[AC-2403] Don't subtract grace period from expiration date when license is in trial #3991

amorask-bitwarden · 2024-04-15T19:23:19Z

Type of change

- [X] Bug fix
- [ ] New feature development
- [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
- [ ] Build/deploy pipeline (DevOps)
- [ ] Other

Objective

This PR fixes a bug where, in the OrganizationSubscriptionResponse for self-hosted, the expiration date for a subscription in trial was having the grace period deducted from it when it never had it appended on the cloud side in the first place. This resulted in the appearance that the trial expiration was almost 2 months in the past for self-hosted users.

… in trial

codecov · 2024-04-15T19:32:36Z

Codecov Report

Attention: Patch coverage is 0% with 3 lines in your changes are missing coverage. Please review.

Project coverage is 37.68%. Comparing base (6672019) to head (cf7380f).

Files	Patch %	Lines
...esponse/Organizations/OrganizationResponseModel.cs	0.00%	3 Missing ⚠️

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #3991   +/-   ##
=======================================
  Coverage   37.68%   37.68%           
=======================================
  Files        1187     1187           
  Lines       57732    57732           
  Branches     5533     5533           
=======================================
  Hits        21758    21758           
  Misses      34958    34958           
  Partials     1016     1016

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

github-actions · 2024-04-15T20:15:35Z

Checkmarx One – Scan Summary & Details – db700833-e71b-452a-961d-ac21276b664a

New Issues

Severity	Issue	Source File / Package	Checkmarx Insight
	Missing_CSP_Header	/src/Core/MailTemplates/Handlebars/Provider/InitiateDeleteProvider.html.hbs: 10	Attack Vector

