mirror of
https://github.com/bitwarden/server.git
synced 2025-05-22 12:04:27 -05:00
Merge branch 'main' into ac/pm-13274/unified-adding-a-group-to-a-collection-returns-500-error---but-works
This commit is contained in:
Thomas Rittson
GitHub
commit
4f88257c9d
4
.github/workflows/build.yml
vendored
4
.github/workflows/build.yml
vendored
@ -636,7 +636,9 @@ jobs:
|
||||
|
||||
setup-ephemeral-environment:
|
||||
name: Setup Ephemeral Environment
|
||||
needs: build-docker
|
||||
needs:
|
||||
- build-artifacts
|
||||
- build-docker
|
||||
if: |
|
||||
needs.build-artifacts.outputs.has_secrets == 'true'
|
||||
&& github.event_name == 'pull_request'
|
||||
|
||||
@ -3,9 +3,9 @@ using Bit.Core.AdminConsole.Enums.Provider;
|
||||
using Bit.Core.AdminConsole.Providers.Interfaces;
|
||||
using Bit.Core.AdminConsole.Repositories;
|
||||
using Bit.Core.AdminConsole.Services;
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Billing.Repositories;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Billing.Providers.Repositories;
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.Exceptions;
|
||||
using Bit.Core.Repositories;
|
||||
|
||||
@ -7,6 +7,7 @@ using Bit.Core.AdminConsole.Repositories;
|
||||
using Bit.Core.Billing.Constants;
|
||||
using Bit.Core.Billing.Extensions;
|
||||
using Bit.Core.Billing.Pricing;
|
||||
using Bit.Core.Billing.Providers.Services;
|
||||
using Bit.Core.Billing.Services;
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.Exceptions;
|
||||
|
||||
@ -5,12 +5,13 @@ using Bit.Core.AdminConsole.Entities.Provider;
|
||||
using Bit.Core.AdminConsole.Enums.Provider;
|
||||
using Bit.Core.AdminConsole.Models.Business.Provider;
|
||||
using Bit.Core.AdminConsole.Models.Business.Tokenables;
|
||||
using Bit.Core.AdminConsole.OrganizationFeatures.Organizations;
|
||||
using Bit.Core.AdminConsole.Repositories;
|
||||
using Bit.Core.AdminConsole.Services;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Billing.Models;
|
||||
using Bit.Core.Billing.Pricing;
|
||||
using Bit.Core.Billing.Services;
|
||||
using Bit.Core.Billing.Providers.Services;
|
||||
using Bit.Core.Context;
|
||||
using Bit.Core.Entities;
|
||||
using Bit.Core.Enums;
|
||||
@ -53,6 +54,7 @@ public class ProviderService : IProviderService
|
||||
private readonly IApplicationCacheService _applicationCacheService;
|
||||
private readonly IProviderBillingService _providerBillingService;
|
||||
private readonly IPricingClient _pricingClient;
|
||||
private readonly IProviderClientOrganizationSignUpCommand _providerClientOrganizationSignUpCommand;
|
||||
|
||||
public ProviderService(IProviderRepository providerRepository, IProviderUserRepository providerUserRepository,
|
||||
IProviderOrganizationRepository providerOrganizationRepository, IUserRepository userRepository,
|
||||
@ -61,7 +63,8 @@ public class ProviderService : IProviderService
|
||||
IOrganizationRepository organizationRepository, GlobalSettings globalSettings,
|
||||
ICurrentContext currentContext, IStripeAdapter stripeAdapter, IFeatureService featureService,
|
||||
IDataProtectorTokenFactory<ProviderDeleteTokenable> providerDeleteTokenDataFactory,
|
||||
IApplicationCacheService applicationCacheService, IProviderBillingService providerBillingService, IPricingClient pricingClient)
|
||||
IApplicationCacheService applicationCacheService, IProviderBillingService providerBillingService, IPricingClient pricingClient,
|
||||
IProviderClientOrganizationSignUpCommand providerClientOrganizationSignUpCommand)
|
||||
{
|
||||
_providerRepository = providerRepository;
|
||||
_providerUserRepository = providerUserRepository;
|
||||
@ -81,6 +84,7 @@ public class ProviderService : IProviderService
|
||||
_applicationCacheService = applicationCacheService;
|
||||
_providerBillingService = providerBillingService;
|
||||
_pricingClient = pricingClient;
|
||||
_providerClientOrganizationSignUpCommand = providerClientOrganizationSignUpCommand;
|
||||
}
|
||||
|
||||
public async Task<Provider> CompleteSetupAsync(Provider provider, Guid ownerUserId, string token, string key, TaxInfo taxInfo, TokenizedPaymentSource tokenizedPaymentSource = null)
|
||||
@ -560,12 +564,12 @@ public class ProviderService : IProviderService
|
||||
|
||||
ThrowOnInvalidPlanType(provider.Type, organizationSignup.Plan);
|
||||
|
||||
var (organization, _, defaultCollection) = await _organizationService.SignupClientAsync(organizationSignup);
|
||||
var signUpResponse = await _providerClientOrganizationSignUpCommand.SignUpClientOrganizationAsync(organizationSignup);
|
||||
|
||||
var providerOrganization = new ProviderOrganization
|
||||
{
|
||||
ProviderId = providerId,
|
||||
OrganizationId = organization.Id,
|
||||
OrganizationId = signUpResponse.Organization.Id,
|
||||
Key = organizationSignup.OwnerKey,
|
||||
};
|
||||
|
||||
@ -574,12 +578,12 @@ public class ProviderService : IProviderService
|
||||
|
||||
// Give the owner Can Manage access over the default collection
|
||||
// The orgUser is not available when the org is created so we have to do it here as part of the invite
|
||||
var defaultOwnerAccess = defaultCollection != null
|
||||
var defaultOwnerAccess = signUpResponse.DefaultCollection != null
|
||||
?
|
||||
[
|
||||
new CollectionAccessSelection
|
||||
{
|
||||
Id = defaultCollection.Id,
|
||||
Id = signUpResponse.DefaultCollection.Id,
|
||||
HidePasswords = false,
|
||||
ReadOnly = false,
|
||||
Manage = true
|
||||
@ -587,7 +591,7 @@ public class ProviderService : IProviderService
|
||||
]
|
||||
: Array.Empty<CollectionAccessSelection>();
|
||||
|
||||
await _organizationService.InviteUsersAsync(organization.Id, user.Id, systemUser: null,
|
||||
await _organizationService.InviteUsersAsync(signUpResponse.Organization.Id, user.Id, systemUser: null,
|
||||
new (OrganizationUserInvite, string)[]
|
||||
{
|
||||
(
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
using System.Globalization;
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using CsvHelper.Configuration.Attributes;
|
||||
|
||||
namespace Bit.Commercial.Core.Billing.Models;
|
||||
namespace Bit.Commercial.Core.Billing.Providers.Models;
|
||||
|
||||
public class ProviderClientInvoiceReportRow
|
||||
{
|
||||
@ -7,11 +7,12 @@ using Bit.Core.AdminConsole.Enums.Provider;
|
||||
using Bit.Core.AdminConsole.Repositories;
|
||||
using Bit.Core.Billing;
|
||||
using Bit.Core.Billing.Constants;
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Billing.Extensions;
|
||||
using Bit.Core.Billing.Pricing;
|
||||
using Bit.Core.Billing.Repositories;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Billing.Providers.Repositories;
|
||||
using Bit.Core.Billing.Providers.Services;
|
||||
using Bit.Core.Billing.Services;
|
||||
using Bit.Core.Entities;
|
||||
using Bit.Core.Enums;
|
||||
@ -24,7 +25,7 @@ using Microsoft.Extensions.Logging;
|
||||
using OneOf;
|
||||
using Stripe;
|
||||
|
||||
namespace Bit.Commercial.Core.Billing;
|
||||
namespace Bit.Commercial.Core.Billing.Providers.Services;
|
||||
|
||||
[RequireFeature(FeatureFlagKeys.PM18770_EnableOrganizationBusinessUnitConversion)]
|
||||
public class BusinessUnitConverter(
|
||||
@ -1,5 +1,5 @@
|
||||
using System.Globalization;
|
||||
using Bit.Commercial.Core.Billing.Models;
|
||||
using Bit.Commercial.Core.Billing.Providers.Models;
|
||||
using Bit.Core;
|
||||
using Bit.Core.AdminConsole.Entities;
|
||||
using Bit.Core.AdminConsole.Entities.Provider;
|
||||
@ -8,14 +8,15 @@ using Bit.Core.AdminConsole.Repositories;
|
||||
using Bit.Core.Billing;
|
||||
using Bit.Core.Billing.Caches;
|
||||
using Bit.Core.Billing.Constants;
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Billing.Extensions;
|
||||
using Bit.Core.Billing.Models;
|
||||
using Bit.Core.Billing.Pricing;
|
||||
using Bit.Core.Billing.Repositories;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Billing.Providers.Models;
|
||||
using Bit.Core.Billing.Providers.Repositories;
|
||||
using Bit.Core.Billing.Providers.Services;
|
||||
using Bit.Core.Billing.Services;
|
||||
using Bit.Core.Billing.Services.Contracts;
|
||||
using Bit.Core.Billing.Tax.Models;
|
||||
using Bit.Core.Billing.Tax.Services;
|
||||
using Bit.Core.Enums;
|
||||
@ -28,12 +29,11 @@ using Braintree;
|
||||
using CsvHelper;
|
||||
using Microsoft.Extensions.Logging;
|
||||
using Stripe;
|
||||
|
||||
using static Bit.Core.Billing.Utilities;
|
||||
using Customer = Stripe.Customer;
|
||||
using Subscription = Stripe.Subscription;
|
||||
|
||||
namespace Bit.Commercial.Core.Billing;
|
||||
namespace Bit.Commercial.Core.Billing.Providers.Services;
|
||||
|
||||
public class ProviderBillingService(
|
||||
IBraintreeGateway braintreeGateway,
|
||||
@ -6,7 +6,7 @@ using Bit.Core.Billing;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Stripe;
|
||||
|
||||
namespace Bit.Commercial.Core.Billing;
|
||||
namespace Bit.Commercial.Core.Billing.Providers.Services;
|
||||
|
||||
public static class ProviderPriceAdapter
|
||||
{
|
||||
@ -1,9 +1,9 @@
|
||||
using Bit.Commercial.Core.AdminConsole.Providers;
|
||||
using Bit.Commercial.Core.AdminConsole.Services;
|
||||
using Bit.Commercial.Core.Billing;
|
||||
using Bit.Commercial.Core.Billing.Providers.Services;
|
||||
using Bit.Core.AdminConsole.Providers.Interfaces;
|
||||
using Bit.Core.AdminConsole.Services;
|
||||
using Bit.Core.Billing.Services;
|
||||
using Bit.Core.Billing.Providers.Services;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
|
||||
namespace Bit.Commercial.Core.Utilities;
|
||||
|
||||
@ -8,6 +8,7 @@ using Bit.Core.AdminConsole.Repositories;
|
||||
using Bit.Core.Billing.Constants;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Billing.Pricing;
|
||||
using Bit.Core.Billing.Providers.Services;
|
||||
using Bit.Core.Billing.Services;
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.Exceptions;
|
||||
|
||||
@ -6,11 +6,12 @@ using Bit.Core.AdminConsole.Entities.Provider;
|
||||
using Bit.Core.AdminConsole.Enums.Provider;
|
||||
using Bit.Core.AdminConsole.Models.Business.Provider;
|
||||
using Bit.Core.AdminConsole.Models.Business.Tokenables;
|
||||
using Bit.Core.AdminConsole.OrganizationFeatures.Organizations;
|
||||
using Bit.Core.AdminConsole.Repositories;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Billing.Models;
|
||||
using Bit.Core.Billing.Pricing;
|
||||
using Bit.Core.Billing.Services;
|
||||
using Bit.Core.Billing.Providers.Services;
|
||||
using Bit.Core.Context;
|
||||
using Bit.Core.Entities;
|
||||
using Bit.Core.Enums;
|
||||
@ -717,8 +718,8 @@ public class ProviderServiceTests
|
||||
|
||||
sutProvider.GetDependency<IProviderRepository>().GetByIdAsync(provider.Id).Returns(provider);
|
||||
var providerOrganizationRepository = sutProvider.GetDependency<IProviderOrganizationRepository>();
|
||||
sutProvider.GetDependency<IOrganizationService>().SignupClientAsync(organizationSignup)
|
||||
.Returns((organization, null as OrganizationUser, new Collection()));
|
||||
sutProvider.GetDependency<IProviderClientOrganizationSignUpCommand>().SignUpClientOrganizationAsync(organizationSignup)
|
||||
.Returns(new ProviderClientOrganizationSignUpResponse(organization, new Collection()));
|
||||
|
||||
var providerOrganization =
|
||||
await sutProvider.Sut.CreateOrganizationAsync(provider.Id, organizationSignup, clientOwnerEmail, user);
|
||||
@ -755,8 +756,8 @@ public class ProviderServiceTests
|
||||
|
||||
var providerOrganizationRepository = sutProvider.GetDependency<IProviderOrganizationRepository>();
|
||||
|
||||
sutProvider.GetDependency<IOrganizationService>().SignupClientAsync(organizationSignup)
|
||||
.Returns((organization, null as OrganizationUser, new Collection()));
|
||||
sutProvider.GetDependency<IProviderClientOrganizationSignUpCommand>().SignUpClientOrganizationAsync(organizationSignup)
|
||||
.Returns(new ProviderClientOrganizationSignUpResponse(organization, new Collection()));
|
||||
|
||||
await Assert.ThrowsAsync<BadRequestException>(() =>
|
||||
sutProvider.Sut.CreateOrganizationAsync(provider.Id, organizationSignup, clientOwnerEmail, user));
|
||||
@ -782,8 +783,8 @@ public class ProviderServiceTests
|
||||
|
||||
var providerOrganizationRepository = sutProvider.GetDependency<IProviderOrganizationRepository>();
|
||||
|
||||
sutProvider.GetDependency<IOrganizationService>().SignupClientAsync(organizationSignup)
|
||||
.Returns((organization, null as OrganizationUser, new Collection()));
|
||||
sutProvider.GetDependency<IProviderClientOrganizationSignUpCommand>().SignUpClientOrganizationAsync(organizationSignup)
|
||||
.Returns(new ProviderClientOrganizationSignUpResponse(organization, new Collection()));
|
||||
|
||||
var providerOrganization = await sutProvider.Sut.CreateOrganizationAsync(provider.Id, organizationSignup, clientOwnerEmail, user);
|
||||
|
||||
@ -821,8 +822,8 @@ public class ProviderServiceTests
|
||||
|
||||
sutProvider.GetDependency<IProviderRepository>().GetByIdAsync(provider.Id).Returns(provider);
|
||||
var providerOrganizationRepository = sutProvider.GetDependency<IProviderOrganizationRepository>();
|
||||
sutProvider.GetDependency<IOrganizationService>().SignupClientAsync(organizationSignup)
|
||||
.Returns((organization, null as OrganizationUser, defaultCollection));
|
||||
sutProvider.GetDependency<IProviderClientOrganizationSignUpCommand>().SignUpClientOrganizationAsync(organizationSignup)
|
||||
.Returns(new ProviderClientOrganizationSignUpResponse(organization, defaultCollection));
|
||||
|
||||
var providerOrganization =
|
||||
await sutProvider.Sut.CreateOrganizationAsync(provider.Id, organizationSignup, clientOwnerEmail, user);
|
||||
|
||||
@ -1,16 +1,16 @@
|
||||
#nullable enable
|
||||
using System.Text;
|
||||
using Bit.Commercial.Core.Billing;
|
||||
using Bit.Commercial.Core.Billing.Providers.Services;
|
||||
using Bit.Core.AdminConsole.Entities;
|
||||
using Bit.Core.AdminConsole.Entities.Provider;
|
||||
using Bit.Core.AdminConsole.Enums.Provider;
|
||||
using Bit.Core.AdminConsole.Repositories;
|
||||
using Bit.Core.Billing;
|
||||
using Bit.Core.Billing.Constants;
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Billing.Pricing;
|
||||
using Bit.Core.Billing.Repositories;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Billing.Providers.Repositories;
|
||||
using Bit.Core.Billing.Services;
|
||||
using Bit.Core.Entities;
|
||||
using Bit.Core.Enums;
|
||||
@ -25,7 +25,7 @@ using NSubstitute;
|
||||
using Stripe;
|
||||
using Xunit;
|
||||
|
||||
namespace Bit.Commercial.Core.Test.Billing;
|
||||
namespace Bit.Commercial.Core.Test.Billing.Providers;
|
||||
|
||||
public class BusinessUnitConverterTests
|
||||
{
|
||||
@ -1,7 +1,7 @@
|
||||
using System.Globalization;
|
||||
using System.Net;
|
||||
using Bit.Commercial.Core.Billing;
|
||||
using Bit.Commercial.Core.Billing.Models;
|
||||
using Bit.Commercial.Core.Billing.Providers.Models;
