nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-06 13:38:13 -05:00
Code
5,487 Commits 375 Branches 196 Tags
Commit Graph

3959 Commits

Author SHA1 Message Date
Ike
ca21758492
feat (newDeviceVerification) 
Added conditional for selfhosted to manage access to feature
 2025-01-23 09:23:45 -07:00
Alex Morask
20fb45b05c
Round PayPal transaction amount to two decimal points (#5318) 2025-01-23 11:19:46 -05:00
Conner Turnbull
31e95d529f
Added some defensive logging around making braintree payments (#5317) 2025-01-23 10:00:51 -05:00
cyprain-okeke
9e7d1abdf1
changes for update to current plan (#5312) 2025-01-22 19:27:11 +01:00
Conner Turnbull
28a592103d
Updated invoice history to filter on customerId only (#5175) 2025-01-22 12:26:21 -05:00
Thomas Rittson
cb76cdb5d3
Group AC Team feature flags (#5309) 2025-01-22 14:04:08 +00:00
Bernd Schoolmann
c671818304
Add argon2-default flag (#5253) 2025-01-22 14:14:59 +01:00
Robyn MacCallum
163a74000d
Add Authenticator sync flags (#5307) 2025-01-21 16:32:30 -05:00
Jimmy Vo
4069ac3a4b
Add limit item deletion organization setting migration (#5283) 2025-01-21 15:51:34 -05:00
renovate[bot]
7462352e18
[deps] DbOps: Update Microsoft.Azure.Cosmos to 3.46.1 (#5290) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-01-21 14:49:20 -05:00
Brandon Treston
f1893c256c
remove feature flag (#5284) 
Clients PR was merged, now merging server PR.
 2025-01-21 09:53:12 -05:00
Rui Tomé
edb74add50
[PM-14243] Free organization limit is not enforced when editing user (#5155) 
* Enforce free organization limit when updating user

* Add test for throwing error on accepting admin user joining multiple free organizations

* Add test for throwing BadRequest when free organization admin attempts to sign up for another free organization

* Fix user ID handling in UpdateOrganizationUserCommand for free organizations

* Rename parameter 'user' to 'organizationUser' in UpdateUserAsync method for clarity
 2025-01-21 10:15:02 +00:00
Ike
9efcbec041
[PM-15605] Return VerifyDevices in Profile sync response (#5264) 
* feat (NewDeviceVerification) : 
- Database migration scripts for VerifyDevices column in [dbo].[User].
- Updated DeviceValidator to check if user has opted out of device verification.
- Added endpoint to AccountsController.cs to allow editing of new User.VerifyDevices property.
- Added tests for new methods and endpoint. 
- Removed Anon attribute from the POST account/verify-devices endpoint.
- Updating queries to track dbo.User.VerifyDevices.
- Added update to verify email to the new device verification flow.
- Updating some tests for CloudOrganizationSignUpCommand that were failing.
- Updating ProfileResponseModel to include the new VerifyDevices data to hydrate the state in the web client.
 2025-01-20 16:35:43 -08:00
Jonas Hendrickx
0de108e051
[PM-16682] Fix tax id not being saved for providers (#5257) 2025-01-20 16:50:11 +01:00
Jimmy Vo
ee2d7df061
[pm-16949] Include revoked users in applicable policies (#5261) 2025-01-20 10:49:33 -05:00
Rui Tomé
04e5626c57
[PM-16777] Fix exception when bulk restoring revoked users who never accepted invitations (#5224) 
* Fix null handling for UserId in Two Factor Authentication checks

* Add tests for restoring users with and without 2FA policies
 2025-01-20 14:59:10 +00:00
Daniel James Smith
5423e5d52f
Remove feature flag "browser-fileless-import" (#5282) 
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
 2025-01-17 15:58:04 +01:00
Thomas Rittson
0c29e9227c
Remove provider-export-permission feature flag (#5263) 
* also remove old CipherService and CollectionService methods
  only used by old export code
 2025-01-17 08:28:23 +10:00
Conner Turnbull
677265b1e1
[PM-17177] Added additional validation to ensure license claim values aren't null (#5280) 
* Added additional validation to ensure license claim values aren't null

* Added extra not null validation for any property with a type that can possibly be null
 2025-01-16 15:27:48 -05:00
Addison Beck
d8b4a4a28d
Drop LimitCollectionCreationDeletion from the database (#4810) 
* Drop a MSSQL column

