feat: add MasterPasswordSalt to database responses and DTOs
- Add Dapper migration scripts and update SQL project
- Include MasterPasswordSalt in database response models and DTOs
- Add null coalescing to User entity for MasterPasswordSalt
- Update EF queries to return MasterPasswordSalt
- Rename migrations for consistency
- Add test coverage for affected repositories
- Update EmergencyAccessTakeOverResponseModel tests
* Add more efficient sproc to retrieve PolicyDetails
for a single user. This closely matches the existing sproc
used by PolicyService and should be performant enough
to be used in the login flow
* Maintain feature flag for this critical path
* create new dockerfile for SeederApi
* troubleshoot cargo issues
* troubleshoot cargo issues
* Ensure Rustup run on build env for appropriate target
* Musl targets do not support cdylibs
* Ensure default triple set to target
* Set target triple rather than update default host
* Change build platforms per project
* Switch to debian since we can't use musl
* Debian build for seeder should work with arm targets
* Move app stage to distroless
* remove SeederApi from server publish section
* suppress unrelated warnings"
* ruling out builds as error source
* override platforms for SeederApi
* troubleshoot matrix
* add extra step for evaluating platforms
* fix syntax error
* exclude unrelated error
* exclude unrelated error
* exclude unrelated error
* exclude unrelated error
* exclude unrelated error
* temporarily reduce number of builds
* exclude unrelated error
* remove temporary block on other builds
* remove unused builds from dockerfile
* add nginx location for seeder, wrap it behind an if check defaulting to false. This was discuss with Matt G, as this will enable QA usage of it without repetitive intervention with config files and reloading the nginx service etc. Handlebars will continously overwrite the nginx conf file on update
* opted to remove conditional location to seederApi, instead include additional conf files in the same directory allowing for extensibility and not directly placing the non-prod seeder location in the config builder
---------
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Co-authored-by: AJ Mabry <81774843+aj-bw@users.noreply.github.com>
feat: add MasterPasswordSalt column to User table
- Add MasterPasswordSalt column to User table in both Dapper and EF implementations
- Update User stored procedures (Create, Update, UpdateMasterPassword) to handle salt column
- Add EF migrations and update UserView with dependent views
- Set MaxLength constraint on MasterPasswordSalt column
- Update UserRepository implementations to manage salt field
- Add comprehensive test coverage for salt handling and normalization
* PM-32517 initial migration commit
* pm-32517 fixing integration unit test
* PM-32517 removing .claude changes
* PM-32517 changing implementation of migration test
* PM-32517 adding type for ReportFile
* PM-32517 adding report file type
* PM-32517 changing unit tests
* PM-32517 adding new statement in migration script
* PM-32035 - EmergencyAccessService - fix interface docs, method docs, and tests to cover grantee / grantor deletion which is supported today.
* PM-32035 - EmergencyAccessService - mark existing delete as deprecated
* PM-32035 - EmergencyAccess readme docs - fix deletion docs
* PM-32035 - Add new EmergencyAccessDetails_ReadByUserIds stored proc
* PM-32035 - Add migration script for EmergencyAccessDetails_ReadByUserIds
* PM-32035 - Build out GetManyDetailsByUserIdsAsync in repository layer plus add tests
* PM-32035 - EmergencyAccessRepo - DeleteManyAsync - remove grantee revision bump as not necessary since no EA sync data exists + update tests
* PM-32035 - Fix incorrect nullability annotation on EmergencyAccessDetails.GrantorEmail. Both the SQL view and EF projection use a LEFT JOIN to the User table, meaning the value can be null if the grantor's account no longer exists. Changed to string? and removed the required modifier since the class is only ever materialized from database queries, never directly instantiated.
* PM-32035 - Refactor DeleteEmergencyAccess command to offer new DeleteAllByUserIdAsync and DeleteAllByUserIdsAsync methods. Need to build out DeleteByIdAndUserIdAsync with a new stored proc.
* PM-32035 - Build out IEmergencyAccessRepository.GetDetailsByIdAsync because we need such a method in order to meet the product requirements to send grantor email notifications for normal deletions in the future.
* PM-32035 - Wire up DeleteEmergencyAccessCommand.DeleteByIdAndUserIdAsync to use new repository method emergencyAccessRepository.GetDetailsByIdAsync so we can send notifications. Now, it is full replacement for the existing emergency access service deletion method + has the new notification functionaliy requested.
* PM-32035 - Add more test coverage for DeleteByIdAndUserIdAsync
* PM-32035 - Fix missing GranteeAvatarColor and GrantorAvatarColor projections in EmergencyAccessDetailsViewQuery. The EF view query omitted both avatar color fields from its Select projection, causing the integration tests to fail on all non-SqlServer databases (MySql, Postgres, Sqlite) where EF is used instead of Dapper.
* PM-32035 - Rename migration after main merge revealed collision
* PM-32035 - Rename migration script
* PM-32035 - PR feedback - add ticket + todos to deprecated delete async method.
* PM-32035 - DeleteEmergencyAccessCommand - add logs if we don't have user data required to send email notifications.
* PM-32035 - PR Feedback - rename EmergencyAccessDetails_ReadByUserIds to EmergencyAccessDetails_ReadManyByUserIds
Purpose: UseMyItems is a new organization ability / plan flag
which is automatically enabled where UsePolicies is enabled,
but can be selectively disabled to disable My Items creation
when the Organization Data Ownership policy is turned on.
