* [PM-17562] Slack Event Investigation
* Refactored Slack and Webhook integrations to pull configurations dynamically from a new Repository
* Added new TemplateProcessor and added/updated unit tests
* SlackService improvements, testing, integration configurations
* Refactor SlackService to use a dedicated model to parse responses
* Refactored SlackOAuthController to use SlackService as an injected dependency; added tests for SlackService
* Remove unnecessary methods from the IOrganizationIntegrationConfigurationRepository
* Moved Slack OAuth to take into account the Organization it's being stored for. Added methods to store the top level integration for Slack
* Organization integrations and configuration database schemas
* Format EF files
* Initial buildout of basic repositories
* [PM-17562] Add Dapper Repositories For Organization Integrations and Configurations
* Update Slack and Webhook handlers to use new Repositories
* Update SlackOAuth tests to new signatures
* Added EF Repositories
* Update handlers to use latest repositories
* [PM-17562] Add Dapper and EF Repositories For Ogranization Integrations and Configurations
* Updated with changes from PR comments
* Adjusted Handlers to new repository method names; updated tests to naming convention
* Adjust URL structure; add delete for Slack, add tests
* Added Webhook Integration Controller
* Add tests for WebhookIntegrationController
* Added Create/Delete for OrganizationIntegrationConfigurations
* Prepend ConnectionTypes into IntegrationType so we don't run into issues later
* Added Update to OrganizationIntegrationConfigurtionController
* Moved Webhook-specific integration code to being a generic controller for everything but Slack
* Removed delete from SlackController - Deletes should happen through the normal Integration controller
* Fixed SlackController, reworked OIC Controller to use ids from URL and update the returned object
* Added parse/type checking for integration and integration configuration JSONs, Cleaned up GlobalSettings to remove old values
* Cleanup and fixes for Azure Service Bus support
* Clean up naming on TemplateProcessorTests
* Address SonarQube warnings/suggestions
* Expanded test coverage; Cleaned up tests
* Respond to PR Feedback
* Rename TemplateProcessor to IntegrationTemplateProcessor
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Add RequireSsoPolicyRequirement and its factory to enforce SSO policies
* Enhance WebAuthnController to support RequireSsoPolicyRequirement with feature flag integration. Update tests to validate behavior when SSO policies are applicable.
* Integrate IPolicyRequirementQuery into request validators to support RequireSsoPolicyRequirement. Update validation logic to check SSO policies based on feature flag.
* Refactor RequireSsoPolicyRequirementFactoryTests to improve test coverage for SSO policies. Add tests for handling both valid and invalid policies in CanUsePasskeyLogin and SsoRequired methods.
* Remove ExemptStatuses property from RequireSsoPolicyRequirementFactory to use default values from BasePolicyRequirementFactory
* Restore ValidateRequireSsoPolicyDisabledOrNotApplicable
* Refactor RequireSsoPolicyRequirement to update CanUsePasskeyLogin and SsoRequired properties to use init-only setters
* Refactor RequireSsoPolicyRequirementFactoryTests to enhance test clarity
* Refactor BaseRequestValidatorTests to improve test clarity
* Refactor WebAuthnController to replace SSO policy validation with PolicyRequirement check
* Refactor BaseRequestValidator to replace SSO policy validation with PolicyRequirement check
* Refactor WebAuthnControllerTests to update test method names and adjust policy requirement checks
* Add tests for AttestationOptions and Post methods in WebAuthnControllerTests to validate scenario where SSO is not required
* Refactor RequireSsoPolicyRequirement initialization
* Refactor SSO requirement check for improved readability
* Rename test methods in RequireSsoPolicyRequirementFactoryTests for clarity on exempt status conditions
* Update RequireSsoPolicyRequirement to refine user status checks for SSO policy requirements
* [PM-19180] Calculate sales tax correctly for sponsored plans
* Cannot divide by zero if total amount excluding tax is zero.
* Unit tests for families & families for enterprise
---------
Co-authored-by: Conner Turnbull <133619638+cturnbull-bitwarden@users.noreply.github.com>
* feat : remove old registration endpoint
* fix: update integration test user registration to match current registration; We need to keep the IRegistrationCommand.RegisterUser method to JIT user.
