Tree:
b42ebe6f1b
2026-01-29/revert-persistent-grants
AC-1527-refactor-the-stripe-webhook-logic
AC-1601-require-sso-for-tde
AC-1833-2FA-Check-mark-still-visible
AC-2035-when-a-subscription-is-cancelled,-the-customer-cannot-self-server
ActivityDecorator
Add-MsSqlMigratorUtility-run-configuration-for-VS-Code
ApiKeyAuthInTheCli
Auth/PM-52-add-rbac-for-providers
Auth/pm-6333/remove-security-validation-exception
BEEEP/pm-26016/cache-authenticator-failures
BRE-1037/update-rc-deploy-trigger
BRE-193-demo
BRE-193-test
BRE-247-create-test-env
BRE-292-sync-ephemeral-env-on-build-test
BRE-443-get-major-repos-to-bwwl-lint-passing-stage
BRE-demo-ee-01
DEVOPS-1039-update-release-flow-dry-run-step-names
DEVOPS-1215-Build-Migrator-project-artifact
DEVOPS-1537-Update-dbo.Migrations-table-to-support-repeatable-migrations
DEVOPS-1551-test-branch-for-server3
DEVOPS-1594-pin-all-uses-of-bitwarden-gh-actions-to-master
EC-502-cherry-pick
Hinton-patch-1
MergePlanAndPriceUpdates
PM-11525-Estimated-tax-shown-to-customers-potentially-incorrect
PM-13128
PM-13446-Database-Add-IsMultiOrgEnterprise-column-to-Provider-table
PM-14163-Sales-Tax-Compliance
PM-14891-Sales-Tax-Estimation-For-Organizations
PM-14892-Sales-Tax-Estimation-For-Accounts
PM-14894-Drop-Sales-Tax-Database-Tables
PM-15404-Provider-portal-contains-incorrect-styling-for-the-table-filters
PM-15536-Unsupported-Provider-Type-Reseller-on-Create-New-Org-under-Reseller
PM-16196
PM-16682
PM-16921
PM-17132
PM-17732
PM-18018
PM-18881
PM-19147
PM-19147_2
PM-19147_3
PM-19562-remove-desktop-flag
PM-19643
PM-2014-passkey-registration
PM-2032-troubleshoot-actions
PM-22372
PM-2448
PM-25697
PM-27886
PM-2844-beeep-add-custom-error-codes-for-server-api-exceptions
PM-29660-continuationtokens
PM-31745-unassigned-items-delete
PM-31787-Defect-Users-can-access-the-sends-after-the-limit-was-reached
PM-3203-update-environment-file-builder-variable-name-to-cloud-region
PM-3263-Fix-EF-tests-for-passkey-registration-and-test-EF-repository-implementation
PM-3807-store-all-passkeys-as-login-cipher-type
POC/cipher-versioning
PS-590
QA
Remove-Return-ValidateSponsorshipCommand.cs
SG-497/Health-checks
SG-660
SG-701
SM-1301-get-by-id-changes-events
SM-1548-SecretViewSlow
SM-1743-featureflag
SM-1800
SM-1805-OrgLic
SM-2-Organization
SM-249-Delete-Secrets
SM-381]-Access-Policy-Secrets
SM-73
SM-73-signed
SM-910-BasedOn923
SM-923-Issues
SRE-3019-using-claude-implement-the-azure-mail-queue-retry-feature
Secrets-Access
ac-1409/secrets_manager_subscription_stripe
ac-1427/add_new_organisation_properties
ac-1427/add_new_organisation_properties_update_db_objects_and_create_migration
ac-1753-automatically-assign-providers-pricing-to-new-organizations
ac-1779/fix-validation-for-expirationWithoutGracePeriod-in-organizationLicense
ac-2266-two-email-notifications-is-sent-when-creating-org-from-sm-Trial-page
ac-2306-Self-serve-upgrade-automatically-updates-subscription
ac-2310-dont-reset-billing-cycle-if-upcoming-invoice-exceeds-dollar-threshold
ac-2385-as-a-billing-system-I-need-to-handle-attempting-to-pay-an-invoice-with-braintree-for-a-provider
ac-2570-existing-providers-see-new-cb-experience-on-admin-console
ac-2957-delete-the-feature-flag-PM-5864-dollar-threshold
ac/ac-1174/master-bulk-collection-management
ac/ac-1174/testing-unidirectional-dataflow
ac/addison/pm-10863/turn-on-for-self-host
ac/addison/pw-10314/auto-enable-policy
ac/jmccannon/pm-12479-changing-groups-model
ac/jmccannon/pm-12488-pt2-refactor
ac/pm-15621/add-commandresultvalidator
ac/pm-15621/refactor-delete-command
ac/pm-17217/add-use-policy-check-for-accept-endpoint
ac/pm-20633/rename-remove-individual
ac/pm-21031/get-members-performance-optimization
ac/pm-21411/refactor-interface-for-determining-premium-status-and-features
ac/pm-21740/update-join-organization-email-templates
ac/pm-21742/update-confirmed-to-org-family-free
ac/pm-22102/metadata-prototype
ac/pm-22108/add-bulk-interfaces-for-checking-policies
ac/pm-23845/fix-concurrent-access-feature-flag
ac/pm-24192/recover-account-command
ac/pm-24278/add-ipostsavepolicysideeffect
ac/pm-24278/prototype
ac/pm-24279/add-new-policy-endpoint
ac/pm-24279/vnext-policy-endpoint
ac/pm-24759/policy-requirements-collection-queries
