server

Commit Graph

Author	SHA1	Message	Date
Justin Baur	2918d46b62	Resolve Vault warnings (#5786 ) - Also remove extra exclusions	7 months ago
Jordan Aasen	3d59f5522d	[PM-19357] - [Defect] Unauthorised access allows limited access user to change custom hidden field of Items (#5572 ) * prevent hidden password users from modifying hidden fields * add tests * fix serialization issues * DRY up code * return newly created cipher * add sshKey data type * fix tests	8 months ago
Rui Tomé	abe593d221	[PM-18088] Implement LimitItemDeletion permission checks for all cipher operations (#5476 ) * Implement enhanced cipher deletion and restore permissions with feature flag support - Add new method `CanDeleteOrRestoreCipherAsAdminAsync` in CiphersController - Update NormalCipherPermissions to support more flexible cipher type checking - Modify CipherService to use new permission checks with feature flag - Refactor test methods to support new permission logic - Improve authorization checks for organization cipher management * Refactor cipher methods to use CipherDetails and simplify type handling - Update CiphersController to use GetByIdAsync with userId - Modify NormalCipherPermissions to remove unnecessary type casting - Update ICipherService and CipherService method signatures to use CipherDetails - Remove redundant type checking in CipherService methods - Improve type consistency in cipher-related operations * Enhance CiphersControllerTests with detailed permission and feature flag scenarios - Add test methods for DeleteAdmin with edit and manage permission checks - Implement tests for LimitItemDeletion feature flag scenarios - Update test method names to reflect more precise permission conditions - Improve test coverage for admin cipher deletion with granular permission handling * Add comprehensive test coverage for admin cipher restore operations - Implement test methods for PutRestoreAdmin and PutRestoreManyAdmin - Add scenarios for owner and admin roles with LimitItemDeletion feature flag - Cover permission checks for manage and edit permissions - Enhance test coverage for single and bulk cipher restore admin operations - Verify correct invocation of RestoreAsync and RestoreManyAsync methods * Refactor CiphersControllerTests to remove redundant assertions and mocking - Remove unnecessary assertions for null checks - Simplify mocking setup for cipher repository and service methods - Clean up redundant type and data setup in test methods - Improve test method clarity by removing extraneous code * Add comprehensive test coverage for cipher restore, delete, and soft delete operations - Implement test methods for RestoreAsync with org admin override and LimitItemDeletion feature flag - Add scenarios for checking manage and edit permissions during restore operations - Extend test coverage for DeleteAsync with similar permission and feature flag checks - Enhance SoftDeleteAsync tests with org admin override and permission validation - Improve test method names to reflect precise permission conditions * Add comprehensive test coverage for cipher restore, delete, and soft delete operations - Extend test methods for RestoreManyAsync with various permission scenarios - Add test coverage for personal and organization ciphers in restore operations - Implement tests for RestoreManyAsync with LimitItemDeletion feature flag - Add detailed test scenarios for delete and soft delete operations - Improve test method names to reflect precise permission and feature flag conditions * Refactor authorization checks in CiphersController to use All() method for improved readability * Refactor filtering of ciphers in CipherService to streamline organization ability checks and improve readability	9 months ago
