* test(org-user-request-model): Add model validation tests.
* feat(request-models): Add Authentication and Unlock Data fields with annotations.
* test(recover-command): Add tests for Authentication and Unlock Data payload signature.
* feat(recover-command): Add overload for Authentication and Unlock Data payload signature.
* test(recover-command): Add tests for behavior with authentication and unlock data.
* feat(recover-command): Add impl for hash and key, authentication and unlock data inputs.
* test(org-users-controller): Add controller tests for dispatch.
* feat(org-users-controller): Add controller impl for dispatch for both request payload variants.
* chore: lint.
* fix(request-model): Validation method drifted in base; rename.
* test(request-model): Update validation tests.
* feat(request-model): Support 2FA-only validation at the boundary.
* test(request-model): Express handling of v1 vs v2 requests.
* PM-35394 - Per reviewer's request, mark AdminRecoverAccountCommand.RecoverAccountAsync that doesn't accept new models obselete
* PM-35394 - Fix using directive after model namespace move
Merge from main moved OrganizationUserResetPasswordRequestModel to the
AdminConsole namespace; update the test's using directive to match,
restoring both the build and dotnet format checks.
---------
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
* feat(admin-console): Add InjectOrganizationAttribute and OrganizationModelBinder for automatic organization parameter binding
* feat(admin-console): Introduce BindOrganizationAttribute and OrganizationModelBinder for organization parameter binding with unit tests
* feat(admin-console): Update GetResetPasswordDetails to use BindOrganization for organization parameter
* fix(admin-console): Correct organization ID check in GetResetPasswordDetails method to use bound organization
* Refactor OrganizationUsersControllerTests to use bound organization in GetResetPasswordDetails method
- Updated test cases to pass the organization directly instead of relying on repository calls.
- Ensured that the tests correctly assert NotFoundException when the organization user does not match the bound organization.
- Improved clarity in test setup by explicitly binding the organization to the method calls.
* Fix UTF-8 BOM issue in BindOrganizationAttribute.cs
* Add integration tests for OrganizationUsersController's BindOrganization functionality
- Introduced OrganizationUsersControllerBindOrganizationTests to validate the behavior of the GET reset-password-details endpoint.
- Implemented tests for successful retrieval of reset password details, handling of non-existent organization users, and cases where the user belongs to a different organization.
- Ensured comprehensive coverage of scenarios to verify correct status responses and organization binding logic.
* Implement UpdateCollectionManagementSettingsCommand and associated interface for managing organization collection settings
* Add UpdateCollectionManagementSettingsCommand to handle updates to organization collection management settings.
* Create IUpdateCollectionManagementSettingsCommand interface to define the update method.
* Implement unit tests for UpdateCollectionManagementSettingsCommand to verify event logging and exception handling.
* Add IUpdateCollectionManagementSettingsCommand to service collection
* Register IUpdateCollectionManagementSettingsCommand and its implementation, UpdateCollectionManagementSettingsCommand, in the service collection for managing organization collection settings.
* Rename command
* Update OrganizationsController to use IOrganizationUpdateCollectionManagementCommand
* Added IOrganizationUpdateCollectionManagementCommand to the OrganizationsController for managing collection settings updates.
* Updated the constructor to inject the new command and modified the PutCollectionManagement method to utilize it.
* Adjusted unit tests to reflect the changes in the command used for updating collection management settings.
* Refactor IOrganizationService and OrganizationService to remove UpdateCollectionManagementSettingsAsync method
* Removed the UpdateCollectionManagementSettingsAsync method from IOrganizationService and its implementation in OrganizationService.
* Cleaned up unused usings related to collection management settings in both service files.
* Updated unit tests to reflect the removal of the collection management settings update functionality.
* Implement GetOrganizationInviteLinkStatusQuery to retrieve invite link status
- Added GetOrganizationInviteLinkStatusQuery class to handle fetching the status of an organization invite link based on its code.
