* Refactor organization user confirmation logic by removing direct feature flag checks. Updated related commands and tests to utilize policy requirements instead of feature service checks for automatic user confirmation. Cleaned up organization form view by simplifying checkbox rendering for automatic user confirmation.
* Refactor ProviderService to remove feature service dependency for automatic user confirmation. Updated logic to streamline policy requirement checks and cleaned up related tests by removing unnecessary feature flag assertions.
* Enhance tests for automatic user confirmation policy requirements. Updated multiple test classes to include checks for `AutomaticUserConfirmationPolicyRequirement`, ensuring no auto-confirm restrictions are applied by default. Refactored related assertions in `AcceptOrgUserCommandTests`, `ConfirmOrganizationUserCommandTests`, `RestoreOrganizationUserCommandTests`, and others to streamline compliance validation logic.
* Enhance tests for automatic user confirmation policy across multiple test classes. Added checks for `AutomaticUserConfirmationPolicyRequirement` in `ConfirmOrganizationUserCommandTests`, `RestoreOrganizationUserCommandTests`, and `SelfHostedOrganizationSignUpCommandTests`, ensuring compliance validation logic is streamlined and consistent. Updated assertions to reflect new policy requirements.
* Implement mock for AutomaticUserConfirmationPolicyRequirement in ProviderServiceTests to enhance test coverage for user confirmation policies.
* Update ProviderServiceTests to include mocks for AutomaticUserConfirmationPolicyRequirement, enhancing test coverage for user acceptance scenarios.
* Refactor test method names in EmergencyAccessServiceTests for clarity by removing feature flag references, improving readability and maintainability of the test suite.
* fix(billing): replace per-change IsStructural with changeset-level ChargeImmediately flag
* fix(billing): set seat quantity when upgrading from non-seat-based to seat-based plan
* chore: add CLAUDE.local.md and .worktrees to gitignore
* feat(billing): add Stripe interval and payment behavior constants and feature flag
* feat(billing): add OrganizationSubscriptionChangeSet model and unit tests
* refactor(billing): rename UpdateOrganizationSubscriptionCommand to BulkUpdateOrganizationSubscriptionsCommand
* feat(billing): add UpdateOrganizationSubscriptionCommand with tests
* feat(billing): use UpdateOrganizationSubscriptionCommand in BulkUpdateOrganizationSubscriptions behind feature flag
* feat(billing): use UpdateOrganizationSubscriptionCommand in SetUpSponsorshipCommand behind feature flag
* feat(billing): add UpgradeOrganizationPlanVNextCommand with tests and feature flag gate
* feat(billing): use UpdateOrganizationSubscriptionCommand in OrganizationService.AdjustSeatsAsync behind feature flag
* feat(billing): use UpdateOrganizationSubscriptionCommand in UpdateSecretsManagerSubscriptionCommand behind feature flag
* feat(billing): use UpdateOrganizationSubscriptionCommand in BillingHelpers.AdjustStorageAsync behind feature flag
* chore: run dotnet format
* fix(billing): missed optional owner in OrganizationBillingService.Finalize after merge
* refactor(billing): address PR feedback on UpdateOrganizationSubscription
* Added new methods and ff for single org req
* Changed req messages and added new method for creating orgs
* Updated Requirement and Tests.
* Updated commands and requirement to take a list of org users
* Updated xml docs and renamed to be consistent
* Changes from Code Review
* Removed feature flag check for policy requirements around single org. Aligned error message with what other commands were returning.
* Fixed test names. Updated error messages to be specific for each caller.
* Updated tests to clean up details consturction
* Added test for confirmed accepted user in another org.
* fixed tests to use new factory
* Update test/Core.Test/AdminConsole/OrganizationFeatures/OrganizationUsers/RestoreUser/RestoreOrganizationUserCommandTests.cs
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
* Fixed tests by adding no op for req.
---------
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
* Add integration tests for AcceptInit endpoint in OrganizationUsersController
* Add new feature flag for organization acceptance initialization refactor
* Add InitPendingOrganizationVNextAsync for consolidated organization initialization
Introduces a new method that consolidates organization initialization,
user confirmation, email verification, and collection creation into a
single operation with upfront validation.
