src/Infrastructure.Dapper/Repositories/UserRepository.cs

using System.Data;
using Bit.Core;
using Bit.Core.Auth.UserFeatures.UserKey;
using Bit.Core.Entities;
using Bit.Core.Models.Data;
using Bit.Core.Repositories;
using Bit.Core.Settings;
using Dapper;
using Microsoft.AspNetCore.DataProtection;
using Microsoft.Data.SqlClient;

namespace Bit.Infrastructure.Dapper.Repositories;

public class UserRepository : Repository<User, Guid>, IUserRepository
{
    private readonly IDataProtector _dataProtector;

    public UserRepository(
        GlobalSettings globalSettings,
        IDataProtectionProvider dataProtectionProvider)
        : this(globalSettings.SqlServer.ConnectionString, globalSettings.SqlServer.ReadOnlyConnectionString)
    {
        _dataProtector = dataProtectionProvider.CreateProtector(Constants.DatabaseFieldProtectorPurpose);
    }

    public UserRepository(string connectionString, string readOnlyConnectionString)
        : base(connectionString, readOnlyConnectionString)
    { }

    public override async Task<User> GetByIdAsync(Guid id)
    {
        var user = await base.GetByIdAsync(id);
        UnprotectData(user);
        return user;
    }

    public async Task<User> GetByEmailAsync(string email)
    {
        using (var connection = new SqlConnection(ConnectionString))
        {
            var results = await connection.QueryAsync<User>(
                $"[{Schema}].[{Table}_ReadByEmail]",
                new { Email = email },
                commandType: CommandType.StoredProcedure);

            UnprotectData(results);
            return results.SingleOrDefault();
        }
    }

    public async Task<User> GetBySsoUserAsync(string externalId, Guid? organizationId)
    {
        using (var connection = new SqlConnection(ConnectionString))
        {
            var results = await connection.QueryAsync<User>(
                $"[{Schema}].[{Table}_ReadBySsoUserOrganizationIdExternalId]",
                new { OrganizationId = organizationId, ExternalId = externalId },
                commandType: CommandType.StoredProcedure);

            UnprotectData(results);
            return results.SingleOrDefault();
        }
    }

    public async Task<UserKdfInformation> GetKdfInformationByEmailAsync(string email)
    {
        using (var connection = new SqlConnection(ConnectionString))
        {
            var results = await connection.QueryAsync<UserKdfInformation>(
                $"[{Schema}].[{Table}_ReadKdfByEmail]",
                new { Email = email },
                commandType: CommandType.StoredProcedure);

            return results.SingleOrDefault();
        }
    }

    public async Task<ICollection<User>> SearchAsync(string email, int skip, int take)
    {
        using (var connection = new SqlConnection(ReadOnlyConnectionString))
        {
            var results = await connection.QueryAsync<User>(
                $"[{Schema}].[{Table}_Search]",
                new { Email = email, Skip = skip, Take = take },
                commandType: CommandType.StoredProcedure,
                commandTimeout: 120);

            UnprotectData(results);
            return results.ToList();
        }
    }

    public async Task<ICollection<User>> GetManyByPremiumAsync(bool premium)
    {
        using (var connection = new SqlConnection(ConnectionString))
        {
            var results = await connection.QueryAsync<User>(
                "[dbo].[User_ReadByPremium]",
                new { Premium = premium },
                commandType: CommandType.StoredProcedure);

            UnprotectData(results);
            return results.ToList();
        }
    }

    public async Task<string> GetPublicKeyAsync(Guid id)
    {
        using (var connection = new SqlConnection(ConnectionString))
        {
            var results = await connection.QueryAsync<string>(
                $"[{Schema}].[{Table}_ReadPublicKeyById]",
                new { Id = id },
                commandType: CommandType.StoredProcedure);

            return results.SingleOrDefault();
        }
    }

    public async Task<DateTime> GetAccountRevisionDateAsync(Guid id)
    {
        using (var connection = new SqlConnection(ReadOnlyConnectionString))
        {
            var results = await connection.QueryAsync<DateTime>(
                $"[{Schema}].[{Table}_ReadAccountRevisionDateById]",
                new { Id = id },
                commandType: CommandType.StoredProcedure);

            return results.SingleOrDefault();
        }
    }

    public override async Task<User> CreateAsync(User user)
    {
        await ProtectDataAndSaveAsync(user, async () => await base.CreateAsync(user));
        return user;
    }

    public override async Task ReplaceAsync(User user)
    {
        await ProtectDataAndSaveAsync(user, async () => await base.ReplaceAsync(user));
    }

    public override async Task DeleteAsync(User user)
    {
        using (var connection = new SqlConnection(ConnectionString))
        {
            await connection.ExecuteAsync(
                $"[{Schema}].[{Table}_DeleteById]",
                new { Id = user.Id },
                commandType: CommandType.StoredProcedure,
                commandTimeout: 180);
        }
    }

    public async Task UpdateStorageAsync(Guid id)
    {
        using (var connection = new SqlConnection(ConnectionString))
        {
            await connection.ExecuteAsync(
                $"[{Schema}].[{Table}_UpdateStorage]",
                new { Id = id },
                commandType: CommandType.StoredProcedure,
                commandTimeout: 180);
        }
    }

    public async Task UpdateRenewalReminderDateAsync(Guid id, DateTime renewalReminderDate)
    {
        using (var connection = new SqlConnection(ConnectionString))
        {
            await connection.ExecuteAsync(
                $"[{Schema}].[User_UpdateRenewalReminderDate]",
                new { Id = id, RenewalReminderDate = renewalReminderDate },
                commandType: CommandType.StoredProcedure);
        }
    }

