* feat(NewDeviceVerification) :
- Added constant to constants in Bit.Core because the cache key format needs to be shared between the Identity Server and the MVC project Admin.
- Updated DeviceValidator class to handle checking cache for user information to allow pass through.
- Updated and Added tests to handle new flow.
- Adding exception flow to admin project. Added tests for new methods in UserService.
* Add delete permission to cs role
* Add domain verification stat to portal
* add feature flag and unit tests
* fix test
* Refactor from PR feedback
* update comment
* Moved AccountsBilling controller to be owned by Billing
* Added org billing history endpoint
* Updated GetBillingInvoicesAsync to only retrieve paid, open, and uncollectible invoices, and added option to limit results
* Removed invoices and transactions from GetBillingAsync
* Limiting the number of invoices and transactions returned
* Moved Billing models to Billing namespace
* Split billing info and billing history objects
* Removed billing method GetBillingBalanceAndSourceAsync
* Removed unused using
* Cleaned up BillingInfo a bit
* Update migration scripts to use `CREATE OR ALTER` instead of checking for the `OBJECT_ID`
* Applying limit to aggregated invoices after they return from Stripe
* Auth/pm-48 (#2680)
* PM-48 - add user's role as a claim and establish access control service
* PM-48 - remove function unrelated to the role claim
* PM-48 - fix whitespace issues
* PM-48 - move registration of CustomClaimsPrincipalFactory, replace role claim type string with constant, streamline code that retrieves the user's role
* Auth/pm-47 (#2699)
* PM-48 - add user's role as a claim and establish access control service
* PM-48 - remove function unrelated to the role claim
* PM-48 - fix whitespace issues
* PM-47 - add list of permission enums, role:permissions mapping, and function that determines if the logged in user has the given permission
* PM-47 - remove unneeded service registration, set role to lowercase
* PM-47 - fix code style issues
* PM-46 - create permission filter attribute (#2753)
* Auth/pm-54 add rbac for users (#2758)
* PM-54 - add permission gates to User elements
* PM-54 - fix formatting
* PM-54 - remove unused function
* PM-54 - fix variable reference, add permission to billing role
* PM-54 - handle Upgrade Premium button functionality and fix spelling
* PM-54 - change permission name to be more accurate
* PM-49 - update role retrieval (#2779)
* Auth/[PM-50] add rbac for logs (#2782)
* PM-50 - add rbac for logs
* PM-50 - remove unnecessary action filter
* PM-51 - add RBAC for tools (#2799)
* Auth/[pm-52] add rbac providers (#2818)
* PM-52 add rbac for providers
* PM-52 - update redirect action
* PM-52 - add back edit functionality and permission
* PM-52 - reverse changes around removing edit functionality
* PM-52 - moved permission check to variable assignement
* PM-53 - add rbac for organizations (#2798)
* PM-52 - add missed permission to billing role (#2836)
* Fixed merge conflicts.
* [PM-1846] Updates to add RBAC back after merge conflicts (#2870)
* Updates to add RBAC to changes from reseller.
* Added back checks for delete and initiating a trial.
* Removed extraneous Razor tag.
---------
Co-authored-by: dgoodman-bw <109169446+dgoodman-bw@users.noreply.github.com>
Co-authored-by: Danielle Goodman <dgoodman@bitwarden.com>
Co-authored-by: Jacob Fink <jfink@bitwarden.com>
* Get limited life attachment download URL
This change limits url download to a 1min lifetime.
This requires moving to a new container to allow for non-public blob
access.
Clients will have to call GetAttachmentData api function to receive the download
URL. For backwards compatibility, attachment URLs are still present, but will not
work for attachments stored in non-public access blobs.
* Make GlobalSettings interface for testing
* Test LocalAttachmentStorageService equivalence
* Remove comment
* Add missing globalSettings using
* Simplify default attachment container
* Default to attachments containe for existing methods
A new upload method will be made for uploading to attachments-v2.
For compatibility for clients which don't use these new methods, we need
to still use the old container. The new container will be used only for
new uploads
* Remove Default MetaData fixture.
* Keep attachments container blob-level security for all instances
* Close unclosed FileStream
* Favor default value for noop services
