mirror of
https://github.com/bitwarden/server.git
synced 2026-04-11 14:39:36 -05:00
main
10 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Jared McCannon
|
463ca89710 |
[PM-32066] - Add Org Ability View (#7194)
* Added sproc, view, repo methods, and tests |
||
|
Rui Tomé
|
c97ccc1610 |
[PM-28795] Refactor organization accept-init flow with atomic database operations and upfront validation (#6831)
* Add integration tests for AcceptInit endpoint in OrganizationUsersController * Add new feature flag for organization acceptance initialization refactor * Add InitPendingOrganizationVNextAsync for consolidated organization initialization Introduces a new method that consolidates organization initialization, user confirmation, email verification, and collection creation into a single operation with upfront validation. Key improvements: - All validation performed before any state changes - Returns typed errors via CommandResult instead of throwing exceptions - Reduces three separate command calls into one unified flow - Maintains backward compatibility via feature flag The existing InitPendingOrganizationAsync is marked obsolete and will be removed after feature flag rollout completes. * Add unit tests for InitPendingOrganizationVNextAsync method Introduces comprehensive unit tests for the InitPendingOrganizationVNextAsync method, covering various scenarios including valid data initialization, error handling for invalid tokens, organization status checks, and user confirmation requirements. Key additions: - Tests for successful organization initialization and user confirmation. - Error handling tests for invalid tokens, already enabled organizations, and mismatched organization IDs. - Validation for existing keys and email mismatches. - Support for creating default collections during initialization. These tests enhance the reliability and robustness of the organization initialization process. * Refactor AcceptInit method to support feature flag for organization initialization Updated the AcceptInit method in OrganizationUsersController to return an IResult type and handle organization initialization based on a feature flag. If the feature is enabled, it utilizes the new InitPendingOrganizationVNextAsync method for atomic organization setup and user confirmation. Integration tests were added to verify the behavior under both feature flag states, ensuring proper initialization and error handling. * Enhance InitPendingOrganizationCommand with policy validation and feature flag support Updated the ValidatePoliciesAsync method to enforce the Automatic User Confirmation Policy when the feature flag is enabled. Added new unit tests to cover scenarios for automatic user confirmation and single organization policy violations, ensuring comprehensive validation during organization initialization. This improves error handling and maintains compliance with organizational policies. * Add InitializePendingOrganizationAsync method for atomic organization initialization Implemented the InitializePendingOrganizationAsync method in both Dapper and Entity Framework repositories to streamline the initialization of pending organizations. This method enables the organization, confirms the first owner, updates user details, and optionally creates a default collection, all within a single atomic transaction. Enhanced error handling ensures robustness during the initialization process. * Add unit tests for InitializePendingOrganizationAsync method Introduced several unit tests for the InitializePendingOrganizationAsync method, covering scenarios such as successful organization initialization with and without collections, exception handling for invalid organization IDs, and rollback behavior on errors. These tests enhance the reliability of the organization initialization process and ensure proper handling of various edge cases. * Refactor InitPendingOrganizationCommand to use consolidated InitializePendingOrganizationAsync method Replaced multiple asynchronous calls for organization initialization with a single call to the new InitializePendingOrganizationAsync method. This change streamlines the process by encapsulating organization setup, user confirmation, and collection creation into one atomic operation, enhancing maintainability and reducing complexity in the command logic. * Enhance InitPendingOrganizationCommandTests with new test cases and refactor existing ones Added a new test case for InitPendingOrganizationVNextAsync to validate organization initialization with a collection name. Refactored existing tests to improve clarity and maintainability, including the removal of redundant assertions and the consolidation of organization setup logic. This update strengthens the test coverage for the organization initialization