Rui Tomé	f04a3d638b	[PM-18235] Add PersonalOwnershipPolicyRequirement (#5439 ) * Add PersonalOwnershipPolicyRequirement for managing personal ownership policy * Add tests for PersonalOwnershipPolicyRequirement * Register PersonalOwnershipPolicyRequirement in policy requirement factory * Update ImportCiphersCommand to check PersonalOwnershipPolicyRequirement if the PolicyRequirements flag is enabled Update unit tests * Update CipherService to support PersonalOwnershipPolicyRequirement with feature flag - Add support for checking personal ownership policy using PolicyRequirementQuery when feature flag is enabled - Update CipherService constructor to inject new dependencies - Add tests for personal vault restrictions with and without feature flag * Clean up redundant "Arrange", "Act", and "Assert" comments in test methods * Refactor PersonalOwnershipPolicyRequirementTests method names for clarity - Improve test method names to better describe their purpose and behavior - Rename methods to follow a more descriptive naming convention - No functional changes to the test logic * Remove commented code explaining policy check * Refactor PersonalOwnership Policy Requirement implementation - Add PersonalOwnershipPolicyRequirementFactory to replace static Create method - Simplify policy requirement creation logic - Update PolicyServiceCollectionExtensions to register new factory - Update ImportCiphersCommand to use correct user ID parameter - Remove redundant PersonalOwnershipPolicyRequirementTests * Remove redundant PersonalOwnershipPolicyRequirementTests * Remove unnecessary tests from PersonalOwnershipPolicyRequirementFactoryTests	9 months ago
Jordan Aasen	21717ec71e	[PM-17733] - [Privilege Escalation] - Unauthorised access allows limited access user to change password of Items (#5452 ) * prevent view-only users from updating passwords * revert change to licensing service * add tests * check if organizationId is there * move logic to private method * move logic to private method * move logic into method * revert change to licensing service * throw exception when cipher key is created by hidden password users * fix tests * don't allow totp or passkeys changes from hidden password users * add tests * revert change to licensing service	9 months ago
Rui Tomé	6510f2a3e8	[PM-18088] Add unit test coverage for admin methods on CiphersController and CipherService (#5460 ) * Add comprehensive test coverage for CipherService restore, delete, and soft delete methods * Add comprehensive admin cipher management tests for CiphersController * Enhance CiphersController admin methods with comprehensive test coverage - Add tests for provider user scenarios in admin cipher management methods - Implement tests for custom user with edit any collection permissions - Add test coverage for RestrictProviderAccess feature flag - Improve test scenarios for delete, soft delete, and restore operations * Refactor CiphersControllerTests to simplify and optimize test methods * Optimize CiphersControllerTests with code cleanup and test method improvements * Extend CiphersControllerTests to support Admin and Owner roles * Add test cases for custom user cipher admin operations with EditAnyCollection permission checks - Extend CiphersControllerTests with scenarios for custom users without EditAnyCollection permission - Add test methods to verify NotFoundException is thrown when EditAnyCollection is false - Cover delete, soft delete, and restore operations for single and bulk cipher admin actions * Enhance CiphersControllerTests with granular access permission scenarios - Add test methods for admin and owner roles with specific cipher access scenarios - Implement tests for accessing specific and unassigned ciphers - Extend test coverage for delete, soft delete, and restore operations - Improve test method naming for clarity and precision * Add bulk admin cipher delete and soft delete tests for specific and unassigned ciphers - Implement test methods for DeleteManyAdmin and PutDeleteManyAdmin - Cover scenarios for owner and admin roles with access to specific and unassigned ciphers - Verify correct invocation of DeleteManyAsync and SoftDeleteManyAsync methods - Enhance test coverage for bulk cipher admin operations	9 months ago
Jimmy Vo	63f1c3cee3	[PM-18086] Add CanRestore and CanDelete authorization methods. (#5407 )	10 months ago
