2022-06-29 19:46:41 -04:00
|
|
|
|
using System.ComponentModel.DataAnnotations;
|
2024-03-05 10:56:48 +00:00
|
|
|
|
using System.Net;
|
2022-01-21 09:36:25 -05:00
|
|
|
|
using System.Text.Json;
|
2023-04-14 13:25:56 -04:00
|
|
|
|
using Bit.Core.Auth.Enums;
|
|
|
|
|
|
using Bit.Core.Auth.Models;
|
2024-06-14 15:34:47 -04:00
|
|
|
|
using Bit.Core.Billing.Enums;
|
2025-07-17 12:02:25 -05:00
|
|
|
|
using Bit.Core.Billing.Organizations.Models;
|
2023-11-29 09:18:08 +10:00
|
|
|
|
using Bit.Core.Entities;
|
2017-03-02 00:15:05 -05:00
|
|
|
|
using Bit.Core.Enums;
|
2024-10-18 11:00:01 -04:00
|
|
|
|
using Bit.Core.Services;
|
2017-03-02 00:15:05 -05:00
|
|
|
|
using Bit.Core.Utilities;
|
|
|
|
|
|
|
2024-07-04 21:14:37 -04:00
|
|
|
|
#nullable enable
|
|
|
|
|
|
|
2023-11-29 09:18:08 +10:00
|
|
|
|
namespace Bit.Core.AdminConsole.Entities;
|
2022-08-29 16:06:55 -04:00
|
|
|
|
|
2025-06-02 16:49:49 +02:00
|
|
|
|
public class Organization : ITableObject<Guid>, IStorableSubscriber, IRevisable
|
2017-03-02 00:15:05 -05:00
|
|
|
|
{
|
2024-07-04 21:14:37 -04:00
|
|
|
|
private Dictionary<TwoFactorProviderType, TwoFactorProvider>? _twoFactorProviders;
|
2022-08-29 16:06:55 -04:00
|
|
|
|
|
2017-04-27 09:19:30 -04:00
|
|
|
|
public Guid Id { get; set; }
|
|
|
|
|
|
[MaxLength(50)]
|
2024-07-04 21:14:37 -04:00
|
|
|
|
public string? Identifier { get; set; }
|
2024-03-05 10:56:48 +00:00
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// This value is HTML encoded. For display purposes use the method DisplayName() instead.
|
|
|
|
|
|
/// </summary>
|
2017-04-27 09:19:30 -04:00
|
|
|
|
[MaxLength(50)]
|
2024-07-04 21:14:37 -04:00
|
|
|
|
public string Name { get; set; } = null!;
|
2024-03-05 10:56:48 +00:00
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// This value is HTML encoded. For display purposes use the method DisplayBusinessName() instead.
|
|
|
|
|
|
/// </summary>
|
2017-04-27 09:19:30 -04:00
|
|
|
|
[MaxLength(50)]
|
2025-08-20 09:27:05 -04:00
|
|
|
|
[Obsolete("This property has been deprecated. Use the 'Name' property instead.")]
|
2024-07-04 21:14:37 -04:00
|
|
|
|
public string? BusinessName { get; set; }
|
2017-04-27 09:19:30 -04:00
|
|
|
|
[MaxLength(50)]
|
2024-07-04 21:14:37 -04:00
|
|
|
|
public string? BusinessAddress1 { get; set; }
|
2017-04-27 09:19:30 -04:00
|
|
|
|
[MaxLength(50)]
|
2024-07-04 21:14:37 -04:00
|
|
|
|
public string? BusinessAddress2 { get; set; }
|
Postgres & MySql Support For Self-Hosted Installations (#1386)
* EF Database Support Init (#1221)
* scaffolding for ef support
* deleted old postgres repos
* added tables to oncreate
* updated all the things to .NET 5
* Addition to #1221: Migrated DockerFiles from dotnet/3.1 to 5.0 (#1223)
* Migrated DockerFiles from dotnet/3.1 to 5.0
* Migrated SSO/Dockerfile from dotnet 3.1 to 5.0
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* EFDatabaseSupport: Updated links and description in README.md and SETUP.md (#1232)
* Updated requirements in README.md
* Updated link to documentation of app-secrets
* upgraded dotnet version to 5.0
* Ef database support implementation examples (#1265)
* mostly finished testing the user repo
* finished testing user repo
* finished org, user, ssoconfig, and ssouser ef implementations
* removed unused prop
* fixed a sql file
* fixed a spacing issue
* fixed a spacing issue
* removed extra database creation
* refactoring
* MsSql => SqlServer
* refactoring
* code review fixes
* build fix
* code review
* continued attempts to fix the the build
* skipped another test
* finished all create test
* initial pass at several repos
* continued building out repos
* initial pass at several repos
* initial pass at device repo
* initial pass at collection repo
* initial run of all Entity Framework implementations
* signup, signin, create/edit ciphers works
* sync working
* all web vault pages seem to load with 100% 200s
* bulkcopy, folders, and favorites
* group and collection management
* sso, groups, emergency access, send
* get basic creates matching on all repos
* got everything building again post merge
* removed some IDE config files
* cleanup
* no more notimplemented methods in the cipher repo
* no more not implementeds everywhere
* cleaned up schema/navigation properties and fixed tests
* removed a sql comment that was written in c# style
* fixed build issues from merge
* removed unsupported db providers
* formatting
* code review refactors
* naming cleanup for queries
* added provider methods
* cipher repo cleanup
* implemented several missing procedures from the EF implementation surround account revision dates, keys, and storage
* fixed the build
* added a null check
* consolidated some cipher repo methods
* formatting fix
* cleaned up indentation of queries
* removed .idea file
* generated postgres migrations
* added mysql migrations
* formatting
* Bug Fixes & Formatting
* Formatting
* fixed a bug with bulk import when using MySql
* code review fixes
* fixed the build
* implemented new methods
* formatting
* fixed the build
* cleaned up select statements in ef queries
* formatting
* formatting
* formatting
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2021-07-08 12:35:48 -04:00
|
|
|
|
[MaxLength(50)]
|
2024-07-04 21:14:37 -04:00
|
|
|
|
public string? BusinessAddress3 { get; set; }
|
Postgres & MySql Support For Self-Hosted Installations (#1386)
* EF Database Support Init (#1221)
* scaffolding for ef support
* deleted old postgres repos
* added tables to oncreate
* updated all the things to .NET 5
* Addition to #1221: Migrated DockerFiles from dotnet/3.1 to 5.0 (#1223)
* Migrated DockerFiles from dotnet/3.1 to 5.0
* Migrated SSO/Dockerfile from dotnet 3.1 to 5.0
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* EFDatabaseSupport: Updated links and description in README.md and SETUP.md (#1232)
* Updated requirements in README.md
* Updated link to documentation of app-secrets
* upgraded dotnet version to 5.0
* Ef database support implementation examples (#1265)
* mostly finished testing the user repo
* finished testing user repo
* finished org, user, ssoconfig, and ssouser ef implementations
* removed unused prop
* fixed a sql file
* fixed a spacing issue
* fixed a spacing issue
* removed extra database creation
* refactoring
* MsSql => SqlServer
* refactoring
* code review fixes
* build fix
* code review
* continued attempts to fix the the build
* skipped another test
* finished all create test
* initial pass at several repos
* continued building out repos
* initial pass at several repos
* initial pass at device repo
* initial pass at collection repo
* initial run of all Entity Framework implementations
* signup, signin, create/edit ciphers works
* sync working
* all web vault pages seem to load with 100% 200s
* bulkcopy, folders, and favorites
* group and collection management
* sso, groups, emergency access, send
* get basic creates matching on all repos
* got everything building again post merge
* removed some IDE config files
* cleanup
* no more notimplemented methods in the cipher repo
* no more not implementeds everywhere
* cleaned up schema/navigation properties and fixed tests
* removed a sql comment that was written in c# style
* fixed build issues from merge
* removed unsupported db providers
* formatting
* code review refactors
* naming cleanup for queries
* added provider methods
* cipher repo cleanup
* implemented several missing procedures from the EF implementation surround account revision dates, keys, and storage
* fixed the build
* added a null check
* consolidated some cipher repo methods
* formatting fix
* cleaned up indentation of queries
* removed .idea file
* generated postgres migrations
* added mysql migrations
* formatting
* Bug Fixes & Formatting
* Formatting
* fixed a bug with bulk import when using MySql
* code review fixes
* fixed the build
* implemented new methods
* formatting
* fixed the build
* cleaned up select statements in ef queries
* formatting
* formatting
* formatting
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2021-07-08 12:35:48 -04:00
|
|
|
|
[MaxLength(2)]
|
2024-07-04 21:14:37 -04:00
|
|
|
|
public string? BusinessCountry { get; set; }
|
Postgres & MySql Support For Self-Hosted Installations (#1386)
* EF Database Support Init (#1221)
* scaffolding for ef support
* deleted old postgres repos
* added tables to oncreate
* updated all the things to .NET 5
* Addition to #1221: Migrated DockerFiles from dotnet/3.1 to 5.0 (#1223)
* Migrated DockerFiles from dotnet/3.1 to 5.0
* Migrated SSO/Dockerfile from dotnet 3.1 to 5.0
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* EFDatabaseSupport: Updated links and description in README.md and SETUP.md (#1232)
* Updated requirements in README.md
* Updated link to documentation of app-secrets
* upgraded dotnet version to 5.0
* Ef database support implementation examples (#1265)
* mostly finished testing the user repo
* finished testing user repo
* finished org, user, ssoconfig, and ssouser ef implementations
* removed unused prop
* fixed a sql file
* fixed a spacing issue
* fixed a spacing issue
* removed extra database creation
* refactoring
* MsSql => SqlServer
* refactoring
* code review fixes
* build fix
* code review
* continued attempts to fix the the build
* skipped another test
* finished all create test
* initial pass at several repos
* continued building out repos
* initial pass at several repos
* initial pass at device repo
* initial pass at collection repo
* initial run of all Entity Framework implementations
* signup, signin, create/edit ciphers works
* sync working
* all web vault pages seem to load with 100% 200s
* bulkcopy, folders, and favorites
* group and collection management
* sso, groups, emergency access, send
* get basic creates matching on all repos
* got everything building again post merge
* removed some IDE config files
* cleanup
* no more notimplemented methods in the cipher repo
* no more not implementeds everywhere
* cleaned up schema/navigation properties and fixed tests
* removed a sql comment that was written in c# style
* fixed build issues from merge
* removed unsupported db providers
* formatting
* code review refactors
