server

Commit Graph

Author	SHA1	Message	Date
Rui Tomé	e09e63569c	[PM-33086] Remove the feature flag RefactorOrgAcceptInit (#7287 )	5 days ago
Thomas Rittson	cafe4ffce8	[PM-34049] Fix PoliciesController authorize attribute (#7303 ) GetMasterPasswordPolicy incorrectly used the MemberRequirement authz requirement. However, this endpoint needs to support users who are in the invited state, and that only authorizes users who are confirmed. Recreate previous logic inside a new attribute.	6 days ago
Rui Tomé	7c05036c01	[PM-19143] Fix custom permissions not persisting via InviteOrganizationUsersCommand (#7285 )	1 week ago
Rui Tomé	454a6dbc81	[PM-19143] Refactor public API MembersController POST to use CommandResult pattern (#7182 ) * Add CommandResultRefactor constant to FeatureFlagKeys in Constants.cs * Add method to convert MemberCreateRequestModel to InviteOrganizationUsersRequest - Introduced ToInviteRequest method for transforming MemberCreateRequestModel into InviteOrganizationUsersRequest. - Enhanced model with additional using directives for improved functionality. * Update GetInviterEmailAsync method to include a check for Guid.Empty to prevent unnecessary DB lookups * Feature flag MembersController POST to use InviteOrganizationUsersCommand Add a new code path behind the CommandResultRefactor feature flag that replaces the legacy InviteUserAsync call with the InviteOrganizationUsersCommand. Integration tests verify both paths produce identical results. * Refactor feature flag for member invites from CommandResultRefactor to PublicMembersInviteRefactor in MembersController and update related tests.	3 weeks ago
Rui Tomé	c97ccc1610	[PM-28795] Refactor organization accept-init flow with atomic database operations and upfront validation (#6831 ) * Add integration tests for AcceptInit endpoint in OrganizationUsersController * Add new feature flag for organization acceptance initialization refactor * Add InitPendingOrganizationVNextAsync for consolidated organization initialization Introduces a new method that consolidates organization initialization, user confirmation, email verification, and collection creation into a single operation with upfront validation. Key improvements: - All validation performed before any state changes - Returns typed errors via CommandResult instead of throwing exceptions - Reduces three separate command calls into one unified flow - Maintains backward compatibility via feature flag The existing InitPendingOrganizationAsync is marked obsolete and will be removed after feature flag rollout completes. * Add unit tests for InitPendingOrganizationVNextAsync method Introduces comprehensive unit tests for the InitPendingOrganizationVNextAsync method, covering various scenarios including valid data initialization, error handling for invalid tokens, organization status checks, and user confirmation requirements. Key additions: - Tests for successful organization initialization and user confirmation. - Error handling tests for invalid tokens, already enabled organizations, and mismatched organization IDs. - Validation for existing keys and email mismatches. - Support for creating default collections during initialization. These tests enhance the reliability and robustness of the organization initialization process. * Refactor AcceptInit method to support feature flag for organization initialization Updated the AcceptInit method in OrganizationUsersController to return an IResult type and handle organization initialization based on a feature flag. If the feature is enabled, it utilizes the new InitPendingOrganizationVNextAsync method for atomic organization setup and user confirmation. Integration tests were added to verify the behavior under both feature flag states, ensuring proper initialization and error handling. * Enhance InitPendingOrganizationCommand with policy validation and feature flag support Updated the ValidatePoliciesAsync method to enforce the Automatic User Confirmation Policy when the feature flag is enabled. Added new unit tests to cover scenarios for automatic user confirmation and single organization policy violations, ensuring comprehensive validation during organization initialization. This improves error handling and maintains compliance with organizational policies. * Add InitializePendingOrganizationAsync method for atomic organization initialization Implemented the InitializePendingOrganizationAsync method in both Dapper and Entity Framework repositories to streamline the initialization of pending organizations. This method enables the organization, confirms the first owner, updates user details, and optionally creates a default collection, all within a single atomic transaction. Enhanced error handling ensures robustness during the initialization process. * Add unit tests for InitializePendingOrganizationAsync method Introduced several unit tests for the InitializePendingOrganizationAsync method, covering scenarios such as successful organization initialization with and without collections, exception handling for invalid organization IDs, and rollback behavior on errors. These tests enhance the reliability of the organization initialization process and ensure proper handling of various edge cases. * Refactor InitPendingOrganizationCommand to use consolidated InitializePendingOrganizationAsync method Replaced multiple asynchronous calls for organization initialization with a single call to the new InitializePendingOrganizationAsync method. This change streamlines the process by encapsulating organization setup, user confirmation, and collection creation into one atomic operation, enhancing maintainability and reducing complexity in the command logic. * Enhance InitPendingOrganizationCommandTests with new test cases