* fix: updating accounts/profile tests to match current implementations
* Add RelayPush Notifications Tests
* Nullable Test Fixup
* Azure Queue Notifications Tests
* NotificationsHub Push Tests
* Make common base for API based notifications
* Register TimeProvider just in case
* Format
* React to TaskId
* Remove completed TODO
* Add OrganizationUpdateKeysCommand
* Add unit tests for OrganizationUpdateKeysCommand to validate permission checks and key updates
* Register OrganizationUpdateKeysCommand for dependency injection
* Refactor OrganizationsController to use IOrganizationUpdateKeysCommand for updating organization keys
* Remove outdated unit tests for UpdateOrganizationKeysAsync in OrganizationServiceTests
* Remove UpdateOrganizationKeysAsync method from IOrganizationService and OrganizationService implementations
* Add IOrganizationUpdateKeysCommand dependency mock to OrganizationsControllerTests
* Renamed ManagedUserDomainClaimedEmails to ClaimedUserDomainClaimedEmails
* Renamed method to improve clarity and consistency.
Replaced `ValidateManagedUserDomainAsync` with `ValidateClaimedUserDomainAsync`.
* Rename `GetOrganizationsManagingUserAsync` to `GetOrganizationsClaimingUserAsync`.
This renaming clarifies the function's purpose, aligning its name with the concept of "claiming" rather than "managing" user associations.
* Refactor variable naming in ValidateClaimedUserDomainAsync
* Managed to claimed
* Managed to claimed
* Managed to claimed
* Managing to Claiming
* Managing to Claiming
* Managing to Claiming
* Managing to Claiming
* Renamed DeleteManagedOrganizationUserAccountCommand to DeleteClaimedOrganizationUserAccountCommand
* Renamed IDeleteManagedOrganizationUserAccountCommand to IDeleteClaimedOrganizationUserAccountCommand
* Updated variable name
* IsManagedBy to IsClaimedBy
* Created new property. obsoleted old property and wired up for backward compatibility.
* More Managed to Claimed renames.
* Managed to Claimed
* Fixing tests... 🤦
* Got the rest of em
* missed the test 🤦
* fixed test.
* Introduce options for adding certificates to the X509ChainPolicy.CustomTrustStore
Co-authored-by: tangowithfoxtrot <tangowithfoxtrot@users.noreply.github.com>
* Add comments
* Fix places I am still calling it TLS options
* Format
* Format from root
* Add more tests
* Add HTTP Tests
* Format
* Switch to empty builder
* Remove unneeded helper
* Configure logging only once
---------
Co-authored-by: tangowithfoxtrot <tangowithfoxtrot@users.noreply.github.com>
* WIP changes for Invite User optimization from Scim
* feature flag string
* Added plan validation to PasswordManagerInviteUserValidation. Cleaned up a few things.
* Added Secrets Manager Validations and Tests.
* Added bulk procedure for saving users, collections and groups from inviting. Added test to validate Ef and Sproc
* Created SendOrganizationInvitesCommand and moved some tests from OrgServiceTests. Fixed some tests in org service in relation to moving out SendOrgInviteCommand code.
Added side effects to InviteOrganizationUsersCommand
* First test of new command.
* Added test to verify valid request with a user calls db method and sends the invite
* Added more tests for the updates
* Added integration test around enabling feature and sending invite via scim. Did a bit of refactoring on the SM validation. Fixed couple bugs found.
* Switching over to a local factory.
* created response model and split interface out.
* switched to initialization block
* Moved to private method. Made ScimInvite inherit the single invite base model. Moved create methods to constructors. A few more CR changes included.
* Moved `FromOrganization` mapper method to a constructor
* Updated to use new pricing client. Supressed null dereference errors.
* Fixing bad merge.
* Rename of OrgDto
* undoing this
* Moved into class
* turned into a switch statement
* Separated into separate files.
* Renamed dto and added ctor
* Dto rename. Moved from static methods to ctors
* Removed unused request model
* changes from main
* missed value
* Fixed some compilation errors.
* Fixed some changes.
* Removed comment
* fixed compiler warning.
* Refactored to use new ValidationResult pattern. added mapping method.
* Added throwing of Failure as the previous implementation would have.
* Cleaned up return.
* fixing test.
* Made HasSecretsManagerStandalone return if org doesn't have sm. Added overload for lighter weight model and moved common code to private method.
* Fixed tests.
