org totp and storage flags

src/Api/Controllers/LoginsController.cs

@@ -54,14 +54,15 @@ namespace Bit.Api.Controllers
         [HttpGet("{id}/admin")]
         public async Task<LoginResponseModel> GetAdmin(string id)
         {
-            var login = await _cipherRepository.GetByIdAsync(new Guid(id));
+            var userId = _userService.GetProperUserId(User).Value;
+            var login = await _cipherRepository.GetByIdAsync(new Guid(id), userId);
             if(login == null || !login.OrganizationId.HasValue ||
                 !_currentContext.OrganizationAdmin(login.OrganizationId.Value))
             {
                 throw new NotFoundException();
             }
 
-            var response = new LoginResponseModel(login, _globalSettings);
+            var response = new LoginResponseModel(login, _globalSettings, login.OrganizationUseTotp);
             return response;
         }
 
@@ -97,7 +98,7 @@ namespace Bit.Api.Controllers
             var userId = _userService.GetProperUserId(User).Value;
             await _cipherService.SaveAsync(login, userId, true);
 
-            var response = new LoginResponseModel(login, _globalSettings);
+            var response = new LoginResponseModel(login, _globalSettings, false);
             return response;
         }
 
@@ -129,17 +130,17 @@ namespace Bit.Api.Controllers
         [HttpPost("{id}/admin")]
         public async Task<LoginResponseModel> PutAdmin(string id, [FromBody]LoginRequestModel model)
         {
-            var login = await _cipherRepository.GetByIdAsync(new Guid(id));
+            var userId = _userService.GetProperUserId(User).Value;
+            var login = await _cipherRepository.GetByIdAsync(new Guid(id), userId);
             if(login == null || !login.OrganizationId.HasValue ||
                 !_currentContext.OrganizationAdmin(login.OrganizationId.Value))
             {
                 throw new NotFoundException();
             }
 
-            var userId = _userService.GetProperUserId(User).Value;
             await _cipherService.SaveAsync(model.ToCipher(login), userId, true);
 
-            var response = new LoginResponseModel(login, _globalSettings);
+            var response = new LoginResponseModel(login, _globalSettings, login.OrganizationUseTotp);
             return response;
         }
 

src/Core/Models/Api/Response/CipherResponseModel.cs

@@ -48,11 +48,13 @@ namespace Bit.Core.Models.Api
             FolderId = cipher.FolderId?.ToString();
             Favorite = cipher.Favorite;
             Edit = cipher.Edit;
+            OrganizationUseTotp = cipher.OrganizationUseTotp;
         }
 
         public string FolderId { get; set; }
         public bool Favorite { get; set; }
         public bool Edit { get; set; }
+        public bool OrganizationUseTotp { get; set; }
     }
 
     public class CipherDetailsResponseModel : CipherResponseModel

src/Core/Models/Api/Response/LoginResponseModel.cs

@@ -7,7 +7,7 @@ namespace Bit.Core.Models.Api
 {
     public class LoginResponseModel : ResponseModel
     {
-        public LoginResponseModel(Cipher cipher, GlobalSettings globalSettings, string obj = "login")
+        public LoginResponseModel(Cipher cipher, GlobalSettings globalSettings, bool orgUseTotp, string obj = "login")
             : base(obj)
         {
             if(cipher == null)
@@ -32,11 +32,12 @@ namespace Bit.Core.Models.Api
             Totp = data.Totp;
             RevisionDate = cipher.RevisionDate;
             Edit = true;
+            OrganizationUseTotp = orgUseTotp;
             Attachments = AttachmentResponseModel.FromCipher(cipher, globalSettings);
         }
 
