bitwarden · r-tome · May 22, 2024 · Mar 15, 2024 · Mar 15, 2024 · Mar 22, 2024
@@ -269,6 +269,25 @@
  return RedirectToAction("Index");
  }
 
+ [HttpPost]
+ [ValidateAntiForgeryToken]
+ [RequirePermission(Permission.Org_Delete)]
+ public async Task<IActionResult> DeleteInitiation(Guid id, OrganizationInitiateDeleteModel model)
+ {
+ if (!ModelState.IsValid)
+ {
+ return RedirectToAction("Edit", new { id });
+ }
+
+ var organization = await _organizationRepository.GetByIdAsync(id);
+ if (organization != null)
+ {
+ await _organizationService.InitiateDeleteAsync(organization, model.AdminEmail);
+ }
+
+ return RedirectToAction("Edit", new { id });
+ }
+
  public async Task<IActionResult> TriggerBillingSync(Guid id)
  {
  var organization = await _organizationRepository.GetByIdAsync(id);

@@ -0,0 +1,12 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace Bit.Admin.AdminConsole.Models;
+
+public class OrganizationInitiateDeleteModel
+{
+ [Required]
+ [EmailAddress]
+ [StringLength(256)]
+ [Display(Name = "Admin Email")]
+ public string AdminEmail { get; set; }
+}
@@ -1,4 +1,4 @@
-@using Bit.Admin.Enums;
+@using Bit.Admin.Enums;
 @using Bit.Admin.Models
 @using Bit.Core.Enums
 @inject Bit.Admin.Services.IAccessControlService AccessControlService
@@ -18,24 +18,43 @@
 
  <script>
  (() => {
- document.getElementById('teams-trial').addEventListener('click', () => {
- if (document.getElementById('@(nameof(Model.PlanType))').value !== '@((byte)PlanType.Free)') {
- alert('Organization is not on a free plan.');
- return;
- }
- setTrialDefaults('@((byte)PlanType.TeamsAnnually)');
- togglePlanFeatures('@((byte)PlanType.TeamsAnnually)');
- document.getElementById('@(nameof(Model.Plan))').value = 'Teams (Trial)';
- });
- document.getElementById('enterprise-trial').addEventListener('click', () => {
- if (document.getElementById('@(nameof(Model.PlanType))').value !== '@((byte)PlanType.Free)') {
- alert('Organization is not on a free plan.');
- return;
- }
- setTrialDefaults('@((byte)PlanType.EnterpriseAnnually)');
- togglePlanFeatures('@((byte)PlanType.EnterpriseAnnually)');
- document.getElementById('@(nameof(Model.Plan))').value = 'Enterprise (Trial)';
- });
+ const treamsTrialButton = document.getElementById('teams-trial');
+ if (treamsTrialButton != null) {
+ treamsTrialButton.addEventListener('click', () => {
+ if (document.getElementById('@(nameof(Model.PlanType))').value !== '@((byte)PlanType.Free)') {
+ alert('Organization is not on a free plan.');
+ return;
+ }
+ setTrialDefaults('@((byte)PlanType.TeamsAnnually)');
+ togglePlanFeatures('@((byte)PlanType.TeamsAnnually)');
+ document.getElementById('@(nameof(Model.Plan))').value = 'Teams (Trial)';
+ });
+ }
+
+ const entTrialButton = document.getElementById('enterprise-trial');
+ if (entTrialButton != null) {
+ entTrialButton.addEventListener('click', () => {
+ if (document.getElementById('@(nameof(Model.PlanType))').value !== '@((byte)PlanType.Free)') {
+ alert('Organization is not on a free plan.');
+ return;
+ }
+ setTrialDefaults('@((byte)PlanType.EnterpriseAnnually)');
+ togglePlanFeatures('@((byte)PlanType.EnterpriseAnnually)');
+ document.getElementById('@(nameof(Model.Plan))').value = 'Enterprise (Trial)';
+ });
+ }
+
+ const initDeleteButton = document.getElementById('initiate-delete-form');
+ if (initDeleteButton != null) {
+ initDeleteButton.addEventListener('submit', (e) => {
+ const email = prompt('Enter the email address of the owner/admin that your want to ' +
+ 'request the organization delete verification process with.');
+ document.getElementById('AdminEmail').value = email;
+ if (email == null || email === '') {
+ e.preventDefault();
+ }
+ });
+ }
 
  function setTrialDefaults(planType) {
  // Plan
@@ -76,7 +95,7 @@
 {
  <h2>Billing Information</h2>
  @await Html.PartialAsync("_BillingInformation",
- new BillingInformationModel { BillingInfo = Model.BillingInfo, OrganizationId = Model.Organization.Id, Entity = "Organization" })
+  new BillingInformationModel { BillingInfo = Model.BillingInfo, OrganizationId = Model.Organization.Id, Entity = "Organization" })
 }
 
