admin/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2026-01-31 14:13:18 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
06c9b123f9adf3fde1cf32ec79711ad217b81472
server/src/Api/Controllers/OrganizationsController.cs

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

662 lines
24 KiB
C#
Raw Normal View History

Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
using System;
using System.Linq;
Start Migration from Newtonsoft.Json to System.Text.Json (#1803) * Start switch to System.Text.Json * Work on switching to System.Text.Json * Main work on STJ refactor * Fix build errors * Run formatting * Delete unused file * Use legacy for two factor providers * Run formatter * Add TokenProviderTests * Run formatting * Fix merge issues * Switch to use JsonSerializer * Address PR feedback * Fix formatting * Ran formatter * Switch to async * Ensure Enums are serialized as strings * Fix formatting * Enqueue single items as arrays * Remove CreateAsync method on AzureQueueService
2022-01-21 09:36:25 -05:00
using System.Text.Json;
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
using System.Threading.Tasks;
Move request/response models (#1754)
2021-12-14 15:05:07 +00:00
using Bit.Api.Models.Request;
using Bit.Api.Models.Request.Accounts;
using Bit.Api.Models.Request.Organizations;
using Bit.Api.Models.Response;
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
using Bit.Api.Utilities;
using Bit.Core.Context;
Only org policy (#962) * added OnlyOrg to PolicyType enum * blocked accepting new org invitations if OnlyOrg is relevant to the userOrg * blocked creating new orgs if already in an org with OnlyOrg enabled * created email alert for OnlyOrg policy * removed users & sent alerts when appropriate for the OnlyOrg policy * added method to noop mail service * cleanup for OnlyOrg policy server logic * blocked confirming new org users if they have violated the OnlyOrg policy since accepting * added localization strings needed for the OnlyOrg policy * allowed OnlyOrg policy configuration from the portal * used correct localization key for onlyorg * formatting and messaging changes for OnlyOrg * formatting * messaging change * code review changes for onlyorg * slimmed down a conditional * optimized getting many orgUser records from many userIds * removed a test file * sql formatting * weirdness * trying to resolve git diff formatting issues
2020-10-20 02:48:10 -04:00
using Bit.Core.Enums;
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
using Bit.Core.Exceptions;
create org with license file
2017-08-14 20:57:45 -04:00
using Bit.Core.Models.Business;
[Reset Password] Get/Post Org Keys and API updates (#1323) * [Reset Password] Organization Keys APIs * Updated details response to include private key and added more security checks for reset password methods * Added org type and policy security checks to the enrollment api * Updated based on PR feedback * Added org user type permission checks * Added TODO for email to user * Removed unecessary policyRepository object
2021-05-19 09:40:32 -05:00
using Bit.Core.Models.Data;
limit edit functions to cloud hosted
2018-03-23 09:44:48 -04:00
using Bit.Core.Repositories;
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
using Bit.Core.Services;
Use sas token for attachment downloads (#1153) * Get limited life attachment download URL This change limits url download to a 1min lifetime. This requires moving to a new container to allow for non-public blob access. Clients will have to call GetAttachmentData api function to receive the download URL. For backwards compatibility, attachment URLs are still present, but will not work for attachments stored in non-public access blobs. * Make GlobalSettings interface for testing * Test LocalAttachmentStorageService equivalence * Remove comment * Add missing globalSettings using * Simplify default attachment container * Default to attachments containe for existing methods A new upload method will be made for uploading to attachments-v2. For compatibility for clients which don't use these new methods, we need to still use the old container. The new container will be used only for new uploads * Remove Default MetaData fixture. * Keep attachments container blob-level security for all instances * Close unclosed FileStream * Favor default value for noop services
2021-02-22 15:35:16 -06:00
using Bit.Core.Settings;
create org with license file
2017-08-14 20:57:45 -04:00
using Bit.Core.Utilities;
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace Bit.Api.Controllers
{
[Route("organizations")]
[Authorize("Application")]
public class OrganizationsController : Controller
{
private readonly IOrganizationRepository _organizationRepository;
organization signup apis and data model changes
2017-03-03 00:07:11 -05:00
private readonly IOrganizationUserRepository _organizationUserRepository;
[SSO Auto Enroll] Add API for auto enroll status retrieval (#1583) * [SSO Auto Enroll] Add API for auto enroll status retrieval * Add another user check to API * Updated vague boolean name
2021-09-15 12:23:47 -05:00
private readonly IPolicyRepository _policyRepository;
organization signup apis and data model changes
2017-03-03 00:07:11 -05:00
private readonly IOrganizationService _organizationService;
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
private readonly IUserService _userService;
inject stripepaymentservice
2019-02-08 23:53:09 -05:00
private readonly IPaymentService _paymentService;
Add disable send policy (#1130) * Add Disable Send policy * Test DisableSend policy * PR Review * Update tests for using CurrentContext This required making an interface for CurrentContext and mocking out the members used. The interface can be expanded as needed for tests. I moved CurrentContext to a folder, which changes the namespace and causes a lot of file touches, but most are just adding a reference * Fix failing test * Update exemption to include all exempt users * Move all CurrentContext usages to ICurrentContext * PR review. Match messaging with Web