and refactor existing ones Added a new test case for InitPendingOrganizationVNextAsync to validate organization initialization with a collection name. Refactored existing tests to improve clarity and maintainability, including the removal of redundant assertions and the consolidation of organization setup logic. This update strengthens the test coverage for the organization initialization process and ensures proper handling of various scenarios. * Refactor IOrganizationRepository and OrganizationRepository to remove nullable collectionName parameter Updated the IOrganizationRepository and OrganizationRepository interfaces to change the collectionName parameter from nullable to non-nullable. This change enforces stricter parameter requirements and improves data integrity during organization initialization processes. * Improve error handling in OrganizationRepository by logging exceptions during transaction rollback Updated the OrganizationRepository in both Dapper and Entity Framework implementations to log detailed error messages when exceptions occur during the initialization of pending organizations. This enhancement improves traceability and debugging capabilities by providing context on failures, ensuring better maintainability of the organization initialization process. * Refactor OrganizationRepository to consolidate SaveChangesAsync calls Updated the OrganizationRepository to reduce multiple SaveChangesAsync calls into a single call at the end of the transaction. This change enhances performance and ensures that all changes are committed atomically, improving the overall maintainability of the organization initialization process. * refactor: Introduce InitPendingOrganizationRequest model and update InitPendingOrganizationVNextAsync method - Created InitPendingOrganizationRequest to encapsulate parameters for initializing a pending organization. - Refactored InitPendingOrganizationVNextAsync method to accept the new request model instead of multiple parameters. - Updated OrganizationUsersController to use the new request model for improved readability and maintainability. - Adjusted related tests to accommodate the new request structure. * Create database update action delegate for organization initialization. * Add BuildVerifyUserEmailAction method to IUserRepository and implementations in UserRepository classes - Introduced a new method in IUserRepository to create an action for verifying user emails. - Implemented the method in both Dapper and Entity Framework UserRepository classes to update the email verification status of users. - Ensured that the method checks if the user's email is already verified before updating. * Add BuildCreateDefaultCollectionAction method to ICollectionRepository and implementations in CollectionRepository classes - Introduced a new method in ICollectionRepository to build an action for creating a default collection with user access. - Implemented the method in both Dapper and Entity Framework CollectionRepository classes to handle collection creation and user access assignments. - Enhanced the functionality to support transaction execution for database operations. * Add BuildConfirmOrganizationUserAction method to IOrganizationUserRepository and implementations in OrganizationUserRepository classes - Introduced a new method in IOrganizationUserRepository to build an action for confirming an organization user. - Implemented the method in both Dapper and Entity Framework OrganizationUserRepository classes to handle user confirmation and status updates. - Enhanced the functionality to support transaction execution for database operations. * Refactor organization initialization methods in IOrganizationRepository and implementations - Introduced BuildUpdateOrganizationAction method to create an action for updating organization properties during initialization. - Replaced the InitializePendingOrganizationAsync method with ExecuteOrganizationInitializationUpdatesAsync to handle multiple update actions in a single transaction. - Updated Dapper and Entity Framework implementations to support the new action-based approach for organization initialization, enhancing transaction management and code clarity. * Add integration tests for ExecuteOrganizationInitializationUpdatesAsync * Refactor InitPendingOrganizationCommand to streamline organization initialization process - Introduced methods for preparing organization and organization user for initialization. - Replaced direct calls to repository methods with a new action-based approach for executing multiple database updates in a single transaction. - Enhanced test cases to validate the new initialization logic and ensure proper handling of organization states. * Refactor organization user acceptance tests to utilize feature flags - Converted existing tests to use [Theory] with [InlineData] for feature flag variations. - Updated assertions to reflect expected status codes based on feature flag state. - Enhanced user confirmation checks to ensure proper linking and email verification after acceptance. - Improved test coverage for organization initialization scenarios with and without collections. * Refactor BuildVerifyUserEmailAction to accept User entity instead of user ID - Updated IUserRepository and its implementations to change the parameter of BuildVerifyUserEmailAction from Guid userId to User user. - Modified related repository methods in Dapper and Entity Framework to utilize the User entity for email verification. - Adjusted tests to reflect the new method signature, ensuring proper functionality and integration with the updated user verification process. * Revert "Refactor BuildVerifyUserEmailAction to accept User entity instead of user ID" This reverts commit `71047bee2a`. * Enhance InitPendingOrganizationCommand for null safety and error handling - Removed nullable disable directive to enable null safety checks. - Added a null check for the organization retrieval, throwing a BadRequestException if not found. - Updated validation methods to return nullable Error types, improving error handling in the organization initialization process. * Add remarks to IInitPendingOrganizationCommand for clarity on organization initialization - Enhanced the documentation for the InitPendingOrganizationCommand interface by adding remarks to clarify the role of the user initializing the organization. - Explained the default state assumptions during validation, emphasizing that no policies are enforced at this stage. * Implement InitPendingOrganizationValidator for improved organization initialization validation - Introduced IInitPendingOrganizationValidator interface and its implementation to encapsulate validation logic for organization initialization. - Refactored InitPendingOrganizationCommand to utilize the new validator for token validation, user email matching, organization state checks, and policy enforcement. - Enhanced dependency injection in OrganizationServiceCollectionExtensions to include the new validator. - Added comprehensive unit tests for the validator to ensure robust validation logic and error handling. * Update documentation in IInitPendingOrganizationCommand to clarify organization initialization process - Revised the summary comment to specify that the method initializes a pending organization created via the Bitwarden Portal on behalf of a Reseller. - Added a reference to the ResellerClientOrganizationSignUpCommand for better context. - Emphasized the confirmation of the first owner during the initialization process. * Update InitPendingOrganizationRequest to allow optional collection name - Modified the CollectionName property to be nullable, allowing for no collection to be created if the value is null or empty. - Enhanced documentation to clarify the optional nature of the CollectionName parameter. * Fix nullability issue in InitPendingOrganizationCommand by enforcing non-null collection name assignment * Refactor organization key handling in InitPendingOrganization features. Updated OrganizationUsersController to use new key pair data structure. Adjusted InitPendingOrganizationCommand and InitPendingOrganizationRequest to reflect changes in key management. * Update organization key handling to use the name EncryptedOrganizationSymmetricKey. Refactor OrganizationUsersController, InitPendingOrganizationCommand, and InitPendingOrganizationRequest for consistency in key management. * Refactor InitPendingOrganizationCommand to utilize TimeProvider for date handling. Updated methods to replace direct DateTime calls with _timeProvider.GetUtcNow(). * Refactor InitPendingOrganization validation methods to rename ValidateBusinessRulesAsync to ValidateFreeOrganizationLimitAsync for clarity and consistency. Updated related command and test files accordingly. * Refactor InitPendingOrganizationCommand and related classes to streamline validation logic. Introduced InitPendingOrganizationValidationRequest for enriched validation context and updated methods to improve clarity and consistency in error handling. Adjusted tests to reflect changes in validation flow. * Remove unused dependencies from InitPendingOrganizationCommand * Refactor InitPendingOrganizationCommand to streamline organization initialization process. Replaced multiple update actions with a single atomic operation for organization and owner confirmation. Updated related repository interfaces and methods for improved clarity and consistency in transaction handling. * Remove commented-out regions and clean up whitespace in InitPendingOrganizationCommandTests for improved readability. * Remove unnecessary null check for organization in InitPendingOrganizationCommand * Revert "Remove unnecessary null check for organization in InitPendingOrganizationCommand" This reverts commit `1ad7148fc9`. * Refactor organization initialization actions to use DbConnection and DbTransaction instead of SqlConnection and SqlTransaction. Update related interfaces and implementations across repositories for improved database transaction handling. * Refactor organization and organization user update logic to use null checks for entity existence. Throw exceptions for not found entities to improve error handling during initialization. * Update InitPendingOrganizationCommandTests to use SendConfirmationAsync for email notifications and added missing using directive for OrganizationConfirmation. * Remove unnecessary blank lines from CollectionRepository and UserRepository classes for improved code readability. * Remove redundant test cases from OrganizationUsersControllerAcceptInitTests * Enhance InitPendingOrganizationCommandTests to validate organization and user properties in repository interactions * Update RefactorOrgAcceptInit feature flag key to new identifier pm-33082-refactor-org-accept-init	4 weeks ago
Rui Tomé	9eccb0001d	[PM-30327] Fix SingleOrg policy not revoking non-compliant users (#7001 )	1 month ago
Jared McCannon	c1ee27f42c	Fixes concurrency issue with auto confirm test (#6964 )	2 months ago
Mick Letofsky	4eb9c4cf3c	Enhance seeder with additional cipher types and architectural refactorings (#6935 )	2 months ago
Mick Letofsky	5941e830d2	Refactor to correctly implement statics and remove hardcoded organization keys (#6924 )	2 months ago
Thomas Rittson	80eec2df85	[PM-23768] Public API - add restore and revoke member endpoint (#6859 ) * Add restore and revoke to public api * Follow naming conventions * Use POST instead of PUT * hello claude * Update test names * Actually fix test names * Add JsonConstructor attr * Fix test	2 months ago
