* Copy PatchGroupCommand to vNext and refactor
* Detect duplicate add requests and return early
* Update read repository method to use HA replica
* Add new write repository method
* Add stored procedure to read organization user details by role
* Add OrganizationUserRepository method to retrieve OrganizationUser details by role
* Enhance AuthRequestService to send notifications to custom users with ManageResetPassword permission
* Enhance AuthRequestServiceTests to include custom user permissions and validate notification email recipients
Only users with Manage/Edit permissions will be allowed to Assign To Collections. If the user has Can Edit Except Password the collections dropdown will be disabled.
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: kejaeger <138028972+kejaeger@users.noreply.github.com>
* Implement endpoints to add existing organization to provider
* Run dotnet format
* Support MOE
* Run dotnet format
* Move ProviderClientsController under AC ownership
* Move ProviderClientsControllerTests under AC ownership
* Jared's feedback
feat(NewDeviceVerification) :
* Created database migration scripts for VerifyDevices column in [dbo].[User].
* Updated DeviceValidator to check if user has opted out of device verification.
* Added endpoint to AccountsController.cs to allow editing of new User.VerifyDevices property.
* Added tests for new methods and endpoint.
* Updating queries to track [dbo].[User].[VerifyDevices].
* Updated DeviceValidator to set `User.EmailVerified` property during the New Device Verification flow.
* chore: set up a `CODEOWNERS` space for platform
* chore: move sql objects for `Installation` to platform's domain
* chore: move `Installation` and `PushRelay` code to platform's domain
* Add JSON-based stored procedure for updating account revision dates and modify existing procedure to use it
* Refactor SingleOrgPolicyValidator to revoke only non-compliant organization users and update related tests
- Revoking users when enabling single org and 2fa policies.
- Updated emails sent when users are revoked via 2FA or Single Organization policy enablement
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
* Added /domain/sso/verified to organization controller
* Restricting sproc to only return verified domains if the org has sso. Adding name. corrected route. removed not found exception. Adding the sproc definition to the SQL project
* Add new columns to `dbo.Organization` & its references
* Feed existing data into new `dbo.Organization` column
* Update Entity Framework database definitions
* Move new EF columns out of the core entity definition
* Generate Entity Framework migrations
* Feed existing data into new `Organization` Entity Framework columns
* Add a where clause to SQL migration
* Changes to make all teams and ent plan visible
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Resolve the typeo
---------
Signed-off-by: Cy Okeke <cokeke@bitwarden.com>
* Add HasVerifiedDomainsAsync method to IOrganizationDomainService
* Add GetManagedUserIdsByOrganizationIdAsync method to IOrganizationUserRepository and the corresponding queries
* Fix case on the sproc OrganizationUser_ReadManagedIdsByOrganizationId parameter
* Update the EF query to use the Email from the User table
* dotnet format
* Fix IOrganizationDomainService.HasVerifiedDomainsAsync by checking that domains have been Verified and add unit tests
* Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync
* Fix domain queries
* Add OrganizationUserRepository integration tests
* Add summary to IOrganizationDomainService.HasVerifiedDomainsAsync
* chore: Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync to GetManyIdsManagedByOrganizationIdAsync
* Add IsManagedByAnyOrganizationAsync method to IUserRepository
* Add integration tests for UserRepository.IsManagedByAnyOrganizationAsync
* Refactor to IUserService.IsManagedByAnyOrganizationAsync and IOrganizationService.GetUsersOrganizationManagementStatusAsync
* chore: Refactor IsManagedByAnyOrganizationAsync method in UserService
* Refactor IOrganizationService.GetUsersOrganizationManagementStatusAsync to return IDictionary<Guid, bool>
* Extract IOrganizationService.GetUsersOrganizationManagementStatusAsync into a query
* Update comments in OrganizationDomainService to use proper capitalization
* Move OrganizationDomainService to AdminConsole ownership and update namespace
* feat: Add support for organization domains in enterprise plans
* feat: Add HasOrganizationDomains property to OrganizationAbility class
* refactor: Update GetOrganizationUsersManagementStatusQuery to use IApplicationCacheService
* Remove HasOrganizationDomains and use UseSso to check if Organization can have Verified Domains
* Refactor UserService.IsManagedByAnyOrganizationAsync to simply check the UseSso flag
* Add TODO comment for replacing 'UseSso' organization ability on user verified domain checks
* Bump date on migration script
* Add indexes to OrganizationDomain table
* Bump script migration date; Remove WITH ONLINE = ON from data migration.
