nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-16 02:28:13 -05:00
Code
5,669 Commits 375 Branches 197 Tags
Commit Graph

83 Commits

Author SHA1 Message Date
Jonas Hendrickx
b0fbaffe27
Merge branch 'main' into PM-17830 2025-03-26 19:27:07 +01:00
Matt Bishop
d4b0058372
Organization integrations and configuration database schemas (#5553) 
* Organization integrations and configuration database schemas

* Format EF files
 2025-03-26 11:44:05 -04:00
Jonas Hendrickx
bbb109cba8
Add Notes column to OrganizationSponsorships table 2025-03-26 10:29:53 +01:00
Jonas Hendrickx
5b895865ca WIP 2025-03-12 09:47:16 +01:00
Ike
913da4a629
[PM-15015] Add Country Name to auth request from request headers (#5471) 
* feat(pm-15015) : 
  * Add `CountryName` column to AuthRequest Table in Database, and refreshing AuthRequestView
  * Modify database stored procedures and Entity Framework migrations for AuthRequest Repositories
  * Add property to `ICurrentContext` and response models.
 2025-03-10 12:16:43 -04:00
Alex Morask
fa90991270
[PM-12601] Add discount to MSP during creation in Admin Portal (#5391) 
* Add Provider DiscountId to database and Stripe customer

* Fix tests

* Add missing EF migrations

* Run dotnet format
 2025-03-05 14:59:15 -05:00
Maciej Zieniuk
0c482eea32
PM-10600: Missing Notification Center MaxLength on Body column (#5402) 2025-02-13 14:14:55 +01:00
SmithThe4th
bde11dae31
[PM-14590] Modify Notification database table (#5361) 
* Added notification type enum

Added option type to entity

* created migration files

* made sprocs backward compatible

* made sprocs backward compatible

* Fixed linting

* Altered table to require an optional taskId

* formatted code

* Added foreignkey

* Formatted code

* fixed order
 2025-02-10 11:39:48 -05:00
Jimmy Vo
4069ac3a4b
Add limit item deletion organization setting migration (#5283) 2025-01-21 15:51:34 -05:00
Addison Beck
d8b4a4a28d
Drop LimitCollectionCreationDeletion from the database (#4810) 
* Drop a MSSQL column

* Delete property from `Organization` entity

* Generate EF migrations
 2025-01-16 12:35:00 -07:00
Ike
a84ef0724c
[PM-15614] Allow Users to opt out of new device verification (#5176) 
feat(NewDeviceVerification) : 
* Created database migration scripts for VerifyDevices column in [dbo].[User].
* Updated DeviceValidator to check if user has opted out of device verification.
* Added endpoint to AccountsController.cs to allow editing of new User.VerifyDevices property.
* Added tests for new methods and endpoint.
* Updating queries to track [dbo].[User].[VerifyDevices].
* Updated DeviceValidator to set `User.EmailVerified` property during the New Device Verification flow.
 2025-01-08 07:31:24 -08:00
Addison Beck
a8091bf585
chore(db): add Installation.LastActivityDate column (#5060) 
* chore(mssql): add `Installation.LastActivityDate` column

* chore(ef): add `Installation.LastActivityDate` column
 2024-12-13 16:04:55 -05:00
Alex Morask
2d891b396a
[PM-11127] Write OrganizationInstallation record when license is retrieved (#5090) 
* Add SQL files

* Add SQL Server migration

* Add Core entity

* Add Dapper repository

* Add EF repository

* Add EF migrations

* Save OrganizationInstallation during GetLicense invocation

* Run dotnet format
 2024-12-11 13:55:00 -05:00
Vijay Oommen
1f1510f4d4
PM-15091 Add Feature Flag to DB called UseRiskInsights (#5088) 
Add a new column called UseRiskInsights to `dbo.Organization`
 2024-12-05 10:46:01 -06:00
Shane Melton
eee7494c91
[PM-14373] Introduce SecurityTask database table and repository (#5025) 
* [PM-14373] Introduce SecurityTask entity and related enums

* [PM-14373] Add Dapper SecurityTask repository

* [PM-14373] Introduce MSSQL table, view, and stored procedures

* [PM-14373] Add EF SecurityTask repository and type configurations

* [PM-14373] Add EF Migration

* [PM-14373] Add integration tests

* [PM-14373] Formatting

* Typo

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>

* Typo

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>

* [PM-14373] Remove DeleteById sproc

* [PM-14373] SQL formatting

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
 2024-11-14 14:54:20 -08:00
Vijay Oommen
7cf6742595
PM-13236 - Password Health Report Application - entities repos (#4974) 
* PM-13236 PasswordHealthReportApplications db

* PM-13236 incorporated pr comments

* PM-13236 fixed error in SQL script

* PM-13236 resolve quality scan errors SQL71006, SQL7101, SQL70001

* PM-13236 fixed warnings on procedures

* PM-13236 added efMigrations

* PM-13236 renamed files to PasswordHealthReportApplication (singular)

* PM-13236 changed file name to more appropriate naming

* PM-13236 changed the file name singular

* PM-13236 PasswordHealthReportApplication Entities and Repos

* PM-13236 moved files under tools from core

* PM-13236 Entity PasswordHealthReportApplication namespace changed to tools/entities