Rui Tomé	c8124667ee	[PM-28842] Add validation to prevent excessive master password policy values (#6807 ) * Enhance MasterPasswordPolicyData with validation attributes Added data annotations for MinComplexity and MinLength properties to enforce validation rules. MinComplexity must be between 0 and 4, and MinLength must be between 12 and 128. * Implement model validation in PolicyDataValidator and enhance error handling Added a ValidateModel method to enforce validation rules for policy data. Updated error messages to provide clearer feedback on validation failures. Enhanced unit tests to cover new validation scenarios for MinLength and MinComplexity properties. * Update PoliciesControllerTests to reflect new validation rules for MinComplexity and MinLength Modified test cases to use updated values for MinComplexity (4) and MinLength (128). Added new tests to verify that excessive values for these properties return BadRequest responses. Ensured consistency across integration tests for both Admin and Public controllers. * Enhance MasterPasswordPolicyData with XML documentation for properties Added XML documentation comments for MinComplexity and MinLength properties to clarify their purpose and constraints. This improves code readability and provides better context for developers using the model. * Add unit tests for PolicyDataValidator to validate minLength and minComplexity rules Implemented new test cases to verify the behavior of the ValidateAndSerialize method in PolicyDataValidator. Tests cover scenarios for minimum and maximum values, as well as edge cases for invalid inputs, ensuring robust validation for MasterPassword policy data.	2 months ago
Jared McCannon	07b0721616	Removed old implementation and feature flag checks for bulk revoke. (#6827 )	3 months ago
Rui Tomé	1b17d99bfd	[PM-29555] Add self-revoke endpoint for declining organization data ownership policy (#6739 ) * Add OrganizationUser_SelfRevoked event type to EventType enum * Add SelfRevokeOrganizationUserCommand implementation and interface for user self-revocation from organizations * Add unit tests for SelfRevokeOrganizationUserCommand to validate user self-revocation logic, including success scenarios and various failure conditions. * Add ISelfRevokeOrganizationUserCommand registration to OrganizationServiceCollectionExtensions for user self-revocation functionality * Add self-revoke user functionality to OrganizationUsersController with new endpoint for user-initiated revocation * Add integration tests for self-revoke functionality in OrganizationUsersController, covering scenarios for eligible users, non-members, and users with owner/admin roles. * Add unit test for SelfRevokeOrganizationUserCommand to validate behavior when a user attempts to self-revoke without confirmation. This test checks for a BadRequestException with an appropriate message. * Add MemberRequirement class for organization membership authorization - Implemented MemberRequirement to check if a user is a member of the organization. - Added unit tests for MemberRequirement to validate authorization logic for different user types. * Update authorization requirement for self-revoke endpoint and add integration test for provider users - Changed authorization attribute from MemberOrProviderRequirement to MemberRequirement in the RevokeSelfAsync method. - Added a new integration test to verify that provider users who are not members receive a forbidden response when attempting to revoke themselves. * Add EligibleForSelfRevoke method to OrganizationDataOwnershipPolicyRequirement - Implemented the EligibleForSelfRevoke method to determine if a user can self-revoke their data ownership based on their membership status and policy state. - Added unit tests to validate the eligibility logic for confirmed, invited, and non-policy users, as well as for different organization IDs. * Refactor self-revoke user command to enhance eligibility checks - Updated the SelfRevokeOrganizationUserCommand to utilize policy requirements for determining user eligibility for self-revocation. - Implemented checks to prevent the last owner from revoking themselves, ensuring organizational integrity. - Modified unit tests to reflect changes in eligibility logic and added scenarios for confirmed owners and admins. - Removed deprecated policy checks and streamlined the command's dependencies. * Use CommandResult pattern in self-revoke command * Clearer documentation	3 months ago
Vincent Salucci	35868c2a65	[PM-22434] Remove CreateDefaultLocation feature flag references (#6758 ) * chore: remove ff ref from PoliciesController * chore: remove ff ref from OrganizationExportController, refs PM-22434 * chore: remove ff ref from CiphersController, refs PM-22434 * chore: remove ff ref from ConfirmOrganizationUserCommand, refs PM-22434 * chore: remove ff refs from OrganizationDataOwnershipPolicyValidator, refs PM-22434 * chore: remove ff ref from OrganizationUserControllerTests, refs PM-22434 * chore: remove ff refs from ConfirmOrganizationUserCommandTests, refs PM-22434 * chore: remove ff refs from OrganizationDataOwnershipPolicyValidatorTests, refs PM-22434 * chore: format, refs PM-22434	3 months ago
Jared McCannon	2f893768f5	[PM-18718] Refactor Bulk Revoke Users (#6601 )	4 months ago