- Introduced OrganizationInviteLinkStatus and OrganizationInviteLinkSsoStatus records to encapsulate the invite link status and SSO information.
- Created IGetOrganizationInviteLinkStatusQuery interface to define the contract for the query implementation.
* Add unit tests for GetOrganizationInviteLinkStatusQuery
- Introduced comprehensive unit tests for GetOrganizationInviteLinkStatusQuery to validate various scenarios including successful retrieval of invite link status, handling of not found errors, and seat availability checks.
- Utilized Xunit and NSubstitute for testing and mocking dependencies, ensuring robust coverage of the query's functionality.
* Add IGetOrganizationInviteLinkStatusQuery to service collection
- Registered IGetOrganizationInviteLinkStatusQuery with the service collection to enable retrieval of organization invite link status.
- This addition supports the recently implemented GetOrganizationInviteLinkStatusQuery functionality.
* Add OrganizationInviteLinksPublicController and response models
- Introduced OrganizationInviteLinksPublicController to handle requests for organization invite link status.
- Implemented GetStatus endpoint to retrieve the status of an invite link using its GUID code.
- Added OrganizationInviteLinkStatusResponseModel and OrganizationInviteLinkSsoResponseModel to structure the response data for the invite link status.
- Ensured the endpoint is accessible to anonymous users while requiring application authorization for other actions.
* Add integration tests for OrganizationInviteLinksPublicController
- Introduced integration tests for OrganizationInviteLinksPublicController to validate the GetStatus endpoint functionality.
- Implemented tests to ensure correct handling of existing invite links and appropriate responses for valid and not found scenarios.
- Utilized Xunit and NSubstitute for testing and mocking dependencies, enhancing test coverage for invite link status retrieval.
* Updated GetOrganizationInviteLinkStatusQuery to return SSO status based on organization settings, including UseSso and UsePolicies
* Move status endpoint into OrganizationInviteLinksController as POST
* Refactor OrganizationInviteLinkStatusResponseModel and OrganizationInviteLinkStatus to remove OrganizationId property
- Removed OrganizationId property from both OrganizationInviteLinkStatusResponseModel and OrganizationInviteLinkStatus records to streamline the data model.
- Updated constructors accordingly to reflect the changes in the response models.
* Refactor GetOrganizationInviteLinkStatusQuery to simplify organization checks
- Updated the logic in GetOrganizationInviteLinkStatusQuery to streamline organization validation by combining null and enabled checks.
- Removed the dependency on IApplicationCacheService and adjusted the seat availability logic to enhance clarity and efficiency.
- Modified the return statement to use organization name directly instead of organization ID.
* Add integration tests for OrganizationInviteLinksController
- Introduced a new test method to validate the GetStatus functionality for existing invite links in OrganizationInviteLinksControllerTests.
- Enhanced existing tests to ensure correct responses for valid and not found scenarios.
- Removed OrganizationInviteLinksPublicControllerTests as its functionality is now covered in the OrganizationInviteLinksControllerTests.
* Refactor OrganizationInviteLinksControllerTests
- Updated test methods in OrganizationInviteLinksControllerTests to utilize GetOrganizationInviteLinkStatusRequestModel instead of individual parameters.
- Added a new test case to handle scenarios where the invite link status is not available, returning a BadRequest response.
- Enhanced existing tests to ensure consistent handling of valid and not found scenarios.