         public LoginResponseModel(CipherDetails cipher, GlobalSettings globalSettings, string obj = "login")
-            : this(cipher as Cipher, globalSettings, obj)
+            : this(cipher as Cipher, globalSettings, cipher.OrganizationUseTotp, obj)
         {
             FolderId = cipher.FolderId?.ToString();
             Favorite = cipher.Favorite;
@@ -48,6 +49,7 @@ namespace Bit.Core.Models.Api
         public string FolderId { get; set; }
         public bool Favorite { get; set; }
         public bool Edit { get; set; }
+        public bool OrganizationUseTotp { get; set; }
         public string Name { get; set; }
         public string Uri { get; set; }
         public string Username { get; set; }

src/Core/Models/Api/Response/ProfileOrganizationResponseModel.cs

@@ -12,8 +12,10 @@ namespace Bit.Core.Models.Api
             Name = organization.Name;
             UseGroups = organization.UseGroups;
             UseDirectory = organization.UseDirectory;
+            UseTotp = organization.UseTotp;
             Seats = organization.Seats;
             MaxCollections = organization.MaxCollections;
+            MaxStorageGb = organization.MaxStorageGb;
             Key = organization.Key;
             Status = organization.Status;
             Type = organization.Type;
@@ -24,8 +26,10 @@ namespace Bit.Core.Models.Api
         public string Name { get; set; }
         public bool UseGroups { get; set; }
         public bool UseDirectory { get; set; }
+        public bool UseTotp { get; set; }
         public int Seats { get; set; }
         public int MaxCollections { get; set; }
+        public short? MaxStorageGb { get; set; }
         public string Key { get; set; }
         public OrganizationUserStatusType Status { get; set; }
         public OrganizationUserType Type { get; set; }

src/Core/Models/Data/CipherDetails.cs

@@ -8,5 +8,6 @@ namespace Core.Models.Data
         public Guid? FolderId { get; set; }
         public bool Favorite { get; set; }
         public bool Edit { get; set; }
+        public bool OrganizationUseTotp { get; set; }
     }
 }

src/Core/Models/Data/OrganizationUserOrganizationDetails.cs

@@ -9,8 +9,10 @@ namespace Bit.Core.Models.Data
         public string Name { get; set; }
         public bool UseGroups { get; set; }
         public bool UseDirectory { get; set; }
+        public bool UseTotp { get; set; }
         public int Seats { get; set; }
         public int MaxCollections { get; set; }
+        public short? MaxStorageGb { get; set; }
         public string Key { get; set; }
         public Enums.OrganizationUserStatusType Status { get; set; }
         public Enums.OrganizationUserType Type { get; set; }

src/Core/Models/StaticStore/Plan.cs

@@ -13,6 +13,8 @@ namespace Bit.Core.Models.StaticStore
         public short? MaxAdditionalSeats { get; set; }
         public bool UseGroups { get; set; }
         public bool UseDirectory { get; set; }
+        public bool UseTotp { get; set; }
+        public short? MaxStorageGb { get; set; }
         public decimal BasePrice { get; set; }
         public decimal SeatPrice { get; set; }
         public short? MaxCollections { get; set; }

src/Core/Models/Table/Organization.cs

@@ -16,6 +16,7 @@ namespace Bit.Core.Models.Table
         public short? MaxCollections { get; set; }
         public bool UseGroups { get; set; }
         public bool UseDirectory { get; set; }
+        public bool UseTotp { get; set; }
         public long? Storage { get; set; }
         public short? MaxStorageGb { get; set; }
         public string StripeCustomerId { get; set; }

src/Core/Services/Implementations/CipherService.cs

@@ -79,6 +79,12 @@ namespace Bit.Core.Services
             {
                 await _cipherRepository.CreateAsync(cipher);
 
