admin/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2026-01-31 22:23:18 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
9e75f65a2d4e10bbf70254915bde8244a0def97d
server/src/Api/Controllers/OrganizationUsersController.cs

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

472 lines
18 KiB
C#
Raw Normal View History

Turn On `ImplicitUsings` (#2079) * Turn on ImplicitUsings * Fix formatting * Run linter
2022-06-29 19:46:41 -04:00
using Bit.Api.Models.Request.Organizations;
Move request/response models (#1754)
2021-12-14 15:05:07 +00:00
using Bit.Api.Models.Response;
Feature/self hosted families for enterprise (#1991) * Families for enterprise/split up organization sponsorship service (#1829) * Split OrganizationSponsorshipService into commands * Use tokenable for token validation * Use interfaces to set up for DI * Use commands over services * Move service tests to command tests * Value types can't be null * Run dotnet format * Update src/Core/OrganizationFeatures/OrganizationSponsorships/FamiliesForEnterprise/CancelSponsorshipCommand.cs Co-authored-by: Justin Baur <admin@justinbaur.com> * Fix controller tests Co-authored-by: Justin Baur <admin@justinbaur.com> * Families for enterprise/split up organization sponsorship service (#1875) * Split OrganizationSponsorshipService into commands * Use tokenable for token validation * Use interfaces to set up for DI * Use commands over services * Move service tests to command tests * Value types can't be null * Run dotnet format * Update src/Core/OrganizationFeatures/OrganizationSponsorships/FamiliesForEnterprise/CancelSponsorshipCommand.cs Co-authored-by: Justin Baur <admin@justinbaur.com> * Fix controller tests * Split create and send sponsorships * Split up create sponsorship * Add self hosted commands to dependency injection * Add field to store cloud billing sync key on self host instances * Fix typo * Fix data protector purpose of sponsorship offers * Split cloud and selfhosted sponsorship offer tokenable * Generate offer from self hosted with all necessary auth data * Add Required properties to constructor * Split up cancel sponsorship command * Split revoke sponsorship command between cloud and self hosted * Fix/f4e multiple sponsorships (#1838) * Use sponosorship from validate to redeem * Update tests * Format * Remove sponsorship service * Run dotnet format * Fix self hosted only controller attribute * Clean up file structure and fixes * Remove unneeded tokenables * Remove obsolete commands * Do not require file/class prefix if unnecessary * Update Organizaiton sprocs * Remove unnecessary models * Fix tests * Generalize LicenseService path calculation Use async file read and deserialization * Use interfaces for testability * Remove unused usings * Correct test direction * Test license reading * remove unused usings * Format Co-authored-by: Justin Baur <admin@justinbaur.com> * Improve DataProtectorTokenFactory test coverage (#1884) * Add encstring to server * Test factory Co-authored-by: Carlos Muentes <cmuentes@bitwarden.com> * Format * Remove SymmetricKeyProtectedString Not needed * Set ForcInvalid Co-authored-by: Carlos Muentes <cmuentes@bitwarden.com> * Feature/self f4e/api keys (#1896) * Add in ApiKey * Work on API Key table * Work on apikey table * Fix response model * Work on information for UI * Work on last sync date * Work on sync status * Work on auth * Work on tokenable * Work on merge * Add custom requirement * Add policy * Run formatting * Work on EF Migrations * Work on OrganizationConnection * Work on database * Work on additional database table * Run formatting * Small fixes * More cleanup * Cleanup * Add RevisionDate * Add GO * Finish Sql project * Add newlines * Fix stored proc file * Fix sqlproj * Add newlines * Fix table * Add navigation property * Delete Connections when organization is deleted * Add connection validation * Start adding ID column * Work on ID column * Work on SQL migration * Work on migrations * Run formatting * Fix test build * Fix sprocs * Work on migrations * Fix Create table * Fix sproc * Add prints to migration * Add default value * Update EF migrations * Formatting * Add to integration tests * Minor fixes * Formatting * Cleanup * Address PR feedback * Address more PR feedback * Fix formatting * Fix formatting * Fix * Address PR feedback * Remove accidential change * Fix SQL build * Run formatting * Address PR feedback * Add sync data to OrganizationUserOrgDetails * Add comments * Remove OrganizationConnectionService interface * Remove unused using * Address PR feedback * Formatting * Minor fix * Feature/self f4e/update db (#1930) * Fix migration * Fix TimesRenewed * Add comments * Make two properties non-nullable * Remove need for SponsoredOrg on SH (#1934) * Remove need for SponsoredOrg on SH * Add Family prefix * Add check for enterprise org on BillingSync key (#1936) * [PS-10] Feature/sponsorships removed at end of term (#1938) * Rename commands to min unique names * Inject revoke command based on self hosting * WIP: Remove/Revoke marks to delete * Complete WIP * Improve remove/revoke tests * PR review * Fail validation if sponsorship has failed to sync for 6 months * Feature/do not accept old self host sponsorships (#1939) * Do not accept >6mo old self-hosted sponsorships * Give disabled grace period of 3 months * Fix issues of Sql.proj differing from migration outcome (#1942) * Fix issues of Sql.proj differing from migration outcome * Yoink int tests * Add missing assert helpers * Feature/org sponsorship sync (#1922) * Self-hosted side sync first pass TODO: * flush out org sponsorship model * implement cloud side * process cloud-side response and update self-hosted records * sync scaffolding second pass * remove list of Org User ids from sync and begin work on SelfHostedRevokeSponsorship * allow authenticated http calls from server to return a result * update models * add logic for sync and change offer email template * add billing sync key and hide CreateSponsorship without user * fix tests * add job scheduling * add authorize attributes to endpoints * separate models into data/model and request/response * batch sync more, add EnableCloudCommunication for testing * send emails in bulk * make userId and sponsorshipType non nullable * batch more on self hosted side of sync * remove TODOs and formatting * changed logic of cloud sync * let BaseIdentityClientService handle all logging * call sync from scheduled job on self host * create bulk db operations for OrganizationSponsorships * remove SponsoredOrgId from sync, return default from server http call * validate BillingSyncKey during sync revert changes to CreateSponsorshipCommand * revert changes to ICreateSponsorshipCommand * add some tests * add DeleteExpiredSponsorshipsJob * add cloud sync test * remove extra method * formatting * prevent new sponsorships from disabled orgs * update packages * - pulled out send sponsorship command dependency from sync on cloud - don't throw error when sponsorships are empty - formatting * formatting models * more formatting * remove licensingService dependency from selfhosted sync * use installation urls and formatting * create constructor for RequestModel and formatting * add date parameter to OrganizationSponsorship_DeleteExpired * add new migration * formatting * rename OrganizationCreateSponsorshipRequestModel to OrganizationSponsorshipCreateRequestModel * prevent whole sync from failing if one sponsorship type is unsupported * deserialize config and billingsynckey from org connection * alter log message when sync disabled * Add grace period to disabled orgs * return early on self hosted if there are no sponsorships in database * rename BillingSyncConfig * send sponsorship offers from controller * allow config to be a null object * better exception handling in sync scheduler * add ef migrations * formatting * fix tests * fix validate test Co-authored-by: Matt Gibson <mgibson@bitwarden.com> * Fix OrganizationApiKey issues (#1941) Co-authored-by: Justin Baur <admin@justinbaur.com> * Feature/org sponsorship self hosted tests (#1947) * Self-hosted side sync first pass TODO: * flush out org sponsorship model * implement cloud side * process cloud-side response and update self-hosted records * sync scaffolding second pass * remove list of Org User ids from sync and begin work on SelfHostedRevokeSponsorship * allow authenticated http calls from server to return a result * update models * add logic for sync and change offer email template * add billing sync key and hide CreateSponsorship without user * fix tests * add job scheduling * add authorize attributes to endpoints * separate models into data/model and request/response * batch sync more, add EnableCloudCommunication for testing * send emails in bulk * make userId and sponsorshipType non nullable * batch more on self hosted side of sync * remove TODOs and formatting * changed logic of cloud sync * let BaseIdentityClientService handle all logging * call sync from scheduled job on self host * create bulk db operations for OrganizationSponsorships * remove SponsoredOrgId from sync, return default from server http call * validate BillingSyncKey during sync revert changes to CreateSponsorshipCommand * revert changes to ICreateSponsorshipCommand * add some tests * add DeleteExpiredSponsorshipsJob * add cloud sync test * remove extra method * formatting * prevent new sponsorships from disabled orgs * update packages * - pulled out send sponsorship command dependency from sync on cloud - don't throw error when sponsorships are empty - formatting * formatting models * more formatting * remove licensingService dependency from selfhosted sync * use installation urls and formatting * create constructor for RequestModel and formatting * add date parameter to OrganizationSponsorship_DeleteExpired * add new migration * formatting * rename OrganizationCreateSponsorshipRequestModel to OrganizationSponsorshipCreateRequestModel * prevent whole sync from failing if one sponsorship type is unsupported * deserialize config and billingsynckey from org connection * add mockHttp nuget package and use httpclientfactory * fix current tests * WIP of creating tests * WIP of new self hosted tests * WIP self hosted tests * finish self hosted tests * formatting * format of interface * remove extra config file * added newlines Co-authored-by: Matt Gibson <mgibson@bitwarden.com> * Fix Organization_DeleteById (#1950) * Fix Organization_Delete * Fix L * [PS-4] block enterprise user from sponsoring itself (#1943) * [PS-248] Feature/add connections enabled endpoint (#1953) * Move Organization models to sub namespaces * Add Organization Connection api endpoints * Get all connections rather than just enabled ones * Add missing services