* naming cleanup for queries
* added provider methods
* cipher repo cleanup
* implemented several missing procedures from the EF implementation surround account revision dates, keys, and storage
* fixed the build
* added a null check
* consolidated some cipher repo methods
* formatting fix
* cleaned up indentation of queries
* removed .idea file
* generated postgres migrations
* added mysql migrations
* formatting
* Bug Fixes & Formatting
* Formatting
* fixed a bug with bulk import when using MySql
* code review fixes
* fixed the build
* implemented new methods
* formatting
* fixed the build
* cleaned up select statements in ef queries
* formatting
* formatting
* formatting
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2021-07-08 12:35:48 -04:00
|
|
|
|
[MaxLength(30)]
|
2024-07-04 21:14:37 -04:00
|
|
|
|
public string? BusinessTaxNumber { get; set; }
|
Postgres & MySql Support For Self-Hosted Installations (#1386)
* EF Database Support Init (#1221)
* scaffolding for ef support
* deleted old postgres repos
* added tables to oncreate
* updated all the things to .NET 5
* Addition to #1221: Migrated DockerFiles from dotnet/3.1 to 5.0 (#1223)
* Migrated DockerFiles from dotnet/3.1 to 5.0
* Migrated SSO/Dockerfile from dotnet 3.1 to 5.0
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* EFDatabaseSupport: Updated links and description in README.md and SETUP.md (#1232)
* Updated requirements in README.md
* Updated link to documentation of app-secrets
* upgraded dotnet version to 5.0
* Ef database support implementation examples (#1265)
* mostly finished testing the user repo
* finished testing user repo
* finished org, user, ssoconfig, and ssouser ef implementations
* removed unused prop
* fixed a sql file
* fixed a spacing issue
* fixed a spacing issue
* removed extra database creation
* refactoring
* MsSql => SqlServer
* refactoring
* code review fixes
* build fix
* code review
* continued attempts to fix the the build
* skipped another test
* finished all create test
* initial pass at several repos
* continued building out repos
* initial pass at several repos
* initial pass at device repo
* initial pass at collection repo
* initial run of all Entity Framework implementations
* signup, signin, create/edit ciphers works
* sync working
* all web vault pages seem to load with 100% 200s
* bulkcopy, folders, and favorites
* group and collection management
* sso, groups, emergency access, send
* get basic creates matching on all repos
* got everything building again post merge
* removed some IDE config files
* cleanup
* no more notimplemented methods in the cipher repo
* no more not implementeds everywhere
* cleaned up schema/navigation properties and fixed tests
* removed a sql comment that was written in c# style
* fixed build issues from merge
* removed unsupported db providers
* formatting
* code review refactors
* naming cleanup for queries
* added provider methods
* cipher repo cleanup
* implemented several missing procedures from the EF implementation surround account revision dates, keys, and storage
* fixed the build
* added a null check
* consolidated some cipher repo methods
* formatting fix
* cleaned up indentation of queries
* removed .idea file
* generated postgres migrations
* added mysql migrations
* formatting
* Bug Fixes & Formatting
* Formatting
* fixed a bug with bulk import when using MySql
* code review fixes
* fixed the build
* implemented new methods
* formatting
* fixed the build
* cleaned up select statements in ef queries
* formatting
* formatting
* formatting
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2021-07-08 12:35:48 -04:00
|
|
|
|
[MaxLength(256)]
|
2024-07-04 21:14:37 -04:00
|
|
|
|
public string BillingEmail { get; set; } = null!;
|
Postgres & MySql Support For Self-Hosted Installations (#1386)
* EF Database Support Init (#1221)
* scaffolding for ef support
* deleted old postgres repos
* added tables to oncreate
* updated all the things to .NET 5
* Addition to #1221: Migrated DockerFiles from dotnet/3.1 to 5.0 (#1223)
* Migrated DockerFiles from dotnet/3.1 to 5.0
* Migrated SSO/Dockerfile from dotnet 3.1 to 5.0
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* EFDatabaseSupport: Updated links and description in README.md and SETUP.md (#1232)
* Updated requirements in README.md
* Updated link to documentation of app-secrets
* upgraded dotnet version to 5.0
* Ef database support implementation examples (#1265)
* mostly finished testing the user repo
* finished testing user repo
* finished org, user, ssoconfig, and ssouser ef implementations
* removed unused prop
* fixed a sql file
* fixed a spacing issue
* fixed a spacing issue
* removed extra database creation
* refactoring
* MsSql => SqlServer
* refactoring
* code review fixes
* build fix
* code review
* continued attempts to fix the the build
* skipped another test
* finished all create test
* initial pass at several repos
* continued building out repos
* initial pass at several repos
* initial pass at device repo
* initial pass at collection repo
* initial run of all Entity Framework implementations
* signup, signin, create/edit ciphers works
* sync working
* all web vault pages seem to load with 100% 200s
* bulkcopy, folders, and favorites
* group and collection management
* sso, groups, emergency access, send
* get basic creates matching on all repos
* got everything building again post merge
* removed some IDE config files
* cleanup
* no more notimplemented methods in the cipher repo
* no more not implementeds everywhere
* cleaned up schema/navigation properties and fixed tests
* removed a sql comment that was written in c# style
* fixed build issues from merge
* removed unsupported db providers
* formatting
* code review refactors
* naming cleanup for queries
* added provider methods
* cipher repo cleanup
* implemented several missing procedures from the EF implementation surround account revision dates, keys, and storage
* fixed the build
* added a null check
* consolidated some cipher repo methods
* formatting fix
* cleaned up indentation of queries
* removed .idea file
* generated postgres migrations
* added mysql migrations
* formatting
* Bug Fixes & Formatting
* Formatting
* fixed a bug with bulk import when using MySql
* code review fixes
* fixed the build
* implemented new methods
* formatting
* fixed the build
* cleaned up select statements in ef queries
* formatting
* formatting
* formatting
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2021-07-08 12:35:48 -04:00
|
|
|
|
[MaxLength(50)]
|
2024-07-04 21:14:37 -04:00
|
|
|
|
public string Plan { get; set; } = null!;
|
2017-03-03 00:07:11 -05:00
|
|
|
|
public PlanType PlanType { get; set; }
|
2017-04-27 09:19:30 -04:00
|
|
|
|
public int? Seats { get; set; }
|
2020-07-07 12:01:34 -04:00
|
|
|
|
public short? MaxCollections { get; set; }
|
2020-01-15 15:00:54 -05:00
|
|
|
|
public bool UsePolicies { get; set; }
|
2020-07-22 09:38:39 -04:00
|
|
|
|
public bool UseSso { get; set; }
|
2021-11-17 11:46:35 +01:00
|
|
|
|
public bool UseKeyConnector { get; set; }
|
2022-07-14 15:58:48 -04:00
|
|
|
|
public bool UseScim { get; set; }
|
2017-05-08 14:22:40 -04:00
|
|
|
|
public bool UseGroups { get; set; }
|
2017-04-27 09:19:30 -04:00
|
|
|
|
public bool UseDirectory { get; set; }
|
|
|
|
|
|
public bool UseEvents { get; set; }
|
2017-07-07 14:08:30 -04:00
|
|
|
|
public bool UseTotp { get; set; }
|
2018-04-02 14:53:19 -04:00
|
|
|
|
public bool Use2fa { get; set; }
|
2019-03-02 15:09:33 -05:00
|
|
|
|
public bool UseApi { get; set; }
|
2017-04-27 09:19:30 -04:00
|
|
|
|
public bool UseResetPassword { get; set; }
|
2023-01-13 15:02:53 +01:00
|
|
|
|
public bool UseSecretsManager { get; set; }
|
2017-08-09 17:01:37 -04:00
|
|
|
|
public bool SelfHost { get; set; }
|
2017-11-06 16:01:58 -05:00
|
|
|
|
public bool UsersGetPremium { get; set; }
|
2022-12-06 09:50:08 +00:00
|
|
|
|
public bool UseCustomPermissions { get; set; }
|
2017-04-27 09:19:30 -04:00
|
|
|
|
public long? Storage { get; set; }
|
|
|
|
|
|
public short? MaxStorageGb { get; set; }
|
2017-07-28 14:24:07 -04:00
|
|
|
|
public GatewayType? Gateway { get; set; }
|
Postgres & MySql Support For Self-Hosted Installations (#1386)
* EF Database Support Init (#1221)
* scaffolding for ef support
* deleted old postgres repos
* added tables to oncreate
* updated all the things to .NET 5
* Addition to #1221: Migrated DockerFiles from dotnet/3.1 to 5.0 (#1223)
* Migrated DockerFiles from dotnet/3.1 to 5.0
* Migrated SSO/Dockerfile from dotnet 3.1 to 5.0
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* EFDatabaseSupport: Updated links and description in README.md and SETUP.md (#1232)
* Updated requirements in README.md
* Updated link to documentation of app-secrets
* upgraded dotnet version to 5.0
* Ef database support implementation examples (#1265)
* mostly finished testing the user repo
* finished testing user repo
* finished org, user, ssoconfig, and ssouser ef implementations
* removed unused prop
* fixed a sql file
* fixed a spacing issue
* fixed a spacing issue
* removed extra database creation
* refactoring
* MsSql => SqlServer
* refactoring
* code review fixes
* build fix
* code review
* continued attempts to fix the the build
* skipped another test
* finished all create test
* initial pass at several repos
* continued building out repos
* initial pass at several repos
* initial pass at device repo
* initial pass at collection repo
* initial run of all Entity Framework implementations
* signup, signin, create/edit ciphers works
* sync working
* all web vault pages seem to load with 100% 200s
* bulkcopy, folders, and favorites
* group and collection management
* sso, groups, emergency access, send
* get basic creates matching on all repos
* got everything building again post merge
* removed some IDE config files
* cleanup
* no more notimplemented methods in the cipher repo
* no more not implementeds everywhere
* cleaned up schema/navigation properties and fixed tests
* removed a sql comment that was written in c# style
* fixed build issues from merge
* removed unsupported db providers
* formatting
* code review refactors
* naming cleanup for queries