|
||||
using Bit.Commercial.Core.Billing.Providers.Services;
|
||||
using Bit.Core;
|
||||
using Bit.Core.AdminConsole.Entities;
|
||||
using Bit.Core.AdminConsole.Entities.Provider;
|
||||
@ -10,13 +10,13 @@ using Bit.Core.AdminConsole.Models.Data.Provider;
|
||||
using Bit.Core.AdminConsole.Repositories;
|
||||
using Bit.Core.Billing.Caches;
|
||||
using Bit.Core.Billing.Constants;
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Billing.Models;
|
||||
using Bit.Core.Billing.Pricing;
|
||||
using Bit.Core.Billing.Repositories;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Billing.Providers.Models;
|
||||
using Bit.Core.Billing.Providers.Repositories;
|
||||
using Bit.Core.Billing.Services;
|
||||
using Bit.Core.Billing.Services.Contracts;
|
||||
using Bit.Core.Billing.Tax.Services;
|
||||
using Bit.Core.Entities;
|
||||
using Bit.Core.Enums;
|
||||
@ -40,7 +40,7 @@ using Customer = Stripe.Customer;
|
||||
using PaymentMethod = Stripe.PaymentMethod;
|
||||
using Subscription = Stripe.Subscription;
|
||||
|
||||
namespace Bit.Commercial.Core.Test.Billing;
|
||||
namespace Bit.Commercial.Core.Test.Billing.Providers;
|
||||
|
||||
[SutProviderCustomize]
|
||||
public class ProviderBillingServiceTests
|
||||
@ -1,11 +1,11 @@
|
||||
using Bit.Commercial.Core.Billing;
|
||||
using Bit.Commercial.Core.Billing.Providers.Services;
|
||||
using Bit.Core.AdminConsole.Entities.Provider;
|
||||
using Bit.Core.AdminConsole.Enums.Provider;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Stripe;
|
||||
using Xunit;
|
||||
|
||||
namespace Bit.Commercial.Core.Test.Billing;
|
||||
namespace Bit.Commercial.Core.Test.Billing.Providers;
|
||||
|
||||
public class ProviderPriceAdapterTests
|
||||
{
|
||||
@ -3,7 +3,7 @@ using Bit.Test.Common.AutoFixture;
|
||||
using Bit.Test.Common.AutoFixture.Attributes;
|
||||
using Xunit;
|
||||
|
||||
namespace Bit.Commercial.Core.Test.Billing;
|
||||
namespace Bit.Commercial.Core.Test.Billing.Tax;
|
||||
|
||||
[SutProviderCustomize]
|
||||
public class TaxServiceTests
|
||||
@ -11,7 +11,7 @@ using Bit.Core.AdminConsole.Repositories;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Billing.Extensions;
|
||||
using Bit.Core.Billing.Pricing;
|
||||
using Bit.Core.Billing.Services;
|
||||
using Bit.Core.Billing.Providers.Services;
|
||||
using Bit.Core.Context;
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.Models.OrganizationConnectionConfigs;
|
||||
|
||||
@ -10,13 +10,13 @@ using Bit.Core.AdminConsole.Providers.Interfaces;
|
||||
using Bit.Core.AdminConsole.Repositories;
|
||||
using Bit.Core.AdminConsole.Services;
|
||||
using Bit.Core.Billing.Constants;
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Billing.Extensions;
|
||||
using Bit.Core.Billing.Pricing;
|
||||
using Bit.Core.Billing.Repositories;
|
||||
using Bit.Core.Billing.Services;
|
||||
using Bit.Core.Billing.Services.Contracts;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Billing.Providers.Models;
|
||||
using Bit.Core.Billing.Providers.Repositories;
|
||||
using Bit.Core.Billing.Providers.Services;
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.Exceptions;
|
||||
using Bit.Core.Repositories;
|
||||
|
||||
@ -2,8 +2,8 @@
|
||||
using Bit.Core.AdminConsole.Entities.Provider;
|
||||
using Bit.Core.AdminConsole.Enums.Provider;
|
||||
using Bit.Core.AdminConsole.Models.Data.Provider;
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Enums;
|
||||
using Bit.SharedWeb.Utilities;
|
||||
|
||||
|
||||
@ -2,8 +2,8 @@
|
||||
using Bit.Core.AdminConsole.Entities.Provider;
|
||||
using Bit.Core.AdminConsole.Enums.Provider;
|
||||
using Bit.Core.AdminConsole.Models.Data.Provider;
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
|
||||
namespace Bit.Admin.AdminConsole.Models;
|
||||
|
||||
|
||||
@ -7,7 +7,7 @@ using Bit.Core.AdminConsole.Entities;
|
||||
using Bit.Core.AdminConsole.Entities.Provider;
|
||||
using Bit.Core.AdminConsole.Enums.Provider;
|
||||
using Bit.Core.AdminConsole.Repositories;
|
||||
using Bit.Core.Billing.Services;
|
||||
using Bit.Core.Billing.Providers.Services;
|
||||
using Bit.Core.Exceptions;
|
||||
using Bit.Core.Repositories;
|
||||
using Bit.Core.Utilities;
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
using Bit.Admin.Billing.Models;
|
||||
using Bit.Admin.Enums;
|
||||
using Bit.Admin.Utilities;
|
||||
using Bit.Core.Billing.Migration.Models;
|
||||
using Bit.Core.Billing.Migration.Services;
|
||||
using Bit.Core.Billing.Providers.Migration.Models;
|
||||
using Bit.Core.Billing.Providers.Migration.Services;
|
||||
using Bit.Core.Utilities;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
|
||||
namespace Bit.Admin.Billing.Models;
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
@using System.Text.Json
|
||||
@model Bit.Core.Billing.Migration.Models.ProviderMigrationResult
|
||||
@model Bit.Core.Billing.Providers.Migration.Models.ProviderMigrationResult
|
||||
@{
|
||||
ViewData["Title"] = "Results";
|
||||
}
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
@model Bit.Core.Billing.Migration.Models.ProviderMigrationResult[]
|
||||
@model Bit.Core.Billing.Providers.Migration.Models.ProviderMigrationResult[]
|
||||
@{
|
||||
ViewData["Title"] = "Results";
|
||||
}
|
||||
|
||||
@ -10,7 +10,7 @@ using Microsoft.AspNetCore.Mvc.Razor;
|
||||
using Microsoft.Extensions.DependencyInjection.Extensions;
|
||||
using Bit.Admin.Services;
|
||||
using Bit.Core.Billing.Extensions;
|
||||
using Bit.Core.Billing.Migration;
|
||||
using Bit.Core.Billing.Providers.Migration;
|
||||
|
||||
#if !OSS
|
||||
using Bit.Commercial.Core.Utilities;
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
using Bit.Core;
|
||||
using Bit.Core.Jobs;
|
||||
using Bit.Core.Tools.Repositories;
|
||||
using Bit.Core.Tools.Services;
|
||||
using Bit.Core.Tools.SendFeatures.Commands.Interfaces;
|
||||
using Quartz;
|
||||
|
||||
namespace Bit.Admin.Tools.Jobs;
|
||||
@ -32,10 +32,10 @@ public class DeleteSendsJob : BaseJob
|
||||
}
|
||||
using (var scope = _serviceProvider.CreateScope())
|
||||
{
|
||||
var sendService = scope.ServiceProvider.GetRequiredService<ISendService>();
|
||||
var nonAnonymousSendCommand = scope.ServiceProvider.GetRequiredService<INonAnonymousSendCommand>();
|
||||
foreach (var send in sends)
|
||||
{
|
||||
await sendService.DeleteSendAsync(send);
|
||||
await nonAnonymousSendCommand.DeleteSendAsync(send);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -2,13 +2,11 @@
|
||||
using Bit.Api.AdminConsole.Models.Request.Organizations;
|
||||
using Bit.Api.AdminConsole.Models.Response.Organizations;
|
||||
using Bit.Api.Models.Response;
|
||||
using Bit.Core;
|
||||
using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationDomains.Interfaces;
|
||||
using Bit.Core.Context;
|
||||
using Bit.Core.Entities;
|
||||
using Bit.Core.Exceptions;
|
||||
using Bit.Core.Repositories;
|
||||
using Bit.Core.Utilities;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
|
||||
@ -137,7 +135,6 @@ public class OrganizationDomainController : Controller
|
||||
|
||||
[AllowAnonymous]
|
||||
[HttpPost("domain/sso/verified")]
|
||||
[RequireFeature(FeatureFlagKeys.VerifiedSsoDomainEndpoint)]
|
||||
public async Task<VerifiedOrganizationDomainSsoDetailsResponseModel> GetVerifiedOrgDomainSsoDetailsAsync(
|
||||
[FromBody] OrganizationDomainSsoDetailsRequestModel model)
|
||||
{
|
||||
|
||||
@ -25,7 +25,7 @@ using Bit.Core.Auth.Services;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Billing.Extensions;
|
||||
using Bit.Core.Billing.Pricing;
|
||||
using Bit.Core.Billing.Services;
|
||||
using Bit.Core.Billing.Providers.Services;
|
||||
using Bit.Core.Context;
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.Exceptions;
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
using Bit.Api.Billing.Models.Requests;
|
||||
using Bit.Core.AdminConsole.Repositories;
|
||||
using Bit.Core.AdminConsole.Services;
|
||||
using Bit.Core.Billing.Services;
|
||||
using Bit.Core.Billing.Providers.Services;
|
||||
using Bit.Core.Context;
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.Models.Business;
|
||||
|
||||
@ -8,6 +8,7 @@ using Bit.Core;
|
||||
using Bit.Core.Billing.Models;
|
||||
using Bit.Core.Billing.Models.Sales;
|
||||
using Bit.Core.Billing.Pricing;
|
||||
using Bit.Core.Billing.Providers.Services;
|
||||
using Bit.Core.Billing.Services;
|
||||
using Bit.Core.Billing.Tax.Models;
|
||||
using Bit.Core.Context;
|
||||
@ -301,8 +302,12 @@ public class OrganizationBillingController(
|
||||
Debug.Assert(org is not null, "This organization has already been found via this same ID, this should be fine.");
|
||||
var paymentSource = new TokenizedPaymentSource(organizationSignup.PaymentMethodType.Value, organizationSignup.PaymentToken);
|
||||
var taxInformation = TaxInformation.From(organizationSignup.TaxInfo);
|
||||
await organizationBillingService.UpdatePaymentMethod(org, paymentSource, taxInformation);
|
||||
await organizationBillingService.Finalize(sale);
|
||||
var updatedOrg = await organizationRepository.GetByIdAsync(organizationId);
|
||||
if (updatedOrg != null)
|
||||
{
|
||||
await organizationBillingService.UpdatePaymentMethod(updatedOrg, paymentSource, taxInformation);
|
||||
}
|
||||
|
||||
return TypedResults.Ok();
|
||||
}
|
||||
|
||||
@ -1,10 +1,12 @@
|
||||
using Bit.Api.Billing.Models.Requests;
|
||||
using Bit.Api.Billing.Models.Responses;
|
||||
using Bit.Commercial.Core.Billing.Providers.Services;
|
||||
using Bit.Core;
|
||||
using Bit.Core.AdminConsole.Repositories;
|
||||
using Bit.Core.Billing.Models;
|
||||
using Bit.Core.Billing.Pricing;
|
||||
using Bit.Core.Billing.Repositories;
|
||||
using Bit.Core.Billing.Providers.Models;
|
||||
using Bit.Core.Billing.Providers.Repositories;
|
||||
using Bit.Core.Billing.Providers.Services;
|
||||
using Bit.Core.Billing.Services;
|
||||
using Bit.Core.Billing.Tax.Models;
|
||||
using Bit.Core.Context;
|
||||
@ -148,13 +150,33 @@ public class ProviderBillingController(
|
||||
|
||||
var providerPlans = await providerPlanRepository.GetByProviderId(provider.Id);
|
||||
|
||||
var getProviderPriceFromStripe = featureService.IsEnabled(FeatureFlagKeys.PM21383_GetProviderPriceFromStripe);
|
||||
|
||||
var configuredProviderPlans = await Task.WhenAll(providerPlans.Select(async providerPlan =>
|
||||
{
|
||||
var plan = await pricingClient.GetPlanOrThrow(providerPlan.PlanType);
|
||||
|
||||
decimal unitAmount;
|
||||
|
||||
if (getProviderPriceFromStripe)
|
||||
{
|
||||
var priceId = ProviderPriceAdapter.GetPriceId(provider, subscription, plan.Type);
|
||||
var price = await stripeAdapter.PriceGetAsync(priceId);
|
||||
|
||||
unitAmount = price.UnitAmountDecimal.HasValue
|
||||
? price.UnitAmountDecimal.Value / 100M
|
||||
: plan.PasswordManager.ProviderPortalSeatPrice;
|
||||
}
|
||||
else
|
||||
{
|
||||
unitAmount = plan.PasswordManager.ProviderPortalSeatPrice;
|
||||
}
|
||||
|
||||
return new ConfiguredProviderPlan(
|
||||
providerPlan.Id,
|
||||
providerPlan.ProviderId,
|
||||
plan,
|
||||
unitAmount,
|
||||
providerPlan.SeatMinimum ?? 0,
|
||||
providerPlan.PurchasedSeats ?? 0,
|
||||
providerPlan.AllocatedSeats ?? 0);
|
||||
|
||||
@ -2,6 +2,7 @@
|
||||
using Bit.Core.AdminConsole.Enums.Provider;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Billing.Models;
|
||||
using Bit.Core.Billing.Providers.Models;
|
||||
using Bit.Core.Billing.Tax.Models;
|
||||
using Stripe;
|
||||
|
||||
@ -35,7 +36,7 @@ public record ProviderSubscriptionResponse(
|
||||
.Select(providerPlan =>
|
||||
{
|
||||
var plan = providerPlan.Plan;
|
||||
var cost = (providerPlan.SeatMinimum + providerPlan.PurchasedSeats) * plan.PasswordManager.ProviderPortalSeatPrice;
|
||||
var cost = (providerPlan.SeatMinimum + providerPlan.PurchasedSeats) * providerPlan.Price;
|
||||
var cadence = plan.IsAnnual ? _annualCadence : _monthlyCadence;
|
||||
return new ProviderPlanResponse(
|
||||
plan.Name,
|
||||
|
||||
@ -12,17 +12,17 @@ namespace Bit.Api.KeyManagement.Validators;
|
||||
/// </summary>
|
||||
public class SendRotationValidator : IRotationValidator<IEnumerable<SendWithIdRequestModel>, IReadOnlyList<Send>>
|
||||
{
|
||||
private readonly ISendService _sendService;
|
||||
private readonly ISendAuthorizationService _sendAuthorizationService;
|
||||
private readonly ISendRepository _sendRepository;
|
||||
|
||||
/// <summary>
|
||||
/// Instantiates a new <see cref="SendRotationValidator"/>
|
||||
/// </summary>
|
||||
/// <param name="sendService">Enables conversion of <see cref="SendWithIdRequestModel"/> to <see cref="Send"/></param>
|
||||
/// <param name="sendAuthorizationService">Enables conversion of <see cref="SendWithIdRequestModel"/> to <see cref="Send"/></param>
|
||||
/// <param name="sendRepository">Retrieves all user <see cref="Send"/>s</param>
|
||||
public SendRotationValidator(ISendService sendService, ISendRepository sendRepository)
|
||||
public SendRotationValidator(ISendAuthorizationService sendAuthorizationService, ISendRepository sendRepository)
|
||||
{
|
||||
_sendService = sendService;
|
||||
_sendAuthorizationService = sendAuthorizationService;
|
||||
_sendRepository = sendRepository;
|
||||
}
|
||||
|
||||
@ -44,7 +44,7 @@ public class SendRotationValidator : IRotationValidator<IEnumerable<SendWithIdRe
|
||||
throw new BadRequestException("All existing sends must be included in the rotation.");
|
||||
}
|
||||
|
||||
result.Add(send.ToSend(existing, _sendService));
|
||||
result.Add(send.ToSend(existing, _sendAuthorizationService));
|
||||
}
|
||||
|
||||
return result;
|
||||
|
||||
@ -35,6 +35,7 @@ using Bit.Core.Services;
|
||||
using Bit.Core.Tools.ImportFeatures;
|
||||
using Bit.Core.Tools.ReportFeatures;
|
||||
using Bit.Core.Auth.Models.Api.Request;
|
||||
using Bit.Core.Tools.SendFeatures;
|
||||
|
||||
#if !OSS
|
||||
using Bit.Commercial.Core.SecretsManager;
|
||||
@ -186,6 +187,7 @@ public class Startup
|
||||
services.AddPhishingDomainServices(globalSettings);
|
||||
|
||||
services.AddBillingQueries();
|
||||
services.AddSendServices();
|
||||
|
||||
// Authorization Handlers
|
||||
services.AddAuthorizationHandlers();
|
||||
|
||||
@ -12,6 +12,8 @@ using Bit.Core.Settings;
|
||||
using Bit.Core.Tools.Enums;
|
||||
using Bit.Core.Tools.Models.Data;
|
||||
using Bit.Core.Tools.Repositories;
|
||||
using Bit.Core.Tools.SendFeatures;
|
||||
using Bit.Core.Tools.SendFeatures.Commands.Interfaces;
|
||||
using Bit.Core.Tools.Services;
|
||||
using Bit.Core.Utilities;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
@ -25,8 +27,10 @@ public class SendsController : Controller
|
||||
{
|
||||
private readonly ISendRepository _sendRepository;
|
||||
private readonly IUserService _userService;
|
||||
private readonly ISendService _sendService;
|
||||
private readonly ISendAuthorizationService _sendAuthorizationService;
|
||||