to DI * pluralize private api endpoints * Add type protection to org connection request/response * Fix route * Use nullable Id to signify no connection * Test Get Connections enabled * Fix data discoverer * Also drop this sproc for rerunning * Id is the OUTPUT of create sprocs * Fix connection config parsing * Linter fixes * update sqlproj file name * Use param xdocs on methods * Simplify controller path attribute * Use JsonDocument to avoid escaped json in our response/request strings * Fix JsonDoc tests * Linter fixes * Fix ApiKey Command and add tests (#1949) * Fix ApiKey command * Formatting * Fix test failures introduced in #1943 (#1957) * Remove "Did you know?" copy from emails. (#1962) * Remove "Did you know" * Remove jsonIf helper * Feature/fix send single sponsorship offer email (#1956) * Fix sponsorship offer email * Do not sanitize org name * PR feedback * Feature/f4e sync event [PS-75] (#1963) * Create sponsorship sync event type * Add InstallationId to Event model * Add combinatorics-based test case generators * Log sponsorships sync event on sync * Linter and test fixes * Fix failing test * Migrate sprocs and view * Remove unused `using`s * [PS-190] Add manual sync trigger in self hosted (#1955) * WIP add button to admin project for billing sync * add connection table to view page * minor fixes for self hosted side of sync * fixes number of bugs for cloud side of sync * deserialize before returning for some reason * add json attributes to return models * list of sponsorships parameter is immutable, add secondary list * change sproc name * add error handling * Fix tests * modify call to connection * Update src/Admin/Controllers/OrganizationsController.cs Co-authored-by: Matt Gibson <mgibson@bitwarden.com> * undo change to sproc name * simplify logic * Update src/Core/OrganizationFeatures/OrganizationSponsorships/FamiliesForEnterprise/Cloud/CloudSyncSponsorshipsCommand.cs Co-authored-by: Matt Gibson <mgibson@bitwarden.com> * register services despite if self hosted or cloud * remove json properties * revert merge conflict Co-authored-by: Matt Gibson <mgibson@bitwarden.com> * Update OrganizationSponsorship valid until when updating org expirati… (#1966) * Update OrganizationSponsorship valid until when updating org expiration date * Linter fixes * [PS-7] change revert email copy and add ValidUntil to sponsorship (#1965) * change revert email copy and add ValidUntil to sponsorship * add 15 days if no ValidUntil * Chore/merge/self hosted families for enterprise (#1972) * Log swallowed HttpRequestExceptions (#1866) Co-authored-by: Hinton <oscar@oscarhinton.com> * Allow for utilization of readonly db connection (#1937) * Bump the pin of the download-artifacts action to bypass the broken GitHub api (#1952) * Bumped version to 1.48.0 (#1958) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * [EC-160] Give Provider Users access to all org ciphers and collections (#1959) * Bumped version to 1.48.1 (#1961) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * Avoid sending "user need confirmation" emails when there are no org admins (#1960) * Remove noncompliant users for new policies (#1951) * [PS-284] Allow installation clients to not need a user. (#1968) * Allow installation clients to not need a user. * Run formatting Co-authored-by: Andrei <30410186+Manolachi@users.noreply.github.com> Co-authored-by: Hinton <oscar@oscarhinton.com> Co-authored-by: sneakernuts <671942+sneakernuts@users.noreply.github.com> Co-authored-by: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> Co-authored-by: Justin Baur <136baur@gmail.com> * Fix/license file not found (#1974) * Handle null license * Throw hint message if license is not found by the admin project. * Use CloudOrganizationId from Connection config * Change test to support change * Fix test Co-authored-by: Matt Gibson <mgibson@bitwarden.com> * Feature/f4e selfhosted rename migration to .sql (#1971) * rename migration to .sql * format * Add unit tests to self host F4E (#1975) * Work on tests * Added more tests * Run linting * Address PR feedback * Fix AssertRecent * Linting * Fixed empty tests * Fix/misc self hosted f4e (#1973) * Allow setting of ApiUri * Return updates sponsorshipsData objects * Bind arguments by name * Greedy load sponsorships to email. When upsert was called, it creates Ids on _all_ records, which meant that the lazy-evaluation from this call always returned an empty list. * add scope for sync command DI in job. simplify error logic * update the sync job to get CloudOrgId from the BillingSyncKey Co-authored-by: Jacob Fink <jfink@bitwarden.com> * Chore/merge/self hosted families for enterprise (#1987) * Log swallowed HttpRequestExceptions (#1866) Co-authored-by: Hinton <oscar@oscarhinton.com> * Allow for utilization of readonly db connection (#1937) * Bump the pin of the download-artifacts action to bypass the broken GitHub api (#1952) * Bumped version to 1.48.0 (#1958) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * [EC-160] Give Provider Users access to all org ciphers and collections (#1959) * Bumped version to 1.48.1 (#1961) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * Avoid sending "user need confirmation" emails when there are no org admins (#1960) * Remove noncompliant users for new policies (#1951) * [PS-284] Allow installation clients to not need a user. (#1968) * Allow installation clients to not need a user. * Run formatting * Use accept flow for sponsorship offers (#1964) * PS-82 check send 2FA email for new devices on TwoFactorController send-email-login (#1977) * [Bug] Skip WebAuthn 2fa event logs during login flow (#1978) * [Bug] Supress WebAuthn 2fa event logs during login process * Formatting * Simplified method call with new paramter input * Update RealIps Description (#1980) Describe the syntax of the real_ips configuration key with an example, to prevent type errors in the `setup` container when parsing `config.yml` * add proper URI validation to duo host (#1984) * captcha scores (#1967) * captcha scores * some api fixes * check bot on captcha attribute * Update src/Core/Services/Implementations/HCaptchaValidationService.cs Co-authored-by: e271828- <e271828-@users.noreply.github.com> Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com> Co-authored-by: e271828- <e271828-@users.noreply.github.com> * ensure no path specific in duo host (#1985) Co-authored-by: Andrei <30410186+Manolachi@users.noreply.github.com> Co-authored-by: Hinton <oscar@oscarhinton.com> Co-authored-by: sneakernuts <671942+sneakernuts@users.noreply.github.com> Co-authored-by: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> Co-authored-by: Justin Baur <136baur@gmail.com> Co-authored-by: Federico Maccaroni <fedemkr@gmail.com> Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com> Co-authored-by: Jordan Cooks <notnamed@users.noreply.github.com> Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com> Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com> Co-authored-by: e271828- <e271828-@users.noreply.github.com> * Address feedback (#1990) Co-authored-by: Justin Baur <admin@justinbaur.com> Co-authored-by: Carlos Muentes <cmuentes@bitwarden.com> Co-authored-by: Jake Fink <jfink@bitwarden.com> Co-authored-by: Justin Baur <136baur@gmail.com> Co-authored-by: Andrei <30410186+Manolachi@users.noreply.github.com> Co-authored-by: Hinton <oscar@oscarhinton.com> Co-authored-by: sneakernuts <671942+sneakernuts@users.noreply.github.com> Co-authored-by: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> Co-authored-by: Federico Maccaroni <fedemkr@gmail.com> Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com> Co-authored-by: Jordan Cooks <notnamed@users.noreply.github.com> Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com> Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com> Co-authored-by: e271828- <e271828-@users.noreply.github.com>
2022-05-10 17:12:09 -04:00
using Bit.Api.Models.Response.Organizations;
Add disable send policy (#1130) * Add Disable Send policy * Test DisableSend policy * PR Review * Update tests for using CurrentContext This required making an interface for CurrentContext and mocking out the members used. The interface can be expanded as needed for tests. I moved CurrentContext to a folder, which changes the namespace and causes a lot of file touches, but most are just adding a reference * Fix failing test * Update exemption to include all exempt users * Move all CurrentContext usages to ICurrentContext * PR review. Match messaging with Web
2021-02-04 12:54:21 -06:00
using Bit.Core.Context;
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
using Bit.Core.Entities;
[Reset Password] Admin reset actions (#1272) * [Reset Password] Admin reset actions * Updated thrown except for permission collision * Updated GET/PUT password reset to use orgUser.Id for db operations
2021-04-20 16:58:57 -05:00
using Bit.Core.Enums;
org user management apis
2017-03-04 21:28:41 -05:00
using Bit.Core.Exceptions;
Implemented Custom role and permissions (#1057) * Implemented Custom role and permissions * Converted permissions columns to a json blob * Code review fixes for Permissions * sql build fix * Update Permissions.cs * formatting * Update IOrganizationService.cs * reworked a conditional * built out tests for relevant organization service methods * removed unused usings * fixed a broken test and a bad empty string init * removed 'Attribute' from some attribute instances
2021-01-12 11:02:39 -05:00
using Bit.Core.Models.Business;