* Update GetOrganizationInviteLinkStatusQueryTests to enable organization for invite link tests
* Implement UpdateUserResetPasswordEnrollment command and interface for managing user password reset enrollment in organizations
* Add unit tests for UpdateUserResetPasswordEnrollmentCommand to validate user enrollment and error handling
* Add IUpdateUserResetPasswordEnrollmentCommand to service collection for user password reset enrollment management
* Add integration tests for OrganizationUsersController reset password enrollment functionality
* Refactor OrganizationUsersController to use IUpdateUserResetPasswordEnrollmentCommand for password reset enrollment updates
* Remove UpdateUserResetPasswordEnrollmentAsync method and related dependencies from IOrganizationService and OrganizationService implementations
* Update IUpdateUserResetPasswordEnrollmentCommand and UpdateUserResetPasswordEnrollmentCommand to support nullable resetPasswordKey
* Refactor unit tests for UpdateUserResetPasswordEnrollmentCommand to improve naming conventions and enhance clarity in test cases
* Add InviteLinkDomainSanitizer utility for domain normalization
- Introduced InviteLinkDomainSanitizer class to normalize invite link domains by converting them to lowercase and removing blank entries.
- The SanitizeDomains method processes a list of domains, ensuring clean and valid entries for further use.
* Refactor CreateOrganizationInviteLinkCommand to use InviteLinkDomainSanitizer
* Add UpdateOrganizationInviteLinkRequest record for managing invite link updates
- Introduced a new record, UpdateOrganizationInviteLinkRequest, to encapsulate the data required for updating organization invite links.
- The record includes properties for OrganizationId and AllowedDomains, ensuring structured data handling for invite link modifications.
* Add UpdateOrganizationInviteLinkRequestModel for invite link updates
- Introduced UpdateOrganizationInviteLinkRequestModel class to facilitate the update of organization invite links.
- The model includes a required property for AllowedDomains, ensuring validation and structured data handling for invite link modifications.
* Add tests for UpdateOrganizationInviteLinkRequestModel validation
* Add unit tests for UpdateOrganizationInviteLinkCommand
- Introduced comprehensive tests for the UpdateOrganizationInviteLinkCommand, covering scenarios such as successful updates, handling of non-existing links, and validation of allowed domains.
- Ensured that the command behaves correctly under various conditions, including ability checks and input validation.
* Add UpdateOrganizationInviteLinkCommand and IUpdateOrganizationInviteLinkCommand interface
- Implemented UpdateOrganizationInviteLinkCommand to handle updates for organization invite links, including validation of allowed domains and organization abilities.
- Created IUpdateOrganizationInviteLinkCommand interface to define the contract for updating invite links, ensuring structured handling of update requests.
* Add IUpdateOrganizationInviteLinkCommand registration to service collection
- Registered the IUpdateOrganizationInviteLinkCommand interface with the service collection, enabling dependency injection for the UpdateOrganizationInviteLinkCommand functionality.
* Add Update endpoint to OrganizationInviteLinksController
- Implemented the Update method in OrganizationInviteLinksController to handle updates for organization invite links.
- The method utilizes the IUpdateOrganizationInviteLinkCommand to process update requests and returns the appropriate response model.
- Enhanced the controller's functionality to support invite link modifications, ensuring better management of organization invite links.
* Add unit tests for Update method in OrganizationInviteLinksController
- Implemented multiple test cases for the Update method, covering scenarios such as successful updates, handling of non-existing invite links, and validation errors for allowed domains.
- Ensured comprehensive coverage of the Update functionality to validate correct behavior and response models in various conditions.
* Add integration test for updating organization invite links
* fix(invite-link): add [MinLength(1)] to Update request model and matching test
* Add Get method to OrganizationInviteLinksController for retrieving invite links by organization ID
- Implemented a new GET endpoint to fetch an invite link based on the organization ID.
- Integrated IOrganizationInviteLinkRepository to handle data retrieval.
- Updated tests to validate the new functionality, ensuring correct responses for existing and non-existing links.
- Refactored service registration for invite link commands to improve clarity.
* Add GetOrganizationInviteLinkQuery and IGetOrganizationInviteLinkQuery interface
- Implemented GetOrganizationInviteLinkQuery to retrieve invite links for organizations.
- Added IGetOrganizationInviteLinkQuery interface defining the contract for fetching invite links.
- Included error handling for cases where invite links are not available or do not exist.
* Add unit tests for GetOrganizationInviteLinkQuery
- Created GetOrganizationInviteLinkQueryTests to validate the functionality of retrieving organization invite links.
