1
0
mirror of https://github.com/bitwarden/server.git synced 2025-06-30 15:42:48 -05:00
Commit Graph

1028 Commits

Author SHA1 Message Date
3f3da558b6 [PM-17562] Refactor existing RabbitMq implementation (#5357)
* [PM-17562] Refactor existing RabbitMq implementation

* Fixed issues noted in PR review
2025-02-04 09:02:43 -05:00
443a147433 Replace StripePaymentService with PremiumUserBillingService in ReplacePaymentMethodAsync call (#5350) 2025-01-30 11:55:05 -05:00
5562ca9d5e WIP (#5210) 2025-01-27 15:28:47 +01:00
9e718d7336 [PM-15637] Add Email Notification Templates and Logic for Device Approval Requests (#5270)
* Add device approval notification email templates

* Add DeviceApprovalRequestedViewModel for device approval notifications

* Add method to send device approval requested notification email

* Send email notification to Organization Admins when adding a new admin approval auth request

* Add tests for device approval notification email sending in AuthRequestServiceTests

* fix(email-templates): Remove unnecessary triple braces from user name variable in device approval notification emails

* Add feature flag for admin notifications on device approval requests

* Add logging for skipped admin notifications on device approval requests
2025-01-27 10:59:46 +00:00
f140c7f6c1 [PM-11730] Remove feature flag: AC-2476-deprecate-stripe-sources-api (#5201)
* Removed feature flag

* Run dotnet format

* Fix integration tests
2025-01-24 13:38:35 -05:00
0de108e051 [PM-16682] Fix tax id not being saved for providers (#5257) 2025-01-20 16:50:11 +01:00
0c29e9227c Remove provider-export-permission feature flag (#5263)
* also remove old CipherService and CollectionService methods
  only used by old export code
2025-01-17 08:28:23 +10:00
04402c1316 Updated null checks to also check for empty string or whitespace (#5272) 2025-01-15 12:35:07 -05:00
adab8e622a [PM-17064] 500 error on Free org Upgrade with Saved Payment Method (#5266) 2025-01-15 10:05:38 -05:00
cc2128c97a [PM-16979] Avoid returning BillingTaxIdTypeInterferenceError when an … (#5252)
* [PM-16979] Avoid returning BillingTaxIdTypeInterferenceError when an empty tax id string is passed

* tests

* fix tests
2025-01-15 10:05:27 -05:00
730f83b425 Fixing misspelling. made changes to domain claim email. (#5248) 2025-01-10 14:19:52 -06:00
904692a9b6 [pm-10860] Fix provider name encoding issue. (#5244)
Prevent double encoding, as Handlebars encode strings by default.
2025-01-10 13:43:58 -05:00
45d2c5315d [PM-14894] Drop Tax Rate tables - Stage 1 (#5236) 2025-01-10 16:39:02 +01:00
fbfabf2651 [PM-15547] Fix two-factor authentication revocation logic and update related tests (#5246)
* Fix two-factor authentication revocation logic and update related tests

* Refine test for RevokeNonCompliantOrganizationUserCommand to assert single user revocation
2025-01-10 14:45:09 +00:00
Ike
ce2ecf9da0 [PM-12995] Create UI elements for New Device Verification in Admin Portal (#5165)
* feat(NewDeviceVerification) :
- Added constant to constants in Bit.Core because the cache key format needs to be shared between the Identity Server and the MVC project Admin.
- Updated DeviceValidator class to handle checking cache for user information to allow pass through.
- Updated and Added tests to handle new flow.
- Adding exception flow to admin project. Added tests for new methods in UserService.
2025-01-09 18:10:54 -08:00
6771f79597 Updated LicensingService to be a singleton again and moved IFeatureService up a frame in the call stack (#5238) 2025-01-09 12:40:16 -05:00
92d9b88afb Provide new feature flag context for devices (#5226) 2025-01-08 13:54:34 -05:00
cd7c4bf6ce chore: move Installation and Push to platform's domain folders (#5085)
* chore: set up a `CODEOWNERS` space for platform

* chore: move sql objects for `Installation` to platform's domain

* chore: move `Installation` and `PushRelay` code to platform's domain
2025-01-06 18:10:53 +01:00
4871f0b956 Ran dotnet format (#5218)
* Ran `dotnet format`

* Re-added usings
2025-01-03 16:00:52 -05:00
f74b94b5f7 [PM-16700] Handling nulls in UserLicenseClaimsFactory (#5217)
* Handling nulls in UserLicenseClaimsFactory