* Delete property from `Organization` entity

* Generate EF migrations
 2025-01-16 12:35:00 -07:00
Ike
a015f429c2
PM-12995 device exception cache permissions update (#5277) 
* feat(newDeviceVerification) : 
- adding more granular permissions for the login exception button.
- fixed access to the button for different permissions
 2025-01-16 09:07:54 -08:00
Rui Tomé
5201085ecb
[PM-15193] Remove PromoteProviderServiceUser feature flag and checks from ToolsController and layout (#5255) 2025-01-16 10:54:31 +00:00
Kyle Spearrin
42c8c3b6f6
[PM-17143] Add sso external id to member response model (#5273) 2025-01-16 12:52:11 +10:00
Conner Turnbull
04402c1316
Updated null checks to also check for empty string or whitespace (#5272) 2025-01-15 12:35:07 -05:00
Patrick-Pimentel-Bitwarden
ed14f28644
fix(email-feature-flags): [PM-7882] Email Verification - Added back in needed import. (#5268) 2025-01-15 11:04:51 -05:00
Jonas Hendrickx
adab8e622a
[PM-17064] 500 error on Free org Upgrade with Saved Payment Method (#5266) 2025-01-15 10:05:38 -05:00
Jonas Hendrickx
cc2128c97a
[PM-16979] Avoid returning BillingTaxIdTypeInterferenceError when an … (#5252) 
* [PM-16979] Avoid returning BillingTaxIdTypeInterferenceError when an empty tax id string is passed

* tests

* fix tests
 2025-01-15 10:05:27 -05:00
Todd Martin
a3e3c7f96c
fix: Added web browser clients to allowed approving device types 2025-01-15 09:45:13 -05:00
Patrick-Pimentel-Bitwarden
34ce480568
fix(email-feature-flags): [PM-7882] Email Verification - Removed the email feature flag from server. (#5232) 2025-01-15 09:31:59 -05:00
Jonathan Prusik
becc6b2da1
add NotificationRefresh feature flag (#5262) 
Co-authored-by: Evan Bassler <ebassler@livefront.com>
 2025-01-14 15:47:35 -05:00
Graham Walker
95893bd0b1
PM-16170 removing deprecated send file endpoint (#5222) 2025-01-14 13:16:59 -06:00
Jimmy Vo
1c73a997d9
[14026] Update endpoint document model type (#5191) 2025-01-14 13:36:28 -05:00
Vincent Salucci
82508fb7a9
fix: remove delete from cs/billing and create new RequestDelete perm, refs PM-17014 (#5258) 2025-01-13 14:54:32 -06:00
Jared Snider
72bb06a9d7
Auth/PM-16947 - Device Management - Adjust Device + pending auth request get query (#5250) 
* Added userId check on query

* Added required field to inner select

* PM-16947 - Update to filter inner subquery on user id per discussion with Robert

* Updated to use new query with ROW_NUMBER

* More query optimizations to eliminate returning old requests for a device

* Fixed approval condition to be NULL as 0 means denied.

* Added negation of @ExpirationMinutes

---------

Co-authored-by: Todd Martin <tmartin@bitwarden.com>
 2025-01-10 21:55:34 -05:00
Kyle Spearrin
aa0b35a345
[PM-15608] Create more KDF defaults for prelogin (#5122) 
* kdf defaults on null map to email hash

* cleanup code. add some randomness as well

* remove null check

* fix test

* move to private method

* remove random options

* tests for random defaults

* SetDefaultKdfHmacKey for old test
 2025-01-10 15:54:53 -05:00
Jared McCannon
730f83b425
Fixing misspelling. made changes to domain claim email. (#5248) 2025-01-10 14:19:52 -06:00
Jimmy Vo
904692a9b6
[pm-10860] Fix provider name encoding issue. (#5244) 
Prevent double encoding, as Handlebars encode strings by default.
 2025-01-10 13:43:58 -05:00
Jonas Hendrickx
45d2c5315d
[PM-14894] Drop Tax Rate tables - Stage 1 (#5236) 2025-01-10 16:39:02 +01:00
Rui Tomé
fbfabf2651
[PM-15547] Fix two-factor authentication revocation logic and update related tests (#5246) 
* Fix two-factor authentication revocation logic and update related tests

