* Add RequiresDefaultCollection method to PersonalOwnershipPolicyRequirement
* Add CreateDefaultLocation feature flag to Constants.cs
* Add DefaultUserCollectionName property to OrganizationUserConfirmRequestModel with encryption attributes
* Update PersonalOwnershipPolicyRequirement instantiation in tests to use constructor with parameters instead of property assignment
* Enhance ConfirmOrganizationUserCommand to support default user collection creation. Added logic to check if a default collection is required based on organization policies and feature flags. Updated ConfirmUserAsync method signature to include an optional defaultUserCollectionName parameter. Added corresponding tests to validate the new functionality.
* Refactor Confirm method in OrganizationUsersController to use Guid parameters directly, simplifying the code. Updated ConfirmUserAsync call to include DefaultUserCollectionName from the input model.
* Move logic for handling confirmation side effects into a separate method
* Refactor PersonalOwnershipPolicyRequirement to use enum for ownership state
- Introduced PersonalOwnershipState enum to represent allowed and restricted states.
- Updated PersonalOwnershipPolicyRequirement constructor and properties to utilize the new enum.
- Modified related classes and tests to reflect changes in ownership state handling.
* Refactor CiphersController and related tests by removing unused IFeatureService dependency and associated feature flag checks. Cleaned up tests to reflect these changes, ensuring they focus on manage permissions without reliance on feature flags.
* Refactor CipherService and related tests by removing feature flag checks for item deletion permissions. Updated tests to focus on user manage permissions without reliance on feature flags, ensuring cleaner and more maintainable code.
* Enhance CiphersControllerTests by adding user retrieval and organization ability checks. Updated test cases to ensure proper handling of item deletion permissions based on user roles and organization settings, improving test coverage and reliability.
* use ToCipher instead of casting
* return ListResponseModel
* fix test
* remove ToArray
* have ShareManyAsync return CipherDetails
* fix test
* fix tests
* fix test
* fix test
* Avoid multiple lookups in dictionaries
* Consistency in fallback to empty CollectionIds
* Readability at the cost of lines changed
* Readability
* Changes after running dotnet format
* Remove gathering and reporting of ReferenceEvents
* Fix test that relied on reference events throwing
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Check for UserId instead of passing potentially default value to
bump account revision date method.
* Pass explicit UserId into CipherRepository.CreateAsync method
used for imports.
* Implement enhanced cipher deletion and restore permissions with feature flag support
- Add new method `CanDeleteOrRestoreCipherAsAdminAsync` in CiphersController
- Update NormalCipherPermissions to support more flexible cipher type checking
- Modify CipherService to use new permission checks with feature flag
- Refactor test methods to support new permission logic
- Improve authorization checks for organization cipher management
* Refactor cipher methods to use CipherDetails and simplify type handling
- Update CiphersController to use GetByIdAsync with userId
- Modify NormalCipherPermissions to remove unnecessary type casting
- Update ICipherService and CipherService method signatures to use CipherDetails
- Remove redundant type checking in CipherService methods
- Improve type consistency in cipher-related operations
* Enhance CiphersControllerTests with detailed permission and feature flag scenarios
- Add test methods for DeleteAdmin with edit and manage permission checks
- Implement tests for LimitItemDeletion feature flag scenarios
- Update test method names to reflect more precise permission conditions
- Improve test coverage for admin cipher deletion with granular permission handling
* Add comprehensive test coverage for admin cipher restore operations
- Implement test methods for PutRestoreAdmin and PutRestoreManyAdmin
- Add scenarios for owner and admin roles with LimitItemDeletion feature flag
- Cover permission checks for manage and edit permissions
- Enhance test coverage for single and bulk cipher restore admin operations
- Verify correct invocation of RestoreAsync and RestoreManyAsync methods
* Refactor CiphersControllerTests to remove redundant assertions and mocking
- Remove unnecessary assertions for null checks
- Simplify mocking setup for cipher repository and service methods
- Clean up redundant type and data setup in test methods
- Improve test method clarity by removing extraneous code
* Add comprehensive test coverage for cipher restore, delete, and soft delete operations
- Implement test methods for RestoreAsync with org admin override and LimitItemDeletion feature flag
- Add scenarios for checking manage and edit permissions during restore operations
- Extend test coverage for DeleteAsync with similar permission and feature flag checks
- Enhance SoftDeleteAsync tests with org admin override and permission validation
