository.cs
+++ b/src/Infrastructure.EntityFramework/AdminConsole/Repositories/OrganizationRepository.cs
@@ -290,21 +290,33 @@ public class OrganizationRepository : Repository> GetByVerifiedUserEmailDomainAsync(Guid userId)
{
- using (var scope = ServiceScopeFactory.CreateScope())
- {
- var dbContext = GetDatabaseContext(scope);
+ using var scope = ServiceScopeFactory.CreateScope();
- var query = from u in dbContext.Users
- join ou in dbContext.OrganizationUsers on u.Id equals ou.UserId
- join o in dbContext.Organizations on ou.OrganizationId equals o.Id
- join od in dbContext.OrganizationDomains on ou.OrganizationId equals od.OrganizationId
+ var dbContext = GetDatabaseContext(scope);
+
+ var userQuery = from u in dbContext.Users
where u.Id == userId
- && od.VerifiedDate != null
- && u.Email.ToLower().EndsWith("@" + od.DomainName.ToLower())
- select o;
+ select u;
- return await query.ToArrayAsync();
+ var user = await userQuery.FirstOrDefaultAsync();
+
+ if (user is null)
+ {
+ return new List();
}
+
+ var userWithDomain = new { UserId = user.Id, EmailDomain = user.Email.Split('@').Last() };
+
+ var query = from o in dbContext.Organizations
+ join ou in dbContext.OrganizationUsers on o.Id equals ou.OrganizationId
+ join od in dbContext.OrganizationDomains on ou.OrganizationId equals od.OrganizationId
+ where ou.UserId == userWithDomain.UserId &&
+ od.DomainName == userWithDomain.EmailDomain &&
+ od.VerifiedDate != null &&
+ o.Enabled == true
+ select o;
+
+ return await query.ToArrayAsync();
}
public async Task> GetAddableToProviderByUserIdAsync(
diff --git a/src/Sql/dbo/Stored Procedures/Organization_ReadByClaimedUserEmailDomain.sql b/src/Sql/dbo/Stored Procedures/Organization_ReadByClaimedUserEmailDomain.sql
index 39cf5d384c..583f548c8b 100644
--- a/src/Sql/dbo/Stored Procedures/Organization_ReadByClaimedUserEmailDomain.sql
+++ b/src/Sql/dbo/Stored Procedures/Organization_ReadByClaimedUserEmailDomain.sql
@@ -4,12 +4,19 @@ AS
BEGIN
SET NOCOUNT ON;
+ WITH CTE_User AS (
+ SELECT
+ U.*,
+ SUBSTRING(U.Email, CHARINDEX('@', U.Email) + 1, LEN(U.Email)) AS EmailDomain
+ FROM dbo.[UserView] U
+ WHERE U.[Id] = @UserId
+ )
SELECT O.*
- FROM [dbo].[UserView] U
- INNER JOIN [dbo].[OrganizationUserView] OU ON U.[Id] = OU.[UserId]
- INNER JOIN [dbo].[OrganizationView] O ON OU.[OrganizationId] = O.[Id]
- INNER JOIN [dbo].[OrganizationDomainView] OD ON OU.[OrganizationId] = OD.[OrganizationId]
- WHERE U.[Id] = @UserId
- AND OD.[VerifiedDate] IS NOT NULL
- AND U.[Email] LIKE '%@' + OD.[DomainName];
+ FROM CTE_User CU
+ INNER JOIN dbo.[OrganizationUserView] OU ON CU.[Id] = OU.[UserId]
+ INNER JOIN dbo.[OrganizationView] O ON OU.[OrganizationId] = O.[Id]
+ INNER JOIN dbo.[OrganizationDomainView] OD ON OU.[OrganizationId] = OD.[OrganizationId]
+ WHERE OD.[VerifiedDate] IS NOT NULL
+ AND CU.EmailDomain = OD.[DomainName]
+ AND O.[Enabled] = 1
END
diff --git a/src/Sql/dbo/Tables/OrganizationDomain.sql b/src/Sql/dbo/Tables/OrganizationDomain.sql
index 09e4997d74..615dcc1557 100644
--- a/src/Sql/dbo/Tables/OrganizationDomain.sql
+++ b/src/Sql/dbo/Tables/OrganizationDomain.sql
@@ -22,3 +22,8 @@ CREATE NONCLUSTERED INDEX [IX_OrganizationDomain_VerifiedDate]
ON [dbo].[OrganizationDomain] ([VerifiedDate])
INCLUDE ([OrganizationId],[DomainName]);
GO
+
+CREATE NONCLUSTERED INDEX [IX_OrganizationDomain_DomainNameVerifiedDateOrganizationId]
+ ON [dbo].[OrganizationDomain] ([DomainName],[VerifiedDate])
+ INCLUDE ([OrganizationId])
+GO
diff --git a/util/Migrator/DbScripts/2025-03-06_00_ReadByClaimedUserEmailDomain_AndIndex.sql b/util/Migrator/DbScripts/2025-03-06_00_ReadByClaimedUserEmailDomain_AndIndex.sql
new file mode 100644
index 0000000000..a28b869c4e
--- /dev/null
+++ b/util/Migrator/DbScripts/2025-03-06_00_ReadByClaimedUserEmailDomain_AndIndex.sql
@@ -0,0 +1,31 @@
+CREATE OR ALTER PROCEDURE [dbo].[Organization_ReadByClaimedUserEmailDomain]
+ @UserId UNIQUEIDENTIFIER
+AS
+BEGIN
+ SET NOCOUNT ON;
+
+ WITH CTE_User AS (
+ SELECT
+ U.*,
+ SUBSTRING(U.Email, CHARINDEX('@', U.Email) + 1, LEN(U.Email)) AS EmailDomain
+ FROM dbo.[UserView] U
+ WHERE U.[Id] = @UserId
+ )
+ SELECT O.*
+ FROM CTE_User CU
+ INNER JOIN dbo.[OrganizationUserView] OU ON CU.[Id] = OU.[UserId]
+ INNER JOIN dbo.[OrganizationView] O ON OU.[OrganizationId] = O.[Id]
+ INNER JOIN dbo.[OrganizationDomainView] OD ON OU.[OrganizationId] = OD.[OrganizationId]
+ WHERE OD.[VerifiedDate] IS NOT NULL
+ AND CU.EmailDomain = OD.[DomainName]
+ AND O.[Enabled] = 1
+END
+GO
+
+IF NOT EXISTS(SELECT name FROM sys.indexes WHERE name = 'IX_OrganizationDomain_DomainNameVerifiedDateOrganizationId')
+ BEGIN
+ CREATE NONCLUSTERED INDEX [IX_OrganizationDomain_DomainNameVerifiedDateOrganizationId]
+ ON [dbo].[OrganizationDomain] ([DomainName],[VerifiedDate])
+ INCLUDE ([OrganizationId])
+ END
+GO
From c589f9a330575831b075f93c30223cdb799e28d9 Mon Sep 17 00:00:00 2001
From: Jonas Hendrickx
Date: Fri, 7 Mar 2025 09:52:04 +0100
Subject: [PATCH 05/48] [BEEEP] [PM-18518] Cleanup StripePaymentService (#5435)
---
.../Billing/Extensions/CustomerExtensions.cs | 5 +
.../Extensions/SubscriberExtensions.cs | 26 +
src/Core/Services/IPaymentService.cs | 12 -
.../Implementations/StripePaymentService.cs | 737 +---------------
.../Extensions/SubscriberExtensionsTests.cs | 23 +
.../Services/StripePaymentServiceTests.cs | 828 ------------------
6 files changed, 58 insertions(+), 1573 deletions(-)
create mode 100644 src/Core/Billing/Extensions/SubscriberExtensions.cs
create mode 100644 test/Core.Test/Extensions/SubscriberExtensionsTests.cs
delete mode 100644 test/Core.Test/Services/StripePaymentServiceTests.cs
diff --git a/src/Core/Billing/Extensions/CustomerExtensions.cs b/src/Core/Billing/Extensions/CustomerExtensions.cs
index 1847abb0ad..1ab595342e 100644
--- a/src/Core/Billing/Extensions/CustomerExtensions.cs
+++ b/src/Core/Billing/Extensions/CustomerExtensions.cs
@@ -22,4 +22,9 @@ public static class CustomerExtensions
///
public static bool HasTaxLocationVerified(this Customer customer) =>
customer?.Tax?.AutomaticTax == StripeConstants.AutomaticTaxStatus.Supported;
+
+ public static decimal GetBillingBalance(this Customer customer)
+ {
+ return customer != null ? customer.Balance / 100M : default;
+ }
}
diff --git a/src/Core/Billing/Extensions/SubscriberExtensions.cs b/src/Core/Billing/Extensions/SubscriberExtensions.cs
new file mode 100644
index 0000000000..e322ed7317
--- /dev/null
+++ b/src/Core/Billing/Extensions/SubscriberExtensions.cs
@@ -0,0 +1,26 @@
+using Bit.Core.Entities;
+
+namespace Bit.Core.Billing.Extensions;
+
+public static class SubscriberExtensions
+{
+ ///
+ /// We are taking only first 30 characters of the SubscriberName because stripe provide for 30 characters for
+ /// custom_fields,see the link: https://stripe.com/docs/api/invoices/create
+ ///
+ ///
+ ///
+ public static string GetFormattedInvoiceName(this ISubscriber subscriber)
+ {
+ var subscriberName = subscriber.SubscriberName();
+
+ if (string.IsNullOrWhiteSpace(subscriberName))
+ {
+ return string.Empty;
+ }
+
+ return subscriberName.Length <= 30
+ ? subscriberName
+ : subscriberName[..30];
+ }
+}
diff --git a/src/Core/Services/IPaymentService.cs b/src/Core/Services/IPaymentService.cs
index 5bd2bede33..e3495c0e65 100644
--- a/src/Core/Services/IPaymentService.cs
+++ b/src/Core/Services/IPaymentService.cs
@@ -14,18 +14,8 @@ namespace Bit.Core.Services;
public interface IPaymentService
{
Task CancelAndRecoverChargesAsync(ISubscriber subscriber);
- Task PurchaseOrganizationAsync(Organization org, PaymentMethodType paymentMethodType,
- string paymentToken, Plan plan, short additionalStorageGb, int additionalSeats,
- bool premiumAccessAddon, TaxInfo taxInfo, bool provider = false, int additionalSmSeats = 0,
- int additionalServiceAccount = 0, bool signupIsFromSecretsManagerTrial = false);
- Task PurchaseOrganizationNoPaymentMethod(Organization org, Plan plan, int additionalSeats,
- bool premiumAccessAddon, int additionalSmSeats = 0, int additionalServiceAccount = 0,
- bool signupIsFromSecretsManagerTrial = false);
Task SponsorOrganizationAsync(Organization org, OrganizationSponsorship sponsorship);
Task RemoveOrganizationSponsorshipAsync(Organization org, OrganizationSponsorship sponsorship);
- Task UpgradeFreeOrganizationAsync(Organization org, Plan plan, OrganizationUpgrade upgrade);
- Task PurchasePremiumAsync(User user, PaymentMethodType paymentMethodType, string paymentToken,
- short additionalStorageGb, TaxInfo taxInfo);
Task AdjustSubscription(
Organization organization,
Plan updatedPlan,
@@ -56,9 +46,7 @@ public interface IPaymentService
Task SaveTaxInfoAsync(ISubscriber subscriber, TaxInfo taxInfo);
Task AddSecretsManagerToSubscription(Organization org, Plan plan, int additionalSmSeats,
int additionalServiceAccount);
- Task RisksSubscriptionFailure(Organization organization);
Task HasSecretsManagerStandalone(Organization organization);
- Task<(DateTime?, DateTime?)> GetSuspensionDateAsync(Stripe.Subscription subscription);
Task PreviewInvoiceAsync(PreviewIndividualInvoiceRequestBody parameters, string gatewayCustomerId, string gatewaySubscriptionId);
Task PreviewInvoiceAsync(PreviewOrganizationInvoiceRequestBody parameters, string gatewayCustomerId, string gatewaySubscriptionId);
diff --git a/src/Core/Services/Implementations/StripePaymentService.cs b/src/Core/Services/Implementations/StripePaymentService.cs
index bfa94cf5ba..ca377407f4 100644
--- a/src/Core/Services/Implementations/StripePaymentService.cs
+++ b/src/Core/Services/Implementations/StripePaymentService.cs
@@ -25,9 +25,6 @@ namespace Bit.Core.Services;
public class StripePaymentService : IPaymentService
{
- private const string PremiumPlanId = "premium-annually";
- private const string StoragePlanId = "storage-gb-annually";
- private const string ProviderDiscountId = "msp-discount-35";
private const string SecretsManagerStandaloneDiscountId = "sm-standalone";
private readonly ITransactionRepository _transactionRepository;
@@ -62,240 +59,6 @@ public class StripePaymentService : IPaymentService
_pricingClient = pricingClient;
}
- public async Task PurchaseOrganizationAsync(Organization org, PaymentMethodType paymentMethodType,
- string paymentToken, StaticStore.Plan plan, short additionalStorageGb,
- int additionalSeats, bool premiumAccessAddon, TaxInfo taxInfo, bool provider = false,
- int additionalSmSeats = 0, int additionalServiceAccount = 0, bool signupIsFromSecretsManagerTrial = false)
- {
- Braintree.Customer braintreeCustomer = null;
- string stipeCustomerSourceToken = null;
- string stipeCustomerPaymentMethodId = null;
- var stripeCustomerMetadata = new Dictionary
- {
- { "region", _globalSettings.BaseServiceUri.CloudRegion }
- };
- var stripePaymentMethod = paymentMethodType == PaymentMethodType.Card ||
- paymentMethodType == PaymentMethodType.BankAccount;
-
- if (stripePaymentMethod && !string.IsNullOrWhiteSpace(paymentToken))
- {
- if (paymentToken.StartsWith("pm_"))
- {
- stipeCustomerPaymentMethodId = paymentToken;
- }
- else
- {
- stipeCustomerSourceToken = paymentToken;
- }
- }
- else if (paymentMethodType == PaymentMethodType.PayPal)
- {
- var randomSuffix = Utilities.CoreHelpers.RandomString(3, upper: false, numeric: false);
- var customerResult = await _btGateway.Customer.CreateAsync(new Braintree.CustomerRequest
- {
- PaymentMethodNonce = paymentToken,
- Email = org.BillingEmail,
- Id = org.BraintreeCustomerIdPrefix() + org.Id.ToString("N").ToLower() + randomSuffix,
- CustomFields = new Dictionary
- {
- [org.BraintreeIdField()] = org.Id.ToString(),
- [org.BraintreeCloudRegionField()] = _globalSettings.BaseServiceUri.CloudRegion
- }
- });
-
- if (!customerResult.IsSuccess() || customerResult.Target.PaymentMethods.Length == 0)
- {
- throw new GatewayException("Failed to create PayPal customer record.");
- }
-
- braintreeCustomer = customerResult.Target;
- stripeCustomerMetadata.Add("btCustomerId", braintreeCustomer.Id);
- }
- else
- {
- throw new GatewayException("Payment method is not supported at this time.");
- }
-
- var subCreateOptions = new OrganizationPurchaseSubscriptionOptions(org, plan, taxInfo, additionalSeats, additionalStorageGb, premiumAccessAddon
- , additionalSmSeats, additionalServiceAccount);
-
- Customer customer = null;
- Subscription subscription;
- try
- {
- if (!string.IsNullOrWhiteSpace(taxInfo.TaxIdNumber))
- {
- taxInfo.TaxIdType = _taxService.GetStripeTaxCode(taxInfo.BillingAddressCountry,
- taxInfo.TaxIdNumber);
-
- if (taxInfo.TaxIdType == null)
- {
- _logger.LogWarning("Could not infer tax ID type in country '{Country}' with tax ID '{TaxID}'.",
- taxInfo.BillingAddressCountry,
- taxInfo.TaxIdNumber);
- throw new BadRequestException("billingTaxIdTypeInferenceError");
- }
- }
-
- var customerCreateOptions = new CustomerCreateOptions
- {
- Description = org.DisplayBusinessName(),
- Email = org.BillingEmail,
- Source = stipeCustomerSourceToken,
- PaymentMethod = stipeCustomerPaymentMethodId,
- Metadata = stripeCustomerMetadata,
- InvoiceSettings = new CustomerInvoiceSettingsOptions
- {
- DefaultPaymentMethod = stipeCustomerPaymentMethodId,
- CustomFields =
- [
- new CustomerInvoiceSettingsCustomFieldOptions
- {
- Name = org.SubscriberType(),
- Value = GetFirstThirtyCharacters(org.SubscriberName()),
- }
- ],
- },
- Coupon = signupIsFromSecretsManagerTrial
- ? SecretsManagerStandaloneDiscountId
- : provider
- ? ProviderDiscountId
- : null,
- Address = new AddressOptions
- {
- Country = taxInfo?.BillingAddressCountry,
- PostalCode = taxInfo?.BillingAddressPostalCode,
- // Line1 is required in Stripe's API, suggestion in Docs is to use Business Name instead.