ac/pm-25106/refactor-misleading-sproc-filters
ac/pm-25860-bulk-collection-delete-succeeds-but-returns-error
ac/pm-26714/seat-count-increase-email-not-being-sent
ac/pm-28300/remove-flag
ac/pm-28555/add-semaphore-table
ac/pm-28555/server-create-idempotent-sproc-for-creating-a-single-my-items-collection
ac/pm-28795/refactor-org-acceptinit
ac/pm-29045/collection-item-deletion-workflow-issue
ac/pm-29129/add-the-policy-readme
ac/pm-30610/fix-formatting
ac/pm-31153-email-updates-for-domain-claim-pt-2
ac/pm-5966/fix-entity-framework-query
ac1191-tde-approval-email
ac1454-2fa-directory
acostarj-patch-1-cs-server
add-2017-to-db-test-script
add-backport-workflow
add-captcha-logging
add-encrypted-key-column
add-gitlens-settings
add-linux-cert-helper
add-needs-qa-label
add-notification-channels
add-notification-hub-logging
add-peer-dependency
additional-load-tests
aesgcm
ai/exercise-claude-code-review-do-not-merge
akd
anders/add-devcontainer-docs
anders/increase-passkey-limit
api-integration-tests
arch/emailers-razor
arch/simplify-install
architecture/api-versioning
auth/add-cosmos-persisted-grant-to-sso
auth/context-rules
auth/deps/identity-7.1.0
auth/logging-admin-new-device-verification
auth/mjml-workflow
auth/pm-11537/increase-passkey-limit
auth/pm-17129/login-with-2fa-recovery-code-bugfix
auth/pm-18612
auth/pm-18720/change-password-component-non-dialog
auth/pm-18720/change-password-component-non-dialog-v3
auth/pm-18720/change-password-component-non-dialog-v4
auth/pm-19209/revert-to-original-message
auth/pm-19685/remove-email-delay-flag
auth/pm-20377/token-add-user-details
auth/pm-20532/tech-breakdown-poc-token-based-send-authn-and-authz
auth/pm-21925/add-password-salt-column
auth/pm-22975/client-version-validator
auth/pm-24207
auth/pm-24281/enhance-email
auth/pm-24579/prevent-existing-sso-rejected-users-nullish-fix
auth/pm-24617/throttling-report
auth/pm-24662/tech-breakdown-comments
auth/pm-26578/http-redirect-cloud
auth/pm-27062/prelogin-new-data-types
auth/pm-27084/register-accepts-new-data-types
auth/pm-27510/prevent-existing-sso-rejected-users-nullish-fix
auth/pm-28768/bug-welcome-email-for-families
auth/pm-29585/prevent-new-emergency-access
auth/pm-29890/refactor-webauthn-2fa-methods-out-of-userservice
auth/pm-30613/remove-mjml-based-email-feature-flag
auth/pm-30810/http-redirect-cloud
auth/pm-3797/key-rotation-upgrades
auth/pm-4142/remove-old-invite-token-validation
auth/pm-5947/self-host-duo-redirect
auth/pm-6631/handle-webauthn-creation-exception
auth/pm-8882/add-logging-feature-flag
auth/pm-9826/2fa-get-remove-validation
auth/proto/webauthn-limit-increase
auth/remove-captcha
auth/remove-feature-flags
authreq
autoconfirm-single-org
autofill-feature-flag-cleanup
autofill/idp-auto-submit
autofill/pm-10418-expiration-date-on-cards-does-not-autofill-the-correct-format
azure-table-tests
beeep-autofixture-detect-param
beeep-lazy-user-currentcontext
beeep/recipe-seeding
billing/AC-2379/webhook-update-provider-status
billing/AC-2515/stripe-upgrade
billing/PM-11516/license-stuff
billing/PM-27702/cant-purchase-subscription-with-PayPal
billing/PM-31040/replace-setup-intent-cache
billing/PM-31140/consolidate-unpaid-subscription-handling
billing/aspire
billing/codeowner-changes
billing/env-based-dev-container
billing/license-claims-data-type-expansion
billing/license-refactor
billing/pm-21643-create-stripe-webhook-endpoints-for-api-version-2025-04-30-basil
billing/pm-27603/initial-migration-for-storage-increase
billing/pm-28662-fix-duplicate-premium-subscriptions
billing/pm-28662/individual-Premium-automatically-disabled-due-to-duplicate-subscription-leftover
billing/pm-29595/user-that-upgraded-from-premium-reverts-an-organization-upgrade-during-the-trial-period
billing/pm-30908/correct-premium-subscription-status-handling
blazor
brant/move-organization-connection-to-integrations
brant/move-organization-connection-to-integrations-step-2
bre-1004_update-workflows-for-ghcr
bre-1241-ephemeral-environment-test
bre/th/dev
bsephem
bug/PS-2120-purge-vault-not-refreshing-items
build-tvp-arrays-outside-connection
collectiongroupsapi
community-pm-3309-fixes-for-kerberos-auth
community/pm-2242/add-kerberos-auth-to-docker
context-rules