Rui Tomé	80ee31b4fe	[PM-25015] Add performance tests for Admin Console endpoints (#6235 ) * Add GroupsRecipe to manage group creation and user relationships in organizations * Add CollectionsRecipe to manage collection creation and user relationships in organizations * Refactor OrganizationUsersControllerPerformanceTests to enhance performance testing and add new test cases * Add OrganizationDomainRecipe to add verified domains for organizations * Add more tests to OrganizationUsersControllerPerformanceTests and enhance seeding logic for organizations - Updated performance tests to use dynamic domain generation for organization users. - Refactored seeding methods in OrganizationWithUsersRecipe to accept user status and type. - Modified AddToOrganization methods in CollectionsRecipe and GroupsRecipe to return created IDs. - Adjusted DbSeederUtility to align with new seeding method signatures. * Enhance OrganizationSeeder with additional configuration options and update seat calculation in OrganizationWithUsersRecipe to ensure a minimum of 1000 seats. * Add performance tests for Groups, Organizations, Organization Users, and Provider Organizations controllers - Introduced `GroupsControllerPerformanceTests` to validate the performance of the PutGroupAsync method. - Added `OrganizationsControllerPerformanceTests` with multiple tests including DeleteOrganizationAsync, DeleteOrganizationWithTokenAsync, PostStorageAsync, and CreateWithoutPaymentAsync. - Enhanced `OrganizationUsersControllerPerformanceTests` with DeleteSingleUserAccountAsync and InviteUsersAsync methods to test user account deletion and bulk invitations. - Created `ProviderOrganizationsControllerPerformanceTests` to assess the performance of deleting provider organizations. These tests ensure the reliability and efficiency of the respective controller actions under various scenarios. * Refactor GroupsControllerPerformanceTests to use parameterized tests - Renamed `GroupsControllerPerformanceTest` to `GroupsControllerPerformanceTests` for consistency. - Updated `PutGroupAsync` method to use `[Theory]` with `InlineData` for dynamic user and collection counts. - Adjusted organization user and collection seeding logic to utilize the new parameters. - Enhanced logging to provide clearer performance metrics during tests. * Update domain generation in GroupsControllerPerformanceTests for improved test consistency * Remove ProviderOrganizationsControllerPerformanceTests * Refactor performance tests for Groups, Organizations, and Organization Users controllers - Updated method names for clarity and consistency, e.g., `PutGroupAsync` to `UpdateGroup_WithUsersAndCollections`. - Enhanced test documentation with XML comments to describe the purpose of each test. - Improved domain generation logic for consistency across tests. - Adjusted logging to provide detailed performance metrics during test execution. - Renamed several test methods to better reflect their functionality. * Refactor performance tests in Organizations and Organization Users controllers - Updated tests to use parameterized `[Theory]` attributes with `InlineData` for dynamic user, collection, and group counts. - Enhanced logging to include detailed metrics such as user and collection counts during test execution. - Marked several tests as skipped for performance considerations. - Removed unused code and improved organization of test methods for clarity. * Add bulk reinvite users performance test to OrganizationUsersControllerPerformanceTests - Implemented a new performance test for the POST /organizations/{orgId}/users/reinvite endpoint. - Utilized parameterized testing with `[Theory]` and `InlineData` to evaluate performance with varying user counts. - Enhanced logging to capture request duration and response status for better performance insights. - Updated OrganizationSeeder to conditionally set email based on user status during seeding. * Refactor domain generation in performance tests to use OrganizationTestHelpers - Updated domain generation logic in GroupsControllerPerformanceTests, OrganizationsControllerPerformanceTests, and OrganizationUsersControllerPerformanceTests to utilize the new GenerateRandomDomain method from OrganizationTestHelpers. - This change enhances consistency and readability across the tests by centralizing domain generation logic. * Update CollectionsRecipe to have better readability * Update GroupsRecipe to have better readability * Refactor authentication in performance tests to use centralized helper method. This change reduces code duplication across Groups, Organizations, and OrganizationUsers controller tests by implementing the `AuthenticateClientAsync` method in a new `PerformanceTestHelpers` class. * Refactor OrganizationUsersControllerPerformanceTests to filter organization users by OrganizationId. * Refactor CreateOrganizationUser method to improve handling of user status and key assignment based on invitation and confirmation states. * Add XML documentation for CreateOrganizationUser method to clarify user status handling	4 months ago
Vincent Salucci	28e9c24f33	[PM-25584] [PM-25585] Remove feature flag - recover provider accounts (#6673 ) * chore: remove ff from OrganizationUsersController, refs PM-25584 * chore: update tests with reference to ff, refs PM-25584 * chore: remove ff definition, refs PM-25585 * chore: dotnet format, refs PM-25584	4 months ago
Thomas Rittson	35b4b0754c	[PM-25913] Fix owners unable to rename provider-managed organization (#6599 ) And other refactors: - move update organization method to a command - separate authorization from business logic - add tests - move Billing Team logic into their service	4 months ago
Alex Morask	f595818ede	[PM-24549] Remove feature flag: `use-pricing-service` (#6567 ) * Remove feature flag and move StaticStore plans to MockPlans for tests * Remove old plan models / move sponsored plans out of StaticStore * Run dotnet format * Add pricing URI to Development appsettings for local development and integration tests * Updated Api Integration tests to get current plan type * Run dotnet format * Fix failing tests	4 months ago