2021-02-04 12:54:21 -06:00
private readonly ICurrentContext _currentContext;
Remove Business Portal (#1614)
2021-10-06 10:39:13 +02:00
private readonly ISsoConfigRepository _ssoConfigRepository;
private readonly ISsoConfigService _ssoConfigService;
billing response for org
2017-08-14 22:05:37 -04:00
private readonly GlobalSettings _globalSettings;
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
public OrganizationsController(
IOrganizationRepository organizationRepository,
organization signup apis and data model changes
2017-03-03 00:07:11 -05:00
IOrganizationUserRepository organizationUserRepository,
[SSO Auto Enroll] Add API for auto enroll status retrieval (#1583) * [SSO Auto Enroll] Add API for auto enroll status retrieval * Add another user check to API * Updated vague boolean name
2021-09-15 12:23:47 -05:00
IPolicyRepository policyRepository,
organization signup apis and data model changes
2017-03-03 00:07:11 -05:00
IOrganizationService organizationService,
org context checks in org apis. remove depr. code
2017-04-05 16:13:40 -04:00
IUserService userService,
inject stripepaymentservice
2019-02-08 23:53:09 -05:00
IPaymentService paymentService,
Add disable send policy (#1130) * Add Disable Send policy * Test DisableSend policy * PR Review * Update tests for using CurrentContext This required making an interface for CurrentContext and mocking out the members used. The interface can be expanded as needed for tests. I moved CurrentContext to a folder, which changes the namespace and causes a lot of file touches, but most are just adding a reference * Fix failing test * Update exemption to include all exempt users * Move all CurrentContext usages to ICurrentContext * PR review. Match messaging with Web
2021-02-04 12:54:21 -06:00
ICurrentContext currentContext,
Remove Business Portal (#1614)
2021-10-06 10:39:13 +02:00
ISsoConfigRepository ssoConfigRepository,
ISsoConfigService ssoConfigService,
Extract single-org policy check to OrganizationService (#1410)
2021-06-30 09:21:41 +02:00
GlobalSettings globalSettings)
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
{
_organizationRepository = organizationRepository;
organization signup apis and data model changes
2017-03-03 00:07:11 -05:00
_organizationUserRepository = organizationUserRepository;
[SSO Auto Enroll] Add API for auto enroll status retrieval (#1583) * [SSO Auto Enroll] Add API for auto enroll status retrieval * Add another user check to API * Updated vague boolean name
2021-09-15 12:23:47 -05:00
_policyRepository = policyRepository;
organization signup apis and data model changes
2017-03-03 00:07:11 -05:00
_organizationService = organizationService;
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
_userService = userService;
inject stripepaymentservice
2019-02-08 23:53:09 -05:00
_paymentService = paymentService;
org context checks in org apis. remove depr. code
2017-04-05 16:13:40 -04:00
_currentContext = currentContext;
Remove Business Portal (#1614)
2021-10-06 10:39:13 +02:00
_ssoConfigRepository = ssoConfigRepository;
_ssoConfigService = ssoConfigService;
billing response for org
2017-08-14 22:05:37 -04:00
_globalSettings = globalSettings;
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
}
[HttpGet("{id}")]
org apis
2017-03-03 21:53:27 -05:00
public async Task<OrganizationResponseModel> Get(string id)
{
rework permission checks on org apis
2017-04-06 13:21:26 -04:00
var orgIdGuid = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationOwner(orgIdGuid))
rework permission checks on org apis
2017-04-06 13:21:26 -04:00
{
throw new NotFoundException();
}
var organization = await _organizationRepository.GetByIdAsync(orgIdGuid);
Changed all C# control flow block statements to include space between keyword and open paren
2020-03-27 14:36:37 -04:00
if (organization == null)
org apis
2017-03-03 21:53:27 -05:00
{
throw new NotFoundException();
}
return new OrganizationResponseModel(organization);
}
rework permission checks on org apis
2017-04-06 13:21:26 -04:00
[HttpGet("{id}/billing")]
apis for subscription vs billing
2019-02-18 15:40:47 -05:00
[SelfHosted(NotSelfHostedOnly = true)]
public async Task<BillingResponseModel> GetBilling(string id)
rework permission checks on org apis
2017-04-06 13:21:26 -04:00
{
var orgIdGuid = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationOwner(orgIdGuid))
rework permission checks on org apis
2017-04-06 13:21:26 -04:00
{
throw new NotFoundException();
}
var organization = await _organizationRepository.GetByIdAsync(orgIdGuid);
Changed all C# control flow block statements to include space between keyword and open paren
2020-03-27 14:36:37 -04:00
if (organization == null)
rework permission checks on org apis
2017-04-06 13:21:26 -04:00
{
throw new NotFoundException();
}
apis for subscription vs billing
2019-02-18 15:40:47 -05:00
var billingInfo = await _paymentService.GetBillingAsync(organization);
return new BillingResponseModel(billingInfo);
rework permission checks on org apis
2017-04-06 13:21:26 -04:00
}
apis for subscription vs billing
2019-02-18 15:40:47 -05:00
[HttpGet("{id}/subscription")]
public async Task<OrganizationSubscriptionResponseModel> GetSubscription(string id)
invoice pdf generation api
2017-10-25 00:45:11 -04:00
{
var orgIdGuid = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationOwner(orgIdGuid))
invoice pdf generation api
2017-10-25 00:45:11 -04:00
{
throw new NotFoundException();
}
var organization = await _organizationRepository.GetByIdAsync(orgIdGuid);