SmithThe4th	46004b9c68	[PM-14381] Add POST /tasks/bulk-create endpoint (#5188 ) * [PM-14378] Introduce GetCipherPermissionsForOrganization query for Dapper CipherRepository * [PM-14378] Introduce GetCipherPermissionsForOrganization method for Entity Framework * [PM-14378] Add integration tests for new repository method * [PM-14378] Introduce IGetCipherPermissionsForUserQuery CQRS query * [PM-14378] Introduce SecurityTaskOperationRequirement * [PM-14378] Introduce SecurityTaskAuthorizationHandler.cs * [PM-14378] Introduce SecurityTaskOrganizationAuthorizationHandler.cs * [PM-14378] Register new authorization handlers * [PM-14378] Formatting * [PM-14378] Add unit tests for GetCipherPermissionsForUserQuery * [PM-15378] Cleanup SecurityTaskAuthorizationHandler and add tests * [PM-14378] Add tests for SecurityTaskOrganizationAuthorizationHandler * [PM-14378] Formatting * [PM-14378] Update date in migration file * [PM-14378] Add missing awaits * Added bulk create request model * Created sproc to create bulk security tasks * Renamed tasks to SecurityTasksInput * Added create many implementation for sqlserver and ef core * removed trailing comma * created ef implementatin for create many and added integration test * Refactored request model * Refactored request model * created create many tasks command interface and class * added security authorization handler work temp * Added the implementation for the create manys tasks command * Added comment * Changed return to return list of created security tasks * Registered command * Completed bulk create action * Added unit tests for the command * removed hard coded table name * Fixed lint issue * Added JsonConverter attribute to allow enum value to be passed as string * Removed makshift security task operations * Fixed references * Removed old migration * Rebased * [PM-14378] Introduce GetCipherPermissionsForOrganization query for Dapper CipherRepository * [PM-14378] Introduce GetCipherPermissionsForOrganization method for Entity Framework * [PM-14378] Add unit tests for GetCipherPermissionsForUserQuery * Completed bulk create action * bumped migration version * Fixed lint issue * Removed complex sql data type in favour of json string * Register IGetTasksForOrganizationQuery * Fixed lint issue * Removed tasks grouping * Fixed linting * Removed unused code * Removed unused code * Aligned with client change * Fixed linting --------- Co-authored-by: Shane Melton <smelton@bitwarden.com>	11 months ago
Graham Walker	99a1dbbe02	PM-16261 move ImportCiphersAsync to the tools team (#5245 ) * PM-16261 move ImportCiphersAsync to the tools team and create services using CQRS design pattern * PM-16261 fix renaming methods and add unit tests for succes and bad request exception * PM-16261 clean up old code from test	11 months ago
Shane Melton	0605590ed2	[PM-14380] Add GET /tasks/organization endpoint (#5149 ) * [PM-14380] Add GetManyByOrganizationIdStatusAsync to SecurityTaskRepository * [PM-14380] Introduce IGetTasksForOrganizationQuery * [PM-14380] Add /tasks/organization endpoint * [PM-14380] Add unit tests * [PM-14380] Formatting * [PM-14380] Bump migration script date * [PM-14380] Bump migration script date	11 months ago
Shane Melton	a99f82dddd	[PM-14378] SecurityTask Authorization Handler (#5039 ) * [PM-14378] Introduce GetCipherPermissionsForOrganization query for Dapper CipherRepository * [PM-14378] Introduce GetCipherPermissionsForOrganization method for Entity Framework * [PM-14378] Add integration tests for new repository method * [PM-14378] Introduce IGetCipherPermissionsForUserQuery CQRS query * [PM-14378] Introduce SecurityTaskOperationRequirement * [PM-14378] Introduce SecurityTaskAuthorizationHandler.cs * [PM-14378] Introduce SecurityTaskOrganizationAuthorizationHandler.cs * [PM-14378] Register new authorization handlers * [PM-14378] Formatting * [PM-14378] Add unit tests for GetCipherPermissionsForUserQuery * [PM-15378] Cleanup SecurityTaskAuthorizationHandler and add tests * [PM-14378] Add tests for SecurityTaskOrganizationAuthorizationHandler * [PM-14378] Formatting * [PM-14378] Update date in migration file * [PM-14378] Add missing awaits * [PM-14378] Bump migration script date * [PM-14378] Remove Unassigned property from OrganizationCipherPermission as it was making the query too complicated * [PM-14378] Update sproc to use Union All to improve query performance * [PM-14378] Bump migration script date	11 months ago
Addison Beck	cd7c4bf6ce	chore: move `Installation` and `Push` to platform's domain folders (#5085 ) * chore: set up a `CODEOWNERS` space for platform * chore: move sql objects for `Installation` to platform's domain * chore: move `Installation` and `PushRelay` code to platform's domain	12 months ago
