[PM-21713] Include CipherId and find Ciphers in Risk Insights report (#14823)

bitwarden_license/bit-common/src/dirt/reports/risk-insights/models/password-health.ts

@@ -32,13 +32,18 @@ export type ApplicationHealthReportDetail = {
   atRiskMemberCount: number;
   memberDetails: MemberDetailsFlat[];
   atRiskMemberDetails: MemberDetailsFlat[];
-  cipher: CipherView;
+  cipherIds: string[];
 };
 
 export type ApplicationHealthReportDetailWithCriticalFlag = ApplicationHealthReportDetail & {
   isMarkedAsCritical: boolean;
 };
 
+export type ApplicationHealthReportDetailWithCriticalFlagAndCipher =
+  ApplicationHealthReportDetailWithCriticalFlag & {
+    ciphers: CipherView[];
+  };
+
 /**
  * Breaks the cipher health info out by uri and passes
  * along the password health and member info

bitwarden_license/bit-common/src/dirt/reports/risk-insights/services/critical-apps.service.ts

@@ -141,6 +141,11 @@ export class CriticalAppsService {
           const uri = await this.encryptService.decryptString(encrypted, key);
           return { id: r.id, organizationId: r.organizationId, uri: uri };
         });
+
+        if (results.length === 0) {
+          return of([]); // emits an empty array immediately
+        }
+
         return forkJoin(results);
       }),
       first(),

bitwarden_license/bit-common/src/dirt/reports/risk-insights/services/risk-insights-report.service.ts

@@ -20,6 +20,7 @@ import {
   MemberDetailsFlat,
   WeakPasswordDetail,
   WeakPasswordScore,
+  ApplicationHealthReportDetailWithCriticalFlagAndCipher,
 } from "../models/password-health";
 
 import { MemberCipherDetailsApiService } from "./member-cipher-details-api.service";
@@ -164,6 +165,22 @@ export class RiskInsightsReportService {
     };
   }
 
+  async identifyCiphers(
+    data: ApplicationHealthReportDetail[],
+    organizationId: string,
+  ): Promise<ApplicationHealthReportDetailWithCriticalFlagAndCipher[]> {
+    const cipherViews = await this.cipherService.getAllFromApiForOrganization(organizationId);
+
+    const dataWithCiphers = data.map(
+      (app, index) =>
+        ({
+          ...app,
+          ciphers: cipherViews.filter((c) => app.cipherIds.some((a) => a === c.id)),
+        }) as ApplicationHealthReportDetailWithCriticalFlagAndCipher,
+    );
+    return dataWithCiphers;
+  }
+
   /**
    * Associates the members with the ciphers they have access to. Calculates the password health.
    * Finds the trimmed uris.
@@ -358,7 +375,9 @@ export class RiskInsightsReportService {
       atRiskPasswordCount: existingUriDetail ? existingUriDetail.atRiskPasswordCount : 0,
       atRiskCipherIds: existingUriDetail ? existingUriDetail.atRiskCipherIds : [],
       atRiskMemberCount: existingUriDetail ? existingUriDetail.atRiskMemberDetails.length : 0,
-      cipher: newUriDetail.cipher,
+      cipherIds: existingUriDetail
+        ? existingUriDetail.cipherIds.concat(newUriDetail.cipherId)
+        : [newUriDetail.cipherId],
     } as ApplicationHealthReportDetail;
 
     if (isAtRisk) {