process and ensures proper handling of various scenarios. * Refactor IOrganizationRepository and OrganizationRepository to remove nullable collectionName parameter Updated the IOrganizationRepository and OrganizationRepository interfaces to change the collectionName parameter from nullable to non-nullable. This change enforces stricter parameter requirements and improves data integrity during organization initialization processes. * Improve error handling in OrganizationRepository by logging exceptions during transaction rollback Updated the OrganizationRepository in both Dapper and Entity Framework implementations to log detailed error messages when exceptions occur during the initialization of pending organizations. This enhancement improves traceability and debugging capabilities by providing context on failures, ensuring better maintainability of the organization initialization process. * Refactor OrganizationRepository to consolidate SaveChangesAsync calls Updated the OrganizationRepository to reduce multiple SaveChangesAsync calls into a single call at the end of the transaction. This change enhances performance and ensures that all changes are committed atomically, improving the overall maintainability of the organization initialization process. * refactor: Introduce InitPendingOrganizationRequest model and update InitPendingOrganizationVNextAsync method - Created InitPendingOrganizationRequest to encapsulate parameters for initializing a pending organization. - Refactored InitPendingOrganizationVNextAsync method to accept the new request model instead of multiple parameters. - Updated OrganizationUsersController to use the new request model for improved readability and maintainability. - Adjusted related tests to accommodate the new request structure. * Create database update action delegate for organization initialization. * Add BuildVerifyUserEmailAction method to IUserRepository and implementations in UserRepository classes - Introduced a new method in IUserRepository to create an action for verifying user emails. - Implemented the method in both Dapper and Entity Framework UserRepository classes to update the email verification status of users. - Ensured that the method checks if the user's email is already verified before updating. * Add BuildCreateDefaultCollectionAction method to ICollectionRepository and implementations in CollectionRepository classes - Introduced a new method in ICollectionRepository to build an action for creating a default collection with user access. - Implemented the method in both Dapper and Entity Framework CollectionRepository classes to handle collection creation and user access assignments. - Enhanced the functionality to support transaction execution for database operations. * Add BuildConfirmOrganizationUserAction method to IOrganizationUserRepository and implementations in OrganizationUserRepository classes - Introduced a new method in IOrganizationUserRepository to build an action for confirming an organization user. - Implemented the method in both Dapper and Entity Framework OrganizationUserRepository classes to handle user confirmation and status updates. - Enhanced the functionality to support transaction execution for database operations. * Refactor organization initialization methods in IOrganizationRepository and implementations - Introduced BuildUpdateOrganizationAction method to create an action for updating organization properties during initialization. - Replaced the InitializePendingOrganizationAsync method with ExecuteOrganizationInitializationUpdatesAsync to handle multiple update actions in a single transaction. - Updated Dapper and Entity Framework implementations to support the new action-based approach for organization initialization, enhancing transaction management and code clarity. * Add integration tests for ExecuteOrganizationInitializationUpdatesAsync * Refactor InitPendingOrganizationCommand to streamline organization initialization process - Introduced methods for preparing organization and organization user for initialization. - Replaced direct calls to repository methods with a new action-based approach for executing multiple database updates in a single transaction. - Enhanced test cases to validate the new initialization logic and ensure proper handling of organization states. * Refactor organization user acceptance tests to utilize feature flags - Converted existing tests to use [Theory] with [InlineData] for feature flag variations. - Updated assertions to reflect expected status codes based on feature flag state. - Enhanced user confirmation checks to ensure proper linking and email verification after acceptance. - Improved test coverage for organization initialization scenarios with and without collections. * Refactor BuildVerifyUserEmailAction to accept User entity instead of user ID - Updated IUserRepository and its implementations to change the parameter of BuildVerifyUserEmailAction from Guid userId to User user. - Modified related repository methods in Dapper and Entity Framework to utilize the User entity for email verification. - Adjusted tests to reflect the new method signature, ensuring proper functionality and integration with the updated user verification process. * Revert "Refactor BuildVerifyUserEmailAction to accept User entity instead of user ID" This reverts commit |