Key improvements:
- All validation performed before any state changes
- Returns typed errors via CommandResult instead of throwing exceptions
- Reduces three separate command calls into one unified flow
- Maintains backward compatibility via feature flag
The existing InitPendingOrganizationAsync is marked obsolete and will be
removed after feature flag rollout completes.
* Add unit tests for InitPendingOrganizationVNextAsync method
Introduces comprehensive unit tests for the InitPendingOrganizationVNextAsync method, covering various scenarios including valid data initialization, error handling for invalid tokens, organization status checks, and user confirmation requirements.
Key additions:
- Tests for successful organization initialization and user confirmation.
- Error handling tests for invalid tokens, already enabled organizations, and mismatched organization IDs.
- Validation for existing keys and email mismatches.
- Support for creating default collections during initialization.
These tests enhance the reliability and robustness of the organization initialization process.
* Refactor AcceptInit method to support feature flag for organization initialization
Updated the AcceptInit method in OrganizationUsersController to return an IResult type and handle organization initialization based on a feature flag. If the feature is enabled, it utilizes the new InitPendingOrganizationVNextAsync method for atomic organization setup and user confirmation. Integration tests were added to verify the behavior under both feature flag states, ensuring proper initialization and error handling.
* Enhance InitPendingOrganizationCommand with policy validation and feature flag support
Updated the ValidatePoliciesAsync method to enforce the Automatic User Confirmation Policy when the feature flag is enabled. Added new unit tests to cover scenarios for automatic user confirmation and single organization policy violations, ensuring comprehensive validation during organization initialization. This improves error handling and maintains compliance with organizational policies.
* Add InitializePendingOrganizationAsync method for atomic organization initialization
Implemented the InitializePendingOrganizationAsync method in both Dapper and Entity Framework repositories to streamline the initialization of pending organizations. This method enables the organization, confirms the first owner, updates user details, and optionally creates a default collection, all within a single atomic transaction. Enhanced error handling ensures robustness during the initialization process.
* Add unit tests for InitializePendingOrganizationAsync method
Introduced several unit tests for the InitializePendingOrganizationAsync method, covering scenarios such as successful organization initialization with and without collections, exception handling for invalid organization IDs, and rollback behavior on errors. These tests enhance the reliability of the organization initialization process and ensure proper handling of various edge cases.
* Refactor InitPendingOrganizationCommand to use consolidated InitializePendingOrganizationAsync method
Replaced multiple asynchronous calls for organization initialization with a single call to the new InitializePendingOrganizationAsync method. This change streamlines the process by encapsulating organization setup, user confirmation, and collection creation into one atomic operation, enhancing maintainability and reducing complexity in the command logic.
* Enhance InitPendingOrganizationCommandTests with new test cases and refactor existing ones
Added a new test case for InitPendingOrganizationVNextAsync to validate organization initialization with a collection name. Refactored existing tests to improve clarity and maintainability, including the removal of redundant assertions and the consolidation of organization setup logic. This update strengthens the test coverage for the organization initialization process and ensures proper handling of various scenarios.
* Refactor IOrganizationRepository and OrganizationRepository to remove nullable collectionName parameter
Updated the IOrganizationRepository and OrganizationRepository interfaces to change the collectionName parameter from nullable to non-nullable. This change enforces stricter parameter requirements and improves data integrity during organization initialization processes.
* Improve error handling in OrganizationRepository by logging exceptions during transaction rollback
Updated the OrganizationRepository in both Dapper and Entity Framework implementations to log detailed error messages when exceptions occur during the initialization of pending organizations. This enhancement improves traceability and debugging capabilities by providing context on failures, ensuring better maintainability of the organization initialization process.
* Refactor OrganizationRepository to consolidate SaveChangesAsync calls
Updated the OrganizationRepository to reduce multiple SaveChangesAsync calls into a single call at the end of the transaction. This change enhances performance and ensures that all changes are committed atomically, improving the overall maintainability of the organization initialization process.
* refactor: Introduce InitPendingOrganizationRequest model and update InitPendingOrganizationVNextAsync method
- Created InitPendingOrganizationRequest to encapsulate parameters for initializing a pending organization.