private readonly ISendFileStorageService _sendFileStorageService;
|
||||
private readonly IAnonymousSendCommand _anonymousSendCommand;
|
||||
private readonly INonAnonymousSendCommand _nonAnonymousSendCommand;
|
||||
private readonly ILogger<SendsController> _logger;
|
||||
private readonly GlobalSettings _globalSettings;
|
||||
private readonly ICurrentContext _currentContext;
|
||||
@ -34,7 +38,9 @@ public class SendsController : Controller
|
||||
public SendsController(
|
||||
ISendRepository sendRepository,
|
||||
IUserService userService,
|
||||
ISendService sendService,
|
||||
ISendAuthorizationService sendAuthorizationService,
|
||||
IAnonymousSendCommand anonymousSendCommand,
|
||||
INonAnonymousSendCommand nonAnonymousSendCommand,
|
||||
ISendFileStorageService sendFileStorageService,
|
||||
ILogger<SendsController> logger,
|
||||
GlobalSettings globalSettings,
|
||||
@ -42,13 +48,16 @@ public class SendsController : Controller
|
||||
{
|
||||
_sendRepository = sendRepository;
|
||||
_userService = userService;
|
||||
_sendService = sendService;
|
||||
_sendAuthorizationService = sendAuthorizationService;
|
||||
_anonymousSendCommand = anonymousSendCommand;
|
||||
_nonAnonymousSendCommand = nonAnonymousSendCommand;
|
||||
_sendFileStorageService = sendFileStorageService;
|
||||
_logger = logger;
|
||||
_globalSettings = globalSettings;
|
||||
_currentContext = currentContext;
|
||||
}
|
||||
|
||||
#region Anonymous endpoints
|
||||
[AllowAnonymous]
|
||||
[HttpPost("access/{id}")]
|
||||
public async Task<IActionResult> Access(string id, [FromBody] SendAccessRequestModel model)
|
||||
@ -61,18 +70,19 @@ public class SendsController : Controller
|
||||
//}
|
||||
|
||||
var guid = new Guid(CoreHelpers.Base64UrlDecode(id));
|
||||
var (send, passwordRequired, passwordInvalid) =
|
||||
await _sendService.AccessAsync(guid, model.Password);
|
||||
if (passwordRequired)
|
||||
var send = await _sendRepository.GetByIdAsync(guid);
|
||||
SendAccessResult sendAuthResult =
|
||||
await _sendAuthorizationService.AccessAsync(send, model.Password);
|
||||
if (sendAuthResult.Equals(SendAccessResult.PasswordRequired))
|
||||
{
|
||||
return new UnauthorizedResult();
|
||||
}
|
||||
if (passwordInvalid)
|
||||
if (sendAuthResult.Equals(SendAccessResult.PasswordInvalid))
|
||||
{
|
||||
await Task.Delay(2000);
|
||||
throw new BadRequestException("Invalid password.");
|
||||
}
|
||||
if (send == null)
|
||||
if (sendAuthResult.Equals(SendAccessResult.Denied))
|
||||
{
|
||||
throw new NotFoundException();
|
||||
}
|
||||
@ -106,19 +116,19 @@ public class SendsController : Controller
|
||||
throw new BadRequestException("Could not locate send");
|
||||
}
|
||||
|
||||
var (url, passwordRequired, passwordInvalid) = await _sendService.GetSendFileDownloadUrlAsync(send, fileId,
|
||||
var (url, result) = await _anonymousSendCommand.GetSendFileDownloadUrlAsync(send, fileId,
|
||||
model.Password);
|
||||
|
||||
if (passwordRequired)
|
||||
if (result.Equals(SendAccessResult.PasswordRequired))
|
||||
{
|
||||
return new UnauthorizedResult();
|
||||
}
|
||||
if (passwordInvalid)
|
||||
if (result.Equals(SendAccessResult.PasswordInvalid))
|
||||
{
|
||||
await Task.Delay(2000);
|
||||
throw new BadRequestException("Invalid password.");
|
||||
}
|
||||
if (send == null)
|
||||
if (result.Equals(SendAccessResult.Denied))
|
||||
{
|
||||
throw new NotFoundException();
|
||||
}
|
||||
@ -130,6 +140,45 @@ public class SendsController : Controller
|
||||
});
|
||||
}
|
||||
|
||||
[AllowAnonymous]
|
||||
[HttpPost("file/validate/azure")]
|
||||
public async Task<ObjectResult> AzureValidateFile()
|
||||
{
|
||||
return await ApiHelpers.HandleAzureEvents(Request, new Dictionary<string, Func<EventGridEvent, Task>>
|
||||
{
|
||||
{
|
||||
"Microsoft.Storage.BlobCreated", async (eventGridEvent) =>
|
||||
{
|
||||
try
|
||||
{
|
||||
var blobName = eventGridEvent.Subject.Split($"{AzureSendFileStorageService.FilesContainerName}/blobs/")[1];
|
||||
var sendId = AzureSendFileStorageService.SendIdFromBlobName(blobName);
|
||||
var send = await _sendRepository.GetByIdAsync(new Guid(sendId));
|
||||
if (send == null)
|
||||
{
|
||||
if (_sendFileStorageService is AzureSendFileStorageService azureSendFileStorageService)
|
||||
{
|
||||
await azureSendFileStorageService.DeleteBlobAsync(blobName);
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
await _nonAnonymousSendCommand.ConfirmFileSize(send);
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
_logger.LogError(e, $"Uncaught exception occurred while handling event grid event: {JsonSerializer.Serialize(eventGridEvent)}");
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
#endregion
|
||||
|
||||
#region Non-anonymous endpoints
|
||||
|
||||
[HttpGet("{id}")]
|
||||
public async Task<SendResponseModel> Get(string id)
|
||||
{
|
||||
@ -157,8 +206,8 @@ public class SendsController : Controller
|
||||
{
|
||||
model.ValidateCreation();
|
||||
var userId = _userService.GetProperUserId(User).Value;
|
||||
var send = model.ToSend(userId, _sendService);
|
||||
await _sendService.SaveSendAsync(send);
|
||||
var send = model.ToSend(userId, _sendAuthorizationService);
|
||||
await _nonAnonymousSendCommand.SaveSendAsync(send);
|
||||
return new SendResponseModel(send, _globalSettings);
|
||||
}
|
||||
|
||||
@ -175,15 +224,15 @@ public class SendsController : Controller
|
||||
throw new BadRequestException("Invalid content. File size hint is required.");
|
||||
}
|
||||
|
||||
if (model.FileLength.Value > SendService.MAX_FILE_SIZE)
|
||||
if (model.FileLength.Value > Constants.FileSize501mb)
|
||||
{
|
||||
throw new BadRequestException($"Max file size is {SendService.MAX_FILE_SIZE_READABLE}.");
|
||||
throw new BadRequestException($"Max file size is {SendFileSettingHelper.MAX_FILE_SIZE_READABLE}.");
|
||||
}
|
||||
|
||||
model.ValidateCreation();
|
||||
var userId = _userService.GetProperUserId(User).Value;
|
||||
var (send, data) = model.ToSend(userId, model.File.FileName, _sendService);
|
||||
var uploadUrl = await _sendService.SaveFileSendAsync(send, data, model.FileLength.Value);
|
||||
var (send, data) = model.ToSend(userId, model.File.FileName, _sendAuthorizationService);
|
||||
var uploadUrl = await _nonAnonymousSendCommand.SaveFileSendAsync(send, data, model.FileLength.Value);
|
||||
return new SendFileUploadDataResponseModel
|
||||
{
|
||||
Url = uploadUrl,
|
||||
@ -230,41 +279,7 @@ public class SendsController : Controller
|
||||
var send = await _sendRepository.GetByIdAsync(new Guid(id));
|
||||
await Request.GetFileAsync(async (stream) =>
|
||||
{
|
||||
await _sendService.UploadFileToExistingSendAsync(stream, send);
|
||||
});
|
||||
}
|
||||
|
||||
[AllowAnonymous]
|
||||
[HttpPost("file/validate/azure")]
|
||||
public async Task<ObjectResult> AzureValidateFile()
|
||||
{
|
||||
return await ApiHelpers.HandleAzureEvents(Request, new Dictionary<string, Func<EventGridEvent, Task>>
|
||||
{
|
||||
{
|
||||
"Microsoft.Storage.BlobCreated", async (eventGridEvent) =>
|
||||
{
|
||||
try
|
||||
{
|
||||
var blobName = eventGridEvent.Subject.Split($"{AzureSendFileStorageService.FilesContainerName}/blobs/")[1];
|
||||
var sendId = AzureSendFileStorageService.SendIdFromBlobName(blobName);
|
||||
var send = await _sendRepository.GetByIdAsync(new Guid(sendId));
|
||||
if (send == null)
|
||||
{
|
||||
if (_sendFileStorageService is AzureSendFileStorageService azureSendFileStorageService)
|
||||
{
|
||||
await azureSendFileStorageService.DeleteBlobAsync(blobName);
|
||||
}
|
||||
return;
|
||||
}
|
||||
await _sendService.ValidateSendFile(send);
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
_logger.LogError(e, $"Uncaught exception occurred while handling event grid event: {JsonSerializer.Serialize(eventGridEvent)}");
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
await _nonAnonymousSendCommand.UploadFileToExistingSendAsync(stream, send);
|
||||
});
|
||||
}
|
||||
|
||||
@ -279,7 +294,7 @@ public class SendsController : Controller
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
||||
await _sendService.SaveSendAsync(model.ToSend(send, _sendService));
|
||||
await _nonAnonymousSendCommand.SaveSendAsync(model.ToSend(send, _sendAuthorizationService));
|
||||
return new SendResponseModel(send, _globalSettings);
|
||||
}
|
||||
|
||||
@ -294,7 +309,7 @@ public class SendsController : Controller
|
||||
}
|
||||
|
||||
send.Password = null;
|
||||
await _sendService.SaveSendAsync(send);
|
||||
await _nonAnonymousSendCommand.SaveSendAsync(send);
|
||||
return new SendResponseModel(send, _globalSettings);
|
||||
}
|
||||
|
||||
@ -308,6 +323,8 @@ public class SendsController : Controller
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
||||
await _sendService.DeleteSendAsync(send);
|
||||
await _nonAnonymousSendCommand.DeleteSendAsync(send);
|
||||
}
|
||||
|
||||
#endregion
|
||||
}
|
||||
|
||||
@ -36,31 +36,31 @@ public class SendRequestModel
|
||||
public bool? Disabled { get; set; }
|
||||
public bool? HideEmail { get; set; }
|
||||
|
||||
public Send ToSend(Guid userId, ISendService sendService)
|
||||
public Send ToSend(Guid userId, ISendAuthorizationService sendAuthorizationService)
|
||||
{
|
||||
var send = new Send
|
||||
{
|
||||
Type = Type,
|
||||
UserId = (Guid?)userId
|
||||
};
|
||||
ToSend(send, sendService);
|
||||
ToSend(send, sendAuthorizationService);
|
||||
return send;
|
||||
}
|
||||
|
||||
public (Send, SendFileData) ToSend(Guid userId, string fileName, ISendService sendService)
|
||||
public (Send, SendFileData) ToSend(Guid userId, string fileName, ISendAuthorizationService sendAuthorizationService)
|
||||
{
|
||||
var send = ToSendBase(new Send
|
||||
{
|
||||
Type = Type,
|
||||
UserId = (Guid?)userId
|
||||
}, sendService);
|
||||
}, sendAuthorizationService);
|
||||
var data = new SendFileData(Name, Notes, fileName);
|
||||
return (send, data);
|
||||
}
|
||||
|
||||
public Send ToSend(Send existingSend, ISendService sendService)
|
||||
public Send ToSend(Send existingSend, ISendAuthorizationService sendAuthorizationService)
|
||||
{
|
||||
existingSend = ToSendBase(existingSend, sendService);
|
||||
existingSend = ToSendBase(existingSend, sendAuthorizationService);
|
||||
switch (existingSend.Type)
|
||||
{
|
||||
case SendType.File:
|
||||
@ -125,7 +125,7 @@ public class SendRequestModel
|
||||
}
|
||||
}
|
||||
|
||||
private Send ToSendBase(Send existingSend, ISendService sendService)
|
||||
private Send ToSendBase(Send existingSend, ISendAuthorizationService authorizationService)
|
||||
{
|
||||
existingSend.Key = Key;
|
||||
existingSend.ExpirationDate = ExpirationDate;
|
||||
@ -133,7 +133,7 @@ public class SendRequestModel
|
||||
existingSend.MaxAccessCount = MaxAccessCount;
|
||||
if (!string.IsNullOrWhiteSpace(Password))
|
||||
{
|
||||
existingSend.Password = sendService.HashPassword(Password);
|
||||
existingSend.Password = authorizationService.HashPassword(Password);
|
||||
}
|
||||
existingSend.Disabled = Disabled.GetValueOrDefault();
|
||||
existingSend.HideEmail = HideEmail.GetValueOrDefault();
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
using Bit.Billing.Constants;
|
||||
using Bit.Core.AdminConsole.Repositories;
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Pricing;
|
||||
using Bit.Core.Billing.Repositories;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Billing.Providers.Repositories;
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.Repositories;
|
||||
using Stripe;
|
||||
|
||||
@ -0,0 +1,187 @@
|
||||
using Bit.Core.AdminConsole.Entities;
|
||||
using Bit.Core.Billing.Pricing;
|
||||
using Bit.Core.Context;
|
||||
using Bit.Core.Entities;
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.Exceptions;
|
||||
using Bit.Core.Models.Business;
|
||||
using Bit.Core.Models.StaticStore;
|
||||
using Bit.Core.Repositories;
|
||||
using Bit.Core.Services;
|
||||
using Bit.Core.Tools.Enums;
|
||||
using Bit.Core.Tools.Models.Business;
|
||||
using Bit.Core.Tools.Services;
|
||||
using Bit.Core.Utilities;
|
||||
|
||||
namespace Bit.Core.AdminConsole.OrganizationFeatures.Organizations;
|
||||
|
||||
public record ProviderClientOrganizationSignUpResponse(
|
||||
Organization Organization,
|
||||
Collection DefaultCollection);
|
||||
|
||||
public interface IProviderClientOrganizationSignUpCommand
|
||||
{
|
||||
/// <summary>
|
||||
/// Sign up a new client organization for a provider.
|
||||
/// </summary>
|
||||
/// <param name="signup">The signup information.</param>
|
||||
/// <returns>A tuple containing the new organization and its default collection.</returns>
|
||||
Task<ProviderClientOrganizationSignUpResponse> SignUpClientOrganizationAsync(OrganizationSignup signup);
|
||||
}
|
||||
|
||||
public class ProviderClientOrganizationSignUpCommand : IProviderClientOrganizationSignUpCommand
|
||||
{
|
||||
public const string PlanNullErrorMessage = "Password Manager Plan was null.";
|
||||
public const string PlanDisabledErrorMessage = "Password Manager Plan is disabled.";
|
||||
public const string AdditionalSeatsNegativeErrorMessage = "You can't subtract Password Manager seats!";
|
||||
|
||||
private readonly ICurrentContext _currentContext;
|
||||
private readonly IPricingClient _pricingClient;
|
||||
private readonly IReferenceEventService _referenceEventService;
|
||||
private readonly IOrganizationRepository _organizationRepository;
|
||||
private readonly IOrganizationApiKeyRepository _organizationApiKeyRepository;
|
||||
private readonly IApplicationCacheService _applicationCacheService;
|
||||
private readonly ICollectionRepository _collectionRepository;
|
||||
|
||||
public ProviderClientOrganizationSignUpCommand(
|
||||
ICurrentContext currentContext,
|
||||
IPricingClient pricingClient,
|
||||
IReferenceEventService referenceEventService,
|
||||
IOrganizationRepository organizationRepository,
|
||||
IOrganizationApiKeyRepository organizationApiKeyRepository,
|
||||
IApplicationCacheService applicationCacheService,
|
||||
ICollectionRepository collectionRepository)
|
||||
{
|
||||
_currentContext = currentContext;
|
||||
_pricingClient = pricingClient;
|
||||
_referenceEventService = referenceEventService;
|
||||
_organizationRepository = organizationRepository;
|
||||
_organizationApiKeyRepository = organizationApiKeyRepository;
|
||||
_applicationCacheService = applicationCacheService;
|
||||
_collectionRepository = collectionRepository;
|
||||
}
|
||||
|
||||
public async Task<ProviderClientOrganizationSignUpResponse> SignUpClientOrganizationAsync(OrganizationSignup signup)
|
||||
{
|
||||
var plan = await _pricingClient.GetPlanOrThrow(signup.Plan);
|
||||
|
||||
ValidatePlan(plan, signup.AdditionalSeats);
|
||||
|
||||
var organization = new Organization
|
||||
{
|
||||
// Pre-generate the org id so that we can save it with the Stripe subscription.