- Implemented tests for successful retrieval, handling cases where no link exists, and scenarios with insufficient permissions or null abilities.
- Ensured proper error handling and assertions for various outcomes in the query execution.
* Add InviteLinkNotFound error type for handling missing invite links
- Introduced InviteLinkNotFound record to represent a not found error for invite links.
- Enhanced error handling in the InviteLinks feature to provide clearer feedback when an invite link is not found.
* Add IGetOrganizationInviteLinkQuery to service collection
- Registered IGetOrganizationInviteLinkQuery with the service collection to enable dependency injection for retrieving organization invite links.
- This addition supports the functionality introduced in the GetOrganizationInviteLinkQuery implementation.
* Refactor OrganizationInviteLinksController to use IGetOrganizationInviteLinkQuery
- Updated OrganizationInviteLinksController to replace IOrganizationInviteLinkRepository with IGetOrganizationInviteLinkQuery for retrieving invite links.
- Enhanced the Get method to handle results more effectively, returning appropriate responses based on the query outcome.
- Modified unit tests to align with the new query implementation, ensuring proper handling of both found and not found scenarios.
* Set AllowedDomains for invite link in OrganizationInviteLinksControllerTests
* Add ConflictError type
* Add generic Handle<T> and extract MapError on BaseAdminConsoleController
* Initialize Code property with a new GUID in OrganizationInviteLink class
* Add ICreateOrganizationInviteLinkCommand interface
* Add CreateOrganizationInviteLinkRequest record for invite link creation
* Add OrganizationInviteLink request and response models for invite link management
* Refactor ICreateOrganizationInviteLinkCommand interface to use CreateOrganizationInviteLinkRequest for invite link creation
* Add CreateOrganizationInviteLinkCommand class to handle invite link creation logic, including domain sanitization and validation checks.
* Add error handling for invite link creation with specific conflict and validation errors
* Add OrganizationInviteLink service commands to OrganizationServiceCollectionExtensions
* Add OrganizationInviteLinksController to manage invite link creation for organizations
* Add integration tests for OrganizationInviteLinksController and CreateOrganizationInviteLinkCommand to validate invite link creation logic, including success and error scenarios.
* Remove unnecessary blank line in OrganizationInviteLinksControllerTests class
* Refactor CreateOrganizationInviteLinkRequestModel to use required properties for AllowedDomains and EncryptedInviteKey
* Update CreateOrganizationInviteLinkCommand to validate allowed domains by using DomainNameValidator
* Add encryption validation attributes to CreateOrganizationInviteLinkRequestModel and implement unit tests for model validation
* Refactor OrganizationInviteLink to encapsulate AllowedDomains serialization logic within methods. Update OrganizationInviteLinkResponseModel to utilize new GetAllowedDomains method for improved clarity and maintainability.
* Enhance domain sanitization in CreateOrganizationInviteLinkCommand by converting domains to lowercase during trimming for improved consistency.
* Update OrganizationInviteLinksControllerTests to use a valid encrypted invite key constant for consistency in test cases.
* Add ability check for organization invite links in CreateOrganizationInviteLinkCommand
- Introduced a new method to verify if an organization can use invite links based on its ability.
- Added a new error type for cases where invite links are not available due to organizational plan restrictions.
- Updated tests to cover scenarios where the organization lacks the ability to create invite links.
* Add documentation for Code property in OrganizationInviteLink class
- Added XML summary comments to the Code property to clarify its purpose and generation method.
- Explained the choice of using Guid.NewGuid for the Code to avoid predictability and ensure uniqueness.
* Implement domain validation in CreateOrganizationInviteLinkRequestModel
- Added IValidatableObject implementation to CreateOrganizationInviteLinkRequestModel for domain validation.
- Introduced Validate method to check the format of allowed domains and return appropriate validation results.
- Updated tests to cover scenarios for invalid domain formats and mixed valid/invalid domains.
