* chore: remove fc v1 from groups controller, refs PM-10291
* chore: remove fc v1 from organization users controller, refs PM-10291
* chore: remove fc v1 from organizations controller and clean up unsused imports, refs PM-10291
* chore: remove fc v1 from BulkCollectionAuthorizationHandler, refs PM-10291
* chore: remove fc v1 from CiphersCollections, refs PM-10291
* fix: unit tests related to fc v1 flag removal, refs PM-10291
* chore: update AllowAdminAccessToAllCollectionItems to take optional params, increase usage, refs PM-10291
* fix: format files, refs PM-10291
* chore: revert change to helper method, ignore double cache call, refs PM-10291
* feat: Add stored procedure for reading organization user details with premium access by organization ID
The code changes include:
- Addition of a new stored procedure [dbo].[OrganizationUserUserDetailsWithPremiumAccess_ReadByOrganizationId] to read organization user details with premium access by organization ID
- Modification of the IUserService interface to include an optional parameter for checking two-factor authentication with premium access
- Modification of the UserService class to handle the new optional parameter in the TwoFactorIsEnabledAsync method
- Addition of a new method GetManyDetailsWithPremiumAccessByOrganizationAsync in the IOrganizationUserRepository interface to retrieve organization user details with premium access by organization ID
- Addition of a new view [dbo].[OrganizationUserUserDetailsWithPremiumAccessView] to retrieve organization user details with premium access
* Add IUserRepository.SearchDetailsAsync that includes the field HasPremiumAccess
* Check the feature flag on Admin.UsersController to see if the optimization runs
* Modify PolicyService to run query optimization if the feature flag is enabled
* Refactor the parameter check on UserService.TwoFactorIsEnabledAsync
* Run query optimization on public MembersController if feature flag is enabled
* Restore refactor
* Reverted change used for development
* Add unit tests for OrganizationService.RestoreUser
* Separate new CheckPoliciesBeforeRestoreAsync optimization into new method
* Add more unit tests
* Apply refactor to bulk restore
* Add GetManyDetailsAsync method to IUserRepository. Add ConfirmUsersAsync_vNext method to IOrganizationService
* Add unit tests for ConfirmUser_vNext
* Refactor the optimization to use the new TwoFactorIsEnabledAsync method instead of changing the existing one
* Removed unused sql scripts and added migration script
* Remove unnecessary view
* chore: Remove unused SearchDetailsAsync method from IUserRepository and UserRepository
* refactor: Use UserDetails constructor in UserRepository
* Add summary to IUserRepository.GetManyDetailsAsync
* Add summary descriptions to IUserService.TwoFactorIsEnabledAsync
* Remove obsolete annotation from IUserRepository.UpdateUserKeyAndEncryptedDataAsync
* refactor: Rename UserDetails to UserWithCalculatedPremium across the codebase
* Extract IUserService.TwoFactorIsEnabledAsync into a new TwoFactorIsEnabledQuery class
* Add unit tests for TwoFactorIsEnabledQuery
* Update TwoFactorIsEnabledQueryTests to include additional provider types
* Refactor TwoFactorIsEnabledQuery
* Refactor TwoFactorIsEnabledQuery and update tests
* refactor: Update TwoFactorIsEnabledQueryTests to include test for null TwoFactorProviders
* refactor: Improve TwoFactorIsEnabledQuery and update tests
* refactor: Improve TwoFactorIsEnabledQuery and update tests
* Remove empty <returns> from summary
* Update User_ReadByIdsWithCalculatedPremium stored procedure to accept JSON array of IDs
* Fix error handling in provider setup process
This update ensures that when 'enable-consolidated-billing' is on, any exception thrown during the Stripe customer or subscription setup process for the provider will block the remainder of the setup process so the provider does not enter an invalid state
* Refactor the way BillingException is thrown
Made it simpler to just use the exception constructor and also ensured it was added to the exception handling middleware so it could provide a simple response to the client
* Handle all Stripe exceptions in exception handling middleware
* Fixed error response output for billing's provider controllers
* Cleaned up billing owned provider controllers
Changes were made based on feature updates by product and stuff that's no longer needed. No need to expose sensitive endpoints when they're not being used.