|
||||
Id = CoreHelpers.GenerateComb(),
|
||||
Name = signup.Name,
|
||||
BillingEmail = signup.BillingEmail,
|
||||
PlanType = plan!.Type,
|
||||
Seats = signup.AdditionalSeats,
|
||||
MaxCollections = plan.PasswordManager.MaxCollections,
|
||||
MaxStorageGb = 1,
|
||||
UsePolicies = plan.HasPolicies,
|
||||
UseSso = plan.HasSso,
|
||||
UseOrganizationDomains = plan.HasOrganizationDomains,
|
||||
UseGroups = plan.HasGroups,
|
||||
UseEvents = plan.HasEvents,
|
||||
UseDirectory = plan.HasDirectory,
|
||||
UseTotp = plan.HasTotp,
|
||||
Use2fa = plan.Has2fa,
|
||||
UseApi = plan.HasApi,
|
||||
UseResetPassword = plan.HasResetPassword,
|
||||
SelfHost = plan.HasSelfHost,
|
||||
UsersGetPremium = plan.UsersGetPremium,
|
||||
UseCustomPermissions = plan.HasCustomPermissions,
|
||||
UseScim = plan.HasScim,
|
||||
Plan = plan.Name,
|
||||
Gateway = GatewayType.Stripe,
|
||||
ReferenceData = signup.Owner.ReferenceData,
|
||||
Enabled = true,
|
||||
LicenseKey = CoreHelpers.SecureRandomString(20),
|
||||
PublicKey = signup.PublicKey,
|
||||
PrivateKey = signup.PrivateKey,
|
||||
CreationDate = DateTime.UtcNow,
|
||||
RevisionDate = DateTime.UtcNow,
|
||||
Status = OrganizationStatusType.Created,
|
||||
UsePasswordManager = true,
|
||||
// Secrets Manager not available for purchase with Consolidated Billing.
|
||||
UseSecretsManager = false,
|
||||
};
|
||||
|
||||
var returnValue = await SignUpAsync(organization, signup.CollectionName);
|
||||
|
||||
await _referenceEventService.RaiseEventAsync(
|
||||
new ReferenceEvent(ReferenceEventType.Signup, organization, _currentContext)
|
||||
{
|
||||
PlanName = plan.Name,
|
||||
PlanType = plan.Type,
|
||||
Seats = returnValue.Organization.Seats,
|
||||
SignupInitiationPath = signup.InitiationPath,
|
||||
Storage = returnValue.Organization.MaxStorageGb,
|
||||
});
|
||||
|
||||
return returnValue;
|
||||
}
|
||||
|
||||
private static void ValidatePlan(Plan plan, int additionalSeats)
|
||||
{
|
||||
if (plan is null)
|
||||
{
|
||||
throw new BadRequestException(PlanNullErrorMessage);
|
||||
}
|
||||
|
||||
if (plan.Disabled)
|
||||
{
|
||||
throw new BadRequestException(PlanDisabledErrorMessage);
|
||||
}
|
||||
|
||||
if (additionalSeats < 0)
|
||||
{
|
||||
throw new BadRequestException(AdditionalSeatsNegativeErrorMessage);
|
||||
}
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Private helper method to create a new organization.
|
||||
/// </summary>
|
||||
private async Task<ProviderClientOrganizationSignUpResponse> SignUpAsync(
|
||||
Organization organization, string collectionName)
|
||||
{
|
||||
try
|
||||
{
|
||||
await _organizationRepository.CreateAsync(organization);
|
||||
await _organizationApiKeyRepository.CreateAsync(new OrganizationApiKey
|
||||
{
|
||||
OrganizationId = organization.Id,
|
||||
ApiKey = CoreHelpers.SecureRandomString(30),
|
||||
Type = OrganizationApiKeyType.Default,
|
||||
RevisionDate = DateTime.UtcNow,
|
||||
});
|
||||
await _applicationCacheService.UpsertOrganizationAbilityAsync(organization);
|
||||
|
||||
Collection defaultCollection = null;
|
||||
if (!string.IsNullOrWhiteSpace(collectionName))
|
||||
{
|
||||
defaultCollection = new Collection
|
||||
{
|
||||
Name = collectionName,
|
||||
OrganizationId = organization.Id,
|
||||
CreationDate = organization.CreationDate,
|
||||
RevisionDate = organization.CreationDate
|
||||
};
|
||||
|
||||
await _collectionRepository.CreateAsync(defaultCollection, null, null);
|
||||
}
|
||||
|
||||
return new ProviderClientOrganizationSignUpResponse(organization, defaultCollection);
|
||||
}
|
||||
catch
|
||||
{
|
||||
if (organization.Id != default)
|
||||
{
|
||||
await _organizationRepository.DeleteAsync(organization);
|
||||
await _applicationCacheService.DeleteOrganizationAbilityAsync(organization.Id);
|
||||
}
|
||||
|
||||
throw;
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -18,9 +18,6 @@ public interface IOrganizationService
|
||||
Task AutoAddSeatsAsync(Organization organization, int seatsToAdd);
|
||||
Task<string> AdjustSeatsAsync(Guid organizationId, int seatAdjustment);
|
||||
Task VerifyBankAsync(Guid organizationId, int amount1, int amount2);
|
||||
#nullable enable
|
||||
Task<(Organization organization, OrganizationUser organizationUser, Collection defaultCollection)> SignupClientAsync(OrganizationSignup signup);
|
||||
#nullable disable
|
||||
/// <summary>
|
||||
/// Create a new organization on a self-hosted instance
|
||||
/// </summary>
|
||||
|
||||
@ -410,66 +410,6 @@ public class OrganizationService : IOrganizationService
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<(Organization organization, OrganizationUser organizationUser, Collection defaultCollection)> SignupClientAsync(OrganizationSignup signup)
|
||||
{
|
||||
var plan = await _pricingClient.GetPlanOrThrow(signup.Plan);
|
||||
|
||||
ValidatePlan(plan, signup.AdditionalSeats, "Password Manager");
|
||||
|
||||
var organization = new Organization
|
||||
{
|
||||
// Pre-generate the org id so that we can save it with the Stripe subscription.
|
||||
Id = CoreHelpers.GenerateComb(),
|
||||
Name = signup.Name,
|
||||
BillingEmail = signup.BillingEmail,
|
||||
PlanType = plan!.Type,
|
||||
Seats = signup.AdditionalSeats,
|
||||
MaxCollections = plan.PasswordManager.MaxCollections,
|
||||
MaxStorageGb = 1,
|
||||
UsePolicies = plan.HasPolicies,
|
||||
UseSso = plan.HasSso,
|
||||
UseOrganizationDomains = plan.HasOrganizationDomains,
|
||||
UseGroups = plan.HasGroups,
|
||||
UseEvents = plan.HasEvents,
|
||||
UseDirectory = plan.HasDirectory,
|
||||
UseTotp = plan.HasTotp,
|
||||
Use2fa = plan.Has2fa,
|
||||
UseApi = plan.HasApi,
|
||||
UseResetPassword = plan.HasResetPassword,
|
||||
SelfHost = plan.HasSelfHost,
|
||||
UsersGetPremium = plan.UsersGetPremium,
|
||||
UseCustomPermissions = plan.HasCustomPermissions,
|
||||
UseScim = plan.HasScim,
|
||||
Plan = plan.Name,
|
||||
Gateway = GatewayType.Stripe,
|
||||
ReferenceData = signup.Owner.ReferenceData,
|
||||
Enabled = true,
|
||||
LicenseKey = CoreHelpers.SecureRandomString(20),
|
||||
PublicKey = signup.PublicKey,
|
||||
PrivateKey = signup.PrivateKey,
|
||||
CreationDate = DateTime.UtcNow,
|
||||
RevisionDate = DateTime.UtcNow,
|
||||
Status = OrganizationStatusType.Created,
|
||||
UsePasswordManager = true,
|
||||
// Secrets Manager not available for purchase with Consolidated Billing.
|
||||
UseSecretsManager = false,
|
||||
};
|
||||
|
||||
var returnValue = await SignUpAsync(organization, default, signup.OwnerKey, signup.CollectionName, false);
|
||||
|
||||
await _referenceEventService.RaiseEventAsync(
|
||||
new ReferenceEvent(ReferenceEventType.Signup, organization, _currentContext)
|
||||
{
|
||||
PlanName = plan.Name,
|
||||
PlanType = plan.Type,
|
||||
Seats = returnValue.Item1.Seats,
|
||||
SignupInitiationPath = signup.InitiationPath,
|
||||
Storage = returnValue.Item1.MaxStorageGb,
|
||||
});
|
||||
|
||||
return returnValue;
|
||||
}
|
||||
|
||||
private async Task ValidateSignUpPoliciesAsync(Guid ownerId)
|
||||
{
|
||||
var anySingleOrgPolicies = await _policyService.AnyPoliciesApplicableToUserAsync(ownerId, PolicyType.SingleOrg);
|
||||
|
||||
@ -1,12 +1,12 @@
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
#nullable enable
|
||||
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Entities;
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.Utilities;
|
||||
|
||||
#nullable enable
|
||||
|
||||
namespace Bit.Core.Billing.Entities;
|
||||
namespace Bit.Core.Billing.Providers.Entities;
|
||||
|
||||
public class ClientOrganizationMigrationRecord : ITableObject<Guid>
|
||||
{
|
||||
@ -1,10 +1,10 @@
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
#nullable enable
|
||||
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
using Bit.Core.Entities;
|
||||
using Bit.Core.Utilities;
|
||||
|
||||
#nullable enable
|
||||
|
||||
namespace Bit.Core.Billing.Entities;
|
||||
namespace Bit.Core.Billing.Providers.Entities;
|
||||
|
||||
public class ProviderInvoiceItem : ITableObject<Guid>
|
||||
{
|
||||
@ -1,10 +1,10 @@
|
||||
using Bit.Core.Billing.Enums;
|
||||
#nullable enable
|
||||
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Entities;
|
||||
using Bit.Core.Utilities;
|
||||
|
||||
#nullable enable
|
||||
|
||||
namespace Bit.Core.Billing.Entities;
|
||||
namespace Bit.Core.Billing.Providers.Entities;
|
||||
|
||||
public class ProviderPlan : ITableObject<Guid>
|
||||
{
|
||||
@ -1,4 +1,4 @@
|
||||
namespace Bit.Core.Billing.Migration.Models;
|
||||
namespace Bit.Core.Billing.Providers.Migration.Models;
|
||||
|
||||
public enum ClientMigrationProgress
|
||||
{
|
||||
@ -1,6 +1,6 @@
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
|
||||
namespace Bit.Core.Billing.Migration.Models;
|
||||
namespace Bit.Core.Billing.Providers.Migration.Models;
|
||||
|
||||
public class ProviderMigrationResult
|
||||
{
|
||||
@ -1,4 +1,4 @@
|
||||
namespace Bit.Core.Billing.Migration.Models;
|
||||
namespace Bit.Core.Billing.Providers.Migration.Models;
|
||||
|
||||
public enum ProviderMigrationProgress
|
||||
{
|
||||
@ -1,8 +1,8 @@
|
||||
using Bit.Core.Billing.Migration.Services;
|
||||
using Bit.Core.Billing.Migration.Services.Implementations;
|
||||
using Bit.Core.Billing.Providers.Migration.Services;
|
||||
using Bit.Core.Billing.Providers.Migration.Services.Implementations;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
|
||||
namespace Bit.Core.Billing.Migration;
|
||||
namespace Bit.Core.Billing.Providers.Migration;
|
||||
|
||||
public static class ServiceCollectionExtensions
|
||||
{
|
||||
@ -1,8 +1,8 @@
|
||||
using Bit.Core.AdminConsole.Entities;
|
||||
using Bit.Core.AdminConsole.Entities.Provider;
|
||||
using Bit.Core.Billing.Migration.Models;
|
||||
using Bit.Core.Billing.Providers.Migration.Models;
|
||||
|
||||
namespace Bit.Core.Billing.Migration.Services;
|
||||
namespace Bit.Core.Billing.Providers.Migration.Services;
|
||||
|
||||
public interface IMigrationTrackerCache
|
||||
{
|
||||
@ -1,6 +1,6 @@
|
||||
using Bit.Core.AdminConsole.Entities;
|
||||
|
||||
namespace Bit.Core.Billing.Migration.Services;
|
||||
namespace Bit.Core.Billing.Providers.Migration.Services;
|
||||
|
||||
public interface IOrganizationMigrator
|
||||
{
|
||||
@ -1,6 +1,6 @@
|
||||
using Bit.Core.Billing.Migration.Models;
|
||||
using Bit.Core.Billing.Providers.Migration.Models;
|
||||
|
||||
namespace Bit.Core.Billing.Migration.Services;
|
||||
namespace Bit.Core.Billing.Providers.Migration.Services;
|
||||
|
||||
public interface IProviderMigrator
|
||||
{
|
||||
@ -1,11 +1,11 @@
|
||||
using System.Text.Json;
|
||||
using Bit.Core.AdminConsole.Entities;
|
||||
using Bit.Core.AdminConsole.Entities.Provider;
|
||||
using Bit.Core.Billing.Migration.Models;
|
||||
using Bit.Core.Billing.Providers.Migration.Models;
|
||||
using Microsoft.Extensions.Caching.Distributed;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
|
||||
namespace Bit.Core.Billing.Migration.Services.Implementations;
|
||||
namespace Bit.Core.Billing.Providers.Migration.Services.Implementations;
|
||||
|
||||
public class MigrationTrackerDistributedCache(
|
||||
[FromKeyedServices("persistent")]
|
||||
@ -1,10 +1,10 @@
|
||||
using Bit.Core.AdminConsole.Entities;
|
||||
using Bit.Core.Billing.Constants;
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Billing.Migration.Models;
|
||||
using Bit.Core.Billing.Pricing;
|
||||
using Bit.Core.Billing.Repositories;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Billing.Providers.Migration.Models;
|
||||
using Bit.Core.Billing.Providers.Repositories;
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.Repositories;
|
||||
using Bit.Core.Services;
|
||||
@ -12,7 +12,7 @@ using Microsoft.Extensions.Logging;
|
||||
using Stripe;
|
||||
using Plan = Bit.Core.Models.StaticStore.Plan;
|
||||
|
||||
namespace Bit.Core.Billing.Migration.Services.Implementations;
|
||||
namespace Bit.Core.Billing.Providers.Migration.Services.Implementations;
|
||||
|
||||
public class OrganizationMigrator(
|
||||
IClientOrganizationMigrationRecordRepository clientOrganizationMigrationRecordRepository,
|
||||
@ -3,18 +3,18 @@ using Bit.Core.AdminConsole.Entities.Provider;
|
||||
using Bit.Core.AdminConsole.Enums.Provider;
|
||||
using Bit.Core.AdminConsole.Repositories;
|
||||
using Bit.Core.Billing.Constants;
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Billing.Migration.Models;
|
||||
using Bit.Core.Billing.Repositories;
|
||||
using Bit.Core.Billing.Services;
|
||||
using Bit.Core.Billing.Services.Contracts;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Billing.Providers.Migration.Models;
|
||||
using Bit.Core.Billing.Providers.Models;
|
||||
using Bit.Core.Billing.Providers.Repositories;
|
||||
using Bit.Core.Billing.Providers.Services;
|
||||
using Bit.Core.Repositories;
|
||||
using Bit.Core.Services;
|
||||
using Microsoft.Extensions.Logging;
|
||||
using Stripe;
|
||||
|
||||
namespace Bit.Core.Billing.Migration.Services.Implementations;
|
||||
namespace Bit.Core.Billing.Providers.Migration.Services.Implementations;
|
||||
|
||||
public class ProviderMigrator(
|
||||
IClientOrganizationMigrationRecordRepository clientOrganizationMigrationRecordRepository,
|
||||
@ -1,4 +1,4 @@
|
||||
namespace Bit.Core.Billing.Models;
|
||||
namespace Bit.Core.Billing.Providers.Models;