- Removed redundant domain validation logic from CreateOrganizationInviteLinkCommand.
* Remove outdated tests from CreateOrganizationInviteLinkRequestModelTests
- Deleted tests for validating EncryptedInviteKey and EncryptedOrgKey as they are no longer relevant.
- Cleaned up the test class to focus on current validation logic for allowed domains.
* Refactor GetAllowedDomains method in OrganizationInviteLink class
- Updated the GetAllowedDomains method to return an empty array instead of throwing a JsonException when deserialization fails.
- This change improves the method's resilience by providing a default value for invalid or missing allowed domains.
* Remove unused InviteLinkInvalidDomains error type from Errors.cs
- Deleted the InviteLinkInvalidDomains record as it is no longer needed.
- This cleanup aligns with recent changes in domain validation logic and improves code maintainability.
* Update OrganizationServiceCollectionExtensions to use TryAddScoped for command registration
- Changed the registration of ICreateOrganizationInviteLinkCommand to use TryAddScoped instead of AddScoped.
* Mock organization ability retrieval in OrganizationInviteLinksControllerTests
* Add ValidateSequenceAttribute for collection validation and corresponding unit tests
* Refactor CreateOrganizationInviteLinkRequestModel to use ValidateSequenceAttribute for domain validation and update unit tests for improved error handling.
* Enhance ValidateSequenceAttribute to handle null values and improve error messaging format
* Add empty line
* Refactor ValidateSequenceAttribute to support IEnumerable interface for improved type handling
* Refactor ValidateSequenceAttribute to improve validation logic and error handling for IEnumerable types
* Remove unused using directive for Microsoft.AspNetCore.Http.HttpResults in BaseAdminConsoleController.cs
* Add MinLength validation to AllowedDomains in CreateOrganizationInviteLinkRequestModel and implement unit test for empty AllowedDomains scenario
* Refactor CreateOrganizationInviteLinkCommandTests to move SetupAbility method for better organization and readability
* Add error handling methods in BaseAdminConsoleController for improved response management
* Update CreateOrganizationInviteLinkRequestModelTests to use array initialization syntax for AllowedDomains so that MinLength attribute works
* Refactor OrganizationInviteLinkResponseModel constructor for improved readability
* Also decouple ProviderClientsController from Billing Team code
* Also add noop authorize attribute where no additional
authorization is required
* Also remove unused ICurrentContext getters
* Added attributes for all groups controller methods. Fixed ProviderUsers get endpoint. udpated tests.
* Added integration tests and removed faux regions
* Refactor organization user confirmation logic by removing direct feature flag checks. Updated related commands and tests to utilize policy requirements instead of feature service checks for automatic user confirmation. Cleaned up organization form view by simplifying checkbox rendering for automatic user confirmation.
* Refactor ProviderService to remove feature service dependency for automatic user confirmation. Updated logic to streamline policy requirement checks and cleaned up related tests by removing unnecessary feature flag assertions.
* Enhance tests for automatic user confirmation policy requirements. Updated multiple test classes to include checks for `AutomaticUserConfirmationPolicyRequirement`, ensuring no auto-confirm restrictions are applied by default. Refactored related assertions in `AcceptOrgUserCommandTests`, `ConfirmOrganizationUserCommandTests`, `RestoreOrganizationUserCommandTests`, and others to streamline compliance validation logic.
* Enhance tests for automatic user confirmation policy across multiple test classes. Added checks for `AutomaticUserConfirmationPolicyRequirement` in `ConfirmOrganizationUserCommandTests`, `RestoreOrganizationUserCommandTests`, and `SelfHostedOrganizationSignUpCommandTests`, ensuring compliance validation logic is streamlined and consistent. Updated assertions to reflect new policy requirements.
* Implement mock for AutomaticUserConfirmationPolicyRequirement in ProviderServiceTests to enhance test coverage for user confirmation policies.