* PM-13236 moved Repos and Interfaces to tools

* PM-13236 migrated model to tools namespace

* PM-13236 minor fixes to the unit tests

* PM-13236 fixed script errors during build

* PM-13236 Script to drop PasswordHealthReportApplications if it exists

* PM-13236 fixes to database snapshot

* PM-13236 updated databasesnapshots

* PM-13236 Update database model changes for Mysql

* PM-13236 update model changes for Sqlite

* PM-13236 updated the models to remove commented code

* PM-13236 added correct db snapshot for MySql

* PM-13236 updated database snapshot for Postgres

* PM-13236 updated database snapshot for Sqlite

* PM-13236 removed unwanted directive to fix linting error

* PM-13236 removed redundant script files
 2024-11-08 11:28:56 -05:00
Matt Bishop
a04df4beba
Device deactivation (#4963) 
* Device deactivation

* Check active status in service

* Format and work around potential deadlocks
 2024-10-31 17:05:13 -04:00
Alex Morask
0496085c39
[AC-2551] Consolidated Billing Migration (#4616) 
* Move existing Billing SQL files into dbo folder

I noticed that every other team had a nested dbo folder under their team folder while Billing did not. This change replicates that.

* Add SQL files for ClientOrganizationMigrationRecord table

* Add SQL Server migration for ClientOrganizationMigrationRecord table

* Add ClientOrganizationMigrationRecord entity and repository interface

* Add ClientOrganizationMigrationRecord Dapper repository

* Add ClientOrganizationMigrationRecord EF repository

* Add EF migrations for ClientOrganizationMigrationRecord table

* Implement migration process

* Wire up new Admin tool to migrate providers

* Run dotnet format

* Updated coupon and credit application per product request

* AC-3057-3058: Fix expiration date and enabled from webhook processing

* Run dotnet format

* AC-3059: Fix assigned seats during migration

* Updated AllocatedSeats in the case plan already exists

* Update migration scripts to reflect current date
 2024-10-04 10:55:00 -04:00
Addison Beck
6a51e3b1a9
Split LimitCollectionCreationDeletion into two database columns (#4709) 
* Add new columns to `dbo.Organization` & its references

* Feed existing data into new `dbo.Organization` column

* Update Entity Framework database definitions

* Move new EF columns out of the core entity definition

* Generate Entity Framework migrations

* Feed existing data into new `Organization` Entity Framework columns

* Add a where clause to SQL migration
 2024-10-03 13:43:54 -04:00
Thomas Rittson
f7bc5dfb2e
[PM-10365] Drop OrganizationUser AccessAll (#4701) 
* Remove OrganizationUser.AccessAll

* Final database migrations
 2024-09-24 16:26:35 +10:00
Thomas Avery
4c0f8d54f3
[PM-10560] Create notification database storage (#4688) 
* Add new tables

* Add stored procedures

* Add core entities and models

* Setup EF

* Add repository interfaces

* Add dapper repos

* Add EF repos

* Add order by

* EF updates

* PM-10560: Notifications repository matching requirements.

* PM-10560: Notifications repository matching requirements.

* PM-10560: Migration scripts

* PM-10560: EF index optimizations

* PM-10560: Cleanup

* PM-10560: Priority in natural order, Repository, sql simplifications

* PM-10560: Title column update

* PM-10560: Incorrect EF migration removal

* PM-10560: EF migrations

* PM-10560: Added views, SP naming simplification

* PM-10560: Notification entity Title update, EF migrations

* PM-10560: Removing Notification_ReadByUserId

* PM-10560: Notification ReadByUserIdAndStatus fix

* PM-10560: Notification ReadByUserIdAndStatus fix to be in line with requirements and EF

---------

Co-authored-by: Maciej Zieniuk <mzieniuk@bitwarden.com>
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
 2024-09-09 21:52:12 +02:00
Thomas Rittson
0da62f9cee
[PM-10368] Drop Group.AccessAll (#4700) 
- Add default constraint
- Update sprocs to remove column
- Drop column
 2024-09-02 15:01:32 +10:00
Thomas Rittson
22bd755b3c
[AC-10362] Remove OrganizationUser.AccessAll from code (#4622) 
* Remove OrganizationUser.AccessAll from code

* Add shadow property

* Remove remaining reference

* dotnet format

* Fix tests

* Bump migration dates
 2024-08-26 12:03:44 +01:00
Thomas Rittson
f04c3b8e54
[PM-10361] Remove Group.AccessAll from code (#4614) 
* Remove Group.AccessAll from code

* Add shadow property config and migration
 2024-08-13 08:54:03 +10:00
Thomas Rittson
ffdc40b21c
[AC-2881] Remove Organization.FlexibleCollections from code (#4552) 
* Remove Organization.FlexibleCollections from code

* Drop Organization.FlexibleCollections column in EF databases
(MSSQL column to be retained for 1 additional deployment to support rollback in cloud)
 2024-07-26 15:07:33 +10:00
Justin Baur
1e0182008b
[PM-2943] Enable Nullable Repositories in Unowned Files (#4549) 
* Enable Nullable In Unowned Repos

* Update More Tests

* Move to One If

* Fix Collections

* Format

* Add Migrations

* Move Pragma Annotation

* Add Better Assert Message
 2024-07-24 09:48:09 -04:00
Alex Morask
9c8a9f41fb
[AC-2804] Add client ID to provider client invoice report (#4458) 
* Add client ID to provider client invoice report

* Run dotnet format
 2024-07-05 10:12:03 -04:00
Justin Baur
8b5f65fc00
PM-2944] Make Entities Nullable In Admin Console (#4386) 
* Enable `nullable` in `ISubscriber`