|
||||
|
||||
public record AddableOrganization(
|
||||
Guid Id,
|
||||
@ -1,7 +1,7 @@
|
||||
using Bit.Core.AdminConsole.Entities.Provider;
|
||||
using Bit.Core.Billing.Enums;
|
||||
|
||||
namespace Bit.Core.Billing.Services.Contracts;
|
||||
namespace Bit.Core.Billing.Providers.Models;
|
||||
|
||||
public record ChangeProviderPlanCommand(
|
||||
Provider Provider,
|
||||
@ -1,11 +1,12 @@
|
||||
using Bit.Core.Models.StaticStore;
|
||||
|
||||
namespace Bit.Core.Billing.Models;
|
||||
namespace Bit.Core.Billing.Providers.Models;
|
||||
|
||||
public record ConfiguredProviderPlan(
|
||||
Guid Id,
|
||||
Guid ProviderId,
|
||||
Plan Plan,
|
||||
decimal Price,
|
||||
int SeatMinimum,
|
||||
int PurchasedSeats,
|
||||
int AssignedSeats);
|
||||
@ -1,7 +1,7 @@
|
||||
using Bit.Core.AdminConsole.Entities.Provider;
|
||||
using Bit.Core.Billing.Enums;
|
||||
|
||||
namespace Bit.Core.Billing.Services.Contracts;
|
||||
namespace Bit.Core.Billing.Providers.Models;
|
||||
|
||||
/// <param name="Provider">The provider to update the seat minimums for.</param>
|
||||
/// <param name="Configuration">The new seat minimums for the provider.</param>
|
||||
@ -1,7 +1,7 @@
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Repositories;
|
||||
|
||||
namespace Bit.Core.Billing.Repositories;
|
||||
namespace Bit.Core.Billing.Providers.Repositories;
|
||||
|
||||
public interface IClientOrganizationMigrationRecordRepository : IRepository<ClientOrganizationMigrationRecord, Guid>
|
||||
{
|
||||
@ -1,7 +1,7 @@
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Repositories;
|
||||
|
||||
namespace Bit.Core.Billing.Repositories;
|
||||
namespace Bit.Core.Billing.Providers.Repositories;
|
||||
|
||||
public interface IProviderInvoiceItemRepository : IRepository<ProviderInvoiceItem, Guid>
|
||||
{
|
||||
@ -1,7 +1,7 @@
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Repositories;
|
||||
|
||||
namespace Bit.Core.Billing.Repositories;
|
||||
namespace Bit.Core.Billing.Providers.Repositories;
|
||||
|
||||
public interface IProviderPlanRepository : IRepository<ProviderPlan, Guid>
|
||||
{
|
||||
@ -3,7 +3,7 @@ using Bit.Core.AdminConsole.Entities.Provider;
|
||||
using Bit.Core.AdminConsole.Enums.Provider;
|
||||
using OneOf;
|
||||
|
||||
namespace Bit.Core.Billing.Services;
|
||||
namespace Bit.Core.Billing.Providers.Services;
|
||||
|
||||
public interface IBusinessUnitConverter
|
||||
{
|
||||
@ -1,14 +1,14 @@
|
||||
using Bit.Core.AdminConsole.Entities;
|
||||
using Bit.Core.AdminConsole.Entities.Provider;
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Billing.Models;
|
||||
using Bit.Core.Billing.Services.Contracts;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Billing.Providers.Models;
|
||||
using Bit.Core.Billing.Tax.Models;
|
||||
using Bit.Core.Models.Business;
|
||||
using Stripe;
|
||||
|
||||
namespace Bit.Core.Billing.Services;
|
||||
namespace Bit.Core.Billing.Providers.Services;
|
||||
|
||||
public interface IProviderBillingService
|
||||
{
|
||||
@ -2,7 +2,7 @@
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Entities;
|
||||
|
||||
namespace Bit.Core.Billing.Services.Contracts;
|
||||
namespace Bit.Core.Billing.Tax.Models;
|
||||
|
||||
public class AutomaticTaxFactoryParameters
|
||||
{
|
||||
@ -1,4 +1,4 @@
|
||||
using Bit.Core.Billing.Services.Contracts;
|
||||
using Bit.Core.Billing.Tax.Models;
|
||||
|
||||
namespace Bit.Core.Billing.Tax.Services;
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
#nullable enable
|
||||
using Bit.Core.Billing.Enums;
|
||||
using Bit.Core.Billing.Pricing;
|
||||
using Bit.Core.Billing.Services.Contracts;
|
||||
using Bit.Core.Billing.Tax.Models;
|
||||
using Bit.Core.Entities;
|
||||
using Bit.Core.Services;
|
||||
|
||||
|
||||
@ -150,6 +150,7 @@ public static class FeatureFlagKeys
|
||||
public const string UseOrganizationWarningsService = "use-organization-warnings-service";
|
||||
public const string PM20322_AllowTrialLength0 = "pm-20322-allow-trial-length-0";
|
||||
public const string PM21092_SetNonUSBusinessUseToReverseCharge = "pm-21092-set-non-us-business-use-to-reverse-charge";
|
||||
public const string PM21383_GetProviderPriceFromStripe = "pm-21383-get-provider-price-from-stripe";
|
||||
|
||||
/* Data Insights and Reporting Team */
|
||||
public const string RiskInsightsCriticalApplication = "pm-14466-risk-insights-critical-application";
|
||||
|
||||
@ -69,8 +69,11 @@ public static class OrganizationServiceCollectionExtensions
|
||||
services.AddBaseOrganizationSubscriptionCommandsQueries();
|
||||
}
|
||||
|
||||
private static IServiceCollection AddOrganizationSignUpCommands(this IServiceCollection services) =>
|
||||
private static void AddOrganizationSignUpCommands(this IServiceCollection services)
|
||||
{
|
||||
services.AddScoped<ICloudOrganizationSignUpCommand, CloudOrganizationSignUpCommand>();
|
||||
services.AddScoped<IProviderClientOrganizationSignUpCommand, ProviderClientOrganizationSignUpCommand>();
|
||||
}
|
||||
|
||||
private static void AddOrganizationDeleteCommands(this IServiceCollection services)
|
||||
{
|
||||
|
||||
@ -57,4 +57,5 @@ public interface IStripeAdapter
|
||||
Task<SetupIntent> SetupIntentGet(string id, SetupIntentGetOptions options = null);
|
||||
Task SetupIntentVerifyMicroDeposit(string id, SetupIntentVerifyMicrodepositsOptions options);
|
||||
Task<List<Stripe.TestHelpers.TestClock>> TestClockListAsync();
|
||||
Task<Price> PriceGetAsync(string id, PriceGetOptions options = null);
|
||||
}
|
||||
|
||||
@ -283,4 +283,7 @@ public class StripeAdapter : IStripeAdapter
|
||||
}
|
||||
return items;
|
||||
}
|
||||
|
||||
public Task<Price> PriceGetAsync(string id, PriceGetOptions options = null)
|
||||
=> _priceService.GetAsync(id, options);
|
||||
}
|
||||
|
||||
@ -7,7 +7,7 @@ using Bit.Core.Billing.Extensions;
|
||||
using Bit.Core.Billing.Models;
|
||||
using Bit.Core.Billing.Models.Business;
|
||||
using Bit.Core.Billing.Pricing;
|
||||
using Bit.Core.Billing.Services.Contracts;
|
||||
using Bit.Core.Billing.Tax.Models;
|
||||
using Bit.Core.Billing.Tax.Requests;
|
||||
using Bit.Core.Billing.Tax.Responses;
|
||||
using Bit.Core.Billing.Tax.Services;
|
||||
|
||||
19
src/Core/Tools/Models/Data/SendAccessResult.cs
Normal file
19
src/Core/Tools/Models/Data/SendAccessResult.cs
Normal file
@ -0,0 +1,19 @@
|
||||
using Bit.Core.Tools.Entities;
|
||||
|
||||
namespace Bit.Core.Tools.Models.Data;
|
||||
|
||||
/// <summary>
|
||||
/// This enum represents the possible results when attempting to access a <see cref="Send"/>.
|
||||
/// </summary>
|
||||
/// <member>name="Granted">Access is granted for the <see cref="Send"/>.</member>
|
||||
/// <member>name="PasswordRequired">Access is denied, but a password is required to access the <see cref="Send"/>.
|
||||
/// </member>
|
||||
/// <member>name="PasswordInvalid">Access is denied due to an invalid password.</member>
|
||||
/// <member>name="Denied">Access is denied for the <see cref="Send"/>.</member>
|
||||
public enum SendAccessResult
|
||||
{
|
||||
Granted,
|
||||
PasswordRequired,
|
||||
PasswordInvalid,
|
||||
Denied
|
||||
}
|
||||
52
src/Core/Tools/SendFeatures/Commands/AnonymousSendCommand.cs
Normal file
52
src/Core/Tools/SendFeatures/Commands/AnonymousSendCommand.cs
Normal file
@ -0,0 +1,52 @@
|
||||
using Bit.Core.Exceptions;
|
||||
using Bit.Core.Platform.Push;
|
||||
using Bit.Core.Tools.Entities;
|
||||
using Bit.Core.Tools.Enums;
|
||||
using Bit.Core.Tools.Models.Data;
|
||||
using Bit.Core.Tools.Repositories;
|
||||
using Bit.Core.Tools.SendFeatures.Commands.Interfaces;
|
||||
using Bit.Core.Tools.Services;
|
||||
|
||||
namespace Bit.Core.Tools.SendFeatures.Commands;
|
||||
|
||||
public class AnonymousSendCommand : IAnonymousSendCommand
|
||||
{
|
||||
private readonly ISendRepository _sendRepository;
|
||||
private readonly ISendFileStorageService _sendFileStorageService;
|
||||
private readonly IPushNotificationService _pushNotificationService;
|
||||
private readonly ISendAuthorizationService _sendAuthorizationService;
|
||||
|
||||
public AnonymousSendCommand(
|
||||
ISendRepository sendRepository,
|
||||
ISendFileStorageService sendFileStorageService,
|
||||
IPushNotificationService pushNotificationService,
|
||||
ISendAuthorizationService sendAuthorizationService
|
||||
)
|
||||
{
|
||||
_sendRepository = sendRepository;
|
||||
_sendFileStorageService = sendFileStorageService;
|
||||
_pushNotificationService = pushNotificationService;
|
||||
_sendAuthorizationService = sendAuthorizationService;
|
||||
}
|
||||
|
||||
// Response: Send, password required, password invalid
|
||||
public async Task<(string, SendAccessResult)> GetSendFileDownloadUrlAsync(Send send, string fileId, string password)
|
||||
{
|
||||
if (send.Type != SendType.File)
|
||||
{
|
||||
throw new BadRequestException("Can only get a download URL for a file type of Send");
|
||||
}
|
||||
|
||||
var result = _sendAuthorizationService.SendCanBeAccessed(send, password);
|
||||
|
||||
if (!result.Equals(SendAccessResult.Granted))
|
||||
{
|
||||
return (null, result);
|
||||
}
|
||||
|
||||
send.AccessCount++;
|
||||
await _sendRepository.ReplaceAsync(send);
|
||||
await _pushNotificationService.PushSyncSendUpdateAsync(send);
|
||||
return (await _sendFileStorageService.GetSendFileDownloadUrlAsync(send, fileId), result);
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,21 @@
|
||||
using Bit.Core.Tools.Entities;
|
||||
using Bit.Core.Tools.Models.Data;
|
||||
|
||||
namespace Bit.Core.Tools.SendFeatures.Commands.Interfaces;
|
||||
|
||||
/// <summary>
|
||||
/// AnonymousSendCommand interface provides methods for managing anonymous Sends.
|
||||
/// </summary>
|
||||
public interface IAnonymousSendCommand
|
||||
{
|
||||
/// <summary>
|
||||
/// Gets the Send file download URL for a Send object.
|
||||
/// </summary>
|
||||
/// <param name="send"><see cref="Send" /> used to help get file download url and validate file</param>
|
||||
/// <param name="fileId">FileId get file download url</param>
|
||||
/// <param name="password">A hashed and base64-encoded password. This is compared with the send's password to authorize access.</param>
|
||||
/// <returns>Async Task object with Tuple containing the string of download url and <see cref="SendAccessResult" />
|
||||
/// to determine if the user can access send.
|
||||
/// </returns>
|
||||
Task<(string, SendAccessResult)> GetSendFileDownloadUrlAsync(Send send, string fileId, string password);
|
||||
}
|
||||
@ -0,0 +1,53 @@
|
||||
using Bit.Core.Tools.Entities;
|
||||
using Bit.Core.Tools.Models.Data;
|
||||
|
||||
namespace Bit.Core.Tools.SendFeatures.Commands.Interfaces;
|
||||
|
||||
/// <summary>
|
||||
/// NonAnonymousSendCommand interface provides methods for managing non-anonymous Sends.
|
||||
/// </summary>
|
||||
public interface INonAnonymousSendCommand
|
||||
{
|
||||
/// <summary>
|
||||
/// Saves a <see cref="Send" /> to the database.
|
||||
/// </summary>
|
||||
/// <param name="send"><see cref="Send" /> that will save to database</param>
|
||||
/// <returns>Task completes as <see cref="Send" /> saves to the database</returns>
|
||||
Task SaveSendAsync(Send send);
|
||||
|
||||
/// <summary>
|
||||
/// Saves the <see cref="Send" /> and <see cref="SendFileData" /> to the database.
|
||||
/// </summary>
|
||||
/// <param name="send"><see cref="Send" /> that will save to the database</param>
|
||||
/// <param name="data"><see cref="SendFileData" /> that will save to file storage</param>
|
||||
/// <param name="fileLength">Length of file help with saving to file storage</param>
|
||||
/// <returns>Task object for async operations with file upload url</returns>
|
||||
Task<string> SaveFileSendAsync(Send send, SendFileData data, long fileLength);
|
||||
|
||||
/// <summary>
|
||||
/// Upload a file to an existing <see cref="Send" />.
|
||||
/// </summary>
|
||||
/// <param name="stream"><see cref="Stream" /> of file to be uploaded. The <see cref="Stream" /> position
|
||||
/// will be set to 0 before uploading the file.</param>
|
||||
/// <param name="send"><see cref="Send" /> used to help with uploading file</param>
|
||||
/// <returns>Task completes after saving <see cref="Stream" /> and <see cref="Send" /> metadata to the file storage</returns>
|
||||
Task UploadFileToExistingSendAsync(Stream stream, Send send);
|
||||
|
||||
/// <summary>
|
||||
/// Deletes a <see cref="Send" /> from the database and file storage.
|
||||
/// </summary>
|
||||
/// <param name="send"><see cref="Send" /> is used to delete from database and file storage</param>
|
||||
/// <returns>Task completes once <see cref="Send" /> has been deleted from database and file storage.</returns>
|
||||
Task DeleteSendAsync(Send send);
|
||||
|
||||
/// <summary>
|
||||
/// Stores the confirmed file size of a send; when the file size cannot be confirmed, the send is deleted.
|
||||
/// </summary>
|
||||
/// <param name="send">The <see cref="Send" /> this command acts upon</param>
|
||||
/// <returns><see langword="true" /> when the file is confirmed, otherwise <see langword="false" /></returns>
|
||||
/// <remarks>
|
||||
/// When a file size cannot be confirmed, we assume we're working with a rogue client. The send is deleted out of
|
||||
/// an abundance of caution.