    /// <inheritdoc />
    public async Task UpdateUserKeyAndEncryptedDataAsync(
        User user,
        IEnumerable<UpdateEncryptedDataForKeyRotation> updateDataActions)
    {
        await using var connection = new SqlConnection(ConnectionString);
        connection.Open();

        await using var transaction = connection.BeginTransaction();
        try
        {
            // Update user
            await using (var cmd = new SqlCommand("[dbo].[User_UpdateKeys]", connection, transaction))
            {
                cmd.CommandType = CommandType.StoredProcedure;
                cmd.Parameters.Add("@Id", SqlDbType.UniqueIdentifier).Value = user.Id;
                cmd.Parameters.Add("@SecurityStamp", SqlDbType.NVarChar).Value = user.SecurityStamp;
                cmd.Parameters.Add("@Key", SqlDbType.VarChar).Value = user.Key;

                cmd.Parameters.Add("@PrivateKey", SqlDbType.VarChar).Value =
                    string.IsNullOrWhiteSpace(user.PrivateKey) ? DBNull.Value : user.PrivateKey;

                cmd.Parameters.Add("@RevisionDate", SqlDbType.DateTime2).Value = user.RevisionDate;
                cmd.Parameters.Add("@AccountRevisionDate", SqlDbType.DateTime2).Value =
                    user.AccountRevisionDate;
                cmd.Parameters.Add("@LastKeyRotationDate", SqlDbType.DateTime2).Value =
                    user.LastKeyRotationDate;
                cmd.ExecuteNonQuery();
            }

            //  Update re-encrypted data
            foreach (var action in updateDataActions)
            {
                await action(transaction);
            }

            transaction.Commit();
        }
        catch
        {
            transaction.Rollback();
            throw;
        }
    }


    public async Task<IEnumerable<User>> GetManyAsync(IEnumerable<Guid> ids)
    {
        using (var connection = new SqlConnection(ReadOnlyConnectionString))
        {
            var results = await connection.QueryAsync<User>(
                $"[{Schema}].[{Table}_ReadByIds]",
                new { Ids = ids.ToGuidIdArrayTVP() },
                commandType: CommandType.StoredProcedure);

            UnprotectData(results);
            return results.ToList();
        }
    }

    private async Task ProtectDataAndSaveAsync(User user, Func<Task> saveTask)
    {
        if (user == null)
        {
            await saveTask();
            return;
        }

        // Capture original values
        var originalMasterPassword = user.MasterPassword;
        var originalKey = user.Key;

        // Protect values
        if (!user.MasterPassword?.StartsWith(Constants.DatabaseFieldProtectedPrefix) ?? false)
        {
            user.MasterPassword = string.Concat(Constants.DatabaseFieldProtectedPrefix,
                _dataProtector.Protect(user.MasterPassword));
        }

        if (!user.Key?.StartsWith(Constants.DatabaseFieldProtectedPrefix) ?? false)
        {
            user.Key = string.Concat(Constants.DatabaseFieldProtectedPrefix,
                _dataProtector.Protect(user.Key));
        }

        // Save
        await saveTask();

        // Restore original values
        user.MasterPassword = originalMasterPassword;
        user.Key = originalKey;
    }

    private void UnprotectData(User user)
    {
        if (user == null)
        {
            return;
        }

        if (user.MasterPassword?.StartsWith(Constants.DatabaseFieldProtectedPrefix) ?? false)
        {
            user.MasterPassword = _dataProtector.Unprotect(
                user.MasterPassword.Substring(Constants.DatabaseFieldProtectedPrefix.Length));
        }

        if (user.Key?.StartsWith(Constants.DatabaseFieldProtectedPrefix) ?? false)
        {
            user.Key = _dataProtector.Unprotect(
                user.Key.Substring(Constants.DatabaseFieldProtectedPrefix.Length));
        }
    }

    private void UnprotectData(IEnumerable<User> users)
    {
        if (users == null)
        {
            return;
        }

        foreach (var user in users)
        {
            UnprotectData(user);
        }
    }
}
-												Turn On `ImplicitUsings` (#2079)

* Turn on ImplicitUsings

* Fix formatting

* Run linter
											
										
										
											2022-06-29 19:46:41 -04:00
+								using System.Data;
-												Data protection for user columns at rest (#2571)

* ServerProtectedData for user entity

* remove using statements

* formatting

* use data protection libs

* no async

* add data protection to ef user repo

* switch to `SetApplicationName` per ASPNET docs

* null checks

* cleanup

* value converter for EF

* new line at eof

* fix using

* remove folder ref

* restore ctor

* fix lint

* use global constant

* UseApplicationServiceProvider for integration tests

* implement constant for DatabaseFieldProtectedPrefix

* Fix EF IntegrationTest

* restore original values after protect and save

* lint fixes

* Use Constants

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
											
										
										
											2023-01-18 13:16:57 -05:00
+								using Bit.Core;
-												[PM-3797 Part 1] Layout new key rotation methods (#3425)

* layout new key rotation methods
- add endpoint with request model
- add command with data model
- add repository method

* layout new key rotation methods
- add endpoint with request model
- add command with data model
- add repository method

* formatting

* rename account recovery to reset password

* fix tests

* remove extra endpoint

* rename account recovery to reset password

* fix tests and formatting

* register db calls in command, removing list from user repo

* formatting
											
										
										
