* changes for the premium push notification
* Fix the lint build
* implement the hub-helper
* Resolve the pr comments
* fix the lint error
* move PremiumStatusPushNotification to billing
feat: add MasterPasswordSalt to database responses and DTOs
- Add Dapper migration scripts and update SQL project
- Include MasterPasswordSalt in database response models and DTOs
- Add null coalescing to User entity for MasterPasswordSalt
- Update EF queries to return MasterPasswordSalt
- Rename migrations for consistency
- Add test coverage for affected repositories
- Update EmergencyAccessTakeOverResponseModel tests
* secure SSRP protection for internal requests
* remove nullable enable
* explicitly handle redirect requests for SSRF
* track current uri in SsrfProtectionHandler. add followRedirects option in AddSsrfProtection
* preserve request method for 301 and 302 requests
This was being used to combine policies before sending them
to the client. Instead, the server just send the policies and
the client should process/combine them. Revert this to save
unnecessary QA (etc) and we will refactor this away in the
future.
* Add more efficient sproc to retrieve PolicyDetails
for a single user. This closely matches the existing sproc
used by PolicyService and should be performant enough
to be used in the login flow
* Maintain feature flag for this critical path
* create new dockerfile for SeederApi
* troubleshoot cargo issues
* troubleshoot cargo issues
* Ensure Rustup run on build env for appropriate target
* Musl targets do not support cdylibs
* Ensure default triple set to target
* Set target triple rather than update default host
* Change build platforms per project
* Switch to debian since we can't use musl
* Debian build for seeder should work with arm targets
* Move app stage to distroless
* remove SeederApi from server publish section
* suppress unrelated warnings"
* ruling out builds as error source
* override platforms for SeederApi
* troubleshoot matrix
* add extra step for evaluating platforms
* fix syntax error
* exclude unrelated error
* exclude unrelated error
* exclude unrelated error
* exclude unrelated error
* exclude unrelated error
* temporarily reduce number of builds
* exclude unrelated error
* remove temporary block on other builds
* remove unused builds from dockerfile
* add nginx location for seeder, wrap it behind an if check defaulting to false. This was discuss with Matt G, as this will enable QA usage of it without repetitive intervention with config files and reloading the nginx service etc. Handlebars will continously overwrite the nginx conf file on update
* opted to remove conditional location to seederApi, instead include additional conf files in the same directory allowing for extensibility and not directly placing the non-prod seeder location in the config builder
---------
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Co-authored-by: AJ Mabry <81774843+aj-bw@users.noreply.github.com>
* Migrate self-host ownership over to SHOT
* Set devcontainers to multi owner
* Update CODEOWNERS for docker-compose.yml
* We already have a multiple owner section
* check permissions when uploading attachment for self hosted users to remove possibility of overwriting an existing attachment.
* expose `ValidateCipherEditForAttachmentAsync`
* add additional logic to support admin users
* add unit tests for new edit checks
* Add CommandResultRefactor constant to FeatureFlagKeys in Constants.cs
* Add method to convert MemberCreateRequestModel to InviteOrganizationUsersRequest
- Introduced ToInviteRequest method for transforming MemberCreateRequestModel into InviteOrganizationUsersRequest.
- Enhanced model with additional using directives for improved functionality.
* Update GetInviterEmailAsync method to include a check for Guid.Empty to prevent unnecessary DB lookups
* Feature flag MembersController POST to use InviteOrganizationUsersCommand
Add a new code path behind the CommandResultRefactor feature flag that
replaces the legacy InviteUserAsync call with the InviteOrganizationUsersCommand.
Integration tests verify both paths produce identical results.
* Refactor feature flag for member invites from CommandResultRefactor to PublicMembersInviteRefactor in MembersController and update related tests.
* feat(emergency-access): [PM-29585] Prevent New EA Invitations or Acceptance - Initial implementation
* fix(emergency-access): [PM-29585] Prevent New EA Invitations or Acceptance - Changes in a good place. Need to write tests.
* test(emergency-access): [PM-29585] Prevent New EA Invitations or Acceptance - Service tests have been added.
* fix(emergency-access): [PM-29585] Prevent New EA Invitations or Acceptance - Fixed comment.
* create short-lived signed attachment URL for self-hosted instances
* move local attachment logic to service
* remove comment
* remove unusued var. add happy-path test for file download
* fix(controller): add null check for provider organization ID in ProviderClientsController
* feat(tests): add test for updating provider organization with different provider ID