* added provider methods
* cipher repo cleanup
* implemented several missing procedures from the EF implementation surround account revision dates, keys, and storage
* fixed the build
* added a null check
* consolidated some cipher repo methods
* formatting fix
* cleaned up indentation of queries
* removed .idea file
* generated postgres migrations
* added mysql migrations
* formatting
* Bug Fixes & Formatting
* Formatting
* fixed a bug with bulk import when using MySql
* code review fixes
* fixed the build
* implemented new methods
* formatting
* fixed the build
* cleaned up select statements in ef queries
* formatting
* formatting
* formatting
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2021-07-08 12:35:48 -04:00
|
|
|
|
[MaxLength(50)]
|
2024-07-04 21:14:37 -04:00
|
|
|
|
public string? GatewayCustomerId { get; set; }
|
Postgres & MySql Support For Self-Hosted Installations (#1386)
* EF Database Support Init (#1221)
* scaffolding for ef support
* deleted old postgres repos
* added tables to oncreate
* updated all the things to .NET 5
* Addition to #1221: Migrated DockerFiles from dotnet/3.1 to 5.0 (#1223)
* Migrated DockerFiles from dotnet/3.1 to 5.0
* Migrated SSO/Dockerfile from dotnet 3.1 to 5.0
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* EFDatabaseSupport: Updated links and description in README.md and SETUP.md (#1232)
* Updated requirements in README.md
* Updated link to documentation of app-secrets
* upgraded dotnet version to 5.0
* Ef database support implementation examples (#1265)
* mostly finished testing the user repo
* finished testing user repo
* finished org, user, ssoconfig, and ssouser ef implementations
* removed unused prop
* fixed a sql file
* fixed a spacing issue
* fixed a spacing issue
* removed extra database creation
* refactoring
* MsSql => SqlServer
* refactoring
* code review fixes
* build fix
* code review
* continued attempts to fix the the build
* skipped another test
* finished all create test
* initial pass at several repos
* continued building out repos
* initial pass at several repos
* initial pass at device repo
* initial pass at collection repo
* initial run of all Entity Framework implementations
* signup, signin, create/edit ciphers works
* sync working
* all web vault pages seem to load with 100% 200s
* bulkcopy, folders, and favorites
* group and collection management
* sso, groups, emergency access, send
* get basic creates matching on all repos
* got everything building again post merge
* removed some IDE config files
* cleanup
* no more notimplemented methods in the cipher repo
* no more not implementeds everywhere
* cleaned up schema/navigation properties and fixed tests
* removed a sql comment that was written in c# style
* fixed build issues from merge
* removed unsupported db providers
* formatting
* code review refactors
* naming cleanup for queries
* added provider methods
* cipher repo cleanup
* implemented several missing procedures from the EF implementation surround account revision dates, keys, and storage
* fixed the build
* added a null check
* consolidated some cipher repo methods
* formatting fix
* cleaned up indentation of queries
* removed .idea file
* generated postgres migrations
* added mysql migrations
* formatting
* Bug Fixes & Formatting
* Formatting
* fixed a bug with bulk import when using MySql
* code review fixes
* fixed the build
* implemented new methods
* formatting
* fixed the build
* cleaned up select statements in ef queries
* formatting
* formatting
* formatting
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2021-07-08 12:35:48 -04:00
|
|
|
|
[MaxLength(50)]
|
2024-07-04 21:14:37 -04:00
|
|
|
|
public string? GatewaySubscriptionId { get; set; }
|
|
|
|
|
|
public string? ReferenceData { get; set; }
|
2017-04-27 09:19:30 -04:00
|
|
|
|
public bool Enabled { get; set; } = true;
|
Postgres & MySql Support For Self-Hosted Installations (#1386)
* EF Database Support Init (#1221)
* scaffolding for ef support
* deleted old postgres repos
* added tables to oncreate
* updated all the things to .NET 5
* Addition to #1221: Migrated DockerFiles from dotnet/3.1 to 5.0 (#1223)
* Migrated DockerFiles from dotnet/3.1 to 5.0
* Migrated SSO/Dockerfile from dotnet 3.1 to 5.0
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* EFDatabaseSupport: Updated links and description in README.md and SETUP.md (#1232)
* Updated requirements in README.md
* Updated link to documentation of app-secrets
* upgraded dotnet version to 5.0
* Ef database support implementation examples (#1265)
* mostly finished testing the user repo
* finished testing user repo
* finished org, user, ssoconfig, and ssouser ef implementations
* removed unused prop
* fixed a sql file
* fixed a spacing issue
* fixed a spacing issue
* removed extra database creation
* refactoring
* MsSql => SqlServer
* refactoring
* code review fixes
* build fix
* code review
* continued attempts to fix the the build
* skipped another test
* finished all create test
* initial pass at several repos
* continued building out repos
* initial pass at several repos
* initial pass at device repo
* initial pass at collection repo
* initial run of all Entity Framework implementations
* signup, signin, create/edit ciphers works
* sync working
* all web vault pages seem to load with 100% 200s
* bulkcopy, folders, and favorites
* group and collection management
* sso, groups, emergency access, send
* get basic creates matching on all repos
* got everything building again post merge
* removed some IDE config files
* cleanup
* no more notimplemented methods in the cipher repo
* no more not implementeds everywhere
* cleaned up schema/navigation properties and fixed tests
* removed a sql comment that was written in c# style
* fixed build issues from merge
* removed unsupported db providers
* formatting
* code review refactors
* naming cleanup for queries
* added provider methods
* cipher repo cleanup
* implemented several missing procedures from the EF implementation surround account revision dates, keys, and storage
* fixed the build
* added a null check
* consolidated some cipher repo methods
* formatting fix
* cleaned up indentation of queries
* removed .idea file
* generated postgres migrations
* added mysql migrations
* formatting
* Bug Fixes & Formatting
* Formatting
* fixed a bug with bulk import when using MySql
* code review fixes
* fixed the build
* implemented new methods
* formatting
* fixed the build
* cleaned up select statements in ef queries
* formatting
* formatting
* formatting
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2021-07-08 12:35:48 -04:00
|
|
|
|
[MaxLength(100)]
|
2024-07-04 21:14:37 -04:00
|
|
|
|
public string? LicenseKey { get; set; }
|
|
|
|
|
|
public string? PublicKey { get; set; }
|
|
|
|
|
|
public string? PrivateKey { get; set; }
|
|
|
|
|
|
public string? TwoFactorProviders { get; set; }
|
2017-04-27 09:19:30 -04:00
|
|
|
|
public DateTime? ExpirationDate { get; set; }
|
|
|
|
|
|
public DateTime CreationDate { get; set; } = DateTime.UtcNow;
|
|
|
|
|
|
public DateTime RevisionDate { get; set; } = DateTime.UtcNow;
|
|
|
|
|
|
public int? MaxAutoscaleSeats { get; set; } = null;
|
|
|
|
|
|
public DateTime? OwnersNotifiedOfAutoscaling { get; set; } = null;
|
2023-04-14 11:13:16 +01:00
|
|
|
|
public OrganizationStatusType Status { get; set; }
|
2023-06-12 23:48:17 +01:00
|
|
|
|
public bool UsePasswordManager { get; set; }
|
|
|
|
|
|
public int? SmSeats { get; set; }
|
|
|
|
|
|
public int? SmServiceAccounts { get; set; }
|
|
|
|
|
|
public int? MaxAutoscaleSmSeats { get; set; }
|
|
|
|
|
|
public int? MaxAutoscaleSmServiceAccounts { get; set; }
|
[AC-1373] Flexible Collections (#3245)
* [AC-1117] Add manage permission (#3126)
* Update sql files to add Manage permission
* Add migration script
* Rename collection manage migration file to remove duplicate migration date
* Migrations
* Add manage to models
* Add manage to repository
* Add constraint to Manage columns
* Migration lint fixes
* Add manage to OrganizationUserUserDetails_ReadWithCollectionsById
* Add missing manage fields
* Add 'Manage' to UserCollectionDetails
* Use CREATE OR ALTER where possible
* [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145)
* feat: update org table with new column, write migration, refs AC-1374
* feat: update views with new column, refs AC-1374
* feat: Alter sprocs (org create/update) to include new column, refs AC-1374
* feat: update entity/data/request/response models to handle new column, refs AC-1374
* feat: update necessary Provider related views during migration, refs AC-1374
* fix: update org create to default new column to false, refs AC-1374
* feat: added new API/request model for collection management and removed property from update request model, refs AC-1374
* fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: add ef migrations to reflect mssql changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374
* fix: merge conflict resolution
* [AC-1174] CollectionUser and CollectionGroup authorization handlers (#3194)
* [AC-1174] Introduce BulkAuthorizationHandler.cs
* [AC-1174] Introduce CollectionUserAuthorizationHandler
* [AC-1174] Add CreateForNewCollection CollectionUser requirement
* [AC-1174] Add some more details to CollectionCustomization
* [AC-1174] Formatting
* [AC-1174] Add CollectionGroupOperation.cs
* [AC-1174] Introduce CollectionGroupAuthorizationHandler.cs
* [AC-1174] Cleanup CollectionFixture customization
Implement and use re-usable extension method to support seeded Guids
* [AC-1174] Introduce WithValueFromList AutoFixtureExtensions
Modify CollectionCustomization to use multiple organization Ids for auto generated test data
* [AC-1174] Simplify CollectionUserAuthorizationHandler.cs
Modify the authorization handler to only perform authorization logic. Validation logic will need to be handled by any calling commands/controllers instead.
* [AC-1174] Introduce shared CollectionAccessAuthorizationHandlerBase
A shared base authorization handler was created for both CollectionUser and CollectionGroup resources, as they share the same underlying management authorization logic.