|
||||
/// </remarks>
|
||||
Task<bool> ConfirmFileSize(Send send);
|
||||
}
|
||||
180
src/Core/Tools/SendFeatures/Commands/NonAnonymousSendCommand.cs
Normal file
180
src/Core/Tools/SendFeatures/Commands/NonAnonymousSendCommand.cs
Normal file
@ -0,0 +1,180 @@
|
||||
using System.Text.Json;
|
||||
using Bit.Core.Context;
|
||||
using Bit.Core.Exceptions;
|
||||
using Bit.Core.Platform.Push;
|
||||
using Bit.Core.Tools.Entities;
|
||||
using Bit.Core.Tools.Enums;
|
||||
using Bit.Core.Tools.Models.Business;
|
||||
using Bit.Core.Tools.Models.Data;
|
||||
using Bit.Core.Tools.Repositories;
|
||||
using Bit.Core.Tools.SendFeatures.Commands.Interfaces;
|
||||
using Bit.Core.Tools.Services;
|
||||
using Bit.Core.Utilities;
|
||||
|
||||
namespace Bit.Core.Tools.SendFeatures.Commands;
|
||||
|
||||
public class NonAnonymousSendCommand : INonAnonymousSendCommand
|
||||
{
|
||||
private readonly ISendRepository _sendRepository;
|
||||
private readonly ISendFileStorageService _sendFileStorageService;
|
||||
private readonly IPushNotificationService _pushNotificationService;
|
||||
private readonly ISendValidationService _sendValidationService;
|
||||
private readonly IReferenceEventService _referenceEventService;
|
||||
private readonly ICurrentContext _currentContext;
|
||||
private readonly ISendCoreHelperService _sendCoreHelperService;
|
||||
|
||||
public NonAnonymousSendCommand(ISendRepository sendRepository,
|
||||
ISendFileStorageService sendFileStorageService,
|
||||
IPushNotificationService pushNotificationService,
|
||||
ISendAuthorizationService sendAuthorizationService,
|
||||
ISendValidationService sendValidationService,
|
||||
IReferenceEventService referenceEventService,
|
||||
ICurrentContext currentContext,
|
||||
ISendCoreHelperService sendCoreHelperService)
|
||||
{
|
||||
_sendRepository = sendRepository;
|
||||
_sendFileStorageService = sendFileStorageService;
|
||||
_pushNotificationService = pushNotificationService;
|
||||
_sendValidationService = sendValidationService;
|
||||
_referenceEventService = referenceEventService;
|
||||
_currentContext = currentContext;
|
||||
_sendCoreHelperService = sendCoreHelperService;
|
||||
}
|
||||
|
||||
public async Task SaveSendAsync(Send send)
|
||||
{
|
||||
// Make sure user can save Sends
|
||||
await _sendValidationService.ValidateUserCanSaveAsync(send.UserId, send);
|
||||
|
||||
if (send.Id == default(Guid))
|
||||
{
|
||||
await _sendRepository.CreateAsync(send);
|
||||
await _pushNotificationService.PushSyncSendCreateAsync(send);
|
||||
await _referenceEventService.RaiseEventAsync(new ReferenceEvent
|
||||
{
|
||||
Id = send.UserId ?? default,
|
||||
Type = ReferenceEventType.SendCreated,
|
||||
Source = ReferenceEventSource.User,
|
||||
SendType = send.Type,
|
||||
MaxAccessCount = send.MaxAccessCount,
|
||||
HasPassword = !string.IsNullOrWhiteSpace(send.Password),
|
||||
SendHasNotes = send.Data?.Contains("Notes"),
|
||||
ClientId = _currentContext.ClientId,
|
||||
ClientVersion = _currentContext.ClientVersion
|
||||
});
|
||||
}
|
||||
else
|
||||
{
|
||||
send.RevisionDate = DateTime.UtcNow;
|
||||
await _sendRepository.UpsertAsync(send);
|
||||
await _pushNotificationService.PushSyncSendUpdateAsync(send);
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<string> SaveFileSendAsync(Send send, SendFileData data, long fileLength)
|
||||
{
|
||||
if (send.Type != SendType.File)
|
||||
{
|
||||
throw new BadRequestException("Send is not of type \"file\".");
|
||||
}
|
||||
|
||||
if (fileLength < 1)
|
||||
{
|
||||
throw new BadRequestException("No file data.");
|
||||
}
|
||||
|
||||
var storageBytesRemaining = await _sendValidationService.StorageRemainingForSendAsync(send);
|
||||
|
||||
if (storageBytesRemaining < fileLength)
|
||||
{
|
||||
throw new BadRequestException("Not enough storage available.");
|
||||
}
|
||||
|
||||
var fileId = _sendCoreHelperService.SecureRandomString(32, useUpperCase: false, useSpecial: false);
|
||||
|
||||
try
|
||||
{
|
||||
data.Id = fileId;
|
||||
data.Size = fileLength;
|
||||
data.Validated = false;
|
||||
send.Data = JsonSerializer.Serialize(data,
|
||||
JsonHelpers.IgnoreWritingNull);
|
||||
await SaveSendAsync(send);
|
||||
return await _sendFileStorageService.GetSendFileUploadUrlAsync(send, fileId);
|
||||
}
|
||||
catch
|
||||
{
|
||||
// Clean up since this is not transactional
|
||||
await _sendFileStorageService.DeleteFileAsync(send, fileId);
|
||||
throw;
|
||||
}
|
||||
}
|
||||
public async Task UploadFileToExistingSendAsync(Stream stream, Send send)
|
||||
{
|
||||
if (stream.Position > 0)
|
||||
{
|
||||
stream.Position = 0;
|
||||
}
|
||||
|
||||
if (send?.Data == null)
|
||||
{
|
||||
throw new BadRequestException("Send does not have file data");
|
||||
}
|
||||
|
||||
if (send.Type != SendType.File)
|
||||
{
|
||||
throw new BadRequestException("Not a File Type Send.");
|
||||
}
|
||||
|
||||
var data = JsonSerializer.Deserialize<SendFileData>(send.Data);
|
||||
|
||||
if (data.Validated)
|
||||
{
|
||||
throw new BadRequestException("File has already been uploaded.");
|
||||
}
|
||||
|
||||
await _sendFileStorageService.UploadNewFileAsync(stream, send, data.Id);
|
||||
|
||||
if (!await ConfirmFileSize(send))
|
||||
{
|
||||
throw new BadRequestException("File received does not match expected file length.");
|
||||
}
|
||||
}
|
||||
public async Task DeleteSendAsync(Send send)
|
||||
{
|
||||
await _sendRepository.DeleteAsync(send);
|
||||
if (send.Type == Enums.SendType.File)
|
||||
{
|
||||
var data = JsonSerializer.Deserialize<SendFileData>(send.Data);
|
||||
await _sendFileStorageService.DeleteFileAsync(send, data.Id);
|
||||
}
|
||||
await _pushNotificationService.PushSyncSendDeleteAsync(send);
|
||||
}
|
||||
|
||||
public async Task<bool> ConfirmFileSize(Send send)
|
||||
{
|
||||
var fileData = JsonSerializer.Deserialize<SendFileData>(send.Data);
|
||||
|
||||
var (valid, realSize) = await _sendFileStorageService.ValidateFileAsync(send, fileData.Id, fileData.Size, SendFileSettingHelper.FILE_SIZE_LEEWAY);
|
||||
|
||||
if (!valid || realSize > SendFileSettingHelper.FILE_SIZE_LEEWAY)
|
||||
{
|
||||
// File reported differs in size from that promised. Must be a rogue client. Delete Send
|
||||
await DeleteSendAsync(send);
|
||||
return false;
|
||||
}
|
||||
|
||||
// Update Send data if necessary
|
||||
if (realSize != fileData.Size)
|
||||
{
|
||||
fileData.Size = realSize.Value;
|
||||
}
|
||||
fileData.Validated = true;
|
||||
send.Data = JsonSerializer.Serialize(fileData,
|
||||
JsonHelpers.IgnoreWritingNull);
|
||||
await SaveSendAsync(send);
|
||||
|
||||
return valid;
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,18 @@
|
||||
using Bit.Core.Tools.SendFeatures.Commands;
|
||||
using Bit.Core.Tools.SendFeatures.Commands.Interfaces;
|
||||
using Bit.Core.Tools.Services;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
|
||||
namespace Bit.Core.Tools.SendFeatures;
|
||||
|
||||
public static class SendServiceCollectionExtension
|
||||
{
|
||||
public static void AddSendServices(this IServiceCollection services)
|
||||
{
|
||||
services.AddScoped<INonAnonymousSendCommand, NonAnonymousSendCommand>();
|
||||
services.AddScoped<IAnonymousSendCommand, AnonymousSendCommand>();
|
||||
services.AddScoped<ISendAuthorizationService, SendAuthorizationService>();
|
||||
services.AddScoped<ISendValidationService, SendValidationService>();
|
||||
services.AddScoped<ISendCoreHelperService, SendCoreHelperService>();
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,28 @@
|
||||
using Bit.Core.Tools.Entities;
|
||||
using Bit.Core.Tools.Models.Data;
|
||||
|
||||
namespace Bit.Core.Tools.Services;
|
||||
|
||||
/// <summary>
|
||||
/// Send Authorization service is responsible for checking if a Send can be accessed.
|
||||
/// </summary>
|
||||
public interface ISendAuthorizationService
|
||||
{
|
||||
/// <summary>
|
||||
/// Checks if a <see cref="Send" /> can be accessed while updating the <see cref="Send" />, pushing a notification, and sending a reference event.
|
||||
/// </summary>
|
||||
/// <param name="send"><see cref="Send" /> used to determine access</param>
|
||||
/// <param name="password">A hashed and base64-encoded password. This is compared with the send's password to authorize access.</param>
|
||||
/// <returns><see cref="SendAccessResult" /> will be returned to determine if the user can access send.
|
||||
/// </returns>
|
||||
Task<SendAccessResult> AccessAsync(Send send, string password);
|
||||
SendAccessResult SendCanBeAccessed(Send send,
|
||||
string password);
|
||||
|
||||
/// <summary>
|
||||
/// Hashes the password using the password hasher.
|
||||
/// </summary>
|
||||
/// <param name="password">Password to be hashed</param>
|
||||
/// <returns>Hashed password of the password given</returns>
|
||||
string HashPassword(string password);
|
||||
}
|
||||
@ -0,0 +1,17 @@
|
||||
namespace Bit.Core.Tools.Services;
|
||||
|
||||
/// <summary>
|
||||
/// This interface provides helper methods for generating secure random strings. Making
|
||||
/// it easier to mock the service in unit tests.
|
||||
/// </summary>
|
||||
public interface ISendCoreHelperService
|
||||
{
|
||||
/// <summary>
|
||||
/// Securely generates a random string of the specified length.
|
||||
/// </summary>
|
||||
/// <param name="length">Desired string length to be returned</param>
|
||||
/// <param name="useUpperCase">Desired casing for the string</param>
|
||||
/// <param name="useSpecial">Determines if special characters will be used in string</param>
|
||||
/// <returns>A secure random string with the desired parameters</returns>
|
||||
string SecureRandomString(int length, bool useUpperCase, bool useSpecial);
|
||||
}
|
||||
@ -0,0 +1,71 @@
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.Tools.Entities;
|
||||
|
||||
namespace Bit.Core.Tools.Services;
|
||||
|
||||
/// <summary>
|
||||
/// Send File Storage Service is responsible for uploading, deleting, and validating files
|
||||
/// whether they are in local storage or in cloud storage.
|
||||
/// </summary>
|
||||
public interface ISendFileStorageService
|
||||
{
|
||||
FileUploadType FileUploadType { get; }
|
||||
/// <summary>
|
||||
/// Uploads a new file to the storage.
|
||||
/// </summary>
|
||||
/// <param name="stream"><see cref="Stream" /> of the file</param>
|
||||
/// <param name="send"><see cref="Send" /> for the file</param>
|
||||
/// <param name="fileId">File id</param>
|
||||
/// <returns>Task completes once <see cref="Stream" /> and <see cref="Send" /> have been saved to the database</returns>
|
||||
Task UploadNewFileAsync(Stream stream, Send send, string fileId);
|
||||
/// <summary>
|
||||
/// Deletes a file from the storage.
|
||||
/// </summary>
|
||||
/// <param name="send"><see cref="Send" /> used to delete file</param>
|
||||
/// <param name="fileId">File id of file to be deleted</param>
|
||||
/// <returns>Task completes once <see cref="Send" /> has been deleted to the database</returns>
|
||||
Task DeleteFileAsync(Send send, string fileId);
|
||||
/// <summary>
|
||||
/// Deletes all files for a specific organization.
|
||||
/// </summary>
|
||||
/// <param name="organizationId"><see cref="Guid" /> used to delete all files pertaining to organization</param>
|
||||
/// <returns>Task completes after running code to delete files by organization id</returns>
|
||||
Task DeleteFilesForOrganizationAsync(Guid organizationId);
|
||||
/// <summary>
|
||||
/// Deletes all files for a specific user.
|
||||
/// </summary>
|
||||
/// <param name="userId"><see cref="Guid" /> used to delete all files pertaining to user</param>
|
||||
/// <returns>Task completes after running code to delete files by user id</returns>
|
||||
Task DeleteFilesForUserAsync(Guid userId);
|
||||
/// <summary>
|
||||
/// Gets the download URL for a file.
|
||||
/// </summary>
|
||||
/// <param name="send"><see cref="Send" /> used to help get download url for file</param>
|
||||
/// <param name="fileId">File id to help get download url for file</param>
|
||||
/// <returns>Download url as a string</returns>
|
||||
Task<string> GetSendFileDownloadUrlAsync(Send send, string fileId);
|
||||
/// <summary>
|
||||
/// Gets the upload URL for a file.
|
||||
/// </summary>
|
||||
/// <param name="send"><see cref="Send" /> used to help get upload url for file </param>
|
||||
/// <param name="fileId">File id to help get upload url for file</param>
|
||||
/// <returns>File upload url as string</returns>
|
||||
Task<string> GetSendFileUploadUrlAsync(Send send, string fileId);
|
||||
/// <summary>
|
||||
/// Validates the file size of a file in the storage.
|
||||
/// </summary>
|
||||
/// <param name="send"><see cref="Send" /> used to help validate file</param>
|
||||
/// <param name="fileId">File id to identify which file to validate</param>
|
||||
/// <param name="expectedFileSize">Expected file size of the file</param>
|
||||
/// <param name="leeway">
|
||||
/// Send file size tolerance in bytes. When an uploaded file's `expectedFileSize`
|
||||
/// is outside of the leeway, the storage operation fails.
|
||||
/// </param>
|
||||
/// <throws>
|
||||
/// ❌ Fill this in with an explanation of the error thrown when `leeway` is incorrect
|
||||
/// </throws>
|
||||
/// <returns>Task object for async operations with Tuple of boolean that determines if file was valid and long that
|
||||
/// the actual file size of the file.
|
||||
/// </returns>
|
||||
Task<(bool, long?)> ValidateFileAsync(Send send, string fileId, long expectedFileSize, long leeway);
|
||||
}
|
||||
@ -0,0 +1,35 @@
|
||||
using Bit.Core.Tools.Entities;
|
||||
|
||||
namespace Bit.Core.Tools.Services;
|
||||
|
||||
public interface ISendValidationService
|
||||
{
|
||||
/// <summary>
|
||||
/// Validates a file can be saved by specified user.
|
||||
/// </summary>
|
||||
/// <param name="userId"><see cref="Guid" /> needed to validate file for specific user</param>
|
||||
/// <param name="send"><see cref="Send" /> needed to help validate file</param>
|
||||
/// <returns>Task completes when a conditional statement has been met it will return out of the method or
|
||||
/// throw a BadRequestException.
|
||||
/// </returns>
|
||||
Task ValidateUserCanSaveAsync(Guid? userId, Send send);
|
||||
|
||||
/// <summary>
|
||||
/// Validates a file can be saved by specified user with different policy based on feature flag
|
||||
/// </summary>
|
||||
/// <param name="userId"><see cref="Guid" /> needed to validate file for specific user</param>
|
||||
/// <param name="send"><see cref="Send" /> needed to help validate file</param>
|
||||
/// <returns>Task completes when a conditional statement has been met it will return out of the method or
|
||||
/// throw a BadRequestException.
|
||||
/// </returns>
|
||||
Task ValidateUserCanSaveAsync_vNext(Guid? userId, Send send);
|
||||
|
||||
/// <summary>
|
||||
/// Calculates the remaining storage for a Send.
|
||||
/// </summary>
|
||||
/// <param name="send"><see cref="Send" /> needed to help calculate remaining storage</param>
|
||||
/// <returns>Long with the remaining bytes for storage or will throw a BadRequestException if user cannot access
|
||||
/// file or email is not verified.