Jared McCannon	1eb396cb40	[PM-26636] - Auto Confirm Org User Command (#6488 ) * Adding auto confirm endpoint and initial command work. * Adding validator * Finished command implementation. * Enabled the feature renomved used method. Enabled the policy in the tests. * Added extension functions to allow for railroad programming. * Removed guid from route template. Added xml docs * Added validation for command. * Added default collection creation to command. * formatting. * Added additional error types and mapped to appropriate results. * Added tests for auto confirm validator * Adding tests * fixing file name * Cleaned up OrgUserController. Added integration tests. * Consolidated CommandResult and validation result stuff into a v2 directory. * changing result to match handle method. * Moves validation thenasync method. * Added brackets. * Updated XML comment * Adding idempotency comment. * Fixed up merge problems. Fixed return types for handle. * Renamed to ValidationRequest * I added some methods for CommandResult to cover some future use cases. Added ApplyAsync method to execute multiple functions against CommandResult without an error stopping the workflow for side-effects. * Fixed up logic around should create default colleciton. Added more methods for chaining ValidationResult together. Added logic for user type. * Clearing nullable enable. * Fixed up validator tests. * Tests for auto confirm command * Fixed up command result and AutoConfirmCommand. * Removed some unused methods. * Moved autoconfirm tests to their own class. * Moved some stuff around. Need to clean up creation of accepted org user yet. * Moved some more code around. Folded Key into accepted constructor. removed unneeded tests since key and accepted are now a part of AcceptedOrgUser Creation. * Clean up clean up everybody everywhere. Clean up clean up everybody do your share. * Another quick one * Removed aggregate Errors.cs * Cleaned up validator and fixed up tests. * Fixed auto confirm repo * Cleaned up command tests. * Unused method. * Restoring Bulk command back to what it was. deleted handle method for bulk. * Remove unused method. * removed unnecssary lines and comments * fixed layout. * Fixed test. * fixed spelling mistake. removed unused import. * Update test/Core.Test/AdminConsole/OrganizationFeatures/OrganizationUsers/AutoConfirmUsers/AutomaticallyConfirmUsersCommandTests.cs Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com> * Ensuring collection is created before full sync. Cleaning up tests and added a few more. Added check that the policy is enabled. * Added org cleanup * Lowering to 5 to see if that helps the runner. * 🤷 * Trying this * Maybe this time will be different. * seeing if awaiting and checking independently will work in ci * I figured it out. Locally, it would be fast enough to all return NoContent, however in CI, its slow enough for it to return 400 due to the user already being confirmed via validation. * Updated tests and validator * Fixed name --------- Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>	4 months ago
Rui Tomé	e7f3b6b12f	[PM-26430] Remove Type property from PolicyRequestModel to use route parameter only (#6472 ) * Enhance PolicyRequestModel and SavePolicyRequest with validation for policy data and metadata. * Add integration tests for policy updates to validate handling of invalid data types in PolicyRequestModel and SavePolicyRequest. * Add missing using * Update PolicyRequestModel for null safety by making Data and ValidateAndSerializePolicyData nullable * Add integration tests for public PoliciesController to validate handling of invalid data types in policy updates. * Add PolicyDataValidator class for validating and serializing policy data and metadata based on policy type. * Refactor PolicyRequestModel, SavePolicyRequest, and PolicyUpdateRequestModel to utilize PolicyDataValidator for data validation and serialization, removing redundant methods and improving code clarity. * Update PolicyRequestModel and SavePolicyRequest to initialize Data and Metadata properties with empty dictionaries. * Refactor PolicyDataValidator to remove null checks for input data in validation methods * Rename test methods in SavePolicyRequestTests to reflect handling of empty data and metadata, and remove null assignments in test cases for improved clarity. * Remove Type property from PolicyRequestModel to use route parameter only * Run dotnet format * Enhance error handling in PolicyDataValidator to include field-specific details in BadRequestException messages. * Enhance PoliciesControllerTests to verify error messages for BadRequest responses by checking for specific field names in the response content. * refactor: Update PolicyRequestModel and SavePolicyRequest to use nullable dictionaries for Data and Metadata properties; enhance validation methods in PolicyDataValidator to handle null cases. * test: Add integration tests for handling policies with null data in PoliciesController * fix: Catch specific JsonException in PolicyDataValidator to improve error handling * test: Add unit tests for PolicyDataValidator to validate and serialize policy data and metadata * test: Remove PolicyType from PolicyRequestModel in PoliciesControllerTests * test: Update PolicyDataValidatorTests to validate organization data ownership metadata * Refactor PoliciesControllerTests to include policy type in PutVNext method calls	5 months ago