- Improve test method names to reflect precise permission conditions
* Add comprehensive test coverage for cipher restore, delete, and soft delete operations
- Extend test methods for RestoreManyAsync with various permission scenarios
- Add test coverage for personal and organization ciphers in restore operations
- Implement tests for RestoreManyAsync with LimitItemDeletion feature flag
- Add detailed test scenarios for delete and soft delete operations
- Improve test method names to reflect precise permission and feature flag conditions
* Refactor authorization checks in CiphersController to use All() method for improved readability
* Refactor filtering of ciphers in CipherService to streamline organization ability checks and improve readability
* convert `AdminOwnerEmails` to List rather than IEnumerable
* check for JSON array in `formatAdminOwnerEmails`
* remove trailing comma for admin/owners
* Use display block on tables to enforce padding
* update padding around review at-risk passwords
* Add PersonalOwnershipPolicyRequirement for managing personal ownership policy
* Add tests for PersonalOwnershipPolicyRequirement
* Register PersonalOwnershipPolicyRequirement in policy requirement factory
* Update ImportCiphersCommand to check PersonalOwnershipPolicyRequirement if the PolicyRequirements flag is enabled
Update unit tests
* Update CipherService to support PersonalOwnershipPolicyRequirement with feature flag
- Add support for checking personal ownership policy using PolicyRequirementQuery when feature flag is enabled
- Update CipherService constructor to inject new dependencies
- Add tests for personal vault restrictions with and without feature flag
* Clean up redundant "Arrange", "Act", and "Assert" comments in test methods
* Refactor PersonalOwnershipPolicyRequirementTests method names for clarity
- Improve test method names to better describe their purpose and behavior
- Rename methods to follow a more descriptive naming convention
- No functional changes to the test logic
* Remove commented code explaining policy check
* Refactor PersonalOwnership Policy Requirement implementation
- Add PersonalOwnershipPolicyRequirementFactory to replace static Create method
- Simplify policy requirement creation logic
- Update PolicyServiceCollectionExtensions to register new factory
- Update ImportCiphersCommand to use correct user ID parameter
- Remove redundant PersonalOwnershipPolicyRequirementTests
* Remove redundant PersonalOwnershipPolicyRequirementTests
* Remove unnecessary tests from PersonalOwnershipPolicyRequirementFactoryTests
* make "Review at-risk passwords" bold
* add owner and admin email address to the bottom of the security notification email
* fix plurality of text email
* prevent view-only users from updating passwords
* revert change to licensing service
* add tests
* check if organizationId is there
* move logic to private method
* move logic to private method
* move logic into method
* revert change to licensing service
* throw exception when cipher key is created by hidden password users
* fix tests
* don't allow totp or passkeys changes from hidden password users
* add tests
* revert change to licensing service
* initial commit of `CipherOrganizationPermission_GetManyByUserId`
* create queries to get all of the security tasks that are actionable by a user
- A task is "actionable" when the user has manage permissions for that cipher
* rename query
* return the user's email from the query as well
* Add email notification for at-risk passwords
- Added email layouts for security tasks
* add push notification for security tasks
* update entity framework to match stored procedure plus testing
* update date of migration and remove orderby
* add push service to security task controller
* rename `SyncSecurityTasksCreated` to `SyncNotification`
* remove duplicate return
* remove unused directive
* remove unneeded new notification type
* use `createNotificationCommand` to alert all platforms
* return the cipher id that is associated with the security task and store the security task id on the notification entry
* Add `TaskId` to the output model of `GetUserSecurityTasksByCipherIdsAsync`
* move notification logic to command
* use TaskId from `_getSecurityTasksNotificationDetailsQuery`
* add service
* only push last notification for each user
* formatting
* refactor `CreateNotificationCommand` parameter to `sendPush`
* flip boolean in test
* update interface to match usage
* do not push any of the security related notifications to the user
* add `PendingSecurityTasks` push type
* add push notification for pending security tasks
* Add Manage permission to UserCipherDetails and CipherDetails_ReadByIdUserId
* Add Manage property to CipherDetails and UserCipherDetailsQuery
* Add integration test for CipherRepository Manage permission rules
* Update CipherDetails_ReadWithoutOrganizationsByUserId to include Manage permission
* Refactor UserCipherDetailsQuery to include detailed permission and organization properties
* Refactor CipherRepositoryTests to improve test organization and readability
- Split large test method into smaller, focused methods
