* test(org-user-request-model): Add model validation tests.
* feat(request-models): Add Authentication and Unlock Data fields with annotations.
* test(recover-command): Add tests for Authentication and Unlock Data payload signature.
* feat(recover-command): Add overload for Authentication and Unlock Data payload signature.
* test(recover-command): Add tests for behavior with authentication and unlock data.
* feat(recover-command): Add impl for hash and key, authentication and unlock data inputs.
* test(org-users-controller): Add controller tests for dispatch.
* feat(org-users-controller): Add controller impl for dispatch for both request payload variants.
* chore: lint.
* fix(request-model): Validation method drifted in base; rename.
* test(request-model): Update validation tests.
* feat(request-model): Support 2FA-only validation at the boundary.
* test(request-model): Express handling of v1 vs v2 requests.
* PM-35394 - Per reviewer's request, mark AdminRecoverAccountCommand.RecoverAccountAsync that doesn't accept new models obselete
* PM-35394 - Fix using directive after model namespace move
Merge from main moved OrganizationUserResetPasswordRequestModel to the
AdminConsole namespace; update the test's using directive to match,
restoring both the build and dotnet format checks.
---------
Co-authored-by: Jared Snider <jsnider@bitwarden.com>
* Add InviteLinkDomainSanitizer utility for domain normalization
- Introduced InviteLinkDomainSanitizer class to normalize invite link domains by converting them to lowercase and removing blank entries.
- The SanitizeDomains method processes a list of domains, ensuring clean and valid entries for further use.
* Refactor CreateOrganizationInviteLinkCommand to use InviteLinkDomainSanitizer
* Add UpdateOrganizationInviteLinkRequest record for managing invite link updates
- Introduced a new record, UpdateOrganizationInviteLinkRequest, to encapsulate the data required for updating organization invite links.
- The record includes properties for OrganizationId and AllowedDomains, ensuring structured data handling for invite link modifications.
* Add UpdateOrganizationInviteLinkRequestModel for invite link updates
- Introduced UpdateOrganizationInviteLinkRequestModel class to facilitate the update of organization invite links.
- The model includes a required property for AllowedDomains, ensuring validation and structured data handling for invite link modifications.
* Add tests for UpdateOrganizationInviteLinkRequestModel validation
* Add unit tests for UpdateOrganizationInviteLinkCommand
- Introduced comprehensive tests for the UpdateOrganizationInviteLinkCommand, covering scenarios such as successful updates, handling of non-existing links, and validation of allowed domains.
- Ensured that the command behaves correctly under various conditions, including ability checks and input validation.
* Add UpdateOrganizationInviteLinkCommand and IUpdateOrganizationInviteLinkCommand interface
- Implemented UpdateOrganizationInviteLinkCommand to handle updates for organization invite links, including validation of allowed domains and organization abilities.
- Created IUpdateOrganizationInviteLinkCommand interface to define the contract for updating invite links, ensuring structured handling of update requests.
* Add IUpdateOrganizationInviteLinkCommand registration to service collection
- Registered the IUpdateOrganizationInviteLinkCommand interface with the service collection, enabling dependency injection for the UpdateOrganizationInviteLinkCommand functionality.
* Add Update endpoint to OrganizationInviteLinksController
- Implemented the Update method in OrganizationInviteLinksController to handle updates for organization invite links.
- The method utilizes the IUpdateOrganizationInviteLinkCommand to process update requests and returns the appropriate response model.
- Enhanced the controller's functionality to support invite link modifications, ensuring better management of organization invite links.
* Add unit tests for Update method in OrganizationInviteLinksController
- Implemented multiple test cases for the Update method, covering scenarios such as successful updates, handling of non-existing invite links, and validation errors for allowed domains.
- Ensured comprehensive coverage of the Update functionality to validate correct behavior and response models in various conditions.