* Only setting Token if the flag is enabled
2025-01-03 20:34:29 +00:00
97e11774e3 [PM-13999] show estimated tax for taxable countries (#5110) 2025-01-02 20:27:53 +01:00
322a07477a organization status changed code changes (#5113)
* organization status changed code changes

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add the push notification to subscriptionUpdated

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* send notification using the SendPayloadToUser

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Change the implementation to send userId

* Added new implementation for orgstatus sync

* refactor the code and remove private methods

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-12-18 16:31:07 +01:00
Ike
c446ac86fe [PM-12512] Add Endpoint to allow users to request a new device otp (#5146)
feat(NewDeviceVerification): Added a resend new device OTP endpoint and method for the IUserService as well as wrote test for new methods for the user service.
2024-12-16 07:57:56 -08:00
6da7fdc39e [PM-15547] Revoke managed user on 2FA removal if enforced by organization policy (#5124)
* Revoke managed user on 2FA removal if enforced by organization policy

* Rename TwoFactorDisabling to TwoFactorDisabled in EventSystemUser enum
2024-12-13 11:32:29 +00:00
03dde0d008 update copy for domain claimed by organization email (#5138) 2024-12-12 13:54:04 -05:00
170836aba1 Update unclaimed domains email copy (#5116) 2024-12-11 14:48:00 +00:00
f471fffe42 [PM-10317] Email Users For Org Claiming Domain (#5094)
* Revoking users when enabling single org and 2fa policies. Fixing tests.

* Added migration.

* Wrote tests and fixed bugs found.

* Patch build process

* Fixing tests.

* Added unit test around disabling the feature flag.

* Updated error message to be public and added test for validating the request.

* formatting

* Added some tests for single org policy validator.

* Fix issues from merge.

* Added sending emails to revoked non-compliant users.

* Fixing name. Adding two factor policy email.

* Send email when user has been revoked.

* Correcting migration name.

* Fixing templates and logic issue in Revoke command.

* Moving interface into its own file.

* Correcting namespaces for email templates.

* correcting logic that would not allow normal users to revoke non owners.

* Actually correcting the test and logic.

* dotnet format. Added exec to bottom of bulk sproc

* Update src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/RevokeNonCompliantOrganizationUserCommand.cs

Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>

* Updated OrgIds to be a json string

* Fixing errors.

* Updating test

* Moving command result.

* Formatting and request rename

* Realized this would throw a null error from the system domain verification. Adding unknown type to event system user. Adding optional parameter to SaveAsync in policy service in order to pass in event system user.

* Code review changes

* Removing todos

* Corrected test name.

* Syncing filename to record name.

* Fixing up the tests.

* Added happy path test

* Naming corrections. And corrected EF query.

* added check against event service

* Code review changes.

* Fixing tests.

* splitting up tests

* Added templates and email side effect for claiming a domain.

* bringing changes from nc user changes.

* Switched to enqueue mail message.

* Filled in DomainClaimedByOrganization.html.hbs

* Added text document for domain claiming

* Fixing migration script.

* Remove old sproc

* Limiting sending of the email down to users who are a part of the domain being claimed.

* Added test for change

* Renames and fixed up email.

* Fixing up CSS

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
Co-authored-by: Rui Tome <rtome@bitwarden.com>
2024-12-05 14:59:35 +00:00
04cf513d78 [PM-11516] Initial license file refactor (#5002)
* Added the ability to create a JWT on an organization license that contains all license properties as claims

* Added the ability to create a JWT on a user license that contains all license properties as claims

* Added ability to consume JWT licenses

* Resolved generic type issues when getting claim value

* Now validating the jwt signature, exp, and iat

* Moved creation of ClaimsPrincipal outside of licenses given dependecy on cert

* Ran dotnet format. Resolved identity error

* Updated claim types to use string constants

* Updated jwt expires to be one year

* Fixed bug requiring email verification to be on the token

* dotnet format

* Patch build process

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-12-05 14:31:14 +00:00
90a9473a5e Revert "[PM-13999] Show estimated tax for taxable countries (#5077)" (#5109)
This reverts commit 94fdfa40e8.