copilot/add-sdk-key-rotation-flag
copilot/install-sql-2022-arm
copilot/review-draft-pr-6748
cosmosevents
create-mailers
database-seeder
db-migration
dbops/dbops-31/csv-import
dbops/dbops-80/fix-invalid-sql-syntax
dbops/dbops-81/update-sql-cu
debug-self-hosted-passwordless
debug/push-notifications
demo/flexible-collections-v1
devcontainer-updates
dirt/PM-23358/move-phishing-code-to-dirt-team
dirt/PM-25576/change-member-access-query-to-use-views
dirt/PM-29828/modify-dbseeder-to-make-test-data-quickly
dirt/access-intelligence-db-seeder
dirt/pm-20112_member_access_report_503error
dirt/pm-20577/report-summary-for-db
dirt/pm-20577/risk-insight-server-endpoints
dirt/pm-23030/add_report_key_for_key_rotation
dirt/pm-23044/organization-application-server-implementation
dirt/pm-23754/alter-org-report-table
dirt/pm-23754/organization-report-summary-table
dirt/pm-31725/datadog-report-compatibility
dirt/pm-31747/download-risk-insights-report
duo-sdk-upgrade
ec-598
ee-db-seeder
ee-patch-01
ee-test-image-updater
ee/test/branch
enable-xunit-diagnostic-messages
ephem-test-01
ephemeral-environment-api-env
ephemeral-environment-hello-world
ephemeral-test-01
experiment/cipher-auth
external-dns-test
feat/SG-651-activate-org-with-stripe-activation
feat/passwordless
feature/additional-item-types
feature/decouple-icon-service
feature/dev-migrator-script-rerun-option
feature/org-admin-refresh-v3
feature/refactor-organization-service-to-feature-services
feature/seeder-crypto-abstraction
feature/self-hosted-F4E-sync
feature/self-hosted-f4e-orgsponsorship-migration
fedemkr-patch-1
fix-build
fix-identity-resource
fix-rc
fix-tde-provider-user
formatjan2023csp
hosting-env-change
hotfix-EC-529
hotfix-sendgrid
idphost
iinuwa/mobile-device-login-passkey
iinuwa/store-prf-secrets
innovation/opaque
innovation/seeded-csprng-fake-user
introduce-server-sdk-everywhere
jim-test
jmccannon/ac/pm-12474-org-user-auth-handlers
jmccannon/ac/pm-12487-restore-user-command
jmccannon/ac/pm-15547-revoke-user-remove-2fa
jmccannon/ac/pm-24462-seat-limit-ignored
jmccannon/ac/pm-27705-notify-auto-confirm-enable
jmccannon/ac/pm-28627/restore-create-default-collection
jmccannon/ac/pm-3175-send-invite-async
jmccannon/ac/transaction-attempt
jmccannon/ac/transaction-attempt-2
jmccannon/ac/validation-result-poc
jmccannon/testing-improvements
justindbaur-patch-1
justindbaur-patch-2
k8-alpine-test-bre-917
k8s/use-mounted-secrets
keyedcache
km/auto-enroll-name
km/auto-kdf-qa
km/beeep/qr-login
km/key-rotation-signing
km/km-10648/remove-reference-to-feature-flag
km/low-kdf-testing
km/main-broken-build
km/pm-10600-part2
km/pm-10600-part3
km/pm-24051-user-decryption-response-sdk-wasm-extension
km/pm-27278/register-password-based-account-v2
km/remove-old-ssh-flags
km/remove-unused-file
km/sdk-key-rotation
km/signing-keys
km/tde-offboarding-fix
linting-again
main
make-roles-change-at-runtime
metadata/badges
minimal-codespace
misc/use-host-environment
mobile/PM-18936-key-connector-ephemeral
move-azurite-scaffolding
move_old_DbScripts_future_to_DbScripts
mtmorgdomains
named-http-clients
ned/add-organization-scenes
notfoundcheck
notification-hub-debug-logging
null-operator-on-fido2keys
nullable-entities
orgapikeys
passwordless/add_fingerprintphrase_reponse
passwordless/getUserAuthRequests
passwordless/notifications
passwordless/signalR
patch/ee-bot-test
perfindexes
platform/add-messagepack
platform/addison/PM-11129/codeownership-assignments
platform/addison/PM-11129/implemetation
platform/pm-2182/harden-captcha-bypass-conditions
platform/pm-23123/test-cookie-endpoint
platform/pm-2944/make-entities-nullable
platform/pm-3626/write-collections-tests
platform/remove-storage-reseed-flag
pm-12071-only-verified-org-domain-sso
pm-13345-Add-Remove-Bitwarden-Families-policy-in-Admin-Console
pm-13347-web-app-impacts
pm-13429-Seat-Count-Increase-Email-Only-Sending-For-First-Auto-Scale-But-Not-Subsequent
pm-14496-non-root-self-hosted-images
pm-15625-disable-trial-send-verification-email-endpoint-for-self-host
pm-15808-Show-suspended-org-modals-for-orgs-in-unpaid-and-canceled-status
pm-15814-alert-owners-of-reseller-managed-orgs-to-renewal-events
pm-17592-remove-feature-flag-disable-free-families-sponsorship