Rui Tomé	1e2e4b9d4d	[PM-26429] Add validation to policy data and metadata (#6460 ) * Enhance PolicyRequestModel and SavePolicyRequest with validation for policy data and metadata. * Add integration tests for policy updates to validate handling of invalid data types in PolicyRequestModel and SavePolicyRequest. * Add missing using * Update PolicyRequestModel for null safety by making Data and ValidateAndSerializePolicyData nullable * Add integration tests for public PoliciesController to validate handling of invalid data types in policy updates. * Add PolicyDataValidator class for validating and serializing policy data and metadata based on policy type. * Refactor PolicyRequestModel, SavePolicyRequest, and PolicyUpdateRequestModel to utilize PolicyDataValidator for data validation and serialization, removing redundant methods and improving code clarity. * Update PolicyRequestModel and SavePolicyRequest to initialize Data and Metadata properties with empty dictionaries. * Refactor PolicyDataValidator to remove null checks for input data in validation methods * Rename test methods in SavePolicyRequestTests to reflect handling of empty data and metadata, and remove null assignments in test cases for improved clarity. * Enhance error handling in PolicyDataValidator to include field-specific details in BadRequestException messages. * Enhance PoliciesControllerTests to verify error messages for BadRequest responses by checking for specific field names in the response content. * refactor: Update PolicyRequestModel and SavePolicyRequest to use nullable dictionaries for Data and Metadata properties; enhance validation methods in PolicyDataValidator to handle null cases. * test: Add integration tests for handling policies with null data in PoliciesController * fix: Catch specific JsonException in PolicyDataValidator to improve error handling * test: Add unit tests for PolicyDataValidator to validate and serialize policy data and metadata * test: Update PolicyDataValidatorTests to validate organization data ownership metadata	5 months ago
Rui Tomé	de56b7f327	[PM-26099] Update public list members endpoint to include collections (#6503 ) * Add CreateCollectionAsync method to OrganizationTestHelpers for collection creation with user and group associations * Update public MembersController List endpoint to include associated collections in member response model * Update MembersControllerTests to validate collection associations in List endpoint. Add JsonConstructor to AssociationWithPermissionsResponseModel * Refactor MembersController by removing unused IUserService and IApplicationCacheService dependencies. * Remove nullable disable directive from Public MembersController	5 months ago
Thomas Rittson	e11458196c	[PM-24192] Move account recovery logic to command (#6184 ) * Move account recovery logic to command (temporarily duplicated behind feature flag) * Move permission checks to authorization handler * Prevent user from recovering provider member account unless they are also provider member	5 months ago
Thomas Rittson	b83f95f78c	[PM-25097] Remove DeleteClaimedUserAccountRefactor flag (#6364 ) * Remove feature flag * Remove old code	6 months ago
Vincent Salucci	aab50ef5c4	[PM-24595] [PM-24596] Remove feature flag usage/definition for deleting users with no mp on import (#6313 ) * chore: remove dc prevent non-mp users from being deleted feature flag, refs PM-24596 * chore: format, refs PM-24596	7 months ago
Thomas Rittson	2c860df34b	[PM-15621] Refactor delete claimed user command (#6221 ) - create vNext command - restructure command to simplify logic - move validation to a separate class - implement result types using OneOf library and demo their use here	7 months ago
Jimmy Vo	d43b00dad9	[PM-24279] Add vnext policy endpoint (#6253 )	7 months ago
Brandon Treston	cf94438150	[PM-22586/PM-22587] Remove feature flagged logic (#6194 ) * remove feature flagged logic * remove feature flag * remove OrganizationService.ImportAsync and tests * remove unused function	7 months ago
Thomas Rittson	9022ad2360	[PM-20140] Prevent accidental bulk removal of users without a Master Password (#6173 )	8 months ago
Rui Tomé	e042572cfb	[PM-24582] Bugfix: exclude admins and owners from default user collection creation on confirmation (#6177 ) * Update the OrganizationUserController integration Confirm tests to handle the Owner type * Refactor ConfirmOrganizationUserCommand to simplify side-effect handling in organization user confirmation. Update IPolicyRequirementQuery to return eligible org user IDs for policy enforcement. Update tests for method signature changes and default collection creation logic.	8 months ago
Rui Tomé	9d05105dc0	[PM-23981] Fix DefaultUserCollection filtering in organization user updates (#6161 ) * Refactor UpdateOrganizationUserCommand to validate and filter out DefaultUserCollections during user updates. * Enhance UpdateOrganizationUserCommandTests to filter out DefaultUserCollections during user updates, ensuring only shared collections are processed. Updated test logic to reflect new filtering behavior. * Add integration test for updating organization user with existing default collection. The test verifies successful updates to user permissions, group access, and collection access, ensuring correct handling of shared and default collections. * Refactor UpdateOrganizationUserCommand to separate the collection validation and DefaultUserCollection filtering * Refactored integration test setup/assertion for clarity	8 months ago