* Update ProviderServiceTests to include mocks for AutomaticUserConfirmationPolicyRequirement, enhancing test coverage for user acceptance scenarios.
* Refactor test method names in EmergencyAccessServiceTests for clarity by removing feature flag references, improving readability and maintainability of the test suite.
* Remove policy requirement feature flags around ResetPassword policyˆ
* Remove unused elements
* Remove unused elements
* Remove more unused elements
* More unused elements!
* remove policy requirement for organizationscontroller
* Fix test to revert to PolicyQuery
* Remove unused code
* Restore PolicyQuery for OrganizationService
* Add TODOs indicating why we are staying on policyquery
* Remove deprecated ISavePolicyCommand interface and SavePolicyCommand implementation along with associated tests
* Refactor policy validation: remove IPolicyValidator interface and related implementations. Update PolicyServiceCollectionExtensions to eliminate deprecated methods. Adjust policy validator classes to remove IPolicyValidator dependency and streamline validation methods.
* Remove IPostSavePolicySideEffect interface and its implementation from the policy validation framework.
* Rename VNextSavePolicyCommand to SavePolicyCommand
* Continue renaming VNextSavePolicyCommand
* Refactor policy validation tests to use SavePolicyModel in ValidateAsync and side effect methods
* Refactor policy validators to directly use PolicyUpdate from SavePolicyModel in validation and side effect methods, improving code clarity and reducing method complexity.
* Rename test methods in PoliciesControllerTests and VerifyOrganizationDomainCommandTests to better reflect their functionality, enhancing clarity and consistency across the test suite.
* Refactor OrganizationUserNotificationPolicyValidator by removing unused methods and simplifying the implementation. Update corresponding tests to reflect these changes.
* Remove unnecessary nullable enable directives from policy validator files and update using statements for consistency.
* Rename policy validators to handlers
* dotnet format
Introduces declarative authorization pattern for Provider-based endpoints
following the same approach as the existing Organization authorization
infrastructure. No production code behavior changes — handler and
requirements are registered but not yet wired to any controllers.
New:
- IProviderRequirement: base interface for provider authorization requirements
- ProviderRequirementHandler: central handler that resolves provider claims
from route/context and delegates to requirement implementations
- ProviderClaimsExtensions: helpers to parse provider membership from claims
- ProviderAdminRequirement, ProviderUserRequirement, ManageProviderUsersRequirement
- HttpContextExtensions.GetProviderId(): route param helper (mirrors GetOrganizationId)
- DI registration for ProviderRequirementHandler
- Unit tests for all new types
* implementation plan
* feedback updates
* revert updates
* implementation plan
* feedback updates
* revert updates
* implement plan
* Revert "Merge branch '2fa-account-recovery' of github.com:bitwarden/server into 2fa-account-recovery"
This reverts commit 3be2d140f1, reversing
changes made to 9fb8d3891c.
* PR feedback
* revert claude local settings
* lint fixes
* fix test models
* move new commands to v2 namespace.