* Enable `nullable` in `Group`

* Enable `nullable` in `GroupUser`

* Enable `nullable` in `Organization`

* Enable `nullable` in `OrganizationUser`

* Enable `nullable` in `Policy`

* Enable `nullable` in `Provider`

* Enable `nullable` in `ProviderOrganization`

* Enable `nullable` in `ProviderUser`

* Update Tests

* Formatting

* Update TwoFactor Tests

* Fix Scim Tests

* Format

* Add Migrations

* Format
 2024-07-04 21:14:37 -04:00
Justin Baur
8d1f6a9f66
[PM-2944] Update Null DB Constraints (#4459) 
* Update Database Models

* Format
 2024-07-03 16:21:25 -04:00
Kyle Spearrin
0d3a7b3dd5
[PM-5518] Sql-backed IDistributedCache (#3791) 
* Sql-backed IDistributedCache

* sqlserver cache table

* remove unused using

* setup EF entity

* cache indexes

* add back cipher

* revert SetupEntityFramework change

* ef cache

* EntityFrameworkCache

* IServiceScopeFactory for db context

* implement EntityFrameworkCache

* move to _serviceScopeFactory

* move to config file

* ef migrations

* fixes

* datetime and error codes

* revert migrations

* migrations

* format

* static and namespace fix

* use time provider

* Move SQL migration and remove EF one for the moment

* Add clean migration of just the new table

* Formatting

* Test Custom `IDistributedCache` Implementation

* Add Back Logging

* Remove Double Logging

* Skip Test When Not EntityFrameworkCache

* Format

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
 2024-07-03 12:48:23 -04:00
Matt Bishop
e8c5d73062
Sync EF migrations for .NET / EF Core 8 (#4448) 
* Sync EF migrations for .NET 8

* Format

* Redo migrations with billing fix

* Forgot to format again
 2024-07-02 10:08:34 -04:00
Alex Morask
725fc2eed3
[AC-1943] Add ProviderInvoiceItem table (#4163) 
* Add ProviderInvoiceItem table

* Run dotnet format
 2024-06-06 13:25:13 -04:00
Ike
97b3f3e7ee
[PM-5216] User and Organization Duo Request and Response Model refactor (#4126) 
* inital changes

* add provider GatewayType migrations

* db provider migrations

* removed duo migrations added v2 metadata to duo response

* removed helper scripts

* remove signature from org duo

* added backward compatibility for Duo v2

* added tests for duo request + response models

* refactors to TwoFactorController

* updated test methods to be compartmentalized by usage

* fix organization add duo

* Assert.Empty() fix for validator
 2024-06-05 11:42:02 -07:00
Alex Morask
9f7e05869e
[AC-1900] Update Vault DB to support provider billing (#3875) 
* Add Gateway columns to Provider table

* Add ProviderId column to Transaction table

* Create ProviderPlan table

* Matt's feedback

* Rui's feedback

* Fixed Gateway parameter on Provider
 2024-03-21 11:15:49 -04:00
Tom
997af0f6ab
[PM-221] Adding CipherId to the Send table, create/update sprocs, and added mi… (#3646) 
* Adding CipherId to the Send table, create/update sprocs, and added migrations

* changing migrator script to drop create sprocs

* fixing double brackets

* Revert "changing migrator script to drop create sprocs"

This reverts commit 2d5171e7e52ee46c88d024a85f326476b338629a.

* Remove comment I nitpicked

* Script best practices

* Fix typo

* Try recreate again

* Fix missing output

* Revert "Try recreate again"

This reverts commit 38257ebeaa1a7922b75c19a496aa22acc7e1351d.

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: federicom09 <fmonesiglio@bitwarden.com>
 2024-03-04 19:31:33 -05:00
Thomas Avery
1499d1e2c6
[SM-713] Add database support for secret access policies (#3681) 
* mssql add column and migration

* Add secret access policies to EF models and config

* Clear new access policies on service account delete

* Add SM cleanup code on delete

* Fix EF org user bulk delete

* Run EF migrations
 2024-02-22 10:06:39 -06:00
Colton Hurst
7cbe888b82
SM-1012: Removing SM Beta (Phase 2) (#3663) 
* SM-1012: Phase 2, removing SM Beta from the server (but not db)

* SM-1012: Add migration for RemoveSMBetaFromOrganization

* SM-1012: Dotnet format

* SM-1012: Undo RemoveSMBetaFromOrganization EF migration

* SM-1012: Redo RemoveSMBetaFromOrganization EF migration

* SM-1012: Ran dotnet format
 2024-02-05 15:51:31 -05:00
Thomas Avery
880ceafe9f
[BEEEP] [SM-1059] Add missing auth table indexes to EF config (#3625) 
* Add missing indexes to EF auth tables

* Add EF migrations
 2024-01-17 10:42:43 -06:00
Matt Bishop
db4d7aa609
[PM-5519] [PM-5526] [PM-5624] [PM-5600] Tweak EF settings for MySQL grant auto-increment (#3662) 
* Tweak EF settings for grant auto-increment

* Go back to zero generated default as that doesn't matter

* Explicit value generation callout

* Go with custom SQL for direct automatic increment

* Proper column creation

* Lint
 2024-01-11 16:06:29 -05:00
Thomas Rittson
b829812a3f
[AC-2025] Add Organization.FlexibleCollections to database and sprocs (#3642) 
* Add Organization.FlexibleCollections property and column

* Add new property to OrganizationAbility

* Add SQL and EF migrations
 2024-01-11 13:25:57 +10:00
Thomas Avery
3392ede534
[BEEEP][SM-1062] Add missing table indexes to EF config (#3628) 
* Add missing EF indexes