Rui Tomé	7454430aa1	[PM-22241] Add DefaultUserCollectionName support to bulk organization user confirmation (#6153 ) * Implement GetByOrganizationAsync method in PolicyRequirementQuery and add corresponding unit tests * Refactor ConfirmOrganizationUserCommand for clarity and add bulk support * Update ConfirmOrganizationUserCommandTests to use GetByOrganizationAsync for policy requirement queries * Add DefaultUserCollectionName property to OrganizationUserBulkConfirmRequestModel with encryption attributes * Update ConfirmUsersAsync method to include DefaultUserCollectionName parameter in OrganizationUsersController * Add EnableOrganizationDataOwnershipPolicyAsync method to OrganizationTestHelpers * Add integration tests for confirming organization users in OrganizationUserControllerTests - Implemented Confirm_WithValidUser test to verify successful confirmation of a single user. - Added BulkConfirm_WithValidUsers test to ensure multiple users can be confirmed successfully. * Refactor organization user confirmation integration tests to also test when the organization data ownership policy is disabled * Refactor ConfirmOrganizationUserCommand to consolidate confirmation side effects handling - Replaced single and bulk confirmation side effect methods with a unified HandleConfirmationSideEffectsAsync method. - Updated related logic to handle confirmed organization users more efficiently. - Adjusted unit tests to reflect changes in the collection creation process for confirmed users. * Refactor OrganizationUserControllerTests to simplify feature flag handling and consolidate test logic - Removed redundant feature flag checks in Confirm and BulkConfirm tests. - Updated tests to directly enable the Organization Data Ownership policy without conditional checks. - Ensured verification of DefaultUserCollection for confirmed users remains intact. * Refactor OrganizationUserControllerTests to enhance clarity and reduce redundancy - Simplified user creation and confirmation logic in tests by introducing helper methods. - Consolidated verification of confirmed users and their associated collections. - Removed unnecessary comments and streamlined test flow for better readability.	8 months ago
Brandon Treston	947ae8db51	[PM-19145] refactor organization service.import async (#5800 ) * initial lift and shift * extract function RemoveExistingExternalUsers * Extract function RemoveExistingUsers() * extract function OverwriteExisting() * create new model for sync data * extract add users to function, rename * rename OrganizatinUserInvite for command, implement command * implement command * refactor groups logic * fix imports * remove old tests, fix imports * fix namespace * fix CommandResult useage * tests wip * wip * wip * remove redundant code, remove looping db call, refactor tests * clean up * remove looping db call with bulk method * clean up * remove orgId param to use id already in request * change param * cleanup params * remove IReferenceEventService * fix test * fix tests * cr feedback * remove _timeProvider * add xmldoc, refactor to make InviteOrganizationUsersCommand vNext instead of default * switch back to command * re-add old ImportAsync impl * fix test * add feature flag * cleanup * clean up * fix tests * wip * wip * add api integration tests for users WIP * groups integration tests * cleanup * fix error from merging main * fix tests * cr feedback * fix test * fix test	8 months ago
Jared McCannon	c4965350d1	[PM-12474] Move to authorization to attibutes/handlers/requirements (#6001 ) * Created ReadAllOrganizationUsersBasicInformationRequirement for use with Authorize attribute. * Removed unused req and Handler and tests. Moved to new auth attribute * Moved tests to integration tests with new response. * Removed tests that were migrated to integration tests. * Made string params Guids instead of parsing them manually in methods. * Admin and Owner added to requirement. * Added XML docs for basic get endpoint. Removed unused. Added another auth check. Inverted if check. * Removed unused endpoint * Added tests for requirement * Added checks for both User and Custom * Added org id check to validate the user being requested belongs to the org in the route. * typo	9 months ago
Oscar Hinton	d7d90e7f3e	[PM-21079] Add support to integration tests for using sqlserver (#5823 ) Adds a SqlServerApiApplicationFactory which allows you to run api tests using SqlServer. Currently a new database is create and destroyed for each test. In the future we'd like a more optimized way to do this. The database logic is abstracted away in a ITestDatabase interface which handles the configuration, migration and teardown.	10 months ago
Oscar Hinton	5f7e2b8a81	[PM-21075] Initial database seeder (#5703 ) Adds a database seeder which can be used standalone using a CLI for seeding your local development environment, or used in unit tests to seed complex scenarios. --------- Co-authored-by: Robert Y <rkac@bitwarden.com>	11 months ago
Thomas Rittson	44b687922d	[PM-14245] Remove policy definitions feature flag (#5095 ) * Remove PolicyService.SaveAsync and use command instead * Delete feature flag definition * Add public api integration tests	1 year ago
Rui Tomé	add8783e31	[PM-11667] Remove all code related to the outdated custom permissions 'Edit/Delete Assigned Collections' (#4736 )	2 years ago
Justin Baur	aa34bbb0e6	Fix Most Test Warnings (#4612 ) * Add Collections Tests * Update CollectionRepository Implementation * Test Adding And Deleting Through Replace * Format * Fix Most Test Warnings * Format	2 years ago
Conner Turnbull	721d2969d4	[PM-8830] Billing Enums Rename (#4180 ) * Renamed ProductType to ProductTierType * Renamed Product properties to ProductTier * Moved ProductTierType to Bit.Core.Billing.Enums namespace from Bit.Core.Enums * Moved PlanType enum to Bit.Core.Billing.Enums * Moved StaticStore to Bit.Core.Billing.Models.StaticStore namespace * Added ProductType enum * dotnet format	2 years ago
Thomas Rittson	cae417e2a2	[AC-2317] Public API - remove old permissions code (#4125 ) * Remove FlexibleCollections checks from Public API controllers * Remove AccessAll from Public API * Update tests	2 years ago
Thomas Rittson	357ac4f40a	[AC-292] Public Api - allow configuration of custom permissions (#4022 ) * Also refactor OrganizationService user invite methods	2 years ago

43 Commits (renovate/microsoft.data.sqlclient-7.x)