+                if(cipher.OrganizationId.HasValue)
+                {
+                    var org = await _organizationRepository.GetByIdAsync(cipher.OrganizationId.Value);
+                    cipher.OrganizationUseTotp = org.UseTotp;
+                }
+
                 // push
                 await _pushService.PushSyncCipherCreateAsync(cipher);
             }

src/Core/Services/Implementations/OrganizationService.cs

@@ -423,8 +423,10 @@ namespace Bit.Core.Services
                 PlanType = plan.Type,
                 Seats = (short)(plan.BaseSeats + signup.AdditionalSeats),
                 MaxCollections = plan.MaxCollections,
+                MaxStorageGb = plan.MaxStorageGb,
                 UseGroups = plan.UseGroups,
                 UseDirectory = plan.UseDirectory,
+                UseTotp = plan.UseTotp,
                 Plan = plan.Name,
                 StripeCustomerId = customer?.Id,
                 StripeSubscriptionId = subscription?.Id,

src/Core/Utilities/StaticStore.cs

@@ -1,6 +1,5 @@
 using Bit.Core.Enums;
 using Bit.Core.Models.StaticStore;
-using System;
 using System.Collections.Generic;
 
 namespace Bit.Core.Utilities
@@ -112,7 +111,9 @@ namespace Bit.Core.Utilities
                     StripePlanId = "personal-org-annually",
                     StripeSeatPlanId = "personal-org-seat-annually",
                     UpgradeSortOrder = 1,
-                    TrialPeriodDays = 7
+                    TrialPeriodDays = 7,
+                    UseTotp = true,
+                    MaxStorageGb = 1
                 },
                 new Plan
                 {
@@ -125,7 +126,9 @@ namespace Bit.Core.Utilities
                     StripePlanId = "teams-org-monthly",
                     StripeSeatPlanId = "teams-org-seat-monthly",
                     UpgradeSortOrder = 2,
-                    TrialPeriodDays = 7
+                    TrialPeriodDays = 7,
+                    UseTotp = true,
+                    MaxStorageGb = 1
                 },
                 new Plan
                 {
@@ -138,7 +141,9 @@ namespace Bit.Core.Utilities
                     StripePlanId = "teams-org-annually",
                     StripeSeatPlanId = "teams-org-seat-annually",
                     UpgradeSortOrder = 2,
-                    TrialPeriodDays = 7
+                    TrialPeriodDays = 7,
+                    UseTotp = true,
+                    MaxStorageGb = 1
                 },
                 new Plan
                 {
@@ -153,7 +158,9 @@ namespace Bit.Core.Utilities
                     UpgradeSortOrder = 3,
                     TrialPeriodDays = 7,
                     UseGroups = true,
-                    UseDirectory = true
+                    UseDirectory = true,
+                    UseTotp = true,
+                    MaxStorageGb = 1
                 },
                 new Plan
                 {
@@ -168,7 +175,9 @@ namespace Bit.Core.Utilities
                     UpgradeSortOrder = 3,
                     TrialPeriodDays = 7,
                     UseGroups = true,
-                    UseDirectory = true
+                    UseDirectory = true,
+                    UseTotp = true,
+                    MaxStorageGb = 1
                 }
             };
 

src/Sql/dbo/Functions/UserCipherDetails.sql

@@ -6,7 +6,11 @@ SELECT
     CASE 
         WHEN C.[UserId] IS NOT NULL OR OU.[AccessAll] = 1 OR CU.[ReadOnly] = 0 OR G.[AccessAll] = 1 OR CG.[ReadOnly] = 0 THEN 1
         ELSE 0
-    END [Edit]
+    END [Edit],
+    CASE 
+        WHEN C.[UserId] IS NULL AND O.[UseTotp] = 1 THEN 1
+        ELSE 0
+    END [OrganizationUseTotp]
 FROM
     [dbo].[CipherDetails](@UserId) C
 LEFT JOIN

src/Sql/dbo/Stored Procedures/CipherDetails_Create.sql

@@ -11,7 +11,8 @@
     @RevisionDate DATETIME2(7),
     @FolderId UNIQUEIDENTIFIER,
     @Favorite BIT,
-    @Edit BIT -- not used
+    @Edit BIT, -- not used
+    @OrganizationUseTotp BIT -- not used
 AS
 BEGIN
     SET NOCOUNT ON

