* implementation plan
* feedback updates
* revert updates
* implementation plan
* feedback updates
* revert updates
* implement plan
* Revert "Merge branch '2fa-account-recovery' of github.com:bitwarden/server into 2fa-account-recovery"
This reverts commit 3be2d140f1, reversing
changes made to 9fb8d3891c.
* PR feedback
* revert claude local settings
* lint fixes
* fix test models
* move new commands to v2 namespace.
* format
* fix swagger stuff
* update feature flag name
Make tax-related subscription updates schedule-aware during the ~15-day
window between invoice.upcoming and renewal. When a subscription schedule
is present and the feature flag is enabled, update default_settings.automatic_tax
on the schedule instead of the subscription directly.
Modified paths:
- UpcomingInvoiceHandler: AlignOrganizationTaxConcernsAsync,
AlignPremiumUsersTaxConcernsAsync, new shared EnableAutomaticTaxAsync helper
- UpdateBillingAddressCommand: EnableAutomaticTaxAsync, added IFeatureService
UpdateTaxInformation has no callers in src/. Remove from ISubscriberService,
SubscriberService, and associated tests. Also removes the now-unused
ITaxService constructor parameter from SubscriberService.
feat: add `MasterPasswordSalt` to unlock and authentication flow
- Add optional `MasterPasswordSalt`:
- `MasterPasswordUnlockAndAuthenticationData`
- `RegisterFinishRequestModel`
- `UserDecryptionOptionsBuilder`
- Add test coverage for explicit checks where appropriate in the above model updates
* fix(billing): replace per-change IsStructural with changeset-level ChargeImmediately flag
* fix(billing): set seat quantity when upgrading from non-seat-based to seat-based plan
* Send better error message when token is expired
* Add comment indicating frontend usage
* Add testcase for Invalid Token scenario
* Update comment in test-case
* Fix merge issue
* Fix method name
* Consolidate token validation error calculation, apply to new area
* Move away from magic strings, fix tests
* Adjust class name
* Clean up old method name references
* Change errors to fields for singleton behavior
* Formatting
* Implement the portal session url
* Remove comment
* formatting issues have been resolved
* Allow deep linking url
* remove thr return url request
* Resolve review comments around comments
* Fix the failing test after removing _globalSettings
* Fix the failing unit test
* changes for the premium push notification
* Fix the lint build
* implement the hub-helper
* Resolve the pr comments
* fix the lint error
* move PremiumStatusPushNotification to billing
* secure SSRP protection for internal requests
* remove nullable enable
* explicitly handle redirect requests for SSRF
* track current uri in SsrfProtectionHandler. add followRedirects option in AddSsrfProtection
* preserve request method for 301 and 302 requests
This was being used to combine policies before sending them
to the client. Instead, the server just send the policies and
the client should process/combine them. Revert this to save
unnecessary QA (etc) and we will refactor this away in the
future.
* Add more efficient sproc to retrieve PolicyDetails
for a single user. This closely matches the existing sproc
used by PolicyService and should be performant enough
to be used in the login flow
* Maintain feature flag for this critical path
* check permissions when uploading attachment for self hosted users to remove possibility of overwriting an existing attachment.
* expose `ValidateCipherEditForAttachmentAsync`
* add additional logic to support admin users
* add unit tests for new edit checks
* feat(emergency-access): [PM-29585] Prevent New EA Invitations or Acceptance - Initial implementation
* fix(emergency-access): [PM-29585] Prevent New EA Invitations or Acceptance - Changes in a good place. Need to write tests.
* test(emergency-access): [PM-29585] Prevent New EA Invitations or Acceptance - Service tests have been added.
* fix(emergency-access): [PM-29585] Prevent New EA Invitations or Acceptance - Fixed comment.
* create short-lived signed attachment URL for self-hosted instances
* move local attachment logic to service
* remove comment
* remove unusued var. add happy-path test for file download
* chore: add CLAUDE.local.md and .worktrees to gitignore
* feat(billing): add Stripe interval and payment behavior constants and feature flag
* feat(billing): add OrganizationSubscriptionChangeSet model and unit tests
* refactor(billing): rename UpdateOrganizationSubscriptionCommand to BulkUpdateOrganizationSubscriptionsCommand
* feat(billing): add UpdateOrganizationSubscriptionCommand with tests
* feat(billing): use UpdateOrganizationSubscriptionCommand in BulkUpdateOrganizationSubscriptions behind feature flag
* feat(billing): use UpdateOrganizationSubscriptionCommand in SetUpSponsorshipCommand behind feature flag
* feat(billing): add UpgradeOrganizationPlanVNextCommand with tests and feature flag gate
* feat(billing): use UpdateOrganizationSubscriptionCommand in OrganizationService.AdjustSeatsAsync behind feature flag
* feat(billing): use UpdateOrganizationSubscriptionCommand in UpdateSecretsManagerSubscriptionCommand behind feature flag
* feat(billing): use UpdateOrganizationSubscriptionCommand in BillingHelpers.AdjustStorageAsync behind feature flag
* chore: run dotnet format
* fix(billing): missed optional owner in OrganizationBillingService.Finalize after merge
* refactor(billing): address PR feedback on UpdateOrganizationSubscription
* refactor(billing): change billing address request type
* feat(billing): add tax id support for international business plans
* feat(billing): add billing address tax id handling
* test: add tests for tax id handling during upgrade
* fix(billing): run dotnet format
* fix(billing): remove extra line
* fix(billing): modify return type of HandleAsync
* test(billing): update tests to reflect updated command signature
* fix(billing): run dotnet format
* tests(billing): fix tests
* test(billing): format
* Added new methods and ff for single org req
* Changed req messages and added new method for creating orgs
* Updated Requirement and Tests.
* Updated commands and requirement to take a list of org users
* Updated xml docs and renamed to be consistent
* Changes from Code Review
* Removed feature flag check for policy requirements around single org. Aligned error message with what other commands were returning.
* Fixed test names. Updated error messages to be specific for each caller.
* Updated tests to clean up details consturction
* Added test for confirmed accepted user in another org.
* fixed tests to use new factory
* Update test/Core.Test/AdminConsole/OrganizationFeatures/OrganizationUsers/RestoreUser/RestoreOrganizationUserCommandTests.cs
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
* Fixed tests by adding no op for req.
---------
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
Nick Krantz
sven-bitwarden
Stephon Brown
Alex Morask
Jimmy Vo
Kyle Spearrin
Conner Turnbull
Derek Nance
Jared McCannon
Rui Tomé
Ike
Patrick-Pimentel-Bitwarden
Thomas Avery
cyprain-okeke
Shane Melton
Jordan Aasen
Kyle Denney
Thomas Rittson
Jared Snider
John Harrington
cd-bitwarden
Jared
Bernd Schoolmann
Brandon Treston