SmithThe4th	141a046a28	[PM-14377] Add PATCH complete endpoint (#5100 ) * Added CQRS pattern * Added the GetManyByUserIdAsync signature to the repositiory * Added sql sproc Created user defined type to hold status Created migration file * Added ef core query * Added absract and concrete implementation for GetManyByUserIdStatusAsync * Added integration tests * Updated params to status * Implemented new query to utilize repository method * Added controller for the security task endpoint * Fixed lint issues * Added documentation * simplified to require single status modified script to check for users with edit rights * Updated ef core query * Added new assertions * simplified to require single status * fixed formatting * Fixed sql script * Removed default null * Added OperationAuthorizationRequirement for secruity task * Added and registered MarkTaskAsCompletedCommand * Added unit tests for the command * Added complete endpoint * removed false value	1 year ago
Thomas Rittson	6a9b7ece2b	[PM-11360] Remove export permission for providers (#5051 ) - also fix managed collections export from CLI	1 year ago
Thomas Rittson	ffdc40b21c	[AC-2881] Remove Organization.FlexibleCollections from code (#4552 ) * Remove Organization.FlexibleCollections from code * Drop Organization.FlexibleCollections column in EF databases (MSSQL column to be retained for 1 additional deployment to support rollback in cloud)	1 year ago
Thomas Rittson	28d45f91aa	Remove FlexibleCollections feature flag (#4481 )	1 year ago
Vincent Salucci	02b3453cd5	[AC-2646] Remove FC MVP dead code from Core (#4281 ) * chore: remove fc refs in CreateGroup and UpdateGroup commands, refs AC-2646 * chore: remove fc refs and update interface to represent usage/get rid of double enumeration warnings, refs AC-2646 * chore: remove org/provider service fc callers, refs AC-2646 * chore: remove collection service fc callers, refs AC-2646 * chore: remove cipher service import ciphers fc callers, refs AC-2646 * fix: UpdateOrganizationUserCommandTests collections to list, refs AC-2646 * fix: update CreateGroupCommandTests, refs AC-2646 * fix: adjust UpdateGroupCommandTests, refs AC-2646 * fix: adjust UpdateOrganizationUserCommandTests for FC always true, refs AC-2646 * fix: update CollectionServiceTests, refs AC-2646 * fix: remove unnecessary test with fc disabled, refs AC-2646 * fix: update tests to account for AccessAll removal and Manager removal, refs AC-2646 * chore: remove dependence on FC flag for tests, refs AC-2646	1 year ago
Thomas Rittson	ef44def88b	[AC-2810] Remove unused FlexibleCollections feature flag from CollectionCipher Repository (#4284 ) Remove FlexibleCollections feature flag logic for repository methods: * GetManyByUserIdAsync * GetManyByUserIdCipherIdAsync * UpdateCollectionsAsync * UpdateCollectionsForCiphersAsync This feature flag was never turned on and we will update the sprocs directly as required.	1 year ago
Thomas Rittson	4e0a981b43	[AC-2809] Remove unused FlexibleCollections feature flag from Cipher Repository (#4282 ) Remove FlexibleCollections feature flag logic for repository methods: * CiphersController.GetByIdAsync * CipherRepository.DeleteAsync * CipherRepository.MoveAsync * RestoreAsync * SoftDeleteAsync This feature flag was never turned on and we will update the sprocs directly as required.	1 year ago
Conner Turnbull	721d2969d4	[PM-8830] Billing Enums Rename (#4180 ) * Renamed ProductType to ProductTierType * Renamed Product properties to ProductTier * Moved ProductTierType to Bit.Core.Billing.Enums namespace from Bit.Core.Enums * Moved PlanType enum to Bit.Core.Billing.Enums * Moved StaticStore to Bit.Core.Billing.Models.StaticStore namespace * Added ProductType enum * dotnet format	2 years ago