Co-authored-by: Conner Turnbull <133619638+cturnbull-bitwarden@users.noreply.github.com>
2024-12-04 14:36:11 +00:00
94fdfa40e8 [PM-13999] Show estimated tax for taxable countries (#5077) 2024-12-04 11:45:11 +01:00
1b75e35c31 [PM-10319] - Revoke Non Complaint Users for 2FA and Single Org Policy Enablement (#5037)
- Revoking users when enabling single org and 2fa policies.
- Updated emails sent when users are revoked via 2FA or Single Organization policy enablement

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
2024-11-26 16:37:12 -06:00
44bf5619c8 Updated customer metadata to only store one old btCustomerId (#4997)
* Updated customer metadata to only store one old btCustomerId

* Updated to include case where old key already exists

* Updated SubscriberService to also save btCustomerId_old on the Stripe Customer's metadata

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2024-11-19 11:38:30 -05:00
c76d615fad [PM-13346] Email notification impacts (#5027)
* Changes for the email notification

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Remove Get SponsoringSponsoredEmailAsync method

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Remove unused policyRepository referrence

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Removed unused OrganizationSponsorshipResponse

* Rollback unrelated code changes

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Resolve the failing test

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Method to get policy status without login

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Refactor the email notification

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Remove unused property

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Remove unused property

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Fix line spacing

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* remove extra line

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Refactor base on the pr review

* Remove the unused interface

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add changes for error message for disable policy

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-11-19 17:37:01 +01:00
21b7c3b73a Support client version prerelease flag in context and LD targeting (#4994)
* Support client version prerelease flag in context and LD targeting

* Use integer instead of Boolean
2024-11-07 16:13:57 -05:00
4b76008245 [PM-11406] Account Management: Prevent a verified user from deleting their account (#4878)
* Add check for managed user before purging account

* Rename IOrganizationRepository.GetByClaimedUserDomainAsync to GetByVerifiedUserEmailDomainAsync and refactor to return a list. Remove ManagedByOrganizationId from ProfileResponseMode. Add ManagesActiveUser to ProfileOrganizationResponseModel

* Rename the property ManagesActiveUser to UserIsManagedByOrganization

* Remove whole class #nullable enable and add it to specific places

* [PM-11405] Account Deprovisioning: Prevent a verified user from changing their email address

* Remove unnecessary .ToList()

* Refactor IUserService methods GetOrganizationsManagingUserAsync and IsManagedByAnyOrganizationAsync to not return nullable objects. Update ProfileOrganizationResponseModel.UserIsManagedByOrganization to not be nullable

* Prevent deletion of accounts managed by an organization when Account Deprovisioning is enabled

* Add CannotDeleteManagedAccountViewModel and email templates

- Added CannotDeleteManagedAccountViewModel class to handle emails related to preventing deletion of accounts managed by an organization.
- Added HTML and text email templates for sending notifications about the inability to delete an account owned by an organization.
- Updated IMailService interface with a new method to send the cannot delete managed account email.
- Implemented the SendCannotDeleteManagedAccountEmailAsync method in HandlebarsMailService.
- Added a check in UserService to send the cannot delete managed account email if the user is managed by any organization.
- Added a no-op implementation for SendCannotDeleteManagedAccountEmailAsync in NoopMailService.

* Update error message when unable to purge vault for managed account

* Update error message when unable to change email for managed account

* Update error message when unable to delete account when managed by organization

* Update error message in test for deleting organization-owned accounts
2024-11-04 16:37:21 +00:00
df4f8df485 Remove the time threshold feature flag (#4860)
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-11-04 12:38:58 +01:00
35b0f61986 [PM-13450] Admin: Display Multi-organization Enterprise attributes on provider details (#4955) 2024-11-04 06:45:25 +01:00
a04df4beba Device deactivation (#4963)
* Device deactivation

* Check active status in service

* Format and work around potential deadlocks
2024-10-31 17:05:13 -04:00
f44a59f7a9 Shard notification hub (#4450)
* Allow for binning of comb IDs by date and value

* Introduce notification hub pool

* Replace device type sharding with comb + range sharding

* Fix proxy interface

* Use enumerable services for multiServiceNotificationHub

* Fix push interface usage

* Fix push notification service dependencies

* Fix push notification keys

* Fixup documentation

* Remove deprecated settings

* Fix tests

* PascalCase method names

* Remove unused request model properties

* Remove unused setting

* Improve DateFromComb precision

* Prefer readonly service enumerable

* Pascal case template holes

* Name TryParse methods TryParse

* Apply suggestions from code review

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* AllClients is a set of clients and must be deduplicated

* Fix registration start time

* Add logging to initialization of a notification hub

* more logging

* Add lower level logging for hub settings

* Log when connection is resolved

* Improve log message

* Log pushes to notification hub

* temporarily elevate log messages for visibility

* Log in multi-service when relaying to another push service

* Revert to more reasonable logging free of user information

* Fixup merge

Deleting user was extracted to a command in #4803, this updates that work to use just the device ids as I did elsewhere in abd67e8ec