* [AC-1174] Update CollectionUserAuthorizationHandler and CollectionGroupAuthorizationHandler to use the new CollectionAccessAuthorizationHandlerBase class
* [AC-1174] Formatting
* [AC-1174] Cleanup typo and redundant ToList() call
* [AC-1174] Add check for provider users
* [AC-1174] Reduce nested loops
* [AC-1174] Introduce ICollectionAccess.cs
* [AC-1174] Remove individual CollectionGroup and CollectionUser auth handlers and use base class instead
* [AC-1174] Tweak unit test to fail minimally
* [AC-1174] Reorganize authorization handlers in Core project
* [AC-1174] Introduce new AddCoreAuthorizationHandlers() extension method
* [AC-1174] Move CollectionAccessAuthorizationHandler into Api project
* [AC-1174] Move CollectionFixture to Vault folder
* [AC-1174] Rename operation to CreateUpdateDelete
* [AC-1174] Require single organization for collection access authorization handler
- Add requirement that all target collections must belong to the same organization
- Simplify logic related to multiple organizations
- Update tests and helpers
- Use ToHashSet to improve lookup time
* [AC-1174] Fix null reference exception
* [AC-1174] Throw bad request exception when collections belong to different organizations
* [AC-1174] Switch to CollectionAuthorizationHandler instead of CollectionAccessAuthorizationHandler to reduce complexity
* Fix improper merge conflict resolution
* fix: add permission check for collection management api, refs AC-1647 (#3252)
* [AC-1125] Enforce org setting for creating/deleting collections (#3241)
* [AC-1117] Add manage permission (#3126)
* Update sql files to add Manage permission
* Add migration script
* Rename collection manage migration file to remove duplicate migration date
* Migrations
* Add manage to models
* Add manage to repository
* Add constraint to Manage columns
* Migration lint fixes
* Add manage to OrganizationUserUserDetails_ReadWithCollectionsById
* Add missing manage fields
* Add 'Manage' to UserCollectionDetails
* Use CREATE OR ALTER where possible
* [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145)
* feat: update org table with new column, write migration, refs AC-1374
* feat: update views with new column, refs AC-1374
* feat: Alter sprocs (org create/update) to include new column, refs AC-1374
* feat: update entity/data/request/response models to handle new column, refs AC-1374
* feat: update necessary Provider related views during migration, refs AC-1374
* fix: update org create to default new column to false, refs AC-1374
* feat: added new API/request model for collection management and removed property from update request model, refs AC-1374
* fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: add ef migrations to reflect mssql changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374
* feat: created collection auth handler/operations, added LimitCollectionCdOwnerAdmin to CurrentContentOrganization, refs AC-1125
* feat: create vault service collection extensions and register with base services, refs AC-1125
* feat: deprecated CurrentContext.CreateNewCollections, refs AC-1125
* feat: deprecate DeleteAnyCollection for single resource usages, refs AC-1125
* feat: move service registration to api, update references, refs AC-1125
* feat: add bulk delete authorization handler, refs AC-1125
* feat: always assign user and give manage access on create, refs AC-1125
* fix: updated CurrentContextOrganization type, refs AC-1125
* feat: combined existing collection authorization handlers/operations, refs AC-1125
* fix: OrganizationServiceTests -> CurrentContentOrganization typo, refs AC-1125
* fix: format, refs AC-1125
* fix: update collection controller tests, refs AC-1125
* fix: dotnet format, refs AC-1125
* feat: removed extra BulkAuthorizationHandler, refs AC-1125
* fix: dotnet format, refs AC-1125
* fix: change string to guid for org id, update bulk delete request model, refs AC-1125
* fix: remove delete many collection check, refs AC-1125
* fix: clean up collection auth handler, refs AC-1125
* fix: format fix for CollectionOperations, refs AC-1125
* fix: removed unnecessary owner check, add org null check to custom permission validation, refs AC-1125
* fix: remove unused methods in CurrentContext, refs AC-1125
* fix: removed obsolete test, fixed failling delete many test, refs AC-1125
* fix: CollectionAuthorizationHandlerTests fixes, refs AC-1125
* fix: OrganizationServiceTests fix broken test by mocking GetOrganization, refs AC-1125
* fix: CollectionAuthorizationHandler - remove unused repository, refs AC-1125
* feat: moved UserId null check to common method, refs AC-1125
* fix: updated auth handler tests to remove dependency on requirement for common code checks, refs AC-1125
* feat: updated conditionals/comments for create/delete methods within colleciton auth handler, refs AC-1125
* feat: added create/delete collection auth handler success methods, refs AC-1125
* fix: new up permissions to prevent excessive null checks, refs AC-1125
* fix: remove old reference to CreateNewCollections, refs AC-1125
* fix: typo within ViewAssignedCollections method, refs AC-1125
---------
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
* refactor: remove organizationId from CollectionBulkDeleteRequestModel, refs AC-1649 (#3282)
* [AC-1174] Bulk Collection Management (#3229)
* [AC-1174] Update SelectionReadOnlyRequestModel to use Guid for Id property
* [AC-1174] Introduce initial bulk-access collection endpoint
* [AC-1174] Introduce BulkAddCollectionAccessCommand and validation logic/tests
* [AC-1174] Add CreateOrUpdateAccessMany method to CollectionRepository
* [AC-1174] Add event logs for bulk add collection access command
* [AC-1174] Add User_BumpAccountRevisionDateByCollectionIds and database migration script
* [AC-1174] Implement EF repository method
* [AC-1174] Improve null checks
* [AC-1174] Remove unnecessary BulkCollectionAccessRequestModel helpers
* [AC-1174] Add unit tests for new controller endpoint
* [AC-1174] Fix formatting
* [AC-1174] Remove comment
* [AC-1174] Remove redundant organizationId parameter
* [AC-1174] Ensure user and group Ids are distinct
* [AC-1174] Cleanup tests based on PR feedback
* [AC-1174] Formatting
* [AC-1174] Update CollectionGroup alias in the sproc
* [AC-1174] Add some additional comments to SQL sproc
* [AC-1174] Add comment explaining additional SaveChangesAsync call
---------
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
* [AC-1646] Rename LimitCollectionCdOwnerAdmin column (#3300)
* Rename LimitCollectionCdOwnerAdmin -> LimitCollectionCreationDeletion
* Rename and bump migration script
* [AC-1666] Removed EditAnyCollection from Create/Delete permission checks (#3301)
* fix: remove EditAnyCollection from Create/Delete permission check, refs AC-1666
* fix: updated comment, refs AC-1666
* [AC-1669] Bug - Remove obsolete assignUserId from CollectionService.SaveAsync(...) (#3312)
* fix: remove AssignUserId from CollectionService.SaveAsync, refs AC-1669
* fix: add manage access conditional before creating collection, refs AC-1669
* fix: move access logic for create/update, fix all tests, refs AC-1669
* fix: add CollectionAccessSelection fixture, update tests, update bad reqeuest message, refs AC-1669
* fix: format, refs AC-1669
* fix: update null params with specific arg.is null checks, refs Ac-1669
* fix: update attribute class name, refs AC-1669
* [AC-1713] [Flexible collections] Add feature flags to server (#3334)
* Add feature flags for FlexibleCollections and BulkCollectionAccess
* Flag new routes and behaviour
---------
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
* Add joint codeownership for auth handlers (#3346)
* [AC-1717] Update default values for LimitCollectionCreationDeletion (#3365)
* Change default value in organization create sproc to 1
* Drop old column name still present in some QA instances
* Set LimitCollectionCreationDeletion value in code based on feature flag
* Fix: add missing namespace after merging in master
* Fix: add missing namespace after merging in master
* [AC-1683] Fix DB migrations for new Manage permission (#3307)
* [AC-1683] Update migration script and introduce V2 procedures and types
* [AC-1683] Update repository calls to use new V2 procedures / types
* [AC-1684] Update bulk add collection migration script to use new V2 type
* [AC-1683] Undo Manage changes to more original procedures
* [AC-1683] Restore whitespace changes
* [AC-1683] Clarify comments regarding explicit column lists
* [AC-1683] Update migration script dates
* [AC-1683] Split the migration script for readability
* [AC-1683] Re-name SelectReadOnlyArray_V2 to CollectionAccessSelectionType
* [AC-1648] [Flexible Collections] Bump migration scripts before feature branch merge (#3371)
* Bump dates on sql migration scripts
* Bump date on ef migrations
---------
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com>
Co-authored-by: Shane Melton <smelton@bitwarden.com>
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
2023-11-01 19:30:52 +10:00
|
|
|
|
/// <summary>
|
2024-05-23 09:15:12 +10:00
|
|
|
|
/// If set to true, only owners, admins, and some custom users can create and delete collections.
|
|
|
|
|
|
/// If set to false, any organization member can create a collection, and any member can delete a collection that
|
|
|
|
|
|
/// they have Can Manage permissions for.
|
[AC-1373] Flexible Collections (#3245)
* [AC-1117] Add manage permission (#3126)
* Update sql files to add Manage permission
* Add migration script
* Rename collection manage migration file to remove duplicate migration date
* Migrations
* Add manage to models
* Add manage to repository
* Add constraint to Manage columns
* Migration lint fixes
* Add manage to OrganizationUserUserDetails_ReadWithCollectionsById
* Add missing manage fields
* Add 'Manage' to UserCollectionDetails
* Use CREATE OR ALTER where possible
* [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145)
* feat: update org table with new column, write migration, refs AC-1374
* feat: update views with new column, refs AC-1374
* feat: Alter sprocs (org create/update) to include new column, refs AC-1374
* feat: update entity/data/request/response models to handle new column, refs AC-1374
* feat: update necessary Provider related views during migration, refs AC-1374
* fix: update org create to default new column to false, refs AC-1374
* feat: added new API/request model for collection management and removed property from update request model, refs AC-1374
* fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: add ef migrations to reflect mssql changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374
* fix: merge conflict resolution
* [AC-1174] CollectionUser and CollectionGroup authorization handlers (#3194)
* [AC-1174] Introduce BulkAuthorizationHandler.cs
* [AC-1174] Introduce CollectionUserAuthorizationHandler
* [AC-1174] Add CreateForNewCollection CollectionUser requirement
* [AC-1174] Add some more details to CollectionCustomization
* [AC-1174] Formatting
* [AC-1174] Add CollectionGroupOperation.cs
* [AC-1174] Introduce CollectionGroupAuthorizationHandler.cs
* [AC-1174] Cleanup CollectionFixture customization
Implement and use re-usable extension method to support seeded Guids
* [AC-1174] Introduce WithValueFromList AutoFixtureExtensions
Modify CollectionCustomization to use multiple organization Ids for auto generated test data
* [AC-1174] Simplify CollectionUserAuthorizationHandler.cs
Modify the authorization handler to only perform authorization logic. Validation logic will need to be handled by any calling commands/controllers instead.
* [AC-1174] Introduce shared CollectionAccessAuthorizationHandlerBase
A shared base authorization handler was created for both CollectionUser and CollectionGroup resources, as they share the same underlying management authorization logic.
