1
0
mirror of https://github.com/bitwarden/server.git synced 2025-07-04 01:22:50 -05:00
Commit Graph

706 Commits

Author SHA1 Message Date
4645914383 Reference Events Fixups (#1518)
* made salesAssistedTrialStarted nullable

* removed conditional logic surrounding directory sync events

* changed the value of the CipherCreated reference event enum
2021-08-17 13:12:55 -04:00
1779d33a66 Verify Send file does not exist before saving file (#1515)
* Verify Send file does not exist before saving file

* Fix flaky test
2021-08-17 08:37:00 -05:00
48aa54949b Allow api key as captcha token (#1513)
This allows legitimate users to permanently bypass captcha once
they've successfully logged in. Will allow unmonitored scripts more
resilience to captcha requirements
2021-08-13 08:52:52 -05:00
824645250e toggled the force password reset flow off (#1510)
* toggled the force password reset flow off

* Update UserService.cs
2021-08-12 13:09:08 -04:00
7928b25796 Added Several New Reference Events (#1500)
* added enum values for new events

* hooked up directory sync event

* upgraded the OrganizationUpgrade ReferenceEvent

* Added metadata to the OrganizationUserInvited event noting if this is the first event sent from an organization

* Added metadata to the AdjustedSeats event

* Implemented vaultImported event

* Implemented FirstGroupAdded event

* Implemented FirstCollectionAdded event

* Implemented FirstSecretAdded event type

* Implemented SalesAssisted reference event

* changed events to match updated requirements

* renamed an event enum
2021-08-10 14:38:58 -04:00
5dc6013e37 Provider qa feedback (#1501)
* Title case buttons

* Throw if provider tries to add a non-business organization

* Allow only one admin OR owner roll in a free org per user

Boolean operators were not properly assocated
and ownership of an org was precluding confirmation into any other
organization

* Limit email length

* Require email domain with top level domain

* Do not allow email domains to end in invalid characters

* Fix free org tests
2021-08-10 11:16:10 -05:00
53a93ffcea [Reset Password v1] Updated force password reset models (#1492) 2021-08-05 13:00:24 -05:00
cfc7fa071b Record when a provider user accesses a clients vault (#1496)
* Record when a provider user accesses a clients vault

* Do not allow removal from provider unless owner exists

* PR Review

* Null safe event processing
* append `Async` to async methods
2021-08-05 07:50:41 -05:00
b1ed6d2c21 Fix upload limits for direct uploads (again) (#1479)
* Use constants to represent file size limits

* Allow uploads of up to 500mb for self-hosted

* Set nginx max body size to 505mb

* Add reminder about updating nginx/proxy.conf
2021-08-04 09:00:30 +10:00
eb846f7627 [Provider] Resolve email not being url encoded (#1483) 2021-07-23 10:22:59 +02:00
7a135ae7cd Protect user registration with captcha (#1480)
* Protect user registration with captcha

* PR feedback
2021-07-22 12:29:06 -05:00
46fa6f6673 [Reset Password v1] Update Temporary Password API (#1481)
* [Reset Password v1] Update Temporary Password API

* Fixed Noop interface
2021-07-22 09:20:14 -05:00
8e1e2fa2fe Feature/sync Enable hcaptcha on login (#1469)
* Share globalSettings hcaptcha public key with clients

* Require captcha valid only prior to two factor

users with two factor will have already solved captcha is necessary.
Users without two factor will have`TwoFactorVerified` set to false

* Do not require CaptchaResponse on two-factor requests

* Add option to always require captcha for testing purposes

* Allow for self-hosted instances if they want to use it

* Move refresh suggestion to correct error

* Expect lifetime in helper method

* Add captcha bypass token to successful captcha validations

* Remove twofactorValidated

* PR Feedback
2021-07-21 13:42:06 -05:00
259bf8d760 Add events for Creating, Adding and Removing ProviderOrganizations (#1475) 2021-07-21 19:40:38 +02:00
8e97b924d4 addressed bugs and concerns around special characters in email templates (#1478)
* addressed bugs and concerns around special characters in email templates

* Modified email sanitization rules
2021-07-21 12:43:28 -04:00
745068686b Add Expiration Date To Organization Invite Emails (#1466)
* Added an expiration date to the organization user invite email