Feature/self hosted families for enterprise (#1991) * Families for enterprise/split up organization sponsorship service (#1829) * Split OrganizationSponsorshipService into commands * Use tokenable for token validation * Use interfaces to set up for DI * Use commands over services * Move service tests to command tests * Value types can't be null * Run dotnet format * Update src/Core/OrganizationFeatures/OrganizationSponsorships/FamiliesForEnterprise/CancelSponsorshipCommand.cs Co-authored-by: Justin Baur <admin@justinbaur.com> * Fix controller tests Co-authored-by: Justin Baur <admin@justinbaur.com> * Families for enterprise/split up organization sponsorship service (#1875) * Split OrganizationSponsorshipService into commands * Use tokenable for token validation * Use interfaces to set up for DI * Use commands over services * Move service tests to command tests * Value types can't be null * Run dotnet format * Update src/Core/OrganizationFeatures/OrganizationSponsorships/FamiliesForEnterprise/CancelSponsorshipCommand.cs Co-authored-by: Justin Baur <admin@justinbaur.com> * Fix controller tests * Split create and send sponsorships * Split up create sponsorship * Add self hosted commands to dependency injection * Add field to store cloud billing sync key on self host instances * Fix typo * Fix data protector purpose of sponsorship offers * Split cloud and selfhosted sponsorship offer tokenable * Generate offer from self hosted with all necessary auth data * Add Required properties to constructor * Split up cancel sponsorship command * Split revoke sponsorship command between cloud and self hosted * Fix/f4e multiple sponsorships (#1838) * Use sponosorship from validate to redeem * Update tests * Format * Remove sponsorship service * Run dotnet format * Fix self hosted only controller attribute * Clean up file structure and fixes * Remove unneeded tokenables * Remove obsolete commands * Do not require file/class prefix if unnecessary * Update Organizaiton sprocs * Remove unnecessary models * Fix tests * Generalize LicenseService path calculation Use async file read and deserialization * Use interfaces for testability * Remove unused usings * Correct test direction * Test license reading * remove unused usings * Format Co-authored-by: Justin Baur <admin@justinbaur.com> * Improve DataProtectorTokenFactory test coverage (#1884) * Add encstring to server * Test factory Co-authored-by: Carlos Muentes <cmuentes@bitwarden.com> * Format * Remove SymmetricKeyProtectedString Not needed * Set ForcInvalid Co-authored-by: Carlos Muentes <cmuentes@bitwarden.com> * Feature/self f4e/api keys (#1896) * Add in ApiKey * Work on API Key table * Work on apikey table * Fix response model * Work on information for UI * Work on last sync date * Work on sync status * Work on auth * Work on tokenable * Work on merge * Add custom requirement * Add policy * Run formatting * Work on EF Migrations * Work on OrganizationConnection * Work on database * Work on additional database table * Run formatting * Small fixes * More cleanup * Cleanup * Add RevisionDate * Add GO * Finish Sql project * Add newlines * Fix stored proc file * Fix sqlproj * Add newlines * Fix table * Add navigation property * Delete Connections when organization is deleted * Add connection validation * Start adding ID column * Work on ID column * Work on SQL migration * Work on migrations * Run formatting * Fix test build * Fix sprocs * Work on migrations * Fix Create table * Fix sproc * Add prints to migration * Add default value * Update EF migrations * Formatting * Add to integration tests * Minor fixes * Formatting * Cleanup * Address PR feedback * Address more PR feedback * Fix formatting * Fix formatting * Fix * Address PR feedback * Remove accidential change * Fix SQL build * Run formatting * Address PR feedback * Add sync data to OrganizationUserOrgDetails * Add comments * Remove OrganizationConnectionService interface * Remove unused using * Address PR feedback * Formatting * Minor fix * Feature/self f4e/update db (#1930) * Fix migration * Fix TimesRenewed * Add comments * Make two properties non-nullable * Remove need for SponsoredOrg on SH (#1934) * Remove need for SponsoredOrg on SH * Add Family prefix * Add check for enterprise org on BillingSync key (#1936) * [PS-10] Feature/sponsorships removed at end of term (#1938) * Rename commands to min unique names * Inject revoke command based on self hosting * WIP: Remove/Revoke marks to delete * Complete WIP * Improve remove/revoke tests * PR review * Fail validation if sponsorship has failed to sync for 6 months * Feature/do not accept old self host sponsorships (#1939) * Do not accept >6mo old self-hosted sponsorships * Give disabled grace period of 3 months * Fix issues of Sql.proj differing from migration outcome (#1942) * Fix issues of Sql.proj differing from migration outcome * Yoink int tests * Add missing assert helpers * Feature/org sponsorship sync (#1922) * Self-hosted side sync first pass TODO: * flush out org sponsorship model * implement cloud side * process cloud-side response and update self-hosted records * sync scaffolding second pass * remove list of Org User ids from sync and begin work on SelfHostedRevokeSponsorship * allow authenticated http calls from server to return a result * update models * add logic for sync and change offer email template * add billing sync key and hide CreateSponsorship without user * fix tests * add job scheduling * add authorize attributes to endpoints * separate models into data/model and request/response * batch sync more, add EnableCloudCommunication for testing * send emails in bulk * make userId and sponsorshipType non nullable * batch more on self hosted side of sync * remove TODOs and formatting * changed logic of cloud sync * let BaseIdentityClientService handle all logging * call sync from scheduled job on self host * create bulk db operations for OrganizationSponsorships * remove SponsoredOrgId from sync, return default from server http call * validate BillingSyncKey during sync revert changes to CreateSponsorshipCommand * revert changes to ICreateSponsorshipCommand * add some tests * add DeleteExpiredSponsorshipsJob * add cloud sync test * remove extra method * formatting * prevent new sponsorships from disabled orgs * update packages * - pulled out send sponsorship command dependency from sync on cloud - don't throw error when sponsorships are empty - formatting * formatting models * more formatting * remove licensingService dependency from selfhosted sync * use installation urls and formatting * create constructor for RequestModel and formatting * add date parameter to OrganizationSponsorship_DeleteExpired * add new migration * formatting * rename OrganizationCreateSponsorshipRequestModel to OrganizationSponsorshipCreateRequestModel * prevent whole sync from failing if one sponsorship type is unsupported * deserialize config and billingsynckey from org connection * alter log message when sync disabled * Add grace period to disabled orgs * return early on self hosted if there are no sponsorships in database * rename BillingSyncConfig * send sponsorship offers from controller * allow config to be a null object * better exception handling in sync scheduler * add ef migrations * formatting * fix tests * fix validate test Co-authored-by: Matt Gibson <mgibson@bitwarden.com> * Fix OrganizationApiKey issues (#1941) Co-authored-by: Justin Baur <admin@justinbaur.com> * Feature/org sponsorship self hosted tests (#1947) * Self-hosted side sync first pass TODO: * flush out org sponsorship model * implement cloud side * process cloud-side response and update self-hosted records * sync scaffolding second pass * remove list of Org User ids from sync and begin work on SelfHostedRevokeSponsorship * allow authenticated http calls from server to return a result * update models * add logic for sync and change offer email template * add billing sync key and hide CreateSponsorship without user * fix tests * add job scheduling * add authorize attributes to endpoints * separate models into data/model and request/response * batch sync more, add EnableCloudCommunication for testing * send emails in bulk * make userId and sponsorshipType non nullable * batch more on self hosted side of sync * remove TODOs and formatting * changed logic of cloud sync * let BaseIdentityClientService handle all logging * call sync from scheduled job on self host * create bulk db operations for OrganizationSponsorships * remove SponsoredOrgId from sync, return default from server http call * validate BillingSyncKey during sync revert changes to CreateSponsorshipCommand * revert changes to ICreateSponsorshipCommand * add some tests * add DeleteExpiredSponsorshipsJob * add cloud sync test * remove extra method * formatting * prevent new sponsorships from disabled orgs * update packages * - pulled out send sponsorship command dependency from sync on cloud - don't throw error when sponsorships are empty - formatting * formatting models * more formatting * remove licensingService dependency from selfhosted sync * use installation urls and formatting * create constructor for RequestModel and formatting * add date parameter to OrganizationSponsorship_DeleteExpired * add new migration * formatting * rename OrganizationCreateSponsorshipRequestModel to OrganizationSponsorshipCreateRequestModel * prevent whole sync from failing if one sponsorship type is unsupported * deserialize config and billingsynckey from org connection * add mockHttp nuget package and use httpclientfactory * fix current tests * WIP of creating tests * WIP of new self hosted tests * WIP self hosted tests * finish self hosted tests * formatting * format of interface * remove extra config file * added newlines Co-authored-by: Matt Gibson <mgibson@bitwarden.com> * Fix Organization_DeleteById (#1950) * Fix Organization_Delete * Fix L * [PS-4] block enterprise user from sponsoring itself (#1943) * [PS-248] Feature/add connections enabled endpoint (#1953) * Move Organization models to sub namespaces * Add Organization Connection api endpoints * Get all connections rather than just enabled ones * Add missing services to DI * pluralize private api endpoints * Add type protection to org connection request/response * Fix route * Use nullable Id to signify no connection * Test Get Connections enabled * Fix data discoverer * Also drop this sproc for rerunning * Id is the OUTPUT of create sprocs * Fix connection config parsing * Linter fixes * update sqlproj file name * Use param xdocs on methods * Simplify controller path attribute * Use JsonDocument to avoid escaped json in our response/request strings * Fix JsonDoc tests * Linter fixes * Fix ApiKey Command and add tests (#1949) * Fix ApiKey command * Formatting * Fix test failures introduced in #1943 (#1957) * Remove "Did you know?" copy from emails. (#1962) * Remove "Did you know" * Remove jsonIf helper * Feature/fix send single sponsorship offer email (#1956) * Fix sponsorship offer email * Do not sanitize org name * PR feedback * Feature/f4e sync event [PS-75] (#1963) * Create sponsorship sync event type * Add InstallationId to Event model * Add combinatorics-based test case generators * Log sponsorships sync event on sync * Linter and test fixes * Fix failing test * Migrate sprocs and view * Remove unused `using`s * [PS-190] Add manual sync trigger in self hosted (#1955) * WIP add button to admin project for billing sync * add connection table to view page * minor fixes for self hosted side of sync * fixes number of bugs for cloud side of sync * deserialize before returning for some reason * add json attributes to return models * list of sponsorships parameter is immutable, add secondary list * change sproc name * add error handling * Fix tests * modify call to connection * Update src/Admin/Controllers/OrganizationsController.cs Co-authored-by: Matt Gibson <mgibson@bitwarden.com> * undo change to sproc name * simplify logic * Update