* test(org-user-request-model): Add model validation tests.
* feat(request-models): Add Authentication and Unlock Data fields with annotations.
* test(recover-command): Add tests for Authentication and Unlock Data payload signature.
* feat(recover-command): Add overload for Authentication and Unlock Data payload signature.
* test(recover-command): Add tests for behavior with authentication and unlock data.
* feat(recover-command): Add impl for hash and key, authentication and unlock data inputs.
* test(org-users-controller): Add controller tests for dispatch.
* feat(org-users-controller): Add controller impl for dispatch for both request payload variants.
* chore: lint.
* fix(request-model): Validation method drifted in base; rename.
* test(request-model): Update validation tests.
* feat(request-model): Support 2FA-only validation at the boundary.
* test(request-model): Express handling of v1 vs v2 requests.
* PM-35394 - Per reviewer's request, mark AdminRecoverAccountCommand.RecoverAccountAsync that doesn't accept new models obselete
* PM-35394 - Fix using directive after model namespace move
Merge from main moved OrganizationUserResetPasswordRequestModel to the
AdminConsole namespace; update the test's using directive to match,
restoring both the build and dotnet format checks.
---------
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
* feat(admin-console): Add InjectOrganizationAttribute and OrganizationModelBinder for automatic organization parameter binding
* feat(admin-console): Introduce BindOrganizationAttribute and OrganizationModelBinder for organization parameter binding with unit tests
* feat(admin-console): Update GetResetPasswordDetails to use BindOrganization for organization parameter
* fix(admin-console): Correct organization ID check in GetResetPasswordDetails method to use bound organization
* Refactor OrganizationUsersControllerTests to use bound organization in GetResetPasswordDetails method
- Updated test cases to pass the organization directly instead of relying on repository calls.
- Ensured that the tests correctly assert NotFoundException when the organization user does not match the bound organization.
- Improved clarity in test setup by explicitly binding the organization to the method calls.
* Fix UTF-8 BOM issue in BindOrganizationAttribute.cs
* Add integration tests for OrganizationUsersController's BindOrganization functionality
- Introduced OrganizationUsersControllerBindOrganizationTests to validate the behavior of the GET reset-password-details endpoint.
- Implemented tests for successful retrieval of reset password details, handling of non-existent organization users, and cases where the user belongs to a different organization.
- Ensured comprehensive coverage of scenarios to verify correct status responses and organization binding logic.
* Implement UpdateCollectionManagementSettingsCommand and associated interface for managing organization collection settings
* Add UpdateCollectionManagementSettingsCommand to handle updates to organization collection management settings.
* Create IUpdateCollectionManagementSettingsCommand interface to define the update method.
* Implement unit tests for UpdateCollectionManagementSettingsCommand to verify event logging and exception handling.
* Add IUpdateCollectionManagementSettingsCommand to service collection
* Register IUpdateCollectionManagementSettingsCommand and its implementation, UpdateCollectionManagementSettingsCommand, in the service collection for managing organization collection settings.
* Rename command
* Update OrganizationsController to use IOrganizationUpdateCollectionManagementCommand
* Added IOrganizationUpdateCollectionManagementCommand to the OrganizationsController for managing collection settings updates.
* Updated the constructor to inject the new command and modified the PutCollectionManagement method to utilize it.
* Adjusted unit tests to reflect the changes in the command used for updating collection management settings.
* Refactor IOrganizationService and OrganizationService to remove UpdateCollectionManagementSettingsAsync method
* Removed the UpdateCollectionManagementSettingsAsync method from IOrganizationService and its implementation in OrganizationService.
* Cleaned up unused usings related to collection management settings in both service files.
* Updated unit tests to reflect the removal of the collection management settings update functionality.
* Implementation desktop and browser checkout
* Fixed the failing test
* Add a logger to see gobal settings in qa
* Add log
* fix the lint error
* Removed the log
* added event type and control flow
* add EventType, control flow, and test coverage
* fix failing test and de-dupe enums
* access event log traps on auth and anon endpoints
* prioritize FF check in conditional statements
* Refactor InitPendingOrganizationValidator to remove IPolicyService dependency and replace with IPolicyRequirementQuery for policy checks. Update related tests to reflect changes in policy validation logic.
* Refactor AccountsController and related validators to replace IPolicyService with IPolicyRequirementQuery for policy checks. Update tests accordingly to reflect changes in policy validation logic.
* Remove IPolicyService and related implementations from the codebase, updating PolicyServiceCollectionExtensions and deleting associated tests. This change streamlines policy management by relying on IPolicyRequirementQuery for policy checks.
* Refactor OrganizationUserRepository to remove GetByUserIdWithPolicyDetailsAsync method and associated tests.
* Remove unused stored procedures: OrganizationUser_ReadByUserIdWithPolicyDetails and PolicyDetails_ReadByUserId, as they are no longer called in the codebase.
* Remove OrganizationUserPolicyDetails class and associated test fixtures, as they are no longer needed in the codebase.
* Refactor BaseRequestValidatorTests to replace IPolicyService with IPolicyRequirementQuery for SSO validation checks. Update related test logic to ensure accurate policy validation outcomes. Clean up unused test fixtures in PolicyFixtures.cs to streamline the codebase.
* Refactor BaseRequestValidator and SsoRequestValidator to improve readability by storing policy requirement results in local variables before returning values. This change enhances code clarity while maintaining existing functionality.
* Refactor AccountsController to improve clarity by storing the result of the policy requirement query in a local variable before returning the enforced options. This change enhances code readability while preserving existing functionality.
* Revert "Remove unused stored procedures: OrganizationUser_ReadByUserIdWithPolicyDetails and PolicyDetails_ReadByUserId, as they are no longer called in the codebase."