|
||||
/// </returns>
|
||||
Task<long> StorageRemainingForSendAsync(Send send);
|
||||
}
|
||||
101
src/Core/Tools/SendFeatures/Services/SendAuthorizationService.cs
Normal file
101
src/Core/Tools/SendFeatures/Services/SendAuthorizationService.cs
Normal file
@ -0,0 +1,101 @@
|
||||
using Bit.Core.Context;
|
||||
using Bit.Core.Entities;
|
||||
using Bit.Core.Platform.Push;
|
||||
using Bit.Core.Tools.Entities;
|
||||
using Bit.Core.Tools.Enums;
|
||||
using Bit.Core.Tools.Models.Business;
|
||||
using Bit.Core.Tools.Models.Data;
|
||||
using Bit.Core.Tools.Repositories;
|
||||
using Microsoft.AspNetCore.Identity;
|
||||
|
||||
namespace Bit.Core.Tools.Services;
|
||||
|
||||
public class SendAuthorizationService : ISendAuthorizationService
|
||||
{
|
||||
private readonly ISendRepository _sendRepository;
|
||||
private readonly IPasswordHasher<User> _passwordHasher;
|
||||
private readonly IPushNotificationService _pushNotificationService;
|
||||
private readonly IReferenceEventService _referenceEventService;
|
||||
private readonly ICurrentContext _currentContext;
|
||||
|
||||
public SendAuthorizationService(
|
||||
ISendRepository sendRepository,
|
||||
IPasswordHasher<User> passwordHasher,
|
||||
IPushNotificationService pushNotificationService,
|
||||
IReferenceEventService referenceEventService,
|
||||
ICurrentContext currentContext)
|
||||
{
|
||||
_sendRepository = sendRepository;
|
||||
_passwordHasher = passwordHasher;
|
||||
_pushNotificationService = pushNotificationService;
|
||||
_referenceEventService = referenceEventService;
|
||||
_currentContext = currentContext;
|
||||
}
|
||||
|
||||
public SendAccessResult SendCanBeAccessed(Send send,
|
||||
string password)
|
||||
{
|
||||
var now = DateTime.UtcNow;
|
||||
if (send == null || send.MaxAccessCount.GetValueOrDefault(int.MaxValue) <= send.AccessCount ||
|
||||
send.ExpirationDate.GetValueOrDefault(DateTime.MaxValue) < now || send.Disabled ||
|
||||
send.DeletionDate < now)
|
||||
{
|
||||
return SendAccessResult.Denied;
|
||||
}
|
||||
if (!string.IsNullOrWhiteSpace(send.Password))
|
||||
{
|
||||
if (string.IsNullOrWhiteSpace(password))
|
||||
{
|
||||
return SendAccessResult.PasswordRequired;
|
||||
}
|
||||
var passwordResult = _passwordHasher.VerifyHashedPassword(new User(), send.Password, password);
|
||||
if (passwordResult == PasswordVerificationResult.SuccessRehashNeeded)
|
||||
{
|
||||
send.Password = HashPassword(password);
|
||||
}
|
||||
if (passwordResult == PasswordVerificationResult.Failed)
|
||||
{
|
||||
return SendAccessResult.PasswordInvalid;
|
||||
}
|
||||
}
|
||||
|
||||
return SendAccessResult.Granted;
|
||||
}
|
||||
|
||||
public async Task<SendAccessResult> AccessAsync(Send sendToBeAccessed, string password)
|
||||
{
|
||||
var accessResult = SendCanBeAccessed(sendToBeAccessed, password);
|
||||
|
||||
if (!accessResult.Equals(SendAccessResult.Granted))
|
||||
{
|
||||
return accessResult;
|
||||
}
|
||||
|
||||
if (sendToBeAccessed.Type != SendType.File)
|
||||
{
|
||||
// File sends are incremented during file download
|
||||
sendToBeAccessed.AccessCount++;
|
||||
}
|
||||
|
||||
await _sendRepository.ReplaceAsync(sendToBeAccessed);
|
||||
await _pushNotificationService.PushSyncSendUpdateAsync(sendToBeAccessed);
|
||||
await _referenceEventService.RaiseEventAsync(new ReferenceEvent
|
||||
{
|
||||
Id = sendToBeAccessed.UserId ?? default,
|
||||
Type = ReferenceEventType.SendAccessed,
|
||||
Source = ReferenceEventSource.User,
|
||||
SendType = sendToBeAccessed.Type,
|
||||
MaxAccessCount = sendToBeAccessed.MaxAccessCount,
|
||||
HasPassword = !string.IsNullOrWhiteSpace(sendToBeAccessed.Password),
|
||||
SendHasNotes = sendToBeAccessed.Data?.Contains("Notes"),
|
||||
ClientId = _currentContext.ClientId,
|
||||
ClientVersion = _currentContext.ClientVersion
|
||||
});
|
||||
return accessResult;
|
||||
}
|
||||
|
||||
public string HashPassword(string password)
|
||||
{
|
||||
return _passwordHasher.HashPassword(new User(), password);
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,12 @@
|
||||
using Bit.Core.Utilities;
|
||||
|
||||
namespace Bit.Core.Tools.Services;
|
||||
|
||||
public class SendCoreHelperService : ISendCoreHelperService
|
||||
{
|
||||
public string SecureRandomString(int length, bool useUpperCase, bool useSpecial)
|
||||
{
|
||||
return CoreHelpers.SecureRandomString(length, upper: useUpperCase, special: useSpecial);
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,26 @@
|
||||
using Bit.Core.Tools.Entities;
|
||||
|
||||
namespace Bit.Core.Tools.SendFeatures;
|
||||
|
||||
/// <summary>
|
||||
/// SendFileSettingHelper is a static class that provides constants and helper methods (if needed) for managing file
|
||||
/// settings.
|
||||
/// </summary>
|
||||
public static class SendFileSettingHelper
|
||||
{
|
||||
/// <summary>
|
||||
/// The leeway for the file size. This is the calculated 1 megabyte of cushion when doing comparisons of file sizes
|
||||
/// within the system.
|
||||
/// </summary>
|
||||
public const long FILE_SIZE_LEEWAY = 1024L * 1024L; // 1MB
|
||||
/// <summary>
|
||||
/// The maximum file size for a file uploaded in a <see cref="Send" />. Units are calculated in bytes but
|
||||
/// represent 501 megabytes. 1 megabyte is added for cushion to account for file size.
|
||||
/// </summary>
|
||||
public const long MAX_FILE_SIZE = Constants.FileSize501mb;
|
||||
|
||||
/// <summary>
|
||||
/// String of the expected file size and to be used when needing to communicate the file size to the client/user.
|
||||
/// </summary>
|
||||
public const string MAX_FILE_SIZE_READABLE = "500 MB";
|
||||
}
|
||||
142
src/Core/Tools/SendFeatures/Services/SendValidationService.cs
Normal file
142
src/Core/Tools/SendFeatures/Services/SendValidationService.cs
Normal file
@ -0,0 +1,142 @@
|
||||
using Bit.Core.AdminConsole.Enums;
|
||||
using Bit.Core.AdminConsole.Models.Data.Organizations.Policies;
|
||||
using Bit.Core.AdminConsole.OrganizationFeatures.Policies;
|
||||
using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements;
|
||||
using Bit.Core.AdminConsole.Services;
|
||||
using Bit.Core.Context;
|
||||
using Bit.Core.Exceptions;
|
||||
using Bit.Core.Repositories;
|
||||
using Bit.Core.Services;
|
||||
using Bit.Core.Settings;
|
||||
using Bit.Core.Tools.Entities;
|
||||
using Bit.Core.Utilities;
|
||||
|
||||
namespace Bit.Core.Tools.Services;
|
||||
|
||||
public class SendValidationService : ISendValidationService
|
||||
{
|
||||
|
||||
private readonly IUserRepository _userRepository;
|
||||
private readonly IOrganizationRepository _organizationRepository;
|
||||
private readonly IPolicyService _policyService;
|
||||
private readonly IFeatureService _featureService;
|
||||
private readonly IUserService _userService;
|
||||
private readonly GlobalSettings _globalSettings;
|
||||
private readonly ICurrentContext _currentContext;
|
||||
private readonly IPolicyRequirementQuery _policyRequirementQuery;
|
||||
|
||||
|
||||
|
||||
public SendValidationService(
|
||||
IUserRepository userRepository,
|
||||
IOrganizationRepository organizationRepository,
|
||||
IPolicyService policyService,
|
||||
IFeatureService featureService,
|
||||
IUserService userService,
|
||||
IPolicyRequirementQuery policyRequirementQuery,
|
||||
GlobalSettings globalSettings,
|
||||
|
||||
ICurrentContext currentContext)
|
||||
{
|
||||
_userRepository = userRepository;
|
||||
_organizationRepository = organizationRepository;
|
||||
_policyService = policyService;
|
||||
_featureService = featureService;
|
||||
_userService = userService;
|
||||
_policyRequirementQuery = policyRequirementQuery;
|
||||
_globalSettings = globalSettings;
|
||||
_currentContext = currentContext;
|
||||
}
|
||||
|
||||
public async Task ValidateUserCanSaveAsync(Guid? userId, Send send)
|
||||
{
|
||||
if (_featureService.IsEnabled(FeatureFlagKeys.PolicyRequirements))
|
||||
{
|
||||
await ValidateUserCanSaveAsync_vNext(userId, send);
|
||||
return;
|
||||
}
|
||||
|
||||
if (!userId.HasValue || (!_currentContext.Organizations?.Any() ?? true))
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
var anyDisableSendPolicies = await _policyService.AnyPoliciesApplicableToUserAsync(userId.Value,
|
||||
PolicyType.DisableSend);
|
||||
if (anyDisableSendPolicies)
|
||||
{
|
||||
throw new BadRequestException("Due to an Enterprise Policy, you are only able to delete an existing Send.");
|
||||
}
|
||||
|
||||
if (send.HideEmail.GetValueOrDefault())
|
||||
{
|
||||
var sendOptionsPolicies = await _policyService.GetPoliciesApplicableToUserAsync(userId.Value, PolicyType.SendOptions);
|
||||
if (sendOptionsPolicies.Any(p => CoreHelpers.LoadClassFromJsonData<SendOptionsPolicyData>(p.PolicyData)?.DisableHideEmail ?? false))
|
||||
{
|
||||
throw new BadRequestException("Due to an Enterprise Policy, you are not allowed to hide your email address from recipients when creating or editing a Send.");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public async Task ValidateUserCanSaveAsync_vNext(Guid? userId, Send send)
|
||||
{
|
||||
if (!userId.HasValue)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
var disableSendRequirement = await _policyRequirementQuery.GetAsync<DisableSendPolicyRequirement>(userId.Value);
|
||||
if (disableSendRequirement.DisableSend)
|
||||
{
|
||||
throw new BadRequestException("Due to an Enterprise Policy, you are only able to delete an existing Send.");
|
||||
}
|
||||
|
||||
var sendOptionsRequirement = await _policyRequirementQuery.GetAsync<SendOptionsPolicyRequirement>(userId.Value);
|
||||
if (sendOptionsRequirement.DisableHideEmail && send.HideEmail.GetValueOrDefault())
|
||||
{
|
||||
throw new BadRequestException("Due to an Enterprise Policy, you are not allowed to hide your email address from recipients when creating or editing a Send.");
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<long> StorageRemainingForSendAsync(Send send)
|
||||
{
|
||||
var storageBytesRemaining = 0L;
|
||||
if (send.UserId.HasValue)
|
||||
{
|
||||
var user = await _userRepository.GetByIdAsync(send.UserId.Value);
|
||||
if (!await _userService.CanAccessPremium(user))
|
||||
{
|
||||
throw new BadRequestException("You must have premium status to use file Sends.");
|
||||
}
|
||||
|
||||
if (!user.EmailVerified)
|
||||
{
|
||||
throw new BadRequestException("You must confirm your email to use file Sends.");
|
||||
}
|
||||
|
||||
if (user.Premium)
|
||||
{
|
||||
storageBytesRemaining = user.StorageBytesRemaining();
|
||||
}
|
||||
else
|
||||
{
|
||||
// Users that get access to file storage/premium from their organization get the default
|
||||
// 1 GB max storage.
|
||||
short limit = _globalSettings.SelfHosted ? (short)10240 : (short)1;
|
||||
storageBytesRemaining = user.StorageBytesRemaining(limit);
|
||||
}
|
||||
}
|
||||
else if (send.OrganizationId.HasValue)
|
||||
{
|
||||
var org = await _organizationRepository.GetByIdAsync(send.OrganizationId.Value);
|
||||
if (!org.MaxStorageGb.HasValue)
|
||||
{
|
||||
throw new BadRequestException("This organization cannot use file sends.");
|
||||
}
|
||||
|
||||
storageBytesRemaining = org.StorageBytesRemaining();
|
||||
}
|
||||
|
||||
return storageBytesRemaining;
|
||||
}
|
||||
}
|
||||
@ -1,16 +0,0 @@
|
||||
using Bit.Core.Tools.Entities;
|
||||
using Bit.Core.Tools.Models.Data;
|
||||
|
||||
namespace Bit.Core.Tools.Services;
|
||||
|
||||
public interface ISendService
|
||||
{
|
||||
Task DeleteSendAsync(Send send);
|
||||
Task SaveSendAsync(Send send);
|
||||
Task<string> SaveFileSendAsync(Send send, SendFileData data, long fileLength);
|
||||
Task UploadFileToExistingSendAsync(Stream stream, Send send);
|
||||
Task<(Send, bool, bool)> AccessAsync(Guid sendId, string password);
|
||||
string HashPassword(string password);
|
||||
Task<(string, bool, bool)> GetSendFileDownloadUrlAsync(Send send, string fileId, string password);
|
||||
Task<bool> ValidateSendFile(Send send);
|
||||
}
|
||||
@ -1,16 +0,0 @@
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.Tools.Entities;
|
||||
|
||||
namespace Bit.Core.Tools.Services;
|
||||
|
||||
public interface ISendFileStorageService
|
||||
{
|
||||
FileUploadType FileUploadType { get; }
|
||||
Task UploadNewFileAsync(Stream stream, Send send, string fileId);
|
||||
Task DeleteFileAsync(Send send, string fileId);
|
||||
Task DeleteFilesForOrganizationAsync(Guid organizationId);
|
||||
Task DeleteFilesForUserAsync(Guid userId);
|
||||
Task<string> GetSendFileDownloadUrlAsync(Send send, string fileId);
|
||||
Task<string> GetSendFileUploadUrlAsync(Send send, string fileId);
|
||||
Task<(bool, long?)> ValidateFileAsync(Send send, string fileId, long expectedFileSize, long leeway);
|
||||
}
|
||||
@ -1,383 +0,0 @@
|
||||
using System.Text.Json;
|
||||
using Bit.Core.AdminConsole.Enums;
|
||||
using Bit.Core.AdminConsole.Models.Data.Organizations.Policies;
|
||||
using Bit.Core.AdminConsole.OrganizationFeatures.Policies;
|
||||
using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements;
|
||||
using Bit.Core.AdminConsole.Services;
|
||||
using Bit.Core.Context;
|
||||
using Bit.Core.Entities;
|
||||
using Bit.Core.Exceptions;
|
||||
using Bit.Core.Platform.Push;
|
||||
using Bit.Core.Repositories;
|
||||
using Bit.Core.Services;
|
||||
using Bit.Core.Settings;
|
||||
using Bit.Core.Tools.Entities;
|
||||
using Bit.Core.Tools.Enums;
|
||||
using Bit.Core.Tools.Models.Business;
|
||||
using Bit.Core.Tools.Models.Data;
|
||||
using Bit.Core.Tools.Repositories;
|
||||
using Bit.Core.Utilities;
|
||||
using Microsoft.AspNetCore.Identity;
|
||||
|
||||
namespace Bit.Core.Tools.Services;
|
||||
|
||||
public class SendService : ISendService
|
||||
{
|
||||
public const long MAX_FILE_SIZE = Constants.FileSize501mb;
|
||||
public const string MAX_FILE_SIZE_READABLE = "500 MB";
|
||||
private readonly ISendRepository _sendRepository;
|
||||
private readonly IUserRepository _userRepository;
|
||||
private readonly IPolicyService _policyService;
|
||||
private readonly IUserService _userService;
|
||||
private readonly IOrganizationRepository _organizationRepository;
|
||||
private readonly ISendFileStorageService _sendFileStorageService;
|
||||
private readonly IPasswordHasher<User> _passwordHasher;
|
||||
private readonly IPushNotificationService _pushService;
|
||||
private readonly IReferenceEventService _referenceEventService;
|
||||
private readonly GlobalSettings _globalSettings;
|
||||
private readonly ICurrentContext _currentContext;
|
||||
private readonly IPolicyRequirementQuery _policyRequirementQuery;
|
||||
private readonly IFeatureService _featureService;
|
||||
|
||||
private const long _fileSizeLeeway = 1024L * 1024L; // 1MB
|
||||
|
||||
public SendService(
|
||||
ISendRepository sendRepository,
|
||||
IUserRepository userRepository,
|
||||
IUserService userService,
|
||||
IOrganizationRepository organizationRepository,
|
||||
ISendFileStorageService sendFileStorageService,
|
||||
IPasswordHasher<User> passwordHasher,
|
||||
IPushNotificationService pushService,
|
||||
IReferenceEventService referenceEventService,
|
||||
GlobalSettings globalSettings,
|
||||
IPolicyService policyService,
|
||||
ICurrentContext currentContext,
|
||||
IPolicyRequirementQuery policyRequirementQuery,
|
||||
IFeatureService featureService)
|
||||
{
|
||||
_sendRepository = sendRepository;
|
||||
_userRepository = userRepository;
|
||||
_userService = userService;
|
||||
_policyService = policyService;
|
||||
_organizationRepository = organizationRepository;
|
||||
_sendFileStorageService = sendFileStorageService;
|
||||
_passwordHasher = passwordHasher;
|
||||
_pushService = pushService;
|
||||
_referenceEventService = referenceEventService;
|
||||
_globalSettings = globalSettings;
|
||||
_currentContext = currentContext;
|
||||
_policyRequirementQuery = policyRequirementQuery;
|
||||