src/Core/OrganizationFeatures/OrganizationSponsorships/FamiliesForEnterprise/Cloud/CloudSyncSponsorshipsCommand.cs Co-authored-by: Matt Gibson <mgibson@bitwarden.com> * register services despite if self hosted or cloud * remove json properties * revert merge conflict Co-authored-by: Matt Gibson <mgibson@bitwarden.com> * Update OrganizationSponsorship valid until when updating org expirati… (#1966) * Update OrganizationSponsorship valid until when updating org expiration date * Linter fixes * [PS-7] change revert email copy and add ValidUntil to sponsorship (#1965) * change revert email copy and add ValidUntil to sponsorship * add 15 days if no ValidUntil * Chore/merge/self hosted families for enterprise (#1972) * Log swallowed HttpRequestExceptions (#1866) Co-authored-by: Hinton <oscar@oscarhinton.com> * Allow for utilization of readonly db connection (#1937) * Bump the pin of the download-artifacts action to bypass the broken GitHub api (#1952) * Bumped version to 1.48.0 (#1958) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * [EC-160] Give Provider Users access to all org ciphers and collections (#1959) * Bumped version to 1.48.1 (#1961) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * Avoid sending "user need confirmation" emails when there are no org admins (#1960) * Remove noncompliant users for new policies (#1951) * [PS-284] Allow installation clients to not need a user. (#1968) * Allow installation clients to not need a user. * Run formatting Co-authored-by: Andrei <30410186+Manolachi@users.noreply.github.com> Co-authored-by: Hinton <oscar@oscarhinton.com> Co-authored-by: sneakernuts <671942+sneakernuts@users.noreply.github.com> Co-authored-by: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> Co-authored-by: Justin Baur <136baur@gmail.com> * Fix/license file not found (#1974) * Handle null license * Throw hint message if license is not found by the admin project. * Use CloudOrganizationId from Connection config * Change test to support change * Fix test Co-authored-by: Matt Gibson <mgibson@bitwarden.com> * Feature/f4e selfhosted rename migration to .sql (#1971) * rename migration to .sql * format * Add unit tests to self host F4E (#1975) * Work on tests * Added more tests * Run linting * Address PR feedback * Fix AssertRecent * Linting * Fixed empty tests * Fix/misc self hosted f4e (#1973) * Allow setting of ApiUri * Return updates sponsorshipsData objects * Bind arguments by name * Greedy load sponsorships to email. When upsert was called, it creates Ids on _all_ records, which meant that the lazy-evaluation from this call always returned an empty list. * add scope for sync command DI in job. simplify error logic * update the sync job to get CloudOrgId from the BillingSyncKey Co-authored-by: Jacob Fink <jfink@bitwarden.com> * Chore/merge/self hosted families for enterprise (#1987) * Log swallowed HttpRequestExceptions (#1866) Co-authored-by: Hinton <oscar@oscarhinton.com> * Allow for utilization of readonly db connection (#1937) * Bump the pin of the download-artifacts action to bypass the broken GitHub api (#1952) * Bumped version to 1.48.0 (#1958) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * [EC-160] Give Provider Users access to all org ciphers and collections (#1959) * Bumped version to 1.48.1 (#1961) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * Avoid sending "user need confirmation" emails when there are no org admins (#1960) * Remove noncompliant users for new policies (#1951) * [PS-284] Allow installation clients to not need a user. (#1968) * Allow installation clients to not need a user. * Run formatting * Use accept flow for sponsorship offers (#1964) * PS-82 check send 2FA email for new devices on TwoFactorController send-email-login (#1977) * [Bug] Skip WebAuthn 2fa event logs during login flow (#1978) * [Bug] Supress WebAuthn 2fa event logs during login process * Formatting * Simplified method call with new paramter input * Update RealIps Description (#1980) Describe the syntax of the real_ips configuration key with an example, to prevent type errors in the `setup` container when parsing `config.yml` * add proper URI validation to duo host (#1984) * captcha scores (#1967) * captcha scores * some api fixes * check bot on captcha attribute * Update src/Core/Services/Implementations/HCaptchaValidationService.cs Co-authored-by: e271828- <e271828-@users.noreply.github.com> Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com> Co-authored-by: e271828- <e271828-@users.noreply.github.com> * ensure no path specific in duo host (#1985) Co-authored-by: Andrei <30410186+Manolachi@users.noreply.github.com> Co-authored-by: Hinton <oscar@oscarhinton.com> Co-authored-by: sneakernuts <671942+sneakernuts@users.noreply.github.com> Co-authored-by: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> Co-authored-by: Justin Baur <136baur@gmail.com> Co-authored-by: Federico Maccaroni <fedemkr@gmail.com> Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com> Co-authored-by: Jordan Cooks <notnamed@users.noreply.github.com> Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com> Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com> Co-authored-by: e271828- <e271828-@users.noreply.github.com> * Address feedback (#1990) Co-authored-by: Justin Baur <admin@justinbaur.com> Co-authored-by: Carlos Muentes <cmuentes@bitwarden.com> Co-authored-by: Jake Fink <jfink@bitwarden.com> Co-authored-by: Justin Baur <136baur@gmail.com> Co-authored-by: Andrei <30410186+Manolachi@users.noreply.github.com> Co-authored-by: Hinton <oscar@oscarhinton.com> Co-authored-by: sneakernuts <671942+sneakernuts@users.noreply.github.com> Co-authored-by: Joseph Flinn <58369717+joseph-flinn@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> Co-authored-by: Federico Maccaroni <fedemkr@gmail.com> Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com> Co-authored-by: Jordan Cooks <notnamed@users.noreply.github.com> Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com> Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com> Co-authored-by: e271828- <e271828-@users.noreply.github.com>
2022-05-10 17:12:09 -04:00
using Bit.Core.Models.Data.Organizations.OrganizationUsers;
[PS-616] [PS-795] Fix/auto enroll master password reset without user verification (#2038) * Fix parameter name to match entity * Deserialize policy data in object * Add policy with config type to fixtures * Return policy with deserialized config * Use CoreHelper serializers * Add master password reset on accept request * Simplify policy data parsing * Linter
2022-06-08 08:44:28 -05:00
using Bit.Core.Models.Data.Organizations.Policies;
org user management apis
2017-03-04 21:28:41 -05:00
using Bit.Core.Repositories;
using Bit.Core.Services;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace Bit.Api.Controllers;
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
org user management apis
2017-03-04 21:28:41 -05:00
[Route("organizations/{orgId}/users")]
[Authorize("Application")]
public class OrganizationUsersController : Controller
{
private readonly IOrganizationRepository _organizationRepository;
private readonly IOrganizationUserRepository _organizationUserRepository;
private readonly IOrganizationService _organizationService;
private readonly ICollectionRepository _collectionRepository;
private readonly IGroupRepository _groupRepository;
private readonly IUserService _userService;
[PS-616] [PS-795] Fix/auto enroll master password reset without user verification (#2038) * Fix parameter name to match entity * Deserialize policy data in object * Add policy with config type to fixtures * Return policy with deserialized config * Use CoreHelper serializers * Add master password reset on accept request * Simplify policy data parsing * Linter
2022-06-08 08:44:28 -05:00
private readonly IPolicyRepository _policyRepository;
org user management apis
2017-03-04 21:28:41 -05:00
private readonly ICurrentContext _currentContext;
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
org user management apis
2017-03-04 21:28:41 -05:00
public OrganizationUsersController(
IOrganizationRepository organizationRepository,
IOrganizationUserRepository organizationUserRepository,
IOrganizationService organizationService,
ICollectionRepository collectionRepository,
group user assignment apis
2017-05-09 19:04:01 -04:00
IGroupRepository groupRepository,
remove admin checks from services for ctrl context
2017-04-05 16:29:46 -04:00
IUserService userService,
[PS-616] [PS-795] Fix/auto enroll master password reset without user verification (#2038) * Fix parameter name to match entity * Deserialize policy data in object * Add policy with config type to fixtures * Return policy with deserialized config * Use CoreHelper serializers * Add master password reset on accept request * Simplify policy data parsing * Linter
2022-06-08 08:44:28 -05:00
IPolicyRepository policyRepository,
Add disable send policy (#1130) * Add Disable Send policy * Test DisableSend policy * PR Review * Update tests for using CurrentContext This required making an interface for CurrentContext and mocking out the members used. The interface can be expanded as needed for tests. I moved CurrentContext to a folder, which changes the namespace and causes a lot of file touches, but most are just adding a reference * Fix failing test * Update exemption to include all exempt users * Move all CurrentContext usages to ICurrentContext * PR review. Match messaging with Web
2021-02-04 12:54:21 -06:00
ICurrentContext currentContext)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
org user management apis
2017-03-04 21:28:41 -05:00
_organizationRepository = organizationRepository;
_organizationUserRepository = organizationUserRepository;
_organizationService = organizationService;
_collectionRepository = collectionRepository;
group user assignment apis
2017-05-09 19:04:01 -04:00
_groupRepository = groupRepository;
org user management apis
2017-03-04 21:28:41 -05:00
_userService = userService;
[PS-616] [PS-795] Fix/auto enroll master password reset without user verification (#2038) * Fix parameter name to match entity * Deserialize policy data in object * Add policy with config type to fixtures * Return policy with deserialized config * Use CoreHelper serializers * Add master password reset on accept request * Simplify policy data parsing * Linter
2022-06-08 08:44:28 -05:00
_policyRepository = policyRepository;
remove admin checks from services for ctrl context
2017-04-05 16:29:46 -04:00
_currentContext = currentContext;
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
org user management apis
2017-03-04 21:28:41 -05:00
[HttpGet("{id}")]
public async Task<OrganizationUserDetailsResponseModel> Get(string orgId, string id)
{
Group access & sproc/model refactoring.