* Added a period

* moved property assignment around

* fixed date offset
2021-07-16 14:17:24 -04:00
5ec37b96b4 Organization User Accepted Invite Email Notifications (#1465) 2021-07-16 13:49:27 -04:00
f6ebb20847 [Provider] Add support for events (#1447) 2021-07-15 16:37:27 +02:00
8ac2dc50af [Provider] Send email on removal (#1463) 2021-07-15 16:37:16 +02:00
b13dda2799 Postgres & MySql Support For Self-Hosted Installations (#1386)
* EF Database Support Init (#1221)

* scaffolding for ef support

* deleted old postgres repos

* added tables to oncreate

* updated all the things to .NET 5

* Addition to #1221: Migrated DockerFiles from dotnet/3.1 to  5.0 (#1223)

* Migrated DockerFiles from dotnet/3.1 to  5.0

* Migrated SSO/Dockerfile from dotnet 3.1 to 5.0

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>

* EFDatabaseSupport: Updated links and description in README.md and SETUP.md (#1232)

* Updated requirements in README.md

* Updated link to documentation of app-secrets

* upgraded dotnet version to 5.0

* Ef database support implementation examples (#1265)

* mostly finished testing the user repo

* finished testing user repo

* finished org, user, ssoconfig, and ssouser ef implementations

* removed unused prop

* fixed a sql file

* fixed a spacing issue

* fixed a spacing issue

* removed extra database creation

* refactoring

* MsSql => SqlServer

* refactoring

* code review fixes

* build fix

* code review

* continued attempts to fix the the build

* skipped another test

* finished all create test

* initial pass at several repos

* continued building out repos

* initial pass at several repos

* initial pass at device repo

* initial pass at collection repo

* initial run of all Entity Framework implementations

* signup, signin, create/edit ciphers works

* sync working

* all web vault pages seem to load with 100% 200s

* bulkcopy, folders, and favorites

* group and collection management

* sso, groups, emergency access, send

* get basic creates matching on all repos

* got everything building again post merge

* removed some IDE config files

* cleanup

* no more notimplemented methods in the cipher repo

* no more not implementeds everywhere

* cleaned up schema/navigation properties and fixed tests

* removed a sql comment that was written in c# style

* fixed build issues from merge

* removed unsupported db providers

* formatting

* code review refactors

* naming cleanup for queries

* added provider methods

* cipher repo cleanup

* implemented several missing procedures from the EF implementation surround account revision dates, keys, and storage

* fixed the build

* added a null check

* consolidated some cipher repo methods

* formatting fix

* cleaned up indentation of queries

* removed .idea file

* generated postgres migrations

* added mysql migrations

* formatting

* Bug Fixes & Formatting

* Formatting

* fixed a bug with bulk import when using MySql

* code review fixes

* fixed the build

* implemented new methods

* formatting

* fixed the build

* cleaned up select statements in ef queries

* formatting

* formatting

* formatting

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2021-07-08 16:35:48 +00:00
be13eb153a [Reset Password v1] - Make auto enrollment required when enabled (#1412)
* [Reset Password v1] - Make auto enrollment required when enabled

* Removed unnecessary imports
2021-07-08 10:48:43 -05:00
feb3106f37 [Provider] Create and access child organizations (#1427) 2021-07-08 17:05:32 +02:00
a6128c781a Fix minor typo in logging (#1444) 2021-07-08 12:40:47 +10:00
8f0ef49d7f Organization Service permission refactor fix (#1432) 2021-07-07 17:08:18 +02:00
898c7baf89 Fix queue message encoding for Azure (UTF-16 in XML) (#1439)
* Revert "Encode into b64 to avoid illegal xml encoding when sending to Azure (#1425)"

This reverts commit 2c9a5bb4ab.

* Azure queue to use base64 encoding universally

* Ensure byte size calc is using encoded byte count

* Remove message text extension from blockIP svc

* Remove unused using on blockIp hosted service
2021-07-07 10:49:59 -04:00
2c9a5bb4ab Encode into b64 to avoid illegal xml encoding when sending to Azure (#1425)
* Encode into b64 to avoid illegal xml encoding when sending to Azure

* Revert "Encode into b64 to avoid illegal xml encoding when sending to Azure"

This reverts commit d50de941da.