_featureService = featureService;
|
||||
}
|
||||
|
||||
public async Task SaveSendAsync(Send send)
|
||||
{
|
||||
// Make sure user can save Sends
|
||||
await ValidateUserCanSaveAsync(send.UserId, send);
|
||||
|
||||
if (send.Id == default(Guid))
|
||||
{
|
||||
await _sendRepository.CreateAsync(send);
|
||||
await _pushService.PushSyncSendCreateAsync(send);
|
||||
await RaiseReferenceEventAsync(send, ReferenceEventType.SendCreated);
|
||||
}
|
||||
else
|
||||
{
|
||||
send.RevisionDate = DateTime.UtcNow;
|
||||
await _sendRepository.UpsertAsync(send);
|
||||
await _pushService.PushSyncSendUpdateAsync(send);
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<string> SaveFileSendAsync(Send send, SendFileData data, long fileLength)
|
||||
{
|
||||
if (send.Type != SendType.File)
|
||||
{
|
||||
throw new BadRequestException("Send is not of type \"file\".");
|
||||
}
|
||||
|
||||
if (fileLength < 1)
|
||||
{
|
||||
throw new BadRequestException("No file data.");
|
||||
}
|
||||
|
||||
var storageBytesRemaining = await StorageRemainingForSendAsync(send);
|
||||
|
||||
if (storageBytesRemaining < fileLength)
|
||||
{
|
||||
throw new BadRequestException("Not enough storage available.");
|
||||
}
|
||||
|
||||
var fileId = Utilities.CoreHelpers.SecureRandomString(32, upper: false, special: false);
|
||||
|
||||
try
|
||||
{
|
||||
data.Id = fileId;
|
||||
data.Size = fileLength;
|
||||
data.Validated = false;
|
||||
send.Data = JsonSerializer.Serialize(data,
|
||||
JsonHelpers.IgnoreWritingNull);
|
||||
await SaveSendAsync(send);
|
||||
return await _sendFileStorageService.GetSendFileUploadUrlAsync(send, fileId);
|
||||
}
|
||||
catch
|
||||
{
|
||||
// Clean up since this is not transactional
|
||||
await _sendFileStorageService.DeleteFileAsync(send, fileId);
|
||||
throw;
|
||||
}
|
||||
}
|
||||
|
||||
public async Task UploadFileToExistingSendAsync(Stream stream, Send send)
|
||||
{
|
||||
if (send?.Data == null)
|
||||
{
|
||||
throw new BadRequestException("Send does not have file data");
|
||||
}
|
||||
|
||||
if (send.Type != SendType.File)
|
||||
{
|
||||
throw new BadRequestException("Not a File Type Send.");
|
||||
}
|
||||
|
||||
var data = JsonSerializer.Deserialize<SendFileData>(send.Data);
|
||||
|
||||
if (data.Validated)
|
||||
{
|
||||
throw new BadRequestException("File has already been uploaded.");
|
||||
}
|
||||
|
||||
await _sendFileStorageService.UploadNewFileAsync(stream, send, data.Id);
|
||||
|
||||
if (!await ValidateSendFile(send))
|
||||
{
|
||||
throw new BadRequestException("File received does not match expected file length.");
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<bool> ValidateSendFile(Send send)
|
||||
{
|
||||
var fileData = JsonSerializer.Deserialize<SendFileData>(send.Data);
|
||||
|
||||
var (valid, realSize) = await _sendFileStorageService.ValidateFileAsync(send, fileData.Id, fileData.Size, _fileSizeLeeway);
|
||||
|
||||
if (!valid || realSize > MAX_FILE_SIZE)
|
||||
{
|
||||
// File reported differs in size from that promised. Must be a rogue client. Delete Send
|
||||
await DeleteSendAsync(send);
|
||||
return false;
|
||||
}
|
||||
|
||||
// Update Send data if necessary
|
||||
if (realSize != fileData.Size)
|
||||
{
|
||||
fileData.Size = realSize.Value;
|
||||
}
|
||||
fileData.Validated = true;
|
||||
send.Data = JsonSerializer.Serialize(fileData,
|
||||
JsonHelpers.IgnoreWritingNull);
|
||||
await SaveSendAsync(send);
|
||||
|
||||
return valid;
|
||||
}
|
||||
|
||||
public async Task DeleteSendAsync(Send send)
|
||||
{
|
||||
await _sendRepository.DeleteAsync(send);
|
||||
if (send.Type == Enums.SendType.File)
|
||||
{
|
||||
var data = JsonSerializer.Deserialize<SendFileData>(send.Data);
|
||||
await _sendFileStorageService.DeleteFileAsync(send, data.Id);
|
||||
}
|
||||
await _pushService.PushSyncSendDeleteAsync(send);
|
||||
}
|
||||
|
||||
public (bool grant, bool passwordRequiredError, bool passwordInvalidError) SendCanBeAccessed(Send send,
|
||||
string password)
|
||||
{
|
||||
var now = DateTime.UtcNow;
|
||||
if (send == null || send.MaxAccessCount.GetValueOrDefault(int.MaxValue) <= send.AccessCount ||
|
||||
send.ExpirationDate.GetValueOrDefault(DateTime.MaxValue) < now || send.Disabled ||
|
||||
send.DeletionDate < now)
|
||||
{
|
||||
return (false, false, false);
|
||||
}
|
||||
if (!string.IsNullOrWhiteSpace(send.Password))
|
||||
{
|
||||
if (string.IsNullOrWhiteSpace(password))
|
||||
{
|
||||
return (false, true, false);
|
||||
}
|
||||
var passwordResult = _passwordHasher.VerifyHashedPassword(new User(), send.Password, password);
|
||||
if (passwordResult == PasswordVerificationResult.SuccessRehashNeeded)
|
||||
{
|
||||
send.Password = HashPassword(password);
|
||||
}
|
||||
if (passwordResult == PasswordVerificationResult.Failed)
|
||||
{
|
||||
return (false, false, true);
|
||||
}
|
||||
}
|
||||
|
||||
return (true, false, false);
|
||||
}
|
||||
|
||||
// Response: Send, password required, password invalid
|
||||
public async Task<(string, bool, bool)> GetSendFileDownloadUrlAsync(Send send, string fileId, string password)
|
||||
{
|
||||
if (send.Type != SendType.File)
|
||||
{
|
||||
throw new BadRequestException("Can only get a download URL for a file type of Send");
|
||||
}
|
||||
|
||||
var (grantAccess, passwordRequired, passwordInvalid) = SendCanBeAccessed(send, password);
|
||||
|
||||
if (!grantAccess)
|
||||
{
|
||||
return (null, passwordRequired, passwordInvalid);
|
||||
}
|
||||
|
||||
send.AccessCount++;
|
||||
await _sendRepository.ReplaceAsync(send);
|
||||
await _pushService.PushSyncSendUpdateAsync(send);
|
||||
return (await _sendFileStorageService.GetSendFileDownloadUrlAsync(send, fileId), false, false);
|
||||
}
|
||||
|
||||
// Response: Send, password required, password invalid
|
||||
public async Task<(Send, bool, bool)> AccessAsync(Guid sendId, string password)
|
||||
{
|
||||
var send = await _sendRepository.GetByIdAsync(sendId);
|
||||
var (grantAccess, passwordRequired, passwordInvalid) = SendCanBeAccessed(send, password);
|
||||
|
||||
if (!grantAccess)
|
||||
{
|
||||
return (null, passwordRequired, passwordInvalid);
|
||||
}
|
||||
|
||||
// TODO: maybe move this to a simple ++ sproc?
|
||||
if (send.Type != SendType.File)
|
||||
{
|
||||
// File sends are incremented during file download
|
||||
send.AccessCount++;
|
||||
}
|
||||
|
||||
await _sendRepository.ReplaceAsync(send);
|
||||
await _pushService.PushSyncSendUpdateAsync(send);
|
||||
await RaiseReferenceEventAsync(send, ReferenceEventType.SendAccessed);
|
||||
return (send, false, false);
|
||||
}
|
||||
|
||||
private async Task RaiseReferenceEventAsync(Send send, ReferenceEventType eventType)
|
||||
{
|
||||
await _referenceEventService.RaiseEventAsync(new ReferenceEvent
|
||||
{
|
||||
Id = send.UserId ?? default,
|
||||
Type = eventType,
|
||||
Source = ReferenceEventSource.User,
|
||||
SendType = send.Type,
|
||||
MaxAccessCount = send.MaxAccessCount,
|
||||
HasPassword = !string.IsNullOrWhiteSpace(send.Password),
|
||||
SendHasNotes = send.Data?.Contains("Notes"),
|
||||
ClientId = _currentContext.ClientId,
|
||||
ClientVersion = _currentContext.ClientVersion
|
||||
});
|
||||
}
|
||||
|
||||
public string HashPassword(string password)
|
||||
{
|
||||
return _passwordHasher.HashPassword(new User(), password);
|
||||
}
|
||||
|
||||
private async Task ValidateUserCanSaveAsync(Guid? userId, Send send)
|
||||
{
|
||||
if (_featureService.IsEnabled(FeatureFlagKeys.PolicyRequirements))
|
||||
{
|
||||
await ValidateUserCanSaveAsync_vNext(userId, send);
|
||||
return;
|
||||
}
|
||||
|
||||
if (!userId.HasValue || (!_currentContext.Organizations?.Any() ?? true))
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
var anyDisableSendPolicies = await _policyService.AnyPoliciesApplicableToUserAsync(userId.Value,
|
||||
PolicyType.DisableSend);
|
||||
if (anyDisableSendPolicies)
|
||||
{
|
||||
throw new BadRequestException("Due to an Enterprise Policy, you are only able to delete an existing Send.");
|
||||
}
|
||||
|
||||
if (send.HideEmail.GetValueOrDefault())
|
||||
{
|
||||
var sendOptionsPolicies = await _policyService.GetPoliciesApplicableToUserAsync(userId.Value, PolicyType.SendOptions);
|
||||
if (sendOptionsPolicies.Any(p => CoreHelpers.LoadClassFromJsonData<SendOptionsPolicyData>(p.PolicyData)?.DisableHideEmail ?? false))
|
||||
{
|
||||
throw new BadRequestException("Due to an Enterprise Policy, you are not allowed to hide your email address from recipients when creating or editing a Send.");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private async Task ValidateUserCanSaveAsync_vNext(Guid? userId, Send send)
|
||||
{
|
||||
if (!userId.HasValue)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
var disableSendRequirement = await _policyRequirementQuery.GetAsync<DisableSendPolicyRequirement>(userId.Value);
|
||||
if (disableSendRequirement.DisableSend)
|
||||
{
|
||||
throw new BadRequestException("Due to an Enterprise Policy, you are only able to delete an existing Send.");
|
||||
}
|
||||
|
||||
var sendOptionsRequirement = await _policyRequirementQuery.GetAsync<SendOptionsPolicyRequirement>(userId.Value);
|
||||
if (sendOptionsRequirement.DisableHideEmail && send.HideEmail.GetValueOrDefault())
|
||||
{
|
||||
throw new BadRequestException("Due to an Enterprise Policy, you are not allowed to hide your email address from recipients when creating or editing a Send.");
|
||||
}
|
||||
}
|
||||
|
||||
private async Task<long> StorageRemainingForSendAsync(Send send)
|
||||
{
|
||||
var storageBytesRemaining = 0L;
|
||||
if (send.UserId.HasValue)
|
||||
{
|
||||
var user = await _userRepository.GetByIdAsync(send.UserId.Value);
|
||||
if (!await _userService.CanAccessPremium(user))
|
||||
{
|
||||
throw new BadRequestException("You must have premium status to use file Sends.");
|
||||
}
|
||||
|
||||
if (!user.EmailVerified)
|
||||
{
|
||||
throw new BadRequestException("You must confirm your email to use file Sends.");
|
||||
}
|
||||
|
||||
if (user.Premium)
|
||||
{
|
||||
storageBytesRemaining = user.StorageBytesRemaining();
|
||||
}
|
||||
else
|
||||
{
|
||||
// Users that get access to file storage/premium from their organization get the default
|
||||
// 1 GB max storage.
|
||||
storageBytesRemaining = user.StorageBytesRemaining(
|
||||
_globalSettings.SelfHosted ? (short)10240 : (short)1);
|
||||
}
|
||||
}
|
||||
else if (send.OrganizationId.HasValue)
|
||||
{
|
||||
var org = await _organizationRepository.GetByIdAsync(send.OrganizationId.Value);
|
||||
if (!org.MaxStorageGb.HasValue)
|
||||
{
|
||||
throw new BadRequestException("This organization cannot use file sends.");
|
||||
}
|
||||
|
||||
storageBytesRemaining = org.StorageBytesRemaining();
|
||||
}
|
||||
|
||||
return storageBytesRemaining;
|
||||
}
|
||||
}
|
||||
@ -1,6 +1,6 @@
|
||||
using System.Data;
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Repositories;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Billing.Providers.Repositories;
|
||||
using Bit.Core.Settings;
|
||||
using Bit.Infrastructure.Dapper.Repositories;
|
||||
using Dapper;
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using System.Data;
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Repositories;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Billing.Providers.Repositories;
|
||||
using Bit.Core.Settings;
|
||||
using Bit.Infrastructure.Dapper.Repositories;
|
||||
using Dapper;
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using System.Data;
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Repositories;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Billing.Providers.Repositories;
|
||||
using Bit.Core.Settings;
|
||||
using Bit.Infrastructure.Dapper.Repositories;
|
||||
using Dapper;
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
using Bit.Core.AdminConsole.Repositories;
|
||||
using Bit.Core.Auth.Repositories;
|
||||
using Bit.Core.Billing.Providers.Repositories;
|
||||
using Bit.Core.Billing.Repositories;
|
||||
using Bit.Core.KeyManagement.Repositories;
|
||||
using Bit.Core.NotificationCenter.Repositories;
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
namespace Bit.Infrastructure.EntityFramework.Billing.Models;
|
||||
|
||||
public class ClientOrganizationMigrationRecord : Core.Billing.Entities.ClientOrganizationMigrationRecord
|
||||
public class ClientOrganizationMigrationRecord : Core.Billing.Providers.Entities.ClientOrganizationMigrationRecord
|
||||
{
|
||||
|
||||
}
|
||||
@ -11,6 +11,6 @@ public class ClientOrganizationMigrationRecordProfile : Profile
|
||||
{
|
||||
public ClientOrganizationMigrationRecordProfile()
|
||||
{
|
||||
CreateMap<Core.Billing.Entities.ClientOrganizationMigrationRecord, ClientOrganizationMigrationRecord>().ReverseMap();
|
||||
CreateMap<Core.Billing.Providers.Entities.ClientOrganizationMigrationRecord, ClientOrganizationMigrationRecord>().ReverseMap();
|
||||
}
|
||||
}
|
||||
|
||||
@ -4,7 +4,7 @@ using Bit.Infrastructure.EntityFramework.AdminConsole.Models.Provider;
|
||||
namespace Bit.Infrastructure.EntityFramework.Billing.Models;
|
||||
|
||||
// ReSharper disable once ClassWithVirtualMembersNeverInherited.Global
|
||||
public class ProviderInvoiceItem : Core.Billing.Entities.ProviderInvoiceItem
|
||||
public class ProviderInvoiceItem : Core.Billing.Providers.Entities.ProviderInvoiceItem
|
||||
{
|
||||
public virtual Provider Provider { get; set; }
|
||||
}
|
||||
@ -13,6 +13,6 @@ public class ProviderInvoiceItemMapperProfile : Profile
|
||||
{
|
||||
public ProviderInvoiceItemMapperProfile()
|
||||
{
|
||||
CreateMap<Core.Billing.Entities.ProviderInvoiceItem, ProviderInvoiceItem>().ReverseMap();
|
||||
CreateMap<Core.Billing.Providers.Entities.ProviderInvoiceItem, ProviderInvoiceItem>().ReverseMap();
|
||||
}
|
||||
}
|
||||
|
||||
@ -4,7 +4,7 @@ using Bit.Infrastructure.EntityFramework.AdminConsole.Models.Provider;
|
||||
namespace Bit.Infrastructure.EntityFramework.Billing.Models;
|
||||
|
||||
// ReSharper disable once ClassWithVirtualMembersNeverInherited.Global
|
||||
public class ProviderPlan : Core.Billing.Entities.ProviderPlan
|
||||
public class ProviderPlan : Core.Billing.Providers.Entities.ProviderPlan
|
||||
{
|
||||
public virtual Provider Provider { get; set; }
|
||||
}
|
||||
@ -13,6 +13,6 @@ public class ProviderPlanMapperProfile : Profile
|
||||
{
|
||||
public ProviderPlanMapperProfile()
|
||||
{
|
||||
CreateMap<Core.Billing.Entities.ProviderPlan, ProviderPlan>().ReverseMap();
|
||||
CreateMap<Core.Billing.Providers.Entities.ProviderPlan, ProviderPlan>().ReverseMap();
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using AutoMapper;
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Repositories;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Billing.Providers.Repositories;
|
||||
using Bit.Infrastructure.EntityFramework.Repositories;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using AutoMapper;
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Repositories;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Billing.Providers.Repositories;
|
||||
using Bit.Infrastructure.EntityFramework.Repositories;
|
||||
using LinqToDB;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using AutoMapper;
|
||||
using Bit.Core.Billing.Entities;
|
||||
using Bit.Core.Billing.Repositories;
|
||||
using Bit.Core.Billing.Providers.Entities;
|
||||
using Bit.Core.Billing.Providers.Repositories;
|
||||
using Bit.Infrastructure.EntityFramework.Repositories;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
using Bit.Core.AdminConsole.Repositories;
|
||||
using Bit.Core.Auth.Repositories;
|
||||
using Bit.Core.Billing.Providers.Repositories;
|
||||
using Bit.Core.Billing.Repositories;
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.KeyManagement.Repositories;
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user