This reverts commit 0f4fdca6e7.
* Implement GetOrganizationInviteLinkStatusQuery to retrieve invite link status
- Added GetOrganizationInviteLinkStatusQuery class to handle fetching the status of an organization invite link based on its code.
- Introduced OrganizationInviteLinkStatus and OrganizationInviteLinkSsoStatus records to encapsulate the invite link status and SSO information.
- Created IGetOrganizationInviteLinkStatusQuery interface to define the contract for the query implementation.
* Add unit tests for GetOrganizationInviteLinkStatusQuery
- Introduced comprehensive unit tests for GetOrganizationInviteLinkStatusQuery to validate various scenarios including successful retrieval of invite link status, handling of not found errors, and seat availability checks.
- Utilized Xunit and NSubstitute for testing and mocking dependencies, ensuring robust coverage of the query's functionality.
* Add IGetOrganizationInviteLinkStatusQuery to service collection
- Registered IGetOrganizationInviteLinkStatusQuery with the service collection to enable retrieval of organization invite link status.
- This addition supports the recently implemented GetOrganizationInviteLinkStatusQuery functionality.
* Add OrganizationInviteLinksPublicController and response models
- Introduced OrganizationInviteLinksPublicController to handle requests for organization invite link status.
- Implemented GetStatus endpoint to retrieve the status of an invite link using its GUID code.
- Added OrganizationInviteLinkStatusResponseModel and OrganizationInviteLinkSsoResponseModel to structure the response data for the invite link status.
- Ensured the endpoint is accessible to anonymous users while requiring application authorization for other actions.
* Add integration tests for OrganizationInviteLinksPublicController
- Introduced integration tests for OrganizationInviteLinksPublicController to validate the GetStatus endpoint functionality.
- Implemented tests to ensure correct handling of existing invite links and appropriate responses for valid and not found scenarios.
- Utilized Xunit and NSubstitute for testing and mocking dependencies, enhancing test coverage for invite link status retrieval.
* Updated GetOrganizationInviteLinkStatusQuery to return SSO status based on organization settings, including UseSso and UsePolicies
* Move status endpoint into OrganizationInviteLinksController as POST
* Refactor OrganizationInviteLinkStatusResponseModel and OrganizationInviteLinkStatus to remove OrganizationId property
- Removed OrganizationId property from both OrganizationInviteLinkStatusResponseModel and OrganizationInviteLinkStatus records to streamline the data model.
- Updated constructors accordingly to reflect the changes in the response models.
* Refactor GetOrganizationInviteLinkStatusQuery to simplify organization checks
- Updated the logic in GetOrganizationInviteLinkStatusQuery to streamline organization validation by combining null and enabled checks.
- Removed the dependency on IApplicationCacheService and adjusted the seat availability logic to enhance clarity and efficiency.
- Modified the return statement to use organization name directly instead of organization ID.
* Add integration tests for OrganizationInviteLinksController
- Introduced a new test method to validate the GetStatus functionality for existing invite links in OrganizationInviteLinksControllerTests.
- Enhanced existing tests to ensure correct responses for valid and not found scenarios.
- Removed OrganizationInviteLinksPublicControllerTests as its functionality is now covered in the OrganizationInviteLinksControllerTests.
* Refactor OrganizationInviteLinksControllerTests
- Updated test methods in OrganizationInviteLinksControllerTests to utilize GetOrganizationInviteLinkStatusRequestModel instead of individual parameters.
- Added a new test case to handle scenarios where the invite link status is not available, returning a BadRequest response.
- Enhanced existing tests to ensure consistent handling of valid and not found scenarios.
* Update GetOrganizationInviteLinkStatusQueryTests to enable organization for invite link tests
* feat(kdf-settings-validator): Enforce salt cannot be empty string.
* fix(kdf-settings-validator): Prefer IsNullOrWhitespace.
* feat(salt): Make AllowEmptyStrings false for request models.
* PM-37165 - Add LastApiKeyRotationDate column to User
Adds a nullable DATETIME2(7) LastApiKeyRotationDate column on the User
table alongside the other Last*Date audit columns. Covers the MSSQL
table, view, User_Create / User_Update stored procedures (new optional
parameter, EDD-safe with default NULL), the SSDT source-of-truth, and
EF migrations for MySql, Postgres, and Sqlite.
Repository round-trip integration tests verify that CreateAsync
defaults the column to NULL and ReplaceAsync persists it across all
four providers.
* PM-37165 - Add RotateUserApiKeyCommand under Auth/UserFeatures
Extracts user API key rotation out of UserService into a new CQS
command at src/Core/Auth/UserFeatures/UserApiKey/, mirroring the
existing decomposition pattern for other Auth user features. The
command generates a new 30-char ApiKey, bumps RevisionDate, sets
LastApiKeyRotationDate, and persists via IUserRepository.ReplaceAsync.
Adds the PM37165_RotateUserApiKeyCommand feature flag so the new path
can be rolled out behind a flag in a follow-up commit. Registers the
command via AddUserApiKeyCommands inside AddUserServices.
Unit tests verify the command assigns a fresh key, updates both
RevisionDate and LastApiKeyRotationDate to the same recent UTC value,
and calls ReplaceAsync exactly once.
* PM-37165 - Flag-gate rotate-api-key endpoint to new command
Wires AccountsController.RotateApiKey to dispatch between
IRotateUserApiKeyCommand (flag on) and the legacy
UserService.RotateApiKeyAsync (flag off) based on
PM37165_RotateUserApiKeyCommand. Both paths preserve the existing
auth and secret-verification guards, which run before the flag
branch.