* HtmlEncode strings if they use multi-byte characters

* Add serializer to event processor

* Rename to used class

* Formatting

* PR feedback
2021-07-02 16:11:33 -05:00
86a12efa76 [send.key] Update send.key when account encryption key is rotated (#1417)
* Rotate send.key with account encryption key

* Update tests

* Improve and refactor style, fix typo

* Use null instead of empty lists

* Revert "Use null instead of empty lists"

This reverts commit 775a52ca56.

* Fix style (use AddRange instead of reassignment)
2021-07-02 06:27:03 +10:00
a733257bc6 Refactor permission checks in OrganizationsService to use currentContext (#1420) 2021-07-01 14:31:05 +02:00
43f7271147 [Provider] Setup provider (#1378) 2021-06-30 09:35:26 +02:00
08f508f536 Extract single-org policy check to OrganizationService (#1410) 2021-06-30 09:21:41 +02:00
d2e48a5c2c hcaptcha validation on password login (#1398) 2021-06-16 12:47:41 -04:00
58413e2ff0 Policy Service Tests (#1344)
* Added SsoConfigService tests

* Cleanup whitespace in SsoConfigServiceTests

* Work on PolicyServiceTests

* Refactor PolicyService to remove uneeded calls

* Implement Code Coverage

* Continued work on PolicyServiceTests

* Revert "Implement Code Coverage"

This reverts commit 4ada179ada.

* Fix PolicyServiceTests after rebasing

* Cleanup unused namespaces

* Added assertions that saving or logging of save aren't happening on exceptions
2021-06-11 10:33:32 -05:00
fe1ffb6a22 [Provider] Server entities and models (#1370)
* Mock out provider models and service

* Implement CreateAsync, CompleteSetupAsync, UpdateAsync, InviteUserAsync and ResendInvitesAsync

* Implement AcceptUserAsync and ConfirmUsersAsync

* Implement SaveUserAsync and DeleteUserAsync

* Add email templates

* Add admin operations for providers

* Fix mail template names

* Rename roles

* Verify provider has provideradmin

* Add self hosted check to admin controller

* Resolve review comments

* Update sql queries

* Change create provider to use email instead of userId
2021-06-03 18:58:29 +02:00
c56dd04096 [Reset Password] Email template (#1353) 2021-05-26 16:54:25 -05:00
d7f3507d44 [Reset Password] Added new event type for admin password reset (#1350) 2021-05-26 15:51:54 -05:00
d4cf6d929a Bulk Confirm (#1345)
* Add support for bulk confirm

* Add missing sproc to migration

* Change ConfirmUserAsync to internally use ConfirmUsersAsync

* Refactor to be a bit more readable

* Change BulkReinvite and BulkRemove to return a list of errors/success

* Refactor

* Fix removing owner preventing removing non owners

* Add another unit test

* Use fixtures for OrganizationUser and Policies

* Fix spelling
2021-05-25 19:23:47 +02:00
93fd1c9c9a Prevent sole owner from downgrading permissions (#1348) 2021-05-25 08:14:11 +10:00
c7f88ae430 [Reset Password] Get/Post Org Keys and API updates (#1323)
* [Reset Password] Organization Keys APIs

* Updated details response to include private key and added more security checks for reset password methods

* Added org type and policy security checks to the enrollment api

* Updated based on PR feedback

* Added org user type permission checks

* Added TODO for email to user

* Removed unecessary policyRepository object
2021-05-19 09:40:32 -05:00
2b6c5bcd31 Fix bulk api (#1335) 2021-05-17 20:07:41 +02:00
785e788cb6 Support large organization sync (#1311)
* Increase organization max seat size from 30k to 2b (#1274)

* Increase organization max seat size from 30k to 2b

* PR review. Do not modify unless state matches expected

* Organization sync simultaneous event reporting (#1275)

* Split up azure messages according to max size

* Allow simultaneous login of organization user events

* Early resolve small event lists

* Clarify logic

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Improve readability

This comes at the cost of multiple serializations, but the
 improvement in wire-time should more than make up for this
 on message where serialization time matters

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>

* Queue emails (#1286)