* Add EF migrations

* move configs

* regenerate migrations
 2024-01-10 12:03:16 -06:00
Thomas Avery
a480bd16e4
[BEEEP] [SM-1060] Add missing tools table indexes to EF config (#3626) 
* Add missing indexes

* Add EF migrations
 2024-01-09 09:46:45 -06:00
renovate[bot]
bfa9269b42
[PM-5294][deps]: Update Duende.IdentityServer to v6.3.7 (#3499) 
* [deps]: Update Duende.IdentityServer to v6.3.6

* Fix test

* Grant table changes

* Reassert view

* EF migrations

* Restore non-null key and simpler index

* Master SQL sync

* Lint

* Fix ID setting since the property isn't exposed

* Bump to .7

* Point to new Duende package

* Drop unused indexes first

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
 2023-12-28 15:04:45 -05:00
Ike
8bf798a79f
added webauthncredential ef migrations (#3555) 2023-12-13 07:03:42 -08:00
Shane Melton
b062ab8043
[AC-1122] Add AllowAdminAccessToAllCollectionItems setting to Organizations (#3379) 
* [AC-1117] Add manage permission (#3126)

* Update sql files to add Manage permission

* Add migration script

* Rename collection manage migration file to remove duplicate migration date

* Migrations

* Add manage to models

* Add manage to repository

* Add constraint to Manage columns

* Migration lint fixes

* Add manage to OrganizationUserUserDetails_ReadWithCollectionsById

* Add missing manage fields

* Add 'Manage' to UserCollectionDetails

* Use CREATE OR ALTER where possible

* [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145)

* feat: update org table with new column, write migration, refs AC-1374

* feat: update views with new column, refs AC-1374

* feat: Alter sprocs (org create/update) to include new column, refs AC-1374

* feat: update entity/data/request/response models to handle new column, refs AC-1374

* feat: update necessary Provider related views during migration, refs AC-1374

* fix: update org create to default new column to false, refs AC-1374

* feat: added new API/request model for collection management and removed property from update request model, refs AC-1374

* fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374

* fix: dotnet format, refs AC-1374

* feat: add ef migrations to reflect mssql changes, refs AC-1374

* fix: dotnet format, refs AC-1374

* feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374

* fix: merge conflict resolution

* [AC-1174] CollectionUser and CollectionGroup authorization handlers (#3194)

* [AC-1174] Introduce BulkAuthorizationHandler.cs

* [AC-1174] Introduce CollectionUserAuthorizationHandler

* [AC-1174] Add CreateForNewCollection CollectionUser requirement

* [AC-1174] Add some more details to CollectionCustomization

* [AC-1174] Formatting

* [AC-1174] Add CollectionGroupOperation.cs

* [AC-1174] Introduce CollectionGroupAuthorizationHandler.cs

* [AC-1174] Cleanup CollectionFixture customization

Implement and use re-usable extension method to support seeded Guids

* [AC-1174] Introduce WithValueFromList AutoFixtureExtensions

Modify CollectionCustomization to use multiple organization Ids for auto generated test data

* [AC-1174] Simplify CollectionUserAuthorizationHandler.cs

Modify the authorization handler to only perform authorization logic. Validation logic will need to be handled by any calling commands/controllers instead.

* [AC-1174] Introduce shared CollectionAccessAuthorizationHandlerBase

A shared base authorization handler was created for both CollectionUser and CollectionGroup resources, as they share the same underlying management authorization logic.

* [AC-1174] Update CollectionUserAuthorizationHandler and CollectionGroupAuthorizationHandler to use the new CollectionAccessAuthorizationHandlerBase class

* [AC-1174] Formatting

* [AC-1174] Cleanup typo and redundant ToList() call

* [AC-1174] Add check for provider users

* [AC-1174] Reduce nested loops

* [AC-1174] Introduce ICollectionAccess.cs

* [AC-1174] Remove individual CollectionGroup and CollectionUser auth handlers and use base class instead

* [AC-1174] Tweak unit test to fail minimally

* [AC-1174] Reorganize authorization handlers in Core project

* [AC-1174] Introduce new AddCoreAuthorizationHandlers() extension method

* [AC-1174] Move CollectionAccessAuthorizationHandler into Api project

* [AC-1174] Move CollectionFixture to Vault folder

* [AC-1174] Rename operation to CreateUpdateDelete

* [AC-1174] Require single organization for collection access authorization handler

- Add requirement that all target collections must belong to the same organization
- Simplify logic related to multiple organizations
- Update tests and helpers
- Use ToHashSet to improve lookup time

* [AC-1174] Fix null reference exception

* [AC-1174] Throw bad request exception when collections belong to different organizations

* [AC-1174] Switch to CollectionAuthorizationHandler instead of CollectionAccessAuthorizationHandler to reduce complexity

* Fix improper merge conflict resolution

* fix: add permission check for collection management api, refs AC-1647 (#3252)

* [AC-1125] Enforce org setting for creating/deleting collections (#3241)

* [AC-1117] Add manage permission (#3126)

* Update sql files to add Manage permission

* Add migration script

* Rename collection manage migration file to remove duplicate migration date

* Migrations

* Add manage to models

* Add manage to repository

* Add constraint to Manage columns

* Migration lint fixes

* Add manage to OrganizationUserUserDetails_ReadWithCollectionsById

* Add missing manage fields

* Add 'Manage' to UserCollectionDetails

* Use CREATE OR ALTER where possible

* [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145)

* feat: update org table with new column, write migration, refs AC-1374

* feat: update views with new column, refs AC-1374

* feat: Alter sprocs (org create/update) to include new column, refs AC-1374

* feat: update entity/data/request/response models to handle new column, refs AC-1374