Shane Melton	d965166a37	[AC-2084] Include Collection permissions for admin endpoints (#3793 ) * [AC-2084] Add documentation to existing collection repository getters * [AC-2084] Add new CollectionAdminDetails model * [AC-2084] Add SQL and migration scripts * [AC-2084] Introduce new repository methods to include permission details for collections * [AC-2084] Add EF repository methods and integration tests * [AC-2084] Update CollectionsController and response models * [AC-2084] Fix failing SqlServer test * [AC-2084] Clean up admin endpoint response models - vNext endpoints should now always return CollectionDetailsResponse models - Update constructors in CollectionDetailsResponseModel to be more explicit and add named static constructors for additional clarity * [AC-2084] Fix failing tests * [AC-2084] Fix potential provider/member bug * [AC-2084] Fix broken collections controller * [AC-2084] Cleanup collection response model types and constructors * [AC-2084] Remove redundant authorization check * [AC-2084] Cleanup ambiguous model name * [AC-2084] Add GroupBy clause to sprocs * [AC-2084] Add GroupBy logic to EF repository * [AC-2084] Update collection repository tests * [AC-2084] Update migration script date * Update migration script date --------- Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> Co-authored-by: kejaeger <138028972+kejaeger@users.noreply.github.com>	2 years ago
Matt Bishop	ae1fdb0992	[PM-5052] Upgrade to .NET 8 (#3461 ) * Upgrade to .NET 8 * Linting * Clean up old JSON deserialization code * More .NET 8-oriented linting * Light feedback * Get rid of old test we don't know the root issue for * Fix a new test * Remove now-unnecessary Renovate constraint * Use Any() * Somehow a 6.0 tooling config we don't need snuck back in * Space out properties that always change per release * Bump a few core packages since the last update	2 years ago
Thomas Rittson	96f9fbb951	[AC-2027] Update Flexible Collections logic to use organization property (#3644 ) * Update optionality to use org.FlexibleCollections Also break old feature flag key to ensure it's never enabled * Add logic to set defaults for collection management setting * Update optionality logic to use org property * Add comments * Add helper method for getting individual orgAbility * Fix validate user update permissions interface * Fix tests * dotnet format * Fix more tests * Simplify self-hosted update logic * Fix mapping * Use new getOrganizationAbility method * Refactor invite and save orgUser methods Pass in whole organization object instead of using OrganizationAbility * fix CipherService tests * dotnet format * Remove manager check to simplify this set of changes * Misc cleanup before review * Fix undefined variable * Refactor bulk-access endpoint to avoid early repo call * Restore manager check * Add tests for UpdateOrganizationLicenseCommand * Add nullable regions * Delete unused dependency * dotnet format * Fix test	2 years ago
Thomas Rittson	dbf8907bfc	[AC-1330] [AC-1816] Deprecate AccessAll in CollectionCipher sprocs (#3480 )	2 years ago
Rui Tomé	f46ea0bf3b	[AC-1872] Manage permission on importing data is placed behind FC feature flag (#3496 ) Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>	2 years ago
Thomas Rittson	9021236d61	AC Team code ownership moves: Organization pt. 1 (#3472 ) * move Organization.cs files to AC Team code ownership	2 years ago
Thomas Rittson	12667dbb3f	[AC-1330] [AC-1815] [Server] Deprecate access control indicator - UserCipherDetails (#3372 ) * Create UserCipherDetails_v2 and update logic to remove AccessAll * Create v2 variants of all sprocs that rely on it * Add feature flag logic to call old or new sproc * Make equivalent changes to EF queries	2 years ago
Rui Tomé	e2d644f136	[AC-1116] Assign new imported collections to the importing user with Manage permission (#3424 ) * [AC-1116] Assigning imported collections to the importing user with Manage permission * [AC-1116] Added unit tests	2 years ago
Thomas Rittson	da4a86c643	[AC-1373] Flexible Collections (#3245 ) * [AC-1117] Add manage permission (#3126) * Update sql files to add Manage permission * Add migration script * Rename collection manage migration file to remove duplicate migration date * Migrations * Add manage to models * Add manage to repository * Add constraint to Manage columns * Migration lint fixes * Add manage to OrganizationUserUserDetails_ReadWithCollectionsById * Add missing manage fields * Add 'Manage' to UserCollectionDetails * Use CREATE OR ALTER where possible * [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145) * feat: update org table with new column, write migration, refs AC-1374 * feat: update views with new column, refs