* Add integration test for updating organization invite links
* fix(invite-link): add [MinLength(1)] to Update request model and matching test
* Add ConflictError type
* Add generic Handle<T> and extract MapError on BaseAdminConsoleController
* Initialize Code property with a new GUID in OrganizationInviteLink class
* Add ICreateOrganizationInviteLinkCommand interface
* Add CreateOrganizationInviteLinkRequest record for invite link creation
* Add OrganizationInviteLink request and response models for invite link management
* Refactor ICreateOrganizationInviteLinkCommand interface to use CreateOrganizationInviteLinkRequest for invite link creation
* Add CreateOrganizationInviteLinkCommand class to handle invite link creation logic, including domain sanitization and validation checks.
* Add error handling for invite link creation with specific conflict and validation errors
* Add OrganizationInviteLink service commands to OrganizationServiceCollectionExtensions
* Add OrganizationInviteLinksController to manage invite link creation for organizations
* Add integration tests for OrganizationInviteLinksController and CreateOrganizationInviteLinkCommand to validate invite link creation logic, including success and error scenarios.
* Remove unnecessary blank line in OrganizationInviteLinksControllerTests class
* Refactor CreateOrganizationInviteLinkRequestModel to use required properties for AllowedDomains and EncryptedInviteKey
* Update CreateOrganizationInviteLinkCommand to validate allowed domains by using DomainNameValidator
* Add encryption validation attributes to CreateOrganizationInviteLinkRequestModel and implement unit tests for model validation
* Refactor OrganizationInviteLink to encapsulate AllowedDomains serialization logic within methods. Update OrganizationInviteLinkResponseModel to utilize new GetAllowedDomains method for improved clarity and maintainability.
* Enhance domain sanitization in CreateOrganizationInviteLinkCommand by converting domains to lowercase during trimming for improved consistency.
* Update OrganizationInviteLinksControllerTests to use a valid encrypted invite key constant for consistency in test cases.
* Add ability check for organization invite links in CreateOrganizationInviteLinkCommand
- Introduced a new method to verify if an organization can use invite links based on its ability.
- Added a new error type for cases where invite links are not available due to organizational plan restrictions.
- Updated tests to cover scenarios where the organization lacks the ability to create invite links.
* Add documentation for Code property in OrganizationInviteLink class
- Added XML summary comments to the Code property to clarify its purpose and generation method.
- Explained the choice of using Guid.NewGuid for the Code to avoid predictability and ensure uniqueness.
* Implement domain validation in CreateOrganizationInviteLinkRequestModel
- Added IValidatableObject implementation to CreateOrganizationInviteLinkRequestModel for domain validation.
- Introduced Validate method to check the format of allowed domains and return appropriate validation results.
- Updated tests to cover scenarios for invalid domain formats and mixed valid/invalid domains.
- Removed redundant domain validation logic from CreateOrganizationInviteLinkCommand.
* Remove outdated tests from CreateOrganizationInviteLinkRequestModelTests
- Deleted tests for validating EncryptedInviteKey and EncryptedOrgKey as they are no longer relevant.
- Cleaned up the test class to focus on current validation logic for allowed domains.
* Refactor GetAllowedDomains method in OrganizationInviteLink class
- Updated the GetAllowedDomains method to return an empty array instead of throwing a JsonException when deserialization fails.
- This change improves the method's resilience by providing a default value for invalid or missing allowed domains.
* Remove unused InviteLinkInvalidDomains error type from Errors.cs
- Deleted the InviteLinkInvalidDomains record as it is no longer needed.
- This cleanup aligns with recent changes in domain validation logic and improves code maintainability.
* Update OrganizationServiceCollectionExtensions to use TryAddScoped for command registration
- Changed the registration of ICreateOrganizationInviteLinkCommand to use TryAddScoped instead of AddScoped.
* Mock organization ability retrieval in OrganizationInviteLinksControllerTests
* Add ValidateSequenceAttribute for collection validation and corresponding unit tests
* Refactor CreateOrganizationInviteLinkRequestModel to use ValidateSequenceAttribute for domain validation and update unit tests for improved error handling.