- Line1 = taxInfo?.BillingAddressLine1 ?? string.Empty,
- Line2 = taxInfo?.BillingAddressLine2,
- City = taxInfo?.BillingAddressCity,
- State = taxInfo?.BillingAddressState,
- },
- TaxIdData = !string.IsNullOrWhiteSpace(taxInfo.TaxIdNumber)
- ? [new CustomerTaxIdDataOptions { Type = taxInfo.TaxIdType, Value = taxInfo.TaxIdNumber }]
- : null
- };
-
- customerCreateOptions.AddExpand("tax");
-
- customer = await _stripeAdapter.CustomerCreateAsync(customerCreateOptions);
- subCreateOptions.AddExpand("latest_invoice.payment_intent");
- subCreateOptions.Customer = customer.Id;
- subCreateOptions.EnableAutomaticTax(customer);
-
- subscription = await _stripeAdapter.SubscriptionCreateAsync(subCreateOptions);
- if (subscription.Status == "incomplete" && subscription.LatestInvoice?.PaymentIntent != null)
- {
- if (subscription.LatestInvoice.PaymentIntent.Status == "requires_payment_method")
- {
- await _stripeAdapter.SubscriptionCancelAsync(subscription.Id, new SubscriptionCancelOptions());
- throw new GatewayException("Payment method was declined.");
- }
- }
- }
- catch (Exception ex)
- {
- _logger.LogError(ex, "Error creating customer, walking back operation.");
- if (customer != null)
- {
- await _stripeAdapter.CustomerDeleteAsync(customer.Id);
- }
- if (braintreeCustomer != null)
- {
- await _btGateway.Customer.DeleteAsync(braintreeCustomer.Id);
- }
- throw;
- }
-
- org.Gateway = GatewayType.Stripe;
- org.GatewayCustomerId = customer.Id;
- org.GatewaySubscriptionId = subscription.Id;
-
- if (subscription.Status == "incomplete" &&
- subscription.LatestInvoice?.PaymentIntent?.Status == "requires_action")
- {
- org.Enabled = false;
- return subscription.LatestInvoice.PaymentIntent.ClientSecret;
- }
- else
- {
- org.Enabled = true;
- org.ExpirationDate = subscription.CurrentPeriodEnd;
- return null;
- }
- }
-
- public async Task PurchaseOrganizationNoPaymentMethod(Organization org, StaticStore.Plan plan, int additionalSeats, bool premiumAccessAddon,
- int additionalSmSeats = 0, int additionalServiceAccount = 0, bool signupIsFromSecretsManagerTrial = false)
- {
-
- var stripeCustomerMetadata = new Dictionary
- {
- { "region", _globalSettings.BaseServiceUri.CloudRegion }
- };
- var subCreateOptions = new OrganizationPurchaseSubscriptionOptions(org, plan, new TaxInfo(), additionalSeats, 0, premiumAccessAddon
- , additionalSmSeats, additionalServiceAccount);
-
- Customer customer = null;
- Subscription subscription;
- try
- {
- var customerCreateOptions = new CustomerCreateOptions
- {
- Description = org.DisplayBusinessName(),
- Email = org.BillingEmail,
- Metadata = stripeCustomerMetadata,
- InvoiceSettings = new CustomerInvoiceSettingsOptions
- {
- CustomFields =
- [
- new CustomerInvoiceSettingsCustomFieldOptions
- {
- Name = org.SubscriberType(),
- Value = GetFirstThirtyCharacters(org.SubscriberName()),
- }
- ],
- },
- Coupon = signupIsFromSecretsManagerTrial
- ? SecretsManagerStandaloneDiscountId
- : null,
- TaxIdData = null,
- };
-
- customer = await _stripeAdapter.CustomerCreateAsync(customerCreateOptions);
- subCreateOptions.AddExpand("latest_invoice.payment_intent");
- subCreateOptions.Customer = customer.Id;
-
- subscription = await _stripeAdapter.SubscriptionCreateAsync(subCreateOptions);
- }
- catch (Exception ex)
- {
- _logger.LogError(ex, "Error creating customer, walking back operation.");
- if (customer != null)
- {
- await _stripeAdapter.CustomerDeleteAsync(customer.Id);
- }
-
- throw;
- }
-
- org.Gateway = GatewayType.Stripe;
- org.GatewayCustomerId = customer.Id;
- org.GatewaySubscriptionId = subscription.Id;
-
- if (subscription.Status == "incomplete" &&
- subscription.LatestInvoice?.PaymentIntent?.Status == "requires_action")
- {
- org.Enabled = false;
- return subscription.LatestInvoice.PaymentIntent.ClientSecret;
- }
-
- org.Enabled = true;
- org.ExpirationDate = subscription.CurrentPeriodEnd;
- return null;
-
- }
-
private async Task ChangeOrganizationSponsorship(
Organization org,
OrganizationSponsorship sponsorship,
@@ -324,458 +87,6 @@ public class StripePaymentService : IPaymentService
public Task RemoveOrganizationSponsorshipAsync(Organization org, OrganizationSponsorship sponsorship) =>
ChangeOrganizationSponsorship(org, sponsorship, false);
- public async Task UpgradeFreeOrganizationAsync(Organization org, StaticStore.Plan plan,
- OrganizationUpgrade upgrade)
- {
- if (!string.IsNullOrWhiteSpace(org.GatewaySubscriptionId))
- {
- throw new BadRequestException("Organization already has a subscription.");
- }
-
- var customerOptions = new CustomerGetOptions();
- customerOptions.AddExpand("default_source");
- customerOptions.AddExpand("invoice_settings.default_payment_method");
- customerOptions.AddExpand("tax");
- var customer = await _stripeAdapter.CustomerGetAsync(org.GatewayCustomerId, customerOptions);
- if (customer == null)
- {
- throw new GatewayException("Could not find customer payment profile.");
- }
-
- if (!string.IsNullOrEmpty(upgrade.TaxInfo?.BillingAddressCountry) &&
- !string.IsNullOrEmpty(upgrade.TaxInfo?.BillingAddressPostalCode))
- {
- var addressOptions = new AddressOptions
- {
- Country = upgrade.TaxInfo.BillingAddressCountry,
- PostalCode = upgrade.TaxInfo.BillingAddressPostalCode,
- // Line1 is required in Stripe's API, suggestion in Docs is to use Business Name instead.
- Line1 = upgrade.TaxInfo.BillingAddressLine1 ?? string.Empty,
- Line2 = upgrade.TaxInfo.BillingAddressLine2,
- City = upgrade.TaxInfo.BillingAddressCity,
- State = upgrade.TaxInfo.BillingAddressState,
- };
- var customerUpdateOptions = new CustomerUpdateOptions { Address = addressOptions };
- customerUpdateOptions.AddExpand("default_source");
- customerUpdateOptions.AddExpand("invoice_settings.default_payment_method");
- customerUpdateOptions.AddExpand("tax");
- customer = await _stripeAdapter.CustomerUpdateAsync(org.GatewayCustomerId, customerUpdateOptions);
- }
-
- var subCreateOptions = new OrganizationUpgradeSubscriptionOptions(customer.Id, org, plan, upgrade);
-
- subCreateOptions.EnableAutomaticTax(customer);
-
- var (stripePaymentMethod, paymentMethodType) = IdentifyPaymentMethod(customer, subCreateOptions);
-
- var subscription = await ChargeForNewSubscriptionAsync(org, customer, false,
- stripePaymentMethod, paymentMethodType, subCreateOptions, null);
- org.GatewaySubscriptionId = subscription.Id;
-
- if (subscription.Status == "incomplete" &&
- subscription.LatestInvoice?.PaymentIntent?.Status == "requires_action")
- {
- org.Enabled = false;
- return subscription.LatestInvoice.PaymentIntent.ClientSecret;
- }
- else
- {
- org.Enabled = true;
- org.ExpirationDate = subscription.CurrentPeriodEnd;
- return null;
- }
- }
-
- private (bool stripePaymentMethod, PaymentMethodType PaymentMethodType) IdentifyPaymentMethod(
- Customer customer, SubscriptionCreateOptions subCreateOptions)
- {
- var stripePaymentMethod = false;
- var paymentMethodType = PaymentMethodType.Credit;
- var hasBtCustomerId = customer.Metadata.ContainsKey("btCustomerId");
- if (hasBtCustomerId)
- {
- paymentMethodType = PaymentMethodType.PayPal;
- }
- else
- {
- if (customer.InvoiceSettings?.DefaultPaymentMethod?.Type == "card")
- {
- paymentMethodType = PaymentMethodType.Card;
- stripePaymentMethod = true;
- }
- else if (customer.DefaultSource != null)
- {
- if (customer.DefaultSource is Card || customer.DefaultSource is SourceCard)
- {
- paymentMethodType = PaymentMethodType.Card;
- stripePaymentMethod = true;
- }
- else if (customer.DefaultSource is BankAccount || customer.DefaultSource is SourceAchDebit)
- {
- paymentMethodType = PaymentMethodType.BankAccount;
- stripePaymentMethod = true;
- }
- }
- else
- {
- var paymentMethod = GetLatestCardPaymentMethod(customer.Id);
- if (paymentMethod != null)
- {
- paymentMethodType = PaymentMethodType.Card;
- stripePaymentMethod = true;
- subCreateOptions.DefaultPaymentMethod = paymentMethod.Id;
- }
- }
- }
- return (stripePaymentMethod, paymentMethodType);
- }
-
- public async Task PurchasePremiumAsync(User user, PaymentMethodType paymentMethodType,
- string paymentToken, short additionalStorageGb, TaxInfo taxInfo)
- {
- if (paymentMethodType != PaymentMethodType.Credit && string.IsNullOrWhiteSpace(paymentToken))
- {
- throw new BadRequestException("Payment token is required.");
- }
- if (paymentMethodType == PaymentMethodType.Credit &&
- (user.Gateway != GatewayType.Stripe || string.IsNullOrWhiteSpace(user.GatewayCustomerId)))
- {
- throw new BadRequestException("Your account does not have any credit available.");
- }
- if (paymentMethodType is PaymentMethodType.BankAccount)
- {
- throw new GatewayException("Payment method is not supported at this time.");
- }
-
- var createdStripeCustomer = false;
- Customer customer = null;
- Braintree.Customer braintreeCustomer = null;
- var stripePaymentMethod = paymentMethodType is PaymentMethodType.Card or PaymentMethodType.BankAccount
- or PaymentMethodType.Credit;
-
- string stipeCustomerPaymentMethodId = null;
- string stipeCustomerSourceToken = null;
- if (stripePaymentMethod && !string.IsNullOrWhiteSpace(paymentToken))
- {
- if (paymentToken.StartsWith("pm_"))
- {
- stipeCustomerPaymentMethodId = paymentToken;
- }
- else
- {
- stipeCustomerSourceToken = paymentToken;
- }
- }
-
- if (user.Gateway == GatewayType.Stripe && !string.IsNullOrWhiteSpace(user.GatewayCustomerId))
- {
- if (!string.IsNullOrWhiteSpace(paymentToken))
- {
- await UpdatePaymentMethodAsync(user, paymentMethodType, paymentToken, taxInfo);
- }
-
- try
- {
- var customerGetOptions = new CustomerGetOptions();
- customerGetOptions.AddExpand("tax");
- customer = await _stripeAdapter.CustomerGetAsync(user.GatewayCustomerId, customerGetOptions);
- }
- catch
- {
- _logger.LogWarning(
- "Attempted to get existing customer from Stripe, but customer ID was not found. Attempting to recreate customer...");
- }
- }
-
- if (customer == null && !string.IsNullOrWhiteSpace(paymentToken))
- {
- var stripeCustomerMetadata = new Dictionary
- {
- { "region", _globalSettings.BaseServiceUri.CloudRegion }
- };
- if (paymentMethodType == PaymentMethodType.PayPal)
- {
- var randomSuffix = Utilities.CoreHelpers.RandomString(3, upper: false, numeric: false);
- var customerResult = await _btGateway.Customer.CreateAsync(new Braintree.CustomerRequest
- {
- PaymentMethodNonce = paymentToken,
- Email = user.Email,
- Id = user.BraintreeCustomerIdPrefix() + user.Id.ToString("N").ToLower() + randomSuffix,
- CustomFields = new Dictionary
- {
- [user.BraintreeIdField()] = user.Id.ToString(),
- [user.BraintreeCloudRegionField()] = _globalSettings.BaseServiceUri.CloudRegion
- }
- });
-
- if (!customerResult.IsSuccess() || customerResult.Target.PaymentMethods.Length == 0)
- {
- throw new GatewayException("Failed to create PayPal customer record.");
- }
-
- braintreeCustomer = customerResult.Target;
- stripeCustomerMetadata.Add("btCustomerId", braintreeCustomer.Id);
- }
- else if (!stripePaymentMethod)
- {
- throw new GatewayException("Payment method is not supported at this time.");
- }
-
- var customerCreateOptions = new CustomerCreateOptions
- {
- Description = user.Name,
- Email = user.Email,
- Metadata = stripeCustomerMetadata,
- PaymentMethod = stipeCustomerPaymentMethodId,
- Source = stipeCustomerSourceToken,
- InvoiceSettings = new CustomerInvoiceSettingsOptions
- {
- DefaultPaymentMethod = stipeCustomerPaymentMethodId,
- CustomFields =
- [
- new CustomerInvoiceSettingsCustomFieldOptions()
- {
- Name = user.SubscriberType(),
- Value = GetFirstThirtyCharacters(user.SubscriberName()),
- }
-
- ]
- },
- Address = new AddressOptions
- {
- Line1 = string.Empty,
- Country = taxInfo.BillingAddressCountry,
- PostalCode = taxInfo.BillingAddressPostalCode,
- },
- };
- customerCreateOptions.AddExpand("tax");
- customer = await _stripeAdapter.CustomerCreateAsync(customerCreateOptions);
- createdStripeCustomer = true;
- }
-
- if (customer == null)
- {
- throw new GatewayException("Could not set up customer payment profile.");
- }
-
- var subCreateOptions = new SubscriptionCreateOptions
- {
- Customer = customer.Id,
- Items = [],
- Metadata = new Dictionary
- {
- [user.GatewayIdField()] = user.Id.ToString()
- }
- };
-
- subCreateOptions.Items.Add(new SubscriptionItemOptions
- {
- Plan = PremiumPlanId,
- Quantity = 1
- });
-
- if (additionalStorageGb > 0)
- {
- subCreateOptions.Items.Add(new SubscriptionItemOptions
- {
- Plan = StoragePlanId,
- Quantity = additionalStorageGb
- });
- }
-
- subCreateOptions.EnableAutomaticTax(customer);
-
- var subscription = await ChargeForNewSubscriptionAsync(user, customer, createdStripeCustomer,
- stripePaymentMethod, paymentMethodType, subCreateOptions, braintreeCustomer);
-
- user.Gateway = GatewayType.Stripe;
- user.GatewayCustomerId = customer.Id;
- user.GatewaySubscriptionId = subscription.Id;
-
- if (subscription.Status == "incomplete" &&
- subscription.LatestInvoice?.PaymentIntent?.Status == "requires_action")
- {
- return subscription.LatestInvoice.PaymentIntent.ClientSecret;
- }
-
- user.Premium = true;
- user.PremiumExpirationDate = subscription.CurrentPeriodEnd;
- return null;
- }
-
- private async Task ChargeForNewSubscriptionAsync(ISubscriber subscriber, Customer customer,
- bool createdStripeCustomer, bool stripePaymentMethod, PaymentMethodType paymentMethodType,
- SubscriptionCreateOptions subCreateOptions, Braintree.Customer braintreeCustomer)
- {
- var addedCreditToStripeCustomer = false;
- Braintree.Transaction braintreeTransaction = null;
-
- var subInvoiceMetadata = new Dictionary();
- Subscription subscription = null;
- try
- {
- if (!stripePaymentMethod)
- {
- var previewInvoice = await _stripeAdapter.InvoiceUpcomingAsync(new UpcomingInvoiceOptions
- {
- Customer = customer.Id,
- SubscriptionItems = ToInvoiceSubscriptionItemOptions(subCreateOptions.Items)
- });
-
- if (customer.HasTaxLocationVerified())
- {
- previewInvoice.AutomaticTax = new InvoiceAutomaticTax { Enabled = true };
- }
-
- if (previewInvoice.AmountDue > 0)
- {
- var braintreeCustomerId = customer.Metadata != null &&
- customer.Metadata.ContainsKey("btCustomerId") ? customer.Metadata["btCustomerId"] : null;
- if (!string.IsNullOrWhiteSpace(braintreeCustomerId))
- {
- var btInvoiceAmount = (previewInvoice.AmountDue / 100M);