* feat: update necessary Provider related views during migration, refs AC-1374

* fix: update org create to default new column to false, refs AC-1374

* feat: added new API/request model for collection management and removed property from update request model, refs AC-1374

* fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374

* fix: dotnet format, refs AC-1374

* feat: add ef migrations to reflect mssql changes, refs AC-1374

* fix: dotnet format, refs AC-1374

* feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374

* feat: created collection auth handler/operations, added LimitCollectionCdOwnerAdmin to CurrentContentOrganization, refs AC-1125

* feat: create vault service collection extensions and register with base services, refs AC-1125

* feat: deprecated CurrentContext.CreateNewCollections, refs AC-1125

* feat: deprecate DeleteAnyCollection for single resource usages, refs AC-1125

* feat: move service registration to api, update references, refs AC-1125

* feat: add bulk delete authorization handler, refs AC-1125

* feat: always assign user and give manage access on create, refs AC-1125

* fix: updated CurrentContextOrganization type, refs AC-1125

* feat: combined existing collection authorization handlers/operations, refs AC-1125

* fix: OrganizationServiceTests -> CurrentContentOrganization typo, refs AC-1125

* fix: format, refs AC-1125

* fix: update collection controller tests, refs AC-1125

* fix: dotnet format, refs AC-1125

* feat: removed extra BulkAuthorizationHandler, refs AC-1125

* fix: dotnet format, refs AC-1125

* fix: change string to guid for org id, update bulk delete request model, refs AC-1125

* fix: remove delete many collection check, refs AC-1125

* fix: clean up collection auth handler, refs AC-1125

* fix: format fix for CollectionOperations, refs AC-1125

* fix: removed unnecessary owner check, add org null check to custom permission validation, refs AC-1125

* fix: remove unused methods in CurrentContext, refs AC-1125

* fix: removed obsolete test, fixed failling delete many test, refs AC-1125

* fix: CollectionAuthorizationHandlerTests fixes, refs AC-1125

* fix: OrganizationServiceTests fix broken test by mocking GetOrganization, refs AC-1125

* fix: CollectionAuthorizationHandler - remove unused repository, refs AC-1125

* feat: moved UserId null check to common method, refs AC-1125

* fix: updated auth handler tests to remove dependency on requirement for common code checks, refs AC-1125

* feat: updated conditionals/comments for create/delete methods within colleciton auth handler, refs AC-1125

* feat: added create/delete collection auth handler success methods, refs AC-1125

* fix: new up permissions to prevent excessive null checks, refs AC-1125

* fix: remove old reference to CreateNewCollections, refs AC-1125

* fix: typo within ViewAssignedCollections method, refs AC-1125

---------

Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>

* refactor: remove organizationId from CollectionBulkDeleteRequestModel, refs AC-1649 (#3282)

* [AC-1174] Bulk Collection Management (#3229)

* [AC-1174] Update SelectionReadOnlyRequestModel to use Guid for Id property

* [AC-1174] Introduce initial bulk-access collection endpoint

* [AC-1174] Introduce BulkAddCollectionAccessCommand and validation logic/tests

* [AC-1174] Add CreateOrUpdateAccessMany method to CollectionRepository

* [AC-1174] Add event logs for bulk add collection access command

* [AC-1174] Add User_BumpAccountRevisionDateByCollectionIds and database migration script

* [AC-1174] Implement EF repository method

* [AC-1174] Improve null checks

* [AC-1174] Remove unnecessary BulkCollectionAccessRequestModel helpers

* [AC-1174] Add unit tests for new controller endpoint

* [AC-1174] Fix formatting

* [AC-1174] Remove comment

* [AC-1174] Remove redundant organizationId parameter

* [AC-1174] Ensure user and group Ids are distinct

* [AC-1174] Cleanup tests based on PR feedback

* [AC-1174] Formatting

* [AC-1174] Update CollectionGroup alias in the sproc

* [AC-1174] Add some additional comments to SQL sproc

* [AC-1174] Add comment explaining additional SaveChangesAsync call

---------

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>

* [AC-1646] Rename LimitCollectionCdOwnerAdmin column (#3300)

* Rename LimitCollectionCdOwnerAdmin -> LimitCollectionCreationDeletion

* Rename and bump migration script

* [AC-1666] Removed EditAnyCollection from Create/Delete permission checks (#3301)

* fix: remove EditAnyCollection from Create/Delete permission check, refs AC-1666

* fix: updated comment, refs AC-1666

* [AC-1669] Bug - Remove obsolete assignUserId from CollectionService.SaveAsync(...) (#3312)

* fix: remove AssignUserId from CollectionService.SaveAsync, refs AC-1669

* fix: add manage access conditional before creating collection, refs AC-1669

* fix: move access logic for create/update, fix all tests, refs AC-1669

* fix: add CollectionAccessSelection fixture, update tests, update bad reqeuest message, refs AC-1669

* fix: format, refs AC-1669

* fix: update null params with specific arg.is null checks, refs Ac-1669

* fix: update attribute class name, refs AC-1669

* [AC-1713] [Flexible collections] Add feature flags to server (#3334)

* Add feature flags for FlexibleCollections and BulkCollectionAccess

* Flag new routes and behaviour

---------

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>

* Add joint codeownership for auth handlers (#3346)

* [AC-1717] Update default values for LimitCollectionCreationDeletion (#3365)

* Change default value in organization create sproc to 1

* Drop old column name still present in some QA instances

* Set LimitCollectionCreationDeletion value in code based on feature flag

* Fix: add missing namespace after merging in master

* Fix: add missing namespace after merging in master

* [AC-1683] Fix DB migrations for new Manage permission (#3307)