* [AC-1174] Update CollectionUserAuthorizationHandler and CollectionGroupAuthorizationHandler to use the new CollectionAccessAuthorizationHandlerBase class
* [AC-1174] Formatting
* [AC-1174] Cleanup typo and redundant ToList() call
* [AC-1174] Add check for provider users
* [AC-1174] Reduce nested loops
* [AC-1174] Introduce ICollectionAccess.cs
* [AC-1174] Remove individual CollectionGroup and CollectionUser auth handlers and use base class instead
* [AC-1174] Tweak unit test to fail minimally
* [AC-1174] Reorganize authorization handlers in Core project
* [AC-1174] Introduce new AddCoreAuthorizationHandlers() extension method
* [AC-1174] Move CollectionAccessAuthorizationHandler into Api project
* [AC-1174] Move CollectionFixture to Vault folder
* [AC-1174] Rename operation to CreateUpdateDelete
* [AC-1174] Require single organization for collection access authorization handler
- Add requirement that all target collections must belong to the same organization
- Simplify logic related to multiple organizations
- Update tests and helpers
- Use ToHashSet to improve lookup time
* [AC-1174] Fix null reference exception
* [AC-1174] Throw bad request exception when collections belong to different organizations
* [AC-1174] Switch to CollectionAuthorizationHandler instead of CollectionAccessAuthorizationHandler to reduce complexity
* Fix improper merge conflict resolution
* fix: add permission check for collection management api, refs AC-1647 (#3252)
* [AC-1125] Enforce org setting for creating/deleting collections (#3241)
* [AC-1117] Add manage permission (#3126)
* Update sql files to add Manage permission
* Add migration script
* Rename collection manage migration file to remove duplicate migration date
* Migrations
* Add manage to models
* Add manage to repository
* Add constraint to Manage columns
* Migration lint fixes
* Add manage to OrganizationUserUserDetails_ReadWithCollectionsById
* Add missing manage fields
* Add 'Manage' to UserCollectionDetails
* Use CREATE OR ALTER where possible
* [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145)
* feat: update org table with new column, write migration, refs AC-1374
* feat: update views with new column, refs AC-1374
* feat: Alter sprocs (org create/update) to include new column, refs AC-1374
* feat: update entity/data/request/response models to handle new column, refs AC-1374
* feat: update necessary Provider related views during migration, refs AC-1374
* fix: update org create to default new column to false, refs AC-1374
* feat: added new API/request model for collection management and removed property from update request model, refs AC-1374
* fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: add ef migrations to reflect mssql changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374
* feat: created collection auth handler/operations, added LimitCollectionCdOwnerAdmin to CurrentContentOrganization, refs AC-1125
* feat: create vault service collection extensions and register with base services, refs AC-1125
* feat: deprecated CurrentContext.CreateNewCollections, refs AC-1125
* feat: deprecate DeleteAnyCollection for single resource usages, refs AC-1125
* feat: move service registration to api, update references, refs AC-1125
* feat: add bulk delete authorization handler, refs AC-1125
* feat: always assign user and give manage access on create, refs AC-1125
* fix: updated CurrentContextOrganization type, refs AC-1125
* feat: combined existing collection authorization handlers/operations, refs AC-1125
* fix: OrganizationServiceTests -> CurrentContentOrganization typo, refs AC-1125
* fix: format, refs AC-1125
* fix: update collection controller tests, refs AC-1125
* fix: dotnet format, refs AC-1125
* feat: removed extra BulkAuthorizationHandler, refs AC-1125
* fix: dotnet format, refs AC-1125
* fix: change string to guid for org id, update bulk delete request model, refs AC-1125
* fix: remove delete many collection check, refs AC-1125
* fix: clean up collection auth handler, refs AC-1125
* fix: format fix for CollectionOperations, refs AC-1125
* fix: removed unnecessary owner check, add org null check to custom permission validation, refs AC-1125
* fix: remove unused methods in CurrentContext, refs AC-1125
* fix: removed obsolete test, fixed failling delete many test, refs AC-1125
* fix: CollectionAuthorizationHandlerTests fixes, refs AC-1125
* fix: OrganizationServiceTests fix broken test by mocking GetOrganization, refs AC-1125
* fix: CollectionAuthorizationHandler - remove unused repository, refs AC-1125
* feat: moved UserId null check to common method, refs AC-1125
* fix: updated auth handler tests to remove dependency on requirement for common code checks, refs AC-1125
* feat: updated conditionals/comments for create/delete methods within colleciton auth handler, refs AC-1125
* feat: added create/delete collection auth handler success methods, refs AC-1125
* fix: new up permissions to prevent excessive null checks, refs AC-1125
* fix: remove old reference to CreateNewCollections, refs AC-1125
* fix: typo within ViewAssignedCollections method, refs AC-1125
---------
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
* refactor: remove organizationId from CollectionBulkDeleteRequestModel, refs AC-1649 (#3282)
* [AC-1174] Bulk Collection Management (#3229)
* [AC-1174] Update SelectionReadOnlyRequestModel to use Guid for Id property
* [AC-1174] Introduce initial bulk-access collection endpoint
* [AC-1174] Introduce BulkAddCollectionAccessCommand and validation logic/tests
* [AC-1174] Add CreateOrUpdateAccessMany method to CollectionRepository
* [AC-1174] Add event logs for bulk add collection access command
* [AC-1174] Add User_BumpAccountRevisionDateByCollectionIds and database migration script
* [AC-1174] Implement EF repository method
* [AC-1174] Improve null checks
* [AC-1174] Remove unnecessary BulkCollectionAccessRequestModel helpers
* [AC-1174] Add unit tests for new controller endpoint
* [AC-1174] Fix formatting
* [AC-1174] Remove comment
* [AC-1174] Remove redundant organizationId parameter
* [AC-1174] Ensure user and group Ids are distinct
* [AC-1174] Cleanup tests based on PR feedback
* [AC-1174] Formatting
* [AC-1174] Update CollectionGroup alias in the sproc
* [AC-1174] Add some additional comments to SQL sproc
* [AC-1174] Add comment explaining additional SaveChangesAsync call
---------
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
* [AC-1646] Rename LimitCollectionCdOwnerAdmin column (#3300)
* Rename LimitCollectionCdOwnerAdmin -> LimitCollectionCreationDeletion
* Rename and bump migration script
* [AC-1666] Removed EditAnyCollection from Create/Delete permission checks (#3301)
* fix: remove EditAnyCollection from Create/Delete permission check, refs AC-1666
* fix: updated comment, refs AC-1666
* [AC-1669] Bug - Remove obsolete assignUserId from CollectionService.SaveAsync(...) (#3312)
* fix: remove AssignUserId from CollectionService.SaveAsync, refs AC-1669
* fix: add manage access conditional before creating collection, refs AC-1669
* fix: move access logic for create/update, fix all tests, refs AC-1669
* fix: add CollectionAccessSelection fixture, update tests, update bad reqeuest message, refs AC-1669
* fix: format, refs AC-1669
* fix: update null params with specific arg.is null checks, refs Ac-1669
* fix: update attribute class name, refs AC-1669
* [AC-1713] [Flexible collections] Add feature flags to server (#3334)
* Add feature flags for FlexibleCollections and BulkCollectionAccess
* Flag new routes and behaviour
---------
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
* Add joint codeownership for auth handlers (#3346)
* [AC-1717] Update default values for LimitCollectionCreationDeletion (#3365)
* Change default value in organization create sproc to 1
* Drop old column name still present in some QA instances
* Set LimitCollectionCreationDeletion value in code based on feature flag
* Fix: add missing namespace after merging in master
* Fix: add missing namespace after merging in master
* [AC-1683] Fix DB migrations for new Manage permission (#3307)
* [AC-1683] Update migration script and introduce V2 procedures and types
* [AC-1683] Update repository calls to use new V2 procedures / types
* [AC-1684] Update bulk add collection migration script to use new V2 type
* [AC-1683] Undo Manage changes to more original procedures
* [AC-1683] Restore whitespace changes
* [AC-1683] Clarify comments regarding explicit column lists
* [AC-1683] Update migration script dates
* [AC-1683] Split the migration script for readability
* [AC-1683] Re-name SelectReadOnlyArray_V2 to CollectionAccessSelectionType
* [AC-1648] [Flexible Collections] Bump migration scripts before feature branch merge (#3371)
* Bump dates on sql migration scripts
* Bump date on ef migrations
---------
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com>
Co-authored-by: Shane Melton <smelton@bitwarden.com>
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
2023-11-01 19:30:52 +10:00
|
|
|
|
/// </summary>
|
2024-10-18 11:00:01 -04:00
|
|
|
|
public bool LimitCollectionCreation { get; set; }
|
|
|
|
|
|
public bool LimitCollectionDeletion { get; set; }
|
2024-10-03 13:43:54 -04:00
|
|
|
|
|
[AC-1122] Add AllowAdminAccessToAllCollectionItems setting to Organizations (#3379)
* [AC-1117] Add manage permission (#3126)
* Update sql files to add Manage permission
* Add migration script
* Rename collection manage migration file to remove duplicate migration date
* Migrations
* Add manage to models
* Add manage to repository
* Add constraint to Manage columns
* Migration lint fixes
* Add manage to OrganizationUserUserDetails_ReadWithCollectionsById
* Add missing manage fields
* Add 'Manage' to UserCollectionDetails
* Use CREATE OR ALTER where possible
* [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145)
* feat: update org table with new column, write migration, refs AC-1374
* feat: update views with new column, refs AC-1374
* feat: Alter sprocs (org create/update) to include new column, refs AC-1374
* feat: update entity/data/request/response models to handle new column, refs AC-1374
* feat: update necessary Provider related views during migration, refs AC-1374
* fix: update org create to default new column to false, refs AC-1374
* feat: added new API/request model for collection management and removed property from update request model, refs AC-1374
* fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: add ef migrations to reflect mssql changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374
* fix: merge conflict resolution
* [AC-1174] CollectionUser and CollectionGroup authorization handlers (#3194)
* [AC-1174] Introduce BulkAuthorizationHandler.cs
* [AC-1174] Introduce CollectionUserAuthorizationHandler
* [AC-1174] Add CreateForNewCollection CollectionUser requirement
* [AC-1174] Add some more details to CollectionCustomization
* [AC-1174] Formatting
* [AC-1174] Add CollectionGroupOperation.cs
* [AC-1174] Introduce CollectionGroupAuthorizationHandler.cs
* [AC-1174] Cleanup CollectionFixture customization
Implement and use re-usable extension method to support seeded Guids
* [AC-1174] Introduce WithValueFromList AutoFixtureExtensions
Modify CollectionCustomization to use multiple organization Ids for auto generated test data
* [AC-1174] Simplify CollectionUserAuthorizationHandler.cs
Modify the authorization handler to only perform authorization logic. Validation logic will need to be handled by any calling commands/controllers instead.
* [AC-1174] Introduce shared CollectionAccessAuthorizationHandlerBase
A shared base authorization handler was created for both CollectionUser and CollectionGroup resources, as they share the same underlying management authorization logic.