* Reafctored get invoices
Removed unnecssarily bloated method from SubscriberService
* Updated error handling for generating the client invoice report
* Moved get provider subscription to controller
This is only used once and the service layer doesn't seem like the correct choice anymore when thinking about error handling with retrieval
* Handled bad request for update tax information
* Split out Stripe configuration from unauthorization
* Run dotnet format
* Addison's feedback
* Renamed ProductType to ProductTierType
* Renamed Product properties to ProductTier
* Moved ProductTierType to Bit.Core.Billing.Enums namespace from Bit.Core.Enums
* Moved PlanType enum to Bit.Core.Billing.Enums
* Moved StaticStore to Bit.Core.Billing.Models.StaticStore namespace
* Added ProductType enum
* dotnet format
* Define a model for updating many auth requests
In order to facilitate a command method that can update many auth
requests at one time a new model must be defined that accepts valid
input for the command's needs. To achieve this a new file has been
created at
`Core/AdminConsole/OrganizationAuth/Models/OrganizationAuthRequestUpdateCommandModel.cs`
that contains a class of the same name. It's properties match those that
need to come from any calling API request models to fulfill the request.
* Declare a new command interface method
Calling API functions of the `UpdateOrganizationAuthRequestCommand` need
a function that can accept many auth request response objects and
process them as approved or denied. To achieve this a new function has
been added to `IUpdateOrganizationAuthRequestCommand` called
`UpdateManyAsync()` that accepts an
`IEnumberable<OrganizationAuthRequest>` and returns a `Task`.
Implementations of this interface method will be used to bulk process
auth requests as approved or denied.
* Stub out method implementation for unit testing
To facilitate a bulk device login request approval workflow in the admin
console `UpdateOrganizationAuthRequestCommand` needs to be updated to
include an `UpdateMany()` method. It should accept a list of
`OrganizationAuthRequestUpdateCommandModel` objects, perform some simple
data validation checks, and then pass those along to
`AuthRequestRepository` for updating in the database.
This commit stubs out this method for the purpose of writing unit tests.
At this stage the method throws a `NotImplementedException()`. It will
be expand after writing assertions.
* Inject `IAuthRequestRepository` into `UpdateOrganizationAuthCommand`
The updates to `UpdateOrganizationAuthRequestCommand` require a new
direct dependency on `IAuthRequestRepository`. This commit simply
registers this dependency in the `UpdateOrganizationAuthRequest`
constructor for use in unit tests and the `UpdateManyAsync()`
implementation.
* Write tests
* Rename `UpdateManyAsync()` to `UpdateAsync`
* Drop the `CommandModel` suffix
* Invert business logic update filters
* Rework everything to be more model-centric
* Bulk send push notifications
* Write tests that validate the command as a whole
* Fix a test that I broke by mistake
* Swap to using await instead of chained methods for processing
* Seperate a function arguement into a variable declaration
* Ungeneric-ify the processor
* Adjust ternary formatting
* Adjust naming of methods regarding logging organization events
* Throw an exception if Process is called with no auth request loaded
* Rename `_updates` -> `_update`
* Rename email methods
* Stop returning `this`
* Allow callbacks to be null
* Make some assertions about the state of a processed auth request
* Be more terse about arguements in happy path test
* Remove unneeded null check
* Expose an endpoint for bulk processing of organization auth requests (#4077)
---------
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* Add new stored procedure for reading reset password details for multiple organization user IDs
* Add method IOrganizationUserRepository.GetManyResetPasswordDetailsByOrganizationUserAsync
* Add new API endpoint for getting reset password details for multiple organization users
* Add unit tests for bulk OrganizationUsersController.GetResetPasswordDetails
* Add alias to sql query result column
* Add constructor for automatic mapping
* Fix http method type for endpoint
* dotnet format
* Simplify the constructor in the OrganizationUserResetPasswordDetails
* Refactor stored procedure and repository method names for retrieving account recovery details
* Add integration tests for GetManyAccountRecoveryDetailsByOrganizationUserAsync
* Lock endpoint behind BulkDeviceApproval feature flag
* Update feature flag key value
* Replace SubscriberQueries with SubscriberService
* Replace OrganizationBillingQueries with OrganizationBillingService
* Replace ProviderBillingQueries with ProviderBillingService, move to Commercial
* Replace AssignSeatsToClientOrganizationCommand with ProviderBillingService, move to commercial
* Replace ScaleSeatsCommand with ProviderBillingService and move to Commercial
* Replace CancelSubscriptionCommand with SubscriberService
* Replace CreateCustomerCommand with ProviderBillingService and move to Commercial
* Replace StartSubscriptionCommand with ProviderBillingService and moved to Commercial
* Replaced RemovePaymentMethodCommand with SubscriberService
* Formatting
* Used dotnet format this time
* Changing ProviderBillingService to scoped
* Found circular dependency'
* One more time with feeling
* Formatting
* Fix error in remove org from provider
* Missed test fix in conflit
* [AC-1937] Server: Implement endpoint to retrieve provider payment information (#4107)
* Move the gettax and paymentmethod from stripepayment class