Changed all C# control flow block statements to include space between keyword and open paren
2020-03-27 14:36:37 -04:00
if (organization == null)
invoice pdf generation api
2017-10-25 00:45:11 -04:00
{
throw new NotFoundException();
}
Changed all C# control flow block statements to include space between keyword and open paren
2020-03-27 14:36:37 -04:00
if (!_globalSettings.SelfHosted && organization.Gateway != null)
invoice pdf generation api
2017-10-25 00:45:11 -04:00
{
apis for subscription vs billing
2019-02-18 15:40:47 -05:00
var subscriptionInfo = await _paymentService.GetSubscriptionAsync(organization);
Changed all C# control flow block statements to include space between keyword and open paren
2020-03-27 14:36:37 -04:00
if (subscriptionInfo == null)
invoice pdf generation api
2017-10-25 00:45:11 -04:00
{
apis for subscription vs billing
2019-02-18 15:40:47 -05:00
throw new NotFoundException();
invoice pdf generation api
2017-10-25 00:45:11 -04:00
}
apis for subscription vs billing
2019-02-18 15:40:47 -05:00
return new OrganizationSubscriptionResponseModel(organization, subscriptionInfo);
}
else
{
return new OrganizationSubscriptionResponseModel(organization);
invoice pdf generation api
2017-10-25 00:45:11 -04:00
}
}
api get generating organization license
2017-08-14 22:16:30 -04:00
[HttpGet("{id}/license")]
GetLicense API is for only not self hosted
2017-08-14 22:17:21 -04:00
[SelfHosted(NotSelfHostedOnly = true)]
api get generating organization license
2017-08-14 22:16:30 -04:00
public async Task<OrganizationLicense> GetLicense(string id, [FromQuery] Guid installationId)
{
var orgIdGuid = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationOwner(orgIdGuid))
api get generating organization license
2017-08-14 22:16:30 -04:00
{
throw new NotFoundException();
}
installation validation and self host applied
2017-08-15 16:11:08 -04:00
var license = await _organizationService.GenerateLicenseAsync(orgIdGuid, installationId);
Changed all C# control flow block statements to include space between keyword and open paren
2020-03-27 14:36:37 -04:00
if (license == null)
api get generating organization license
2017-08-14 22:16:30 -04:00
{
throw new NotFoundException();
}
installation validation and self host applied
2017-08-15 16:11:08 -04:00
return license;
api get generating organization license
2017-08-14 22:16:30 -04:00
}
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
[HttpGet("")]
return ProfileOrganizationResponseModel for /organizations (#1016)
2020-12-01 16:43:07 -05:00
public async Task<ListResponseModel<ProfileOrganizationResponseModel>> GetUser()
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
{
var userId = _userService.GetProperUserId(User).Value;
Ensure that users are confirmed status (#1033)
2020-12-09 12:04:14 -05:00
var organizations = await _organizationUserRepository.GetManyDetailsByUserAsync(userId,
OrganizationUserStatusType.Confirmed);
return ProfileOrganizationResponseModel for /organizations (#1016)
2020-12-01 16:43:07 -05:00
var responses = organizations.Select(o => new ProfileOrganizationResponseModel(o));
return new ListResponseModel<ProfileOrganizationResponseModel>(responses);
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
}
Run dotnet format (#1764)
2021-12-16 15:35:09 +01:00
[SSO Auto Enroll] Add API for auto enroll status retrieval (#1583) * [SSO Auto Enroll] Add API for auto enroll status retrieval * Add another user check to API * Updated vague boolean name
2021-09-15 12:23:47 -05:00
[HttpGet("{identifier}/auto-enroll-status")]
public async Task<OrganizationAutoEnrollStatusResponseModel> GetAutoEnrollStatus(string identifier)
{
var user = await _userService.GetUserByPrincipalAsync(User);
if (user == null)
{
throw new UnauthorizedAccessException();
}
Run dotnet format (#1764)
2021-12-16 15:35:09 +01:00
[SSO Auto Enroll] Add API for auto enroll status retrieval (#1583) * [SSO Auto Enroll] Add API for auto enroll status retrieval * Add another user check to API * Updated vague boolean name
2021-09-15 12:23:47 -05:00
var organization = await _organizationRepository.GetByIdentifierAsync(identifier);
if (organization == null)
{
throw new NotFoundException();
}
var organizationUser = await _organizationUserRepository.GetByOrganizationAsync(organization.Id, user.Id);
if (organizationUser == null)
{
throw new NotFoundException();
}
var resetPasswordPolicy =
await _policyRepository.GetByOrganizationIdTypeAsync(organization.Id, PolicyType.ResetPassword);
if (resetPasswordPolicy == null || !resetPasswordPolicy.Enabled || resetPasswordPolicy.Data == null)
{
return new OrganizationAutoEnrollStatusResponseModel(organization.Id, false);
}
Run dotnet format (#1764)
2021-12-16 15:35:09 +01:00
Ignore case on AutoEnrollEnabled so it is deserialized properly (#1900)
2022-03-07 16:53:30 -05:00
var data = JsonSerializer.Deserialize<ResetPasswordDataModel>(resetPasswordPolicy.Data, JsonHelpers.IgnoreCase);
[SSO Auto Enroll] Add API for auto enroll status retrieval (#1583) * [SSO Auto Enroll] Add API for auto enroll status retrieval * Add another user check to API * Updated vague boolean name
2021-09-15 12:23:47 -05:00
return new OrganizationAutoEnrollStatusResponseModel(organization.Id, data?.AutoEnrollEnabled ?? false);
}
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
[HttpPost("")]
create org with license file
2017-08-14 20:57:45 -04:00
[SelfHosted(NotSelfHostedOnly = true)]
org context checks in org apis. remove depr. code
2017-04-05 16:13:40 -04:00
public async Task<OrganizationResponseModel> Post([FromBody] OrganizationCreateRequestModel model)
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
{
organization signup apis and data model changes
2017-03-03 00:07:11 -05:00
var user = await _userService.GetUserByPrincipalAsync(User);