 @await Html.PartialAsync("~/AdminConsole/Views/Shared/_OrganizationForm.cshtml", Model)
@@ -95,18 +114,20 @@
  }
  @if (canUnlinkFromProvider && Model.Provider is not null)
  {
- <button
- class="btn btn-outline-danger mr-2"
- onclick="return unlinkProvider('@Model.Organization.Id');"
- >
+ <button class="btn btn-outline-danger mr-2"
+ onclick="return unlinkProvider('@Model.Organization.Id');">
  Unlink provider
  </button>
  }
  @if (canDelete)
  {
+ <form asp-action="DeleteInitiation" asp-route-id="@Model.Organization.Id" id="initiate-delete-form">
+ <input type="hidden" name="AdminEmail" id="AdminEmail" />
+ <button class="btn btn-danger mr-2" type="submit">Request Delete</button>
+ </form>
  <form asp-action="Delete" asp-route-id="@Model.Organization.Id"
- onsubmit="return confirm('Are you sure you want to delete this organization?')">
- <button class="btn btn-danger" type="submit">Delete</button>
+  onsubmit="return confirm('Are you sure you want to hard delete this organization?')">
+ <button class="btn btn-outline-danger" type="submit">Delete</button>
  </form>
  }
  </div>

@@ -12,6 +12,7 @@
 using Bit.Api.Models.Response;
 using Bit.Core;
 using Bit.Core.AdminConsole.Enums;
+using Bit.Core.AdminConsole.Models.Business.Tokenables;
 using Bit.Core.AdminConsole.Models.Data.Organizations.Policies;
 using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationApiKeys.Interfaces;
 using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationCollectionEnhancements.Interfaces;
@@ -32,6 +33,7 @@
 using Bit.Core.Repositories;
 using Bit.Core.Services;
 using Bit.Core.Settings;
+using Bit.Core.Tokens;
 using Bit.Core.Tools.Enums;
 using Bit.Core.Tools.Models.Business;
 using Bit.Core.Tools.Services;
@@ -72,6 +74,7 @@
  private readonly IOrganizationEnableCollectionEnhancementsCommand _organizationEnableCollectionEnhancementsCommand;
  private readonly IProviderRepository _providerRepository;
  private readonly IScaleSeatsCommand _scaleSeatsCommand;
+ private readonly IDataProtectorTokenFactory<OrgDeleteTokenable> _orgDeleteTokenDataFactory;
 
  public OrganizationsController(
  IOrganizationRepository organizationRepository,
@@ -100,7 +103,8 @@
  IReferenceEventService referenceEventService,
  IOrganizationEnableCollectionEnhancementsCommand organizationEnableCollectionEnhancementsCommand,
  IProviderRepository providerRepository,
- IScaleSeatsCommand scaleSeatsCommand)
+ IScaleSeatsCommand scaleSeatsCommand,
+ IDataProtectorTokenFactory<OrgDeleteTokenable> orgDeleteTokenDataFactory)
  {
  _organizationRepository = organizationRepository;
  _organizationUserRepository = organizationUserRepository;
@@ -129,6 +133,7 @@
  _organizationEnableCollectionEnhancementsCommand = organizationEnableCollectionEnhancementsCommand;
  _providerRepository = providerRepository;
  _scaleSeatsCommand = scaleSeatsCommand;
+ _orgDeleteTokenDataFactory = orgDeleteTokenDataFactory;
  }
 
  [HttpGet("{id}")]
@@ -586,6 +591,37 @@
  await _organizationService.DeleteAsync(organization);
  }
 
+ [HttpPost("{id}/delete-recover-token")]
+ [AllowAnonymous]
+ public async Task PostDeleteRecoverToken(Guid id, [FromBody] OrganizationVerifyDeleteRecoverRequestModel model)
+ {
+ var organization = await _organizationRepository.GetByIdAsync(id);
+ if (organization == null)
+ {
+ throw new NotFoundException();
+ }
+
+ if (!_orgDeleteTokenDataFactory.TryUnprotect(model.Token, out var data) || !data.IsValid(organization))
+ {
+ throw new BadRequestException("Invalid token.");
+ }
+
+ var consolidatedBillingEnabled = _featureService.IsEnabled(FeatureFlagKeys.EnableConsolidatedBilling);
+ if (consolidatedBillingEnabled && organization.IsValidClient())
+ {
+ var provider = await _providerRepository.GetByOrganizationIdAsync(organization.Id);
+ if (provider.IsBillable())
+ {
+ await _scaleSeatsCommand.ScalePasswordManagerSeats(
+ provider,
+ organization.PlanType,
+ -organization.Seats ?? 0);
+ }
+ }
+
+ await _organizationService.DeleteAsync(organization);
+ }
+
  [HttpPost("{id}/import")]
  public async Task Import(string id, [FromBody] ImportOrganizationUsersRequestModel model)
  {