Marks IUserService.RotateApiKeyAsync and its implementation [Obsolete]
pointing callers at IRotateUserApiKeyCommand, with TODOs tying their
removal to the flag cleanup. The body of the legacy method is
deliberately unchanged so it does NOT write LastApiKeyRotationDate
while the flag is off; that genuinely gates the new behavior so the
ramp is observable and reversible. The single remaining call site
(the controller fallback) is wrapped in #pragma warning disable
CS0618 so the attribute continues to flag any new callers.
Tests:
- AccountsControllerTests: dispatch tests for both flag states; the
auth and bad-secret guard tests are parameterized over flag state.
Pre-existing typo in two tests that called _sut.ApiKey() instead of
_sut.RotateApiKey() is fixed.
- UserServiceTests: regression test locks in the legacy non-write
behavior so it cannot drift before the flag is removed.
- AccountsControllerTest (integration): three endpoint tests cover
flag-off (LastApiKeyRotationDate stays NULL), flag-on (column is
populated), and bad-secret over both flag states (no rotation
occurs).
Each flag-state-specific test carries a TODO breadcrumb describing
the exact rename or deletion when the flag is cleaned up.
* PM-37165 - Tweak comment
* PM-37165 - Move LastApiKeyRotationDate to end of User schema
Append the new column to the end of User.sql, UserView.sql, the
matching CREATE OR ALTER VIEW in the migrator script, and the User
entity so SSDT mirrors what ALTER TABLE ADD produces in production.
* PM-31923 adding the whole report endpoints v2
* PM-31923 changing approach to match others in codebase
* 31923 updating code to now use the ReportFile field
* add feature flag for welcome dialog no ext prompt (#7144)
* [PM-32249] Allow custom desktop protocol in CORS (#7080)
* Disabling Claude attribution (#7146)
* [PM-33140] Correct Non-Seat Plan Intial Seat Setting for Upgrade (#7140)
* refactor(billing): update seat logic
* test(billing): update tests for seat logic
* [PM-28531] Remove old proc and use new one (#7110)
* Update PoliciesController.Put to forward all behavior to VNext (#7130)
* PM-31923 adding request size attributes
* [deps]: Update actions/checkout action to v6.0.2 (#6904)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* Return WebAuthn credential record in create response (#7145)
* Return WebAuthn credential record in create response
* Make CreateWebAuthnLoginCredentialCommand null-safe
* [PM-32594] Add authorization to admin-initiated sponsorship endpoints (#7095)
* [PM-28519] Remove Emergency Access Contacts for AutoConfirm Org Flows (#7123)
* Remove emergency access from all organization users on policy enable, or when accepted/restored
* Use correct policy save system
* Add additional tests
* Implement both PreUpsert and OnSave side effects
* Add coupon support to invoice preview and subscription creation (#6994)
* Add coupon support to invoice preview and subscription creation
* Fix the build lint error
* Resolve the initial review comments
* fix the failing test
* fix the build lint error
* Fix the failing test
* Resolve the unaddressed issues
* Fixed the deconstruction error
* Fix the lint issue
* Fix the lint error
* Fix the lint error
* Fix the build lint error
* lint error resolved
* remove the setting file
* rename the variable name validatedCoupon
* Remove the owner property
* Update OrganizationBillingService tests to align with recent refactoring
- Remove GetMetadata tests as method no longer exists
- Remove Owner property references from OrganizationSale (removed in d7613365ed)
- Update coupon validation to use SubscriptionDiscountRepository instead of SubscriptionDiscountService
- Add missing imports for SubscriptionDiscount entities
- Rename test for clarity: Finalize_WithNullOwner_SkipsValidation → Finalize_WithCouponOutsideDateRange_IgnoresCouponAndProceeds
All tests passing (14/14)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* Fix the lint error
* Making the owner non nullable
* fix the failing unit test
* Make the owner nullable
* Fix the bug for coupon in Stripe with no audience restrictions(PM-32756)
* Return validation message for invalid coupon
* Update the valid token message
* Fix the failing unit test
* Remove the duplicate method
* Fix the failing build and test
* Resolve the failing test
* Add delete of invalid coupon
* Add the expired error message
* Delete on invalid coupon in stripe
* Fix the lint errors
* return null if we get exception from stripe
* remove the auto-delete change
* fix the failing test
* Fix the lint build error
---------
Co-authored-by: Claude <noreply@anthropic.com>
* [PM-21925] Add MasterPasswordSalt Column to User Table (#6950)
feat: add MasterPasswordSalt column to User table
- Add MasterPasswordSalt column to User table in both Dapper and EF implementations
- Update User stored procedures (Create, Update, UpdateMasterPassword) to handle salt column
- Add EF migrations and update UserView with dependent views
- Set MaxLength constraint on MasterPasswordSalt column
- Update UserRepository implementations to manage salt field
- Add comprehensive test coverage for salt handling and normalization
* PM-31923 fixing all the endpoints
* PM-31923 remove claude change
* PM-31923 fixing feature flag name
* PM-21720 - RegisterFinishResponseModel - clean up deprecated CaptchaBypassToken (#7098)
* chore(deps): Add Renovate ownership of MessagePack pinned transitive dependency
* PM-31923 fixing path traversal vuln and cleaned up null references
* PM-31923 fixing unit test
* PM-31923 fixing issues found by reviewer
* PM-31923 addressing pr comments
* [PM-33219] Resolve silent auth removal on Sends (#7160)
* remove null assignment to auth props and update tests
* update PutRemoveAuth comment for clarity and assign null to empty email list allowing future client side changes to remove ALL emails
* update test to match email removal expectation
* implement expected behavior and update tests
---------
Co-authored-by: Alex Dragovich <46065570+itsadrago@users.noreply.github.com>
* PM-31923 fixing issues based on review
* PM-31923 removing settings.json
* Bumped version to 2026.3.0
* [PM-33091] Add optional Targeting Rules data resource configuration (#7137)
* add fillAssistRules to environment URIs in config
* add tests
* do not include json file specification in path
* fix warnings
* fix(feature-flag): [PM-27085] Account Register Uses New Data Types - Removed unnneded feature flag. (#7127)
* PM-31923 fixing unit tests
* Auth/PM-32416 - Add MultiClientPasswordManagement feature flag (#7169)
* chore(flags): [PM-32554] Remove pm-24579-prevent-sso-on-existing-non-compliant-users feature flag
* Remove flag.