Changed all C# control flow block statements to include space between keyword and open paren
2020-03-27 14:36:37 -04:00
if (user == null)
user null checks for unauthorized
2017-06-02 13:17:46 -04:00
{
throw new UnauthorizedAccessException();
}
organization signup apis and data model changes
2017-03-03 00:07:11 -05:00
var organizationSignup = model.ToOrganizationSignup(user);
var result = await _organizationService.SignUpAsync(organizationSignup);
org context checks in org apis. remove depr. code
2017-04-05 16:13:40 -04:00
return new OrganizationResponseModel(result.Item1);
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
}
create org with license file
2017-08-14 20:57:45 -04:00
[HttpPost("license")]
[SelfHosted(SelfHostedOnly = true)]
public async Task<OrganizationResponseModel> PostLicense(OrganizationCreateLicenseRequestModel model)
{
var user = await _userService.GetUserByPrincipalAsync(User);
Changed all C# control flow block statements to include space between keyword and open paren
2020-03-27 14:36:37 -04:00
if (user == null)
create org with license file
2017-08-14 20:57:45 -04:00
{
throw new UnauthorizedAccessException();
}
var license = await ApiHelpers.ReadJsonFileFromBody<OrganizationLicense>(HttpContext, model.License);
Changed all C# control flow block statements to include space between keyword and open paren
2020-03-27 14:36:37 -04:00
if (license == null)
create org with license file
2017-08-14 20:57:45 -04:00
{
throw new BadRequestException("Invalid license");
}
[Reset Password] Organization Key Pair (#1292) * [Reset Password] Organization Key Pair * Fixed type in Organization_ReadAbilites sproc * Fixed broken unit test by making sure premium addon was false * Updated PublicKey decorator and removed unecessary validation
2021-05-06 14:53:12 -05:00
var result = await _organizationService.SignUpAsync(license, user, model.Key,
model.CollectionName, model.Keys?.PublicKey, model.Keys?.EncryptedPrivateKey);
create org with license file
2017-08-14 20:57:45 -04:00
return new OrganizationResponseModel(result.Item1);
}
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
[HttpPut("{id}")]
[HttpPost("{id}")]
public async Task<OrganizationResponseModel> Put(string id, [FromBody] OrganizationUpdateRequestModel model)
{
rework permission checks on org apis
2017-04-06 13:21:26 -04:00
var orgIdGuid = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationOwner(orgIdGuid))
rework permission checks on org apis
2017-04-06 13:21:26 -04:00
{
throw new NotFoundException();
}
var organization = await _organizationRepository.GetByIdAsync(orgIdGuid);
Changed all C# control flow block statements to include space between keyword and open paren
2020-03-27 14:36:37 -04:00
if (organization == null)
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
{
throw new NotFoundException();
}
Allow org update api on self hosted for identifier only (#898)
2020-08-28 11:22:19 -04:00
var updatebilling = !_globalSettings.SelfHosted && (model.BusinessName != organization.BusinessName ||
model.BillingEmail != organization.BillingEmail);
update billing only if something changes
2017-04-10 20:02:26 -04:00
Allow org update api on self hosted for identifier only (#898)
2020-08-28 11:22:19 -04:00
await _organizationService.UpdateAsync(model.ToOrganization(organization, _globalSettings), updatebilling);
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
return new OrganizationResponseModel(organization);
}
change payment API
2017-04-08 16:41:40 -04:00
[HttpPost("{id}/payment")]
create org with license file
2017-08-14 20:57:45 -04:00
[SelfHosted(NotSelfHostedOnly = true)]
api cleanup
2018-07-16 17:20:57 -04:00
public async Task PostPayment(string id, [FromBody] PaymentRequestModel model)
change payment API
2017-04-08 16:41:40 -04:00
{
var orgIdGuid = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationOwner(orgIdGuid))
change payment API
2017-04-08 16:41:40 -04:00
{
throw new NotFoundException();
}
Remove erroneous whitespace
2020-06-17 20:02:38 -04:00
add support for passing payment method type
2019-02-19 17:13:21 -05:00
await _organizationService.ReplacePaymentMethodAsync(orgIdGuid, model.PaymentToken,
combined tax updates with other operations
2020-06-17 19:49:27 -04:00
model.PaymentMethodType.Value, new TaxInfo
{
BillingAddressLine1 = model.Line1,
BillingAddressLine2 = model.Line2,
BillingAddressState = model.State,
BillingAddressCity = model.City,
BillingAddressPostalCode = model.PostalCode,
BillingAddressCountry = model.Country,
TaxIdNumber = model.TaxId,
});
change payment API
2017-04-08 16:41:40 -04:00
}
remove jsreport pdfs. use stripe invoice pages.
2018-09-13 16:03:04 -04:00
api endpoints for seats, upgrade, and cancel org
2017-04-10 11:49:53 -04:00
[HttpPost("{id}/upgrade")]
create org with license file
2017-08-14 20:57:45 -04:00
[SelfHosted(NotSelfHostedOnly = true)]
payment intent/method support for incomplete status
2019-08-09 23:56:26 -04:00
public async Task<PaymentResponseModel> PostUpgrade(string id, [FromBody] OrganizationUpgradeRequestModel model)
api endpoints for seats, upgrade, and cancel org
2017-04-10 11:49:53 -04:00
{
var orgIdGuid = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationOwner(orgIdGuid))
api endpoints for seats, upgrade, and cancel org
2017-04-10 11:49:53 -04:00
{
throw new NotFoundException();
}
payment intent/method support for incomplete status
2019-08-09 23:56:26 -04:00
var result = await _organizationService.UpgradePlanAsync(orgIdGuid, model.ToOrganizationUpgrade());
return new PaymentResponseModel
{
Success = result.Item1,
PaymentIntentClientSecret = result.Item2
};
api endpoints for seats, upgrade, and cancel org
2017-04-10 11:49:53 -04:00
}
remove jsreport pdfs. use stripe invoice pages.