* Made public method private. added some comments.
* Refactor validation parameter to improve clarity and consistency. Added XML doc
* fixed test
* Removed test only constructor from InviteOrganization
* Separated old and new code explicitly. Moved old code checks down into new code as well. Added error and mapper to Failure<T>
* Variable/Field/Property renames
* Renamed InviteUsersValidation to InviteUsersValidator
* Rename for InvitingUserOrganizationValidation to InvitingUserOrganizationValidator
* PasswordManagerInviteUserValidation to PasswordManagerInviteUserValidator
* Moved XML comment. Added check to see if additional seats are needed.
* Fixing name.
* Updated names.
* Corrected double negation.
* Added groups and collection and users checks.
* Fixed comment. Fixed multiple enumeration. Changed variable name.
* Cleaned up DTO models. Moved some validation steps around. A few quick fixes to address CR concerns. Still need to move a few things yet.
* Fixed naming in subscription update models.
* put back in the request for now.
* Quick rename
* Added provider email addresses as well.
* Removed valid wrapper to pass in to validation methods.
* fix tests
* Code Review changes.
* Removed unused classes
* Using GetPlanOrThrow instead.
* Switches to extension method
* Made Revert and Adjust Sm methods consistent. Corrected string comparer. Added comment for revert sm.
* Fixing compiler complaint.
* Adding XML docs
* Calculated seat addition for SM.
* Fixing compiler complaints.
* Renames for organization.
* Fixing comparison issue.
* Adding error and aligning message.
* fixing name of method.
* Made extension method.
* Rearranged some things. Fixed the tests.
* Added test around validating the revert.
* Added test to validate the provider email is sent if org is managed by a provider.
* Created new errors and removed references in business code to ErrorMessages property. This aligns Invite User code to use Errors instead of ErrorMessages
* Delayed the hasSecretsManagerStandalone call as long as possible.
* Corrected model name. Corrected SM seat calculation. Added test for it.
* Corrected logic and added more tests.
* Refactor OrganizationService to remove feature flag check for PushSyncOrgKeysOnRevokeRestore
* Remove redundant tests
* Remove unused IFeatureService dependency from RestoreOrganizationUserCommand class
* [PM-17563] Add case for PushType.PendingSecurityTasks
* [PM-17563] Add missing TaskId property to NotificationStatusDetails and NotificationResponseModel
* [PM-17563] Add migration script to re-create NotificationStatusDetailsView to include TaskId column
* [PM-17563] Select explicit columns for NotificationStatusDetailsView and fix migration script
* Pm 19147 2 (#5544)
* Pm 19147 2 (#5544)
* Unit tests for tax strategies `GetUpdateOptions`
* Only allow automatic tax flag to be updated for complete subscription updates such as plan changes, not when upgrading additional storage, seats, etc
* unit tests for factory
* Fix build
* Automatic tax for tax estimation
* Fix stub
* Fix stub
* "customer.tax_ids" isn't expanded in some flows.
* Fix SubscriberServiceTests.cs
* BusinessUseAutomaticTaxStrategy > SetUpdateOptions tests
* Fix ProviderBillingServiceTests.cs
* Implement enhanced cipher deletion and restore permissions with feature flag support
- Add new method `CanDeleteOrRestoreCipherAsAdminAsync` in CiphersController
- Update NormalCipherPermissions to support more flexible cipher type checking
- Modify CipherService to use new permission checks with feature flag
- Refactor test methods to support new permission logic
- Improve authorization checks for organization cipher management
* Refactor cipher methods to use CipherDetails and simplify type handling
- Update CiphersController to use GetByIdAsync with userId
- Modify NormalCipherPermissions to remove unnecessary type casting
- Update ICipherService and CipherService method signatures to use CipherDetails
- Remove redundant type checking in CipherService methods
- Improve type consistency in cipher-related operations
* Enhance CiphersControllerTests with detailed permission and feature flag scenarios
- Add test methods for DeleteAdmin with edit and manage permission checks
- Implement tests for LimitItemDeletion feature flag scenarios
- Update test method names to reflect more precise permission conditions
- Improve test coverage for admin cipher deletion with granular permission handling
* Add comprehensive test coverage for admin cipher restore operations
- Implement test methods for PutRestoreAdmin and PutRestoreManyAdmin
- Add scenarios for owner and admin roles with LimitItemDeletion feature flag
- Cover permission checks for manage and edit permissions