||
|
Thomas Rittson
|
ad19efcff7 |
[PM-22236] Fix invited accounts stuck in intermediate claimed status (#6810)
* Exclude invited users from claimed domain checks. These users should be excluded by the JOIN on UserId, but it's a known issue that some invited users have this FK set. |
||
|
Brandon Treston
|
c189e4aaf5 |
[PM-22104] Migrate default collection when org user is removed (#6135)
* migrate default collection to a shared collection when users are removed * remove redundant logic * fix test * fix tests * fix test * clean up * add migrations * run dotnet format * clean up, refactor duplicate logic to sproc, wip integration test * fix sql * add migration for new sproc * integration test wip * integration test wip * integration test wip * integration test wip * fix integration test LINQ expression * fix using wrong Id * wip integration test for DeleteManyAsync * fix LINQ * only set DefaultUserEmail when it is null in sproc * check for null * spelling, separate create and update request models * fix test * fix child class * refactor sproc * clean up * more cleanup * fix tests * fix user email * remove unneccesary test * add DefaultUserCollectionEmail to EF query * fix test * fix EF logic to match sprocs * clean up logic * cleanup |
||
|
Jared McCannon
|
86ce3a86e9 |
[PM-20452] - Offloading Stripe Update (#6034)
* Adding job to update stripe subscriptions and increment seat count when inviting a user. * Updating name * Added ef migrations * Fixing script * Fixing procedures. Added repo tests. * Fixed set stored procedure. Fixed parameter name. * Added tests for database calls and updated stored procedures * Fixed build for sql file. * fixing sproc * File is nullsafe * Adding view to select from instead of table. * Updating UpdateSubscriptionStatus to use a CTE and do all the updates in 1 statement. * Setting revision date when incrementing seat count * Added feature flag check for the background job. * Fixing nullable property. * Removing new table and just adding the column to org. Updating to query and command. Updated tests. * Adding migration script rename * Add SyncSeats to Org.sql def * Adding contraint name * Removing old table files. * Added tests * Upped the frequency to be at the top of every 3rd hour. * Updating error message. * Removing extension method * Changed to GuidIdArray * Added xml doc and switched class to record |
||
|
cyprain-okeke
|
a618f97234 |
[PM 20621]Update error message when lowering seat count (#5836)
* implement the seat decrease error message * Resolve the comment regarding abstraction * Resolved the database failure Signed-off-by: Cy Okeke <cokeke@bitwarden.com> * Resolve the failing test Signed-off-by: Cy Okeke <cokeke@bitwarden.com> * Resolve the failing test Signed-off-by: Cy Okeke <cokeke@bitwarden.com> * Resolve the failing upgrade test Signed-off-by: Cy Okeke <cokeke@bitwarden.com> * Resolve the failing test Signed-off-by: Cy Okeke <cokeke@bitwarden.com> * Resolve the failing test Signed-off-by: Cy Okeke <cokeke@bitwarden.com> * Removed the unused method * Remove the total calculation from the stored procedure * Refactoring base on pr feedback * Refactoring base on pr feedback * Resolve the fauiling database * Resolve the failing database test * Resolve the database test * Remove duplicate migrations * resolve the failing test * Removed the unneeded change * remove this file * Reverted Deleted migration * revert the added space * resolve the stored procedure name * Rename the migration name * Updated the stored procedure name * Revert the changes on the sproc * Revert unrelated changes * Remove the unused method * improved the xmldoc * Add an integration testing * Add the use of helper test class Signed-off-by: Cy Okeke <cokeke@bitwarden.com> * Resolve the failing test Signed-off-by: Cy Okeke <cokeke@bitwarden.com> * Resolve the failing test Signed-off-by: Cy Okeke <cokeke@bitwarden.com> * remove object look up * Resolve message rollback Signed-off-by: Cy Okeke <cokeke@bitwarden.com> --------- Signed-off-by: Cy Okeke <cokeke@bitwarden.com> |
||
|
Jared McCannon
|
786b0edceb |
[PM-18527] - Fix allowing restored user to own multiple free orgs (#5444)
* Moved RestoreUserAsync and RestoreUsersAsync to Command.