- Refactored InitPendingOrganizationVNextAsync method to accept the new request model instead of multiple parameters.
- Updated OrganizationUsersController to use the new request model for improved readability and maintainability.
- Adjusted related tests to accommodate the new request structure.
* Create database update action delegate for organization initialization.
* Add BuildVerifyUserEmailAction method to IUserRepository and implementations in UserRepository classes
- Introduced a new method in IUserRepository to create an action for verifying user emails.
- Implemented the method in both Dapper and Entity Framework UserRepository classes to update the email verification status of users.
- Ensured that the method checks if the user's email is already verified before updating.
* Add BuildCreateDefaultCollectionAction method to ICollectionRepository and implementations in CollectionRepository classes
- Introduced a new method in ICollectionRepository to build an action for creating a default collection with user access.
- Implemented the method in both Dapper and Entity Framework CollectionRepository classes to handle collection creation and user access assignments.
- Enhanced the functionality to support transaction execution for database operations.
* Add BuildConfirmOrganizationUserAction method to IOrganizationUserRepository and implementations in OrganizationUserRepository classes
- Introduced a new method in IOrganizationUserRepository to build an action for confirming an organization user.
- Implemented the method in both Dapper and Entity Framework OrganizationUserRepository classes to handle user confirmation and status updates.
- Enhanced the functionality to support transaction execution for database operations.
* Refactor organization initialization methods in IOrganizationRepository and implementations
- Introduced BuildUpdateOrganizationAction method to create an action for updating organization properties during initialization.
- Replaced the InitializePendingOrganizationAsync method with ExecuteOrganizationInitializationUpdatesAsync to handle multiple update actions in a single transaction.
- Updated Dapper and Entity Framework implementations to support the new action-based approach for organization initialization, enhancing transaction management and code clarity.
* Add integration tests for ExecuteOrganizationInitializationUpdatesAsync
* Refactor InitPendingOrganizationCommand to streamline organization initialization process
- Introduced methods for preparing organization and organization user for initialization.
- Replaced direct calls to repository methods with a new action-based approach for executing multiple database updates in a single transaction.
- Enhanced test cases to validate the new initialization logic and ensure proper handling of organization states.
* Refactor organization user acceptance tests to utilize feature flags
- Converted existing tests to use [Theory] with [InlineData] for feature flag variations.
- Updated assertions to reflect expected status codes based on feature flag state.
- Enhanced user confirmation checks to ensure proper linking and email verification after acceptance.
- Improved test coverage for organization initialization scenarios with and without collections.
* Refactor BuildVerifyUserEmailAction to accept User entity instead of user ID
- Updated IUserRepository and its implementations to change the parameter of BuildVerifyUserEmailAction from Guid userId to User user.
- Modified related repository methods in Dapper and Entity Framework to utilize the User entity for email verification.
- Adjusted tests to reflect the new method signature, ensuring proper functionality and integration with the updated user verification process.
* Revert "Refactor BuildVerifyUserEmailAction to accept User entity instead of user ID"
This reverts commit 71047bee2a.
* Enhance InitPendingOrganizationCommand for null safety and error handling
- Removed nullable disable directive to enable null safety checks.
- Added a null check for the organization retrieval, throwing a BadRequestException if not found.
- Updated validation methods to return nullable Error types, improving error handling in the organization initialization process.
* Add remarks to IInitPendingOrganizationCommand for clarity on organization initialization
- Enhanced the documentation for the InitPendingOrganizationCommand interface by adding remarks to clarify the role of the user initializing the organization.
- Explained the default state assumptions during validation, emphasizing that no policies are enforced at this stage.
* Implement InitPendingOrganizationValidator for improved organization initialization validation
- Introduced IInitPendingOrganizationValidator interface and its implementation to encapsulate validation logic for organization initialization.
- Refactored InitPendingOrganizationCommand to utilize the new validator for token validation, user email matching, organization state checks, and policy enforcement.
- Enhanced dependency injection in OrganizationServiceCollectionExtensions to include the new validator.
- Added comprehensive unit tests for the validator to ensure robust validation logic and error handling.
* Update documentation in IInitPendingOrganizationCommand to clarify organization initialization process
- Revised the summary comment to specify that the method initializes a pending organization created via the Bitwarden Portal on behalf of a Reseller.