* [AC-1174] Update CollectionUserAuthorizationHandler and CollectionGroupAuthorizationHandler to use the new CollectionAccessAuthorizationHandlerBase class
* [AC-1174] Formatting
* [AC-1174] Cleanup typo and redundant ToList() call
* [AC-1174] Add check for provider users
* [AC-1174] Reduce nested loops
* [AC-1174] Introduce ICollectionAccess.cs
* [AC-1174] Remove individual CollectionGroup and CollectionUser auth handlers and use base class instead
* [AC-1174] Tweak unit test to fail minimally
* [AC-1174] Reorganize authorization handlers in Core project
* [AC-1174] Introduce new AddCoreAuthorizationHandlers() extension method
* [AC-1174] Move CollectionAccessAuthorizationHandler into Api project
* [AC-1174] Move CollectionFixture to Vault folder
* [AC-1174] Rename operation to CreateUpdateDelete
* [AC-1174] Require single organization for collection access authorization handler
- Add requirement that all target collections must belong to the same organization
- Simplify logic related to multiple organizations
- Update tests and helpers
- Use ToHashSet to improve lookup time
* [AC-1174] Fix null reference exception
* [AC-1174] Throw bad request exception when collections belong to different organizations
* [AC-1174] Switch to CollectionAuthorizationHandler instead of CollectionAccessAuthorizationHandler to reduce complexity
* Fix improper merge conflict resolution
* fix: add permission check for collection management api, refs AC-1647 (#3252)
* [AC-1125] Enforce org setting for creating/deleting collections (#3241)
* [AC-1117] Add manage permission (#3126)
* Update sql files to add Manage permission
* Add migration script
* Rename collection manage migration file to remove duplicate migration date
* Migrations
* Add manage to models
* Add manage to repository
* Add constraint to Manage columns
* Migration lint fixes
* Add manage to OrganizationUserUserDetails_ReadWithCollectionsById
* Add missing manage fields
* Add 'Manage' to UserCollectionDetails
* Use CREATE OR ALTER where possible
* [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145)
* feat: update org table with new column, write migration, refs AC-1374
* feat: update views with new column, refs AC-1374
* feat: Alter sprocs (org create/update) to include new column, refs AC-1374
* feat: update entity/data/request/response models to handle new column, refs AC-1374
* feat: update necessary Provider related views during migration, refs AC-1374
* fix: update org create to default new column to false, refs AC-1374
* feat: added new API/request model for collection management and removed property from update request model, refs AC-1374
* fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: add ef migrations to reflect mssql changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374
* feat: created collection auth handler/operations, added LimitCollectionCdOwnerAdmin to CurrentContentOrganization, refs AC-1125
* feat: create vault service collection extensions and register with base services, refs AC-1125
* feat: deprecated CurrentContext.CreateNewCollections, refs AC-1125
* feat: deprecate DeleteAnyCollection for single resource usages, refs AC-1125
* feat: move service registration to api, update references, refs AC-1125
* feat: add bulk delete authorization handler, refs AC-1125
* feat: always assign user and give manage access on create, refs AC-1125
* fix: updated CurrentContextOrganization type, refs AC-1125
* feat: combined existing collection authorization handlers/operations, refs AC-1125
* fix: OrganizationServiceTests -> CurrentContentOrganization typo, refs AC-1125
* fix: format, refs AC-1125
* fix: update collection controller tests, refs AC-1125
* fix: dotnet format, refs AC-1125
* feat: removed extra BulkAuthorizationHandler, refs AC-1125
* fix: dotnet format, refs AC-1125
* fix: change string to guid for org id, update bulk delete request model, refs AC-1125
* fix: remove delete many collection check, refs AC-1125
* fix: clean up collection auth handler, refs AC-1125
* fix: format fix for CollectionOperations, refs AC-1125
* fix: removed unnecessary owner check, add org null check to custom permission validation, refs AC-1125
* fix: remove unused methods in CurrentContext, refs AC-1125
* fix: removed obsolete test, fixed failling delete many test, refs AC-1125
* fix: CollectionAuthorizationHandlerTests fixes, refs AC-1125
* fix: OrganizationServiceTests fix broken test by mocking GetOrganization, refs AC-1125
* fix: CollectionAuthorizationHandler - remove unused repository, refs AC-1125
* feat: moved UserId null check to common method, refs AC-1125
* fix: updated auth handler tests to remove dependency on requirement for common code checks, refs AC-1125
* feat: updated conditionals/comments for create/delete methods within colleciton auth handler, refs AC-1125
* feat: added create/delete collection auth handler success methods, refs AC-1125
* fix: new up permissions to prevent excessive null checks, refs AC-1125
* fix: remove old reference to CreateNewCollections, refs AC-1125
* fix: typo within ViewAssignedCollections method, refs AC-1125
---------
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
* refactor: remove organizationId from CollectionBulkDeleteRequestModel, refs AC-1649 (#3282)
* [AC-1174] Bulk Collection Management (#3229)
* [AC-1174] Update SelectionReadOnlyRequestModel to use Guid for Id property
* [AC-1174] Introduce initial bulk-access collection endpoint
* [AC-1174] Introduce BulkAddCollectionAccessCommand and validation logic/tests
* [AC-1174] Add CreateOrUpdateAccessMany method to CollectionRepository
* [AC-1174] Add event logs for bulk add collection access command
* [AC-1174] Add User_BumpAccountRevisionDateByCollectionIds and database migration script
* [AC-1174] Implement EF repository method
* [AC-1174] Improve null checks
* [AC-1174] Remove unnecessary BulkCollectionAccessRequestModel helpers
* [AC-1174] Add unit tests for new controller endpoint
* [AC-1174] Fix formatting
* [AC-1174] Remove comment
* [AC-1174] Remove redundant organizationId parameter
* [AC-1174] Ensure user and group Ids are distinct
* [AC-1174] Cleanup tests based on PR feedback
* [AC-1174] Formatting
* [AC-1174] Update CollectionGroup alias in the sproc
* [AC-1174] Add some additional comments to SQL sproc
* [AC-1174] Add comment explaining additional SaveChangesAsync call
---------
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
* [AC-1646] Rename LimitCollectionCdOwnerAdmin column (#3300)
* Rename LimitCollectionCdOwnerAdmin -> LimitCollectionCreationDeletion
* Rename and bump migration script
* [AC-1666] Removed EditAnyCollection from Create/Delete permission checks (#3301)
* fix: remove EditAnyCollection from Create/Delete permission check, refs AC-1666
* fix: updated comment, refs AC-1666
* [AC-1669] Bug - Remove obsolete assignUserId from CollectionService.SaveAsync(...) (#3312)
* fix: remove AssignUserId from CollectionService.SaveAsync, refs AC-1669
* fix: add manage access conditional before creating collection, refs AC-1669
* fix: move access logic for create/update, fix all tests, refs AC-1669
* fix: add CollectionAccessSelection fixture, update tests, update bad reqeuest message, refs AC-1669
* fix: format, refs AC-1669
* fix: update null params with specific arg.is null checks, refs Ac-1669
* fix: update attribute class name, refs AC-1669
* [AC-1713] [Flexible collections] Add feature flags to server (#3334)
* Add feature flags for FlexibleCollections and BulkCollectionAccess
* Flag new routes and behaviour
---------
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
* Add joint codeownership for auth handlers (#3346)
* [AC-1717] Update default values for LimitCollectionCreationDeletion (#3365)
* Change default value in organization create sproc to 1
* Drop old column name still present in some QA instances
* Set LimitCollectionCreationDeletion value in code based on feature flag
* Fix: add missing namespace after merging in master
* Fix: add missing namespace after merging in master
* [AC-1683] Fix DB migrations for new Manage permission (#3307)
* [AC-1683] Update migration script and introduce V2 procedures and types
* [AC-1683] Update repository calls to use new V2 procedures / types
* [AC-1684] Update bulk add collection migration script to use new V2 type
* [AC-1683] Undo Manage changes to more original procedures
* [AC-1683] Restore whitespace changes
* [AC-1683] Clarify comments regarding explicit column lists
* [AC-1683] Update migration script dates
* [AC-1683] Split the migration script for readability
* [AC-1683] Re-name SelectReadOnlyArray_V2 to CollectionAccessSelectionType
* [AC-1648] [Flexible Collections] Bump migration scripts before feature branch merge (#3371)
* Bump dates on sql migration scripts
* Bump date on ef migrations
* [AC-1727] Add AllowAdminAccessToAllCollectionItems column to Organization table
* [AC-1720] Update stored procedures and views that query the organization table and new column
* [AC-1727] Add EF migrations for new DB column
* [AC-1729] Update API request/response models
* [AC-1122] Add new setting to CurrentContextOrganization.cs
* [AC-1122] Ensure new setting is disabled for new orgs when the feature flag is enabled
* [AC-1122] Use V1 feature flag for new setting
* [AC-1122] Formatting
* [AC-1122] Update migration script date
---------
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
2023-11-27 11:44:07 -08:00
|
|
|
|
/// <summary>
|
2024-05-23 09:15:12 +10:00
|
|
|
|
/// If set to true, admins, owners, and some custom users can read/write all collections and items in the Admin Console.
|
|
|
|
|
|
/// If set to false, users generally need collection-level permissions to read/write a collection or its items.
|
[AC-1122] Add AllowAdminAccessToAllCollectionItems setting to Organizations (#3379)
* [AC-1117] Add manage permission (#3126)
* Update sql files to add Manage permission
* Add migration script
* Rename collection manage migration file to remove duplicate migration date
* Migrations
* Add manage to models
* Add manage to repository
* Add constraint to Manage columns
* Migration lint fixes
* Add manage to OrganizationUserUserDetails_ReadWithCollectionsById
* Add missing manage fields
* Add 'Manage' to UserCollectionDetails
* Use CREATE OR ALTER where possible
* [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145)
* feat: update org table with new column, write migration, refs AC-1374
* feat: update views with new column, refs AC-1374
* feat: Alter sprocs (org create/update) to include new column, refs AC-1374
* feat: update entity/data/request/response models to handle new column, refs AC-1374
* feat: update necessary Provider related views during migration, refs AC-1374
* fix: update org create to default new column to false, refs AC-1374
* feat: added new API/request model for collection management and removed property from update request model, refs AC-1374
* fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: add ef migrations to reflect mssql changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374
* fix: merge conflict resolution
* [AC-1174] CollectionUser and CollectionGroup authorization handlers (#3194)
* [AC-1174] Introduce BulkAuthorizationHandler.cs
* [AC-1174] Introduce CollectionUserAuthorizationHandler
* [AC-1174] Add CreateForNewCollection CollectionUser requirement
* [AC-1174] Add some more details to CollectionCustomization
* [AC-1174] Formatting
* [AC-1174] Add CollectionGroupOperation.cs
* [AC-1174] Introduce CollectionGroupAuthorizationHandler.cs
* [AC-1174] Cleanup CollectionFixture customization
Implement and use re-usable extension method to support seeded Guids
* [AC-1174] Introduce WithValueFromList AutoFixtureExtensions
Modify CollectionCustomization to use multiple organization Ids for auto generated test data
* [AC-1174] Simplify CollectionUserAuthorizationHandler.cs
Modify the authorization handler to only perform authorization logic. Validation logic will need to be handled by any calling commands/controllers instead.
* [AC-1174] Introduce shared CollectionAccessAuthorizationHandlerBase
A shared base authorization handler was created for both CollectionUser and CollectionGroup resources, as they share the same underlying management authorization logic.