* Enhance ValidateSequenceAttribute to handle null values and improve error messaging format
* Add empty line
* Refactor ValidateSequenceAttribute to support IEnumerable interface for improved type handling
* Refactor ValidateSequenceAttribute to improve validation logic and error handling for IEnumerable types
* Remove unused using directive for Microsoft.AspNetCore.Http.HttpResults in BaseAdminConsoleController.cs
* Add MinLength validation to AllowedDomains in CreateOrganizationInviteLinkRequestModel and implement unit test for empty AllowedDomains scenario
* Refactor CreateOrganizationInviteLinkCommandTests to move SetupAbility method for better organization and readability
* Add error handling methods in BaseAdminConsoleController for improved response management
* Update CreateOrganizationInviteLinkRequestModelTests to use array initialization syntax for AllowedDomains so that MinLength attribute works
* Refactor OrganizationInviteLinkResponseModel constructor for improved readability
* Initial implementation of new policy query
* Remove unused using
* Adjusts method name to better match repository method
* Correct namespace
* Initial refactor of policy loading
* Add xml doc, incorporate shim data model
* Updates usages to reflect new shim model
* Prune extranneous data from policy detail response model, format code
* Fix broken test, delete inapplicable test
* Adds test cases covering query
* Adjust codebase to use new PolicyQueryçˆ
* Format code
* Fix incorrect mock on test
* Fix formatting
* Adjust method name
* More naming adjustments
* Add PolicyData constructor, update test usages
* Rename PolicyData -> PolicyStatus
* Remove unused using
* PM-28616 Add flag UsePhishingBlocker to dbo.Organization
* PM-28616 updated as per comments from claude
* PM-28616 updated ToLicense Method to copy the license file
* PM-28616 allow phishing blocker to be imported via license files for self-hosted
* PM-28616 updated PR comments - added more views to be refreshed
* PM-28616 removed proeprty from constructor as it is not used anymore. We have moved to claims based properties
* Enhance PolicyRequestModel and SavePolicyRequest with validation for policy data and metadata.
* Add integration tests for policy updates to validate handling of invalid data types in PolicyRequestModel and SavePolicyRequest.
* Add missing using
* Update PolicyRequestModel for null safety by making Data and ValidateAndSerializePolicyData nullable
* Add integration tests for public PoliciesController to validate handling of invalid data types in policy updates.
* Add PolicyDataValidator class for validating and serializing policy data and metadata based on policy type.
* Refactor PolicyRequestModel, SavePolicyRequest, and PolicyUpdateRequestModel to utilize PolicyDataValidator for data validation and serialization, removing redundant methods and improving code clarity.
* Update PolicyRequestModel and SavePolicyRequest to initialize Data and Metadata properties with empty dictionaries.
* Refactor PolicyDataValidator to remove null checks for input data in validation methods
* Rename test methods in SavePolicyRequestTests to reflect handling of empty data and metadata, and remove null assignments in test cases for improved clarity.
* Remove Type property from PolicyRequestModel to use route parameter only
* Run dotnet format
* Enhance error handling in PolicyDataValidator to include field-specific details in BadRequestException messages.
* Enhance PoliciesControllerTests to verify error messages for BadRequest responses by checking for specific field names in the response content.
* refactor: Update PolicyRequestModel and SavePolicyRequest to use nullable dictionaries for Data and Metadata properties; enhance validation methods in PolicyDataValidator to handle null cases.
* test: Add integration tests for handling policies with null data in PoliciesController
* fix: Catch specific JsonException in PolicyDataValidator to improve error handling
* test: Add unit tests for PolicyDataValidator to validate and serialize policy data and metadata
* test: Remove PolicyType from PolicyRequestModel in PoliciesControllerTests
* test: Update PolicyDataValidatorTests to validate organization data ownership metadata
* Refactor PoliciesControllerTests to include policy type in PutVNext method calls
* Enhance PolicyRequestModel and SavePolicyRequest with validation for policy data and metadata.