											2023-11-09 14:56:08 -05:00
+								using Bit.Core.Auth.UserFeatures.UserKey;
-												Split out repositories to Infrastructure.Dapper / EntityFramework (#1759)


											
										
										
											2022-01-11 10:40:51 +01:00
+								using Bit.Core.Entities;
-												support for user defined kdf parameters

											
										
										
											2018-08-14 15:30:04 -04:00
+								using Bit.Core.Models.Data;
-												Split out repositories to Infrastructure.Dapper / EntityFramework (#1759)


											
										
										
											2022-01-11 10:40:51 +01:00
+								using Bit.Core.Repositories;
-												Use sas token for attachment downloads (#1153)

* Get limited life attachment download URL

This change limits url download to a 1min lifetime.
This requires moving to a new container to allow for non-public blob
access.

Clients will have to call GetAttachmentData api function to receive the download
URL. For backwards compatibility, attachment URLs are still present, but will not
work for attachments stored in non-public access blobs.

* Make GlobalSettings interface for testing

* Test LocalAttachmentStorageService equivalence

* Remove comment

* Add missing globalSettings using

* Simplify default attachment container

* Default to attachments containe for existing methods

A new upload method will be made for uploading to attachments-v2.
For compatibility for clients which don't use these new methods, we need
to still use the old container. The new container will be used only for
new uploads

* Remove Default MetaData fixture.

* Keep attachments container blob-level security for all instances

* Close unclosed FileStream

* Favor default value for noop services
											
										
										
											2021-02-22 15:35:16 -06:00
+								using Bit.Core.Settings;
-												Added Sql project with database schema. Added SqlServer repositories for Site, Folder, and User (Cipher still TODO). Switched DI in Startup to SqlServer repos.

											
										
										
											2016-02-06 01:18:25 -05:00
+								using Dapper;
-												Data protection for user columns at rest (#2571)

* ServerProtectedData for user entity

* remove using statements

* formatting

* use data protection libs

* no async

* add data protection to ef user repo

* switch to `SetApplicationName` per ASPNET docs

* null checks

* cleanup

* value converter for EF

* new line at eof

* fix using

* remove folder ref

* restore ctor

* fix lint

* use global constant

* UseApplicationServiceProvider for integration tests

* implement constant for DatabaseFieldProtectedPrefix

* Fix EF IntegrationTest

* restore original values after protect and save

* lint fixes

* Use Constants

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
											
										
										
											2023-01-18 13:16:57 -05:00
+								using Microsoft.AspNetCore.DataProtection;
-												Migrate to Microsoft.Data.SqlClient (#2548)


											
										
										
											2023-01-10 15:58:41 -05:00
+								using Microsoft.Data.SqlClient;
-												Added Sql project with database schema. Added SqlServer repositories for Site, Folder, and User (Cipher still TODO). Switched DI in Startup to SqlServer repos.

											
										
										
											2016-02-06 01:18:25 -05:00
-												Split out repositories to Infrastructure.Dapper / EntityFramework (#1759)


											
										
										
											2022-01-11 10:40:51 +01:00
+								namespace Bit.Infrastructure.Dapper.Repositories;
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
-												Split out repositories to Infrastructure.Dapper / EntityFramework (#1759)


											
										
										
											2022-01-11 10:40:51 +01:00
+								public class UserRepository : Repository<User, Guid>, IUserRepository
-												Added Sql project with database schema. Added SqlServer repositories for Site, Folder, and User (Cipher still TODO). Switched DI in Startup to SqlServer repos.

											
										
										
											2016-02-06 01:18:25 -05:00
+								{
-												Data protection for user columns at rest (#2571)

* ServerProtectedData for user entity

* remove using statements

* formatting

* use data protection libs

* no async

* add data protection to ef user repo

* switch to `SetApplicationName` per ASPNET docs

* null checks

* cleanup

* value converter for EF

* new line at eof

* fix using

* remove folder ref

* restore ctor

* fix lint

* use global constant

* UseApplicationServiceProvider for integration tests

* implement constant for DatabaseFieldProtectedPrefix

* Fix EF IntegrationTest

* restore original values after protect and save

* lint fixes

* Use Constants

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
											
										
										
											2023-01-18 13:16:57 -05:00
+								    private readonly IDataProtector _dataProtector;
 								    public UserRepository(
 								        GlobalSettings globalSettings,
 								        IDataProtectionProvider dataProtectionProvider)
-												support for readonly sql db connection string

											
										
										
											2018-10-09 17:21:12 -04:00
+								        : this(globalSettings.SqlServer.ConnectionString, globalSettings.SqlServer.ReadOnlyConnectionString)
-												Data protection for user columns at rest (#2571)

* ServerProtectedData for user entity

* remove using statements

* formatting

* use data protection libs

* no async

* add data protection to ef user repo

* switch to `SetApplicationName` per ASPNET docs

* null checks

* cleanup

* value converter for EF

* new line at eof

* fix using

* remove folder ref

* restore ctor

* fix lint

* use global constant

* UseApplicationServiceProvider for integration tests

* implement constant for DatabaseFieldProtectedPrefix

* Fix EF IntegrationTest

* restore original values after protect and save

* lint fixes

* Use Constants

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
											
										
										
											2023-01-18 13:16:57 -05:00
+								    {
 								        _dataProtector = dataProtectionProvider.CreateProtector(Constants.DatabaseFieldProtectorPurpose);
 								    }
-												Added redis caching libraries and implemented for user by id caching.