* [AC-1174] Update CollectionUserAuthorizationHandler and CollectionGroupAuthorizationHandler to use the new CollectionAccessAuthorizationHandlerBase class
* [AC-1174] Formatting
* [AC-1174] Cleanup typo and redundant ToList() call
* [AC-1174] Add check for provider users
* [AC-1174] Reduce nested loops
* [AC-1174] Introduce ICollectionAccess.cs
* [AC-1174] Remove individual CollectionGroup and CollectionUser auth handlers and use base class instead
* [AC-1174] Tweak unit test to fail minimally
* [AC-1174] Reorganize authorization handlers in Core project
* [AC-1174] Introduce new AddCoreAuthorizationHandlers() extension method
* [AC-1174] Move CollectionAccessAuthorizationHandler into Api project
* [AC-1174] Move CollectionFixture to Vault folder
* [AC-1174] Rename operation to CreateUpdateDelete
* [AC-1174] Require single organization for collection access authorization handler
- Add requirement that all target collections must belong to the same organization
- Simplify logic related to multiple organizations
- Update tests and helpers
- Use ToHashSet to improve lookup time
* [AC-1174] Fix null reference exception
* [AC-1174] Throw bad request exception when collections belong to different organizations
* [AC-1174] Switch to CollectionAuthorizationHandler instead of CollectionAccessAuthorizationHandler to reduce complexity
* Fix improper merge conflict resolution
* fix: add permission check for collection management api, refs AC-1647 (#3252)
* [AC-1125] Enforce org setting for creating/deleting collections (#3241)
* [AC-1117] Add manage permission (#3126)
* Update sql files to add Manage permission
* Add migration script
* Rename collection manage migration file to remove duplicate migration date
* Migrations
* Add manage to models
* Add manage to repository
* Add constraint to Manage columns
* Migration lint fixes
* Add manage to OrganizationUserUserDetails_ReadWithCollectionsById
* Add missing manage fields
* Add 'Manage' to UserCollectionDetails
* Use CREATE OR ALTER where possible
* [AC-1374] Limit collection creation/deletion to Owner/Admin (#3145)
* feat: update org table with new column, write migration, refs AC-1374
* feat: update views with new column, refs AC-1374
* feat: Alter sprocs (org create/update) to include new column, refs AC-1374
* feat: update entity/data/request/response models to handle new column, refs AC-1374
* feat: update necessary Provider related views during migration, refs AC-1374
* fix: update org create to default new column to false, refs AC-1374
* feat: added new API/request model for collection management and removed property from update request model, refs AC-1374
* fix: renamed migration script to be after secrets manage beta column changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: add ef migrations to reflect mssql changes, refs AC-1374
* fix: dotnet format, refs AC-1374
* feat: update API signature to accept Guid and explain Cd verbiage, refs AC-1374
* feat: created collection auth handler/operations, added LimitCollectionCdOwnerAdmin to CurrentContentOrganization, refs AC-1125
* feat: create vault service collection extensions and register with base services, refs AC-1125
* feat: deprecated CurrentContext.CreateNewCollections, refs AC-1125
* feat: deprecate DeleteAnyCollection for single resource usages, refs AC-1125
* feat: move service registration to api, update references, refs AC-1125
* feat: add bulk delete authorization handler, refs AC-1125
* feat: always assign user and give manage access on create, refs AC-1125
* fix: updated CurrentContextOrganization type, refs AC-1125
* feat: combined existing collection authorization handlers/operations, refs AC-1125
* fix: OrganizationServiceTests -> CurrentContentOrganization typo, refs AC-1125
* fix: format, refs AC-1125
* fix: update collection controller tests, refs AC-1125
* fix: dotnet format, refs AC-1125
* feat: removed extra BulkAuthorizationHandler, refs AC-1125
* fix: dotnet format, refs AC-1125
* fix: change string to guid for org id, update bulk delete request model, refs AC-1125
* fix: remove delete many collection check, refs AC-1125
* fix: clean up collection auth handler, refs AC-1125
* fix: format fix for CollectionOperations, refs AC-1125
* fix: removed unnecessary owner check, add org null check to custom permission validation, refs AC-1125
* fix: remove unused methods in CurrentContext, refs AC-1125
* fix: removed obsolete test, fixed failling delete many test, refs AC-1125
* fix: CollectionAuthorizationHandlerTests fixes, refs AC-1125
* fix: OrganizationServiceTests fix broken test by mocking GetOrganization, refs AC-1125
* fix: CollectionAuthorizationHandler - remove unused repository, refs AC-1125
* feat: moved UserId null check to common method, refs AC-1125
* fix: updated auth handler tests to remove dependency on requirement for common code checks, refs AC-1125
* feat: updated conditionals/comments for create/delete methods within colleciton auth handler, refs AC-1125
* feat: added create/delete collection auth handler success methods, refs AC-1125
* fix: new up permissions to prevent excessive null checks, refs AC-1125
* fix: remove old reference to CreateNewCollections, refs AC-1125
* fix: typo within ViewAssignedCollections method, refs AC-1125
---------
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
* refactor: remove organizationId from CollectionBulkDeleteRequestModel, refs AC-1649 (#3282)
* [AC-1174] Bulk Collection Management (#3229)
* [AC-1174] Update SelectionReadOnlyRequestModel to use Guid for Id property
* [AC-1174] Introduce initial bulk-access collection endpoint
* [AC-1174] Introduce BulkAddCollectionAccessCommand and validation logic/tests
* [AC-1174] Add CreateOrUpdateAccessMany method to CollectionRepository
* [AC-1174] Add event logs for bulk add collection access command
* [AC-1174] Add User_BumpAccountRevisionDateByCollectionIds and database migration script
* [AC-1174] Implement EF repository method
* [AC-1174] Improve null checks
* [AC-1174] Remove unnecessary BulkCollectionAccessRequestModel helpers
* [AC-1174] Add unit tests for new controller endpoint
* [AC-1174] Fix formatting
* [AC-1174] Remove comment
* [AC-1174] Remove redundant organizationId parameter
* [AC-1174] Ensure user and group Ids are distinct
* [AC-1174] Cleanup tests based on PR feedback
* [AC-1174] Formatting
* [AC-1174] Update CollectionGroup alias in the sproc
* [AC-1174] Add some additional comments to SQL sproc
* [AC-1174] Add comment explaining additional SaveChangesAsync call
---------
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
* [AC-1646] Rename LimitCollectionCdOwnerAdmin column (#3300)
* Rename LimitCollectionCdOwnerAdmin -> LimitCollectionCreationDeletion
* Rename and bump migration script
* [AC-1666] Removed EditAnyCollection from Create/Delete permission checks (#3301)
* fix: remove EditAnyCollection from Create/Delete permission check, refs AC-1666
* fix: updated comment, refs AC-1666
* [AC-1669] Bug - Remove obsolete assignUserId from CollectionService.SaveAsync(...) (#3312)
* fix: remove AssignUserId from CollectionService.SaveAsync, refs AC-1669
* fix: add manage access conditional before creating collection, refs AC-1669
* fix: move access logic for create/update, fix all tests, refs AC-1669
* fix: add CollectionAccessSelection fixture, update tests, update bad reqeuest message, refs AC-1669
* fix: format, refs AC-1669
* fix: update null params with specific arg.is null checks, refs Ac-1669
* fix: update attribute class name, refs AC-1669
* [AC-1713] [Flexible collections] Add feature flags to server (#3334)
* Add feature flags for FlexibleCollections and BulkCollectionAccess
* Flag new routes and behaviour
---------
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
* Add joint codeownership for auth handlers (#3346)
* [AC-1717] Update default values for LimitCollectionCreationDeletion (#3365)
* Change default value in organization create sproc to 1
* Drop old column name still present in some QA instances
* Set LimitCollectionCreationDeletion value in code based on feature flag
* Fix: add missing namespace after merging in master
* Fix: add missing namespace after merging in master
* [AC-1683] Fix DB migrations for new Manage permission (#3307)
* [AC-1683] Update migration script and introduce V2 procedures and types
* [AC-1683] Update repository calls to use new V2 procedures / types
* [AC-1684] Update bulk add collection migration script to use new V2 type
* [AC-1683] Undo Manage changes to more original procedures
* [AC-1683] Restore whitespace changes
* [AC-1683] Clarify comments regarding explicit column lists
* [AC-1683] Update migration script dates
* [AC-1683] Split the migration script for readability
* [AC-1683] Re-name SelectReadOnlyArray_V2 to CollectionAccessSelectionType
* [AC-1648] [Flexible Collections] Bump migration scripts before feature branch merge (#3371)
* Bump dates on sql migration scripts
* Bump date on ef migrations
* [AC-1727] Add AllowAdminAccessToAllCollectionItems column to Organization table
* [AC-1720] Update stored procedures and views that query the organization table and new column
* [AC-1727] Add EF migrations for new DB column
* [AC-1729] Update API request/response models
* [AC-1122] Add new setting to CurrentContextOrganization.cs
* [AC-1122] Ensure new setting is disabled for new orgs when the feature flag is enabled
* [AC-1122] Use V1 feature flag for new setting
* [AC-1122] Formatting
* [AC-1122] Update migration script date
---------
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Rui Tomé <108268980+r-tome@users.noreply.github.com>
2023-11-27 11:44:07 -08:00
|
|
|
|
/// </summary>
|
|
|
|
|
|
public bool AllowAdminAccessToAllCollectionItems { get; set; }
|
2022-08-29 16:06:55 -04:00
|
|
|
|
|
2025-01-21 15:51:34 -05:00
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// If set to true, members can only delete items when they have a Can Manage permission over the collection.
|
|
|
|
|
|
/// If set to false, members can delete items when they have a Can Manage OR Can Edit permission over the collection.
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
public bool LimitItemDeletion { get; set; }
|
|
|
|
|
|
|
2024-12-05 10:46:01 -06:00
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Risk Insights is a reporting feature that provides insights into the security of an organization's vault.
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
public bool UseRiskInsights { get; set; }
|
|
|
|
|
|
|
2025-05-15 10:42:51 -04:00
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// If true, the organization can claim domains, which unlocks additional enterprise features
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
public bool UseOrganizationDomains { get; set; }
|
|
|
|
|
|
|
2025-04-16 17:27:58 +02:00
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// If set to true, admins can initiate organization-issued sponsorships.
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
public bool UseAdminSponsoredFamilies { get; set; }
|
|
|
|
|
|
|
2025-07-31 07:54:51 -05:00
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// If set to true, organization needs their seat count synced with their subscription
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
public bool SyncSeats { get; set; }
|
|
|
|
|
|
|
2025-10-20 07:27:18 -05:00
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// If set to true, user accounts created within the organization are automatically confirmed without requiring additional verification steps.
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
public bool UseAutomaticUserConfirmation { get; set; }
|
|
|
|
|
|
|
2018-04-02 14:53:19 -04:00
|
|
|
|
public void SetNewId()
|
2017-03-02 00:15:05 -05:00
|
|
|
|
{
|
2018-04-02 14:53:19 -04:00
|
|
|
|
if (Id == default(Guid))
|
2017-03-02 00:15:05 -05:00
|
|
|
|
{
|
2017-04-26 16:14:15 -04:00
|
|
|
|
Id = CoreHelpers.GenerateComb();
|
2017-03-02 00:15:05 -05:00
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2019-02-01 09:18:34 -05:00
|
|
|
|
|
2024-03-05 10:56:48 +00:00
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Returns the name of the organization, HTML decoded ready for display.