* Add integration tests for policy updates to validate handling of invalid data types in PolicyRequestModel and SavePolicyRequest.
* Add missing using
* Update PolicyRequestModel for null safety by making Data and ValidateAndSerializePolicyData nullable
* Add integration tests for public PoliciesController to validate handling of invalid data types in policy updates.
* Add PolicyDataValidator class for validating and serializing policy data and metadata based on policy type.
* Refactor PolicyRequestModel, SavePolicyRequest, and PolicyUpdateRequestModel to utilize PolicyDataValidator for data validation and serialization, removing redundant methods and improving code clarity.
* Update PolicyRequestModel and SavePolicyRequest to initialize Data and Metadata properties with empty dictionaries.
* Refactor PolicyDataValidator to remove null checks for input data in validation methods
* Rename test methods in SavePolicyRequestTests to reflect handling of empty data and metadata, and remove null assignments in test cases for improved clarity.
* Enhance error handling in PolicyDataValidator to include field-specific details in BadRequestException messages.
* Enhance PoliciesControllerTests to verify error messages for BadRequest responses by checking for specific field names in the response content.
* refactor: Update PolicyRequestModel and SavePolicyRequest to use nullable dictionaries for Data and Metadata properties; enhance validation methods in PolicyDataValidator to handle null cases.
* test: Add integration tests for handling policies with null data in PoliciesController
* fix: Catch specific JsonException in PolicyDataValidator to improve error handling
* test: Add unit tests for PolicyDataValidator to validate and serialize policy data and metadata
* test: Update PolicyDataValidatorTests to validate organization data ownership metadata
* Update ProviderUserOrganizationDetailsView to include SSO configuration data
* Updated the ProviderUserOrganizationDetailsViewQuery to join with SsoConfigs and select SSO-related fields.
* Modified the SQL view to reflect the inclusion of SSO configuration data.
* Added a new migration script for the updated view structure.
* Add SSO configuration properties to ProviderUserOrganizationDetails model
* Add SSO configuration handling to ProfileProviderOrganizationResponseModel
* Introduced properties for SSO configuration, including SSO enabled status and KeyConnector details.
* Implemented deserialization of SSO configuration data to populate new fields in the response model.
* Add integration tests for ProviderUserRepository.GetManyOrganizationDetailsByUserAsync
* Add BaseUserOrganizationDetails model to encapsulate common properties
* Introduced a new abstract class to define shared properties for organization users and provider organization users
* Add BaseProfileOrganizationResponseModel to encapsulate organization response properties
* Introduced a new abstract class that ensures all properties are fully populated for profile organization responses.
* Update ProviderUserOrganizationDetailsViewQuery to include missing ProviderUserId
* Refactor OrganizationUserOrganizationDetails and ProviderUserOrganizationDetails to inherit from BaseUserOrganizationDetails
* Updated both models to extend BaseUserOrganizationDetails, promoting code reuse and ensure they have the same base properties
* Refactor ProfileOrganizationResponseModel and ProfileProviderOrganizationResponseModel to inherit from BaseProfileOrganizationResponseModel
* Refactor ProviderUserRepositoryTests to improve organization detail assertions
* Consolidated assertions for organization details into a new method, AssertProviderOrganizationDetails, enhancing code readability and maintainability.
* Updated test cases to verify all relevant properties for organizations with and without SSO configurations.
* Add integration test for GetManyDetailsByUserAsync to verify SSO properties
* Implemented a new test case to ensure that the SSO properties are correctly populated for organizations with and without SSO configurations.
* The test verifies the expected behavior of the method when interacting with the user and organization repositories, including cleanup of created entities after the test execution.