src/Sql/dbo/Stored Procedures/CipherDetails_Update.sql

@@ -11,7 +11,8 @@
     @RevisionDate DATETIME2(7),
     @FolderId UNIQUEIDENTIFIER,
     @Favorite BIT,
-    @Edit BIT -- not used
+    @Edit BIT, -- not used
+    @OrganizationUseTotp BIT -- not used
 AS
 BEGIN
     SET NOCOUNT ON

src/Sql/dbo/Stored Procedures/Organization_Create.sql

@@ -9,6 +9,7 @@
     @MaxCollections SMALLINT,
     @UseGroups BIT,
     @UseDirectory BIT,
+    @UseTotp BIT,
     @Storage BIGINT,
     @MaxStorageGb SMALLINT,
     @StripeCustomerId VARCHAR(50),
@@ -32,6 +33,7 @@ BEGIN
         [MaxCollections],
         [UseGroups],
         [UseDirectory],
+        [UseTotp],
         [Storage],
         [MaxStorageGb],
         [StripeCustomerId],
@@ -52,6 +54,7 @@ BEGIN
         @MaxCollections,
         @UseGroups,
         @UseDirectory,
+        @UseTotp,
         @Storage,
         @MaxStorageGb,
         @StripeCustomerId,

src/Sql/dbo/Stored Procedures/Organization_Update.sql

@@ -9,6 +9,7 @@
     @MaxCollections SMALLINT,
     @UseGroups BIT,
     @UseDirectory BIT,
+    @UseTotp BIT,
     @Storage BIGINT,
     @MaxStorageGb SMALLINT,
     @StripeCustomerId VARCHAR(50),
@@ -33,6 +34,7 @@ BEGIN
         [MaxCollections] = @MaxCollections,
         [UseGroups] = @UseGroups,
         [UseDirectory] = @UseDirectory,
+        [UseTotp] = @UseTotp,
         [Storage] = @Storage,
         [MaxStorageGb] = @MaxStorageGb,
         [StripeCustomerId] = @StripeCustomerId,

src/Sql/dbo/Tables/Organization.sql

@@ -9,6 +9,7 @@
     [MaxCollections]       SMALLINT         NULL,
     [UseGroups]            BIT              NOT NULL,
     [UseDirectory]         BIT              NOT NULL,
+    [UseTotp]              BIT              NOT NULL,
     [Storage]              BIGINT           NULL,
     [MaxStorageGb]         SMALLINT         NULL,
     [StripeCustomerId]     VARCHAR (50)     NULL,

src/Sql/dbo/Views/OrganizationUserOrganizationDetailsView.sql

@@ -7,8 +7,10 @@ SELECT
     O.[Enabled],
     O.[UseGroups],
     O.[UseDirectory],
+    O.[UseTotp],
     O.[Seats],
     O.[MaxCollections],
+    O.[MaxStorageGb],
     OU.[Key],
     OU.[Status],
     OU.[Type]

util/SqlUpdate/2017-06-30_00_UserPremium.sql

@@ -6,3 +6,14 @@ go
 
 alter table [user] alter column [premium] BIT NOT NULL
 go
+
+drop view [dbo].[UserView]
+go
+
+CREATE VIEW [dbo].[UserView]
+AS
+SELECT
+    *
+FROM
+    [dbo].[User]
+GO

util/SqlUpdate/2017-07-07_00_OrgFields.sql

@@ -0,0 +1,23 @@
+alter table [organization] add [UseTotp] BIT NULL
+go
+
+-- all but free plans
+update [organization]
+set
+[UseTotp] = CASE WHEN [organization].[plantype] != 0 THEN 1 ELSE 0 END,
+[MaxStorageGb] = CASE WHEN [organization].[plantype] != 0 THEN 1 ELSE NULL END
+go
+
+alter table [organization] alter column [UseTotp] BIT NOT NULL
+go
+
+drop view [dbo].[OrganizationView]
+go
+
+CREATE VIEW [dbo].[OrganizationView]
+AS
+SELECT
+    *
+FROM
+    [dbo].[Organization]
+GO