- var transactionResult = await _btGateway.Transaction.SaleAsync(
- new Braintree.TransactionRequest
- {
- Amount = btInvoiceAmount,
- CustomerId = braintreeCustomerId,
- Options = new Braintree.TransactionOptionsRequest
- {
- SubmitForSettlement = true,
- PayPal = new Braintree.TransactionOptionsPayPalRequest
- {
- CustomField = $"{subscriber.BraintreeIdField()}:{subscriber.Id},{subscriber.BraintreeCloudRegionField()}:{_globalSettings.BaseServiceUri.CloudRegion}"
- }
- },
- CustomFields = new Dictionary
- {
- [subscriber.BraintreeIdField()] = subscriber.Id.ToString(),
- [subscriber.BraintreeCloudRegionField()] = _globalSettings.BaseServiceUri.CloudRegion
- }
- });
-
- if (!transactionResult.IsSuccess())
- {
- throw new GatewayException("Failed to charge PayPal customer.");
- }
-
- braintreeTransaction = transactionResult.Target;
- subInvoiceMetadata.Add("btTransactionId", braintreeTransaction.Id);
- subInvoiceMetadata.Add("btPayPalTransactionId",
- braintreeTransaction.PayPalDetails.AuthorizationId);
- }
- else
- {
- throw new GatewayException("No payment was able to be collected.");
- }
-
- await _stripeAdapter.CustomerUpdateAsync(customer.Id, new CustomerUpdateOptions
- {
- Balance = customer.Balance - previewInvoice.AmountDue
- });
- addedCreditToStripeCustomer = true;
- }
- }
- else if (paymentMethodType == PaymentMethodType.Credit)
- {
- var upcomingInvoiceOptions = new UpcomingInvoiceOptions
- {
- Customer = customer.Id,
- SubscriptionItems = ToInvoiceSubscriptionItemOptions(subCreateOptions.Items),
- SubscriptionDefaultTaxRates = subCreateOptions.DefaultTaxRates,
- };
-
- upcomingInvoiceOptions.EnableAutomaticTax(customer, null);
-
- var previewInvoice = await _stripeAdapter.InvoiceUpcomingAsync(upcomingInvoiceOptions);
-
- if (previewInvoice.AmountDue > 0)
- {
- throw new GatewayException("Your account does not have enough credit available.");
- }
- }
-
- subCreateOptions.OffSession = true;
- subCreateOptions.AddExpand("latest_invoice.payment_intent");
-
- subscription = await _stripeAdapter.SubscriptionCreateAsync(subCreateOptions);
- if (subscription.Status == "incomplete" && subscription.LatestInvoice?.PaymentIntent != null)
- {
- if (subscription.LatestInvoice.PaymentIntent.Status == "requires_payment_method")
- {
- await _stripeAdapter.SubscriptionCancelAsync(subscription.Id, new SubscriptionCancelOptions());
- throw new GatewayException("Payment method was declined.");
- }
- }
-
- if (!stripePaymentMethod && subInvoiceMetadata.Any())
- {
- var invoices = await _stripeAdapter.InvoiceListAsync(new StripeInvoiceListOptions
- {
- Subscription = subscription.Id
- });
-
- var invoice = invoices?.FirstOrDefault();
- if (invoice == null)
- {
- throw new GatewayException("Invoice not found.");
- }
-
- await _stripeAdapter.InvoiceUpdateAsync(invoice.Id, new InvoiceUpdateOptions
- {
- Metadata = subInvoiceMetadata
- });
- }
-
- return subscription;
- }
- catch (Exception e)
- {
- if (customer != null)
- {
- if (createdStripeCustomer)
- {
- await _stripeAdapter.CustomerDeleteAsync(customer.Id);
- }
- else if (addedCreditToStripeCustomer || customer.Balance < 0)
- {
- await _stripeAdapter.CustomerUpdateAsync(customer.Id, new CustomerUpdateOptions
- {
- Balance = customer.Balance
- });
- }
- }
- if (braintreeTransaction != null)
- {
- await _btGateway.Transaction.RefundAsync(braintreeTransaction.Id);
- }
- if (braintreeCustomer != null)
- {
- await _btGateway.Customer.DeleteAsync(braintreeCustomer.Id);
- }
-
- if (e is StripeException strEx &&
- (strEx.StripeError?.Message?.Contains("cannot be used because it is not verified") ?? false))
- {
- throw new GatewayException("Bank account is not yet verified.");
- }
-
- throw;
- }
- }
-
- private List ToInvoiceSubscriptionItemOptions(
- List subItemOptions)
- {
- return subItemOptions.Select(si => new InvoiceSubscriptionItemOptions
- {
- Plan = si.Plan,
- Price = si.Price,
- Quantity = si.Quantity,
- Id = si.Id
- }).ToList();
- }
-
private async Task FinalizeSubscriptionChangeAsync(ISubscriber subscriber,
SubscriptionUpdate subscriptionUpdate, bool invoiceNow = false)
{
@@ -1400,7 +711,7 @@ public class StripePaymentService : IPaymentService
new CustomerInvoiceSettingsCustomFieldOptions()
{
Name = subscriber.SubscriberType(),
- Value = GetFirstThirtyCharacters(subscriber.SubscriberName()),
+ Value = subscriber.GetFormattedInvoiceName()
}
]
@@ -1492,7 +803,7 @@ public class StripePaymentService : IPaymentService
new CustomerInvoiceSettingsCustomFieldOptions()
{
Name = subscriber.SubscriberType(),
- Value = GetFirstThirtyCharacters(subscriber.SubscriberName())
+ Value = subscriber.GetFormattedInvoiceName()
}
]
},
@@ -1560,7 +871,7 @@ public class StripePaymentService : IPaymentService
var customer = await GetCustomerAsync(subscriber.GatewayCustomerId, GetCustomerPaymentOptions());
var billingInfo = new BillingInfo
{
- Balance = GetBillingBalance(customer),
+ Balance = customer.GetBillingBalance(),
PaymentSource = await GetBillingPaymentSourceAsync(customer)
};
@@ -1768,27 +1079,6 @@ public class StripePaymentService : IPaymentService
new SecretsManagerSubscribeUpdate(org, plan, additionalSmSeats, additionalServiceAccount),
true);
- public async Task RisksSubscriptionFailure(Organization organization)
- {
- var subscriptionInfo = await GetSubscriptionAsync(organization);
-
- if (subscriptionInfo.Subscription is not
- {
- Status: "active" or "trialing" or "past_due",
- CollectionMethod: "charge_automatically"
- }
- || subscriptionInfo.UpcomingInvoice == null)
- {
- return false;
- }
-
- var customer = await GetCustomerAsync(organization.GatewayCustomerId, GetCustomerPaymentOptions());
-
- var paymentSource = await GetBillingPaymentSourceAsync(customer);
-
- return paymentSource == null;
- }
-
public async Task HasSecretsManagerStandalone(Organization organization)
{
if (string.IsNullOrEmpty(organization.GatewayCustomerId))
@@ -1801,7 +1091,7 @@ public class StripePaymentService : IPaymentService
return customer?.Discount?.Coupon?.Id == SecretsManagerStandaloneDiscountId;
}
- public async Task<(DateTime?, DateTime?)> GetSuspensionDateAsync(Subscription subscription)
+ private async Task<(DateTime?, DateTime?)> GetSuspensionDateAsync(Subscription subscription)
{
if (subscription.Status is not "past_due" && subscription.Status is not "unpaid")
{
@@ -2117,11 +1407,6 @@ public class StripePaymentService : IPaymentService
return cardPaymentMethods.OrderByDescending(m => m.Created).FirstOrDefault();
}
- private decimal GetBillingBalance(Customer customer)
- {
- return customer != null ? customer.Balance / 100M : default;
- }
-
private async Task GetBillingPaymentSourceAsync(Customer customer)
{
if (customer == null)
@@ -2252,18 +1537,4 @@ public class StripePaymentService : IPaymentService
throw new GatewayException("Failed to retrieve current invoices", exception);
}
}
-
- // We are taking only first 30 characters of the SubscriberName because stripe provide
- // for 30 characters for custom_fields,see the link: https://stripe.com/docs/api/invoices/create
- private static string GetFirstThirtyCharacters(string subscriberName)
- {
- if (string.IsNullOrWhiteSpace(subscriberName))
- {
- return string.Empty;
- }
-
- return subscriberName.Length <= 30
- ? subscriberName
- : subscriberName[..30];
- }
}
diff --git a/test/Core.Test/Extensions/SubscriberExtensionsTests.cs b/test/Core.Test/Extensions/SubscriberExtensionsTests.cs
new file mode 100644
index 0000000000..e0b4cfd9f2
--- /dev/null
+++ b/test/Core.Test/Extensions/SubscriberExtensionsTests.cs
@@ -0,0 +1,23 @@
+using Bit.Core.AdminConsole.Entities.Provider;
+using Bit.Core.Billing.Extensions;
+using Xunit;
+
+namespace Bit.Core.Test.Extensions;
+
+public class SubscriberExtensionsTests
+{
+ [Theory]
+ [InlineData("Alexandria Villanueva Gonzalez Pablo", "Alexandria Villanueva Gonzalez")]
+ [InlineData("John Snow", "John Snow")]
+ public void GetFormattedInvoiceName_Returns_FirstThirtyCaractersOfName(string name, string expected)
+ {
+ // arrange
+ var provider = new Provider { Name = name };
+
+ // act
+ var actual = provider.GetFormattedInvoiceName();
+
+ // assert
+ Assert.Equal(expected, actual);
+ }
+}
diff --git a/test/Core.Test/Services/StripePaymentServiceTests.cs b/test/Core.Test/Services/StripePaymentServiceTests.cs
deleted file mode 100644
index 11a19656e1..0000000000
--- a/test/Core.Test/Services/StripePaymentServiceTests.cs
+++ /dev/null
@@ -1,828 +0,0 @@
-using Bit.Core.AdminConsole.Entities;
-using Bit.Core.Billing.Enums;
-using Bit.Core.Billing.Services;
-using Bit.Core.Enums;
-using Bit.Core.Exceptions;
-using Bit.Core.Models.Business;
-using Bit.Core.Services;
-using Bit.Core.Settings;
-using Bit.Core.Utilities;
-using Bit.Test.Common.AutoFixture;
-using Bit.Test.Common.AutoFixture.Attributes;
-using Braintree;
-using NSubstitute;
-using Xunit;
-using Customer = Braintree.Customer;
-using PaymentMethod = Braintree.PaymentMethod;
-using PaymentMethodType = Bit.Core.Enums.PaymentMethodType;
-
-namespace Bit.Core.Test.Services;
-
-[SutProviderCustomize]
-public class StripePaymentServiceTests
-{
- [Theory]
- [BitAutoData(PaymentMethodType.BitPay)]
- [BitAutoData(PaymentMethodType.BitPay)]
- [BitAutoData(PaymentMethodType.Credit)]
- [BitAutoData(PaymentMethodType.WireTransfer)]
- [BitAutoData(PaymentMethodType.Check)]
- public async Task PurchaseOrganizationAsync_Invalid(PaymentMethodType paymentMethodType, SutProvider sutProvider)
- {
- var exception = await Assert.ThrowsAsync(
- () => sutProvider.Sut.PurchaseOrganizationAsync(null, paymentMethodType, null, null, 0, 0, false, null, false, -1, -1));
-
- Assert.Equal("Payment method is not supported at this time.", exception.Message);
- }
-
- [Theory, BitAutoData]
- public async Task PurchaseOrganizationAsync_Stripe_ProviderOrg_Coupon_Add(SutProvider sutProvider, Organization organization, string paymentToken, TaxInfo taxInfo, bool provider = true)
- {
- var plan = StaticStore.GetPlan(PlanType.EnterpriseAnnually);
-
- sutProvider
- .GetDependency()
- .GetStripeTaxCode(Arg.Is(p => p == taxInfo.BillingAddressCountry), Arg.Is(p => p == taxInfo.TaxIdNumber))
- .Returns(taxInfo.TaxIdType);
-
- var stripeAdapter = sutProvider.GetDependency();
- stripeAdapter.CustomerCreateAsync(default).ReturnsForAnyArgs(new Stripe.Customer
- {
- Id = "C-1",
- });
- stripeAdapter.SubscriptionCreateAsync(default).ReturnsForAnyArgs(new Stripe.Subscription
- {
- Id = "S-1",
- CurrentPeriodEnd = DateTime.Today.AddDays(10),
- });
- sutProvider.GetDependency()
- .BaseServiceUri.CloudRegion
- .Returns("US");
-
- var result = await sutProvider.Sut.PurchaseOrganizationAsync(organization, PaymentMethodType.Card, paymentToken, plan, 0, 0, false, taxInfo, provider);
-
- Assert.Null(result);
- Assert.Equal(GatewayType.Stripe, organization.Gateway);
- Assert.Equal("C-1", organization.GatewayCustomerId);
- Assert.Equal("S-1", organization.GatewaySubscriptionId);
- Assert.True(organization.Enabled);
- Assert.Equal(DateTime.Today.AddDays(10), organization.ExpirationDate);
-
- await stripeAdapter.Received().CustomerCreateAsync(Arg.Is(c =>
- c.Description == organization.BusinessName &&
- c.Email == organization.BillingEmail &&
- c.Source == paymentToken &&
- c.PaymentMethod == null &&
- c.Coupon == "msp-discount-35" &&
- c.Metadata.Count == 1 &&
- c.Metadata["region"] == "US" &&
- c.InvoiceSettings.DefaultPaymentMethod == null &&
- c.Address.Country == taxInfo.BillingAddressCountry &&
- c.Address.PostalCode == taxInfo.BillingAddressPostalCode &&
- c.Address.Line1 == taxInfo.BillingAddressLine1 &&
- c.Address.Line2 == taxInfo.BillingAddressLine2 &&
- c.Address.City == taxInfo.BillingAddressCity &&
- c.Address.State == taxInfo.BillingAddressState &&
- c.TaxIdData.First().Value == taxInfo.TaxIdNumber &&
- c.TaxIdData.First().Type == taxInfo.TaxIdType
- ));
-
- await stripeAdapter.Received().SubscriptionCreateAsync(Arg.Is(s =>
- s.Customer == "C-1" &&
- s.Expand[0] == "latest_invoice.payment_intent" &&
- s.Metadata[organization.GatewayIdField()] == organization.Id.ToString() &&
- s.Items.Count == 0
- ));
- }
-
- [Theory, BitAutoData]
- public async Task PurchaseOrganizationAsync_SM_Stripe_ProviderOrg_Coupon_Add(SutProvider sutProvider, Organization organization,
- string paymentToken, TaxInfo taxInfo, bool provider = true)
- {
- var plan = StaticStore.GetPlan(PlanType.EnterpriseAnnually);
- organization.UseSecretsManager = true;
-
- sutProvider
- .GetDependency()
- .GetStripeTaxCode(Arg.Is(p => p == taxInfo.BillingAddressCountry), Arg.Is(p => p == taxInfo.TaxIdNumber))
- .Returns(taxInfo.TaxIdType);
-
- var stripeAdapter = sutProvider.GetDependency();
- stripeAdapter.CustomerCreateAsync(default).ReturnsForAnyArgs(new Stripe.Customer
- {
- Id = "C-1",
- });
- stripeAdapter.SubscriptionCreateAsync(default).ReturnsForAnyArgs(new Stripe.Subscription
- {
- Id = "S-1",
- CurrentPeriodEnd = DateTime.Today.AddDays(10),
-
- });
- sutProvider.GetDependency()
- .BaseServiceUri.CloudRegion
- .Returns("US");
-
- var result = await sutProvider.Sut.PurchaseOrganizationAsync(organization, PaymentMethodType.Card, paymentToken, plan, 1, 1,
- false, taxInfo, provider, 1, 1);
-
- Assert.Null(result);
- Assert.Equal(GatewayType.Stripe, organization.Gateway);
- Assert.Equal("C-1", organization.GatewayCustomerId);
- Assert.Equal("S-1", organization.GatewaySubscriptionId);
- Assert.True(organization.Enabled);
- Assert.Equal(DateTime.Today.AddDays(10), organization.ExpirationDate);
-
- await stripeAdapter.Received().CustomerCreateAsync(Arg.Is(c =>
- c.Description == organization.BusinessName &&
- c.Email == organization.BillingEmail &&
- c.Source == paymentToken &&
- c.PaymentMethod == null &&
- c.Coupon == "msp-discount-35" &&
- c.Metadata.Count == 1 &&
- c.Metadata["region"] == "US" &&
- c.InvoiceSettings.DefaultPaymentMethod == null &&
- c.Address.Country == taxInfo.BillingAddressCountry &&
- c.Address.PostalCode == taxInfo.BillingAddressPostalCode &&
- c.Address.Line1 == taxInfo.BillingAddressLine1 &&
- c.Address.Line2 == taxInfo.BillingAddressLine2 &&
- c.Address.City == taxInfo.BillingAddressCity &&
- c.Address.State == taxInfo.BillingAddressState &&
- c.TaxIdData.First().Value == taxInfo.TaxIdNumber &&
- c.TaxIdData.First().Type == taxInfo.TaxIdType
- ));
-
- await stripeAdapter.Received().SubscriptionCreateAsync(Arg.Is(s =>