* Removed unneccessary dependency
* Remove unnecessary dependency.
* Removed additional temporary test fixtures.
---------
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
* [PM-25860] Rid of bulk delete error (#6925)
* Rid of bulk delete error
* Fix test
* Fix for test
* Update src/Core/Dirt/Services/Implementations/EventService.cs
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
* Fix formatting issues in DeleteCollectionCommandTests.cs by removing hidden characters and ensuring proper using directives.
* Update src/Core/Dirt/Services/Implementations/EventService.cs
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
* Update src/Core/Dirt/Services/Implementations/EventService.cs
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
* Refactor DeleteCollectionCommandTests.cs to remove hidden characters and improve argument matching for GetManyByManyIdsAsync method.
* Fix deletion error happening in Postgres by utilizing OrganizationId which is always populated by the table row
---------
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
* [deps]: Update MarkDig to 0.45.0 (#7117)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* [PM-18236] - Use Single Org Requirement (#6999)
* Added new methods and ff for single org req
* Changed req messages and added new method for creating orgs
* Updated Requirement and Tests.
* Updated commands and requirement to take a list of org users
* Updated xml docs and renamed to be consistent
* Changes from Code Review
* Removed feature flag check for policy requirements around single org. Aligned error message with what other commands were returning.
* Fixed test names. Updated error messages to be specific for each caller.
* Updated tests to clean up details consturction
* Added test for confirmed accepted user in another org.
* fixed tests to use new factory
* Update test/Core.Test/AdminConsole/OrganizationFeatures/OrganizationUsers/RestoreUser/RestoreOrganizationUserCommandTests.cs
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
* Fixed tests by adding no op for req.
---------
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
* Auth/PM-32487 - Emergency Access - invite or update - require min value of 1 for wait time in days. (#7168)
* Auth/PM-32821 - Finish cleaning up old registration endpoint (#7097)
* Revert "Revert "refactor(IdentityTokenResponse): [Auth/PM-3287] Remove deprec…" (#7152)
This reverts commit e6c97bd850.
* [PM-32424] Send Access Enumeration protection (#7166)
feat: add enumeration protection to email protected sends
- Implement enumeration protection for email-based protected sends
- Update SendAccess validator with new protection logic
- Change OTP generation failure logging from warning to error level
- Remove unused constants and update validator tests
* [PM-27864] Add PQC TLS Support (#6547)
* Add PQC TLS Support
* Update util/Setup/NginxConfigBuilder.cs
Co-authored-by: Addison Beck <github@addisonbeck.com>
* Update util/Setup/NginxConfigBuilder.cs
Co-authored-by: Addison Beck <github@addisonbeck.com>
* Update util/Setup/NginxConfigBuilder.cs
Co-authored-by: Addison Beck <github@addisonbeck.com>
* Update util/Setup/NginxConfigBuilder.cs
Co-authored-by: Addison Beck <github@addisonbeck.com>
* Update util/Setup/Templates/NginxConfig.hbs
Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
---------
Co-authored-by: Addison Beck <github@addisonbeck.com>
Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
* [PM-33061] Tax Id Should Be Added When Upgrading to Teams or Enterprise (#7131)
* refactor(billing): change billing address request type
* feat(billing): add tax id support for international business plans
* feat(billing): add billing address tax id handling
* test: add tests for tax id handling during upgrade
* fix(billing): run dotnet format
* fix(billing): remove extra line
* fix(billing): modify return type of HandleAsync
* test(billing): update tests to reflect updated command signature
* fix(billing): run dotnet format
* tests(billing): fix tests
* test(billing): format
* [PM-32581] Refactor organization subscription update process (#7132)
* chore: add CLAUDE.local.md and .worktrees to gitignore
* feat(billing): add Stripe interval and payment behavior constants and feature flag
* feat(billing): add OrganizationSubscriptionChangeSet model and unit tests
* refactor(billing): rename UpdateOrganizationSubscriptionCommand to BulkUpdateOrganizationSubscriptionsCommand
* feat(billing): add UpdateOrganizationSubscriptionCommand with tests
* feat(billing): use UpdateOrganizationSubscriptionCommand in BulkUpdateOrganizationSubscriptions behind feature flag
* feat(billing): use UpdateOrganizationSubscriptionCommand in SetUpSponsorshipCommand behind feature flag
* feat(billing): add UpgradeOrganizationPlanVNextCommand with tests and feature flag gate
* feat(billing): use UpdateOrganizationSubscriptionCommand in OrganizationService.AdjustSeatsAsync behind feature flag
* feat(billing): use UpdateOrganizationSubscriptionCommand in UpdateSecretsManagerSubscriptionCommand behind feature flag
* feat(billing): use UpdateOrganizationSubscriptionCommand in BillingHelpers.AdjustStorageAsync behind feature flag
* chore: run dotnet format
* fix(billing): missed optional owner in OrganizationBillingService.Finalize after merge
* refactor(billing): address PR feedback on UpdateOrganizationSubscription
* remove flagged logic (#7179)
* Update UseMyItems to use dedicated plan feature (#7101)
* Reorganize seeder presets into purpose-based folders and remove obsolete presets (#7176)
* PM-31923 fixing architecture to make it clean
* PM-31923 adding XML docs to controllers
* Existing device scene (#7155)
* Existing device scene
* Prefer usings
* Require namespaces
* Return the device id that is created
* [deps]: Update MarkDig to v1 (#7120)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
* remove feature flag (#7180)
* [PM-32666] Fixes endpoint issue where you can update another by providing a valid org ID (#7185)
* fix(controller): add null check for provider organization ID in ProviderClientsController
* feat(tests): add test for updating provider organization with different provider ID
* fix(OrganizationsController): Remove unused GetPlanType method to streamline organization management (#7177)
* added pm-31697-premium-upgrade-path feature flag (#7162)
* Seeder - Adding density distributions (#7191)
* chore(flags): Remove pm-19394-send-access-control feature flag
* Remove feature flag.
