* [PM-34866] Fix EnableAutomaticTaxAsync to update schedule phases
* Use test clock frozen time for phase filtering
* Expand test_clock on customer subscription fetches
When a subscription has an active schedule during the ~15-day window before
renewal, the invoice preview for tax estimation was built with the new price
but without the Phase 2 discount coupon. This caused the estimated tax on the
subscription page to be higher than what Stripe would actually charge.
Pass the coupon ID from the schedule's Phase 2 discount through to
EstimatePremiumTaxAsync so it is included in the InvoiceCreatePreviewOptions.
* initial send controls
* update vNext methods and add test coverage for policy validators
* add comments to tests
* Apply suggestion from @mkincaid-bw
• `IX_Policy_OrganizationId_Type` is a unique index
Co-authored-by: mkincaid-bw <mkincaid@bitwarden.com>
* renamne migrations for correct sorting
* respond to csharp related review comments
* fix failing lints
* fix tests
* revise policy sync logic
* revise policy event logic and tests
* add integration tests
- fix SQL syntax error
- escape Sqlite format specifier
- update migration IDs to match sorted filename
- fix SQL syntax error
* OR legacy policy data with SendControls policy data
* remove migrations and associated integration test
* whitespacing and comment correction
* aggregate kegacy Send policies in PolicyQuery and adjust PoliciesController logic
* add comments to simplify post-migration cleanup
* consolidate legacy Send policy synthesis from PoliciesController into PolicyQuery.GetAllAsync
* respond to review comments and other minor fixes
---------
Co-authored-by: mkincaid-bw <mkincaid@bitwarden.com>
* Enhance IEventService to log user events for accepted status organizations. Updated LogUserEventAsync method to include a new parameter for including organizations where the user has accepted status. Added corresponding unit tests to verify functionality.
* Update AuthRequestService to include accepted status organizations in user event logging. Adjusted LogUserEventAsync method and corresponding unit tests to reflect the new parameter.
* Update NoopEventService to include a new parameter for accepted status organizations in LogUserEventAsync method.
* Update EventServiceTests to use Arg.Any for GetOrganizationAbilitiesAsync method
* implementation plan
* feedback updates
* revert updates
* implementation plan
* feedback updates
* revert updates
* implement plan
* Revert "Merge branch '2fa-account-recovery' of github.com:bitwarden/server into 2fa-account-recovery"
This reverts commit 3be2d140f1, reversing
changes made to 9fb8d3891c.
* PR feedback
* revert claude local settings
* lint fixes
* fix test models
* move new commands to v2 namespace.
* format
* fix swagger stuff
* update feature flag name
Make tax-related subscription updates schedule-aware during the ~15-day
window between invoice.upcoming and renewal. When a subscription schedule
is present and the feature flag is enabled, update default_settings.automatic_tax
on the schedule instead of the subscription directly.
Modified paths:
- UpcomingInvoiceHandler: AlignOrganizationTaxConcernsAsync,
AlignPremiumUsersTaxConcernsAsync, new shared EnableAutomaticTaxAsync helper
- UpdateBillingAddressCommand: EnableAutomaticTaxAsync, added IFeatureService
UpdateTaxInformation has no callers in src/. Remove from ISubscriberService,
SubscriberService, and associated tests. Also removes the now-unused
ITaxService constructor parameter from SubscriberService.
feat: add `MasterPasswordSalt` to unlock and authentication flow
- Add optional `MasterPasswordSalt`:
- `MasterPasswordUnlockAndAuthenticationData`
- `RegisterFinishRequestModel`
- `UserDecryptionOptionsBuilder`
- Add test coverage for explicit checks where appropriate in the above model updates
* fix(billing): replace per-change IsStructural with changeset-level ChargeImmediately flag
* fix(billing): set seat quantity when upgrading from non-seat-based to seat-based plan
* Send better error message when token is expired
* Add comment indicating frontend usage
* Add testcase for Invalid Token scenario
* Update comment in test-case
* Fix merge issue
* Fix method name
* Consolidate token validation error calculation, apply to new area
* Move away from magic strings, fix tests
* Adjust class name
* Clean up old method name references
* Change errors to fields for singleton behavior
* Formatting
* Implement the portal session url
* Remove comment
* formatting issues have been resolved
* Allow deep linking url
* remove thr return url request
* Resolve review comments around comments
* Fix the failing test after removing _globalSettings
* Fix the failing unit test
* changes for the premium push notification
* Fix the lint build
* implement the hub-helper
* Resolve the pr comments
* fix the lint error
* move PremiumStatusPushNotification to billing
* secure SSRP protection for internal requests
* remove nullable enable
* explicitly handle redirect requests for SSRF
* track current uri in SsrfProtectionHandler. add followRedirects option in AddSsrfProtection
* preserve request method for 301 and 302 requests
This was being used to combine policies before sending them
to the client. Instead, the server just send the policies and
the client should process/combine them. Revert this to save
unnecessary QA (etc) and we will refactor this away in the
future.