* Fixing the bug.
* Added test for bulk method.
* Fixing sonar cube warning.
* SonarQube warning fix.
* Excluding org users we already have.
* Fixed misspelling. Added integration test for method.
* test had the misspelling as well 🤦
* Split out interface. Added admin and confirmed constraints.
* fixed queries and added xml comments and tests.
|
||
|
Thomas Rittson
|
54d59b3b92 |
[PM-16812] Shortcut duplicate group patch requests (#5354)
* Copy PatchGroupCommand to vNext and refactor * Detect duplicate add requests and return early * Update read repository method to use HA replica * Add new write repository method |
||
|
Rui Tomé
|
d6cd73cfcc |
[PM-11404] Account Management: Prevent a verified user from purging their vault (#4853)
* Add check for managed user before purging account * Rename IOrganizationRepository.GetByClaimedUserDomainAsync to GetByVerifiedUserEmailDomainAsync and refactor to return a list. Remove ManagedByOrganizationId from ProfileResponseMode. Add ManagesActiveUser to ProfileOrganizationResponseModel * Rename the property ManagesActiveUser to UserIsManagedByOrganization * Remove whole class #nullable enable and add it to specific places * Remove unnecessary .ToList() * Refactor IUserService methods GetOrganizationsManagingUserAsync and IsManagedByAnyOrganizationAsync to not return nullable objects. Update ProfileOrganizationResponseModel.UserIsManagedByOrganization to not be nullable * Update error message when unable to purge vault for managed account |
||
|
Rui Tomé
|
f2180aa7b7 |
[PM-10311] Account Management: Create helper methods for checking against verified domains (#4636)
* Add HasVerifiedDomainsAsync method to IOrganizationDomainService * Add GetManagedUserIdsByOrganizationIdAsync method to IOrganizationUserRepository and the corresponding queries * Fix case on the sproc OrganizationUser_ReadManagedIdsByOrganizationId parameter * Update the EF query to use the Email from the User table * dotnet format * Fix IOrganizationDomainService.HasVerifiedDomainsAsync by checking that domains have been Verified and add unit tests * Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync * Fix domain queries * Add OrganizationUserRepository integration tests * Add summary to IOrganizationDomainService.HasVerifiedDomainsAsync * chore: Rename IOrganizationUserRepository.GetManagedUserIdsByOrganizationAsync to GetManyIdsManagedByOrganizationIdAsync * Add IsManagedByAnyOrganizationAsync method to IUserRepository * Add integration tests for UserRepository.IsManagedByAnyOrganizationAsync * Refactor to IUserService.IsManagedByAnyOrganizationAsync and IOrganizationService.GetUsersOrganizationManagementStatusAsync * chore: Refactor IsManagedByAnyOrganizationAsync method in UserService * Refactor IOrganizationService.GetUsersOrganizationManagementStatusAsync to return IDictionary<Guid, bool> * Extract IOrganizationService.GetUsersOrganizationManagementStatusAsync into a query * Update comments in OrganizationDomainService to use proper capitalization * Move OrganizationDomainService to AdminConsole ownership and update namespace * feat: Add support for organization domains in enterprise plans * feat: Add HasOrganizationDomains property to OrganizationAbility class * refactor: Update GetOrganizationUsersManagementStatusQuery to use IApplicationCacheService * Remove HasOrganizationDomains and use UseSso to check if Organization can have Verified Domains * Refactor UserService.IsManagedByAnyOrganizationAsync to simply check the UseSso flag * Add TODO comment for replacing 'UseSso' organization ability on user verified domain checks * Bump date on migration script * Add indexes to OrganizationDomain table * Bump script migration date; Remove WITH ONLINE = ON from data migration. |