* Fixed import statements.
* Fixed constructor.
* [deps] Billing: Update coverlet.collector to v8 (#7118)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* [PM-32597] - create short-lived signed attachment URL for self-hosted instances (#7100)
* create short-lived signed attachment URL for self-hosted instances
* move local attachment logic to service
* remove comment
* remove unusued var. add happy-path test for file download
* [PM-30584] Add support for key-connector-migration setting key (#7136)
* Add key-connector enrollment
* Fix tests
* Update src/Api/KeyManagement/Controllers/AccountsKeyManagementController.cs
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
* Move validation to request model
* Add tests
* Fix build
* Attempt to fix build
* Attempt to fix remaining tests
* Fix tests
* Format
---------
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
* [PM-33040] Add new interface methods to IApplicationCacheService (#7187)
* Refactor email confirmation logic to remove legacy mail service usage and streamline organization confirmation process (#7192)
* Fixes swagger authentication (#7197)
* Add 9 scale presets and consolidated seeder docs (#7193)
* Add 9 scale presets and consolidated seeder docs
* PM-31923 updated property names for metrics
* Restrict users from sending altered project name/value and it being saved to the database as an invalid encrypted value. (#6853)
* chore(flags): Remove obsolete client flags
* Add density profiles to Seeder CLI (#7205)
* feat(emergency-access): [PM-29585] Prevent New EA Invitations or Acceptance (#6940)
* feat(emergency-access): [PM-29585] Prevent New EA Invitations or Acceptance - Initial implementation
* fix(emergency-access): [PM-29585] Prevent New EA Invitations or Acceptance - Changes in a good place. Need to write tests.
* test(emergency-access): [PM-29585] Prevent New EA Invitations or Acceptance - Service tests have been added.
* fix(emergency-access): [PM-29585] Prevent New EA Invitations or Acceptance - Fixed comment.
* [PM-31820] added a null check to the id/partial route (#7066)
* PM-31923 removed the file size validation check
* Fixed invalid syntax in OrganizationUser_UpdateMany (#6923)
* [PM-32665] Fix Cross-Organization IDOR in Bulk User Revoke (#7206)
* Decouple seeder cipher encryption from internal vault crates (#7211)
* [deps] BRE: Update mariadb Docker tag to v12 (#7119)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* [PM-19143] Refactor public API MembersController POST to use CommandResult pattern (#7182)
* Add CommandResultRefactor constant to FeatureFlagKeys in Constants.cs
* Add method to convert MemberCreateRequestModel to InviteOrganizationUsersRequest
- Introduced ToInviteRequest method for transforming MemberCreateRequestModel into InviteOrganizationUsersRequest.
- Enhanced model with additional using directives for improved functionality.
* Update GetInviterEmailAsync method to include a check for Guid.Empty to prevent unnecessary DB lookups
* Feature flag MembersController POST to use InviteOrganizationUsersCommand
Add a new code path behind the CommandResultRefactor feature flag that
replaces the legacy InviteUserAsync call with the InviteOrganizationUsersCommand.
Integration tests verify both paths produce identical results.
* Refactor feature flag for member invites from CommandResultRefactor to PublicMembersInviteRefactor in MembersController and update related tests.
* [PM-31657] Address Overwriting Attachments (#7053)
* check permissions when uploading attachment for self hosted users to remove possibility of overwriting an existing attachment.