- Added a reference to the ResellerClientOrganizationSignUpCommand for better context.
- Emphasized the confirmation of the first owner during the initialization process.
* Update InitPendingOrganizationRequest to allow optional collection name
- Modified the CollectionName property to be nullable, allowing for no collection to be created if the value is null or empty.
- Enhanced documentation to clarify the optional nature of the CollectionName parameter.
* Fix nullability issue in InitPendingOrganizationCommand by enforcing non-null collection name assignment
* Refactor organization key handling in InitPendingOrganization features. Updated OrganizationUsersController to use new key pair data structure. Adjusted InitPendingOrganizationCommand and InitPendingOrganizationRequest to reflect changes in key management.
* Update organization key handling to use the name EncryptedOrganizationSymmetricKey. Refactor OrganizationUsersController, InitPendingOrganizationCommand, and InitPendingOrganizationRequest for consistency in key management.
* Refactor InitPendingOrganizationCommand to utilize TimeProvider for date handling. Updated methods to replace direct DateTime calls with _timeProvider.GetUtcNow().
* Refactor InitPendingOrganization validation methods to rename ValidateBusinessRulesAsync to ValidateFreeOrganizationLimitAsync for clarity and consistency. Updated related command and test files accordingly.
* Refactor InitPendingOrganizationCommand and related classes to streamline validation logic. Introduced InitPendingOrganizationValidationRequest for enriched validation context and updated methods to improve clarity and consistency in error handling. Adjusted tests to reflect changes in validation flow.
* Remove unused dependencies from InitPendingOrganizationCommand
* Refactor InitPendingOrganizationCommand to streamline organization initialization process. Replaced multiple update actions with a single atomic operation for organization and owner confirmation. Updated related repository interfaces and methods for improved clarity and consistency in transaction handling.
* Remove commented-out regions and clean up whitespace in InitPendingOrganizationCommandTests for improved readability.
* Remove unnecessary null check for organization in InitPendingOrganizationCommand
* Revert "Remove unnecessary null check for organization in InitPendingOrganizationCommand"
This reverts commit 1ad7148fc9.
* Refactor organization initialization actions to use DbConnection and DbTransaction instead of SqlConnection and SqlTransaction. Update related interfaces and implementations across repositories for improved database transaction handling.
* Refactor organization and organization user update logic to use null checks for entity existence. Throw exceptions for not found entities to improve error handling during initialization.
* Update InitPendingOrganizationCommandTests to use SendConfirmationAsync for email notifications and added missing using directive for OrganizationConfirmation.
* Remove unnecessary blank lines from CollectionRepository and UserRepository classes for improved code readability.
* Remove redundant test cases from OrganizationUsersControllerAcceptInitTests
* Enhance InitPendingOrganizationCommandTests to validate organization and user properties in repository interactions
* Update RefactorOrgAcceptInit feature flag key to new identifier pm-33082-refactor-org-accept-init
Main fix: only assign new key value where old keys are not set
and new keys have been provided.
Refactors:
- use consistent DTO model for keypairs
- delete duplicate property assignment for new orgs
* move billing services+tests to billing namespaces
* reorganized methods in file and added comment headers
* renamed StripeAdapter methods for better clarity
* clean up redundant qualifiers
* Upgrade Stripe.net to v48.4.0
* Update PreviewTaxAmountCommand
* Remove unused UpcomingInvoiceOptionExtensions
* Added SubscriptionExtensions with GetCurrentPeriodEnd
* Update PremiumUserBillingService
* Update OrganizationBillingService
* Update GetOrganizationWarningsQuery
* Update BillingHistoryInfo
* Update SubscriptionInfo
* Remove unused Sql Billing folder
* Update StripeAdapter
* Update StripePaymentService
* Update InvoiceCreatedHandler
* Update PaymentFailedHandler
* Update PaymentSucceededHandler
* Update ProviderEventService
* Update StripeEventUtilityService
* Update SubscriptionDeletedHandler
* Update SubscriptionUpdatedHandler
* Update UpcomingInvoiceHandler
* Update ProviderSubscriptionResponse
* Remove unused Stripe Subscriptions Admin Tool
* Update RemoveOrganizationFromProviderCommand
* Update ProviderBillingService
* Update RemoveOrganizatinoFromProviderCommandTests
* Update PreviewTaxAmountCommandTests
* Update GetCloudOrganizationLicenseQueryTests
* Update GetOrganizationWarningsQueryTests
* Update StripePaymentServiceTests
* Update ProviderBillingControllerTests
* Update ProviderEventServiceTests
* Update SubscriptionDeletedHandlerTests
* Update SubscriptionUpdatedHandlerTests
* Resolve Billing test failures
I completely removed tests for the StripeEventService as they were using a system I setup a while back that read JSON files of the Stripe event structure. I did not anticipate how frequently these structures would change with each API version and the cost of trying to update these specific JSON files to test a very static data retrieval service far outweigh the benefit.