- Added helper methods for creating test data and performing assertions
- Improved test coverage for cipher permissions in different scenarios
- Maintained existing test logic while enhancing code structure
* Refactor CipherRepositoryTests to consolidate cipher permission tests
- Removed redundant helper methods for permission assertions
- Simplified test methods for GetCipherPermissionsForOrganizationAsync, GetManyByUserIdAsync, and GetByIdAsync
- Maintained existing test coverage for cipher manage permissions
- Improved code readability and reduced code duplication
* Add integration test for CipherRepository group collection manage permissions
- Added new test method GetCipherPermissionsForOrganizationAsync_ManageProperty_RespectsCollectionGroupRules
- Implemented helper method CreateCipherInOrganizationCollectionWithGroup to support group-based collection permission testing
- Verified manage permissions are correctly applied based on group collection access settings
* Add @Manage parameter to Cipher stored procedures
- Updated CipherDetails_Create, CipherDetails_CreateWithCollections, and CipherDetails_Update stored procedures
- Added @Manage parameter with comment "-- not used"
- Included new stored procedure implementations in migration script
- Consistent with previous work on adding Manage property to cipher details
* Update UserCipherDetails functions to reorder Manage and ViewPassword columns
* Reorder Manage and ViewPassword properties in cipher details queries
* Bump date in migration script
* update the cipher revision date when an attachment is added or deleted
* store the updated cipher in the DB when an attachment is altered
* return cipher from delete attachment endpoint
* PM-16261 move ImportCiphersAsync to the tools team and create services using CQRS design pattern
* PM-16261 fix renaming methods and add unit tests for succes and bad request exception
* PM-16261 clean up old code from test
* chore: set up a `CODEOWNERS` space for platform
* chore: move sql objects for `Installation` to platform's domain
* chore: move `Installation` and `PushRelay` code to platform's domain
* Added CQRS pattern
* Added the GetManyByUserIdAsync signature to the repositiory
* Added sql sproc
Created user defined type to hold status
Created migration file
* Added ef core query
* Added absract and concrete implementation for GetManyByUserIdStatusAsync
* Added integration tests
* Updated params to status
* Implemented new query to utilize repository method
* Added controller for the security task endpoint
* Fixed lint issues
* Added documentation
* simplified to require single status
modified script to check for users with edit rights
* Updated ef core query
* Added new assertions
* simplified to require single status
* fixed formatting
* Fixed sql script
* Removed default null
* Added OperationAuthorizationRequirement for secruity task
* Added and registered MarkTaskAsCompletedCommand
* Added unit tests for the command
* Added complete endpoint
* removed false value
* Added CQRS pattern
* Added the GetManyByUserIdAsync signature to the repositiory
* Added sql sproc
Created user defined type to hold status
Created migration file
* Added ef core query
* Added absract and concrete implementation for GetManyByUserIdStatusAsync
* Added integration tests
* Updated params to status
* Implemented new query to utilize repository method
* Added controller for the security task endpoint
* Fixed lint issues
* Added documentation
* simplified to require single status
modified script to check for users with edit rights
* Updated ef core query
* Added new assertions
* simplified to require single status
* fixed formatting
* Fixed sql script
* Removed default null
* Added security tasks feature flag
* Add ssh key item type
* Add fingerprint
* Limit ssh key ciphers to new clients
* Fix enc string length for 4096 bit rsa keys
* Remove keyAlgorithm from ssh cipher
* Add featureflag and exclude mobile from sync
* Add ssh-agent flag
* chore: remove fc refs in CreateGroup and UpdateGroup commands, refs AC-2646
* chore: remove fc refs and update interface to represent usage/get rid of double enumeration warnings, refs AC-2646
* chore: remove org/provider service fc callers, refs AC-2646
* chore: remove collection service fc callers, refs AC-2646
* chore: remove cipher service import ciphers fc callers, refs AC-2646
* fix: UpdateOrganizationUserCommandTests collections to list, refs AC-2646
* fix: update CreateGroupCommandTests, refs AC-2646
* fix: adjust UpdateGroupCommandTests, refs AC-2646
* fix: adjust UpdateOrganizationUserCommandTests for FC always true, refs AC-2646
* fix: update CollectionServiceTests, refs AC-2646
* fix: remove unnecessary test with fc disabled, refs AC-2646
* fix: update tests to account for AccessAll removal and Manager removal, refs AC-2646
* chore: remove dependence on FC flag for tests, refs AC-2646
Remove FlexibleCollections feature flag logic for repository methods:
* GetManyByUserIdAsync
* GetManyByUserIdCipherIdAsync
* UpdateCollectionsAsync
* UpdateCollectionsForCiphersAsync
This feature flag was never turned on and we will update the sprocs
directly as required.