- Enhance test coverage for single and bulk cipher restore admin operations
- Verify correct invocation of RestoreAsync and RestoreManyAsync methods
* Refactor CiphersControllerTests to remove redundant assertions and mocking
- Remove unnecessary assertions for null checks
- Simplify mocking setup for cipher repository and service methods
- Clean up redundant type and data setup in test methods
- Improve test method clarity by removing extraneous code
* Add comprehensive test coverage for cipher restore, delete, and soft delete operations
- Implement test methods for RestoreAsync with org admin override and LimitItemDeletion feature flag
- Add scenarios for checking manage and edit permissions during restore operations
- Extend test coverage for DeleteAsync with similar permission and feature flag checks
- Enhance SoftDeleteAsync tests with org admin override and permission validation
- Improve test method names to reflect precise permission conditions
* Add comprehensive test coverage for cipher restore, delete, and soft delete operations
- Extend test methods for RestoreManyAsync with various permission scenarios
- Add test coverage for personal and organization ciphers in restore operations
- Implement tests for RestoreManyAsync with LimitItemDeletion feature flag
- Add detailed test scenarios for delete and soft delete operations
- Improve test method names to reflect precise permission and feature flag conditions
* Refactor authorization checks in CiphersController to use All() method for improved readability
* Refactor filtering of ciphers in CipherService to streamline organization ability checks and improve readability
* Moved RestoreUserAsync and RestoreUsersAsync to Command.
* Fixing the bug.
* Added test for bulk method.
* Fixing sonar cube warning.
* SonarQube warning fix.
* Excluding org users we already have.
* Fixed misspelling. Added integration test for method.
* test had the misspelling as well 🤦
* Split out interface. Added admin and confirmed constraints.
* fixed queries and added xml comments and tests.
* Add PersonalOwnershipPolicyRequirement for managing personal ownership policy
* Add tests for PersonalOwnershipPolicyRequirement
* Register PersonalOwnershipPolicyRequirement in policy requirement factory
* Update ImportCiphersCommand to check PersonalOwnershipPolicyRequirement if the PolicyRequirements flag is enabled
Update unit tests
* Update CipherService to support PersonalOwnershipPolicyRequirement with feature flag
- Add support for checking personal ownership policy using PolicyRequirementQuery when feature flag is enabled
- Update CipherService constructor to inject new dependencies
- Add tests for personal vault restrictions with and without feature flag
* Clean up redundant "Arrange", "Act", and "Assert" comments in test methods
* Refactor PersonalOwnershipPolicyRequirementTests method names for clarity
- Improve test method names to better describe their purpose and behavior
- Rename methods to follow a more descriptive naming convention
- No functional changes to the test logic
* Remove commented code explaining policy check
* Refactor PersonalOwnership Policy Requirement implementation
- Add PersonalOwnershipPolicyRequirementFactory to replace static Create method
- Simplify policy requirement creation logic
- Update PolicyServiceCollectionExtensions to register new factory
- Update ImportCiphersCommand to use correct user ID parameter
- Remove redundant PersonalOwnershipPolicyRequirementTests
* Remove redundant PersonalOwnershipPolicyRequirementTests
* Remove unnecessary tests from PersonalOwnershipPolicyRequirementFactoryTests
* Add ConfirmOrganizationUserCommand and IConfirmOrganizationUserCommand interface for managing organization user confirmations
* Add unit tests for ConfirmOrganizationUserCommand to validate user confirmation scenarios
* Register ConfirmOrganizationUserCommand for dependency injection
* Refactor OrganizationUsersController to utilize IConfirmOrganizationUserCommand for user confirmation processes
* Remove ConfirmUserAsync and ConfirmUsersAsync methods from IOrganizationService and OrganizationService
* Rename test methods in ConfirmOrganizationUserCommandTests for clarity and consistency
* Update test method name in ConfirmOrganizationUserCommandTests for improved clarity
* prevent view-only users from updating passwords
* revert change to licensing service
* add tests
* check if organizationId is there
* move logic to private method
* move logic to private method
* move logic into method
* revert change to licensing service
* throw exception when cipher key is created by hidden password users
* fix tests
* don't allow totp or passkeys changes from hidden password users
* add tests
* revert change to licensing service