* expose `ValidateCipherEditForAttachmentAsync`
* add additional logic to support admin users
* add unit tests for new edit checks
* SHOT-71: Migrate self-host ownership over to SHOT (#7213)
* Migrate self-host ownership over to SHOT
* Set devcontainers to multi owner
* Update CODEOWNERS for docker-compose.yml
* We already have a multiple owner section
* create new dockerfile for SeederApi (#7072)
* create new dockerfile for SeederApi
* troubleshoot cargo issues
* troubleshoot cargo issues
* Ensure Rustup run on build env for appropriate target
* Musl targets do not support cdylibs
* Ensure default triple set to target
* Set target triple rather than update default host
* Change build platforms per project
* Switch to debian since we can't use musl
* Debian build for seeder should work with arm targets
* Move app stage to distroless
* remove SeederApi from server publish section
* suppress unrelated warnings"
* ruling out builds as error source
* override platforms for SeederApi
* troubleshoot matrix
* add extra step for evaluating platforms
* fix syntax error
* exclude unrelated error
* exclude unrelated error
* exclude unrelated error
* exclude unrelated error
* exclude unrelated error
* temporarily reduce number of builds
* exclude unrelated error
* remove temporary block on other builds
* remove unused builds from dockerfile
* add nginx location for seeder, wrap it behind an if check defaulting to false. This was discuss with Matt G, as this will enable QA usage of it without repetitive intervention with config files and reloading the nginx service etc. Handlebars will continously overwrite the nginx conf file on update
* opted to remove conditional location to seederApi, instead include additional conf files in the same directory allowing for extensibility and not directly placing the non-prod seeder location in the config builder
---------
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Co-authored-by: AJ Mabry <81774843+aj-bw@users.noreply.github.com>
* introduce feature flag pm-31885-send-controls (#7134)
* chore(flags:): [PM-30245] Remove locked and inactive notifications feature flags from server
* pin image to sha (#7215)
* PM-33591 - Parallelize CreateUsersStep and GeneratePersonalCiphersStep (#7226)
* [PM-31923] Remove Unused Sprocs (#7060)
* Remove old/unused sprocs
* Consistency
* PM-31923 fixing fileData validation check
* PM-31923 fixing summaryData by date range to include all data points
* PM-31923 adding download report route for organization report self-hosted verison
* PM-31923 fixing security issues from pr review
* PM-31923 updating GET methods to fit migration logic on front end
* PM-31923 fixing unit test
* 31923 fixing redudnant code, unit tests, and creating documentation
* 31923 remove unused endpoints, fix unit tests, and create documentation
* PM-31923 adding renew and delete endpoints
* PM-31923 fixing code based on PR comments
* PM-31923 fixing delete scenario with orphaned db record
* PM-31923 fixing IDOR issue, adding unit tests, and making code more DRY
* PM-31923 making update endpoint required
* PM-31923 add FileUploadType to GET endpoints
* PM-31923 fixing dead code
---------
Co-authored-by: Jordan Aasen <166539328+jaasen-livefront@users.noreply.github.com>
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
Co-authored-by: Mick Letofsky <mletofsky@bitwarden.com>
Co-authored-by: Stephon Brown <sbrown@livefront.com>
Co-authored-by: Vijay Oommen <voommen@livefront.com>
Co-authored-by: sven-bitwarden <svernyi@bitwarden.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Isaiah Inuwa <iinuwa@bitwarden.com>
Co-authored-by: Conner Turnbull <133619638+cturnbull-bitwarden@users.noreply.github.com>
Co-authored-by: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com>
Co-authored-by: John Harrington <84741727+harr1424@users.noreply.github.com>
Co-authored-by: Alex Dragovich <46065570+itsadrago@users.noreply.github.com>
Co-authored-by: Github Actions <actions@github.com>
Co-authored-by: Jonathan Prusik <jprusik@users.noreply.github.com>
Co-authored-by: Patrick-Pimentel-Bitwarden <ppimentel@bitwarden.com>
Co-authored-by: Jared <TheWolfBadger@gmail.com>
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
Co-authored-by: Jared McCannon <jmccannon@bitwarden.com>
Co-authored-by: Samuel Warfield <samuel.warfield2@gmail.com>
Co-authored-by: Addison Beck <github@addisonbeck.com>
Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
Co-authored-by: Alex Morask <144709477+amorask-bitwarden@users.noreply.github.com>
Co-authored-by: Brandon Treston <btreston@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Co-authored-by: mpbw2 <59324545+mpbw2@users.noreply.github.com>
Co-authored-by: Bernd Schoolmann <mail@quexten.com>
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
Co-authored-by: Jimmy Vo <huynhmaivo82@gmail.com>
Co-authored-by: cd-bitwarden <106776772+cd-bitwarden@users.noreply.github.com>
Co-authored-by: Jason Ng <jcory.ng@gmail.com>
Co-authored-by: mkincaid-bw <mkincaid@bitwarden.com>
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
Co-authored-by: Nick Krantz <125900171+nick-livefront@users.noreply.github.com>
Co-authored-by: MtnBurrit0 <77340197+mimartin12@users.noreply.github.com>
Co-authored-by: Amy Galles <9685081+AmyLGalles@users.noreply.github.com>
Co-authored-by: AJ Mabry <81774843+aj-bw@users.noreply.github.com>
* Implement UpdateUserResetPasswordEnrollment command and interface for managing user password reset enrollment in organizations
* Add unit tests for UpdateUserResetPasswordEnrollmentCommand to validate user enrollment and error handling
* Add IUpdateUserResetPasswordEnrollmentCommand to service collection for user password reset enrollment management
* Add integration tests for OrganizationUsersController reset password enrollment functionality
* Refactor OrganizationUsersController to use IUpdateUserResetPasswordEnrollmentCommand for password reset enrollment updates
* Remove UpdateUserResetPasswordEnrollmentAsync method and related dependencies from IOrganizationService and OrganizationService implementations
* Update IUpdateUserResetPasswordEnrollmentCommand and UpdateUserResetPasswordEnrollmentCommand to support nullable resetPasswordKey
* Refactor unit tests for UpdateUserResetPasswordEnrollmentCommand to improve naming conventions and enhance clarity in test cases
* chore: [PM-33473] remove pm-29594-update-individual-subscription-page feature flag
* chore: dotnet format — add UTF-8 BOM to new response model files
* Add InviteLinkDomainSanitizer utility for domain normalization
- Introduced InviteLinkDomainSanitizer class to normalize invite link domains by converting them to lowercase and removing blank entries.
- The SanitizeDomains method processes a list of domains, ensuring clean and valid entries for further use.
* Refactor CreateOrganizationInviteLinkCommand to use InviteLinkDomainSanitizer
* Add UpdateOrganizationInviteLinkRequest record for managing invite link updates
- Introduced a new record, UpdateOrganizationInviteLinkRequest, to encapsulate the data required for updating organization invite links.
- The record includes properties for OrganizationId and AllowedDomains, ensuring structured data handling for invite link modifications.