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
public string DisplayName()
|
|
|
|
|
|
{
|
|
|
|
|
|
return WebUtility.HtmlDecode(Name);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Returns the business name of the organization, HTML decoded ready for display.
|
|
|
|
|
|
/// </summary>
|
2025-08-20 09:27:05 -04:00
|
|
|
|
///
|
|
|
|
|
|
[Obsolete("This method has been deprecated. Use the 'DisplayName()' method instead.")]
|
2024-07-04 21:14:37 -04:00
|
|
|
|
public string? DisplayBusinessName()
|
2024-03-05 10:56:48 +00:00
|
|
|
|
{
|
|
|
|
|
|
return WebUtility.HtmlDecode(BusinessName);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2024-07-04 21:14:37 -04:00
|
|
|
|
public string? BillingEmailAddress()
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2019-09-17 16:55:40 -04:00
|
|
|
|
return BillingEmail?.ToLowerInvariant()?.Trim();
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2024-07-04 21:14:37 -04:00
|
|
|
|
public string? BillingName()
|
2019-02-01 09:18:34 -05:00
|
|
|
|
{
|
2024-03-05 10:56:48 +00:00
|
|
|
|
return DisplayBusinessName();
|
2019-02-01 09:18:34 -05:00
|
|
|
|
}
|
|
|
|
|
|
|
2024-07-04 21:14:37 -04:00
|
|
|
|
public string? SubscriberName()
|
2023-04-07 10:45:18 +01:00
|
|
|
|
{
|
2024-03-05 10:56:48 +00:00
|
|
|
|
return DisplayName();
|
2023-04-07 10:45:18 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-07-06 14:55:58 -04:00
|
|
|
|
public string BraintreeCustomerIdPrefix()
|
2022-08-29 15:53:48 -04:00
|
|
|
|
{
|
2017-07-06 14:55:58 -04:00
|
|
|
|
return "o";
|
2022-08-29 14:53:16 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2019-09-17 16:55:40 -04:00
|
|
|
|
public string BraintreeIdField()
|
|
|
|
|
|
{
|
|
|
|
|
|
return "organization_id";
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2023-07-24 12:48:18 -04:00
|
|
|
|
public string BraintreeCloudRegionField()
|
|
|
|
|
|
{
|
|
|
|
|
|
return "region";
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-06-30 14:41:57 -04:00
|
|
|
|
public string GatewayIdField()
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2017-06-30 14:41:57 -04:00
|
|
|
|
return "organizationId";
|
2019-09-17 16:55:40 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2024-02-09 11:58:37 -05:00
|
|
|
|
public bool IsOrganization() => true;
|
|
|
|
|
|
|
2017-07-06 14:55:58 -04:00
|
|
|
|
public bool IsUser()
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2017-07-06 14:55:58 -04:00
|
|
|
|
return false;
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2023-04-07 10:45:18 +01:00
|
|
|
|
public string SubscriberType()
|
|
|
|
|
|
{
|
|
|
|
|
|
return "Organization";
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2024-02-09 11:58:37 -05:00
|
|
|
|
public bool IsExpired() => ExpirationDate.HasValue && ExpirationDate.Value <= DateTime.UtcNow;
|
|
|
|
|
|
|
2017-06-30 14:41:57 -04:00
|
|
|
|
public long StorageBytesRemaining()
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!MaxStorageGb.HasValue)
|
2022-08-29 15:53:48 -04:00
|
|
|
|
{
|
2017-06-30 14:41:57 -04:00
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return StorageBytesRemaining(MaxStorageGb.Value);
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-07-06 14:55:58 -04:00
|
|
|
|
public long StorageBytesRemaining(short maxStorageGb)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2018-04-02 14:53:19 -04:00
|
|
|
|
var maxStorageBytes = maxStorageGb * 1073741824L;
|
2017-07-06 14:55:58 -04:00
|
|
|
|
if (!Storage.HasValue)
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2017-07-06 14:55:58 -04:00
|
|
|
|
return maxStorageBytes;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return maxStorageBytes - Storage.Value;
|
2017-06-30 14:41:57 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2024-07-04 21:14:37 -04:00
|
|
|
|
public Dictionary<TwoFactorProviderType, TwoFactorProvider>? GetTwoFactorProviders()
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2017-06-30 14:41:57 -04:00
|
|
|
|
if (string.IsNullOrWhiteSpace(TwoFactorProviders))
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2017-06-30 14:41:57 -04:00
|
|
|
|
return null;
|
|
|
|
|
|
}
|
2022-08-29 15:53:48 -04:00
|
|
|
|
|
2022-08-29 16:06:55 -04:00
|
|
|
|
try
|
2018-04-02 14:53:19 -04:00
|
|
|
|
{
|
2019-09-17 16:55:40 -04:00
|
|
|
|
if (_twoFactorProviders == null)
|
2022-08-29 15:53:48 -04:00
|
|
|
|
{
|
2018-04-02 14:53:19 -04:00
|
|
|
|
_twoFactorProviders =
|
|
|
|
|
|
JsonHelpers.LegacyDeserialize<Dictionary<TwoFactorProviderType, TwoFactorProvider>>(
|
|
|
|
|
|
TwoFactorProviders);
|
2022-08-29 15:53:48 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-06-30 14:41:57 -04:00
|
|
|
|
return _twoFactorProviders;
|
2018-04-02 14:53:19 -04:00
|
|
|
|
}
|
|
|
|
|
|
catch (JsonException)
|
|
|
|
|
|
{
|
2018-04-03 14:31:33 -04:00
|
|
|
|
return null;
|
2022-08-29 15:53:48 -04:00
|
|
|
|
}
|
2022-08-29 16:06:55 -04:00
|
|
|
|
}
|
2018-04-02 14:53:19 -04:00
|
|
|
|
|
|
|
|
|
|
public void SetTwoFactorProviders(Dictionary<TwoFactorProviderType, TwoFactorProvider> providers)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!providers.Any())
|
2022-08-29 14:53:16 -04:00
|
|
|
|
{
|
2018-04-02 14:53:19 -04:00
|
|
|
|
TwoFactorProviders = null;
|
2018-04-03 14:31:33 -04:00
|
|
|
|
_twoFactorProviders = null;
|
2018-04-02 14:53:19 -04:00
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
TwoFactorProviders = JsonHelpers.LegacySerialize(providers, JsonHelpers.LegacyEnumKeyResolver);
|
|
|
|
|
|
_twoFactorProviders = providers;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public bool TwoFactorProviderIsEnabled(TwoFactorProviderType provider)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2018-04-02 14:53:19 -04:00
|
|
|
|
var providers = GetTwoFactorProviders();
|
2025-06-02 18:18:28 +02:00
|
|
|
|
if (providers == null || !providers.TryGetValue(provider, out var twoFactorProvider))
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2018-04-02 14:53:19 -04:00
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2025-06-02 18:18:28 +02:00
|
|
|
|
return twoFactorProvider.Enabled && Use2fa;
|
2022-08-29 15:53:48 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2018-04-02 14:53:19 -04:00
|
|
|
|
public bool TwoFactorIsEnabled()
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2018-04-02 14:53:19 -04:00
|
|
|
|
var providers = GetTwoFactorProviders();
|
|
|
|
|
|
if (providers == null)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2018-04-02 14:53:19 -04:00
|
|
|
|
return false;
|
|
|
|
|
|
}
|
2022-08-29 14:53:16 -04:00
|
|
|
|
|
2018-04-02 14:53:19 -04:00
|
|
|
|
return providers.Any(p => (p.Value?.Enabled ?? false) && Use2fa);
|
2022-08-29 15:53:48 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2024-07-04 21:14:37 -04:00
|
|
|
|
public TwoFactorProvider? GetTwoFactorProvider(TwoFactorProviderType provider)
|
2022-08-29 16:06:55 -04:00
|
|
|
|
{
|
2018-04-02 14:53:19 -04:00
|
|
|
|
var providers = GetTwoFactorProviders();
|
2025-06-02 18:18:28 +02:00
|
|
|
|
return providers?.GetValueOrDefault(provider);
|
2017-03-02 00:15:05 -05:00
|
|
|
|
}
|
2023-02-24 07:54:19 +10:00
|
|
|
|
|
2024-10-18 11:00:01 -04:00
|
|
|
|
public void UpdateFromLicense(OrganizationLicense license, IFeatureService featureService)
|
2023-02-24 07:54:19 +10:00
|
|
|
|
{
|
2024-01-17 22:33:35 +10:00
|
|
|
|
// The following properties are intentionally excluded from being updated:
|
|
|
|
|
|
// - Id - self-hosted org will have its own unique Guid
|
|
|
|
|
|
// - MaxStorageGb - not enforced for self-hosted because we're not providing the storage
|
|
|
|
|
|
|
2023-02-24 07:54:19 +10:00
|
|
|
|
Name = license.Name;
|
|
|
|
|
|
BusinessName = license.BusinessName;
|
|
|
|
|
|
BillingEmail = license.BillingEmail;
|
|
|
|
|
|
PlanType = license.PlanType;
|
|
|
|
|
|
Seats = license.Seats;
|
|
|
|
|
|
MaxCollections = license.MaxCollections;
|
|
|
|
|
|
UseGroups = license.UseGroups;
|
|
|
|
|
|
UseDirectory = license.UseDirectory;
|
|
|
|
|
|
UseEvents = license.UseEvents;
|
|
|
|
|
|
UseTotp = license.UseTotp;
|
|
|
|
|
|
Use2fa = license.Use2fa;
|
|
|
|
|
|
UseApi = license.UseApi;
|
|
|
|
|
|
UsePolicies = license.UsePolicies;
|
|
|
|
|
|
UseSso = license.UseSso;
|
|
|
|
|
|
UseKeyConnector = license.UseKeyConnector;
|
|
|
|
|
|
UseScim = license.UseScim;
|
|
|
|
|
|
UseResetPassword = license.UseResetPassword;
|
|
|
|
|
|
SelfHost = license.SelfHost;
|
|
|
|
|
|
UsersGetPremium = license.UsersGetPremium;
|
|
|
|
|
|
UseCustomPermissions = license.UseCustomPermissions;
|
|
|
|
|
|
Plan = license.Plan;
|
|
|
|
|
|
Enabled = license.Enabled;
|
|
|
|
|
|
ExpirationDate = license.Expires;
|
|
|
|
|
|
LicenseKey = license.LicenseKey;
|
|
|
|
|
|
RevisionDate = DateTime.UtcNow;
|
2023-10-16 15:47:12 -05:00
|
|
|
|
UsePasswordManager = license.UsePasswordManager;
|
|
|
|
|
|
UseSecretsManager = license.UseSecretsManager;
|
|
|
|
|
|
SmSeats = license.SmSeats;
|
|
|
|
|
|
SmServiceAccounts = license.SmServiceAccounts;
|
2025-04-03 08:35:29 -05:00
|
|
|
|
UseRiskInsights = license.UseRiskInsights;
|
2025-05-15 10:42:51 -04:00
|
|
|
|
UseOrganizationDomains = license.UseOrganizationDomains;
|
2025-05-16 16:05:47 +01:00
|
|
|
|
UseAdminSponsoredFamilies = license.UseAdminSponsoredFamilies;
|
2023-02-24 07:54:19 +10:00
|
|
|
|
}
|
2017-03-02 00:15:05 -05:00
|
|
|
|
}
|