* [AC-1683] Update migration script and introduce V2 procedures and types

* [AC-1683] Update repository calls to use new V2 procedures / types

* [AC-1684] Update bulk add collection migration script to use new V2 type

* [AC-1683] Undo Manage changes to more original procedures

* [AC-1683] Restore whitespace changes

* [AC-1683] Clarify comments regarding explicit column lists

* [AC-1683] Update migration script dates

* [AC-1683] Split the migration script for readability

* [AC-1683] Re-name SelectReadOnlyArray_V2 to CollectionAccessSelectionType

* [AC-1648] [Flexible Collections] Bump migration scripts before feature branch merge (#3371)

* Bump dates on sql migration scripts

* Bump date on ef migrations

* [AC-1727] Add AllowAdminAccessToAllCollectionItems column to Organization table

* [AC-1720] Update stored procedures and views that query the organization table and new column

* [AC-1727] Add EF migrations for new DB column

* [AC-1729] Update API request/response models

* [AC-1122] Add new setting to CurrentContextOrganization.cs

* [AC-1122] Ensure new setting is disabled for new orgs when the feature flag is enabled

* [AC-1122] Use V1 feature flag for new setting

* [AC-1122] Formatting

* [AC-1122] Update migration script date

---------

Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
 2023-11-27 11:44:07 -08:00
Thomas Rittson
da4a86c643
[AC-1373] Flexible Collections (#3245) 
* [AC-1117] Add manage permission (#3126)

* Update sql files to add Manage permission

* Add migration script

* Rename collection manage migration file to remove duplicate migration date

* Migrations

* Add manage to models

* Add manage to repository

* Add constraint to Manage columns

* Migration lint fixes

* Add manage to OrganizationUserUserDetails_ReadWithCollectionsById

* Add missing manage fields

* Add 'Manage' to UserCollectionDetails

* Use CREATE OR ALTER where possible

* [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145)

* feat: update org table with new column, write migration, refs AC-1374

* feat: update views with new column, refs AC-1374

* feat: Alter sprocs (org create/update) to include new column, refs AC-1374

* feat: update entity/data/request/response models to handle new column, refs AC-1374

* feat: update necessary Provider related views during migration, refs AC-1374

* fix: update org create to default new column to false, refs AC-1374

* feat: added new API/request model for collection management and removed property from update request model, refs AC-1374

* fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374

* fix: dotnet format, refs AC-1374

* feat: add ef migrations to reflect mssql changes, refs AC-1374

* fix: dotnet format, refs AC-1374

* feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374

* fix: merge conflict resolution

* [AC-1174] CollectionUser and CollectionGroup authorization handlers (#3194)

* [AC-1174] Introduce BulkAuthorizationHandler.cs

* [AC-1174] Introduce CollectionUserAuthorizationHandler

* [AC-1174] Add CreateForNewCollection CollectionUser requirement

* [AC-1174] Add some more details to CollectionCustomization

* [AC-1174] Formatting

* [AC-1174] Add CollectionGroupOperation.cs

* [AC-1174] Introduce CollectionGroupAuthorizationHandler.cs

* [AC-1174] Cleanup CollectionFixture customization

Implement and use re-usable extension method to support seeded Guids

* [AC-1174] Introduce WithValueFromList AutoFixtureExtensions

Modify CollectionCustomization to use multiple organization Ids for auto generated test data

* [AC-1174] Simplify CollectionUserAuthorizationHandler.cs

Modify the authorization handler to only perform authorization logic. Validation logic will need to be handled by any calling commands/controllers instead.

* [AC-1174] Introduce shared CollectionAccessAuthorizationHandlerBase

A shared base authorization handler was created for both CollectionUser and CollectionGroup resources, as they share the same underlying management authorization logic.

* [AC-1174] Update CollectionUserAuthorizationHandler and CollectionGroupAuthorizationHandler to use the new CollectionAccessAuthorizationHandlerBase class

* [AC-1174] Formatting

* [AC-1174] Cleanup typo and redundant ToList() call

* [AC-1174] Add check for provider users

* [AC-1174] Reduce nested loops

* [AC-1174] Introduce ICollectionAccess.cs

* [AC-1174] Remove individual CollectionGroup and CollectionUser auth handlers and use base class instead

* [AC-1174] Tweak unit test to fail minimally

* [AC-1174] Reorganize authorization handlers in Core project

* [AC-1174] Introduce new AddCoreAuthorizationHandlers() extension method

* [AC-1174] Move CollectionAccessAuthorizationHandler into Api project

* [AC-1174] Move CollectionFixture to Vault folder

* [AC-1174] Rename operation to CreateUpdateDelete

* [AC-1174] Require single organization for collection access authorization handler

- Add requirement that all target collections must belong to the same organization
- Simplify logic related to multiple organizations
- Update tests and helpers
- Use ToHashSet to improve lookup time

* [AC-1174] Fix null reference exception

* [AC-1174] Throw bad request exception when collections belong to different organizations

* [AC-1174] Switch to CollectionAuthorizationHandler instead of CollectionAccessAuthorizationHandler to reduce complexity

* Fix improper merge conflict resolution

* fix: add permission check for collection management api, refs AC-1647 (#3252)

* [AC-1125] Enforce org setting for creating/deleting collections (#3241)

* [AC-1117] Add manage permission (#3126)