pm-20084-add-trial-length-parameter-to-trial-send-verification-email-endpoint
pm-2023-fido2-authentication
pm-21106-remove-button-not-responsive
pm-22968-ui-when-MSP/BUP-is-suspended-feature-flag
pm-28973
pm-3891-implement-time-based-threshold
pm-3892-implement-dollar-threshold-for-monthly-sub
pm-6768-error-autoscaling-when-organisation-is-subscription-is-still-trialing
pm-6774-reduce-the-dollar-threshold-from-500-to-300-dollars
pm-9162
pm/pm-30609/make-redis-required-for-local-cloud-development
poc/structurizr
policy-definition-save
policy-requirements
policy-requirements-redux
pre-tde-self-host
proxy-project
ps/TDL-136
ps/explore-required
ps/include-flag-context-in-config-response
ps/pm-11612/quartz-qa-branch
ps/pm-19659/add-notifications-readmes
ps/pm-21571/implement-smtp-oauth
ps/pm-2944/make-entities-nullable-auth
ps/pm-336/nullable-unowned-services
quexten-patch-1
rebase-demo-ex-2
remove-accept-org-user-method
renovate/actions-checkout-6.x
renovate/azure-azure-sdk-for-net-monorepo
renovate/braintree-5.x
renovate/docker-compose-minor
renovate/dotnet-monorepo
renovate/duende.identityserver-7.x
renovate/fido2.aspnet-4.x
renovate/fusioncache-monorepo
renovate/jquery-4.x
renovate/kenchan0130-simplesamlphp-1.x
renovate/kralizek.autofixture.extensions.mockhttp-2.x
renovate/linq2db-6.x
renovate/linq2db.entityframeworkcore-10.x
renovate/linq2db.entityframeworkcore-8.x
renovate/lock-file-maintenance
renovate/major-aspnet-health-checks-monorepo
renovate/major-dotnet-monorepo
renovate/major-entityframeworkcore
renovate/major-swashbuckle-aspnetcore-monorepo
renovate/major-vstest-monorepo
renovate/mariadb-12.x
renovate/mcr.microsoft.com-devcontainers-dotnet-10.x
renovate/mcr.microsoft.com-mssql-server-2025.x
renovate/messagepack-3.x
renovate/microsoft.azure.cosmos-3.x
renovate/microsoft.build.sql-2.x
renovate/microsoft.data.sqlclient-6.x
renovate/mini-css-extract-plugin-2.x
renovate/mjml-4.x
renovate/mjml-core-4.x
renovate/npgsql.entityframeworkcore.postgresql-10.x
renovate/npgsql.entityframeworkcore.postgresql-8.x
renovate/pin-dependencies
renovate/pomelo.entityframeworkcore.mysql-9.x
renovate/postgres-18.x
renovate/prettier-3.x
renovate/rabbitmq.client-7.x
renovate/stripe.net-46.x
renovate/stripe.net-50.x
renovate/vstest-monorepo
renovate/webpack-cli-6.x
renovate/yamldotnet-16.x
repository-management-workflow-fix
return-non-zero-exit-code-on-failure
revert-2346-SG-698
revert-2992-PM-2448
revert-3891-ac-2293-Two-email-notifications-is-sent-when-creating-org-from-SM-Trial-page
revert-6582-revert-6577-auth/pm-27062/prelogin-new-data-types
revert-6755-revert-6676-auth/pm-3287/tde-cleanup-remove-reset-master-password-from-token-response
sdk-decrypt
sg/SG-58
single-user-scene-api
sm-10995-removefeatureflag
sm-910-923
sm-923
sm-add-bulk-move-to-project
sm/SM-518
sm/sm-873
sm/sm-904
sns
snyk-fix-261dbaccec3d4355caadddbd8dc44b4b
snyk-fix-6d56d7b220780f29826f4338d1631736
snyk-fix-8b823cd3ec0299ef141df1252a243e9b
snyk-fix-9a25996054355dc90914c1d4e62b99fc
snyk-fix-9ab4f8e979d891859939b5e19e825a45
snyk-fix-afde10973a7206485a89218280e291d8
snyk-fix-d0b5c3ca960136a116ca02dbf1b0b2b4
sre
sso-default-logging
sso-device-key-callback-poc
ssoconfig
strongly-typed-orgusers
task/BRE-128
task/BRE-342
test
test-docker-stuff
test-email-subject-automation
test-ephemeral-env-key-connector
test-image-updater-ee
test-new-trigger-ee
testing
th-ee-test
tools/AC-2496/graphql-experiment
tools/AC-2496/odata-init
tools/AC-2496/odata-test
tools/generator-modernization
tools/pm-16085/increase-import-limitations
tools/pm-30596/fix-year-in-mail-templates
tools/pm-31483/no-send-access-when-ff-is-off
tools/pm-31497/use-central-remove-send-auth-logic
tools/pm-31684/remove-email-hashing
tools/pm-8895/groups-controller-decouple
tools/pm-9709/group-details-query
tools/tech-debt/remove-unused-response-parameters
true-unified
trustmssql
tt-test-branch
update-renovate-for-auth
update-server-program
upgrade-npgsql-version
use-pr-for-release-version
util/support-dev-env-installations
vault/ac-2106/fix-provider-creating-collection
vault/delete-only-can-manage
vault/feature/cipher-versioning
vault/pm-20379/security-task-hidden-password
vault/pm-28190/sdk-sharing-feature-flag
vault/pm-4185/regression-testing