@@ -0,0 +1,9 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace Bit.Api.AdminConsole.Models.Request.Organizations;
+
+public class OrganizationVerifyDeleteRecoverRequestModel
+{
+ [Required]
+ public string Token { get; set; }
+}
@@ -0,0 +1,32 @@
+using System.Text.Json.Serialization;
+using Bit.Core.AdminConsole.Entities;
+
+namespace Bit.Core.AdminConsole.Models.Business.Tokenables;
+
+public class OrgDeleteTokenable : Tokens.ExpiringTokenable
+{
+ public const string ClearTextPrefix = "";
+ public const string DataProtectorPurpose = "OrgDeleteDataProtector";
+ public const string TokenIdentifier = "OrgDelete";
+ public string Identifier { get; set; } = TokenIdentifier;
+ public Guid Id { get; set; }
+
+ [JsonConstructor]
+ public OrgDeleteTokenable(DateTime expirationDate)
+ {
+ ExpirationDate = expirationDate;
+ }
+
+ public OrgDeleteTokenable(Organization organization, int hoursTillExpiration)
+ {
+ Id = organization.Id;
+ ExpirationDate = DateTime.UtcNow.AddHours(hoursTillExpiration);
+ }
+
+ public bool IsValid(Organization organization)
+ {
+ return Id == organization.Id;
+ }
+
+ protected override bool TokenIsValid() => Identifier == TokenIdentifier && Id != default;
+}
@@ -34,6 +34,7 @@ public interface IOrganizationService
  /// </summary>
  Task<(Organization organization, OrganizationUser organizationUser)> SignUpAsync(OrganizationLicense license, User owner,
  string ownerKey, string collectionName, string publicKey, string privateKey);
+ Task InitiateDeleteAsync(Organization organization, string orgAdminEmail);
  Task DeleteAsync(Organization organization);
  Task EnableAsync(Guid organizationId, DateTime? expirationDate);
  Task DisableAsync(Guid organizationId, DateTime? expirationDate);

@@ -4,6 +4,7 @@
 using Bit.Core.AdminConsole.Enums;
 using Bit.Core.AdminConsole.Enums.Provider;
 using Bit.Core.AdminConsole.Models.Business;
+using Bit.Core.AdminConsole.Models.Business.Tokenables;
 using Bit.Core.AdminConsole.Models.Data.Organizations.Policies;
 using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.Interfaces;
 using Bit.Core.AdminConsole.Repositories;
@@ -60,6 +61,7 @@
  private readonly IProviderUserRepository _providerUserRepository;
  private readonly ICountNewSmSeatsRequiredQuery _countNewSmSeatsRequiredQuery;
  private readonly IUpdateSecretsManagerSubscriptionCommand _updateSecretsManagerSubscriptionCommand;
+ private readonly IDataProtectorTokenFactory<OrgDeleteTokenable> _orgDeleteTokenDataFactory;
  private readonly IProviderRepository _providerRepository;
  private readonly IOrgUserInviteTokenableFactory _orgUserInviteTokenableFactory;
  private readonly IDataProtectorTokenFactory<OrgUserInviteTokenable> _orgUserInviteTokenDataFactory;
@@ -94,6 +96,7 @@
  IOrgUserInviteTokenableFactory orgUserInviteTokenableFactory,
  IDataProtectorTokenFactory<OrgUserInviteTokenable> orgUserInviteTokenDataFactory,
  IUpdateSecretsManagerSubscriptionCommand updateSecretsManagerSubscriptionCommand,
+ IDataProtectorTokenFactory<OrgDeleteTokenable> orgDeleteTokenDataFactory,
  IProviderRepository providerRepository,
  IFeatureService featureService)
  {
@@ -123,6 +126,7 @@
  _providerUserRepository = providerUserRepository;
  _countNewSmSeatsRequiredQuery = countNewSmSeatsRequiredQuery;
  _updateSecretsManagerSubscriptionCommand = updateSecretsManagerSubscriptionCommand;
+ _orgDeleteTokenDataFactory = orgDeleteTokenDataFactory;
  _providerRepository = providerRepository;
  _orgUserInviteTokenableFactory = orgUserInviteTokenableFactory;
  _orgUserInviteTokenDataFactory = orgUserInviteTokenDataFactory;
@@ -811,6 +815,23 @@
  }
  }
 
+ public async Task InitiateDeleteAsync(Organization organization, string orgAdminEmail)
+ {
+ var orgAdmin = await _userRepository.GetByEmailAsync(orgAdminEmail);
+ if (orgAdmin == null)
+ {
+ throw new BadRequestException("Org admin not found.");
+ }
+ var orgAdminOrgUser = await _organizationUserRepository.GetDetailsByUserAsync(orgAdmin.Id, organization.Id);
+ if (orgAdminOrgUser == null || orgAdminOrgUser.Status != OrganizationUserStatusType.Confirmed ||
+ (orgAdminOrgUser.Type != OrganizationUserType.Admin && orgAdminOrgUser.Type != OrganizationUserType.Owner))
+ {
+ throw new BadRequestException("Org admin not found.");
+ }
+ var token = _orgDeleteTokenDataFactory.Protect(new OrgDeleteTokenable(organization, 1));
+ await _mailService.SendInitiateDeleteOrganzationEmailAsync(orgAdminEmail, organization, token);
+ }
+
  public async Task DeleteAsync(Organization organization)
  {
  await ValidateDeleteOrganizationAsync(organization);