Remove FlexibleCollections feature flag logic for repository methods:
* CiphersController.GetByIdAsync
* CipherRepository.DeleteAsync
* CipherRepository.MoveAsync
* RestoreAsync
* SoftDeleteAsync
This feature flag was never turned on and we will update the sprocs
directly as required.
* [PM-2383] Add bulk add/remove collection cipher repository methods
* [PM-2383] Add additional authorization helpers for CiphersControlle
* [PM-2383] Add /bulk-collections endpoint to CiphersController.cs
* [PM-2383] Add EF implementation for new CollectionCipherRepository methods
* [PM-2383] Ensure V1 logic only applies when the flag is enabled for new bulk functionality
* [AC-1124] Add GetManyUnassignedOrganizationDetailsByOrganizationIdAsync to the CipherRepository
* [AC-1124] Introduce IOrganizationCiphersQuery.cs to replace some CipherService queries
* [AC-1124] Add additional CipherDetails model that includes CollectionIds
* [AC-1124] Update CiphersController and response models
- Add new endpoint for assigned ciphers
- Update existing endpoint to only return all ciphers when feature flag is enabled the user has access
* [AC-1124] Add migration script
* [AC-1124] Add follow up ticket for Todos
* [AC-1124] Fix feature service usage after merge with main
* [AC-1124] Optimize unassigned ciphers query
* [AC-1124] Update migration script date
* [AC-1124] Update migration script date
* [AC-1124] Formatting
* Add checksum to Login Uri models
* Revert "Revert "Add checksum to Login Uri models (#3318)" (#3417)"
This reverts commit b44887d125f8100410a987447a7dc342d22eaf83.
* PM-4810 Bumped up minimum version
---------
Co-authored-by: Carlos Gonçalves <cgoncalves@bitwarden.com>
Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
Co-authored-by: Carlos Gonçalves <carlosmaccam@gmail.com>
* Update optionality to use org.FlexibleCollections
Also break old feature flag key to ensure it's never enabled
* Add logic to set defaults for collection management setting
* Update optionality logic to use org property
* Add comments
* Add helper method for getting individual orgAbility
* Fix validate user update permissions interface
* Fix tests
* dotnet format
* Fix more tests
* Simplify self-hosted update logic
* Fix mapping
* Use new getOrganizationAbility method
* Refactor invite and save orgUser methods
Pass in whole organization object instead of using OrganizationAbility
* fix CipherService tests
* dotnet format
* Remove manager check to simplify this set of changes
* Misc cleanup before review
* Fix undefined variable
* Refactor bulk-access endpoint to avoid early repo call
* Restore manager check
* Add tests for UpdateOrganizationLicenseCommand
* Add nullable regions
* Delete unused dependency
* dotnet format
* Fix test
## Type of change
<!-- (mark with an `X`) -->
```
- [ ] Bug fix
- [ ] New feature development
- [x] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
- [ ] Build/deploy pipeline (DevOps)
- [ ] Other
```
## Objective
<!--Describe what the purpose of this PR is. For example: what bug you're fixing or what new feature you're adding-->
Previous PR: #3434
Adds ciphers and folders to the new key rotation.
## Code changes
<!--Explain the changes you've made to each file or major component. This should help the reviewer understand your changes-->
<!--Also refer to any related changes or PRs in other repositories-->
* **file.ext:** Description of what was changed and why
## Before you submit
- Please check for formatting errors (`dotnet format --verify-no-changes`) (required)
- If making database changes - make sure you also update Entity Framework queries and/or migrations
- Please add **unit tests** where it makes sense to do so (encouraged but not required)
- If this change requires a **documentation update** - notify the documentation team
- If this change has particular **deployment requirements** - notify the DevOps team
* Create UserCipherDetails_v2 and update logic to remove AccessAll
* Create v2 variants of all sprocs that rely on it
* Add feature flag logic to call old or new sproc
* Make equivalent changes to EF queries