vault/pm-5072/update-minimum-server-version-for-cipher-key-encryption
verifypasswordhashonenrollment
vuln-252-check-run-least-priv
xunit-v3-full-upgrade
xunit-v3-migration
yubikey-logging
${ noResults }
12 Commits (b42ebe6f1bf71d83b02f68dcbf6bbe2c768e6f97)
| Author | SHA1 | Message | Date |
|---|---|---|---|
Thomas Avery
|
a7b992d424
|
[SM-1150] Add secret sync endpoint (#3906)
* Add SecretsSyncQuery * Add SecretsSync to controller * Add unit tests * Add integration tests * update repo layer |
2 years ago |
|
Thomas Avery
|
97c4d839e0
|
[BEEEP][SM-893] Add the ability to run SM integration tests as a service account (#3187)
* Add the ability to run SM integration tests as a service account |
2 years ago |
|
Thomas Avery
|
1053f49fb1
|
[SM-943] [BEEEP] Swap to SQLite in-memory for integration tests (#3292)
* Swap to sqlite in-memory for integration tests * Fix integration tests * Remove EF Core in-memory dependency |
2 years ago |
cd-bitwarden
|
b772784af3
|
[SM-896] restricting access to disabled orgs (#3287)
* restricting access to disabled orgs * Unit Test Updates * Update test/Api.IntegrationTest/SecretsManager/Controllers/AccessPoliciesControllerTests.cs Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Covering all test cases * making organization enabled NOT default --------- Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> |
2 years ago |
|
Thomas Avery
|
640cb68d51
|
[SM-863] Add endpoint for fetching multiple secrets by IDs (#3134)
* Add support CanReadSecret authorization * Extract base response model for secret * Add support for SA bulk fetching event logging * secret repository bug fix * Add endpoint and request for bulk fetching secrets * Swap to original reference event * Add unit tests * Add integration tests * Add unit tests for authz handler * update authz handler tests --------- |
2 years ago |
Daniel García
|
4f87e4e1a4
|
[PM-2196] Improvements to the Swagger generator (#2914)
* Swagger fixes Co-Authored-By: Oscar Hinton <Hinton@users.noreply.github.com> * Make Response Models return Guids instead of strings * Change strings into guids in ScimApplicationFactory --------- Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com> |
3 years ago |
|
Thomas Avery
|
d020c49c0e
|
[SM-788] Extract authorization from secret delete command (#3003)
* Extract authorization from secret delete command |
3 years ago |
|
Thomas Avery
|
05f11a8ee1
|
[SM-706] Extract Authorization From Create/Update Secret Commands (#2896)
* Extract authorization from commands * Swap to request model validation. * Swap to pattern detection |
3 years ago |
|
Thomas Avery
|
20d3b4b4e8
|
[SM-670] Add permission context to project lists. (#2822)
* Attach permission context to project lists. * restrict service-account actions * Fix project permission details * Add getters and setters * dotnet format * Fix admin create unassigned secret (#2872) |
3 years ago |
Colton Hurst
|
2529c5b36f
|
SM-695: Block Create & Update for Admins on Secrets Outside of the Org (#2844)
* SM-695: Block create or update for admins on secrets outside of the org * SM-695: Update test, org is required on project * SM-695: Update tests to set matching org id in project * SM-695: Ensure there is no more than 1 project connected to a secret, plus remove org admin check in the CreateSecretCommand. * SM-695: Add integration tests for create and update secrets security fixes * SM-695: Update Create and Update secret tests, a secret can only be in one project at a time |
3 years ago |
Oscar Hinton
|
60bdf77e8b
|
[SM-574] Wire up read/write for secret list and secret response (#2767)
* Wire up read/write for secret list and secret response * Fix trash * Remove UserHasReadPermission * Fix list by project * Implement admin and service accounts for AccessToSecretAsync * Resolve feedback * Fix tests * Rename function * Change create to return true, true * Remove duplicated access check |
3 years ago |
|
Colton Hurst
|
d7b091d7d6
|
SM-662: Make sm controller test class names plural (#2816)
|
3 years ago |
|
Thomas Avery
|
56d3c3a5d1
|
Add in integration tests (#2806)
|
3 years ago |
|
Oscar Hinton
|
2c8f23ec9b
|
[SM-579] Prevent creating secrets not attached to projects (#2754)