											
										
										
											2016-06-17 17:42:22 -04:00
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								    public UserRepository(string connectionString, string readOnlyConnectionString)
-												refactored data storage to use cipher table. added history table and insert triggers.

											
										
										
											2016-05-21 17:16:22 -04:00
+								        : base(connectionString, readOnlyConnectionString)
-												Added Sql project with database schema. Added SqlServer repositories for Site, Folder, and User (Cipher still TODO). Switched DI in Startup to SqlServer repos.

											
										
										
											2016-02-06 01:18:25 -05:00
+								    { }
-												Added redis caching libraries and implemented for user by id caching.

											
										
										
											2016-06-17 17:42:22 -04:00
-												Sso user table, model and repo stubbed out (#837)

* Sso user table, model and repo stubbed out

* switch to nullable org id, bigint id

* update GetBySsoUserAsync

* cleanup migrator file

* fix EF user repo

* fix pg repo

* is `IS NULL` checks

* unique indexes

* update migration scripts

* add another unique index

* remove old script
											
										
										
											2020-07-28 10:03:09 -04:00
+								    public override async Task<User> GetByIdAsync(Guid id)
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								    {
-												Data protection for user columns at rest (#2571)

* ServerProtectedData for user entity

* remove using statements

* formatting

* use data protection libs

* no async

* add data protection to ef user repo

* switch to `SetApplicationName` per ASPNET docs

* null checks

* cleanup

* value converter for EF

* new line at eof

* fix using

* remove folder ref

* restore ctor

* fix lint

* use global constant

* UseApplicationServiceProvider for integration tests

* implement constant for DatabaseFieldProtectedPrefix

* Fix EF IntegrationTest

* restore original values after protect and save

* lint fixes

* Use Constants

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
											
										
										
											2023-01-18 13:16:57 -05:00
+								        var user = await base.GetByIdAsync(id);
 								        UnprotectData(user);
 								        return user;
-												Sso user table, model and repo stubbed out (#837)

* Sso user table, model and repo stubbed out

* switch to nullable org id, bigint id

* update GetBySsoUserAsync

* cleanup migrator file

* fix EF user repo

* fix pg repo

* is `IS NULL` checks

* unique indexes

* update migration scripts

* add another unique index

* remove old script
											
										
										
											2020-07-28 10:03:09 -04:00
+								    }
-												support for user defined kdf parameters

											
										
										
											2018-08-14 15:30:04 -04:00
+								    public async Task<User> GetByEmailAsync(string email)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												support for user defined kdf parameters

											
										
										
											2018-08-14 15:30:04 -04:00
+								        using (var connection = new SqlConnection(ConnectionString))
 								        {
 								            var results = await connection.QueryAsync<User>(
 								                $"[{Schema}].[{Table}_ReadByEmail]",
 								                new { Email = email },
 								                commandType: CommandType.StoredProcedure);
-												Data protection for user columns at rest (#2571)

* ServerProtectedData for user entity

* remove using statements

* formatting

* use data protection libs

* no async

* add data protection to ef user repo

* switch to `SetApplicationName` per ASPNET docs

* null checks

* cleanup

* value converter for EF

* new line at eof

* fix using

* remove folder ref

* restore ctor

* fix lint

* use global constant

* UseApplicationServiceProvider for integration tests

* implement constant for DatabaseFieldProtectedPrefix

* Fix EF IntegrationTest

* restore original values after protect and save

* lint fixes

* Use Constants

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
											
										
										
											2023-01-18 13:16:57 -05:00
+								            UnprotectData(results);
-												users listing page

											
										
										
											2018-03-21 16:24:10 -04:00
+								            return results.SingleOrDefault();
 								        }
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												users listing page

											
										
										
											2018-03-21 16:24:10 -04:00
-												user premium validation job

											
										
										
											2017-08-22 15:27:29 -04:00
+								    public async Task<User> GetBySsoUserAsync(string externalId, Guid? organizationId)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												user premium validation job

											
										
										
											2017-08-22 15:27:29 -04:00
+								        using (var connection = new SqlConnection(ConnectionString))
 								        {
 								            var results = await connection.QueryAsync<User>(
 								                $"[{Schema}].[{Table}_ReadBySsoUserOrganizationIdExternalId]",
 								                new { OrganizationId = organizationId, ExternalId = externalId },
 								                commandType: CommandType.StoredProcedure);
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
-												Data protection for user columns at rest (#2571)

* ServerProtectedData for user entity

* remove using statements

* formatting

* use data protection libs

* no async

* add data protection to ef user repo

* switch to `SetApplicationName` per ASPNET docs

* null checks

* cleanup

* value converter for EF

* new line at eof

* fix using

* remove folder ref

* restore ctor

* fix lint

* use global constant

* UseApplicationServiceProvider for integration tests

* implement constant for DatabaseFieldProtectedPrefix

* Fix EF IntegrationTest

* restore original values after protect and save

* lint fixes

* Use Constants

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
											
										
										
											2023-01-18 13:16:57 -05:00
+								            UnprotectData(results);
-												user premium validation job

											
										
										
											2017-08-22 15:27:29 -04:00
+								            return results.SingleOrDefault();
 								        }
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												user premium validation job

											
										
										
											2017-08-22 15:27:29 -04:00
-												org user management apis

											
										
										
											2017-03-04 21:28:41 -05:00
+								    public async Task<UserKdfInformation> GetKdfInformationByEmailAsync(string email)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												org user management apis