- s.Customer == "C-1" &&
- s.Expand[0] == "latest_invoice.payment_intent" &&
- s.Metadata[organization.GatewayIdField()] == organization.Id.ToString() &&
- s.Items.Count == 4
- ));
- }
-
- [Theory, BitAutoData]
- public async Task PurchaseOrganizationAsync_Stripe(SutProvider sutProvider, Organization organization, string paymentToken, TaxInfo taxInfo)
- {
- var plan = StaticStore.GetPlan(PlanType.EnterpriseAnnually);
- organization.UseSecretsManager = true;
-
- sutProvider
- .GetDependency()
- .GetStripeTaxCode(Arg.Is(p => p == taxInfo.BillingAddressCountry), Arg.Is(p => p == taxInfo.TaxIdNumber))
- .Returns(taxInfo.TaxIdType);
-
- var stripeAdapter = sutProvider.GetDependency();
- stripeAdapter.CustomerCreateAsync(default).ReturnsForAnyArgs(new Stripe.Customer
- {
- Id = "C-1",
- });
- stripeAdapter.SubscriptionCreateAsync(default).ReturnsForAnyArgs(new Stripe.Subscription
- {
- Id = "S-1",
- CurrentPeriodEnd = DateTime.Today.AddDays(10),
- });
- sutProvider.GetDependency()
- .BaseServiceUri.CloudRegion
- .Returns("US");
-
- var result = await sutProvider.Sut.PurchaseOrganizationAsync(organization, PaymentMethodType.Card, paymentToken, plan, 0, 0
- , false, taxInfo, false, 8, 10);
-
- Assert.Null(result);
- Assert.Equal(GatewayType.Stripe, organization.Gateway);
- Assert.Equal("C-1", organization.GatewayCustomerId);
- Assert.Equal("S-1", organization.GatewaySubscriptionId);
- Assert.True(organization.Enabled);
- Assert.Equal(DateTime.Today.AddDays(10), organization.ExpirationDate);
- await stripeAdapter.Received().CustomerCreateAsync(Arg.Is(c =>
- c.Description == organization.BusinessName &&
- c.Email == organization.BillingEmail &&
- c.Source == paymentToken &&
- c.PaymentMethod == null &&
- c.Metadata.Count == 1 &&
- c.Metadata["region"] == "US" &&
- c.InvoiceSettings.DefaultPaymentMethod == null &&
- c.InvoiceSettings.CustomFields != null &&
- c.InvoiceSettings.CustomFields[0].Name == "Organization" &&
- c.InvoiceSettings.CustomFields[0].Value == organization.SubscriberName().Substring(0, 30) &&
- c.Address.Country == taxInfo.BillingAddressCountry &&
- c.Address.PostalCode == taxInfo.BillingAddressPostalCode &&
- c.Address.Line1 == taxInfo.BillingAddressLine1 &&
- c.Address.Line2 == taxInfo.BillingAddressLine2 &&
- c.Address.City == taxInfo.BillingAddressCity &&
- c.Address.State == taxInfo.BillingAddressState &&
- c.TaxIdData.First().Value == taxInfo.TaxIdNumber &&
- c.TaxIdData.First().Type == taxInfo.TaxIdType
- ));
-
- await stripeAdapter.Received().SubscriptionCreateAsync(Arg.Is(s =>
- s.Customer == "C-1" &&
- s.Expand[0] == "latest_invoice.payment_intent" &&
- s.Metadata[organization.GatewayIdField()] == organization.Id.ToString() &&
- s.Items.Count == 2
- ));
- }
-
- [Theory, BitAutoData]
- public async Task PurchaseOrganizationAsync_Stripe_PM(SutProvider sutProvider, Organization organization, string paymentToken, TaxInfo taxInfo)
- {
- var plan = StaticStore.GetPlan(PlanType.EnterpriseAnnually);
- paymentToken = "pm_" + paymentToken;
-
- sutProvider
- .GetDependency()
- .GetStripeTaxCode(Arg.Is(p => p == taxInfo.BillingAddressCountry), Arg.Is(p => p == taxInfo.TaxIdNumber))
- .Returns(taxInfo.TaxIdType);
-
- var stripeAdapter = sutProvider.GetDependency();
- stripeAdapter.CustomerCreateAsync(default).ReturnsForAnyArgs(new Stripe.Customer
- {
- Id = "C-1",
- });
- stripeAdapter.SubscriptionCreateAsync(default).ReturnsForAnyArgs(new Stripe.Subscription
- {
- Id = "S-1",
- CurrentPeriodEnd = DateTime.Today.AddDays(10),
- });
- sutProvider.GetDependency()
- .BaseServiceUri.CloudRegion
- .Returns("US");
-
- var result = await sutProvider.Sut.PurchaseOrganizationAsync(organization, PaymentMethodType.Card, paymentToken, plan, 0, 0, false, taxInfo);
-
- Assert.Null(result);
- Assert.Equal(GatewayType.Stripe, organization.Gateway);
- Assert.Equal("C-1", organization.GatewayCustomerId);
- Assert.Equal("S-1", organization.GatewaySubscriptionId);
- Assert.True(organization.Enabled);
- Assert.Equal(DateTime.Today.AddDays(10), organization.ExpirationDate);
-
- await stripeAdapter.Received().CustomerCreateAsync(Arg.Is(c =>
- c.Description == organization.BusinessName &&
- c.Email == organization.BillingEmail &&
- c.Source == null &&
- c.PaymentMethod == paymentToken &&
- c.Metadata.Count == 1 &&
- c.Metadata["region"] == "US" &&
- c.InvoiceSettings.DefaultPaymentMethod == paymentToken &&
- c.InvoiceSettings.CustomFields != null &&
- c.InvoiceSettings.CustomFields[0].Name == "Organization" &&
- c.InvoiceSettings.CustomFields[0].Value == organization.SubscriberName().Substring(0, 30) &&
- c.Address.Country == taxInfo.BillingAddressCountry &&
- c.Address.PostalCode == taxInfo.BillingAddressPostalCode &&
- c.Address.Line1 == taxInfo.BillingAddressLine1 &&
- c.Address.Line2 == taxInfo.BillingAddressLine2 &&
- c.Address.City == taxInfo.BillingAddressCity &&
- c.Address.State == taxInfo.BillingAddressState &&
- c.TaxIdData.First().Value == taxInfo.TaxIdNumber &&
- c.TaxIdData.First().Type == taxInfo.TaxIdType
- ));
-
- await stripeAdapter.Received().SubscriptionCreateAsync(Arg.Is(s =>
- s.Customer == "C-1" &&
- s.Expand[0] == "latest_invoice.payment_intent" &&
- s.Metadata[organization.GatewayIdField()] == organization.Id.ToString() &&
- s.Items.Count == 0
- ));
- }
-
- [Theory, BitAutoData]
- public async Task PurchaseOrganizationAsync_Stripe_Declined(SutProvider sutProvider, Organization organization, string paymentToken, TaxInfo taxInfo)
- {
- var plan = StaticStore.GetPlan(PlanType.EnterpriseAnnually);
- paymentToken = "pm_" + paymentToken;
-
- var stripeAdapter = sutProvider.GetDependency();
- stripeAdapter.CustomerCreateAsync(default).ReturnsForAnyArgs(new Stripe.Customer
- {
- Id = "C-1",
- });
- stripeAdapter.SubscriptionCreateAsync(default).ReturnsForAnyArgs(new Stripe.Subscription
- {
- Id = "S-1",
- CurrentPeriodEnd = DateTime.Today.AddDays(10),
- Status = "incomplete",
- LatestInvoice = new Stripe.Invoice
- {
- PaymentIntent = new Stripe.PaymentIntent
- {
- Status = "requires_payment_method",
- },
- },
- });
-
- var exception = await Assert.ThrowsAsync(
- () => sutProvider.Sut.PurchaseOrganizationAsync(organization, PaymentMethodType.Card, paymentToken, plan, 0, 0, false, taxInfo));
-
- Assert.Equal("Payment method was declined.", exception.Message);
-
- await stripeAdapter.Received(1).CustomerDeleteAsync("C-1");
- }
-
- [Theory, BitAutoData]
- public async Task PurchaseOrganizationAsync_SM_Stripe_Declined(SutProvider sutProvider, Organization organization, string paymentToken, TaxInfo taxInfo)
- {
- var plan = StaticStore.GetPlan(PlanType.EnterpriseAnnually);
- paymentToken = "pm_" + paymentToken;
-
- var stripeAdapter = sutProvider.GetDependency();
- stripeAdapter.CustomerCreateAsync(default).ReturnsForAnyArgs(new Stripe.Customer
- {
- Id = "C-1",
- });
- stripeAdapter.SubscriptionCreateAsync(default).ReturnsForAnyArgs(new Stripe.Subscription
- {
- Id = "S-1",
- CurrentPeriodEnd = DateTime.Today.AddDays(10),
- Status = "incomplete",
- LatestInvoice = new Stripe.Invoice
- {
- PaymentIntent = new Stripe.PaymentIntent
- {
- Status = "requires_payment_method",
- },
- },
- });
-
- var exception = await Assert.ThrowsAsync(
- () => sutProvider.Sut.PurchaseOrganizationAsync(organization, PaymentMethodType.Card, paymentToken, plan,
- 1, 12, false, taxInfo, false, 10, 10));
-
- Assert.Equal("Payment method was declined.", exception.Message);
-
- await stripeAdapter.Received(1).CustomerDeleteAsync("C-1");
- }
-
- [Theory, BitAutoData]
- public async Task PurchaseOrganizationAsync_Stripe_RequiresAction(SutProvider sutProvider, Organization organization, string paymentToken, TaxInfo taxInfo)
- {
- var plan = StaticStore.GetPlan(PlanType.EnterpriseAnnually);
-
- var stripeAdapter = sutProvider.GetDependency();
- stripeAdapter.CustomerCreateAsync(default).ReturnsForAnyArgs(new Stripe.Customer
- {
- Id = "C-1",
- });
- stripeAdapter.SubscriptionCreateAsync(default).ReturnsForAnyArgs(new Stripe.Subscription
- {
- Id = "S-1",
- CurrentPeriodEnd = DateTime.Today.AddDays(10),
- Status = "incomplete",
- LatestInvoice = new Stripe.Invoice
- {
- PaymentIntent = new Stripe.PaymentIntent
- {
- Status = "requires_action",
- ClientSecret = "clientSecret",
- },
- },
- });
-
- var result = await sutProvider.Sut.PurchaseOrganizationAsync(organization, PaymentMethodType.Card, paymentToken, plan, 0, 0, false, taxInfo);
-
- Assert.Equal("clientSecret", result);
- Assert.False(organization.Enabled);
- }
-
- [Theory, BitAutoData]
- public async Task PurchaseOrganizationAsync_SM_Stripe_RequiresAction(SutProvider sutProvider, Organization organization, string paymentToken, TaxInfo taxInfo)
- {
- var plan = StaticStore.GetPlan(PlanType.EnterpriseAnnually);
-
- var stripeAdapter = sutProvider.GetDependency();
- stripeAdapter.CustomerCreateAsync(default).ReturnsForAnyArgs(new Stripe.Customer
- {
- Id = "C-1",
- });
- stripeAdapter.SubscriptionCreateAsync(default).ReturnsForAnyArgs(new Stripe.Subscription
- {
- Id = "S-1",
- CurrentPeriodEnd = DateTime.Today.AddDays(10),
- Status = "incomplete",
- LatestInvoice = new Stripe.Invoice
- {
- PaymentIntent = new Stripe.PaymentIntent
- {
- Status = "requires_action",
- ClientSecret = "clientSecret",
- },
- },
- });
-
- var result = await sutProvider.Sut.PurchaseOrganizationAsync(organization, PaymentMethodType.Card, paymentToken, plan,
- 10, 10, false, taxInfo, false, 10, 10);
-
- Assert.Equal("clientSecret", result);
- Assert.False(organization.Enabled);
- }
-
- [Theory, BitAutoData]
- public async Task PurchaseOrganizationAsync_Paypal(SutProvider sutProvider, Organization organization, string paymentToken, TaxInfo taxInfo)
- {
- var plan = StaticStore.GetPlan(PlanType.EnterpriseAnnually);
-
- sutProvider
- .GetDependency()
- .GetStripeTaxCode(Arg.Is(p => p == taxInfo.BillingAddressCountry), Arg.Is(p => p == taxInfo.TaxIdNumber))
- .Returns(taxInfo.TaxIdType);
-
- var stripeAdapter = sutProvider.GetDependency();
- stripeAdapter.CustomerCreateAsync(default).ReturnsForAnyArgs(new Stripe.Customer
- {
- Id = "C-1",
- });
- stripeAdapter.SubscriptionCreateAsync(default).ReturnsForAnyArgs(new Stripe.Subscription
- {
- Id = "S-1",
- CurrentPeriodEnd = DateTime.Today.AddDays(10),
- });
-
- sutProvider.GetDependency()
- .BaseServiceUri.CloudRegion
- .Returns("US");
-
- var customer = Substitute.For();
- customer.Id.ReturnsForAnyArgs("Braintree-Id");
- customer.PaymentMethods.ReturnsForAnyArgs(new[] { Substitute.For() });
- var customerResult = Substitute.For>();
- customerResult.IsSuccess().Returns(true);
- customerResult.Target.ReturnsForAnyArgs(customer);
-
- var braintreeGateway = sutProvider.GetDependency();
- braintreeGateway.Customer.CreateAsync(default).ReturnsForAnyArgs(customerResult);
-
- var result = await sutProvider.Sut.PurchaseOrganizationAsync(organization, PaymentMethodType.PayPal, paymentToken, plan, 0, 0, false, taxInfo);
-
- Assert.Null(result);
- Assert.Equal(GatewayType.Stripe, organization.Gateway);
- Assert.Equal("C-1", organization.GatewayCustomerId);
- Assert.Equal("S-1", organization.GatewaySubscriptionId);
- Assert.True(organization.Enabled);
- Assert.Equal(DateTime.Today.AddDays(10), organization.ExpirationDate);
-
- await stripeAdapter.Received().CustomerCreateAsync(Arg.Is(c =>
- c.Description == organization.BusinessName &&
- c.Email == organization.BillingEmail &&
- c.PaymentMethod == null &&
- c.Metadata.Count == 2 &&
- c.Metadata["btCustomerId"] == "Braintree-Id" &&
- c.Metadata["region"] == "US" &&
- c.InvoiceSettings.DefaultPaymentMethod == null &&
- c.Address.Country == taxInfo.BillingAddressCountry &&
- c.Address.PostalCode == taxInfo.BillingAddressPostalCode &&
- c.Address.Line1 == taxInfo.BillingAddressLine1 &&
- c.Address.Line2 == taxInfo.BillingAddressLine2 &&
- c.Address.City == taxInfo.BillingAddressCity &&
- c.Address.State == taxInfo.BillingAddressState &&
- c.TaxIdData.First().Value == taxInfo.TaxIdNumber &&
- c.TaxIdData.First().Type == taxInfo.TaxIdType
- ));
-
- await stripeAdapter.Received().SubscriptionCreateAsync(Arg.Is(s =>
- s.Customer == "C-1" &&
- s.Expand[0] == "latest_invoice.payment_intent" &&
- s.Metadata[organization.GatewayIdField()] == organization.Id.ToString() &&
- s.Items.Count == 0
- ));
- }
-
- [Theory, BitAutoData]
- public async Task PurchaseOrganizationAsync_SM_Paypal(SutProvider sutProvider, Organization organization, string paymentToken, TaxInfo taxInfo)
- {
- var plan = StaticStore.GetPlan(PlanType.EnterpriseAnnually);
- organization.UseSecretsManager = true;
-
- sutProvider
- .GetDependency()
- .GetStripeTaxCode(Arg.Is(p => p == taxInfo.BillingAddressCountry), Arg.Is(p => p == taxInfo.TaxIdNumber))
- .Returns(taxInfo.TaxIdType);
-
- var stripeAdapter = sutProvider.GetDependency();
- stripeAdapter.CustomerCreateAsync(default).ReturnsForAnyArgs(new Stripe.Customer
- {
- Id = "C-1",
- });
- stripeAdapter.SubscriptionCreateAsync(default).ReturnsForAnyArgs(new Stripe.Subscription
- {
- Id = "S-1",
- CurrentPeriodEnd = DateTime.Today.AddDays(10),
- });
-
- var customer = Substitute.For();
- customer.Id.ReturnsForAnyArgs("Braintree-Id");
- customer.PaymentMethods.ReturnsForAnyArgs(new[] { Substitute.For() });
- var customerResult = Substitute.For>();
- customerResult.IsSuccess().Returns(true);
- customerResult.Target.ReturnsForAnyArgs(customer);
-
- var braintreeGateway = sutProvider.GetDependency();
- braintreeGateway.Customer.CreateAsync(default).ReturnsForAnyArgs(customerResult);
-
- sutProvider.GetDependency()
- .BaseServiceUri.CloudRegion
- .Returns("US");
-
- var additionalStorage = (short)2;
- var additionalSeats = 10;
- var additionalSmSeats = 5;
- var additionalServiceAccounts = 20;
- var result = await sutProvider.Sut.PurchaseOrganizationAsync(organization, PaymentMethodType.PayPal, paymentToken, plan,
- additionalStorage, additionalSeats, false, taxInfo, false, additionalSmSeats, additionalServiceAccounts);
-
- Assert.Null(result);
- Assert.Equal(GatewayType.Stripe, organization.Gateway);
- Assert.Equal("C-1", organization.GatewayCustomerId);
- Assert.Equal("S-1", organization.GatewaySubscriptionId);
- Assert.True(organization.Enabled);
- Assert.Equal(DateTime.Today.AddDays(10), organization.ExpirationDate);
-
- await stripeAdapter.Received().CustomerCreateAsync(Arg.Is(c =>