* Resolve Core test failures
* Run dotnet format
* Remove unused provider migration
* Fixed failing tests
* Run dotnet format
* Replace the old webhook secret key with new one (#6223)
* Fix compilation failures in additions
* Run dotnet format
* Bump Stripe API version
* Fix recent addition: CreatePremiumCloudHostedSubscriptionCommand
* Fix new code in main according to Stripe update
* Fix InvoiceExtensions
* Bump SDK version to match API Version
* cleanup
* fixing items missed after the merge
* use expression body for all simple returns
* forgot fixes, format, and pr feedback
* claude pr feedback
* pr feedback and cleanup
* more claude feedback
---------
Co-authored-by: Alex Morask <amorask@bitwarden.com>
Co-authored-by: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
And other refactors:
- move update organization method to a command
- separate authorization from business logic
- add tests
- move Billing Team logic into their service
* Remove feature flag and move StaticStore plans to MockPlans for tests
* Remove old plan models / move sponsored plans out of StaticStore
* Run dotnet format
* Add pricing URI to Development appsettings for local development and integration tests
* Updated Api Integration tests to get current plan type
* Run dotnet format
* Fix failing tests
* new feature flag
* first pass at changes
* safeguard against billing-pricing not being deployed yet
* handle families pre migration plan
* wrong stripe id
* tests
* unit tests
* Adding job to update stripe subscriptions and increment seat count when inviting a user.
* Updating name
* Added ef migrations
* Fixing script
* Fixing procedures. Added repo tests.
* Fixed set stored procedure. Fixed parameter name.
* Added tests for database calls and updated stored procedures
* Fixed build for sql file.
* fixing sproc
* File is nullsafe
* Adding view to select from instead of table.
* Updating UpdateSubscriptionStatus to use a CTE and do all the updates in 1 statement.
* Setting revision date when incrementing seat count
* Added feature flag check for the background job.
* Fixing nullable property.
* Removing new table and just adding the column to org. Updating to query and command. Updated tests.
* Adding migration script rename
* Add SyncSeats to Org.sql def
* Adding contraint name
* Removing old table files.
* Added tests
* Upped the frequency to be at the top of every 3rd hour.
* Updating error message.
* Removing extension method
* Changed to GuidIdArray
* Added xml doc and switched class to record
* Add SelfHostedOrganizationSignUpCommand for organization sign-up process
Method extracted from OrganizationService
* Register SelfHostedOrganizationSignUpCommand for dependency injection
* Add unit tests for SelfHostedOrganizationSignUpCommand
* Refactor SelfHostedOrganizationLicensesController to use ISelfHostedOrganizationSignUpCommand
* Remove SignUpAsync method and related validation from IOrganizationService and OrganizationService
* Move ISelfHostedOrganizationSignUpCommand into a separate file and update references
* Enable null safety in SelfHostedOrganizationSignUpCommand and update ISelfHostedOrganizationSignUpCommand interface to reflect nullable types for organizationUser and collectionName.