2017-05-11 10:32:25 -04:00
var organizationUser = await _organizationUserRepository.GetByIdWithCollectionsAsync(new Guid(id));
organization user apis, hardening, completeness
2017-03-23 00:17:34 -04:00
if (organizationUser == null || !await _currentContext.ManageUsers(organizationUser.Item1.OrganizationId))
org user management apis
2017-03-04 21:28:41 -05:00
{
remove admin checks from services for ctrl context
2017-04-05 16:29:46 -04:00
throw new NotFoundException();
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
get subvaults for organization user
2017-03-11 15:34:57 -05:00
return new OrganizationUserDetailsResponseModel(organizationUser.Item1, organizationUser.Item2);
remove admin checks from services for ctrl context
2017-04-05 16:29:46 -04:00
}
Organization autoscaling (#1585) * Add autoscale fields to Organization * Add autoscale setting changes * Autoscale organizations updates InviteUsersAsync to support all invite sources. sends an email to org owners when organization autoscaled * All organizations autoscale Disabling autoscaling can be done by setting max seats to current seats. We only warn about autoscaling on the first autoscaling event. * Fix tests * Bug fixes * Simplify subscription update logic * Void invoices that fail to delete Stripe no longer allows deletion of draft invoices that were created as part of subscription updates. It's necessary to void out these invoices without sending tem to the client. * Notify org owners when their subscription runs out of seats * Use datetime for notifications Allows for later re-sending email if we want to periodically remind owners * Do not update subscription if it already matches new quatity * Include all migrations * Remove unnecessary inline styling * SubscriptionUpdate handles update decisions * Remove unnecessary html setter * PR review * Use minimum access for class methods
2021-09-23 06:36:08 -04:00
[HttpGet("")]
public async Task<ListResponseModel<OrganizationUserUserDetailsResponseModel>> Get(string orgId)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
Organization autoscaling (#1585) * Add autoscale fields to Organization * Add autoscale setting changes * Autoscale organizations updates InviteUsersAsync to support all invite sources. sends an email to org owners when organization autoscaled * All organizations autoscale Disabling autoscaling can be done by setting max seats to current seats. We only warn about autoscaling on the first autoscaling event. * Fix tests * Bug fixes * Simplify subscription update logic * Void invoices that fail to delete Stripe no longer allows deletion of draft invoices that were created as part of subscription updates. It's necessary to void out these invoices without sending tem to the client. * Notify org owners when their subscription runs out of seats * Use datetime for notifications Allows for later re-sending email if we want to periodically remind owners * Do not update subscription if it already matches new quatity * Include all migrations * Remove unnecessary inline styling * SubscriptionUpdate handles update decisions * Remove unnecessary html setter * PR review * Use minimum access for class methods
2021-09-23 06:36:08 -04:00
var orgGuidId = new Guid(orgId);
if (!await _currentContext.ViewAllCollections(orgGuidId) &&
!await _currentContext.ViewAssignedCollections(orgGuidId) &&
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
!await _currentContext.ManageGroups(orgGuidId) &&
Organization autoscaling (#1585) * Add autoscale fields to Organization * Add autoscale setting changes * Autoscale organizations updates InviteUsersAsync to support all invite sources. sends an email to org owners when organization autoscaled * All organizations autoscale Disabling autoscaling can be done by setting max seats to current seats. We only warn about autoscaling on the first autoscaling event. * Fix tests * Bug fixes * Simplify subscription update logic * Void invoices that fail to delete Stripe no longer allows deletion of draft invoices that were created as part of subscription updates. It's necessary to void out these invoices without sending tem to the client. * Notify org owners when their subscription runs out of seats * Use datetime for notifications Allows for later re-sending email if we want to periodically remind owners * Do not update subscription if it already matches new quatity * Include all migrations * Remove unnecessary inline styling * SubscriptionUpdate handles update decisions * Remove unnecessary html setter * PR review * Use minimum access for class methods
2021-09-23 06:36:08 -04:00
!await _currentContext.ManageUsers(orgGuidId))
{
throw new NotFoundException();
org user management apis
2017-03-04 21:28:41 -05:00
}
Run dotnet format (#1764)
2021-12-16 15:35:09 +01:00
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
var organizationUsers = await _organizationUserRepository.GetManyDetailsByOrganizationAsync(orgGuidId);
var responseTasks = organizationUsers.Select(async o => new OrganizationUserUserDetailsResponseModel(o,
await _userService.TwoFactorIsEnabledAsync(o)));
return twofactor enabled property on org users api
2018-12-19 11:48:36 -05:00
var responses = await Task.WhenAll(responseTasks);
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
return new ListResponseModel<OrganizationUserUserDetailsResponseModel>(responses);
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
[HttpGet("{id}/groups")]
public async Task<IEnumerable<string>> GetGroups(string orgId, string id)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
group user assignment apis
2017-05-09 19:04:01 -04:00
var organizationUser = await _organizationUserRepository.GetByIdAsync(new Guid(id));
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
if (organizationUser == null || (!await _currentContext.ManageGroups(organizationUser.OrganizationId) &&
[Provider] Create and access child organizations (#1427)
2021-07-08 17:05:32 +02:00
!await _currentContext.ManageUsers(organizationUser.OrganizationId)))
Bulk re-invite of org users (#1316) * Add APIs for Bulk reinvinte * Resolve review comments.
2021-05-12 11:18:25 +02:00
{
throw new NotFoundException();
}
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
var groupIds = await _groupRepository.GetManyIdsByUserIdAsync(organizationUser.Id);
var responses = groupIds.Select(g => g.ToString());
return responses;
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
[Reset Password] Admin reset actions (#1272) * [Reset Password] Admin reset actions * Updated thrown except for permission collision * Updated GET/PUT password reset to use orgUser.Id for db operations
2021-04-20 16:58:57 -05:00
[HttpGet("{id}/reset-password-details")]
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
public async Task<OrganizationUserResetPasswordDetailsResponseModel> GetResetPasswordDetails(string orgId, string id)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
// Make sure the calling user can reset passwords for this org
var orgGuidId = new Guid(orgId);
if (!await _currentContext.ManageResetPassword(orgGuidId))
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
throw new NotFoundException();
Bulk re-invite of org users (#1316) * Add APIs for Bulk reinvinte * Resolve review comments.
2021-05-12 11:18:25 +02:00
}
org user management apis
2017-03-04 21:28:41 -05:00
organization user apis, hardening, completeness
2017-03-23 00:17:34 -04:00
var organizationUser = await _organizationUserRepository.GetByIdAsync(new Guid(id));
if (organizationUser == null || !organizationUser.UserId.HasValue)
{
remove admin checks from services for ctrl context
2017-04-05 16:29:46 -04:00
throw new NotFoundException();
}
// Retrieve data necessary for response (KDF, KDF Iterations, ResetPasswordKey)
// TODO Reset Password - Revisit this and create SPROC to reduce DB calls
var user = await _userService.GetUserByIdAsync(organizationUser.UserId.Value);
[Reset Password] Admin reset actions (#1272) * [Reset Password] Admin reset actions * Updated thrown except for permission collision * Updated GET/PUT password reset to use orgUser.Id for db operations
2021-04-20 16:58:57 -05:00
if (user == null)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
remove admin checks from services for ctrl context
2017-04-05 16:29:46 -04:00
throw new NotFoundException();
organization user apis, hardening, completeness
2017-03-23 00:17:34 -04:00
}
[PS-616] [PS-795] Fix/auto enroll master password reset without user verification (#2038) * Fix parameter name to match entity * Deserialize policy data in object * Add policy with config type to fixtures * Return policy with deserialized config * Use CoreHelper serializers * Add master password reset on accept request * Simplify policy data parsing * Linter
2022-06-08 08:44:28 -05:00
// Retrieve Encrypted Private Key from organization
var org = await _organizationRepository.GetByIdAsync(orgGuidId);
if (org == null)
org user management apis
2017-03-04 21:28:41 -05:00
{
user null checks for unauthorized
2017-06-02 13:17:46 -04:00
throw new NotFoundException();
}
Use the correct policy enum type (#2045) Explicit conversion from non-generics to generics doesn't seem to work here, so I moved to using the read methods already on base Policy.