* Add unit tests for ProfileOrganizationResponseModel and ProfileProviderOrganizationResponseModel
* Introduced tests to validate the constructors of ProfileOrganizationResponseModel and ProfileProviderOrganizationResponseModel, ensuring that all properties are populated correctly based on the provided organization details.
* Verified expected behavior for both organization and provider models, including SSO configurations and relevant properties.
* Update SyncControllerTests.Get_ProviderPlanTypeProperlyPopulated to nullify SSO configurations in provider user organization details
* Refactor BaseProfileOrganizationResponseModel and ProfileOrganizationResponseModel for null safety
Updated properties in BaseProfileOrganizationResponseModel and ProfileOrganizationResponseModel to support null safety by introducing nullable types where appropriate.
* Enhance null safety in BaseUserOrganizationDetails and OrganizationUserOrganizationDetails
Updated properties in BaseUserOrganizationDetails and OrganizationUserOrganizationDetails to support null safety by introducing nullable types where appropriate, ensuring better handling of potential null values.
* Move common properties from ProfileOrganizationResponseModel to BaseProfileOrganizationResponseModel
* Refactor organization details: Remove BaseUserOrganizationDetails and introduce IProfileMemberOrganizationDetails interface for improved structure and clarity in organization user data management.
* Enhance OrganizationUserOrganizationDetails: Implement IProfileMemberOrganizationDetails interface
* Refactor ProviderUserOrganizationDetails: Implement IProfileMemberOrganizationDetails interface
* Refactor ProfileOrganizationResponseModelTests and ProfileProviderOrganizationResponseModelTests: Update constructors to utilize Organization and ProviderUserOrganizationDetails, enhancing property population and test coverage.
* Enhance ProviderUserOrganizationDetails: Add UseResetPassword, UseSecretsManager, and UsePasswordManager properties to the query and SQL views
* Update BaseProfileOrganizationResponseModel documentation: Clarify purpose and usage of organization properties for OrganizationUsers and ProviderUsers.
* Rename ProfileOrganizationResponseModel to ProfileMemberOrganizationResponseModel, update references and update related test names
* Add XML documentation for ProfileMemberOrganizationResponseModel and ProfileProviderOrganizationResponseModel to clarify their purpose and relationships
* Remove unnecessary cleanup code from OrganizationUserRepositoryTests
* Remove unnecessary cleanup code from ProviderUserRepositoryTests
* Rename test method in ProviderUserRepositoryTests to improve clarity on property population
* Add CreateFullOrganization method to ProviderUserRepositoryTests for improved organization setup in tests
* Refactor organization creation in tests to use CreateTestOrganizationAsync for consistency and improved setup
* Rename IProfileMemberOrganizationDetails to IProfileOrganizationDetails
* Rename ProfileMemberOrganizationResponseModel back to ProfileOrganizationResponseModel
* Refactor organization response models to remove Family Sponsorship properties from BaseProfileOrganizationResponseModel and reintroduce them in ProfileOrganizationResponseModel. Update related interfaces and tests accordingly.