* Implement ResellerClientOrganizationSignUpCommand for signing up reseller client organizations with email invitations and error handling
* Refactor ProvidersController to replace IOrganizationService with IResellerClientOrganizationSignUpCommand for organization sign-up process
* Remove CreatePendingOrganization method from IOrganizationService and its implementation in OrganizationService
* Add IResellerClientOrganizationSignUpCommand to service collection for organization sign-up
* Add comment to clarify organization deletion process in ResellerClientOrganizationSignUpCommand
* Remove gathering and reporting of ReferenceEvents
* Fix test that relied on reference events throwing
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Extract OrganizationService.SignupClientAsync into new ResellerClientOrganizationSignUpCommand
* Refactor ResellerClientOrganizationSignUpCommand to remove unused dependencies and simplify SignupClientAsync method signature
* Add unit tests for ResellerClientOrganizationSignUpCommand
* Rename SignUpProviderClientOrganizationCommand
* Rename ProviderClientOrganizationSignUpCommand
* Register ProviderClientOrganizationSignUpCommand for dependency injection
* Refactor ProviderService to use IProviderClientOrganizationSignUpCommand for organization signup process
* Refactor error handling in ProviderClientOrganizationSignUpCommand to use constants for error messages
* Remove SignupClientAsync method from IOrganizationService and OrganizationService, along with associated unit tests
* Add OrganizationUpdateKeysCommand
* Add unit tests for OrganizationUpdateKeysCommand to validate permission checks and key updates
* Register OrganizationUpdateKeysCommand for dependency injection
* Refactor OrganizationsController to use IOrganizationUpdateKeysCommand for updating organization keys
* Remove outdated unit tests for UpdateOrganizationKeysAsync in OrganizationServiceTests
* Remove UpdateOrganizationKeysAsync method from IOrganizationService and OrganizationService implementations
* Add IOrganizationUpdateKeysCommand dependency mock to OrganizationsControllerTests
* Remove gRPC and convert PricingClient to HttpClient wrapper
* Add PlanType.GetProductTier extension
Many instances of StaticStore use are just to get the ProductTierType of a PlanType, but this can be derived from the PlanType itself without having to fetch the entire plan.
* Remove invocations of the StaticStore in non-Test code
* Deprecate StaticStore entry points
* Run dotnet format
* Matt's feedback
* Run dotnet format
* Rui's feedback
* Run dotnet format
* Replacements since approval
* Run dotnet format
* Add command interface and implementation for disabling organizations
* Register organization disable command for dependency injection
* Add unit tests for OrganizationDisableCommand
* Refactor subscription handlers to use IOrganizationDisableCommand for disabling organizations
* Remove DisableAsync method from IOrganizationService and its implementation in OrganizationService
* Remove IOrganizationService dependency from SubscriptionDeletedHandler
* Remove commented TODO for sending email to owners in OrganizationDisableCommand
* Add organization enable command implementation
* Add unit tests for OrganizationEnableCommand
* Add organization enable command registration for dependency injection
* Refactor payment and subscription handlers to use IOrganizationEnableCommand for organization enabling
* Remove EnableAsync methods from IOrganizationService and OrganizationService
* Add xmldoc to IOrganizationEnableCommand
* Refactor OrganizationEnableCommand to consolidate enable logic and add optional expiration
* Create organization deletion command with logic extracted from OrganizationService
* Add unit tests for OrganizationDeleteCommand
* Register OrganizationDeleteCommand for dependency injection
* Refactor organization deletion logic to use IOrganizationDeleteCommand and remove legacy IOrganizationService.DeleteAsync method
* Add organization deletion initiation command and refactor service usage
* Enhance organization deletion commands with detailed XML documentation
* Refactor organization command registration to include sign-up and deletion methods
* Enforce free organization limit when updating user
* Add test for throwing error on accepting admin user joining multiple free organizations
* Add test for throwing BadRequest when free organization admin attempts to sign up for another free organization
* Fix user ID handling in UpdateOrganizationUserCommand for free organizations
* Rename parameter 'user' to 'organizationUser' in UpdateUserAsync method for clarity
feat(NewDeviceVerification) :
* Created database migration scripts for VerifyDevices column in [dbo].[User].
* Updated DeviceValidator to check if user has opted out of device verification.
* Added endpoint to AccountsController.cs to allow editing of new User.VerifyDevices property.
* Added tests for new methods and endpoint.
* Updating queries to track [dbo].[User].[VerifyDevices].
* Updated DeviceValidator to set `User.EmailVerified` property during the New Device Verification flow.