* Prevent creating secrets not attached to projects, and prevent updating secrets to remove project relation * Fix test |
3 years ago |
|
cd-bitwarden
|
ec8476912d
|
[SM-381] New secrets access (#2629)
* [SM-66] Create Secret Database Table (#2144) Objective The purpose of this PR is to create a database table, entity, and repository for the new Secret database table. The new Secret table will use entity framework for all database providers. * [SM-67] Get all secrets by org ID (#2163) Add a controller to fetch secrets associated with an organization ID. To note, the [SecretsManager] attribute makes this controller only available for local development. * [SM-68] Add API endpoints for getting, creating, and editing secrets (#2201) The purpose of this PR is to add API endpoints for getting, creating, and editing secrets for the Secrets Manager project. * Move interfaces to core (#2211) * [SM-63] Read UTC DateTimes from databases via EF and order by revision date (#2206) * Read UTC DateTimes from db and order by revision * Move orderby to repo layer * [SM-185] Add EE_Testing_env to server (#2222) * Sm 104 project Database (#2192) * Project DB addition and sprocs * Adding spaces to the end of each file, fixing minor issues * removing useless comments * Adding soft delete proc to migration * Project EF Scaffold * Additional changes to use EF instead of procedures * Adding dependency injection * Fixing lint errors * Bug fixes * Adding migration scripts, removing sproc files, and setting up Entity framework code * Adding back accidentally deleted sproc * Removing files that shouldn't have been created * Lint * Small changes based on Oscar's rec (#2215) * Migrations for making CreateDate not null * adding space to end of file * Making Revision date not null * dotnet format * Adding nonclustered indexes to SQL * SM-104: Update PR with changes Thomas proposed Co-authored-by: CarleyDiaz-Bitwarden <103955722+CarleyDiaz-Bitwarden@users.noreply.github.com> Co-authored-by: Thomas Avery <tavery@bitwarden.com> Co-authored-by: Colton Hurst <colton@coltonhurst.com> * Removing org ID from create request body (#2243) * SM-114: Add create & update project endpoints (#2251) * SM-114: Initial commit with create project endpoint (for SM) * SM-114: Add Update Project route (for SM) * SM-114: Fix file encodings * Fix DI issue for SM Project Create/Update commands * Fix import ordering for linter * SM-114: Remove unneeded lines setting DeletedDate, as it should already be null * SM-114: Only have OrgId in route for CreateProject * Remove unneeded using * SM-114: Initial commit with create project endpoint (for SM) * SM-114: Add Update Project route (for SM) * SM-114: Fix file encodings * Fix DI issue for SM Project Create/Update commands * Fix import ordering for linter * SM-114: Remove unneeded lines setting DeletedDate, as it should already be null * SM-114: Only have OrgId in route for CreateProject * Remove unneeded using * Fully remove OrgId from ProjectCreateRequestModel * [SM-64] Soft Delete Secrets (#2253) * Bulk delete secrets with command unit tests * Controller unit tests * Optimize conditionals * SM-64 bulk delete integration test * fix test * SM-64 code review updated * [SM-65] Fix return empty secrets list (#2281) * Secrets return empty list * [SM-246] Use repository in integration test (#2285) * [SM-190] Add integration tests to Secrets (#2292) * Adding integration tests for the SecretsController Co-authored-by: Hinton <hinton@users.noreply.github.com> * Sm 95 - Adding GetProjects endpoint (#2295) * SM-114: Initial commit with create project endpoint (for SM) * SM-114: Add Update Project route (for SM) * SM-114: Fix file encodings * Fix DI issue for SM Project Create/Update commands * Adding GetProjectsByOrg * fixing merge conflicts * fix * Updating to return empty list * removing null check Co-authored-by: Colton Hurst <colton@coltonhurst.com> Co-authored-by: CarleyDiaz-Bitwarden <103955722+CarleyDiaz-Bitwarden@users.noreply.github.com> * [SM-191] Create ServiceAccount Table (#2301) * SM-191 Create ServiceAccount Table * [SM-207] API for listing service accounts by organization (#2307) * SM-207 list service accounts by org * SM-96: Add