											
										
										
											2017-03-04 21:28:41 -05:00
+								        using (var connection = new SqlConnection(ConnectionString))
 								        {
 								            var results = await connection.QueryAsync<UserKdfInformation>(
 								                $"[{Schema}].[{Table}_ReadKdfByEmail]",
 								                new { Email = email },
 								                commandType: CommandType.StoredProcedure);
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
-												org user management apis

											
										
										
											2017-03-04 21:28:41 -05:00
+								            return results.SingleOrDefault();
 								        }
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												org user management apis

											
										
										
											2017-03-04 21:28:41 -05:00
-												Added API for getting the current user's account revision date

											
										
										
											2017-01-14 10:02:37 -05:00
+								    public async Task<ICollection<User>> SearchAsync(string email, int skip, int take)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Added API for getting the current user's account revision date

											
										
										
											2017-01-14 10:02:37 -05:00
+								        using (var connection = new SqlConnection(ReadOnlyConnectionString))
 								        {
 								            var results = await connection.QueryAsync<User>(
 								                $"[{Schema}].[{Table}_Search]",
 								                new { Email = email, Skip = skip, Take = take },
 								                commandType: CommandType.StoredProcedure,
 								                commandTimeout: 120);
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
-												Data protection for user columns at rest (#2571)

* ServerProtectedData for user entity

* remove using statements

* formatting

* use data protection libs

* no async

* add data protection to ef user repo

* switch to `SetApplicationName` per ASPNET docs

* null checks

* cleanup

* value converter for EF

* new line at eof

* fix using

* remove folder ref

* restore ctor

* fix lint

* use global constant

* UseApplicationServiceProvider for integration tests

* implement constant for DatabaseFieldProtectedPrefix

* Fix EF IntegrationTest

* restore original values after protect and save

* lint fixes

* Use Constants

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
											
										
										
											2023-01-18 13:16:57 -05:00
+								            UnprotectData(results);
-												Added API for getting the current user's account revision date

											
										
										
											2017-01-14 10:02:37 -05:00
+								            return results.ToList();
 								        }
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												Added API for getting the current user's account revision date

											
										
										
											2017-01-14 10:02:37 -05:00
-												Added redis caching libraries and implemented for user by id caching.

											
										
										
											2016-06-17 17:42:22 -04:00
+								    public async Task<ICollection<User>> GetManyByPremiumAsync(bool premium)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Added redis caching libraries and implemented for user by id caching.

											
										
										
											2016-06-17 17:42:22 -04:00
+								        using (var connection = new SqlConnection(ConnectionString))
 								        {
 								            var results = await connection.QueryAsync<User>(
 								                "[dbo].[User_ReadByPremium]",
-												recompute full storage each time

											
										
										
											2017-07-10 22:08:52 -04:00
+								                new { Premium = premium },
-												Added redis caching libraries and implemented for user by id caching.

											
										
										
											2016-06-17 17:42:22 -04:00
+								                commandType: CommandType.StoredProcedure);
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
-												Data protection for user columns at rest (#2571)

* ServerProtectedData for user entity

* remove using statements

* formatting

* use data protection libs

* no async

* add data protection to ef user repo

* switch to `SetApplicationName` per ASPNET docs

* null checks

* cleanup

* value converter for EF

* new line at eof

* fix using

* remove folder ref

* restore ctor

* fix lint

* use global constant

* UseApplicationServiceProvider for integration tests

* implement constant for DatabaseFieldProtectedPrefix

* Fix EF IntegrationTest

* restore original values after protect and save

* lint fixes

* Use Constants

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
											
										
										
											2023-01-18 13:16:57 -05:00
+								            UnprotectData(results);
-												refactored data storage to use cipher table. added history table and insert triggers.

											
										
										
											2016-05-21 17:16:22 -04:00
+								            return results.ToList();
-												Added redis caching libraries and implemented for user by id caching.

											
										
										
											2016-06-17 17:42:22 -04:00
+								        }
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												Added redis caching libraries and implemented for user by id caching.

											
										
										
											2016-06-17 17:42:22 -04:00
-												premium renewal reminders job for braintree

											
										
										
											2018-07-12 23:23:41 -04:00
+								    public async Task<string> GetPublicKeyAsync(Guid id)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												premium renewal reminders job for braintree

											
										
										
											2018-07-12 23:23:41 -04:00
+								        using (var connection = new SqlConnection(ConnectionString))
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        {
-												Bulk Confirm (#1345)

* Add support for bulk confirm

* Add missing sproc to migration

* Change ConfirmUserAsync to internally use ConfirmUsersAsync

* Refactor to be a bit more readable

* Change BulkReinvite and BulkRemove to return a list of errors/success

* Refactor

* Fix removing owner preventing removing non owners

* Add another unit test

* Use fixtures for OrganizationUser and Policies

* Fix spelling
											
										
										
											2021-05-25 19:23:47 +02:00
+								            var results = await connection.QueryAsync<string>(
 								                $"[{Schema}].[{Table}_ReadPublicKeyById]",
-												recompute full storage each time

											
										
										
											2017-07-10 22:08:52 -04:00
+								                new { Id = id },
-												Bulk Confirm (#1345)

* Add support for bulk confirm

* Add missing sproc to migration

* Change ConfirmUserAsync to internally use ConfirmUsersAsync

* Refactor to be a bit more readable

* Change BulkReinvite and BulkRemove to return a list of errors/success

* Refactor

* Fix removing owner preventing removing non owners

* Add another unit test

* Use fixtures for OrganizationUser and Policies

* Fix spelling
											
										
										
											2021-05-25 19:23:47 +02:00
+								                commandType: CommandType.StoredProcedure);
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
-												Sso user table, model and repo stubbed out (#837)

* Sso user table, model and repo stubbed out

* switch to nullable org id, bigint id

* update GetBySsoUserAsync

* cleanup migrator file

* fix EF user repo

* fix pg repo

* is `IS NULL` checks

* unique indexes

* update migration scripts

* add another unique index

* remove old script
											
										
										
											2020-07-28 10:03:09 -04:00
+								            return results.SingleOrDefault();
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        }
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												Added redis caching libraries and implemented for user by id caching.