- c.Description == organization.BusinessName &&
- c.Email == organization.BillingEmail &&
- c.PaymentMethod == null &&
- c.Metadata.Count == 2 &&
- c.Metadata["region"] == "US" &&
- c.Metadata["btCustomerId"] == "Braintree-Id" &&
- c.InvoiceSettings.DefaultPaymentMethod == null &&
- c.Address.Country == taxInfo.BillingAddressCountry &&
- c.Address.PostalCode == taxInfo.BillingAddressPostalCode &&
- c.Address.Line1 == taxInfo.BillingAddressLine1 &&
- c.Address.Line2 == taxInfo.BillingAddressLine2 &&
- c.Address.City == taxInfo.BillingAddressCity &&
- c.Address.State == taxInfo.BillingAddressState &&
- c.TaxIdData.First().Value == taxInfo.TaxIdNumber &&
- c.TaxIdData.First().Type == taxInfo.TaxIdType
- ));
-
- await stripeAdapter.Received().SubscriptionCreateAsync(Arg.Is(s =>
- s.Customer == "C-1" &&
- s.Expand[0] == "latest_invoice.payment_intent" &&
- s.Metadata[organization.GatewayIdField()] == organization.Id.ToString() &&
- s.Items.Count == 4 &&
- s.Items.Count(i => i.Plan == plan.PasswordManager.StripeSeatPlanId && i.Quantity == additionalSeats) == 1 &&
- s.Items.Count(i => i.Plan == plan.PasswordManager.StripeStoragePlanId && i.Quantity == additionalStorage) == 1 &&
- s.Items.Count(i => i.Plan == plan.SecretsManager.StripeSeatPlanId && i.Quantity == additionalSmSeats) == 1 &&
- s.Items.Count(i => i.Plan == plan.SecretsManager.StripeServiceAccountPlanId && i.Quantity == additionalServiceAccounts) == 1
- ));
- }
-
- [Theory, BitAutoData]
- public async Task PurchaseOrganizationAsync_Paypal_FailedCreate(SutProvider sutProvider, Organization organization, string paymentToken, TaxInfo taxInfo)
- {
- var plan = StaticStore.GetPlan(PlanType.EnterpriseAnnually);
-
- var customerResult = Substitute.For>();
- customerResult.IsSuccess().Returns(false);
-
- var braintreeGateway = sutProvider.GetDependency();
- braintreeGateway.Customer.CreateAsync(default).ReturnsForAnyArgs(customerResult);
-
- var exception = await Assert.ThrowsAsync(
- () => sutProvider.Sut.PurchaseOrganizationAsync(organization, PaymentMethodType.PayPal, paymentToken, plan, 0, 0, false, taxInfo));
-
- Assert.Equal("Failed to create PayPal customer record.", exception.Message);
- }
-
- [Theory, BitAutoData]
- public async Task PurchaseOrganizationAsync_SM_Paypal_FailedCreate(SutProvider sutProvider, Organization organization, string paymentToken, TaxInfo taxInfo)
- {
- var plan = StaticStore.GetPlan(PlanType.EnterpriseAnnually);
-
- var customerResult = Substitute.For>();
- customerResult.IsSuccess().Returns(false);
-
- var braintreeGateway = sutProvider.GetDependency();
- braintreeGateway.Customer.CreateAsync(default).ReturnsForAnyArgs(customerResult);
-
- var exception = await Assert.ThrowsAsync(
- () => sutProvider.Sut.PurchaseOrganizationAsync(organization, PaymentMethodType.PayPal, paymentToken, plan,
- 1, 1, false, taxInfo, false, 8, 8));
-
- Assert.Equal("Failed to create PayPal customer record.", exception.Message);
- }
-
- [Theory, BitAutoData]
- public async Task PurchaseOrganizationAsync_PayPal_Declined(SutProvider sutProvider, Organization organization, string paymentToken, TaxInfo taxInfo)
- {
- var plans = StaticStore.GetPlan(PlanType.EnterpriseAnnually);
- paymentToken = "pm_" + paymentToken;
-
- var stripeAdapter = sutProvider.GetDependency();
- stripeAdapter.CustomerCreateAsync(default).ReturnsForAnyArgs(new Stripe.Customer
- {
- Id = "C-1",
- });
- stripeAdapter.SubscriptionCreateAsync(default).ReturnsForAnyArgs(new Stripe.Subscription
- {
- Id = "S-1",
- CurrentPeriodEnd = DateTime.Today.AddDays(10),
- Status = "incomplete",
- LatestInvoice = new Stripe.Invoice
- {
- PaymentIntent = new Stripe.PaymentIntent
- {
- Status = "requires_payment_method",
- },
- },
- });
-
- var customer = Substitute.For();
- customer.Id.ReturnsForAnyArgs("Braintree-Id");
- customer.PaymentMethods.ReturnsForAnyArgs(new[] { Substitute.For() });
- var customerResult = Substitute.For>();
- customerResult.IsSuccess().Returns(true);
- customerResult.Target.ReturnsForAnyArgs(customer);
-
- var braintreeGateway = sutProvider.GetDependency();
- braintreeGateway.Customer.CreateAsync(default).ReturnsForAnyArgs(customerResult);
-
- var exception = await Assert.ThrowsAsync(
- () => sutProvider.Sut.PurchaseOrganizationAsync(organization, PaymentMethodType.PayPal, paymentToken, plans, 0, 0, false, taxInfo));
-
- Assert.Equal("Payment method was declined.", exception.Message);
-
- await stripeAdapter.Received(1).CustomerDeleteAsync("C-1");
- await braintreeGateway.Customer.Received(1).DeleteAsync("Braintree-Id");
- }
-
- [Theory]
- [BitAutoData("ES", "A5372895732985327895237")]
- public async Task PurchaseOrganizationAsync_ThrowsBadRequestException_WhenTaxIdInvalid(string country, string taxId, SutProvider sutProvider, Organization organization, string paymentToken, TaxInfo taxInfo)
- {
- taxInfo.BillingAddressCountry = country;
- taxInfo.TaxIdNumber = taxId;
- taxInfo.TaxIdType = null;
-
- var plan = StaticStore.GetPlan(PlanType.EnterpriseAnnually);
- organization.UseSecretsManager = true;
- var stripeAdapter = sutProvider.GetDependency();
- stripeAdapter.CustomerCreateAsync(default).ReturnsForAnyArgs(new Stripe.Customer
- {
- Id = "C-1",
- });
- stripeAdapter.SubscriptionCreateAsync(default).ReturnsForAnyArgs(new Stripe.Subscription
- {
- Id = "S-1",
- CurrentPeriodEnd = DateTime.Today.AddDays(10),
- });
- sutProvider.GetDependency()
- .BaseServiceUri.CloudRegion
- .Returns("US");
- sutProvider
- .GetDependency()
- .GetStripeTaxCode(Arg.Is(p => p == country), Arg.Is(p => p == taxId))
- .Returns((string)null);
-
- var actual = await Assert.ThrowsAsync(async () => await sutProvider.Sut.PurchaseOrganizationAsync(organization, PaymentMethodType.Card, paymentToken, plan, 0, 0, false, taxInfo, false, 8, 10));
-
- Assert.Equal("billingTaxIdTypeInferenceError", actual.Message);
-
- await stripeAdapter.Received(0).CustomerCreateAsync(Arg.Any());
- await stripeAdapter.Received(0).SubscriptionCreateAsync(Arg.Any());
- }
-
-
- [Theory, BitAutoData]
- public async Task UpgradeFreeOrganizationAsync_Success(SutProvider sutProvider,
- Organization organization, TaxInfo taxInfo)
- {
- organization.GatewaySubscriptionId = null;
- var stripeAdapter = sutProvider.GetDependency();
- stripeAdapter.CustomerGetAsync(default).ReturnsForAnyArgs(new Stripe.Customer
- {
- Id = "C-1",
- Metadata = new Dictionary
- {
- { "btCustomerId", "B-123" },
- }
- });
- stripeAdapter.CustomerUpdateAsync(default).ReturnsForAnyArgs(new Stripe.Customer
- {
- Id = "C-1",
- Metadata = new Dictionary
- {
- { "btCustomerId", "B-123" },
- }
- });
- stripeAdapter.InvoiceUpcomingAsync(default).ReturnsForAnyArgs(new Stripe.Invoice
- {
- PaymentIntent = new Stripe.PaymentIntent { Status = "requires_payment_method", },
- AmountDue = 0
- });
- stripeAdapter.SubscriptionCreateAsync(default).ReturnsForAnyArgs(new Stripe.Subscription { });
-
- var plan = StaticStore.GetPlan(PlanType.EnterpriseAnnually);
-
- var upgrade = new OrganizationUpgrade()
- {
- AdditionalStorageGb = 0,
- AdditionalSeats = 0,
- PremiumAccessAddon = false,
- TaxInfo = taxInfo,
- AdditionalSmSeats = 0,
- AdditionalServiceAccounts = 0
- };
- var result = await sutProvider.Sut.UpgradeFreeOrganizationAsync(organization, plan, upgrade);
-
- Assert.Null(result);
- }
-
- [Theory, BitAutoData]
- public async Task UpgradeFreeOrganizationAsync_SM_Success(SutProvider sutProvider,
- Organization organization, TaxInfo taxInfo)
- {
- organization.GatewaySubscriptionId = null;
- var stripeAdapter = sutProvider.GetDependency();
- stripeAdapter.CustomerGetAsync(default).ReturnsForAnyArgs(new Stripe.Customer
- {
- Id = "C-1",
- Metadata = new Dictionary
- {
- { "btCustomerId", "B-123" },
- }
- });
- stripeAdapter.CustomerUpdateAsync(default).ReturnsForAnyArgs(new Stripe.Customer
- {
- Id = "C-1",
- Metadata = new Dictionary
- {
- { "btCustomerId", "B-123" },
- }
- });
- stripeAdapter.InvoiceUpcomingAsync(default).ReturnsForAnyArgs(new Stripe.Invoice
- {
- PaymentIntent = new Stripe.PaymentIntent { Status = "requires_payment_method", },
- AmountDue = 0
- });
- stripeAdapter.SubscriptionCreateAsync(default).ReturnsForAnyArgs(new Stripe.Subscription { });
-
- var upgrade = new OrganizationUpgrade()
- {
- AdditionalStorageGb = 1,
- AdditionalSeats = 10,
- PremiumAccessAddon = false,
- TaxInfo = taxInfo,
- AdditionalSmSeats = 5,
- AdditionalServiceAccounts = 50
- };
-
- var plan = StaticStore.GetPlan(PlanType.EnterpriseAnnually);
- var result = await sutProvider.Sut.UpgradeFreeOrganizationAsync(organization, plan, upgrade);
-
- Assert.Null(result);
- }
-
- [Theory, BitAutoData]
- public async Task UpgradeFreeOrganizationAsync_WhenCustomerHasNoAddress_UpdatesCustomerAddressWithTaxInfo(
- SutProvider sutProvider,
- Organization organization,
- TaxInfo taxInfo)
- {
- organization.GatewaySubscriptionId = null;
- var stripeAdapter = sutProvider.GetDependency();
- var featureService = sutProvider.GetDependency();
- stripeAdapter.CustomerGetAsync(default).ReturnsForAnyArgs(new Stripe.Customer
- {
- Id = "C-1",
- Metadata = new Dictionary
- {
- { "btCustomerId", "B-123" },
- }
- });
- stripeAdapter.CustomerUpdateAsync(default).ReturnsForAnyArgs(new Stripe.Customer
- {
- Id = "C-1",
- Metadata = new Dictionary
- {
- { "btCustomerId", "B-123" },
- }
- });
- stripeAdapter.InvoiceUpcomingAsync(default).ReturnsForAnyArgs(new Stripe.Invoice
- {
- PaymentIntent = new Stripe.PaymentIntent { Status = "requires_payment_method", },
- AmountDue = 0
- });
- stripeAdapter.SubscriptionCreateAsync(default).ReturnsForAnyArgs(new Stripe.Subscription { });
-
- var upgrade = new OrganizationUpgrade()
- {
- AdditionalStorageGb = 1,
- AdditionalSeats = 10,
- PremiumAccessAddon = false,
- TaxInfo = taxInfo,
- AdditionalSmSeats = 5,
- AdditionalServiceAccounts = 50
- };
-
- var plan = StaticStore.GetPlan(PlanType.EnterpriseAnnually);
- _ = await sutProvider.Sut.UpgradeFreeOrganizationAsync(organization, plan, upgrade);
-
- await stripeAdapter.Received()
- .CustomerUpdateAsync(organization.GatewayCustomerId, Arg.Is(c =>
- c.Address.Country == taxInfo.BillingAddressCountry &&
- c.Address.PostalCode == taxInfo.BillingAddressPostalCode &&
- c.Address.Line1 == taxInfo.BillingAddressLine1 &&
- c.Address.Line2 == taxInfo.BillingAddressLine2 &&
- c.Address.City == taxInfo.BillingAddressCity &&
- c.Address.State == taxInfo.BillingAddressState));
- }
-}
From 34358acf61035d250ebcdde4fc8cf9324f902659 Mon Sep 17 00:00:00 2001
From: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
Date: Fri, 7 Mar 2025 15:09:54 +0100
Subject: [PATCH 06/48] Fix user context on importing into individual vaults
(#5465)
Pass in the current userId instead of trying to infer it from the folders or ciphers passed into the ImportCiphersCommand
Kudos go to @MJebran who pointed this out on https://github.com/bitwarden/server/pull/4896
Co-authored-by: Daniel James Smith
---
.../Tools/Controllers/ImportCiphersController.cs | 2 +-
.../Tools/ImportFeatures/ImportCiphersCommand.cs | 14 +++++---------
.../Interfaces/IImportCiphersCommand.cs | 2 +-
.../Controllers/ImportCiphersControllerTests.cs | 3 ++-
.../ImportCiphersAsyncCommandTests.cs | 4 ++--
5 files changed, 11 insertions(+), 14 deletions(-)
diff --git a/src/Api/Tools/Controllers/ImportCiphersController.cs b/src/Api/Tools/Controllers/ImportCiphersController.cs
index d6104de354..62c55aceb8 100644
--- a/src/Api/Tools/Controllers/ImportCiphersController.cs
+++ b/src/Api/Tools/Controllers/ImportCiphersController.cs
@@ -56,7 +56,7 @@ public class ImportCiphersController : Controller
var userId = _userService.GetProperUserId(User).Value;
var folders = model.Folders.Select(f => f.ToFolder(userId)).ToList();
var ciphers = model.Ciphers.Select(c => c.ToCipherDetails(userId, false)).ToList();
- await _importCiphersCommand.ImportIntoIndividualVaultAsync(folders, ciphers, model.FolderRelationships);
+ await _importCiphersCommand.ImportIntoIndividualVaultAsync(folders, ciphers, model.FolderRelationships, userId);
}
[HttpPost("import-organization")]
diff --git a/src/Core/Tools/ImportFeatures/ImportCiphersCommand.cs b/src/Core/Tools/ImportFeatures/ImportCiphersCommand.cs
index 646121db52..59d3e5be34 100644
--- a/src/Core/Tools/ImportFeatures/ImportCiphersCommand.cs
+++ b/src/Core/Tools/ImportFeatures/ImportCiphersCommand.cs
@@ -54,12 +54,11 @@ public class ImportCiphersCommand : IImportCiphersCommand
public async Task ImportIntoIndividualVaultAsync(
List folders,
List ciphers,
- IEnumerable> folderRelationships)
+ IEnumerable> folderRelationships,
+ Guid importingUserId)
{
- var userId = folders.FirstOrDefault()?.UserId ?? ciphers.FirstOrDefault()?.UserId;
-
// Make sure the user can save new ciphers to their personal vault
- var anyPersonalOwnershipPolicies = await _policyService.AnyPoliciesApplicableToUserAsync(userId.Value, PolicyType.PersonalOwnership);
+ var anyPersonalOwnershipPolicies = await _policyService.AnyPoliciesApplicableToUserAsync(importingUserId, PolicyType.PersonalOwnership);
if (anyPersonalOwnershipPolicies)
{
throw new BadRequestException("You cannot import items into your personal vault because you are " +
@@ -76,7 +75,7 @@ public class ImportCiphersCommand : IImportCiphersCommand
}
}
- var userfoldersIds = (await _folderRepository.GetManyByUserIdAsync(userId ?? Guid.Empty)).Select(f => f.Id).ToList();
+ var userfoldersIds = (await _folderRepository.GetManyByUserIdAsync(importingUserId)).Select(f => f.Id).ToList();
//Assign id to the ones that don't exist in DB
//Need to keep the list order to create the relationships
@@ -109,10 +108,7 @@ public class ImportCiphersCommand : IImportCiphersCommand
await _cipherRepository.CreateAsync(ciphers, newFolders);
// push
- if (userId.HasValue)
- {
- await _pushService.PushSyncVaultAsync(userId.Value);
- }
+ await _pushService.PushSyncVaultAsync(importingUserId);
}
public async Task ImportIntoOrganizationalVaultAsync(
diff --git a/src/Core/Tools/ImportFeatures/Interfaces/IImportCiphersCommand.cs b/src/Core/Tools/ImportFeatures/Interfaces/IImportCiphersCommand.cs
index 378024d3a0..732b2f43a8 100644
--- a/src/Core/Tools/ImportFeatures/Interfaces/IImportCiphersCommand.cs
+++ b/src/Core/Tools/ImportFeatures/Interfaces/IImportCiphersCommand.cs
@@ -7,7 +7,7 @@ namespace Bit.Core.Tools.ImportFeatures.Interfaces;