* Update sql files to add Manage permission

* Add migration script

* Rename collection manage migration file to remove duplicate migration date

* Migrations

* Add manage to models

* Add manage to repository

* Add constraint to Manage columns

* Migration lint fixes

* Add manage to OrganizationUserUserDetails_ReadWithCollectionsById

* Add missing manage fields

* Add 'Manage' to UserCollectionDetails

* Use CREATE OR ALTER where possible

* [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145)

* feat: update org table with new column, write migration, refs AC-1374

* feat: update views with new column, refs AC-1374

* feat: Alter sprocs (org create/update) to include new column, refs AC-1374

* feat: update entity/data/request/response models to handle new column, refs AC-1374

* feat: update necessary Provider related views during migration, refs AC-1374

* fix: update org create to default new column to false, refs AC-1374

* feat: added new API/request model for collection management and removed property from update request model, refs AC-1374

* fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374

* fix: dotnet format, refs AC-1374

* feat: add ef migrations to reflect mssql changes, refs AC-1374

* fix: dotnet format, refs AC-1374

* feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374

* feat: created collection auth handler/operations, added LimitCollectionCdOwnerAdmin to CurrentContentOrganization, refs AC-1125

* feat: create vault service collection extensions and register with base services, refs AC-1125

* feat: deprecated CurrentContext.CreateNewCollections, refs AC-1125

* feat: deprecate DeleteAnyCollection for single resource usages, refs AC-1125

* feat: move service registration to api, update references, refs AC-1125

* feat: add bulk delete authorization handler, refs AC-1125

* feat: always assign user and give manage access on create, refs AC-1125

* fix: updated CurrentContextOrganization type, refs AC-1125

* feat: combined existing collection authorization handlers/operations, refs AC-1125

* fix: OrganizationServiceTests -> CurrentContentOrganization typo, refs AC-1125

* fix: format, refs AC-1125

* fix: update collection controller tests, refs AC-1125

* fix: dotnet format, refs AC-1125

* feat: removed extra BulkAuthorizationHandler, refs AC-1125

* fix: dotnet format, refs AC-1125

* fix: change string to guid for org id, update bulk delete request model, refs AC-1125

* fix: remove delete many collection check, refs AC-1125

* fix: clean up collection auth handler, refs AC-1125

* fix: format fix for CollectionOperations, refs AC-1125

* fix: removed unnecessary owner check, add org null check to custom permission validation, refs AC-1125

* fix: remove unused methods in CurrentContext, refs AC-1125

* fix: removed obsolete test, fixed failling delete many test, refs AC-1125

* fix: CollectionAuthorizationHandlerTests fixes, refs AC-1125

* fix: OrganizationServiceTests fix broken test by mocking GetOrganization, refs AC-1125

* fix: CollectionAuthorizationHandler - remove unused repository, refs AC-1125

* feat: moved UserId null check to common method, refs AC-1125

* fix: updated auth handler tests to remove dependency on requirement for common code checks, refs AC-1125

* feat: updated conditionals/comments for create/delete methods within colleciton auth handler, refs AC-1125

* feat: added create/delete collection auth handler success methods, refs AC-1125

* fix: new up permissions to prevent excessive null checks, refs AC-1125

* fix: remove old reference to CreateNewCollections, refs AC-1125

* fix: typo within ViewAssignedCollections method, refs AC-1125

---------

Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>

* refactor: remove organizationId from CollectionBulkDeleteRequestModel, refs AC-1649 (#3282)

* [AC-1174] Bulk Collection Management (#3229)

* [AC-1174] Update SelectionReadOnlyRequestModel to use Guid for Id property

* [AC-1174] Introduce initial bulk-access collection endpoint

* [AC-1174] Introduce BulkAddCollectionAccessCommand and validation logic/tests

* [AC-1174] Add CreateOrUpdateAccessMany method to CollectionRepository

* [AC-1174] Add event logs for bulk add collection access command

* [AC-1174] Add User_BumpAccountRevisionDateByCollectionIds and database migration script

* [AC-1174] Implement EF repository method

* [AC-1174] Improve null checks

* [AC-1174] Remove unnecessary BulkCollectionAccessRequestModel helpers

* [AC-1174] Add unit tests for new controller endpoint

* [AC-1174] Fix formatting

* [AC-1174] Remove comment

* [AC-1174] Remove redundant organizationId parameter

* [AC-1174] Ensure user and group Ids are distinct

* [AC-1174] Cleanup tests based on PR feedback

* [AC-1174] Formatting

* [AC-1174] Update CollectionGroup alias in the sproc

* [AC-1174] Add some additional comments to SQL sproc

* [AC-1174] Add comment explaining additional SaveChangesAsync call

---------

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>

* [AC-1646] Rename LimitCollectionCdOwnerAdmin column (#3300)

* Rename LimitCollectionCdOwnerAdmin -> LimitCollectionCreationDeletion

* Rename and bump migration script

* [AC-1666] Removed EditAnyCollection from Create/Delete permission checks (#3301)

* fix: remove EditAnyCollection from Create/Delete permission check, refs AC-1666

* fix: updated comment, refs AC-1666

* [AC-1669] Bug - Remove obsolete assignUserId from CollectionService.SaveAsync(...) (#3312)

* fix: remove AssignUserId from CollectionService.SaveAsync, refs AC-1669

* fix: add manage access conditional before creating collection, refs AC-1669

* fix: move access logic for create/update, fix all tests, refs AC-1669

* fix: add CollectionAccessSelection fixture, update tests, update bad reqeuest message, refs AC-1669

* fix: format, refs AC-1669

* fix: update null params with specific arg.is null checks, refs Ac-1669

* fix: update attribute class name, refs AC-1669

* [AC-1713] [Flexible collections] Add feature flags to server (#3334)