AC-1374 * feat: Alter sprocs (org create/update) to include new column, refs AC-1374 * feat: update entity/data/request/response models to handle new column, refs AC-1374 * feat: update necessary Provider related views during migration, refs AC-1374 * fix: update org create to default new column to false, refs AC-1374 * feat: added new API/request model for collection management and removed property from update request model, refs AC-1374 * fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374 * fix: dotnet format, refs AC-1374 * feat: add ef migrations to reflect mssql changes, refs AC-1374 * fix: dotnet format, refs AC-1374 * feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374 * fix: merge conflict resolution * [AC-1174] CollectionUser and CollectionGroup authorization handlers (#3194) * [AC-1174] Introduce BulkAuthorizationHandler.cs * [AC-1174] Introduce CollectionUserAuthorizationHandler * [AC-1174] Add CreateForNewCollection CollectionUser requirement * [AC-1174] Add some more details to CollectionCustomization * [AC-1174] Formatting * [AC-1174] Add CollectionGroupOperation.cs * [AC-1174] Introduce CollectionGroupAuthorizationHandler.cs * [AC-1174] Cleanup CollectionFixture customization Implement and use re-usable extension method to support seeded Guids * [AC-1174] Introduce WithValueFromList AutoFixtureExtensions Modify CollectionCustomization to use multiple organization Ids for auto generated test data * [AC-1174] Simplify CollectionUserAuthorizationHandler.cs Modify the authorization handler to only perform authorization logic. Validation logic will need to be handled by any calling commands/controllers instead. * [AC-1174] Introduce shared CollectionAccessAuthorizationHandlerBase A shared base authorization handler was created for both CollectionUser and CollectionGroup resources, as they share the same underlying management authorization logic. * [AC-1174] Update CollectionUserAuthorizationHandler and CollectionGroupAuthorizationHandler to use the new CollectionAccessAuthorizationHandlerBase class * [AC-1174] Formatting * [AC-1174] Cleanup typo and redundant ToList() call * [AC-1174] Add check for provider users * [AC-1174] Reduce nested loops * [AC-1174] Introduce ICollectionAccess.cs * [AC-1174] Remove individual CollectionGroup and CollectionUser auth handlers and use base class instead * [AC-1174] Tweak unit test to fail minimally * [AC-1174] Reorganize authorization handlers in Core project * [AC-1174] Introduce new AddCoreAuthorizationHandlers() extension method * [AC-1174] Move CollectionAccessAuthorizationHandler into Api project * [AC-1174] Move CollectionFixture to Vault folder * [AC-1174] Rename operation to CreateUpdateDelete * [AC-1174] Require single organization for collection access authorization handler - Add requirement that all target collections must belong to the same organization - Simplify logic related to multiple organizations - Update tests and helpers - Use ToHashSet to improve lookup time * [AC-1174] Fix null reference exception * [AC-1174] Throw bad request exception when collections belong to different organizations * [AC-1174] Switch to CollectionAuthorizationHandler instead of CollectionAccessAuthorizationHandler to reduce complexity * Fix improper merge conflict resolution * fix: add permission check for collection management api, refs AC-1647 (#3252) * [AC-1125] Enforce org setting for creating/deleting collections (#3241) * [AC-1117] Add manage permission (#3126) * Update sql files to add Manage permission * Add migration script * Rename collection manage migration file to remove duplicate migration date * Migrations * Add manage to models * Add manage to repository * Add constraint to Manage columns * Migration lint fixes * Add manage to OrganizationUserUserDetails_ReadWithCollectionsById * Add missing manage fields * Add 'Manage' to UserCollectionDetails * Use CREATE OR ALTER where possible * [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145) * feat: update org table with new column, write migration, refs AC-1374 * feat: update views with new column, refs AC-1374 * feat: Alter sprocs (org create/update) to include new column, refs AC-1374 * feat: update entity/data/request/response models to handle new