* format
* fix swagger stuff
* update feature flag name
feat: add MasterPasswordSalt to Admin Console DTOs
- Add MasterPasswordSalt property to Admin Console DTOs
- Set salt via GetMasterPasswordSalt method
- Add unit tests for affected repositories
* fix(controller): add null check for provider organization ID in ProviderClientsController
* feat(tests): add test for updating provider organization with different provider ID
* chore: add CLAUDE.local.md and .worktrees to gitignore
* feat(billing): add Stripe interval and payment behavior constants and feature flag
* feat(billing): add OrganizationSubscriptionChangeSet model and unit tests
* refactor(billing): rename UpdateOrganizationSubscriptionCommand to BulkUpdateOrganizationSubscriptionsCommand
* feat(billing): add UpdateOrganizationSubscriptionCommand with tests
* feat(billing): use UpdateOrganizationSubscriptionCommand in BulkUpdateOrganizationSubscriptions behind feature flag
* feat(billing): use UpdateOrganizationSubscriptionCommand in SetUpSponsorshipCommand behind feature flag
* feat(billing): add UpgradeOrganizationPlanVNextCommand with tests and feature flag gate
* feat(billing): use UpdateOrganizationSubscriptionCommand in OrganizationService.AdjustSeatsAsync behind feature flag
* feat(billing): use UpdateOrganizationSubscriptionCommand in UpdateSecretsManagerSubscriptionCommand behind feature flag
* feat(billing): use UpdateOrganizationSubscriptionCommand in BillingHelpers.AdjustStorageAsync behind feature flag
* chore: run dotnet format
* fix(billing): missed optional owner in OrganizationBillingService.Finalize after merge
* refactor(billing): address PR feedback on UpdateOrganizationSubscription
* Add validation for reset password key and account recovery enrollment in OrganizationUser
* Update admin approval logic to check account recovery enrollment and add tests for reset password key validation
* Enhance UserService validation to include account recovery enrollment and add unit test for empty or whitespace reset password key handling
* Refactor OrganizationUserUserDetailsQuery to validate reset password keys and add unit tests for filtering out invalid keys
* Update AdminRecoverAccountCommand to validate account recovery enrollment and adjust tests for whitespace reset password keys
* Enhance OrganizationUserRotationValidator to validate reset password keys, including filtering out whitespace-only keys, and add corresponding unit tests for validation logic.
* Refactor OrganizationUserUserDetailsQueryTests to remove unnecessary whitespace-only test cases for account recovery key validation.
* Refactor MemberResponseModel to use OrganizationUser's validation method for ResetPasswordEnrolled status and update corresponding unit test for clarity.
* Refactor OrganizationUsersController and response models to utilize OrganizationUser's validation method for ResetPasswordKey, ensuring consistent validation across the application. Add unit tests for OrganizationUser to verify key validation logic.
* Update OrganizationUserRotationValidator to handle null reset password keys and adjust tests for client-side bug. Add comments for future migration after resolving PM-31001.
* Fix whitespace issue in UserServiceTests.cs by removing BOM character from the file header.
* Begin migration to appropriately named sprocs
* Update method and parameter names
* Remove incorrect change
* Changes EF to match collection type comparison
* Adds integration test verifying excluded collections
* Changes EF to match collection type comparison
* Fix whitespacing
* Fix dedented if
* Initial implementation of new policy query
* Remove unused using
* Adjusts method name to better match repository method
* Correct namespace
* Initial refactor of policy loading
* Add xml doc, incorporate shim data model
* Updates usages to reflect new shim model
* Prune extranneous data from policy detail response model, format code
* Fix broken test, delete inapplicable test
* Adds test cases covering query
* Adjust codebase to use new PolicyQueryçˆ
* Format code
* Fix incorrect mock on test
* Fix formatting
* Adjust method name
* More naming adjustments
* Add PolicyData constructor, update test usages
* Rename PolicyData -> PolicyStatus
* Remove unused using
* Add OrganizationUser_SelfRevoked event type to EventType enum
* Add SelfRevokeOrganizationUserCommand implementation and interface for user self-revocation from organizations
* Add unit tests for SelfRevokeOrganizationUserCommand to validate user self-revocation logic, including success scenarios and various failure conditions.
* Add ISelfRevokeOrganizationUserCommand registration to OrganizationServiceCollectionExtensions for user self-revocation functionality
* Add self-revoke user functionality to OrganizationUsersController with new endpoint for user-initiated revocation
* Add integration tests for self-revoke functionality in OrganizationUsersController, covering scenarios for eligible users, non-members, and users with owner/admin roles.
* Add unit test for SelfRevokeOrganizationUserCommand to validate behavior when a user attempts to self-revoke without confirmation. This test checks for a BadRequestException with an appropriate message.
* Add MemberRequirement class for organization membership authorization
- Implemented MemberRequirement to check if a user is a member of the organization.
- Added unit tests for MemberRequirement to validate authorization logic for different user types.