public interface IImportCiphersCommand
{
Task ImportIntoIndividualVaultAsync(List folders, List ciphers,
- IEnumerable> folderRelationships);
+ IEnumerable> folderRelationships, Guid importingUserId);
Task ImportIntoOrganizationalVaultAsync(List collections, List ciphers,
IEnumerable> collectionRelationships, Guid importingUserId);
diff --git a/test/Api.Test/Tools/Controllers/ImportCiphersControllerTests.cs b/test/Api.Test/Tools/Controllers/ImportCiphersControllerTests.cs
index c07f9791a3..76055a6b64 100644
--- a/test/Api.Test/Tools/Controllers/ImportCiphersControllerTests.cs
+++ b/test/Api.Test/Tools/Controllers/ImportCiphersControllerTests.cs
@@ -79,7 +79,8 @@ public class ImportCiphersControllerTests
.ImportIntoIndividualVaultAsync(
Arg.Any>(),
Arg.Any>(),
- Arg.Any>>()
+ Arg.Any>>(),
+ user.Id
);
}
diff --git a/test/Core.Test/Tools/ImportFeatures/ImportCiphersAsyncCommandTests.cs b/test/Core.Test/Tools/ImportFeatures/ImportCiphersAsyncCommandTests.cs
index 1e97856281..5e7a30d814 100644
--- a/test/Core.Test/Tools/ImportFeatures/ImportCiphersAsyncCommandTests.cs
+++ b/test/Core.Test/Tools/ImportFeatures/ImportCiphersAsyncCommandTests.cs
@@ -44,7 +44,7 @@ public class ImportCiphersAsyncCommandTests
var folderRelationships = new List>();
// Act
- await sutProvider.Sut.ImportIntoIndividualVaultAsync(folders, ciphers, folderRelationships);
+ await sutProvider.Sut.ImportIntoIndividualVaultAsync(folders, ciphers, folderRelationships, importingUserId);
// Assert
await sutProvider.GetDependency().Received(1).CreateAsync(ciphers, Arg.Any>());
@@ -68,7 +68,7 @@ public class ImportCiphersAsyncCommandTests
var folderRelationships = new List>();
var exception = await Assert.ThrowsAsync(() =>
- sutProvider.Sut.ImportIntoIndividualVaultAsync(folders, ciphers, folderRelationships));
+ sutProvider.Sut.ImportIntoIndividualVaultAsync(folders, ciphers, folderRelationships, userId));
Assert.Equal("You cannot import items into your personal vault because you are a member of an organization which forbids it.", exception.Message);
}
From bd7a0a8ed854afbc366de5ed328bec1137759bbb Mon Sep 17 00:00:00 2001
From: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Date: Sun, 9 Mar 2025 16:56:04 -0400
Subject: [PATCH 07/48] Codespaces improvements (#4969)
* Skip one_time_setup in GH Codespaces
* Make .env File Optional
* Wrap Path in Single Quotes
* Comment out .env File
* Add Modify Database Task
* Work on modify_database.ps1
* Add space
* Remove compose version
* Do changes in community as well
* Do required: false
* Reverse check
* Remove printenv
* Skip DB changes
* Remove docker outside of docker feature
* Remove newlines
---
.devcontainer/bitwarden_common/docker-compose.yml | 5 ++---
.devcontainer/community_dev/postCreateCommand.sh | 8 +++++++-
.devcontainer/internal_dev/docker-compose.override.yml | 2 --
.devcontainer/internal_dev/postCreateCommand.sh | 8 +++++++-
4 files changed, 16 insertions(+), 7 deletions(-)
diff --git a/.devcontainer/bitwarden_common/docker-compose.yml b/.devcontainer/bitwarden_common/docker-compose.yml
index 52f0901c70..2f3a62877e 100644
--- a/.devcontainer/bitwarden_common/docker-compose.yml
+++ b/.devcontainer/bitwarden_common/docker-compose.yml
@@ -1,5 +1,3 @@
-version: '3'
-
services:
bitwarden_server:
image: mcr.microsoft.com/devcontainers/dotnet:8.0
@@ -13,7 +11,8 @@ services:
platform: linux/amd64
restart: unless-stopped
env_file:
- ../../dev/.env
+ - path: ../../dev/.env
+ required: false
environment:
ACCEPT_EULA: "Y"
MSSQL_PID: Developer
diff --git a/.devcontainer/community_dev/postCreateCommand.sh b/.devcontainer/community_dev/postCreateCommand.sh
index 832f510f3f..8f1813ed78 100755
--- a/.devcontainer/community_dev/postCreateCommand.sh
+++ b/.devcontainer/community_dev/postCreateCommand.sh
@@ -51,4 +51,10 @@ Proceed? [y/N] " response
}
# main
-one_time_setup
+if [[ -z "${CODESPACES}" ]]; then
+ one_time_setup
+else
+ # Ignore interactive elements when running in codespaces since they are not supported there
+ # TODO Write codespaces specific instructions and link here
+ echo "Running in codespaces, follow instructions here: https://contributing.bitwarden.com/getting-started/server/guide/ to continue the setup"
+fi
diff --git a/.devcontainer/internal_dev/docker-compose.override.yml b/.devcontainer/internal_dev/docker-compose.override.yml
index 9aaee9ee62..acf7b0b66e 100644
--- a/.devcontainer/internal_dev/docker-compose.override.yml
+++ b/.devcontainer/internal_dev/docker-compose.override.yml
@@ -1,5 +1,3 @@
-version: '3'
-
services:
bitwarden_storage:
image: mcr.microsoft.com/azure-storage/azurite:latest
diff --git a/.devcontainer/internal_dev/postCreateCommand.sh b/.devcontainer/internal_dev/postCreateCommand.sh
index 668b776447..071ffc0b29 100755
--- a/.devcontainer/internal_dev/postCreateCommand.sh
+++ b/.devcontainer/internal_dev/postCreateCommand.sh
@@ -89,4 +89,10 @@ install_stripe_cli() {
}
# main
-one_time_setup
+if [[ -z "${CODESPACES}" ]]; then
+ one_time_setup
+else
+ # Ignore interactive elements when running in codespaces since they are not supported there
+ # TODO Write codespaces specific instructions and link here
+ echo "Running in codespaces, follow instructions here: https://contributing.bitwarden.com/getting-started/server/guide/ to continue the setup"
+fi
\ No newline at end of file
From f26f14165ca9067c67c0f66a5acbbfbe596f1cad Mon Sep 17 00:00:00 2001
From: Github Actions
Date: Mon, 10 Mar 2025 10:28:50 +0000
Subject: [PATCH 08/48] Bumped version to 2025.3.0
---
Directory.Build.props | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Directory.Build.props b/Directory.Build.props
index 03594371e9..a994b2196e 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -3,7 +3,7 @@
net8.0
- 2025.2.4
+ 2025.3.0
Bit.$(MSBuildProjectName)
enable
From 88e91734f10989d25c959e2ee812399d42fb6b0c Mon Sep 17 00:00:00 2001
From: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
Date: Mon, 10 Mar 2025 11:46:44 +0100
Subject: [PATCH 09/48] [PM-17594]Remove feature flag self-host license
refactor (#5372)
* Remove the feature flag
Signed-off-by: Cy Okeke
* Resolve the failing test
Signed-off-by: Cy Okeke
---------
Signed-off-by: Cy Okeke
Co-authored-by: Conner Turnbull <133619638+cturnbull-bitwarden@users.noreply.github.com>
---
src/Core/Constants.cs | 1 -
.../Cloud/CloudGetOrganizationLicenseQuery.cs | 5 +----
src/Core/Services/Implementations/UserService.cs | 5 +----
.../CloudGetOrganizationLicenseQueryTests.cs | 4 +---
4 files changed, 3 insertions(+), 12 deletions(-)
diff --git a/src/Core/Constants.cs b/src/Core/Constants.cs
index 672188ce1f..b1cbc8d519 100644
--- a/src/Core/Constants.cs
+++ b/src/Core/Constants.cs
@@ -155,7 +155,6 @@ public static class FeatureFlagKeys
public const string MacOsNativeCredentialSync = "macos-native-credential-sync";
public const string PM9111ExtensionPersistAddEditForm = "pm-9111-extension-persist-add-edit-form";
public const string InlineMenuTotp = "inline-menu-totp";
- public const string SelfHostLicenseRefactor = "pm-11516-self-host-license-refactor";
public const string PrivateKeyRegeneration = "pm-12241-private-key-regeneration";
public const string AppReviewPrompt = "app-review-prompt";
public const string ResellerManagedOrgAlert = "PM-15814-alert-owners-of-reseller-managed-orgs";
diff --git a/src/Core/OrganizationFeatures/OrganizationLicenses/Cloud/CloudGetOrganizationLicenseQuery.cs b/src/Core/OrganizationFeatures/OrganizationLicenses/Cloud/CloudGetOrganizationLicenseQuery.cs
index 0c3bfe16cf..44edde1495 100644
--- a/src/Core/OrganizationFeatures/OrganizationLicenses/Cloud/CloudGetOrganizationLicenseQuery.cs
+++ b/src/Core/OrganizationFeatures/OrganizationLicenses/Cloud/CloudGetOrganizationLicenseQuery.cs
@@ -42,10 +42,7 @@ public class CloudGetOrganizationLicenseQuery : ICloudGetOrganizationLicenseQuer
var subscriptionInfo = await GetSubscriptionAsync(organization);
var license = new OrganizationLicense(organization, subscriptionInfo, installationId, _licensingService, version);
- if (_featureService.IsEnabled(FeatureFlagKeys.SelfHostLicenseRefactor))
- {
- license.Token = await _licensingService.CreateOrganizationTokenAsync(organization, installationId, subscriptionInfo);
- }
+ license.Token = await _licensingService.CreateOrganizationTokenAsync(organization, installationId, subscriptionInfo);
return license;
}
diff --git a/src/Core/Services/Implementations/UserService.cs b/src/Core/Services/Implementations/UserService.cs
index e419b832a7..5076c8282e 100644
--- a/src/Core/Services/Implementations/UserService.cs
+++ b/src/Core/Services/Implementations/UserService.cs
@@ -1218,10 +1218,7 @@ public class UserService : UserManager, IUserService, IDisposable
? new UserLicense(user, _licenseService)
: new UserLicense(user, subscriptionInfo, _licenseService);
- if (_featureService.IsEnabled(FeatureFlagKeys.SelfHostLicenseRefactor))
- {
- userLicense.Token = await _licenseService.CreateUserTokenAsync(user, subscriptionInfo);
- }
+ userLicense.Token = await _licenseService.CreateUserTokenAsync(user, subscriptionInfo);
return userLicense;
}
diff --git a/test/Core.Test/OrganizationFeatures/OrganizationLicenses/CloudGetOrganizationLicenseQueryTests.cs b/test/Core.Test/OrganizationFeatures/OrganizationLicenses/CloudGetOrganizationLicenseQueryTests.cs
index 650d33f64c..cc8ab956ca 100644
--- a/test/Core.Test/OrganizationFeatures/OrganizationLicenses/CloudGetOrganizationLicenseQueryTests.cs
+++ b/test/Core.Test/OrganizationFeatures/OrganizationLicenses/CloudGetOrganizationLicenseQueryTests.cs
@@ -56,7 +56,6 @@ public class CloudGetOrganizationLicenseQueryTests
sutProvider.GetDependency().GetByIdAsync(installationId).Returns(installation);
sutProvider.GetDependency().GetSubscriptionAsync(organization).Returns(subInfo);
sutProvider.GetDependency().SignLicense(Arg.Any()).Returns(licenseSignature);
- sutProvider.GetDependency().IsEnabled(FeatureFlagKeys.SelfHostLicenseRefactor).Returns(false);
var result = await sutProvider.Sut.GetLicenseAsync(organization, installationId);
@@ -64,7 +63,7 @@ public class CloudGetOrganizationLicenseQueryTests
Assert.Equal(organization.Id, result.Id);
Assert.Equal(installationId, result.InstallationId);
Assert.Equal(licenseSignature, result.SignatureBytes);
- Assert.Null(result.Token);
+ Assert.Equal(string.Empty, result.Token);
}
[Theory]
@@ -77,7 +76,6 @@ public class CloudGetOrganizationLicenseQueryTests
sutProvider.GetDependency().GetByIdAsync(installationId).Returns(installation);
sutProvider.GetDependency().GetSubscriptionAsync(organization).Returns(subInfo);
sutProvider.GetDependency().SignLicense(Arg.Any()).Returns(licenseSignature);
- sutProvider.GetDependency().IsEnabled(FeatureFlagKeys.SelfHostLicenseRefactor).Returns(true);
sutProvider.GetDependency()
.CreateOrganizationTokenAsync(organization, installationId, subInfo)
.Returns(token);
From 6e7c5b172ceb5ddad51126ab4ce5b1cd1c7e7da9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rui=20Tom=C3=A9?=
<108268980+r-tome@users.noreply.github.com>
Date: Mon, 10 Mar 2025 15:27:30 +0000
Subject: [PATCH 10/48] [PM-18087] Add cipher permissions to response models
(#5418)
* Add Manage permission to UserCipherDetails and CipherDetails_ReadByIdUserId
* Add Manage property to CipherDetails and UserCipherDetailsQuery
* Add integration test for CipherRepository Manage permission rules
* Update CipherDetails_ReadWithoutOrganizationsByUserId to include Manage permission
* Refactor UserCipherDetailsQuery to include detailed permission and organization properties
* Refactor CipherRepositoryTests to improve test organization and readability
- Split large test method into smaller, focused methods
- Added helper methods for creating test data and performing assertions
- Improved test coverage for cipher permissions in different scenarios
- Maintained existing test logic while enhancing code structure
* Refactor CipherRepositoryTests to consolidate cipher permission tests
- Removed redundant helper methods for permission assertions
- Simplified test methods for GetCipherPermissionsForOrganizationAsync, GetManyByUserIdAsync, and GetByIdAsync
- Maintained existing test coverage for cipher manage permissions
- Improved code readability and reduced code duplication
* Add integration test for CipherRepository group collection manage permissions
- Added new test method GetCipherPermissionsForOrganizationAsync_ManageProperty_RespectsCollectionGroupRules
- Implemented helper method CreateCipherInOrganizationCollectionWithGroup to support group-based collection permission testing
- Verified manage permissions are correctly applied based on group collection access settings
* Add @Manage parameter to Cipher stored procedures
- Updated CipherDetails_Create, CipherDetails_CreateWithCollections, and CipherDetails_Update stored procedures
- Added @Manage parameter with comment "-- not used"
- Included new stored procedure implementations in migration script
- Consistent with previous work on adding Manage property to cipher details
* Update UserCipherDetails functions to reorder Manage and ViewPassword columns
* [PM-18086] Add CanRestore and CanDelete authorization methods.
* [PM-18086] Address code review feedback.
* [PM-18086] Add missing part.
* [PM-18087] Add CipherPermissionsResponseModel for cipher permissions
* Add GetManyOrganizationAbilityAsync method to application cache service
* Add organization ability context to cipher response models
This change introduces organization ability context to various cipher response models across multiple controllers. The modifications include:
- Updating CipherResponseModel to include permissions based on user and organization ability
- Modifying CiphersController methods to fetch and pass organization abilities
- Updating SyncController to include organization abilities in sync response
- Adding organization ability context to EmergencyAccessController response generation
* Remove organization ability context from EmergencyAccessController
This change simplifies the EmergencyAccessController by removing unnecessary organization ability fetching and passing. Since emergency access only retrieves personal ciphers, the organization ability context is no longer needed in the response generation.
