- Added support for retrieving confirmed accepted policies and organization user details based on the feature flag 'PoliciesInAcceptedState'.
- Updated SyncResponseModel to include new properties for these details.
- Enhanced SyncControllerTests to verify behavior with the feature flag enabled and disabled.
* refactor: enhance null safety in InviteOrganization and related models
- Updated InviteOrganization properties to be nullable for improved null safety.
- Refactored InviteOrganizationUsersRequest to use primary constructor syntax.
- Added null checks for Plan in validation logic to prevent errors when the organization plan is unavailable.
- Adjusted PasswordManagerSubscriptionUpdate to handle nullable PasswordManagerPlan.
- Ensured consistent handling of nullable properties across various validation classes.
* refactor: update organization handling in SCIM user models and commands
- Replaced references to InviteOrganization with Organization in SCIM user request models and related commands for consistency.
- Enhanced null safety by ensuring proper handling of organization properties across various components.
- Updated tests to reflect changes in organization handling and ensure functionality remains intact.
* test: add unit tests for SCIM organization user invitation scenarios
- Implemented tests for inviting SCIM organization users under different conditions: when self-hosted with a null plan and when not self-hosted with a null plan.
- Ensured proper validation and response handling for both success and failure cases.
- Updated dependencies and mock setups to reflect the new test scenarios.
feat: Add WebAuthn Cache
- Add IWebAuthnChallengeCacheProvider with distributed cache implementation for storing WebAuthn Challenges
- Inject the cache provider into AssertWebAuthnLoginCredentialCommand and WebAuthnGrantValidator so challenges can be stored
- Use a static token lifetime for WebAuthnLoginAssertionOptionsTokenable and enable nullable reference types on the tokenable
- Add unit tests for the cache provider, the assertion command, and the WebAuthn controller; add Identity integration and unit tests for WebAuthnGrantValidator with a FakeWebAuthnAuthenticator helper
* Add UseInviteLinks to Organization SQL schema and views
* Add Migrator scripts for UseInviteLinks column and data migration
* Add EF migrations for UseInviteLinks on Organization
* Wire UseInviteLinks through organization domain and repositories
* Add HasInviteLinks plan support and UseInviteLinks license handling
* Expose UseInviteLinks and HasInviteLinks on organization and plan API models
* Update tests for UseInviteLinks and invite-links plan feature
* Update migration script with missing update to Organization_ReadManyByIds
* Move UseInviteLinks column after ExemptFromBillingAutomation
* Bump date on migration scripts
* Add optional RevisionDate param to group sprocs
When provided, bump Group.RevisionDate on affected groups during
membership and collection-access changes. Defaults to NULL for
backward compatibility.
* Add migration for group RevisionDate bump
* Add revisionDate param to group repository methods
Update IGroupRepository and IOrganizationUserRepository interfaces
and their Dapper and Entity Framework implementations.
* Pass revisionDate through business logic to repos
Inject TimeProvider into commands, services, and controllers to
supply the timestamp when modifying group membership.
* Update unit tests for group revisionDate param
* Update and add integration tests for group revision
* Enhance IGroupRepository and IOrganizationUserRepository with detailed XML documentation
* Bump date on migration script
* Bump date on migration script
* update minimum version to handle all new item types rather than individual types
* add cipher types for driverslicense and passport
* add request and response models for DriversLicense and Passport
* add events for DriversLicense and Passport
* add seeder
* add additional properties from CXP
* add additional fields
The move_edd_db_scripts job in repository-management.yml had
permissions: {} while calling _move_edd_db_scripts.yml, which
declares pull-requests: write and contents: write at its top
level. GitHub Actions blocks permission escalation in reusable
workflow callers at startup, producing a startup_failure.
Additionally, _move_edd_db_scripts.yml was missing id-token: write
and actions: read from its own top-level permissions block, which
its jobs require.
Fixed by granting the caller job explicit permissions matching what
the reusable workflow needs, and adding the missing permissions to
the reusable workflow's top-level block.
* [PM-34813] fix system coupons regression
refactor customer setup class to split system coupons from discount coupons so that they can be applied systematically
* [PM-34213] Log event when attachment is created via delayed upload
* [PM-34213] Add tests for attachment created event logging
* [PM-34213] Move Cipher_AttachmentCreated event log to authenticated attachment creation callers
* Add changes for unpaid subscriptions
* Remove the unpaid status and update the test
* Add changes for premium user
* Fix the lint error
* remove subscriptionInfo and use subscription
* Fix file encoding issue
* SubscriptionLicenseValidator.cs is deleted
* Fix the lint error
Deprecating V1 User Asymmetric Key information in favor of new V2 User Asymmetric Account Keys structure.
This PR adds support for the new AccountKeys structure while maintaining support for the legacy UserAsymmetricKey-based flow. Validation is updated to check either AccountKeys or UserAsymmetricKeys are updated. Tests include modeling for both scenarios.
Now that passkey unlock has been released, this change removes the logic related to the passkey unlock feature flag pm-2035-passkey-unlock. The feature flag itself will be removed in a future ticket.
* This wraps the delete method in a retry loop in order to protect the delete calls when cleaning up test data.
* Removing database test clean up as these databases should be ephemeral
* [PM-34886] allow play id tracking in any non-production build
* [PM-34880] Allow configuration by setting regardless of env
* Fixup append vs add on list
* Simplify valid issues for licenses
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Allow prod-signed certs in dev self host instances
* Use all verification licenses for all verification methods
* Fixup license logic bug
* ensure distinct license set
* avoid saving data protection certs for dev environments
This reverts the potential new environment change identified
* remove simple extension
* private thumbprints
* simpler verification thumbprint validation
* switch to hashset for verification certs
this way we don't need to run distinct
* Fixup missed play id non-prod logic
* Update src/Core/Billing/Services/Implementations/LicensingService.cs
Co-authored-by: Kyle Denney <4227399+kdenney@users.noreply.github.com>
* fixup!
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: Kyle Denney <4227399+kdenney@users.noreply.github.com>