											
										
										
											2016-06-17 17:42:22 -04:00
+								    public async Task<DateTime> GetAccountRevisionDateAsync(Guid id)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Added redis caching libraries and implemented for user by id caching.

											
										
										
											2016-06-17 17:42:22 -04:00
+								        using (var connection = new SqlConnection(ReadOnlyConnectionString))
 								        {
-												recompile user delete sproc and extend timeout. filer out security stamp errors from logger.

											
										
										
											2016-10-29 02:59:17 -04:00
+								            var results = await connection.QueryAsync<DateTime>(
 								                $"[{Schema}].[{Table}_ReadAccountRevisionDateById]",
-												premium renewal reminders job for braintree

											
										
										
											2018-07-12 23:23:41 -04:00
+								                new { Id = id },
-												recompile user delete sproc and extend timeout. filer out security stamp errors from logger.

											
										
										
											2016-10-29 02:59:17 -04:00
+								                commandType: CommandType.StoredProcedure);
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
-												support for user defined kdf parameters

											
										
										
											2018-08-14 15:30:04 -04:00
+								            return results.SingleOrDefault();
-												Added redis caching libraries and implemented for user by id caching.

											
										
										
											2016-06-17 17:42:22 -04:00
+								        }
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												rollback share if errors

											
										
										
											2017-07-10 16:21:18 -04:00
-												Data protection for user columns at rest (#2571)

* ServerProtectedData for user entity

* remove using statements

* formatting

* use data protection libs

* no async

* add data protection to ef user repo

* switch to `SetApplicationName` per ASPNET docs

* null checks

* cleanup

* value converter for EF

* new line at eof

* fix using

* remove folder ref

* restore ctor

* fix lint

* use global constant

* UseApplicationServiceProvider for integration tests

* implement constant for DatabaseFieldProtectedPrefix

* Fix EF IntegrationTest

* restore original values after protect and save

* lint fixes

* Use Constants

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
											
										
										
											2023-01-18 13:16:57 -05:00
+								    public override async Task<User> CreateAsync(User user)
 								    {
 								        await ProtectDataAndSaveAsync(user, async () => await base.CreateAsync(user));
 								        return user;
 								    }
-												Bulk Confirm (#1345)

* Add support for bulk confirm

* Add missing sproc to migration

* Change ConfirmUserAsync to internally use ConfirmUsersAsync

* Refactor to be a bit more readable

* Change BulkReinvite and BulkRemove to return a list of errors/success

* Refactor

* Fix removing owner preventing removing non owners

* Add another unit test

* Use fixtures for OrganizationUser and Policies

* Fix spelling
											
										
										
											2021-05-25 19:23:47 +02:00
+								    public override async Task ReplaceAsync(User user)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Data protection for user columns at rest (#2571)

* ServerProtectedData for user entity

* remove using statements

* formatting

* use data protection libs

* no async

* add data protection to ef user repo

* switch to `SetApplicationName` per ASPNET docs

* null checks

* cleanup

* value converter for EF

* new line at eof

* fix using

* remove folder ref

* restore ctor

* fix lint

* use global constant

* UseApplicationServiceProvider for integration tests

* implement constant for DatabaseFieldProtectedPrefix

* Fix EF IntegrationTest

* restore original values after protect and save

* lint fixes

* Use Constants

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
											
										
										
											2023-01-18 13:16:57 -05:00
+								        await ProtectDataAndSaveAsync(user, async () => await base.ReplaceAsync(user));
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												recompute full storage each time

											
										
										
											2017-07-10 22:08:52 -04:00
+								    public override async Task DeleteAsync(User user)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        using (var connection = new SqlConnection(ConnectionString))
-												rollback share if errors

											
										
										
											2017-07-10 16:21:18 -04:00
+								        {
 								            await connection.ExecuteAsync(
 								                $"[{Schema}].[{Table}_DeleteById]",
-												recompute full storage each time

											
										
										
											2017-07-10 22:08:52 -04:00
+								                new { Id = user.Id },
-												rollback share if errors

											
										
										
											2017-07-10 16:21:18 -04:00
+								                commandType: CommandType.StoredProcedure,
 								                commandTimeout: 180);
 								        }
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												premium renewal reminders job for braintree

											
										
										
											2018-07-12 23:23:41 -04:00
 								    public async Task UpdateStorageAsync(Guid id)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Changed all C# control flow block statements to include space between keyword and open paren

											
										
										
											2020-03-27 14:36:37 -04:00
+								        using (var connection = new SqlConnection(ConnectionString))
-												premium renewal reminders job for braintree

											
										