* Do not use bouncy castle exception types

* Add required services for logging

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
2024-10-22 12:20:57 -04:00
5d15750b80 [PM-13717] Fix legacy credit rebate for migrated MSPs (#4906)
* Fix legacy credit rebate for migrated MSPs

* Run dotnet format
2024-10-21 08:54:06 -04:00
d6cd73cfcc [PM-11404] Account Management: Prevent a verified user from purging their vault (#4853)
* Add check for managed user before purging account

* Rename IOrganizationRepository.GetByClaimedUserDomainAsync to GetByVerifiedUserEmailDomainAsync and refactor to return a list. Remove ManagedByOrganizationId from ProfileResponseMode. Add ManagesActiveUser to ProfileOrganizationResponseModel

* Rename the property ManagesActiveUser to UserIsManagedByOrganization

* Remove whole class #nullable enable and add it to specific places

* Remove unnecessary .ToList()

* Refactor IUserService methods GetOrganizationsManagingUserAsync and IsManagedByAnyOrganizationAsync to not return nullable objects. Update ProfileOrganizationResponseModel.UserIsManagedByOrganization to not be nullable

* Update error message when unable to purge vault for managed account
2024-10-17 16:06:32 +01:00
93e49ffe74 [AC-607] Extract IOrganizationService.DeleteUserAsync into IRemoveOrganizationUserCommand (#4803)
* Add HasConfirmedOwnersExceptQuery class, interface and unit tests

* Register IHasConfirmedOwnersExceptQuery for dependency injection

* Replace OrganizationService.HasConfirmedOwnersExceptAsync with HasConfirmedOwnersExceptQuery

* Refactor DeleteManagedOrganizationUserAccountCommand to use IHasConfirmedOwnersExceptQuery

* Fix unit tests

* Extract IOrganizationService.RemoveUserAsync into IRemoveOrganizationUserCommand; Update unit tests

* Extract IOrganizationService.RemoveUsersAsync into IRemoveOrganizationUserCommand; Update unit tests

* Refactor RemoveUserAsync(Guid organizationId, Guid userId) to use ValidateDeleteUser

* Refactor RemoveOrganizationUserCommandTests to use more descriptive method names

* Refactor controller actions to accept Guid directly instead of parsing strings

* Add unit tests for removing OrganizationUser by UserId

* Refactor remove OrganizationUser by UserId method

* Add summary to IHasConfirmedOwnersExceptQuery
2024-10-16 10:33:00 +01:00
594b2a274d [PM-7452] Handle PayPal for premium users (#4835)
* Add PremiumUserSale

* Add PremiumUserBillingService

* Integrate into UserService behind FF

* Update invoice.created handler to bill newly created PayPal customers

* Run dotnet format
2024-10-01 09:12:08 -04:00
81190c1bdf PM-11602 | Error toast when expired org attempts to auto scale is unclear (#4746) 2024-09-30 12:35:14 +02:00
c66879eb89 [PM-8445] Update trial initiation UI (#4712)
* Add the feature flag

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Initial comment

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* changes to subscribe with payment method

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Add new objects

* Implementation for subscription without payment method

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Remove unused codes and classes

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Rename the flag properly

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* remove implementation that is no longer needed

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* revert the changes on some code removal

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* Resolve the pr comment

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

* format the data annotations line breaks

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>

---------

Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
2024-09-27 19:39:44 +01:00
3f629e0a5a [PM-11334] Add managed status to sync data (#4791)
* Refactor UserService to add GetOrganizationManagingUserAsync method to retrive the organization that manages a user

* Refactor SyncController and AccountsController to include ManagedByOrganizationId in profile response
2024-09-26 11:21:51 +01:00
080057c564 Provide client type in LD context (#4798) 2024-09-24 10:18:20 -04:00
9a5c6fe527 PM-11123: Device Type mapping (#4768)
* PM-11123: Device Type mapping

* PM-11123: Moving ClientType out of NotificationCenter, naming clash with Identity ClientType

* PM-11123: Rename ClientType in ICurrentContext to match the type
2024-09-23 23:02:32 +02:00
c8392804f9 Remove explicit client version attributes (#4767) 2024-09-11 16:56:21 -04:00
df61edbce7 Set proper context for service accounts (#4765) 2024-09-11 15:41:06 -04:00