* Add UpdateOrganizationInviteLinkRequestModel for invite link updates
- Introduced UpdateOrganizationInviteLinkRequestModel class to facilitate the update of organization invite links.
- The model includes a required property for AllowedDomains, ensuring validation and structured data handling for invite link modifications.
* Add tests for UpdateOrganizationInviteLinkRequestModel validation
* Add unit tests for UpdateOrganizationInviteLinkCommand
- Introduced comprehensive tests for the UpdateOrganizationInviteLinkCommand, covering scenarios such as successful updates, handling of non-existing links, and validation of allowed domains.
- Ensured that the command behaves correctly under various conditions, including ability checks and input validation.
* Add UpdateOrganizationInviteLinkCommand and IUpdateOrganizationInviteLinkCommand interface
- Implemented UpdateOrganizationInviteLinkCommand to handle updates for organization invite links, including validation of allowed domains and organization abilities.
- Created IUpdateOrganizationInviteLinkCommand interface to define the contract for updating invite links, ensuring structured handling of update requests.
* Add IUpdateOrganizationInviteLinkCommand registration to service collection
- Registered the IUpdateOrganizationInviteLinkCommand interface with the service collection, enabling dependency injection for the UpdateOrganizationInviteLinkCommand functionality.
* Add Update endpoint to OrganizationInviteLinksController
- Implemented the Update method in OrganizationInviteLinksController to handle updates for organization invite links.
- The method utilizes the IUpdateOrganizationInviteLinkCommand to process update requests and returns the appropriate response model.
- Enhanced the controller's functionality to support invite link modifications, ensuring better management of organization invite links.
* Add unit tests for Update method in OrganizationInviteLinksController
- Implemented multiple test cases for the Update method, covering scenarios such as successful updates, handling of non-existing invite links, and validation errors for allowed domains.
- Ensured comprehensive coverage of the Update functionality to validate correct behavior and response models in various conditions.
* Add integration test for updating organization invite links
* fix(invite-link): add [MinLength(1)] to Update request model and matching test
* Add Get method to OrganizationInviteLinksController for retrieving invite links by organization ID
- Implemented a new GET endpoint to fetch an invite link based on the organization ID.
- Integrated IOrganizationInviteLinkRepository to handle data retrieval.
- Updated tests to validate the new functionality, ensuring correct responses for existing and non-existing links.
- Refactored service registration for invite link commands to improve clarity.
* Add GetOrganizationInviteLinkQuery and IGetOrganizationInviteLinkQuery interface
- Implemented GetOrganizationInviteLinkQuery to retrieve invite links for organizations.
- Added IGetOrganizationInviteLinkQuery interface defining the contract for fetching invite links.
- Included error handling for cases where invite links are not available or do not exist.
* Add unit tests for GetOrganizationInviteLinkQuery
- Created GetOrganizationInviteLinkQueryTests to validate the functionality of retrieving organization invite links.
- Implemented tests for successful retrieval, handling cases where no link exists, and scenarios with insufficient permissions or null abilities.
- Ensured proper error handling and assertions for various outcomes in the query execution.
* Add InviteLinkNotFound error type for handling missing invite links
- Introduced InviteLinkNotFound record to represent a not found error for invite links.
- Enhanced error handling in the InviteLinks feature to provide clearer feedback when an invite link is not found.
* Add IGetOrganizationInviteLinkQuery to service collection
- Registered IGetOrganizationInviteLinkQuery with the service collection to enable dependency injection for retrieving organization invite links.
- This addition supports the functionality introduced in the GetOrganizationInviteLinkQuery implementation.
* Refactor OrganizationInviteLinksController to use IGetOrganizationInviteLinkQuery
- Updated OrganizationInviteLinksController to replace IOrganizationInviteLinkRepository with IGetOrganizationInviteLinkQuery for retrieving invite links.
- Enhanced the Get method to handle results more effectively, returning appropriate responses based on the query outcome.
- Modified unit tests to align with the new query implementation, ensuring proper handling of both found and not found scenarios.
* Set AllowedDomains for invite link in OrganizationInviteLinksControllerTests
* Add ConflictError type
* Add generic Handle<T> and extract MapError on BaseAdminConsoleController
* Initialize Code property with a new GUID in OrganizationInviteLink class
* Add ICreateOrganizationInviteLinkCommand interface
* Add CreateOrganizationInviteLinkRequest record for invite link creation
* Add OrganizationInviteLink request and response models for invite link management
* Refactor ICreateOrganizationInviteLinkCommand interface to use CreateOrganizationInviteLinkRequest for invite link creation
* Add CreateOrganizationInviteLinkCommand class to handle invite link creation logic, including domain sanitization and validation checks.
* Add error handling for invite link creation with specific conflict and validation errors
* Add OrganizationInviteLink service commands to OrganizationServiceCollectionExtensions
* Add OrganizationInviteLinksController to manage invite link creation for organizations
* Add integration tests for OrganizationInviteLinksController and CreateOrganizationInviteLinkCommand to validate invite link creation logic, including success and error scenarios.
* Remove unnecessary blank line in OrganizationInviteLinksControllerTests class
* Refactor CreateOrganizationInviteLinkRequestModel to use required properties for AllowedDomains and EncryptedInviteKey
* Update CreateOrganizationInviteLinkCommand to validate allowed domains by using DomainNameValidator
* Add encryption validation attributes to CreateOrganizationInviteLinkRequestModel and implement unit tests for model validation
* Refactor OrganizationInviteLink to encapsulate AllowedDomains serialization logic within methods. Update OrganizationInviteLinkResponseModel to utilize new GetAllowedDomains method for improved clarity and maintainability.