										
											2018-07-12 23:23:41 -04:00
+								        {
 								            await connection.ExecuteAsync(
 								                $"[{Schema}].[{Table}_UpdateStorage]",
 								                new { Id = id },
 								                commandType: CommandType.StoredProcedure,
 								                commandTimeout: 180);
 								        }
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												Bulk Confirm (#1345)

* Add support for bulk confirm

* Add missing sproc to migration

* Change ConfirmUserAsync to internally use ConfirmUsersAsync

* Refactor to be a bit more readable

* Change BulkReinvite and BulkRemove to return a list of errors/success

* Refactor

* Fix removing owner preventing removing non owners

* Add another unit test

* Use fixtures for OrganizationUser and Policies

* Fix spelling
											
										
										
											2021-05-25 19:23:47 +02:00
 								    public async Task UpdateRenewalReminderDateAsync(Guid id, DateTime renewalReminderDate)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Bulk Confirm (#1345)

* Add support for bulk confirm

* Add missing sproc to migration

* Change ConfirmUserAsync to internally use ConfirmUsersAsync

* Refactor to be a bit more readable

* Change BulkReinvite and BulkRemove to return a list of errors/success

* Refactor

* Fix removing owner preventing removing non owners

* Add another unit test

* Use fixtures for OrganizationUser and Policies

* Fix spelling
											
										
										
											2021-05-25 19:23:47 +02:00
+								        using (var connection = new SqlConnection(ConnectionString))
 								        {
 								            await connection.ExecuteAsync(
 								                $"[{Schema}].[User_UpdateRenewalReminderDate]",
 								                new { Id = id, RenewalReminderDate = renewalReminderDate },
 								                commandType: CommandType.StoredProcedure);
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        }
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    }
-												Turn on file scoped namespaces (#2225)


											
										
										
											2022-08-29 14:53:16 -04:00
-												[PM-3797 Part 1] Layout new key rotation methods (#3425)

* layout new key rotation methods
- add endpoint with request model
- add command with data model
- add repository method

* layout new key rotation methods
- add endpoint with request model
- add command with data model
- add repository method

* formatting

* rename account recovery to reset password

* fix tests

* remove extra endpoint

* rename account recovery to reset password

* fix tests and formatting

* register db calls in command, removing list from user repo

* formatting
											
										
										
											2023-11-09 14:56:08 -05:00
+								    /// <inheritdoc />
 								    public async Task UpdateUserKeyAndEncryptedDataAsync(
 								        User user,
 								        IEnumerable<UpdateEncryptedDataForKeyRotation> updateDataActions)
 								    {
 								        await using var connection = new SqlConnection(ConnectionString);
 								        connection.Open();
 								        await using var transaction = connection.BeginTransaction();
 								        try
 								        {
 								            // Update user
 								            await using (var cmd = new SqlCommand("[dbo].[User_UpdateKeys]", connection, transaction))
 								            {
 								                cmd.CommandType = CommandType.StoredProcedure;
 								                cmd.Parameters.Add("@Id", SqlDbType.UniqueIdentifier).Value = user.Id;
 								                cmd.Parameters.Add("@SecurityStamp", SqlDbType.NVarChar).Value = user.SecurityStamp;
 								                cmd.Parameters.Add("@Key", SqlDbType.VarChar).Value = user.Key;
 								                cmd.Parameters.Add("@PrivateKey", SqlDbType.VarChar).Value =
 								                    string.IsNullOrWhiteSpace(user.PrivateKey) ? DBNull.Value : user.PrivateKey;
 								                cmd.Parameters.Add("@RevisionDate", SqlDbType.DateTime2).Value = user.RevisionDate;
 								                cmd.Parameters.Add("@AccountRevisionDate", SqlDbType.DateTime2).Value =
 								                    user.AccountRevisionDate;
 								                cmd.Parameters.Add("@LastKeyRotationDate", SqlDbType.DateTime2).Value =
 								                    user.LastKeyRotationDate;
 								                cmd.ExecuteNonQuery();
 								            }
 								            //  Update re-encrypted data
 								            foreach (var action in updateDataActions)
 								            {
 								                await action(transaction);
 								            }
 								            transaction.Commit();
 								        }
 								        catch
 								        {
 								            transaction.Rollback();
 								            throw;
 								        }
 								    }
-												Added redis caching libraries and implemented for user by id caching.

											
										
										
											2016-06-17 17:42:22 -04:00
+								    public async Task<IEnumerable<User>> GetManyAsync(IEnumerable<Guid> ids)
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
+								    {
-												Bulk Confirm (#1345)

* Add support for bulk confirm

* Add missing sproc to migration

* Change ConfirmUserAsync to internally use ConfirmUsersAsync

* Refactor to be a bit more readable

* Change BulkReinvite and BulkRemove to return a list of errors/success

* Refactor

* Fix removing owner preventing removing non owners

* Add another unit test

* Use fixtures for OrganizationUser and Policies

* Fix spelling
											
										
										
											2021-05-25 19:23:47 +02:00
+								        using (var connection = new SqlConnection(ReadOnlyConnectionString))
-												Revert filescoped (#2227)

* Revert "Add git blame entry (#2226)"

This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d.

* Revert "Turn on file scoped namespaces (#2225)"

This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
											
										
										
											2022-08-29 15:53:48 -04:00
+								        {
-												refactored data storage to use cipher table. added history table and insert triggers.

											
										
										
											2016-05-21 17:16:22 -04:00
+								            var results = await connection.QueryAsync<User>(
-												Added Sql project with database schema. Added SqlServer repositories for Site, Folder, and User (Cipher still TODO). Switched DI in Startup to SqlServer repos.