* Remove unused IApplicationCacheService from EmergencyAccessController
* Refactor EmergencyAccessViewResponseModel constructor
Remove unnecessary JsonConstructor attribute and simplify constructor initialization for EmergencyAccessViewResponseModel
* Refactor organization ability retrieval in CiphersController
Extract methods to simplify organization ability fetching for ciphers, reducing code duplication and improving readability. Added two private helper methods:
- GetOrganizationAbilityAsync: Retrieves organization ability for a single cipher
- GetManyOrganizationAbilitiesAsync: Retrieves organization abilities for multiple ciphers
* Update CiphersControllerTests to use GetUserByPrincipalAsync
Modify test methods to:
- Replace GetProperUserId with GetUserByPrincipalAsync
- Use User object instead of separate userId
- Update mocking to return User object
- Ensure user ID is correctly set in test scenarios
* Refactor CipherPermissionsResponseModel to use constructor-based initialization
* Refactor CipherPermissionsResponseModel to use record type and init-only properties
* [PM-18086] Undo files
* [PM-18086] Undo files
* Refactor organization abilities retrieval in cipher-related controllers and models
- Update CiphersController to use GetOrganizationAbilitiesAsync instead of individual methods
- Modify CipherResponseModel and CipherDetailsResponseModel to accept organization abilities dictionary
- Update CipherPermissionsResponseModel to handle organization abilities lookup
- Remove deprecated organization ability retrieval methods
- Simplify sync and emergency access response model handling of organization abilities
* Remove GetManyOrganizationAbilityAsync method
- Delete unused method from IApplicationCacheService interface
- Remove corresponding implementation in InMemoryApplicationCacheService
- Continues cleanup of organization ability retrieval methods
* Update CiphersControllerTests to include organization abilities retrieval
- Add organization abilities retrieval in test setup for PutCollections_vNext method
- Ensure consistent mocking of IApplicationCacheService in test scenarios
* Update error message for missing organization ability
---------
Co-authored-by: Jimmy Vo
---
.../Controllers/EmergencyAccessController.cs | 2 +-
.../Response/EmergencyAccessResponseModel.cs | 10 +-
.../Vault/Controllers/CiphersController.cs | 174 ++++++++++++------
src/Api/Vault/Controllers/SyncController.cs | 9 +-
.../CipherPermissionsResponseModel.cs | 27 +++
.../Models/Response/CipherResponseModel.cs | 35 +++-
.../Models/Response/SyncResponseModel.cs | 10 +-
.../Controllers/CiphersControllerTests.cs | 18 +-
8 files changed, 206 insertions(+), 79 deletions(-)
create mode 100644 src/Api/Vault/Models/Response/CipherPermissionsResponseModel.cs
diff --git a/src/Api/Auth/Controllers/EmergencyAccessController.cs b/src/Api/Auth/Controllers/EmergencyAccessController.cs
index 9f8ea3df01..5d1f47de73 100644
--- a/src/Api/Auth/Controllers/EmergencyAccessController.cs
+++ b/src/Api/Auth/Controllers/EmergencyAccessController.cs
@@ -167,7 +167,7 @@ public class EmergencyAccessController : Controller
{
var user = await _userService.GetUserByPrincipalAsync(User);
var viewResult = await _emergencyAccessService.ViewAsync(id, user);
- return new EmergencyAccessViewResponseModel(_globalSettings, viewResult.EmergencyAccess, viewResult.Ciphers);
+ return new EmergencyAccessViewResponseModel(_globalSettings, viewResult.EmergencyAccess, viewResult.Ciphers, user);
}
[HttpGet("{id}/{cipherId}/attachment/{attachmentId}")]
diff --git a/src/Api/Auth/Models/Response/EmergencyAccessResponseModel.cs b/src/Api/Auth/Models/Response/EmergencyAccessResponseModel.cs
index a72f3cf03f..2fb9a67199 100644
--- a/src/Api/Auth/Models/Response/EmergencyAccessResponseModel.cs
+++ b/src/Api/Auth/Models/Response/EmergencyAccessResponseModel.cs
@@ -116,11 +116,17 @@ public class EmergencyAccessViewResponseModel : ResponseModel
public EmergencyAccessViewResponseModel(
IGlobalSettings globalSettings,
EmergencyAccess emergencyAccess,
- IEnumerable ciphers)
+ IEnumerable ciphers,
+ User user)
: base("emergencyAccessView")
{
KeyEncrypted = emergencyAccess.KeyEncrypted;
- Ciphers = ciphers.Select(c => new CipherResponseModel(c, globalSettings));
+ Ciphers = ciphers.Select(cipher =>
+ new CipherResponseModel(
+ cipher,
+ user,
+ organizationAbilities: null, // Emergency access only retrieves personal ciphers so organizationAbilities is not needed
+ globalSettings));
}
public string KeyEncrypted { get; set; }
diff --git a/src/Api/Vault/Controllers/CiphersController.cs b/src/Api/Vault/Controllers/CiphersController.cs
index 5a7d427963..62f07005ee 100644
--- a/src/Api/Vault/Controllers/CiphersController.cs
+++ b/src/Api/Vault/Controllers/CiphersController.cs
@@ -79,14 +79,16 @@ public class CiphersController : Controller
[HttpGet("{id}")]
public async Task Get(Guid id)
{
- var userId = _userService.GetProperUserId(User).Value;
- var cipher = await GetByIdAsync(id, userId);
+ var user = await _userService.GetUserByPrincipalAsync(User);
+ var cipher = await GetByIdAsync(id, user.Id);
if (cipher == null)
{
throw new NotFoundException();
}
- return new CipherResponseModel(cipher, _globalSettings);
+ var organizationAbilities = await _applicationCacheService.GetOrganizationAbilitiesAsync();
+
+ return new CipherResponseModel(cipher, user, organizationAbilities, _globalSettings);
}
[HttpGet("{id}/admin")]
@@ -109,32 +111,37 @@ public class CiphersController : Controller
[HttpGet("{id}/details")]
public async Task GetDetails(Guid id)
{
- var userId = _userService.GetProperUserId(User).Value;
- var cipher = await GetByIdAsync(id, userId);
+ var user = await _userService.GetUserByPrincipalAsync(User);
+ var cipher = await GetByIdAsync(id, user.Id);
if (cipher == null)
{
throw new NotFoundException();
}
- var collectionCiphers = await _collectionCipherRepository.GetManyByUserIdCipherIdAsync(userId, id);
- return new CipherDetailsResponseModel(cipher, _globalSettings, collectionCiphers);
+ var organizationAbilities = await _applicationCacheService.GetOrganizationAbilitiesAsync();
+ var collectionCiphers = await _collectionCipherRepository.GetManyByUserIdCipherIdAsync(user.Id, id);
+ return new CipherDetailsResponseModel(cipher, user, organizationAbilities, _globalSettings, collectionCiphers);
}
[HttpGet("")]
public async Task> Get()
{
- var userId = _userService.GetProperUserId(User).Value;
+ var user = await _userService.GetUserByPrincipalAsync(User);
var hasOrgs = _currentContext.Organizations?.Any() ?? false;
// TODO: Use hasOrgs proper for cipher listing here?
- var ciphers = await _cipherRepository.GetManyByUserIdAsync(userId, withOrganizations: true || hasOrgs);
+ var ciphers = await _cipherRepository.GetManyByUserIdAsync(user.Id, withOrganizations: true || hasOrgs);
Dictionary> collectionCiphersGroupDict = null;
if (hasOrgs)
{
- var collectionCiphers = await _collectionCipherRepository.GetManyByUserIdAsync(userId);
+ var collectionCiphers = await _collectionCipherRepository.GetManyByUserIdAsync(user.Id);
collectionCiphersGroupDict = collectionCiphers.GroupBy(c => c.CipherId).ToDictionary(s => s.Key);
}
-
- var responses = ciphers.Select(c => new CipherDetailsResponseModel(c, _globalSettings,
+ var organizationAbilities = await _applicationCacheService.GetOrganizationAbilitiesAsync();
+ var responses = ciphers.Select(cipher => new CipherDetailsResponseModel(
+ cipher,
+ user,
+ organizationAbilities,
+ _globalSettings,
collectionCiphersGroupDict)).ToList();
return new ListResponseModel(responses);
}
@@ -142,30 +149,38 @@ public class CiphersController : Controller
[HttpPost("")]
public async Task Post([FromBody] CipherRequestModel model)
{
- var userId = _userService.GetProperUserId(User).Value;
- var cipher = model.ToCipherDetails(userId);
+ var user = await _userService.GetUserByPrincipalAsync(User);
+ var cipher = model.ToCipherDetails(user.Id);
if (cipher.OrganizationId.HasValue && !await _currentContext.OrganizationUser(cipher.OrganizationId.Value))
{
throw new NotFoundException();
}
- await _cipherService.SaveDetailsAsync(cipher, userId, model.LastKnownRevisionDate, null, cipher.OrganizationId.HasValue);
- var response = new CipherResponseModel(cipher, _globalSettings);
+ await _cipherService.SaveDetailsAsync(cipher, user.Id, model.LastKnownRevisionDate, null, cipher.OrganizationId.HasValue);
+ var response = new CipherResponseModel(
+ cipher,
+ user,
+ await _applicationCacheService.GetOrganizationAbilitiesAsync(),
+ _globalSettings);
return response;
}
[HttpPost("create")]
public async Task PostCreate([FromBody] CipherCreateRequestModel model)
{
- var userId = _userService.GetProperUserId(User).Value;
- var cipher = model.Cipher.ToCipherDetails(userId);
+ var user = await _userService.GetUserByPrincipalAsync(User);
+ var cipher = model.Cipher.ToCipherDetails(user.Id);
if (cipher.OrganizationId.HasValue && !await _currentContext.OrganizationUser(cipher.OrganizationId.Value))
{
throw new NotFoundException();
}
- await _cipherService.SaveDetailsAsync(cipher, userId, model.Cipher.LastKnownRevisionDate, model.CollectionIds, cipher.OrganizationId.HasValue);
- var response = new CipherResponseModel(cipher, _globalSettings);
+ await _cipherService.SaveDetailsAsync(cipher, user.Id, model.Cipher.LastKnownRevisionDate, model.CollectionIds, cipher.OrganizationId.HasValue);
+ var response = new CipherResponseModel(
+ cipher,
+ user,
+ await _applicationCacheService.GetOrganizationAbilitiesAsync(),
+ _globalSettings);
return response;
}
@@ -191,8 +206,8 @@ public class CiphersController : Controller
[HttpPost("{id}")]
public async Task Put(Guid id, [FromBody] CipherRequestModel model)
{
- var userId = _userService.GetProperUserId(User).Value;
- var cipher = await GetByIdAsync(id, userId);
+ var user = await _userService.GetUserByPrincipalAsync(User);
+ var cipher = await GetByIdAsync(id, user.Id);
if (cipher == null)
{
throw new NotFoundException();
@@ -200,7 +215,7 @@ public class CiphersController : Controller
ValidateClientVersionForFido2CredentialSupport(cipher);
- var collectionIds = (await _collectionCipherRepository.GetManyByUserIdCipherIdAsync(userId, id)).Select(c => c.CollectionId).ToList();
+ var collectionIds = (await _collectionCipherRepository.GetManyByUserIdCipherIdAsync(user.Id, id)).Select(c => c.CollectionId).ToList();
var modelOrgId = string.IsNullOrWhiteSpace(model.OrganizationId) ?
(Guid?)null : new Guid(model.OrganizationId);
if (cipher.OrganizationId != modelOrgId)
@@ -209,9 +224,13 @@ public class CiphersController : Controller
"then try again.");
}
- await _cipherService.SaveDetailsAsync(model.ToCipherDetails(cipher), userId, model.LastKnownRevisionDate, collectionIds);
+ await _cipherService.SaveDetailsAsync(model.ToCipherDetails(cipher), user.Id, model.LastKnownRevisionDate, collectionIds);
- var response = new CipherResponseModel(cipher, _globalSettings);
+ var response = new CipherResponseModel(
+ cipher,
+ user,
+ await _applicationCacheService.GetOrganizationAbilitiesAsync(),
+ _globalSettings);
return response;
}
@@ -278,7 +297,14 @@ public class CiphersController : Controller
}));
}
- var responses = ciphers.Select(c => new CipherDetailsResponseModel(c, _globalSettings));
+ var user = await _userService.GetUserByPrincipalAsync(User);
+ var organizationAbilities = await _applicationCacheService.GetOrganizationAbilitiesAsync();
+ var responses = ciphers.Select(cipher =>
+ new CipherDetailsResponseModel(
+ cipher,
+ user,
+ organizationAbilities,
+ _globalSettings));
return new ListResponseModel(responses);
}
@@ -572,12 +598,16 @@ public class CiphersController : Controller
[HttpPost("{id}/partial")]
public async Task PutPartial(Guid id, [FromBody] CipherPartialRequestModel model)
{
- var userId = _userService.GetProperUserId(User).Value;
+ var user = await _userService.GetUserByPrincipalAsync(User);
var folderId = string.IsNullOrWhiteSpace(model.FolderId) ? null : (Guid?)new Guid(model.FolderId);
- await _cipherRepository.UpdatePartialAsync(id, userId, folderId, model.Favorite);
+ await _cipherRepository.UpdatePartialAsync(id, user.Id, folderId, model.Favorite);
- var cipher = await GetByIdAsync(id, userId);
- var response = new CipherResponseModel(cipher, _globalSettings);
+ var cipher = await GetByIdAsync(id, user.Id);
+ var response = new CipherResponseModel(
+ cipher,
+ user,
+ await _applicationCacheService.GetOrganizationAbilitiesAsync(),
+ _globalSettings);
return response;
}
@@ -585,9 +615,9 @@ public class CiphersController : Controller
[HttpPost("{id}/share")]
public async Task PutShare(Guid id, [FromBody] CipherShareRequestModel model)
{
- var userId = _userService.GetProperUserId(User).Value;
+ var user = await _userService.GetUserByPrincipalAsync(User);
var cipher = await _cipherRepository.GetByIdAsync(id);
- if (cipher == null || cipher.UserId != userId ||
+ if (cipher == null || cipher.UserId != user.Id ||
!await _currentContext.OrganizationUser(new Guid(model.Cipher.OrganizationId)))
{
throw new NotFoundException();
@@ -597,10 +627,14 @@ public class CiphersController : Controller
var original = cipher.Clone();
await _cipherService.ShareAsync(original, model.Cipher.ToCipher(cipher), new Guid(model.Cipher.OrganizationId),
- model.CollectionIds.Select(c => new Guid(c)), userId, model.Cipher.LastKnownRevisionDate);
+ model.CollectionIds.Select(c => new Guid(c)), user.Id, model.Cipher.LastKnownRevisionDate);
- var sharedCipher = await GetByIdAsync(id, userId);
- var response = new CipherResponseModel(sharedCipher, _globalSettings);
+ var sharedCipher = await GetByIdAsync(id, user.Id);
+ var response = new CipherResponseModel(
+ sharedCipher,
+ user,
+ await _applicationCacheService.GetOrganizationAbilitiesAsync(),
+ _globalSettings);
return response;
}
@@ -608,8 +642,8 @@ public class CiphersController : Controller
[HttpPost("{id}/collections")]
public async Task PutCollections(Guid id, [FromBody] CipherCollectionsRequestModel model)
{
- var userId = _userService.GetProperUserId(User).Value;
- var cipher = await GetByIdAsync(id, userId);
+ var user = await _userService.GetUserByPrincipalAsync(User);
+ var cipher = await GetByIdAsync(id, user.Id);
if (cipher == null || !cipher.OrganizationId.HasValue ||
!await _currentContext.OrganizationUser(cipher.OrganizationId.Value))
{
@@ -617,20 +651,25 @@ public class CiphersController : Controller
}
await _cipherService.SaveCollectionsAsync(cipher,
- model.CollectionIds.Select(c => new Guid(c)), userId, false);
+ model.CollectionIds.Select(c => new Guid(c)), user.Id, false);
- var updatedCipher = await GetByIdAsync(id, userId);
- var collectionCiphers = await _collectionCipherRepository.GetManyByUserIdCipherIdAsync(userId, id);
+ var updatedCipher = await GetByIdAsync(id, user.Id);
+ var collectionCiphers = await _collectionCipherRepository.GetManyByUserIdCipherIdAsync(user.Id, id);
- return new CipherDetailsResponseModel(updatedCipher, _globalSettings, collectionCiphers);
+ return new CipherDetailsResponseModel(
+ updatedCipher,
+ user,
+ await _applicationCacheService.GetOrganizationAbilitiesAsync(),
+ _globalSettings,
+ collectionCiphers);
}
[HttpPut("{id}/collections_v2")]
[HttpPost("{id}/collections_v2")]
public async Task PutCollections_vNext(Guid id, [FromBody] CipherCollectionsRequestModel model)
{
- var userId = _userService.GetProperUserId(User).Value;
- var cipher = await GetByIdAsync(id, userId);
+ var user = await _userService.GetUserByPrincipalAsync(User);
+ var cipher = await GetByIdAsync(id, user.Id);
if (cipher == null || !cipher.OrganizationId.HasValue ||
!await _currentContext.OrganizationUser(cipher.OrganizationId.Value) || !cipher.ViewPassword)
{
@@ -638,10 +677,10 @@ public class CiphersController : Controller
}
await _cipherService.SaveCollectionsAsync(cipher,
- model.CollectionIds.Select(c => new Guid(c)), userId, false);
+ model.CollectionIds.Select(c => new Guid(c)), user.Id, false);
- var updatedCipher = await GetByIdAsync(id, userId);
- var collectionCiphers = await _collectionCipherRepository.GetManyByUserIdCipherIdAsync(userId, id);
+ var updatedCipher = await GetByIdAsync(id, user.Id);
+ var collectionCiphers = await _collectionCipherRepository.GetManyByUserIdCipherIdAsync(user.Id, id);
// If a user removes the last Can Manage access of a cipher, the "updatedCipher" will return null
// We will be returning an "Unavailable" property so the client knows the user can no longer access this
var response = new OptionalCipherDetailsResponseModel()
@@ -649,7 +688,12 @@ public class CiphersController : Controller
Unavailable = updatedCipher is null,
Cipher = updatedCipher is null
? null
- : new CipherDetailsResponseModel(updatedCipher, _globalSettings, collectionCiphers)
+ : new CipherDetailsResponseModel(
+ updatedCipher,
+ user,
+ await _applicationCacheService.GetOrganizationAbilitiesAsync(),
+ _globalSettings,
+ collectionCiphers)
};
return response;
}
@@ -839,15 +883,19 @@ public class CiphersController : Controller
[HttpPut("{id}/restore")]
public async Task PutRestore(Guid id)
{
- var userId = _userService.GetProperUserId(User).Value;
- var cipher = await GetByIdAsync(id, userId);
+ var user = await _userService.GetUserByPrincipalAsync(User);
+ var cipher = await GetByIdAsync(id, user.Id);
if (cipher == null)
{
throw new NotFoundException();
}
- await _cipherService.RestoreAsync(cipher, userId);
- return new CipherResponseModel(cipher, _globalSettings);
+ await _cipherService.RestoreAsync(cipher, user.Id);
+ return new CipherResponseModel(
+ cipher,
+ user,
+ await _applicationCacheService.GetOrganizationAbilitiesAsync(),
+ _globalSettings);
}
[HttpPut("{id}/restore-admin")]
@@ -996,10 +1044,10 @@ public class CiphersController : Controller
[HttpPost("{id}/attachment/v2")]
public async Task PostAttachment(Guid id, [FromBody] AttachmentRequestModel request)
{
- var userId = _userService.GetProperUserId(User).Value;
+ var user = await _userService.GetUserByPrincipalAsync(User);
var cipher = request.AdminRequest ?