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Add the method to retrieve the tax and payment details
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Add unit tests for the paymentInformation method
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Add the endpoint to retrieve paymentinformation
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Add unit tests to the SubscriberService
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Remove the getTaxInfoAsync update reference
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
---------
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
---------
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
Co-authored-by: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
* For SM Trial orgs, now scaling PM seat count with SM seat count adjustments
* Split Billing related organization endpoints into billing owned controller
* Updated billing organizations controller to use a primary constructor to reduce boilerplate
* Fixed error where ID couldn't be mapped to subscription endpoint guid param
* Updated billing OrganizationController endpoints to not manually create the GUID from the string ID
* Banished magic string back to the pit from whence it came
* Resolved errors in unit tests
* Prevent calls to Stripe when unlinking client org has no Stripe objects
* Thomas' feedback
* Check for stripe when org unlinked from org page
---------
Co-authored-by: Conner Turnbull <cturnbull@bitwarden.com>
* Fix issue where ManageUsers custom permission could not
grant access to collections
* Split ModifyAccess operation to ModifyUserAccess and
ModifyGroupAccess to reflect more granular operations
* update OrganizationUsersController PUT and POST
* enforces new collection access checks when updating members
* refactor BulkCollectionAuthorizationHandler to avoid repeated db calls
* [PM-3176] Extract IOrganizationService.SaveUserAsync to a command
* [PM-3176] Enabled nullable on command
* [PM-3176] Removed check that was not working
* add new classes
* initial commit
* revert the changes on this files
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* revert unnecessary changes
* Add a model
* add the delete token endpoint
* add a unit test for delete provider
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* add the delete provider method
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* resolve the failing test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* resolve the delete request redirect issue
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* changes to correct the json issue
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* resolve errors
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* resolve pr comment
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* move ProviderDeleteTokenable to the adminConsole
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Add feature flag
* resolve pr comments
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* add some unit test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* resolve the failing test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* resolve test
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* add the remove feature flag
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* [AC-2378] Added `ProviderId` to PayPal transaction model (#3995)
* Added ProviderId to PayPal transaction model
* Fixed issue with parsing provider id
* [AC-1923] Add endpoint to create client organization (#3977)
* Add new endpoint for creating client organizations in consolidated billing
* Create empty org and then assign seats for code re-use
* Fixes made from debugging client side
* few more small fixes
* Vincent's feedback
* Bumped version to 2024.4.1 (#3997)
* [AC-1923] Add endpoint to create client organization (#3977)
* Add new endpoint for creating client organizations in consolidated billing
* Create empty org and then assign seats for code re-use
* Fixes made from debugging client side
* few more small fixes
* Vincent's feedback
* [AC-1923] Add endpoint to create client organization (#3977)
* Add new endpoint for creating client organizations in consolidated billing
* Create empty org and then assign seats for code re-use
* Fixes made from debugging client side
* few more small fixes
* Vincent's feedback
* add changes after merge conflict
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
---------
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
Co-authored-by: Conner Turnbull <133619638+cturnbull-bitwarden@users.noreply.github.com>
Co-authored-by: Alex Morask <144709477+amorask-bitwarden@users.noreply.github.com>
Co-authored-by: Bitwarden DevOps <106330231+bitwarden-devops-bot@users.noreply.github.com>
* Restrict admins from adding themselves to groups
Updated OrganizationUsersController only, GroupsController to be updated
separately
* Delete unused api method
* [AC-1637] Added HtmlEncodingStringConverter to encode/decode special chars on JSON serialization/deserialization
* [AC-1637] Added unit tests for HtmlEncodingStringConverter
* [AC-1637] Moved expected values on unit tests to the arrange phase
* [AC-1637] Added HtmlEncodingStringConverter to properties that are for input/output of Org Name and Business name
* [AC-1637] Modified views in Admin project to decode values to display
* [AC-1637] Replaced Html.Raw with HttpUtility.HtmlDecode
* [AC-1637] Added JsonConverter to Provider DTOs
* [AC-1637] Modified HandlebarsMailService to decode organization name before sending emails
* Revert "[AC-1637] Added JsonConverter to Provider DTOs"
This reverts commit 94d507cf93.