2018-09-13 16:03:04 -04:00
Organization autoscaling (#1585) * Add autoscale fields to Organization * Add autoscale setting changes * Autoscale organizations updates InviteUsersAsync to support all invite sources. sends an email to org owners when organization autoscaled * All organizations autoscale Disabling autoscaling can be done by setting max seats to current seats. We only warn about autoscaling on the first autoscaling event. * Fix tests * Bug fixes * Simplify subscription update logic * Void invoices that fail to delete Stripe no longer allows deletion of draft invoices that were created as part of subscription updates. It's necessary to void out these invoices without sending tem to the client. * Notify org owners when their subscription runs out of seats * Use datetime for notifications Allows for later re-sending email if we want to periodically remind owners * Do not update subscription if it already matches new quatity * Include all migrations * Remove unnecessary inline styling * SubscriptionUpdate handles update decisions * Remove unnecessary html setter * PR review * Use minimum access for class methods
2021-09-23 06:36:08 -04:00
[HttpPost("{id}/subscription")]
[SelfHosted(NotSelfHostedOnly = true)]
public async Task PostSubscription(string id, [FromBody] OrganizationSubscriptionUpdateRequestModel model)
{
var orgIdGuid = new Guid(id);
if (!await _currentContext.OrganizationOwner(orgIdGuid))
{
throw new NotFoundException();
}
await _organizationService.UpdateSubscription(orgIdGuid, model.SeatAdjustment, model.MaxAutoscaleSeats);
}
api endpoints for seats, upgrade, and cancel org
2017-04-10 11:49:53 -04:00
[HttpPost("{id}/seat")]
create org with license file
2017-08-14 20:57:45 -04:00
[SelfHosted(NotSelfHostedOnly = true)]
PaymentResponseModel for storage and seat adjustments
2019-08-12 10:03:50 -04:00
public async Task<PaymentResponseModel> PostSeat(string id, [FromBody] OrganizationSeatRequestModel model)
api endpoints for seats, upgrade, and cancel org
2017-04-10 11:49:53 -04:00
{
var orgIdGuid = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationOwner(orgIdGuid))
api endpoints for seats, upgrade, and cancel org
2017-04-10 11:49:53 -04:00
{
throw new NotFoundException();
}
PaymentResponseModel for storage and seat adjustments
2019-08-12 10:03:50 -04:00
var result = await _organizationService.AdjustSeatsAsync(orgIdGuid, model.SeatAdjustment.Value);
return new PaymentResponseModel
{
Success = true,
PaymentIntentClientSecret = result
};
api endpoints for seats, upgrade, and cancel org
2017-04-10 11:49:53 -04:00
}
remove jsreport pdfs. use stripe invoice pages.
2018-09-13 16:03:04 -04:00
storage adjustment and billing fixes
2017-07-11 10:59:59 -04:00
[HttpPost("{id}/storage")]
create org with license file
2017-08-14 20:57:45 -04:00
[SelfHosted(NotSelfHostedOnly = true)]
adjust storage with payment intent/method handling
2019-08-10 12:59:32 -04:00
public async Task<PaymentResponseModel> PostStorage(string id, [FromBody] StorageRequestModel model)
storage adjustment and billing fixes
2017-07-11 10:59:59 -04:00
{
var orgIdGuid = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationOwner(orgIdGuid))
storage adjustment and billing fixes
2017-07-11 10:59:59 -04:00
{
throw new NotFoundException();
}
adjust storage with payment intent/method handling
2019-08-10 12:59:32 -04:00
var result = await _organizationService.AdjustStorageAsync(orgIdGuid, model.StorageGbAdjustment.Value);
return new PaymentResponseModel
{
Success = true,
PaymentIntentClientSecret = result
};
storage adjustment and billing fixes
2017-07-11 10:59:59 -04:00
}
billing response for org
2017-08-14 22:05:37 -04:00
verify bank api
2017-08-14 09:23:54 -04:00
[HttpPost("{id}/verify-bank")]
create org with license file
2017-08-14 20:57:45 -04:00
[SelfHosted(NotSelfHostedOnly = true)]
verify bank api
2017-08-14 09:23:54 -04:00
public async Task PostVerifyBank(string id, [FromBody] OrganizationVerifyBankRequestModel model)
{
var orgIdGuid = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationOwner(orgIdGuid))
verify bank api
2017-08-14 09:23:54 -04:00
{
throw new NotFoundException();
}
await _organizationService.VerifyBankAsync(orgIdGuid, model.Amount1.Value, model.Amount2.Value);
}
remove jsreport pdfs. use stripe invoice pages.
2018-09-13 16:03:04 -04:00
api endpoints for seats, upgrade, and cancel org
2017-04-10 11:49:53 -04:00
[HttpPost("{id}/cancel")]
create org with license file
2017-08-14 20:57:45 -04:00
[SelfHosted(NotSelfHostedOnly = true)]
api cleanup
2018-07-16 17:20:57 -04:00
public async Task PostCancel(string id)
api endpoints for seats, upgrade, and cancel org
2017-04-10 11:49:53 -04:00
{
var orgIdGuid = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationOwner(orgIdGuid))
api endpoints for seats, upgrade, and cancel org
2017-04-10 11:49:53 -04:00
{
throw new NotFoundException();
}
cancel sub completely if past exp date
2018-12-31 13:34:02 -05:00
await _organizationService.CancelSubscriptionAsync(orgIdGuid);
api endpoints for seats, upgrade, and cancel org
2017-04-10 11:49:53 -04:00
}
remove jsreport pdfs. use stripe invoice pages.
2018-09-13 16:03:04 -04:00
change "uncancel" to reinstate. fix rename error.
2017-04-10 18:20:21 -04:00
[HttpPost("{id}/reinstate")]
create org with license file
2017-08-14 20:57:45 -04:00
[SelfHosted(NotSelfHostedOnly = true)]
api cleanup
2018-07-16 17:20:57 -04:00
public async Task PostReinstate(string id)
uncancel and manual prograte billing if add seats
2017-04-10 16:42:53 -04:00
{
var orgIdGuid = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationOwner(orgIdGuid))
uncancel and manual prograte billing if add seats
2017-04-10 16:42:53 -04:00
{
throw new NotFoundException();
}
change "uncancel" to reinstate. fix rename error.