await _cipherRepository.GetOrganizationDetailsByIdAsync(id) :
- await GetByIdAsync(id, userId);
+ await GetByIdAsync(id, user.Id);
if (cipher == null || (request.AdminRequest && (!cipher.OrganizationId.HasValue ||
!await CanEditCipherAsAdminAsync(cipher.OrganizationId.Value, new[] { cipher.Id }))))
@@ -1013,13 +1061,17 @@ public class CiphersController : Controller
}
var (attachmentId, uploadUrl) = await _cipherService.CreateAttachmentForDelayedUploadAsync(cipher,
- request.Key, request.FileName, request.FileSize, request.AdminRequest, userId);
+ request.Key, request.FileName, request.FileSize, request.AdminRequest, user.Id);
return new AttachmentUploadDataResponseModel
{
AttachmentId = attachmentId,
Url = uploadUrl,
FileUploadType = _attachmentStorageService.FileUploadType,
- CipherResponse = request.AdminRequest ? null : new CipherResponseModel((CipherDetails)cipher, _globalSettings),
+ CipherResponse = request.AdminRequest ? null : new CipherResponseModel(
+ (CipherDetails)cipher,
+ user,
+ await _applicationCacheService.GetOrganizationAbilitiesAsync(),
+ _globalSettings),
CipherMiniResponse = request.AdminRequest ? new CipherMiniResponseModel(cipher, _globalSettings, cipher.OrganizationUseTotp) : null,
};
}
@@ -1077,8 +1129,8 @@ public class CiphersController : Controller
{
ValidateAttachment();
- var userId = _userService.GetProperUserId(User).Value;
- var cipher = await GetByIdAsync(id, userId);
+ var user = await _userService.GetUserByPrincipalAsync(User);
+ var cipher = await GetByIdAsync(id, user.Id);
if (cipher == null)
{
throw new NotFoundException();
@@ -1087,10 +1139,14 @@ public class CiphersController : Controller
await Request.GetFileAsync(async (stream, fileName, key) =>
{
await _cipherService.CreateAttachmentAsync(cipher, stream, fileName, key,
- Request.ContentLength.GetValueOrDefault(0), userId);
+ Request.ContentLength.GetValueOrDefault(0), user.Id);
});
- return new CipherResponseModel(cipher, _globalSettings);
+ return new CipherResponseModel(
+ cipher,
+ user,
+ await _applicationCacheService.GetOrganizationAbilitiesAsync(),
+ _globalSettings);
}
[HttpPost("{id}/attachment-admin")]
diff --git a/src/Api/Vault/Controllers/SyncController.cs b/src/Api/Vault/Controllers/SyncController.cs
index c08a5f86e0..1b8978fc65 100644
--- a/src/Api/Vault/Controllers/SyncController.cs
+++ b/src/Api/Vault/Controllers/SyncController.cs
@@ -36,6 +36,7 @@ public class SyncController : Controller
private readonly ICurrentContext _currentContext;
private readonly Version _sshKeyCipherMinimumVersion = new(Constants.SSHKeyCipherMinimumVersion);
private readonly IFeatureService _featureService;
+ private readonly IApplicationCacheService _applicationCacheService;
public SyncController(
IUserService userService,
@@ -49,7 +50,8 @@ public class SyncController : Controller
ISendRepository sendRepository,
GlobalSettings globalSettings,
ICurrentContext currentContext,
- IFeatureService featureService)
+ IFeatureService featureService,
+ IApplicationCacheService applicationCacheService)
{
_userService = userService;
_folderRepository = folderRepository;
@@ -63,6 +65,7 @@ public class SyncController : Controller
_globalSettings = globalSettings;
_currentContext = currentContext;
_featureService = featureService;
+ _applicationCacheService = applicationCacheService;
}
[HttpGet("")]
@@ -104,7 +107,9 @@ public class SyncController : Controller
var organizationManagingActiveUser = await _userService.GetOrganizationsManagingUserAsync(user.Id);
var organizationIdsManagingActiveUser = organizationManagingActiveUser.Select(o => o.Id);
- var response = new SyncResponseModel(_globalSettings, user, userTwoFactorEnabled, userHasPremiumFromOrganization,
+ var organizationAbilities = await _applicationCacheService.GetOrganizationAbilitiesAsync();
+
+ var response = new SyncResponseModel(_globalSettings, user, userTwoFactorEnabled, userHasPremiumFromOrganization, organizationAbilities,
organizationIdsManagingActiveUser, organizationUserDetails, providerUserDetails, providerUserOrganizationDetails,
folders, collections, ciphers, collectionCiphersGroupDict, excludeDomains, policies, sends);
return response;
diff --git a/src/Api/Vault/Models/Response/CipherPermissionsResponseModel.cs b/src/Api/Vault/Models/Response/CipherPermissionsResponseModel.cs
new file mode 100644
index 0000000000..4f2f7e86b2
--- /dev/null
+++ b/src/Api/Vault/Models/Response/CipherPermissionsResponseModel.cs
@@ -0,0 +1,27 @@
+using Bit.Core.Entities;
+using Bit.Core.Models.Data.Organizations;
+using Bit.Core.Vault.Authorization.Permissions;
+using Bit.Core.Vault.Models.Data;
+
+namespace Bit.Api.Vault.Models.Response;
+
+public record CipherPermissionsResponseModel
+{
+ public bool Delete { get; init; }
+ public bool Restore { get; init; }
+
+ public CipherPermissionsResponseModel(
+ User user,
+ CipherDetails cipherDetails,
+ IDictionary organizationAbilities)
+ {
+ OrganizationAbility organizationAbility = null;
+ if (cipherDetails.OrganizationId.HasValue && !organizationAbilities.TryGetValue(cipherDetails.OrganizationId.Value, out organizationAbility))
+ {
+ throw new Exception("OrganizationAbility not found for organization cipher.");
+ }
+
+ Delete = NormalCipherPermissions.CanDelete(user, cipherDetails, organizationAbility);
+ Restore = NormalCipherPermissions.CanRestore(user, cipherDetails, organizationAbility);
+ }
+}
diff --git a/src/Api/Vault/Models/Response/CipherResponseModel.cs b/src/Api/Vault/Models/Response/CipherResponseModel.cs
index 207017227a..358da3e62a 100644
--- a/src/Api/Vault/Models/Response/CipherResponseModel.cs
+++ b/src/Api/Vault/Models/Response/CipherResponseModel.cs
@@ -1,6 +1,7 @@
using System.Text.Json;
using Bit.Core.Entities;
using Bit.Core.Models.Api;
+using Bit.Core.Models.Data.Organizations;
using Bit.Core.Settings;
using Bit.Core.Vault.Entities;
using Bit.Core.Vault.Enums;
@@ -96,26 +97,37 @@ public class CipherMiniResponseModel : ResponseModel
public class CipherResponseModel : CipherMiniResponseModel
{
- public CipherResponseModel(CipherDetails cipher, IGlobalSettings globalSettings, string obj = "cipher")
+ public CipherResponseModel(
+ CipherDetails cipher,
+ User user,
+ IDictionary organizationAbilities,
+ IGlobalSettings globalSettings,
+ string obj = "cipher")
: base(cipher, globalSettings, cipher.OrganizationUseTotp, obj)
{
FolderId = cipher.FolderId;
Favorite = cipher.Favorite;
Edit = cipher.Edit;
ViewPassword = cipher.ViewPassword;
+ Permissions = new CipherPermissionsResponseModel(user, cipher, organizationAbilities);
}
public Guid? FolderId { get; set; }
public bool Favorite { get; set; }
public bool Edit { get; set; }
public bool ViewPassword { get; set; }
+ public CipherPermissionsResponseModel Permissions { get; set; }
}
public class CipherDetailsResponseModel : CipherResponseModel
{
- public CipherDetailsResponseModel(CipherDetails cipher, GlobalSettings globalSettings,
+ public CipherDetailsResponseModel(
+ CipherDetails cipher,
+ User user,
+ IDictionary organizationAbilities,
+ GlobalSettings globalSettings,
IDictionary> collectionCiphers, string obj = "cipherDetails")
- : base(cipher, globalSettings, obj)
+ : base(cipher, user, organizationAbilities, globalSettings, obj)
{
if (collectionCiphers?.ContainsKey(cipher.Id) ?? false)
{
@@ -127,15 +139,24 @@ public class CipherDetailsResponseModel : CipherResponseModel
}
}
- public CipherDetailsResponseModel(CipherDetails cipher, GlobalSettings globalSettings,
+ public CipherDetailsResponseModel(
+ CipherDetails cipher,
+ User user,
+ IDictionary organizationAbilities,
+ GlobalSettings globalSettings,
IEnumerable collectionCiphers, string obj = "cipherDetails")
- : base(cipher, globalSettings, obj)
+ : base(cipher, user, organizationAbilities, globalSettings, obj)
{
CollectionIds = collectionCiphers?.Select(c => c.CollectionId) ?? new List();
}
- public CipherDetailsResponseModel(CipherDetailsWithCollections cipher, GlobalSettings globalSettings, string obj = "cipherDetails")
- : base(cipher, globalSettings, obj)
+ public CipherDetailsResponseModel(
+ CipherDetailsWithCollections cipher,
+ User user,
+ IDictionary organizationAbilities,
+ GlobalSettings globalSettings,
+ string obj = "cipherDetails")
+ : base(cipher, user, organizationAbilities, globalSettings, obj)
{
CollectionIds = cipher.CollectionIds ?? new List();
}
diff --git a/src/Api/Vault/Models/Response/SyncResponseModel.cs b/src/Api/Vault/Models/Response/SyncResponseModel.cs
index a9b87ac31e..f1465264f2 100644
--- a/src/Api/Vault/Models/Response/SyncResponseModel.cs
+++ b/src/Api/Vault/Models/Response/SyncResponseModel.cs
@@ -6,6 +6,7 @@ using Bit.Core.AdminConsole.Models.Data.Provider;
using Bit.Core.Entities;
using Bit.Core.Models.Api;
using Bit.Core.Models.Data;
+using Bit.Core.Models.Data.Organizations;
using Bit.Core.Models.Data.Organizations.OrganizationUsers;
using Bit.Core.Settings;
using Bit.Core.Tools.Entities;
@@ -21,6 +22,7 @@ public class SyncResponseModel : ResponseModel
User user,
bool userTwoFactorEnabled,
bool userHasPremiumFromOrganization,
+ IDictionary organizationAbilities,
IEnumerable organizationIdsManagingUser,
IEnumerable organizationUserDetails,
IEnumerable providerUserDetails,
@@ -37,7 +39,13 @@ public class SyncResponseModel : ResponseModel
Profile = new ProfileResponseModel(user, organizationUserDetails, providerUserDetails,
providerUserOrganizationDetails, userTwoFactorEnabled, userHasPremiumFromOrganization, organizationIdsManagingUser);
Folders = folders.Select(f => new FolderResponseModel(f));
- Ciphers = ciphers.Select(c => new CipherDetailsResponseModel(c, globalSettings, collectionCiphersDict));
+ Ciphers = ciphers.Select(cipher =>
+ new CipherDetailsResponseModel(
+ cipher,
+ user,
+ organizationAbilities,
+ globalSettings,
+ collectionCiphersDict));
Collections = collections?.Select(
c => new CollectionDetailsResponseModel(c)) ?? new List();
Domains = excludeDomains ? null : new DomainsResponseModel(user, false);
diff --git a/test/Api.Test/Vault/Controllers/CiphersControllerTests.cs b/test/Api.Test/Vault/Controllers/CiphersControllerTests.cs
index 2afce14ac5..5c8de51062 100644
--- a/test/Api.Test/Vault/Controllers/CiphersControllerTests.cs
+++ b/test/Api.Test/Vault/Controllers/CiphersControllerTests.cs
@@ -27,17 +27,18 @@ namespace Bit.Api.Test.Controllers;
public class CiphersControllerTests
{
[Theory, BitAutoData]
- public async Task PutPartialShouldReturnCipherWithGivenFolderAndFavoriteValues(Guid userId, Guid folderId, SutProvider sutProvider)
+ public async Task PutPartialShouldReturnCipherWithGivenFolderAndFavoriteValues(User user, Guid folderId, SutProvider sutProvider)
{
var isFavorite = true;
var cipherId = Guid.NewGuid();
sutProvider.GetDependency()
- .GetProperUserId(Arg.Any())
- .Returns(userId);
+ .GetUserByPrincipalAsync(Arg.Any())
+ .Returns(user);
var cipherDetails = new CipherDetails
{
+ UserId = user.Id,
Favorite = isFavorite,
FolderId = folderId,
Type = Core.Vault.Enums.CipherType.SecureNote,
@@ -45,7 +46,7 @@ public class CiphersControllerTests
};
sutProvider.GetDependency()
- .GetByIdAsync(cipherId, userId)
+ .GetByIdAsync(cipherId, user.Id)
.Returns(Task.FromResult(cipherDetails));
var result = await sutProvider.Sut.PutPartial(cipherId, new CipherPartialRequestModel { Favorite = isFavorite, FolderId = folderId.ToString() });
@@ -55,12 +56,12 @@ public class CiphersControllerTests
}
[Theory, BitAutoData]
- public async Task PutCollections_vNextShouldThrowExceptionWhenCipherIsNullOrNoOrgValue(Guid id, CipherCollectionsRequestModel model, Guid userId,
+ public async Task PutCollections_vNextShouldThrowExceptionWhenCipherIsNullOrNoOrgValue(Guid id, CipherCollectionsRequestModel model, User user,
SutProvider sutProvider)
{
- sutProvider.GetDependency().GetProperUserId(default).Returns(userId);
+ sutProvider.GetDependency().GetUserByPrincipalAsync(default).ReturnsForAnyArgs(user);
sutProvider.GetDependency().OrganizationUser(Guid.NewGuid()).Returns(false);
- sutProvider.GetDependency().GetByIdAsync(id, userId).ReturnsNull();
+ sutProvider.GetDependency().GetByIdAsync(id, user.Id).ReturnsNull();
var requestAction = async () => await sutProvider.Sut.PutCollections_vNext(id, model);
@@ -75,6 +76,7 @@ public class CiphersControllerTests
sutProvider.GetDependency().GetByIdAsync(id, userId).ReturnsForAnyArgs(cipherDetails);
sutProvider.GetDependency().GetManyByUserIdCipherIdAsync(userId, id).Returns((ICollection)new List());
+ sutProvider.GetDependency().GetOrganizationAbilitiesAsync().Returns(new Dictionary { { cipherDetails.OrganizationId.Value, new OrganizationAbility() } });
var cipherService = sutProvider.GetDependency