server
server copied to clipboard
bitwarden
[SM-713] Add database support for secret access policies
Type of change
- [ ] Bug fix
- [X] New feature development
- [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
- [ ] Build/deploy pipeline (DevOps)
- [ ] Other
Objective
The purpose of this PR is to add database support for individual secret permissions for the Secrets Manager project. This includes changes to EF Core code to clean up secret access policies on deletion events.
Code changes
-
bitwarden_license/src/Commercial.Infrastructure.EntityFramework/SecretsManager/Repositories/ServiceAccountRepository.cs: Move to using a transaction,
ExecuteDeleteAsyncand added cleanup for secret access policies. -
src/Core/SecretsManager/Entities/AccessPolicy.cs: Add secret access policy entities.
-
src/Infrastructure.EntityFramework/AdminConsole/Repositories/OrganizationRepository.cs: Add secret access policy cleanup.
-
src/Infrastructure.EntityFramework/AdminConsole/Repositories/OrganizationUserRepository.cs: Add secret access policy cleanup for single delete. Bulk delete was broken swapped to using a transaction,
ExecuteDeleteAsync, and cleanup code. -
src/Infrastructure.EntityFramework/Repositories/DatabaseContext.cs: Add new access policy types to database context.
-
src/Infrastructure.EntityFramework/SecretsManager/Configurations/AccessPolicyEntityTypeConfiguration.cs: Add new access policy types to database configuration.
-
src/Infrastructure.EntityFramework/SecretsManager/Discriminators/AccessPolicyDiscriminator.cs: Add new discriminators for TPH mappings.
-
src/Infrastructure.EntityFramework/SecretsManager/Models/AccessPolicy.cs Add mappings for new entities into EF models.
-
src/Infrastructure.EntityFramework/SecretsManager/Models/Secret.cs Add access policy EF navigation properties.
-
src/Sql/SecretsManager/dbo/Tables/AccessPolicy.sql: Add column, FK, and index. Run the
mssqlformatter on this file to be more inline with our other SQL files. -
util/Migrator/DbScripts/2024-01-10_00_AddSecretAccessPolicies.sql: Add mssql migration script.
-
util/MySqlMigrations/Migrations/*: MySql EF migrations
-
util/PostgresMigrations/Migrations/*: Postgres EF migrations
-
util/SqliteMigrations/Migrations/*: Sqlite EF migrations
Before you submit
- Please check for formatting errors (
dotnet format --verify-no-changes) (required) - If making database changes - make sure you also update Entity Framework queries and/or migrations
- Please add unit tests where it makes sense to do so (encouraged but not required)
- If this change requires a documentation update - notify the documentation team
- If this change has particular deployment requirements - notify the DevOps team
Codecov Report
Attention: 54 lines in your changes are missing coverage. Please review.
Comparison is base (
374b59b) 36.36% compared to head (caff7a1) 36.42%.
Additional details and impacted files
@@ Coverage Diff @@
## main #3681 +/- ##
==========================================
+ Coverage 36.36% 36.42% +0.05%
==========================================
Files 1158 1158
Lines 55885 55998 +113
Branches 5376 5376
==========================================
+ Hits 20325 20395 +70
- Misses 34614 34657 +43
Partials 946 946
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
Checkmarx One – Scan Summary & Details – 02c1a8b4-f23c-4b7a-8e54-9657df595c48
No New Or Fixed Issues Found
Quality Gate failed
Failed conditions
21.9% Duplication on New Code (required ≤ 3%)
See analysis details on SonarCloud
![sonarqubecloud[bot] avatar](https://avatars.githubusercontent.com/in/12526?v=4 "Published by a pub.dev verified publisher"){kind=small}