Fixed Issues

Severity	Issue	Source File / Package
	CSRF	/src/Api/AdminConsole/Controllers/ProvidersController.cs: 141
	CSRF	/src/Admin/AdminConsole/Controllers/ProvidersController.cs: 284
	CSRF	/src/Api/AdminConsole/Controllers/GroupsController.cs: 145
	CSRF	/src/Api/AdminConsole/Controllers/GroupsController.cs: 145
	CSRF	/src/Api/Billing/Controllers/ProviderClientsController.cs: 30
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 563
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 563
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 563
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 563
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 315
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 315
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 702
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 678
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 871
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 454
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 774
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 296
	CSRF	/src/Api/Billing/Public/Controllers/OrganizationController.cs: 44
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 832
	CSRF	/src/Api/Controllers/SelfHosted/SelfHostedOrganizationLicensesController.cs: 97
	CSRF	/src/Api/Controllers/SelfHosted/SelfHostedOrganizationLicensesController.cs: 71
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 807
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 228
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 400
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 369
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 440
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 744
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 166
	CSRF	/src/Api/Vault/Controllers/FoldersController.cs: 45
	CSRF	/src/Api/Controllers/SelfHosted/SelfHostedOrganizationLicensesController.cs: 51
	CSRF	/src/Api/Controllers/UsersController.cs: 22
	CSRF	/src/Api/Controllers/DevicesController.cs: 70
	CSRF	/src/Api/Controllers/DevicesController.cs: 57
	CSRF	/src/Api/AdminConsole/Public/Controllers/PoliciesController.cs: 69
	CSRF	/src/Api/AdminConsole/Public/Controllers/PoliciesController.cs: 49
	CSRF	/src/Api/AdminConsole/Public/Controllers/OrganizationController.cs: 42
	CSRF	/src/Api/AdminConsole/Public/Controllers/GroupsController.cs: 92
	CSRF	/src/Api/AdminConsole/Public/Controllers/GroupsController.cs: 49
	CSRF	/src/Api/AdminConsole/Controllers/ProviderUsersController.cs: 142
	CSRF	/src/Api/AdminConsole/Controllers/ProviderOrganizationsController.cs: 52
	CSRF	/src/Api/AdminConsole/Controllers/PoliciesController.cs: 148
	CSRF	/src/Api/AdminConsole/Controllers/PoliciesController.cs: 78
	CSRF	/src/Api/AdminConsole/Controllers/PoliciesController.cs: 61
	CSRF	/bitwarden_license/src/Scim/Controllers/v2/UsersController.cs: 50
	CSRF	/src/Api/AdminConsole/Public/Controllers/GroupsController.cs: 161
	CSRF	/src/Api/Auth/Controllers/EmergencyAccessController.cs: 159
	CSRF	/bitwarden_license/src/Scim/Controllers/v2/GroupsController.cs: 98
	CSRF	/bitwarden_license/src/Scim/Controllers/v2/GroupsController.cs: 88
	CSRF	/src/Api/Controllers/CollectionsController.cs: 303
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 726
	CSRF	/src/Api/Auth/Controllers/TwoFactorController.cs: 403
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 825
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 900
	CSRF	/src/Api/Controllers/CollectionsController.cs: 410
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 571
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 1027
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 570
	CSRF	/bitwarden_license/src/Sso/Controllers/AccountController.cs: 97
	CSRF	/bitwarden_license/src/Sso/Controllers/AccountController.cs: 164
	CSRF	/src/Admin/AdminConsole/Controllers/OrganizationsController.cs: 282
	CSRF	/src/Admin/AdminConsole/Controllers/ProvidersController.cs: 207
	CSRF	/src/Api/AdminConsole/Controllers/GroupsController.cs: 77
	CSRF	/src/Api/AdminConsole/Controllers/GroupsController.cs: 114
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 223
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 324
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 570
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 82
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 200
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 282
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 300
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 758
	CSRF	/src/Api/AdminConsole/Public/Controllers/OrganizationController.cs: 42
	CSRF	/src/Api/AdminConsole/Public/Controllers/OrganizationController.cs: 42
	CSRF	/src/Api/AdminConsole/Public/Controllers/OrganizationController.cs: 42
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 408
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 228
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 159
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 688
	CSRF	/src/Api/Controllers/CollectionsController.cs: 374
	CSRF	/src/Api/AdminConsole/Public/Controllers/MembersController.cs: 147
	CSRF	/src/Api/AdminConsole/Public/Controllers/MembersController.cs: 147
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 993
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 993
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 970
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 970
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 268
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 586
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 433
	CSRF	/src/Api/AdminConsole/Controllers/GroupsController.cs: 128
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 228
	CSRF	/src/Api/AdminConsole/Controllers/ProviderUsersController.cs: 188
	CSRF	/src/Api/AdminConsole/Controllers/ProviderUsersController.cs: 175
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 283
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 191
	CSRF	/src/Api/Controllers/SettingsController.cs: 36
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 539
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 539
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 526
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 220
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 1047
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 313
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 944
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 944
	CSRF	/src/Api/AdminConsole/Controllers/GroupsController.cs: 188
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 583
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 583
	CSRF	/src/Api/Controllers/CollectionsController.cs: 303
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 959
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 570
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 570
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationsController.cs: 570
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 144
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 744
	CSRF	/src/Api/Controllers/CollectionsController.cs: 410
	CSRF	/src/Api/Controllers/CollectionsController.cs: 323
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 268
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 669
	CSRF	/src/Api/AdminConsole/Controllers/GroupsController.cs: 205
	CSRF	/src/Api/Controllers/CollectionsController.cs: 374
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 858
	CSRF	/src/Api/AdminConsole/Public/Controllers/GroupsController.cs: 133
	CSRF	/src/Api/AdminConsole/Public/Controllers/MembersController.cs: 184
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 613
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 191
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 526
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 174
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 222
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 807
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 288
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 220
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 362
	CSRF	/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 366
	CSRF	/src/Api/AdminConsole/Public/Controllers/MembersController.cs: 56
	CSRF	/src/Api/AdminConsole/Public/Controllers/MembersController.cs: 124
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 560
	CSRF	/src/Api/Controllers/CollectionsController.cs: 156
	CSRF	/src/Api/Controllers/CollectionsController.cs: 187
	CSRF	/src/Api/Controllers/CollectionsController.cs: 196
	CSRF	/src/Api/Public/Controllers/CollectionsController.cs: 64
	CSRF	/src/Api/Tools/Controllers/ImportCiphersController.cs: 50
	CSRF	/src/Api/Tools/Controllers/ImportCiphersController.cs: 66
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 111
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 125
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 889
	CSRF	/src/Identity/Controllers/AccountsController.cs: 50
	CSRF