* [AC-1637] Fixed Admin panel organization search
* [AC-1637] Sanitizing Organization name and business name on creation in Admin panel
* [AC-1637] Sanitizing organization name and business name on creation by a provider
* [AC-1637] Sanitizing provider name on creation and on viewing in admin panel
* [AC-1637] Added sanitization to more places where Org name is used
* [AC-1637] Swapped using HttpUtility for WebUtility since the later is part of the dotnet framework
* [AC-1637] Updated error messages
* [AC-1637] Decoding on Admin panel add existing organization
* [AC-1637] Fix HTML decoding issues
* [AC-1637] Refactor HTML decoding in View and Model classes on Admin panel
* [AC-1637] Refactor provider name and business name usages to use methods that output decoded values
* [AC-1637] Fixed typo
* [AC-1637] Renamed Provider methods to retrieve Decoded Name and BusinessName
* [AC-1637] Renamed Organization methods to retrieve Decoded Name and BusinessName
* [AC-1637] Update the display name method in the `ProviderOrganizationOrganizationDetails` class to `DisplayName()`
* [AC-2154] Logging organization data before migrating for flexible collections
* [AC-2154] Refactored logging command to perform the data migration
* [AC-2154] Moved validation inside the command
* [AC-2154] PR feedback
* [AC-2154] Changed logging level to warning
* [AC-2154] Fixed unit test
* [AC-2154] Removed logging unnecessary data
* [AC-2154] Removed primary constructor
* [AC-2154] Added comments
* [AC-2114] Downgrade Custom roles to User if flexible collections are enabled and only active permissions are 'Edit/Delete assigned collections'
* [AC-2114] Undo changes to OrganizationsController
* [AC-2114] Updated public API MembersController responses to have downgraded Custom user types for flexible collections
* Added offboarding survey response to cancellation when FF is on.
* Removed service methods to prevent unnecessary upstream registrations
* Forgot to actually remove the injected command in the services
* Rui's feedback
* Add missing summary
* Missed [FromBody]
* Update optionality to use org.FlexibleCollections
Also break old feature flag key to ensure it's never enabled
* Add logic to set defaults for collection management setting
* Update optionality logic to use org property
* Add comments
* Add helper method for getting individual orgAbility
* Fix validate user update permissions interface
* Fix tests
* dotnet format
* Fix more tests
* Simplify self-hosted update logic
* Fix mapping
* Use new getOrganizationAbility method
* Refactor invite and save orgUser methods
Pass in whole organization object instead of using OrganizationAbility
* fix CipherService tests
* dotnet format
* Remove manager check to simplify this set of changes
* Misc cleanup before review
* Fix undefined variable
* Refactor bulk-access endpoint to avoid early repo call
* Restore manager check
* Add tests for UpdateOrganizationLicenseCommand
* Add nullable regions
* Delete unused dependency
* dotnet format
* Fix test
* Remove TDE feature flag.
* Removed references to feature service from decryption options builder.
* Removed redundant references.
* Removed test that is no longer valid, as it was testing the feature flag.
* Removed remainder of TDE feature check.