* Added invoices and transaction history endpoints. Added cursor paging for each
* Removed try/catch since it's handled by middleware. Updated condition to use pattern matching
* Added unit tests for PaymentHistoryService
* Removed organizationId from account billing controller endpoints
* [PM-10589] Update database defaults for collection management settings
* Update default values for 'LimitCollectionCreationDeletion' and 'AllowAdminAccessToAllCollectionItems' in Organization table
* Add checks before column constraint drop and constraint creation
* feat: Add stored procedure for reading organization user details with premium access by organization ID
The code changes include:
- Addition of a new stored procedure [dbo].[OrganizationUserUserDetailsWithPremiumAccess_ReadByOrganizationId] to read organization user details with premium access by organization ID
- Modification of the IUserService interface to include an optional parameter for checking two-factor authentication with premium access
- Modification of the UserService class to handle the new optional parameter in the TwoFactorIsEnabledAsync method
- Addition of a new method GetManyDetailsWithPremiumAccessByOrganizationAsync in the IOrganizationUserRepository interface to retrieve organization user details with premium access by organization ID
- Addition of a new view [dbo].[OrganizationUserUserDetailsWithPremiumAccessView] to retrieve organization user details with premium access
* Add IUserRepository.SearchDetailsAsync that includes the field HasPremiumAccess
* Check the feature flag on Admin.UsersController to see if the optimization runs
* Modify PolicyService to run query optimization if the feature flag is enabled
* Refactor the parameter check on UserService.TwoFactorIsEnabledAsync
* Run query optimization on public MembersController if feature flag is enabled
* Restore refactor
* Reverted change used for development
* Add unit tests for OrganizationService.RestoreUser
* Separate new CheckPoliciesBeforeRestoreAsync optimization into new method
* Add more unit tests
* Apply refactor to bulk restore
* Add GetManyDetailsAsync method to IUserRepository. Add ConfirmUsersAsync_vNext method to IOrganizationService
* Add unit tests for ConfirmUser_vNext
* Refactor the optimization to use the new TwoFactorIsEnabledAsync method instead of changing the existing one
* Removed unused sql scripts and added migration script
* Remove unnecessary view
* chore: Remove unused SearchDetailsAsync method from IUserRepository and UserRepository
* refactor: Use UserDetails constructor in UserRepository
* Add summary to IUserRepository.GetManyDetailsAsync
* Add summary descriptions to IUserService.TwoFactorIsEnabledAsync
* Remove obsolete annotation from IUserRepository.UpdateUserKeyAndEncryptedDataAsync
* refactor: Rename UserDetails to UserWithCalculatedPremium across the codebase
* Extract IUserService.TwoFactorIsEnabledAsync into a new TwoFactorIsEnabledQuery class
* Add unit tests for TwoFactorIsEnabledQuery
* Update TwoFactorIsEnabledQueryTests to include additional provider types
* Refactor TwoFactorIsEnabledQuery
* Refactor TwoFactorIsEnabledQuery and update tests
* refactor: Update TwoFactorIsEnabledQueryTests to include test for null TwoFactorProviders
* refactor: Improve TwoFactorIsEnabledQuery and update tests
* refactor: Improve TwoFactorIsEnabledQuery and update tests
* Remove empty <returns> from summary
* Update User_ReadByIdsWithCalculatedPremium stored procedure to accept JSON array of IDs
These sprocs were used to remove AccessAll from
cipher access logic. Now the original sprocs have been
updated with the new logic, these v2 sprocs are unused
and are being dropped to complete the EDD cycle.
Final removal of AccessAll logic in CollectionCipher sprocs. We had v2 sprocs already
containing this updated logic that were never used; copy the v2 logic back to the
original sprocs so that we start using it. v2 sprocs will be dropped later.
* Sql-backed IDistributedCache
* sqlserver cache table
* remove unused using
* setup EF entity
* cache indexes
* add back cipher
* revert SetupEntityFramework change
* ef cache
* EntityFrameworkCache
* IServiceScopeFactory for db context
* implement EntityFrameworkCache
* move to _serviceScopeFactory
* move to config file
* ef migrations
* fixes
* datetime and error codes
* revert migrations
* migrations
* format
* static and namespace fix
* use time provider
* Move SQL migration and remove EF one for the moment
* Add clean migration of just the new table
* Formatting
* Test Custom `IDistributedCache` Implementation
* Add Back Logging
* Remove Double Logging
* Skip Test When Not EntityFrameworkCache
* Format
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