* Extract common Azure queue methods

* Do not use internal entity framework namespace

* Prefer IEnumerable to IList unless needed

All of these implementations were just using `Count == 1`,
which is easily replicated. This will be used when abstracting Azure queues

* Add model for azure queue message

* Abstract Azure queue for reuse

* Creat service to enqueue mail messages for later processing

Azure queue mail service uses Azure queues.
Blocking just blocks until all the work is done -- This is
how emailing works today

* Provide mail queue service to DI

* Queue organization invite emails for later processing

All emails can later be added to this queue

* Create Admin hosted service to process enqueued mail messages

* Prefer constructors to static generators

* Mass delete organization users (#1287)

* Add delete many to Organization Users

* Correct formatting

* Remove erroneous migration

* Clarify parameter name

* Formatting fixes

* Simplify bump account revision sproc

* Formatting fixes

* Match file names to objects

* Indicate if large import is expected

* Early pull all existing users we were planning on inviting (#1290)

* Early pull all existing users we were planning on inviting

* Improve sproc name

* Batch upsert org users (#1289)

* Add UpsertMany sprocs to OrganizationUser

* Add method to create TVPs from any object.

Uses DbOrder attribute to generate.
Sproc will fail unless TVP column order matches that of the db type

* Combine migrations

* Correct formatting

* Include sql objects in sql project

* Keep consisten parameter names

* Batch deletes for performance

* Correct formatting

* consolidate migrations

* Use batch methods in OrganizationImport

* Declare @BatchSize

* Transaction names limited to 32 chars

Drop sproc before creating it if it exists

* Update import tests

* Allow for more users in org upgrades

* Fix formatting

* Improve class hierarchy structure

* Use name tuple types

* Fix formatting

* Front load all reflection

* Format constructor

* Simplify ToTvp as class-specific extension

Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-05-17 09:43:02 -05:00
7a7668b754 Add API for bulk removal of org users (#1320)
* Add API for bulk removal of org users

* Refactor OrganizationService, extract some common code.

* Add tests for DeleteUserAsync

* Add tests for DeleteUsers

* Formating

* Update test/Core.Test/Services/OrganizationServiceTests.cs

added a space

Co-authored-by: Addison Beck <abeck@bitwarden.com>
2021-05-17 10:10:44 +02:00
b150f5977e add support for postal and multi service mail delivery (#1326)
* adds suppose for postal and multi service mail delivery

* adjust tags

* dont need settings checks in multi-service
2021-05-13 15:18:42 -04:00
ae38c33e05 [Reset Password] Enterprise Policy (#1315)
* [Reset Password] Enterprise Policy

* Created UI for policy/edit policy // Updated TODOs for policy dependent checks

* Updated reset password data model field name to be more descriptive

* Update title to Master Password Reset

* Updated PoliciesModel, Policy Model spacing, and strings
2021-05-12 14:47:00 -05:00
a47b86a995 Remove U2F APIs again (#1319)
* Revert "U2F (#1304)"

This reverts commit ce4f025a0c.

* Avoid removing WebAuthn fixes
2021-05-12 19:48:00 +02:00
cb9ed50248 Discourage user verification on WebAuthn enroll (#1322) 2021-05-12 18:46:35 +02:00
e2f633dace Bulk re-invite of org users (#1316)
* Add APIs for Bulk reinvinte

* Resolve review comments.
2021-05-12 11:18:25 +02:00
70ab5b25a1 [Reset Password] Organization Key Pair (#1292)
* [Reset Password] Organization Key Pair

* Fixed type in Organization_ReadAbilites sproc

* Fixed broken unit test by making sure premium addon was false

* Updated PublicKey decorator and removed unecessary validation
2021-05-06 14:53:12 -05:00
ce4f025a0c U2F (#1304)
* Delete U2F tokens alongside WebAuthn

* Bring back u2f apis
2021-05-05 16:14:49 +02:00
1bd515e8f0 Refuse upload renew if a file is validated (#1284)
Download should return regardless of file validation state
2021-04-26 14:36:06 -05:00
477f679fc6 [Reset Password] Admin reset actions (#1272)
* [Reset Password] Admin reset actions

* Updated thrown except for permission collision

* Updated GET/PUT password reset to use orgUser.Id for db operations
2021-04-20 16:58:57 -05:00