2017-04-10 18:20:21 -04:00
await _organizationService.ReinstateSubscriptionAsync(orgIdGuid);
uncancel and manual prograte billing if add seats
2017-04-10 16:42:53 -04:00
}
leave org apis
2017-04-12 10:07:27 -04:00
[HttpPost("{id}/leave")]
public async Task Leave(string id)
{
var orgGuidId = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationUser(orgGuidId))
leave org apis
2017-04-12 10:07:27 -04:00
{
throw new NotFoundException();
}
Fix null error when leaving organization (#1730) * Fix null error when leaving organization * Update tests
2021-11-22 19:55:25 +10:00
var user = await _userService.GetUserByPrincipalAsync(User);
[Key Connector] Prevent user from leaving org (#1715) * Block user from leaving org using Key Connector * Add tests
2021-11-15 19:46:13 +10:00
var ssoConfig = await _ssoConfigRepository.GetByOrganizationIdAsync(orgGuidId);
Fix bug preventing user from leaving org (#1721)
2021-11-18 21:15:22 +10:00
if (ssoConfig?.GetData()?.KeyConnectorEnabled == true &&
Fix null error when leaving organization (#1730) * Fix null error when leaving organization * Update tests
2021-11-22 19:55:25 +10:00
user.UsesKeyConnector)
[Key Connector] Prevent user from leaving org (#1715) * Block user from leaving org using Key Connector * Add tests
2021-11-15 19:46:13 +10:00
{
Update error message for leaving org with CME (#1729)
2021-11-22 08:22:28 +10:00
throw new BadRequestException("Your organization's Single Sign-On settings prevent you from leaving.");
[Key Connector] Prevent user from leaving org (#1715) * Block user from leaving org using Key Connector * Add tests
2021-11-15 19:46:13 +10:00
}
Run dotnet format (#1764)
2021-12-16 15:35:09 +01:00
Fix null error when leaving organization (#1730) * Fix null error when leaving organization * Update tests
2021-11-22 19:55:25 +10:00
await _organizationService.DeleteUserAsync(orgGuidId, user.Id);
leave org apis
2017-04-12 10:07:27 -04:00
}
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
[HttpDelete("{id}")]
[HttpPost("{id}/delete")]
Add support for Key Connector OTP and account migration (#1663) Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2021-11-09 16:37:32 +01:00
public async Task Delete(string id, [FromBody] SecretVerificationRequestModel model)
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
{
rework permission checks on org apis
2017-04-06 13:21:26 -04:00
var orgIdGuid = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationOwner(orgIdGuid))
rework permission checks on org apis
2017-04-06 13:21:26 -04:00
{
throw new NotFoundException();
}
var organization = await _organizationRepository.GetByIdAsync(orgIdGuid);
Changed all C# control flow block statements to include space between keyword and open paren
2020-03-27 14:36:37 -04:00
if (organization == null)
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
{
throw new NotFoundException();
}
delete organization
2017-04-11 10:52:28 -04:00
var user = await _userService.GetUserByPrincipalAsync(User);
Changed all C# control flow block statements to include space between keyword and open paren
2020-03-27 14:36:37 -04:00
if (user == null)
user null checks for unauthorized
2017-06-02 13:17:46 -04:00
{
throw new UnauthorizedAccessException();
}
Add support for Key Connector OTP and account migration (#1663) Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2021-11-09 16:37:32 +01:00
if (!await _userService.VerifySecretAsync(user, model.Secret))
delete organization
2017-04-11 10:52:28 -04:00
{
await Task.Delay(2000);
Add support for Key Connector OTP and account migration (#1663) Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2021-11-09 16:37:32 +01:00
throw new BadRequestException(string.Empty, "User verification failed.");
delete organization
2017-04-11 10:52:28 -04:00
}
else
{
await _organizationService.DeleteAsync(organization);
}
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
}
remove jsreport pdfs. use stripe invoice pages.
2018-09-13 16:03:04 -04:00
update org license API
2017-08-14 21:25:06 -04:00
[HttpPost("{id}/license")]
[SelfHosted(SelfHostedOnly = true)]
api cleanup
2018-07-16 17:20:57 -04:00
public async Task PostLicense(string id, LicenseRequestModel model)
update org license API
2017-08-14 21:25:06 -04:00
{
var orgIdGuid = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationOwner(orgIdGuid))
update org license API
2017-08-14 21:25:06 -04:00
{
throw new NotFoundException();
}
billing response for org
2017-08-14 22:05:37 -04:00
var license = await ApiHelpers.ReadJsonFileFromBody<OrganizationLicense>(HttpContext, model.License);
Changed all C# control flow block statements to include space between keyword and open paren
2020-03-27 14:36:37 -04:00
if (license == null)
update org license API
2017-08-14 21:25:06 -04:00
{
throw new BadRequestException("Invalid license");
}
billing response for org
2017-08-14 22:05:37 -04:00
await _organizationService.UpdateLicenseAsync(new Guid(id), license);
update org license API
2017-08-14 21:25:06 -04:00
}
import groups and users for org via api
2017-05-13 12:00:40 -04:00
[HttpPost("{id}/import")]
org sync fixes
2017-05-13 17:08:56 -04:00
public async Task Import(string id, [FromBody] ImportOrganizationUsersRequestModel model)
import groups and users for org via api
2017-05-13 12:00:40 -04:00
{
Support large organization sync (#1311) * Increase organization max seat size from 30k to 2b (#1274) * Increase organization max seat size from 30k to 2b * PR review. Do not modify unless state matches expected * Organization sync simultaneous event reporting (#1275) * Split up azure messages according to max size * Allow simultaneous login of organization user events * Early resolve small event lists * Clarify logic Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com> * Improve readability This comes at the cost of multiple serializations, but the improvement in wire-time should more than make up for this on message where serialization time matters Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com> * Queue emails (#1286) * Extract common Azure queue methods * Do not use internal entity framework namespace * Prefer IEnumerable to IList unless needed All of these implementations were just using `Count == 1`, which is easily replicated. This