ability to get project by id (#2314) * SM-96: Small change to allow getting project by id * Fix whitespace issue * Add first integration test and fix date bug * Ensure tests are consistent * Add more project controller integration tests * Remove commented delete for now * [SM-187] Create ServiceAccounts (#2323) * SM-187 Create & Update ServiceAccounts * Remove extra new line src/Api/Controllers/ServiceAccountsController.cs Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com> * [SM-218] [SM-219] SM Auth flow (#2297) * SM-282 Delete Projects (#2335) * SM-282 delete & bulk delete projects * Have delete commands return tuple with object * Fix admin project not working after secrets manager changes (#2339) * [SM-150] proj and secrets mapping (#2286) * Beggining of changes for Project Secrets mapping * Beggining of changes for project and secrets mapping * Inital changes to add Mapping table for Project Secrets * Resolve migration not working properly * Indent sql * Changes to try and return projects in the GetManyByOrganizaationIDAsync on SecretRepository. * Changes made with Oscar * Add reversemap * running lint and removing comments * Lint fixes * fixing merge issues * Trying to fix the DB issue * DB fixes * fixes * removing unused space * fixing lint issue * final lint fix I hope * removing manually added sql.sqlproj * Lint changes and fixing the sql proj issues * adding ServiceAccount to sql proj * Removing ON DELETE CASCADE * remove On delete cascade * changes for deleting project and secret inside of the Organization_DeleteById procedure. * changes for deleting project and secret inside of the Organization_DeleteById procedure. * migration changes * Updating constraints * removing void * remove spaces * updating cipherRepo tests to be task instead of void * fixing * fixing * test * fix * fix * changes to remove circular dependency * fixes * sending guid and string name of the project over * Update src/Sql/dbo/Tables/Secret.sql Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com> * Update src/Sql/dbo/Tables/Project.sql Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com> * removing unused code * Potential refactor (#2340) * migrations * Postgres migraiton * Update src/Api/SecretManagerFeatures/Models/Response/SecretResponseModel.cs Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com> * rename file * Update util/Migrator/DbScripts/2022-09-19_00_ProjectSecret.sql Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com> * Lint fixes * removing extra semi colon * removing circular references with projects and secrets * adding back projects * Add ProjectFixture * Update util/Migrator/DbScripts/2022-09-19_00_ProjectSecret.sql Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com> * Update util/Migrator/DbScripts/2022-09-19_00_ProjectSecret.sql Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com> Co-authored-by: CarleyDiaz-Bitwarden <103955722+CarleyDiaz-Bitwarden@users.noreply.github.com> Co-authored-by: Hinton <hinton@users.noreply.github.com> * [SM-300] Access token endpoint (#2377) * [SM-324] Add Organization to JWT claim (#2379) * [SM-259] Add create access token endpoint for service accounts (#2411) * Add create access token for service accounts * [SM-259] Fix create access token scope initialization (#2418) * Fix namespace for ServiceAccount command tests * Remove "this" from SecretsManager requests * Fix have scope be assigned a JSON list * SM-99: Individual Project / Secrets Tab (#2399) Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com> * [SM-361] Add Support for never expiring ApiKeys (#2450) * Update database to support never expiring ApiKey * Update Api to support never expiring ApiKeys * Fix unit test variable naming * Remove required from model * Fix spacing * Add EF migrations * Run dotnet format * Update util/Migrator/DbScripts/2022-11-29_00_ApiKey_Never_Expire.sql Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com> Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com> * [SM-359] Fix project secrets migration (#2443) * [SM-299] Add UseSecretsManager flag (#2413) * [SM-193] Access Policy (#2359) * [SM-371] Fix and re-enable parallel integration tests (#2460) * Fix and re-enable