* Refine test for RevokeNonCompliantOrganizationUserCommand to assert single user revocation
 2025-01-10 14:45:09 +00:00
Bernd Schoolmann
8a68f075cc
Remove block legacy users feature flag (#5212) 2025-01-10 11:55:40 +01:00
Ike
ce2ecf9da0
[PM-12995] Create UI elements for New Device Verification in Admin Portal (#5165) 
* feat(NewDeviceVerification) :
- Added constant to constants in Bit.Core because the cache key format needs to be shared between the Identity Server and the MVC project Admin.
- Updated DeviceValidator class to handle checking cache for user information to allow pass through.
- Updated and Added tests to handle new flow.
- Adding exception flow to admin project. Added tests for new methods in UserService.
 2025-01-09 18:10:54 -08:00
Shane Melton
0605590ed2
[PM-14380] Add GET /tasks/organization endpoint (#5149) 
* [PM-14380] Add GetManyByOrganizationIdStatusAsync to SecurityTaskRepository

* [PM-14380] Introduce IGetTasksForOrganizationQuery

* [PM-14380] Add /tasks/organization endpoint

* [PM-14380] Add unit tests

* [PM-14380] Formatting

* [PM-14380] Bump migration script date

* [PM-14380] Bump migration script date
 2025-01-09 12:40:12 -08:00
Shane Melton
a99f82dddd
[PM-14378] SecurityTask Authorization Handler (#5039) 
* [PM-14378] Introduce GetCipherPermissionsForOrganization query for Dapper CipherRepository

* [PM-14378] Introduce GetCipherPermissionsForOrganization method for Entity Framework

* [PM-14378] Add integration tests for new repository method

* [PM-14378] Introduce IGetCipherPermissionsForUserQuery CQRS query

* [PM-14378] Introduce SecurityTaskOperationRequirement

* [PM-14378] Introduce SecurityTaskAuthorizationHandler.cs

* [PM-14378] Introduce SecurityTaskOrganizationAuthorizationHandler.cs

* [PM-14378] Register new authorization handlers

* [PM-14378] Formatting

* [PM-14378] Add unit tests for GetCipherPermissionsForUserQuery

* [PM-15378] Cleanup SecurityTaskAuthorizationHandler and add tests

* [PM-14378] Add tests for SecurityTaskOrganizationAuthorizationHandler

* [PM-14378] Formatting

* [PM-14378] Update date in migration file

* [PM-14378] Add missing awaits

* [PM-14378] Bump migration script date

* [PM-14378] Remove Unassigned property from OrganizationCipherPermission as it was making the query too complicated

* [PM-14378] Update sproc to use Union All to improve query performance

* [PM-14378] Bump migration script date
 2025-01-09 12:14:24 -08:00
Jared McCannon
fd195e7cf3
Forgot to remove compliant users from the list. (#5241) 2025-01-09 14:13:29 -06:00
Conner Turnbull
6771f79597
Updated LicensingService to be a singleton again and moved IFeatureService up a frame in the call stack (#5238) 2025-01-09 12:40:16 -05:00
Jared McCannon
ced4870309
Added push notification for when Collection management settings have been changed. (#5230) 2025-01-09 10:32:33 -06:00
Jared McCannon
e754ae4729
[PM-10319] - Send 2FA Email when policy enabled (#5233) 
* Correcting which email is sent when enabling 2FA policy.

* Fixing the test.
 2025-01-09 09:35:40 -06:00
renovate[bot]
fb72e82d9a
[deps] Tools: Update aws-sdk-net monorepo (#5168) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-01-09 13:26:46 +01:00
Jonathan Prusik
6793c81f07
add feature flag block-browser-injections-by-domain (#5234) 2025-01-08 18:36:18 -05:00
Todd Martin
a638f359e9
Revert updates to Microsoft.Extensions dependencies from v9 (#5235) 
* Revert "[deps] Tools: Update Microsoft.Extensions.Configuration to v9 (#5072)"

This reverts commit cb7cbb630aba46050ef9c235a2a0e4608dda4d83.

* Revert "[deps] Tools: Update Microsoft.Extensions.DependencyInjection to v9 (#5073)"

This reverts commit 0b026404db70c8d43dcc80d0c071daa47060a0c8.
 2025-01-08 18:04:28 -05:00