column, refs AC-1374 * feat: update necessary Provider related views during migration, refs AC-1374 * fix: update org create to default new column to false, refs AC-1374 * feat: added new API/request model for collection management and removed property from update request model, refs AC-1374 * fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374 * fix: dotnet format, refs AC-1374 * feat: add ef migrations to reflect mssql changes, refs AC-1374 * fix: dotnet format, refs AC-1374 * feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374 * feat: created collection auth handler/operations, added LimitCollectionCdOwnerAdmin to CurrentContentOrganization, refs AC-1125 * feat: create vault service collection extensions and register with base services, refs AC-1125 * feat: deprecated CurrentContext.CreateNewCollections, refs AC-1125 * feat: deprecate DeleteAnyCollection for single resource usages, refs AC-1125 * feat: move service registration to api, update references, refs AC-1125 * feat: add bulk delete authorization handler, refs AC-1125 * feat: always assign user and give manage access on create, refs AC-1125 * fix: updated CurrentContextOrganization type, refs AC-1125 * feat: combined existing collection authorization handlers/operations, refs AC-1125 * fix: OrganizationServiceTests -> CurrentContentOrganization typo, refs AC-1125 * fix: format, refs AC-1125 * fix: update collection controller tests, refs AC-1125 * fix: dotnet format, refs AC-1125 * feat: removed extra BulkAuthorizationHandler, refs AC-1125 * fix: dotnet format, refs AC-1125 * fix: change string to guid for org id, update bulk delete request model, refs AC-1125 * fix: remove delete many collection check, refs AC-1125 * fix: clean up collection auth handler, refs AC-1125 * fix: format fix for CollectionOperations, refs AC-1125 * fix: removed unnecessary owner check, add org null check to custom permission validation, refs AC-1125 * fix: remove unused methods in CurrentContext, refs AC-1125 * fix: removed obsolete test, fixed failling delete many test, refs AC-1125 * fix: CollectionAuthorizationHandlerTests fixes, refs AC-1125 * fix: OrganizationServiceTests fix broken test by mocking GetOrganization, refs AC-1125 * fix: CollectionAuthorizationHandler - remove unused repository, refs AC-1125 * feat: moved UserId null check to common method, refs AC-1125 * fix: updated auth handler tests to remove dependency on requirement for common code checks, refs AC-1125 * feat: updated conditionals/comments for create/delete methods within colleciton auth handler, refs AC-1125 * feat: added create/delete collection auth handler success methods, refs AC-1125 * fix: new up permissions to prevent excessive null checks, refs AC-1125 * fix: remove old reference to CreateNewCollections, refs AC-1125 * fix: typo within ViewAssignedCollections method, refs AC-1125 --------- Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com> * refactor: remove organizationId from CollectionBulkDeleteRequestModel, refs AC-1649 (#3282) * [AC-1174] Bulk Collection Management (#3229) * [AC-1174] Update SelectionReadOnlyRequestModel to use Guid for Id property * [AC-1174] Introduce initial bulk-access collection endpoint * [AC-1174] Introduce BulkAddCollectionAccessCommand and validation logic/tests * [AC-1174] Add CreateOrUpdateAccessMany method to CollectionRepository * [AC-1174] Add event logs for bulk add collection access command * [AC-1174] Add User_BumpAccountRevisionDateByCollectionIds and database migration script * [AC-1174] Implement EF repository method * [AC-1174] Improve null checks * [AC-1174] Remove unnecessary BulkCollectionAccessRequestModel helpers * [AC-1174] Add unit tests for new controller endpoint * [AC-1174] Fix formatting * [AC-1174] Remove comment * [AC-1174] Remove redundant organizationId parameter * [AC-1174] Ensure user and group Ids are distinct * [AC-1174] Cleanup tests based on PR feedback * [AC-1174] Formatting * [AC-1174] Update CollectionGroup alias in the sproc * [AC-1174] Add some additional comments to SQL sproc * [AC-1174] Add comment explaining additional SaveChangesAsync call --------- Co-authored-by: Thomas Rittson <trittson@bitwarden.com> * [AC-1646] Rename LimitCollectionCdOwnerAdmin column (#3300) * Rename