* Bump date on migration script
* Update OrganizationUserOrganizationDetailsViewQuery to include UseAutomaticUserConfirmation property
* Add Microsoft Teams integration
* Fix method naming error
* Expand and clean up unit test coverage
* Update with PR feedback
* Add documentation, add In Progress logic/tests for Teams
* Fixed lowercase Slack
* Added docs; Updated PR suggestions;
* Fix broken tests
* Refactor Slack Callback
* Add more safety to state param, clarify if logic, update tests
* Added an additional 2 possible cases to test: integration is not a slack integration, and the integration has already been claimed
* Implement SonarQube suggestion
* Adjusted org hash to include timestamp; addressed PR feedback
* Event integration updates and cleanups
* Add Datadog integration
* Update README to include link to Datadog PR
* Move doc update into the Datadog PR; Fix empty message on ArgumentException
* Adjust exception message
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Removed unnecessary nullable enable; Moved Docs link to PR into this PR
* Remove unnecessary nullable enable calls
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* [PM-17562] Add HEC integration support
* Re-ordered parameters per PR suggestion
* Apply suggestions from code review
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Refactored webhook request model validation to be more clear
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* [PM-17562] Add integration filter support
* Repond to PR feedback; Remove Date-related filters
* Use tables to format the filter class descriptions
* [PM-17562] Add database support for integration filters (#5988)
* [PM-17562] Add database support for integration filters
* Respond to PR review - fix database scripts
* Further database updates; fix Filters to be last in views, stored procs, etc
* Fix for missing nulls in stored procedures in main migration script
* Reorder Filters to the bottom of OrganizationIntegrationConfiguration
* Separate out the creation of filters from the IntegrationFilterService to IntegrationFIlterFactory
* Move properties to static readonly field
* Fix unit tests failing from merge
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* [PM-17562] Update documentation for event integrations
* Fix SonarQube suggestion, bring ASB event listener in line with integration listener
* Apply suggestions from code review
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Updates to README - PR fixes, additional context, tense alignment
* Add links to different sections; remove inline code formatting in favor of single bacticks for JSON
* [PM-17562] Add aupport for Auth on Webhook integration requests
* Repsond to PR feedback - move optional params to end, add tests for optional cases
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* [PM-17562] Update documentation for event integrations
* Fix SonarQube suggestion, bring ASB event listener in line with integration listener
* Apply suggestions from code review
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Updates to README - PR fixes, additional context, tense alignment
* Fix the formatting for inlined code snippets
* Add links to different sections; remove inline code formatting in favor of single bacticks for JSON
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* [PM-17562] Slack Event Investigation
* Refactored Slack and Webhook integrations to pull configurations dynamically from a new Repository
* Added new TemplateProcessor and added/updated unit tests
* SlackService improvements, testing, integration configurations
* Refactor SlackService to use a dedicated model to parse responses
* Refactored SlackOAuthController to use SlackService as an injected dependency; added tests for SlackService
* Remove unnecessary methods from the IOrganizationIntegrationConfigurationRepository
* Moved Slack OAuth to take into account the Organization it's being stored for. Added methods to store the top level integration for Slack
* Organization integrations and configuration database schemas
* Format EF files
* Initial buildout of basic repositories
* [PM-17562] Add Dapper Repositories For Organization Integrations and Configurations
* Update Slack and Webhook handlers to use new Repositories
* Update SlackOAuth tests to new signatures
* Added EF Repositories
* Update handlers to use latest repositories
* [PM-17562] Add Dapper and EF Repositories For Ogranization Integrations and Configurations
* Updated with changes from PR comments
* Adjusted Handlers to new repository method names; updated tests to naming convention
* Adjust URL structure; add delete for Slack, add tests
* Added Webhook Integration Controller
* Add tests for WebhookIntegrationController
* Added Create/Delete for OrganizationIntegrationConfigurations
* Prepend ConnectionTypes into IntegrationType so we don't run into issues later
* Added Update to OrganizationIntegrationConfigurtionController
* Moved Webhook-specific integration code to being a generic controller for everything but Slack
* Removed delete from SlackController - Deletes should happen through the normal Integration controller
* Fixed SlackController, reworked OIC Controller to use ids from URL and update the returned object
* Added parse/type checking for integration and integration configuration JSONs, Cleaned up GlobalSettings to remove old values
* Cleanup and fixes for Azure Service Bus support
* Clean up naming on TemplateProcessorTests
* Address SonarQube warnings/suggestions
* Expanded test coverage; Cleaned up tests
* Respond to PR Feedback
* Rename TemplateProcessor to IntegrationTemplateProcessor
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
* Adding CanToggleState to PoliciesControllers (api/public) endpoints. Added mappings wrapped in feature flag.
* Updated logic for determining CanToggle. Removed setting of toggle from List endpoint. Added new details model for single policy response. Validator now returns after first error.