2022-06-09 18:57:56 -05:00
return new OrganizationUserResetPasswordDetailsResponseModel(new OrganizationUserResetPasswordDetails(organizationUser, user, org));
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
[PS-616] [PS-795] Fix/auto enroll master password reset without user verification (#2038) * Fix parameter name to match entity * Deserialize policy data in object * Add policy with config type to fixtures * Return policy with deserialized config * Use CoreHelper serializers * Add master password reset on accept request * Simplify policy data parsing * Linter
2022-06-08 08:44:28 -05:00
[HttpPost("invite")]
public async Task Invite(string orgId, [FromBody] OrganizationUserInviteRequestModel model)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
[PS-616] [PS-795] Fix/auto enroll master password reset without user verification (#2038) * Fix parameter name to match entity * Deserialize policy data in object * Add policy with config type to fixtures * Return policy with deserialized config * Use CoreHelper serializers * Add master password reset on accept request * Simplify policy data parsing * Linter
2022-06-08 08:44:28 -05:00
var orgGuidId = new Guid(orgId);
if (!await _currentContext.ManageUsers(orgGuidId))
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
[PS-616] [PS-795] Fix/auto enroll master password reset without user verification (#2038) * Fix parameter name to match entity * Deserialize policy data in object * Add policy with config type to fixtures * Return policy with deserialized config * Use CoreHelper serializers * Add master password reset on accept request * Simplify policy data parsing * Linter
2022-06-08 08:44:28 -05:00
throw new NotFoundException();
}
var userId = _userService.GetProperUserId(User);
var result = await _organizationService.InviteUsersAsync(orgGuidId, userId.Value,
new (OrganizationUserInvite, string)[] { (new OrganizationUserInvite(model.ToData()), null) });
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
[PS-616] [PS-795] Fix/auto enroll master password reset without user verification (#2038) * Fix parameter name to match entity * Deserialize policy data in object * Add policy with config type to fixtures * Return policy with deserialized config * Use CoreHelper serializers * Add master password reset on accept request * Simplify policy data parsing * Linter
2022-06-08 08:44:28 -05:00
[HttpPost("reinvite")]
public async Task<ListResponseModel<OrganizationUserBulkResponseModel>> BulkReinvite(string orgId, [FromBody] OrganizationUserBulkRequestModel model)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
[PS-616] [PS-795] Fix/auto enroll master password reset without user verification (#2038) * Fix parameter name to match entity * Deserialize policy data in object * Add policy with config type to fixtures * Return policy with deserialized config * Use CoreHelper serializers * Add master password reset on accept request * Simplify policy data parsing * Linter
2022-06-08 08:44:28 -05:00
var orgGuidId = new Guid(orgId);
if (!await _currentContext.ManageUsers(orgGuidId))
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
[PS-616] [PS-795] Fix/auto enroll master password reset without user verification (#2038) * Fix parameter name to match entity * Deserialize policy data in object * Add policy with config type to fixtures * Return policy with deserialized config * Use CoreHelper serializers * Add master password reset on accept request * Simplify policy data parsing * Linter
2022-06-08 08:44:28 -05:00
throw new NotFoundException();
org user management apis
2017-03-04 21:28:41 -05:00
}
organization user apis, hardening, completeness
2017-03-23 00:17:34 -04:00
var userId = _userService.GetProperUserId(User);
check user has 2fa enabled when confirming
2020-03-09 15:13:40 -04:00
var result = await _organizationService.ResendInvitesAsync(orgGuidId, userId.Value, model.Ids);
return new ListResponseModel<OrganizationUserBulkResponseModel>(
organization user apis, hardening, completeness
2017-03-23 00:17:34 -04:00
result.Select(t => new OrganizationUserBulkResponseModel(t.Item1.Id, t.Item2)));
org user management apis
2017-03-04 21:28:41 -05:00
}
organization user apis, hardening, completeness
2017-03-23 00:17:34 -04:00
[HttpPost("{id}/reinvite")]
remove admin checks from services for ctrl context
2017-04-05 16:29:46 -04:00
public async Task Reinvite(string orgId, string id)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
remove admin checks from services for ctrl context
2017-04-05 16:29:46 -04:00
var orgGuidId = new Guid(orgId);
if (!await _currentContext.ManageUsers(orgGuidId))
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
remove admin checks from services for ctrl context
2017-04-05 16:29:46 -04:00
throw new NotFoundException();
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
}
remove admin checks from services for ctrl context
2017-04-05 16:29:46 -04:00
var userId = _userService.GetProperUserId(User);
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
await _organizationService.ResendInviteAsync(orgGuidId, userId.Value, new Guid(id));
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
[HttpPost("{organizationUserId}/accept")]
public async Task Accept(Guid orgId, Guid organizationUserId, [FromBody] OrganizationUserAcceptRequestModel model)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
var user = await _userService.GetUserByPrincipalAsync(User);
if (user == null)
Turn on file scoped namespaces (#2225)
2022-08-29 14:53:16 -04:00
{
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
throw new UnauthorizedAccessException();
}
var masterPasswordPolicy = await _policyRepository.GetByOrganizationIdTypeAsync(orgId, PolicyType.ResetPassword);
var useMasterPasswordPolicy = masterPasswordPolicy != null &&
[PS-616] [PS-795] Fix/auto enroll master password reset without user verification (#2038) * Fix parameter name to match entity * Deserialize policy data in object * Add policy with config type to fixtures * Return policy with deserialized config * Use CoreHelper serializers * Add master password reset on accept request * Simplify policy data parsing * Linter
2022-06-08 08:44:28 -05:00
masterPasswordPolicy.Enabled &&
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
masterPasswordPolicy.GetDataModel<ResetPasswordDataModel>().AutoEnrollEnabled;
if (useMasterPasswordPolicy &&
string.IsNullOrWhiteSpace(model.ResetPasswordKey))
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
throw new BadRequestException(string.Empty, "Master Password reset is required, but not provided.");
}
organization user apis, hardening, completeness
2017-03-23 00:17:34 -04:00
await _organizationService.AcceptUserAsync(organizationUserId, user, model.Token, _userService);
remove admin checks from services for ctrl context
2017-04-05 16:29:46 -04:00
SubvaultUser APIs and services
2017-03-09 23:58:43 -05:00
if (useMasterPasswordPolicy)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
SubvaultUser APIs and services
2017-03-09 23:58:43 -05:00
await _organizationService.UpdateUserResetPasswordEnrollmentAsync(orgId, user.Id, model.ResetPasswordKey, user.Id);
}
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
SubvaultUser APIs and services
2017-03-09 23:58:43 -05:00
organization user apis, hardening, completeness
2017-03-23 00:17:34 -04:00
[HttpPost("{id}/confirm")]
public async Task Confirm(string orgId, string id, [FromBody] OrganizationUserConfirmRequestModel model)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
remove admin checks from services for ctrl context
2017-04-05 16:29:46 -04:00
var orgGuidId = new Guid(orgId);
organization user apis, hardening, completeness
2017-03-23 00:17:34 -04:00
if (!await _currentContext.ManageUsers(orgGuidId))
Turn on file scoped namespaces (#2225)
2022-08-29 14:53:16 -04:00
{
collection user refactor
2017-05-11 14:52:35 -04:00
throw new NotFoundException();
SubvaultUser APIs and services
2017-03-09 23:58:43 -05:00
}
group user assignment apis
2017-05-09 19:04:01 -04:00
var userId = _userService.GetProperUserId(User);
var result = await _organizationService.ConfirmUserAsync(orgGuidId, new Guid(id), model.Key, userId.Value,
_userService);
Revert filescoped (#2227) * Revert "Add git blame entry (#2226)" This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d. * Revert "Turn on file scoped namespaces (#2225)" This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
2022-08-29 15:53:48 -04:00
}
group user assignment apis
2017-05-09 19:04:01 -04:00
Implemented Custom role and permissions (#1057) * Implemented Custom role and permissions * Converted permissions columns to a json blob * Code review fixes for Permissions * sql build fix * Update Permissions.cs * formatting * Update IOrganizationService.cs * reworked a conditional * built out tests for relevant organization service methods * removed unused usings * fixed a broken test and a bad empty string init * removed 'Attribute' from some attribute instances
2021-01-12 11:02:39 -05:00
[HttpPost("confirm")]
public async Task<ListResponseModel<OrganizationUserBulkResponseModel>> BulkConfirm(string orgId,
[FromBody] OrganizationUserBulkConfirmRequestModel model)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
Implemented Custom role and permissions (#1057) * Implemented Custom role and permissions * Converted permissions columns to a json blob * Code review fixes for Permissions * sql build fix * Update Permissions.cs * formatting * Update IOrganizationService.cs * reworked a conditional * built out tests for relevant organization service methods * removed unused usings * fixed a broken test and a bad empty string init * removed 'Attribute' from some attribute instances
2021-01-12 11:02:39 -05:00
var orgGuidId = new Guid(orgId);