- new organization table column with all sprocs and views updated
- data migration to enable the feature for all organizations that already use policies (replicating existing behaviour)
- data and api models updated
- added to organization license file so it can be preserved in self-hosted instances
- note that we don't have a plan feature defined for this yet, so it is set based on UsePolicies to match the migration logic. Billing Team have a ticket to add this
* User V2UpgradeToken for key rotation without logout
* reset old v2 upgrade token on manual key rotation
* sql migration fix
* missing table column
* missing view update
* tests for V2UpgradeToken clearing on manual key rotation
* V2 to V2 rotation causes logout. Updated wrapped key 1 to be a valid V2 encrypted string in tests.
* integration tests failures - increase assert recent for date time type from 2 to 5 seconds (usually for UpdatedAt assertions)
* repository test coverage
* migration script update
* new EF migration scripts
* broken EF migration scripts fixed
* refresh views due to User table alternation
* docs(billing): add design document for replacing SetupIntent cache
* docs(billing): add implementation plan for replacing SetupIntent cache
* feat(db): add gateway lookup stored procedures for Organization, Provider, and User
* feat(db): add gateway lookup indexes to Organization, Provider, and User table definitions
* chore(db): add SQL Server migration for gateway lookup indexes and stored procedures
* feat(repos): add gateway lookup methods to IOrganizationRepository and Dapper implementation
* feat(repos): add gateway lookup methods to IProviderRepository and Dapper implementation
* feat(repos): add gateway lookup methods to IUserRepository and Dapper implementation
* feat(repos): add EF OrganizationRepository gateway lookup methods and index configuration
* feat(repos): add EF ProviderRepository gateway lookup methods and index configuration
* feat(repos): add EF UserRepository gateway lookup methods and index configuration
* chore(db): add EF migrations for gateway lookup indexes
* refactor(billing): update SetupIntentSucceededHandler to use repository instead of cache
* refactor(billing): simplify StripeEventService by expanding customer on SetupIntent
* refactor(billing): query Stripe for SetupIntents by customer ID in GetPaymentMethodQuery
* refactor(billing): query Stripe for SetupIntents by customer ID in HasPaymentMethodQuery
* refactor(billing): update OrganizationBillingService to set customer on SetupIntent
* refactor(billing): update ProviderBillingService to set customer on SetupIntent and query by customer
* refactor(billing): update UpdatePaymentMethodCommand to set customer on SetupIntent
* refactor(billing): remove bank account support from CreatePremiumCloudHostedSubscriptionCommand
* refactor(billing): remove OrganizationBillingService.UpdatePaymentMethod dead code
* refactor(billing): remove ProviderBillingService.UpdatePaymentMethod
* refactor(billing): remove PremiumUserBillingService.UpdatePaymentMethod and UserService.ReplacePaymentMethodAsync
* refactor(billing): remove SubscriberService.UpdatePaymentSource and related dead code
* refactor(billing): update SubscriberService.GetPaymentSourceAsync to query Stripe by customer ID
Add Task 15a to plan - this was a missed requirement for updating
GetPaymentSourceAsync which still used the cache.
* refactor(billing): complete removal of PremiumUserBillingService.Finalize and UserService.SignUpPremiumAsync
* refactor(billing): remove ISetupIntentCache and SetupIntentDistributedCache
* chore: remove temporary planning documents
* chore: run dotnet format
* fix(billing): add MaxLength(50) to Provider gateway ID properties
* chore(db): add EF migrations for Provider gateway column lengths
* chore: run dotnet format
* chore: rename SQL migration for chronological order
* [PM-31684] Remove email hashing for send access
* [PM-31684] switching the order of migration files
* [PM-31684] adding more migrations
* [PM-31684] Removing anon access emails field and reusing emails field
* [PM-31684] cleanup before adding migrations back
* [PM-31684] restore original snapshots
* [PM-31684] restore original postgres snapshots
* [PM-31684] adding migrations
* [PM-31684] removing encryption attributes from emails request model
* [PM-31684] adding missing stored proc alters
* [PM-31684] Improved formatting for stored proc defs
* [PM-31684] adding necessary comment back
* [PM-31684] adding case-insensitive check on the server for send auth
* Begin migration to appropriately named sprocs
* Update method and parameter names
* Remove incorrect change
* Changes EF to match collection type comparison
* Adds integration test verifying excluded collections
* Changes EF to match collection type comparison
* Fix whitespacing
* Fix dedented if
* Implement the detail Subscription Discount Database Infrastructure
* Change string to string list
* fix lint error
* Create all missing database object definition files
* Regenerate EF migrations with Designer files
The previous migrations were missing .Designer.cs files. This commit:
- Removes the incomplete migration files
- Regenerates all three provider migrations (MySQL, Postgres, SQLite) with proper Designer files
- Updates DatabaseContextModelSnapshot.cs for each provider
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* fix failing database
* Resolve the lint warnings
* Resolve the database failure
* Fix the build Lint
* resolve the dbops reviews
* Add the default value
---------
Co-authored-by: Claude <noreply@anthropic.com>
* feat: Add initial DeleteEmergencyContactCommand
* chore: remove nullable enable and add comments
* test: add tests for new delete command
* test: update tests to test IMailer was called.
* feat: add delete by GranteeId and allow for multiple grantors to be contacted.
* feat: add DeleteMany stored procedure for EmergencyAccess
* test: add database tests for new SP
* feat: commands use DeleteManyById for emergencyAccessDeletes
* claude: send one email per grantor instead of a bulk email to all grantors. Modified tests to validate.
* feat: change revision dates for confirmed grantees;
* feat: add AccountRevisionDate bump for grantee users in the confirmed status
* test: update integration test to validate only confirmed users are updated as well as proper deletion of emergency access