* Enhance domain sanitization in CreateOrganizationInviteLinkCommand by converting domains to lowercase during trimming for improved consistency.
* Update OrganizationInviteLinksControllerTests to use a valid encrypted invite key constant for consistency in test cases.
* Add ability check for organization invite links in CreateOrganizationInviteLinkCommand
- Introduced a new method to verify if an organization can use invite links based on its ability.
- Added a new error type for cases where invite links are not available due to organizational plan restrictions.
- Updated tests to cover scenarios where the organization lacks the ability to create invite links.
* Add documentation for Code property in OrganizationInviteLink class
- Added XML summary comments to the Code property to clarify its purpose and generation method.
- Explained the choice of using Guid.NewGuid for the Code to avoid predictability and ensure uniqueness.
* Implement domain validation in CreateOrganizationInviteLinkRequestModel
- Added IValidatableObject implementation to CreateOrganizationInviteLinkRequestModel for domain validation.
- Introduced Validate method to check the format of allowed domains and return appropriate validation results.
- Updated tests to cover scenarios for invalid domain formats and mixed valid/invalid domains.
- Removed redundant domain validation logic from CreateOrganizationInviteLinkCommand.
* Remove outdated tests from CreateOrganizationInviteLinkRequestModelTests
- Deleted tests for validating EncryptedInviteKey and EncryptedOrgKey as they are no longer relevant.
- Cleaned up the test class to focus on current validation logic for allowed domains.
* Refactor GetAllowedDomains method in OrganizationInviteLink class
- Updated the GetAllowedDomains method to return an empty array instead of throwing a JsonException when deserialization fails.
- This change improves the method's resilience by providing a default value for invalid or missing allowed domains.
* Remove unused InviteLinkInvalidDomains error type from Errors.cs
- Deleted the InviteLinkInvalidDomains record as it is no longer needed.
- This cleanup aligns with recent changes in domain validation logic and improves code maintainability.
* Update OrganizationServiceCollectionExtensions to use TryAddScoped for command registration
- Changed the registration of ICreateOrganizationInviteLinkCommand to use TryAddScoped instead of AddScoped.
* Mock organization ability retrieval in OrganizationInviteLinksControllerTests
* Add ValidateSequenceAttribute for collection validation and corresponding unit tests
* Refactor CreateOrganizationInviteLinkRequestModel to use ValidateSequenceAttribute for domain validation and update unit tests for improved error handling.
* Enhance ValidateSequenceAttribute to handle null values and improve error messaging format
* Add empty line
* Refactor ValidateSequenceAttribute to support IEnumerable interface for improved type handling
* Refactor ValidateSequenceAttribute to improve validation logic and error handling for IEnumerable types
* Remove unused using directive for Microsoft.AspNetCore.Http.HttpResults in BaseAdminConsoleController.cs
* Add MinLength validation to AllowedDomains in CreateOrganizationInviteLinkRequestModel and implement unit test for empty AllowedDomains scenario
* Refactor CreateOrganizationInviteLinkCommandTests to move SetupAbility method for better organization and readability
* Add error handling methods in BaseAdminConsoleController for improved response management
* Update CreateOrganizationInviteLinkRequestModelTests to use array initialization syntax for AllowedDomains so that MinLength attribute works
* Refactor OrganizationInviteLinkResponseModel constructor for improved readability
- Added support for retrieving confirmed accepted policies and organization user details based on the feature flag 'PoliciesInAcceptedState'.
- Updated SyncResponseModel to include new properties for these details.
- Enhanced SyncControllerTests to verify behavior with the feature flag enabled and disabled.
feat: Add WebAuthn Cache
- Add IWebAuthnChallengeCacheProvider with distributed cache implementation for storing WebAuthn Challenges
- Inject the cache provider into AssertWebAuthnLoginCredentialCommand and WebAuthnGrantValidator so challenges can be stored
- Use a static token lifetime for WebAuthnLoginAssertionOptionsTokenable and enable nullable reference types on the tokenable
- Add unit tests for the cache provider, the assertion command, and the WebAuthn controller; add Identity integration and unit tests for WebAuthnGrantValidator with a FakeWebAuthnAuthenticator helper
* update minimum version to handle all new item types rather than individual types
* add cipher types for driverslicense and passport
* add request and response models for DriversLicense and Passport
* add events for DriversLicense and Passport
* add seeder
* add additional properties from CXP
* add additional fields
- Standardize validation on `RegisterFinishRequestModel` so Auth and Unlock data are both required and consistently validated
- Add salt validation to both unlock and authentication data
- Enforce that Auth and Unlock data contain matching values
- Keep validation backwards compatible with older clients
- Add and update unit tests covering the new validation rules and error messages
Co-authored-by: Ike Kottlowski <ikottlowski@bitwarden.com>
* Also decouple ProviderClientsController from Billing Team code
* Also add noop authorize attribute where no additional
authorization is required
* Also remove unused ICurrentContext getters
* Added new bank account type, added minimum version logic and sync filters
* Formatted changes
* changed condition for filtering bank account types
* Fixed tests
* Updated feature flag
* Added comment
* updated feature flag and updated dto
* update ticket for minimum bank account version
* add event types for bank account
* fix client version being null bug
---------
Co-authored-by: Nick Krantz <nick@livefront.com>
* Added attributes for all groups controller methods. Fixed ProviderUsers get endpoint. udpated tests.
* Added integration tests and removed faux regions
* [PM-26043] refactored AddSecretsManagerSubscriptionCommand
move to billing, fix bug unable to add secrets manager to legacy plan by moving all validation into command and skipping the disabled check
* forgot BillingCommandResult is being deprecated
* cleanup
* add unit test coverage
* one more test
* pr feedback
* forgot to fix in actual code file