if (!await _currentContext.ManageUsers(orgGuidId))
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
Implemented Custom role and permissions (#1057) * Implemented Custom role and permissions * Converted permissions columns to a json blob * Code review fixes for Permissions * sql build fix * Update Permissions.cs * formatting * Update IOrganizationService.cs * reworked a conditional * built out tests for relevant organization service methods * removed unused usings * fixed a broken test and a bad empty string init * removed 'Attribute' from some attribute instances
2021-01-12 11:02:39 -05:00
throw new NotFoundException();
group user assignment apis
2017-05-09 19:04:01 -04:00
}
Run dotnet format (#1764)
2021-12-16 15:35:09 +01:00
remove admin checks from services for ctrl context
2017-04-05 16:29:46 -04:00
var userId = _userService.GetProperUserId(User);
org user management apis
2017-03-04 21:28:41 -05:00
var results = await _organizationService.ConfirmUsersAsync(orgGuidId, model.ToDictionary(), userId.Value,
_userService);
Turn on file scoped namespaces (#2225)
2022-08-29 14:53:16 -04:00
CSA-1 - adding master password authentication when enrolling in passw… (#1940) * CSA-2 - adding master password authentication when enrolling in password reset * Getting user by principal rather than ID * Removing unnecessary userId call * Use secret verification for re-auth api requests Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2022-05-19 15:55:42 -04:00
return new ListResponseModel<OrganizationUserBulkResponseModel>(results.Select(r =>
new OrganizationUserBulkResponseModel(r.Item1.Id, r.Item2)));
}
[PS-616] [PS-795] Fix/auto enroll master password reset without user verification (#2038) * Fix parameter name to match entity * Deserialize policy data in object * Add policy with config type to fixtures * Return policy with deserialized config * Use CoreHelper serializers * Add master password reset on accept request * Simplify policy data parsing * Linter
2022-06-08 08:44:28 -05:00
[HttpPost("public-keys")]
CSA-1 - adding master password authentication when enrolling in passw… (#1940) * CSA-2 - adding master password authentication when enrolling in password reset * Getting user by principal rather than ID * Removing unnecessary userId call * Use secret verification for re-auth api requests Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2022-05-19 15:55:42 -04:00
public async Task<ListResponseModel<OrganizationUserPublicKeyResponseModel>> UserPublicKeys(string orgId, [FromBody] OrganizationUserBulkRequestModel model)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
var orgGuidId = new Guid(orgId);
CSA-1 - adding master password authentication when enrolling in passw… (#1940) * CSA-2 - adding master password authentication when enrolling in password reset * Getting user by principal rather than ID * Removing unnecessary userId call * Use secret verification for re-auth api requests Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2022-05-19 15:55:42 -04:00
if (!await _currentContext.ManageUsers(orgGuidId))
Turn on file scoped namespaces (#2225)
2022-08-29 14:53:16 -04:00
{
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
throw new NotFoundException();
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
var result = await _organizationUserRepository.GetManyPublicKeysByOrganizationUserAsync(orgGuidId, model.Ids);
CSA-1 - adding master password authentication when enrolling in passw… (#1940) * CSA-2 - adding master password authentication when enrolling in password reset * Getting user by principal rather than ID * Removing unnecessary userId call * Use secret verification for re-auth api requests Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2022-05-19 15:55:42 -04:00
var responses = result.Select(r => new OrganizationUserPublicKeyResponseModel(r.Id, r.UserId, r.PublicKey)).ToList();
return new ListResponseModel<OrganizationUserPublicKeyResponseModel>(responses);
Revert filescoped (#2227) * Revert "Add git blame entry (#2226)" This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d. * Revert "Turn on file scoped namespaces (#2225)" This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
2022-08-29 15:53:48 -04:00
}
CSA-1 - adding master password authentication when enrolling in passw… (#1940) * CSA-2 - adding master password authentication when enrolling in password reset * Getting user by principal rather than ID * Removing unnecessary userId call * Use secret verification for re-auth api requests Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2022-05-19 15:55:42 -04:00
[HttpPut("{id}")]
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
[HttpPost("{id}")]
public async Task Put(string orgId, string id, [FromBody] OrganizationUserUpdateRequestModel model)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
var orgGuidId = new Guid(orgId);
if (!await _currentContext.ManageUsers(orgGuidId))
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
throw new NotFoundException();
[Reset Password] Enrollment API, Service, and Model updates (#1245) * [Reset Password] Enrollment API, Service and Model updates * Added conditional check for calling User's ID
2021-03-30 09:48:52 -05:00
}
Run dotnet format (#1764)
2021-12-16 15:35:09 +01:00
[Reset Password] Admin reset actions (#1272) * [Reset Password] Admin reset actions * Updated thrown except for permission collision * Updated GET/PUT password reset to use orgUser.Id for db operations
2021-04-20 16:58:57 -05:00
var organizationUser = await _organizationUserRepository.GetByIdAsync(new Guid(id));
if (organizationUser == null || organizationUser.OrganizationId != orgGuidId)
{
Changed all C# control flow block statements to include space between keyword and open paren
2020-03-27 14:36:37 -04:00
throw new NotFoundException();
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
Run dotnet format (#1764)
2021-12-16 15:35:09 +01:00
Add logic to handle providers password reseting users (#1632)
2021-10-14 17:44:20 +02:00
var userId = _userService.GetProperUserId(User);
await _organizationService.SaveUserAsync(model.ToOrganizationUser(organizationUser), userId.Value,
[Reset Password] Admin reset actions (#1272) * [Reset Password] Admin reset actions * Updated thrown except for permission collision * Updated GET/PUT password reset to use orgUser.Id for db operations
2021-04-20 16:58:57 -05:00
model.Collections?.Select(c => c.ToSelectionReadOnly()));
}
[Reset Password] Enrollment API, Service, and Model updates (#1245) * [Reset Password] Enrollment API, Service and Model updates * Added conditional check for calling User's ID
2021-03-30 09:48:52 -05:00
[HttpPut("{id}/groups")]
[HttpPost("{id}/groups")]
[Reset Password] Admin reset actions (#1272) * [Reset Password] Admin reset actions * Updated thrown except for permission collision * Updated GET/PUT password reset to use orgUser.Id for db operations
2021-04-20 16:58:57 -05:00
public async Task PutGroups(string orgId, string id, [FromBody] OrganizationUserUpdateGroupsRequestModel model)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
CSA-1 - adding master password authentication when enrolling in passw… (#1940) * CSA-2 - adding master password authentication when enrolling in password reset * Getting user by principal rather than ID * Removing unnecessary userId call * Use secret verification for re-auth api requests Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2022-05-19 15:55:42 -04:00
var orgGuidId = new Guid(orgId);
[Reset Password] Admin reset actions (#1272) * [Reset Password] Admin reset actions * Updated thrown except for permission collision * Updated GET/PUT password reset to use orgUser.Id for db operations
2021-04-20 16:58:57 -05:00
if (!await _currentContext.ManageUsers(orgGuidId))
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
[Reset Password] Admin reset actions (#1272) * [Reset Password] Admin reset actions * Updated thrown except for permission collision * Updated GET/PUT password reset to use orgUser.Id for db operations
2021-04-20 16:58:57 -05:00
throw new NotFoundException();
[Reset Password] Get/Post Org Keys and API updates (#1323) * [Reset Password] Organization Keys APIs * Updated details response to include private key and added more security checks for reset password methods * Added org type and policy security checks to the enrollment api * Updated based on PR feedback * Added org user type permission checks * Added TODO for email to user * Removed unecessary policyRepository object
2021-05-19 09:40:32 -05:00
}
group user assignment apis
2017-05-09 19:04:01 -04:00
org user management apis
2017-03-04 21:28:41 -05:00
var organizationUser = await _organizationUserRepository.GetByIdAsync(new Guid(id));
if (organizationUser == null || organizationUser.OrganizationId != orgGuidId)
{
remove admin checks from services for ctrl context
2017-04-05 16:29:46 -04:00
throw new NotFoundException();
Add API for bulk removal of org users (#1320) * Add API for bulk removal of org users * Refactor OrganizationService, extract some common code. * Add tests for DeleteUserAsync * Add tests for DeleteUsers * Formating * Update test/Core.Test/Services/OrganizationServiceTests.cs added a space Co-authored-by: Addison Beck <abeck@bitwarden.com>
2021-05-17 10:10:44 +02:00
}
var loggedInUserId = _userService.GetProperUserId(User);
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
await _organizationService.UpdateUserGroupsAsync(organizationUser, model.GroupIds.Select(g => new Guid(g)), loggedInUserId);
Revert filescoped (#2227) * Revert "Add git blame entry (#2226)" This reverts commit 239286737d15cb84a893703ee5a8b33a2d67ad3d. * Revert "Turn on file scoped namespaces (#2225)" This reverts commit 34fb4cca2aa78deb84d4cbc359992a7c6bba7ea5.