will be used when abstracting Azure queues * Add model for azure queue message * Abstract Azure queue for reuse * Creat service to enqueue mail messages for later processing Azure queue mail service uses Azure queues. Blocking just blocks until all the work is done -- This is how emailing works today * Provide mail queue service to DI * Queue organization invite emails for later processing All emails can later be added to this queue * Create Admin hosted service to process enqueued mail messages * Prefer constructors to static generators * Mass delete organization users (#1287) * Add delete many to Organization Users * Correct formatting * Remove erroneous migration * Clarify parameter name * Formatting fixes * Simplify bump account revision sproc * Formatting fixes * Match file names to objects * Indicate if large import is expected * Early pull all existing users we were planning on inviting (#1290) * Early pull all existing users we were planning on inviting * Improve sproc name * Batch upsert org users (#1289) * Add UpsertMany sprocs to OrganizationUser * Add method to create TVPs from any object. Uses DbOrder attribute to generate. Sproc will fail unless TVP column order matches that of the db type * Combine migrations * Correct formatting * Include sql objects in sql project * Keep consisten parameter names * Batch deletes for performance * Correct formatting * consolidate migrations * Use batch methods in OrganizationImport * Declare @BatchSize * Transaction names limited to 32 chars Drop sproc before creating it if it exists * Update import tests * Allow for more users in org upgrades * Fix formatting * Improve class hierarchy structure * Use name tuple types * Fix formatting * Front load all reflection * Format constructor * Simplify ToTvp as class-specific extension Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com>
2021-05-17 09:43:02 -05:00
if (!_globalSettings.SelfHosted && !model.LargeImport &&
Increase limits set by importer to 2k (#729)
2020-05-13 09:23:59 -04:00
(model.Groups.Count() > 2000 || model.Users.Count(u => !u.Deleted) > 2000))
abuse limits on bulk apis
2017-10-09 16:58:37 -04:00
{
throw new BadRequestException("You cannot import this much data at once.");
}
import groups and users for org via api
2017-05-13 12:00:40 -04:00
var orgIdGuid = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationAdmin(orgIdGuid))
import groups and users for org via api
2017-05-13 12:00:40 -04:00
{
throw new NotFoundException();
}
org sync fixes
2017-05-13 17:08:56 -04:00
var userId = _userService.GetProperUserId(User);
logic tweaks for group assignments
2017-05-15 16:37:56 -04:00
await _organizationService.ImportAsync(
refactor for addtnl. payment service (braintree)
2017-07-28 12:09:12 -04:00
orgIdGuid,
userId.Value,
sync with user externalids
2017-05-16 00:11:21 -04:00
model.Groups.Select(g => g.ToImportedGroup(orgIdGuid)),
refactor for addtnl. payment service (braintree)
2017-07-28 12:09:12 -04:00
model.Users.Where(u => !u.Deleted).Select(u => u.ToImportedOrganizationUser()),
overwrite existing users on import
2019-05-06 21:31:20 -04:00
model.Users.Where(u => u.Deleted).Select(u => u.ExternalId),
model.OverwriteExisting);
import groups and users for org via api
2017-05-13 12:00:40 -04:00
}
apikey apis for orgs
2019-03-04 09:52:43 -05:00
[HttpPost("{id}/api-key")]
Add support for Key Connector OTP and account migration (#1663) Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2021-11-09 16:37:32 +01:00
public async Task<ApiKeyResponseModel> ApiKey(string id, [FromBody] SecretVerificationRequestModel model)
apikey apis for orgs
2019-03-04 09:52:43 -05:00
{
var orgIdGuid = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationOwner(orgIdGuid))
apikey apis for orgs
2019-03-04 09:52:43 -05:00
{
throw new NotFoundException();
}
var organization = await _organizationRepository.GetByIdAsync(orgIdGuid);
Changed all C# control flow block statements to include space between keyword and open paren
2020-03-27 14:36:37 -04:00
if (organization == null)
apikey apis for orgs
2019-03-04 09:52:43 -05:00
{
throw new NotFoundException();
}
var user = await _userService.GetUserByPrincipalAsync(User);
Changed all C# control flow block statements to include space between keyword and open paren
2020-03-27 14:36:37 -04:00
if (user == null)
apikey apis for orgs
2019-03-04 09:52:43 -05:00
{
throw new UnauthorizedAccessException();
}
Add support for Key Connector OTP and account migration (#1663) Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2021-11-09 16:37:32 +01:00
if (!await _userService.VerifySecretAsync(user, model.Secret))
apikey apis for orgs
2019-03-04 09:52:43 -05:00
{
await Task.Delay(2000);
throw new BadRequestException("MasterPasswordHash", "Invalid password.");
}
else
{
var response = new ApiKeyResponseModel(organization);
return response;
}
}
[HttpPost("{id}/rotate-api-key")]
Add support for Key Connector OTP and account migration (#1663) Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2021-11-09 16:37:32 +01:00
public async Task<ApiKeyResponseModel> RotateApiKey(string id, [FromBody] SecretVerificationRequestModel model)
apikey apis for orgs
2019-03-04 09:52:43 -05:00
{
var orgIdGuid = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationOwner(orgIdGuid))
apikey apis for orgs
2019-03-04 09:52:43 -05:00
{
throw new NotFoundException();
}
var organization = await _organizationRepository.GetByIdAsync(orgIdGuid);
Changed all C# control flow block statements to include space between keyword and open paren
2020-03-27 14:36:37 -04:00
if (organization == null)
apikey apis for orgs
2019-03-04 09:52:43 -05:00
{
throw new NotFoundException();
}
var user = await _userService.GetUserByPrincipalAsync(User);
Changed all C# control flow block statements to include space between keyword and open paren
2020-03-27 14:36:37 -04:00
if (user == null)
apikey apis for orgs
2019-03-04 09:52:43 -05:00
{
throw new UnauthorizedAccessException();
}
Add support for Key Connector OTP and account migration (#1663) Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2021-11-09 16:37:32 +01:00
if (!await _userService.VerifySecretAsync(user, model.Secret))
apikey apis for orgs
2019-03-04 09:52:43 -05:00
{
await Task.Delay(2000);