parallel integration tests * Fix package lock files * Move fix to ApiApplicationFactory * Run dotnet restore --force * Run dotnet format * Reset packages.lock.json files * Add project access checks for listing * SM-99: Add CreateSecretWithProject Integration Test (#2452) * Add GetSecretsByProjectAsync endpoint * Add GetManyByProjectIdAsync endpoint * Update response model for GetSecretsByProjectAsync * Include projects when returning secrets by project id * SM-99: Add ability to specify projectId when creating a secret * SM-99: Update tests to accomodate for new create secret parameter * Fix failing test * SM-99: Handle optional projectId for new secret in ToSecret() * SM-99: Filter out deleted secrets on GetManyByProjectIdAsync() and small refactorings * SM-99: make CreateAsync for secret more clear * Add CreateSecretWithProject integration test * Fix CreateSecretWithProject integration test for SM-99 * Run dotnet format * Undo added space * Refactor test * Refactor CreateSecretWithProject API Integration test again * Change to boolean flag * [SM-379] Add SDK device type (#2486) * Add support for service accounts * Improve logic for project repository * Add remaining client types * Experiment with separate enum for access control * Add access checks to update project * Rework AccessClientType * Add access checks to fetching project * Add checks to delete project command (untested) * Remove some service account stuff * Add ServiceAccount to AccessClientType * Change CS8509 to error and 8424 to ignore * Remove unused utcNow * Fix delete tests * SM-73 changes (#2422) * testing * test2 * testing * trying to save the projects associated with the secret * changes * more changes * Fix EF error * Second attempt * Replace AddIfNotExists with Add. * changes * fixing await issue * lint * lint fixes * suggested changes * suggested changes * updating tests * fixing tests 2 * fixing tests * fixing test * fixing test * fixing tests * test * testing * fixing tests for the millionth time * fixing tests * allowing nulls for projectIds, fixing lint * fixing tests Co-authored-by: Hinton <hinton@users.noreply.github.com> * fixing tests * fixing tests * [SM-222] [SM-357] Squash Secrets Manager migrations (#2540) * Fix tables not being cleaned up * Fix migration * Squash secrets manager migrations * Reset EF to pre SM state * Add EF migrations * Fix unified docker * Add missed copy * Fix all unit tests * draft changes to add access checks to secrets * updating code * more changes * fixing issues * updating logic for access checks * updating secrets controller * changes * changes * merging more * changes * updateS * removing unused comment * changes requested by Thomas * more changes suggested by Thomas * making thomas's suggested changes * final changes * Run dotnet format * fixes * run dotnet format * Updating tests * Suggested changes * lint fixes * Test updates * Changes * Fixes for tests, and dotnet format * Fixes * test fixes * changes * fix * fix * test fix * removing duplicate * Removing dupe --------- Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com> Co-authored-by: CarleyDiaz-Bitwarden <103955722+CarleyDiaz-Bitwarden@users.noreply.github.com> Co-authored-by: Thomas Avery <tavery@bitwarden.com> Co-authored-by: Colton Hurst <colton@coltonhurst.com> |
3 years ago |
|
Oscar Hinton
|
cf25d55090
|
[SM-378] Enable SM on a user basis (#2590)
* Add support for giving individual users access to secrets manager |
3 years ago |
|
Oscar Hinton
|
59f5285c88
|
[SM-460] Isolate SecretsManager files (#2616)
Move SecretsManager files to directories called SecretsManager and add CodeOwners |
3 years ago |
|
Thomas Avery
|
41d1e48823
|
Use response models in Api integration tests (#2592)
|
3 years ago |
|
Oscar Hinton
|
1f0fc43278
|
[SM-394] Secrets Manager (#2164)
Long lived feature branch for Secrets Manager Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> Co-authored-by: cd-bitwarden <106776772+cd-bitwarden@users.noreply.github.com> Co-authored-by: CarleyDiaz-Bitwarden <103955722+CarleyDiaz-Bitwarden@users.noreply.github.com> Co-authored-by: Thomas Avery <tavery@bitwarden.com> Co-authored-by: Colton Hurst <colton@coltonhurst.com> |
3 years ago |