* Update authorization requirement for self-revoke endpoint and add integration test for provider users
- Changed authorization attribute from MemberOrProviderRequirement to MemberRequirement in the RevokeSelfAsync method.
- Added a new integration test to verify that provider users who are not members receive a forbidden response when attempting to revoke themselves.
* Add EligibleForSelfRevoke method to OrganizationDataOwnershipPolicyRequirement
- Implemented the EligibleForSelfRevoke method to determine if a user can self-revoke their data ownership based on their membership status and policy state.
- Added unit tests to validate the eligibility logic for confirmed, invited, and non-policy users, as well as for different organization IDs.
* Refactor self-revoke user command to enhance eligibility checks
- Updated the SelfRevokeOrganizationUserCommand to utilize policy requirements for determining user eligibility for self-revocation.
- Implemented checks to prevent the last owner from revoking themselves, ensuring organizational integrity.
- Modified unit tests to reflect changes in eligibility logic and added scenarios for confirmed owners and admins.
- Removed deprecated policy checks and streamlined the command's dependencies.
* Use CommandResult pattern in self-revoke command
* Clearer documentation
Main fix: only assign new key value where old keys are not set
and new keys have been provided.
Refactors:
- use consistent DTO model for keypairs
- delete duplicate property assignment for new orgs
* Add CQRS and caching support for OrganizationIntegrations
* Use primary constructor for Delete command, per Claude suggestion
* Fix namespace
* Add XMLDoc for new commands / queries
* Remove unnecessary extra call to AddExtendedCache in Startup (call in EventIntegrationsServiceCollectionExtensions handles this instead)
* Alter strategy to use one cache / database call to retrieve all configurations for an event (including wildcards)
* Updated README documentation to reflect updated Caching doc and updated CQRS approach
* Implement optimized bulk invite resend command
- Added IBulkResendOrganizationInvitesCommand interface to define the bulk resend operation.
- Created BulkResendOrganizationInvitesCommand class to handle the logic for resending invites to multiple organization users.
- Integrated logging and validation to ensure only valid users receive invites.
- Included error handling for non-existent organizations and invalid user statuses.
* Add unit tests for BulkResendOrganizationInvitesCommand
- Implemented comprehensive test cases for the BulkResendOrganizationInvitesCommand class.
- Validated user statuses and ensured correct handling of valid and invalid users during bulk invite resends.
- Included tests for scenarios such as organization not found and empty user lists.
- Utilized Xunit and NSubstitute for effective testing and mocking of dependencies.
* Add IBulkResendOrganizationInvitesCommand to service collection
- Registered IBulkResendOrganizationInvitesCommand in the service collection for dependency injection.
* Update OrganizationUsersController to utilize IBulkResendOrganizationInvitesCommand
- Added IBulkResendOrganizationInvitesCommand to the OrganizationUsersController for handling bulk invite resends based on feature flag.
- Updated BulkReinvite method to conditionally use the new command or the legacy service based on the feature flag status.
- Enhanced unit tests to verify correct command usage depending on feature flag state, ensuring robust testing for both scenarios.
* PM-28616 Add flag UsePhishingBlocker to dbo.Organization
* PM-28616 updated as per comments from claude
* PM-28616 updated ToLicense Method to copy the license file
* PM-28616 allow phishing blocker to be imported via license files for self-hosted
* PM-28616 updated PR comments - added more views to be refreshed
* PM-28616 removed proeprty from constructor as it is not used anymore. We have moved to claims based properties
And other refactors:
- move update organization method to a command
- separate authorization from business logic
- add tests
- move Billing Team logic into their service
* Remove feature flag and move StaticStore plans to MockPlans for tests
* Remove old plan models / move sponsored plans out of StaticStore
* Run dotnet format
* Add pricing URI to Development appsettings for local development and integration tests
* Updated Api Integration tests to get current plan type
* Run dotnet format
* Fix failing tests