throw new BadRequestException("MasterPasswordHash", "Invalid password.");
}
else
{
await _organizationService.RotateApiKeyAsync(organization);
var response = new ApiKeyResponseModel(organization);
return response;
}
}
Plan And Price Updates (#859) * Expanded the Plan model to make plan & product data a bit more dynamic * Created a Product enum to track versioned instances of the same plan * Created and API call and Response model for getting plan & product data from the server
2020-08-11 14:19:56 -04:00
API updates for tax info collection
2020-06-08 17:40:18 -04:00
[HttpGet("{id}/tax")]
[SelfHosted(NotSelfHostedOnly = true)]
public async Task<TaxInfoResponseModel> GetTaxInfo(string id)
{
var orgIdGuid = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationOwner(orgIdGuid))
API updates for tax info collection
2020-06-08 17:40:18 -04:00
{
throw new NotFoundException();
}
var organization = await _organizationRepository.GetByIdAsync(orgIdGuid);
if (organization == null)
{
throw new NotFoundException();
}
var taxInfo = await _paymentService.GetTaxInfoAsync(organization);
return new TaxInfoResponseModel(taxInfo);
}
Plan And Price Updates (#859) * Expanded the Plan model to make plan & product data a bit more dynamic * Created a Product enum to track versioned instances of the same plan * Created and API call and Response model for getting plan & product data from the server
2020-08-11 14:19:56 -04:00
API updates for tax info collection
2020-06-08 17:40:18 -04:00
[HttpPut("{id}/tax")]
[SelfHosted(NotSelfHostedOnly = true)]
public async Task PutTaxInfo(string id, [FromBody] OrganizationTaxInfoUpdateRequestModel model)
{
var orgIdGuid = new Guid(id);
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
if (!await _currentContext.OrganizationOwner(orgIdGuid))
API updates for tax info collection
2020-06-08 17:40:18 -04:00
{
throw new NotFoundException();
}
var organization = await _organizationRepository.GetByIdAsync(orgIdGuid);
if (organization == null)
{
throw new NotFoundException();
}
var taxInfo = new TaxInfo
{
TaxIdNumber = model.TaxId,
BillingAddressLine1 = model.Line1,
BillingAddressLine2 = model.Line2,
BillingAddressCity = model.City,
BillingAddressState = model.State,
BillingAddressPostalCode = model.PostalCode,
BillingAddressCountry = model.Country,
};
await _paymentService.SaveTaxInfoAsync(organization, taxInfo);
}
Run dotnet format (#1764)
2021-12-16 15:35:09 +01:00
[Reset Password] Get/Post Org Keys and API updates (#1323) * [Reset Password] Organization Keys APIs * Updated details response to include private key and added more security checks for reset password methods * Added org type and policy security checks to the enrollment api * Updated based on PR feedback * Added org user type permission checks * Added TODO for email to user * Removed unecessary policyRepository object
2021-05-19 09:40:32 -05:00
[HttpGet("{id}/keys")]
public async Task<OrganizationKeysResponseModel> GetKeys(string id)
{
var org = await _organizationRepository.GetByIdAsync(new Guid(id));
if (org == null)
{
throw new NotFoundException();
}
return new OrganizationKeysResponseModel(org);
}
Run dotnet format (#1764)
2021-12-16 15:35:09 +01:00
[Reset Password] Get/Post Org Keys and API updates (#1323) * [Reset Password] Organization Keys APIs * Updated details response to include private key and added more security checks for reset password methods * Added org type and policy security checks to the enrollment api * Updated based on PR feedback * Added org user type permission checks * Added TODO for email to user * Removed unecessary policyRepository object
2021-05-19 09:40:32 -05:00
[HttpPost("{id}/keys")]
public async Task<OrganizationKeysResponseModel> PostKeys(string id, [FromBody] OrganizationKeysRequestModel model)
{
var user = await _userService.GetUserByPrincipalAsync(User);
if (user == null)
{
throw new UnauthorizedAccessException();
}
Refactor permission checks in OrganizationsService to use currentContext (#1420)
2021-07-01 14:31:05 +02:00
var org = await _organizationService.UpdateOrganizationKeysAsync(new Guid(id), model.PublicKey, model.EncryptedPrivateKey);
[Reset Password] Get/Post Org Keys and API updates (#1323) * [Reset Password] Organization Keys APIs * Updated details response to include private key and added more security checks for reset password methods * Added org type and policy security checks to the enrollment api * Updated based on PR feedback * Added org user type permission checks * Added TODO for email to user * Removed unecessary policyRepository object
2021-05-19 09:40:32 -05:00
return new OrganizationKeysResponseModel(org);
}
Remove Business Portal (#1614)
2021-10-06 10:39:13 +02:00
[HttpGet("{id:guid}/sso")]
public async Task<OrganizationSsoResponseModel> GetSso(Guid id)
{
if (!await _currentContext.ManageSso(id))
{
throw new NotFoundException();
}
var organization = await _organizationRepository.GetByIdAsync(id);
if (organization == null)
{
throw new NotFoundException();
}
var ssoConfig = await _ssoConfigRepository.GetByOrganizationIdAsync(id);
return new OrganizationSsoResponseModel(organization, _globalSettings, ssoConfig);
}
[HttpPost("{id:guid}/sso")]
public async Task<OrganizationSsoResponseModel> PostSso(Guid id, [FromBody] OrganizationSsoRequestModel model)
{
if (!await _currentContext.ManageSso(id))
{
throw new NotFoundException();
}
var organization = await _organizationRepository.GetByIdAsync(id);
if (organization == null)
{
throw new NotFoundException();
}
var ssoConfig = await _ssoConfigRepository.GetByOrganizationIdAsync(id);
Add support for Key Connector OTP and account migration (#1663) Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2021-11-09 16:37:32 +01:00
ssoConfig = ssoConfig == null ? model.ToSsoConfig(id) : model.ToSsoConfig(ssoConfig);
Remove Business Portal (#1614)
2021-10-06 10:39:13 +02:00
Key Connector feature toggle (#1716)
2021-11-17 11:46:35 +01:00
await _ssoConfigService.SaveAsync(ssoConfig, organization);
Remove Business Portal (#1614)
2021-10-06 10:39:13 +02:00
return new OrganizationSsoResponseModel(organization, _globalSettings, ssoConfig);
}
Org API controller and supporting data access
2017-03-02 00:15:05 -05:00
}
}
Reference in New Issue Copy Permalink