* Add feature flags for FlexibleCollections and BulkCollectionAccess

* Flag new routes and behaviour

---------

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>

* Add joint codeownership for auth handlers (#3346)

* [AC-1717] Update default values for LimitCollectionCreationDeletion (#3365)

* Change default value in organization create sproc to 1

* Drop old column name still present in some QA instances

* Set LimitCollectionCreationDeletion value in code based on feature flag

* Fix: add missing namespace after merging in master

* Fix: add missing namespace after merging in master

* [AC-1683] Fix DB migrations for new Manage permission (#3307)

* [AC-1683] Update migration script and introduce V2 procedures and types

* [AC-1683] Update repository calls to use new V2 procedures / types

* [AC-1684] Update bulk add collection migration script to use new V2 type

* [AC-1683] Undo Manage changes to more original procedures

* [AC-1683] Restore whitespace changes

* [AC-1683] Clarify comments regarding explicit column lists

* [AC-1683] Update migration script dates

* [AC-1683] Split the migration script for readability

* [AC-1683] Re-name SelectReadOnlyArray_V2 to CollectionAccessSelectionType

* [AC-1648] [Flexible Collections] Bump migration scripts before feature branch merge (#3371)

* Bump dates on sql migration scripts

* Bump date on ef migrations

---------

Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com>
Co-authored-by: Shane Melton <smelton@bitwarden.com>
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
 2023-11-01 09:30:52 +00:00
Todd Martin
7ede956c32
Individual Vault Item Encryption Feature (#3256) 
* [SG-966] [SG-967] Add new cipher properties, update DB objects and create migrations (#2681)

* Updated cipher entity with two new columns

* Added sqlserver mifgration and updated applicable stored procedures and table

* Added EF Migrations

* Made changes to response model to include new column properties

* Fixed formatting

* Modified scripts to reflect suggestions made on PR

* Added column to cipher table using default

* Include constraint in create cipher table script

* Added key and forcerotatekey property to request model (#2716)

* Added key update on the Cipher_UpdateWithCollection stored procedure, ef (#2855)

* Added key and forceKeyRotation to BuildCiphersTable method (#2893)

* [PM-2211] Remove forceKeyRotation column (#2921)

* Removed forceKeyRotation column

* Adjusted date for migrtaion file

* Passed key column to update cipher script to update cipher key when it is rotated (#2967)

* [PM-2448] Update CipherDetails_Update SP to update attachment column (#2992)

* Updated the cipherdetails_update stored procedure to update the attachement column when encrypted with the cipher key

* Moved migration and renamed old migration file

* Fixed lint issues

* Fixed lint issues

* renamed sqlserver migration to have a more recent date

* [PM-2548] Added validation to edit and add attachments methods (#3130)

* PM-2548 Added validation to edit and add attachments methods

* PM-2548 Moved the validation to a private method

* PM-2548 Minor refactor

* Bumped up minimum version

* Bumped up minimum version

* Changed version for tests purposes

* Bumped up minimum version

* Updated encryption minimum version to match clients for QA.

* PM-3976 Passed Key column to update cipher on bulk edit (#3299)

* Updated minimum client version in preparation for release.

* Renamed migration with current date. (#3303)

---------

Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
Co-authored-by: Carlos Gonçalves <cgoncalves@bitwarden.com>
Co-authored-by: Carlos Gonçalves <carlosmaccam@gmail.com>
 2023-09-28 08:45:13 -04:00
Thomas Avery
46faecaade
[SM-755] Add EF Secrets Manager cleanup on deletes (#3228) 
* Add Delete Cascade for EF AccessPolicy table

* Add AP removal on EF user deletion

* Remove SM entities on EF org delete
 2023-09-21 17:22:08 -05:00
Colton Hurst
0c53867dbc
SM-802: Add SecretsManagerBeta Column Migration (#3065) 
* SM-802: Add SecretsManagerBetaColumn SQL migration and Org table update

* SM-802: Run EF Migrations for SecretsManagerBeta

* SM-802: Update the two Org procs and View, and move data migration to a separate file

* SM-802: Add missing comma to Organization_Create

* SM-802: Remove extra GO statement from data migration script

* SM-802: Add SecretsManagerBeta to OrganizationResponseModel

* SM-802: Move SecretsManagerBeta from OrganizationResponseModel to OrganizationSubscriptionResponseModel. Use sp_refreshview instead of sp_refreshsqlmodule in the migration script.

* SM-802: Remove OrganizationUserOrganizationDetailsView.sql changes

* SM-802: Remove SecretsManagerBetaColumn migration

* SM-802: Add SecretsManagerBetaColumn migration

* SM-802: Remove OrganizationUserOrganizationDetailsView update

* SM-802: Remove migration

* SM-802: Rename SecretsManagerBetaColumn migration files to have the correct date (now that this has passed QA)

* SM-802: Add SecretsManagerBeta migration
 2023-07-26 15:55:28 -04:00
Thomas Avery
bb3a9daf98
[SM-678] ClientSecret migration (#2943) 
* Init ClientSecret migration

* Fix unit tests

* Move to src/Sql/dbo_future

* Formatting changes

* Update migration date for next release

* Swap to just executing sp_refreshview

* Fix formatting

* Add EF Migrations

* Rename to ClientSecretHash

* Fix unit test

* EF column rename

* Batch the migration

* Fix formatting

* Add deprecation notice to property

* Move data migration

* Swap to CREATE OR ALTER
 2023-06-21 13:16:06 -05:00