LimitCollectionCdOwnerAdmin -> LimitCollectionCreationDeletion * Rename and bump migration script * [AC-1666] Removed EditAnyCollection from Create/Delete permission checks (#3301) * fix: remove EditAnyCollection from Create/Delete permission check, refs AC-1666 * fix: updated comment, refs AC-1666 * [AC-1669] Bug - Remove obsolete assignUserId from CollectionService.SaveAsync(...) (#3312) * fix: remove AssignUserId from CollectionService.SaveAsync, refs AC-1669 * fix: add manage access conditional before creating collection, refs AC-1669 * fix: move access logic for create/update, fix all tests, refs AC-1669 * fix: add CollectionAccessSelection fixture, update tests, update bad reqeuest message, refs AC-1669 * fix: format, refs AC-1669 * fix: update null params with specific arg.is null checks, refs Ac-1669 * fix: update attribute class name, refs AC-1669 * [AC-1713] [Flexible collections] Add feature flags to server (#3334) * Add feature flags for FlexibleCollections and BulkCollectionAccess * Flag new routes and behaviour --------- Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com> * Add joint codeownership for auth handlers (#3346) * [AC-1717] Update default values for LimitCollectionCreationDeletion (#3365) * Change default value in organization create sproc to 1 * Drop old column name still present in some QA instances * Set LimitCollectionCreationDeletion value in code based on feature flag * Fix: add missing namespace after merging in master * Fix: add missing namespace after merging in master * [AC-1683] Fix DB migrations for new Manage permission (#3307) * [AC-1683] Update migration script and introduce V2 procedures and types * [AC-1683] Update repository calls to use new V2 procedures / types * [AC-1684] Update bulk add collection migration script to use new V2 type * [AC-1683] Undo Manage changes to more original procedures * [AC-1683] Restore whitespace changes * [AC-1683] Clarify comments regarding explicit column lists * [AC-1683] Update migration script dates * [AC-1683] Split the migration script for readability * [AC-1683] Re-name SelectReadOnlyArray_V2 to CollectionAccessSelectionType * [AC-1648] [Flexible Collections] Bump migration scripts before feature branch merge (#3371) * Bump dates on sql migration scripts * Bump date on ef migrations --------- Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com> Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com> Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com> Co-authored-by: Shane Melton <smelton@bitwarden.com> Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>	2 years ago
Rui Tomé	d94a54516e	[AC-1344] Provider users unable to bulk restore vault items for client organizations (#2871 ) * [AC-1344] Added method PutRestoreManyAdmin to CiphersController and refactored PutRestoreMany * [AC-1344] Fixed unit test * [AC-1344] Removed comment * [AC-1344] Fixed sql.csproj * [AC-1344] Added check for empty or null array; added more unit tests	2 years ago
Federico Maccaroni	10782d55f3	[PM-2682] Fix v0 attachments migration on share cipher with org (#3051 ) * PM-2682 Fix v0 attachments migration on share cipher with org * PM-2682 Fix format * PM-2682 Fix tests recursion * Update src/Core/Vault/Models/Data/CipherAttachment.cs Co-authored-by: Matt Gibson <mgibson@bitwarden.com> --------- Co-authored-by: Matt Gibson <mgibson@bitwarden.com>	2 years ago
Robyn MacCallum	3289a8c35e	[SG-998] Move files to Vault folders (#2724 ) * Move Api files * Move Core files * Move Infrastructure files * Move Sql Files * Move Api Sync files to Vault * Move test vault files * Update Sql.sqlproj paths * Update Codeowners * Fix vault file paths in sqlproj * Update CipherDetails.sql path in sqlproj * Update Core models and entities namespaces * Update namespaces Core Services and Repositories * Missed service namespaces * Update Api namespaces * Update Infrastructure namespaces * Move infrastructure queries that were missed * Tests namespace updates * Admin and Events namespace updates * Remove unused usings * Remove extra CiphersController usings * Rename folder * Fix CipherDetails namespace * Sqlproj fixes * Move stored procs into folders by table * using order fix	3 years ago

32 Commits (add-2017-to-db-test-script)