More results are available on AST platform

eliykat

Now the helper text is inaccurate - it says "after your subscription expires, you have 60 days to apply an updated license file", but the grace period ends on the same day as the subscription expiration.

Do trial users get a grace period? If so, it looks like further changes are required to make this work. If not, I assume the helper text should be hidden or updated.

amorask-bitwarden · 2024-04-16T14:51:35Z

Now the helper text is inaccurate - it says "after your subscription expires, you have 60 days to apply an updated license file", but the grace period ends on the same day as the subscription expiration.

Do trial users get a grace period? If so, it looks like further changes are required to make this work. If not, I assume the helper text should be hidden or updated.

Hi @eliykat, thanks for catching that and apologies - that was sloppy. I missed that helper text. I spoke with Product & CS and they confirmed that a subscription in Trial does not get a grace period. As such, I hid the helper text in an associated clients PR here: bitwarden/clients#8768

eliykat · 2024-04-17T04:05:59Z

No problem at all - the client-side fix looks good.

Stopped subtracting grace period from expiration date when license is…

2c88cf7

… in trial

amorask-bitwarden requested a review from a team as a code owner April 15, 2024 19:23

amorask-bitwarden requested a review from eliykat April 15, 2024 19:23

amorask-bitwarden added the needs-qa label Apr 15, 2024

eliykat reviewed Apr 16, 2024

View reviewed changes

Merge branch 'main' into billing/AC-2403/self-hosted-expiration-date

fd803a8

eliykat approved these changes Apr 17, 2024

View reviewed changes

Merge branch 'main' into billing/AC-2403/self-hosted-expiration-date

cf7380f

bitwarden-devops-bot temporarily deployed to EU-QA Cloud April 19, 2024 02:24 Inactive

bitwarden-devops-bot temporarily deployed to QA Cloud April 19, 2024 13:39 Inactive

bitwarden-devops-bot temporarily deployed to QA Cloud April 19, 2024 13:41 Inactive

amorask-bitwarden removed the needs-qa label Apr 30, 2024

amorask-bitwarden merged commit ccaee0b into main Apr 30, 2024
49 of 50 checks passed

amorask-bitwarden deleted the billing/AC-2403/self-hosted-expiration-date branch April 30, 2024 14:55

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[AC-2403] Don't subtract grace period from expiration date when license is in trial #3991

[AC-2403] Don't subtract grace period from expiration date when license is in trial #3991

amorask-bitwarden commented Apr 15, 2024

codecov bot commented Apr 15, 2024 •

edited

github-actions bot commented Apr 15, 2024 •

edited

eliykat left a comment

amorask-bitwarden commented Apr 16, 2024 •

edited

eliykat commented Apr 17, 2024

[AC-2403] Don't subtract grace period from expiration date when license is in trial #3991

[AC-2403] Don't subtract grace period from expiration date when license is in trial #3991

Conversation

amorask-bitwarden commented Apr 15, 2024

Type of change

Objective

codecov bot commented Apr 15, 2024 • edited

Codecov Report

github-actions bot commented Apr 15, 2024 • edited

New Issues

Fixed Issues

eliykat left a comment

Choose a reason for hiding this comment

amorask-bitwarden commented Apr 16, 2024 • edited

eliykat commented Apr 17, 2024

codecov bot commented Apr 15, 2024 •

edited

github-actions bot commented Apr 15, 2024 •

edited

amorask-bitwarden commented Apr 16, 2024 •

edited