2022-08-29 15:53:48 -04:00
}
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
[HttpPut("{userId}/reset-password-enrollment")]
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
public async Task PutResetPasswordEnrollment(string orgId, string userId, [FromBody] OrganizationUserResetPasswordEnrollmentRequestModel model)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
var user = await _userService.GetUserByPrincipalAsync(User);
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
if (user == null)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
throw new UnauthorizedAccessException();
Add API for bulk removal of org users (#1320) * Add API for bulk removal of org users * Refactor OrganizationService, extract some common code. * Add tests for DeleteUserAsync * Add tests for DeleteUsers * Formating * Update test/Core.Test/Services/OrganizationServiceTests.cs added a space Co-authored-by: Addison Beck <abeck@bitwarden.com>
2021-05-17 10:10:44 +02:00
}
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
if (model.ResetPasswordKey != null && !await _userService.VerifySecretAsync(user, model.Secret))
{
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
await Task.Delay(2000);
throw new BadRequestException("MasterPasswordHash", "Invalid password.");
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
}
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
else
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
{
CSA-1 - adding master password authentication when enrolling in passw… (#1940) * CSA-2 - adding master password authentication when enrolling in password reset * Getting user by principal rather than ID * Removing unnecessary userId call * Use secret verification for re-auth api requests Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2022-05-19 15:55:42 -04:00
var callingUserId = user.Id;
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
await _organizationService.UpdateUserResetPasswordEnrollmentAsync(
new Guid(orgId), new Guid(userId), model.ResetPasswordKey, callingUserId);
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
}
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
[Reset Password] Admin reset actions (#1272) * [Reset Password] Admin reset actions * Updated thrown except for permission collision * Updated GET/PUT password reset to use orgUser.Id for db operations
2021-04-20 16:58:57 -05:00
[HttpPut("{id}/reset-password")]
[Reset Password] Enrollment API, Service, and Model updates (#1245) * [Reset Password] Enrollment API, Service and Model updates * Added conditional check for calling User's ID
2021-03-30 09:48:52 -05:00
public async Task PutResetPassword(string orgId, string id, [FromBody] OrganizationUserResetPasswordRequestModel model)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
var orgGuidId = new Guid(orgId);
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
// Calling user must have Manage Reset Password permission
if (!await _currentContext.ManageResetPassword(orgGuidId))
{
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
throw new NotFoundException();
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
}
// Get the users role, since provider users aren't a member of the organization we use the owner check
var orgUserType = await _currentContext.OrganizationOwner(orgGuidId)
? OrganizationUserType.Owner
: _currentContext.Organizations?.FirstOrDefault(o => o.Id == orgGuidId)?.Type;
if (orgUserType == null)
{
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
throw new NotFoundException();
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
}
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
var result = await _userService.AdminResetPasswordAsync(orgUserType.Value, orgGuidId, new Guid(id), model.NewMasterPasswordHash, model.Key);
if (result.Succeeded)
{
return;
}
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
[Reset Password] Admin reset actions (#1272) * [Reset Password] Admin reset actions * Updated thrown except for permission collision * Updated GET/PUT password reset to use orgUser.Id for db operations
2021-04-20 16:58:57 -05:00
await Task.Delay(2000);
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
throw new BadRequestException(ModelState);
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
[HttpDelete("{id}")]
[HttpPost("{id}/delete")]
public async Task Delete(string orgId, string id)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
var orgGuidId = new Guid(orgId);
if (!await _currentContext.ManageUsers(orgGuidId))
{
[EC-388] Enforce organization policies when restoring user (#2152)
2022-08-03 07:09:22 +10:00
throw new NotFoundException();
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
}
Add API for bulk removal of org users (#1320) * Add API for bulk removal of org users * Refactor OrganizationService, extract some common code. * Add tests for DeleteUserAsync * Add tests for DeleteUsers * Formating * Update test/Core.Test/Services/OrganizationServiceTests.cs added a space Co-authored-by: Addison Beck <abeck@bitwarden.com>
2021-05-17 10:10:44 +02:00
var userId = _userService.GetProperUserId(User);
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
await _organizationService.DeleteUserAsync(orgGuidId, new Guid(id), userId.Value);
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
Add API for bulk removal of org users (#1320) * Add API for bulk removal of org users * Refactor OrganizationService, extract some common code. * Add tests for DeleteUserAsync * Add tests for DeleteUsers * Formating * Update test/Core.Test/Services/OrganizationServiceTests.cs added a space Co-authored-by: Addison Beck <abeck@bitwarden.com>
2021-05-17 10:10:44 +02:00
[HttpDelete("")]
org user management apis
2017-03-04 21:28:41 -05:00
[HttpPost("delete")]
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
public async Task<ListResponseModel<OrganizationUserBulkResponseModel>> BulkDelete(string orgId, [FromBody] OrganizationUserBulkRequestModel model)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
var orgGuidId = new Guid(orgId);
if (!await _currentContext.ManageUsers(orgGuidId))
{
[EC-388] Enforce organization policies when restoring user (#2152)
2022-08-03 07:09:22 +10:00
throw new NotFoundException();
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
}
var userId = _userService.GetProperUserId(User);
var result = await _organizationService.DeleteUsersAsync(orgGuidId, model.Ids, userId.Value);
return new ListResponseModel<OrganizationUserBulkResponseModel>(result.Select(r =>
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
new OrganizationUserBulkResponseModel(r.Item1.Id, r.Item2)));
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
[Obsolete("2022-07-22 Moved to {id}/revoke endpoint")]
[HttpPatch("{id}/deactivate")]
[HttpPut("{id}/deactivate")]
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
public async Task Deactivate(Guid orgId, Guid id)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
[EC-388] Enforce organization policies when restoring user (#2152)
2022-08-03 07:09:22 +10:00
await RevokeAsync(orgId, id);
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
[Obsolete("2022-07-22 Moved to /revoke endpoint")]
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
[HttpPatch("deactivate")]
[HttpPut("deactivate")]
public async Task<ListResponseModel<OrganizationUserBulkResponseModel>> BulkDeactivate(Guid orgId, [FromBody] OrganizationUserBulkRequestModel model)
Turn on file scoped namespaces (#2225)
2022-08-29 14:53:16 -04:00
{
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
return await BulkRevokeAsync(orgId, model);
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
[Obsolete("2022-07-22 Moved to {id}/restore endpoint")]
[HttpPatch("{id}/activate")]
[HttpPut("{id}/activate")]
public async Task Activate(Guid orgId, Guid id)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
await RestoreAsync(orgId, id);
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
[Obsolete("2022-07-22 Moved to /restore endpoint")]
[HttpPatch("activate")]
[HttpPut("activate")]
public async Task<ListResponseModel<OrganizationUserBulkResponseModel>> BulkActivate(Guid orgId, [FromBody] OrganizationUserBulkRequestModel model)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
return await BulkRestoreAsync(orgId, model);
Turn on file scoped namespaces (#2225)
2022-08-29 14:53:16 -04:00
}
[EC-388] Enforce organization policies when restoring user (#2152)
2022-08-03 07:09:22 +10:00
[HttpPatch("{id}/revoke")]
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
[HttpPut("{id}/revoke")]
[EC-388] Enforce organization policies when restoring user (#2152)
2022-08-03 07:09:22 +10:00
public async Task RevokeAsync(Guid orgId, Guid id)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
[EC-388] Enforce organization policies when restoring user (#2152)
2022-08-03 07:09:22 +10:00
await RestoreOrRevokeUserAsync(orgId, id, _organizationService.RevokeUserAsync);
Turn on file scoped namespaces (#2225)
2022-08-29 14:53:16 -04:00
}
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
[HttpPatch("revoke")]
[HttpPut("revoke")]
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
public async Task<ListResponseModel<OrganizationUserBulkResponseModel>> BulkRevokeAsync(Guid orgId, [FromBody] OrganizationUserBulkRequestModel model)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
return await RestoreOrRevokeUsersAsync(orgId, model, _organizationService.RevokeUsersAsync);
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
[HttpPatch("{id}/restore")]
[Reset Password] Admin reset actions (#1272) * [Reset Password] Admin reset actions * Updated thrown except for permission collision * Updated GET/PUT password reset to use orgUser.Id for db operations
2021-04-20 16:58:57 -05:00
[HttpPut("{id}/restore")]
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
public async Task RestoreAsync(Guid orgId, Guid id)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
await RestoreOrRevokeUserAsync(orgId, id, (orgUser, userId) => _organizationService.RestoreUserAsync(orgUser, userId, _userService));
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
Add API for bulk removal of org users (#1320) * Add API for bulk removal of org users * Refactor OrganizationService, extract some common code. * Add tests for DeleteUserAsync * Add tests for DeleteUsers * Formating * Update test/Core.Test/Services/OrganizationServiceTests.cs added a space Co-authored-by: Addison Beck <abeck@bitwarden.com>
2021-05-17 10:10:44 +02:00
[HttpPatch("restore")]
add back missing verbs for backwards compat
2018-07-16 17:32:08 -04:00
[HttpPut("restore")]
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
public async Task<ListResponseModel<OrganizationUserBulkResponseModel>> BulkRestoreAsync(Guid orgId, [FromBody] OrganizationUserBulkRequestModel model)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
[EC-388] Enforce organization policies when restoring user (#2152)
2022-08-03 07:09:22 +10:00
return await RestoreOrRevokeUsersAsync(orgId, model, (orgId, orgUserIds, restoringUserId) => _organizationService.RestoreUsersAsync(orgId, orgUserIds, restoringUserId, _userService));
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
private async Task RestoreOrRevokeUserAsync(
Guid orgId,
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
Guid id,
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
Func<OrganizationUser, Guid?, Task> statusAction)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
if (!await _currentContext.ManageUsers(orgId))
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
throw new NotFoundException();
}
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
var userId = _userService.GetProperUserId(User);
var orgUser = await _organizationUserRepository.GetByIdAsync(id);
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
if (orgUser == null || orgUser.OrganizationId != orgId)
{
throw new NotFoundException();
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
}
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
await statusAction(orgUser, userId);
}
private async Task<ListResponseModel<OrganizationUserBulkResponseModel>> RestoreOrRevokeUsersAsync(
Guid orgId,
OrganizationUserBulkRequestModel model,
Func<Guid, IEnumerable<Guid>, Guid?, Task<List<Tuple<OrganizationUser, string>>>> statusAction)
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
if (!await _currentContext.ManageUsers(orgId))
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
{
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
throw new NotFoundException();
}
Run formatting (#2230)
2022-08-29 16:06:55 -04:00
EC-262 - implement org user deactivated flag and behavior server (#2050) * SM-47 - Add Disabled status to enum + schema * SM-47 - Enable and disable sprocs and repositories * SM-47 - Organization service enble/disable user * SM-47 - Fix lint errors * SM-47 - add disable/enable endpoints to API * SM-47 - Add bulk operations for enable/disable * SM-47 - Fix linting errors, one of these days I'll do this first * SM-47 - Codesense fix DRY warnings * EC-262 - Code review changes, async cleanup * EC-262 - Fix build issues, async refs * EC-262 - Update controller param types * EC-262 - Ensure mutable state is correct * EC-262 - rename disabled to deactivated
2022-06-16 15:59:57 -04:00
var userId = _userService.GetProperUserId(User);
var result = await statusAction(orgId, model.Ids, userId.Value);
[EC-338] Update SCIM code naming conventions (revoked/restore) (#2140) * Keep old endpoints but mark as deprecated * Do not change existing sproc naming
2022-07-25 10:47:44 +10:00
return new ListResponseModel<OrganizationUserBulkResponseModel>(result.Select(r =>
Bulk Confirm (#1345) * Add support for bulk confirm * Add missing sproc to migration * Change ConfirmUserAsync to internally use ConfirmUsersAsync * Refactor to be a bit more readable * Change BulkReinvite and BulkRemove to return a list of errors/success * Refactor * Fix removing owner preventing removing non owners * Add another unit test * Use fixtures for OrganizationUser and Policies * Fix spelling
2021-05-25 19:23:47 +02:00
new OrganizationUserBulkResponseModel(r.Item1.Id, r.Item2)));
org user management apis
2017-03-04 21:28:41 -05:00
}
}
Reference in New Issue Copy Permalink