											
										
										
											2016-02-06 01:18:25 -05:00
+								                $"[{Schema}].[{Table}_ReadByIds]",
-												Bulk Confirm (#1345)

* Add support for bulk confirm

* Add missing sproc to migration

* Change ConfirmUserAsync to internally use ConfirmUsersAsync

* Refactor to be a bit more readable

* Change BulkReinvite and BulkRemove to return a list of errors/success

* Refactor

* Fix removing owner preventing removing non owners

* Add another unit test

* Use fixtures for OrganizationUser and Policies

* Fix spelling
											
										
										
											2021-05-25 19:23:47 +02:00
+								                new { Ids = ids.ToGuidIdArrayTVP() },
-												Added Sql project with database schema. Added SqlServer repositories for Site, Folder, and User (Cipher still TODO). Switched DI in Startup to SqlServer repos.

											
										
										
											2016-02-06 01:18:25 -05:00
+								                commandType: CommandType.StoredProcedure);
-												Run formatting (#2230)


											
										
										
											2022-08-29 16:06:55 -04:00
-												Data protection for user columns at rest (#2571)

* ServerProtectedData for user entity

* remove using statements

* formatting

* use data protection libs

* no async

* add data protection to ef user repo

* switch to `SetApplicationName` per ASPNET docs

* null checks

* cleanup

* value converter for EF

* new line at eof

* fix using

* remove folder ref

* restore ctor

* fix lint

* use global constant

* UseApplicationServiceProvider for integration tests

* implement constant for DatabaseFieldProtectedPrefix

* Fix EF IntegrationTest

* restore original values after protect and save

* lint fixes

* Use Constants

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
											
										
										
											2023-01-18 13:16:57 -05:00
+								            UnprotectData(results);
-												Bulk Confirm (#1345)

* Add support for bulk confirm

* Add missing sproc to migration

* Change ConfirmUserAsync to internally use ConfirmUsersAsync

* Refactor to be a bit more readable

* Change BulkReinvite and BulkRemove to return a list of errors/success

* Refactor

* Fix removing owner preventing removing non owners

* Add another unit test

* Use fixtures for OrganizationUser and Policies

* Fix spelling
											
										
										
											2021-05-25 19:23:47 +02:00
+								            return results.ToList();
 								        }
-												Added Sql project with database schema. Added SqlServer repositories for Site, Folder, and User (Cipher still TODO). Switched DI in Startup to SqlServer repos.

											
										
										
											2016-02-06 01:18:25 -05:00
+								    }
-												Data protection for user columns at rest (#2571)

* ServerProtectedData for user entity

* remove using statements

* formatting

* use data protection libs

* no async

* add data protection to ef user repo

* switch to `SetApplicationName` per ASPNET docs

* null checks

* cleanup

* value converter for EF

* new line at eof

* fix using

* remove folder ref

* restore ctor

* fix lint

* use global constant

* UseApplicationServiceProvider for integration tests

* implement constant for DatabaseFieldProtectedPrefix

* Fix EF IntegrationTest

* restore original values after protect and save

* lint fixes

* Use Constants

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
											
										
										
											2023-01-18 13:16:57 -05:00
 								    private async Task ProtectDataAndSaveAsync(User user, Func<Task> saveTask)
 								    {
 								        if (user == null)
 								        {
 								            await saveTask();
 								            return;
 								        }
 								        // Capture original values
 								        var originalMasterPassword = user.MasterPassword;
 								        var originalKey = user.Key;
 								        // Protect values
 								        if (!user.MasterPassword?.StartsWith(Constants.DatabaseFieldProtectedPrefix) ?? false)
 								        {
 								            user.MasterPassword = string.Concat(Constants.DatabaseFieldProtectedPrefix,
 								                _dataProtector.Protect(user.MasterPassword));
 								        }
 								        if (!user.Key?.StartsWith(Constants.DatabaseFieldProtectedPrefix) ?? false)
 								        {
 								            user.Key = string.Concat(Constants.DatabaseFieldProtectedPrefix,
 								                _dataProtector.Protect(user.Key));
 								        }
 								        // Save
 								        await saveTask();
 								        // Restore original values
 								        user.MasterPassword = originalMasterPassword;
 								        user.Key = originalKey;
 								    }
 								    private void UnprotectData(User user)
 								    {
 								        if (user == null)
 								        {
 								            return;
 								        }
 								        if (user.MasterPassword?.StartsWith(Constants.DatabaseFieldProtectedPrefix) ?? false)
 								        {
 								            user.MasterPassword = _dataProtector.Unprotect(
 								                user.MasterPassword.Substring(Constants.DatabaseFieldProtectedPrefix.Length));
 								        }
 								        if (user.Key?.StartsWith(Constants.DatabaseFieldProtectedPrefix) ?? false)
 								        {
 								            user.Key = _dataProtector.Unprotect(
 								                user.Key.Substring(Constants.DatabaseFieldProtectedPrefix.Length));
 								        }
 								    }
 								    private void UnprotectData(IEnumerable<User> users)
 								    {
 								        if (users == null)
 								        {
 								            return;
 								        }
 								        foreach (var user in users)
 								        {
 								            UnprotectData(user);
 								        }
 								    }
-												Added Sql project with database schema. Added SqlServer repositories for Site, Folder, and User (Cipher still TODO). Switched DI in Startup to SqlServer repos.

											
										
										
											2016-02-06 01:18:25 -05:00
+								}