nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-05 05:00:19 -05:00
Code
bitwarden/test/Core.Test/Vault
History
Jordan Aasen 21717ec71e
[PM-17733] - [Privilege Escalation] - Unauthorised access allows limited access user to change password of Items (#5452) 
* prevent view-only users from updating passwords

* revert change to licensing service

* add tests

* check if organizationId is there

* move logic to private method

* move logic to private method

* move logic into method

* revert change to licensing service

* throw exception when cipher key is created by hidden password users

* fix tests

* don't allow totp or passkeys changes from hidden password users

* add tests

* revert change to licensing service
2025-03-19 11:13:38 -07:00
..
Authorization
[PM-18086] Add CanRestore and CanDelete authorization methods. (#5407)
2025-02-27 16:30:25 -05:00
AutoFixture
[PM-14377] Add PATCH complete endpoint (#5100)
2024-12-13 14:50:20 -05:00
Commands
[PM-14381] Add POST /tasks/bulk-create endpoint (#5188)
2025-02-05 16:56:01 -05:00
Models
[SG-998] Move files to Vault folders (#2724)
2023-03-02 13:23:38 -05:00
Queries
[PM-14380] Add GET /tasks/organization endpoint (#5149)
2025-01-09 12:40:12 -08:00
Services
[PM-17733] - [Privilege Escalation] - Unauthorised access allows limited access user to change password of Items (#5452)
2025-03-19 11:13:38 -07:00