From 0aaeafb9519deede500c5727d7f0e61b432920a7 Mon Sep 17 00:00:00 2001 From: Bernd Schoolmann Date: Mon, 3 Nov 2025 11:53:14 +0100 Subject: [PATCH] Allow migration only on vault --- .../encrypted-migrations-scheduler.service.ts | 27 ++++++++++++++++--- .../src/services/jslib-services.module.ts | 2 ++ 2 files changed, 26 insertions(+), 3 deletions(-) diff --git a/libs/angular/src/key-management/encrypted-migration/encrypted-migrations-scheduler.service.ts b/libs/angular/src/key-management/encrypted-migration/encrypted-migrations-scheduler.service.ts index 678bfabcce1..602804adfae 100644 --- a/libs/angular/src/key-management/encrypted-migration/encrypted-migrations-scheduler.service.ts +++ b/libs/angular/src/key-management/encrypted-migration/encrypted-migrations-scheduler.service.ts @@ -1,4 +1,14 @@ -import { combineLatest, switchMap, of, firstValueFrom, filter, delay, concatMap } from "rxjs"; +import { NavigationEnd, Router } from "@angular/router"; +import { + combineLatest, + switchMap, + of, + firstValueFrom, + filter, + concatMap, + Observable, + map, +} from "rxjs"; import { AccountService } from "@bitwarden/common/auth/abstractions/account.service"; import { AuthService } from "@bitwarden/common/auth/abstractions/auth.service"; @@ -28,6 +38,7 @@ export const ENCRYPTED_MIGRATION_DISMISSED = new UserKeyDefinition( }, ); const DISMISS_TIME_HOURS = 24; +const VAULT_ROUTE = "/vault"; /** * This services schedules encrypted migrations for users on clients that are interactive (non-cli), and handles manual interaction, @@ -38,6 +49,7 @@ export class DefaultEncryptedMigrationsSchedulerService implements EncryptedMigrationsSchedulerService { isMigrating = false; + url$: Observable; constructor( private syncService: SyncService, @@ -49,7 +61,13 @@ export class DefaultEncryptedMigrationsSchedulerService private dialogService: DialogService, private toastService: ToastService, private i18nService: I18nService, + private router: Router, ) { + this.url$ = this.router.events.pipe( + filter((event: any) => event instanceof NavigationEnd), + map((event: NavigationEnd) => event.url), + ); + // For all accounts, if the auth status changes to unlocked or a sync happens, prompt for migration this.accountService.accounts$ .pipe( @@ -65,9 +83,12 @@ export class DefaultEncryptedMigrationsSchedulerService combineLatest([ this.authService.authStatusFor$(userId), this.syncService.lastSync$(userId).pipe(filter((lastSync) => lastSync != null)), + this.url$, ]).pipe( - filter(([authStatus]) => authStatus === AuthenticationStatus.Unlocked), - delay(5_000), + filter( + ([authStatus, _date, url]) => + authStatus === AuthenticationStatus.Unlocked && url === VAULT_ROUTE, + ), concatMap(() => this.runMigrationsIfNeeded(userId)), ), ), diff --git a/libs/angular/src/services/jslib-services.module.ts b/libs/angular/src/services/jslib-services.module.ts index 9361fc89d08..29864b00481 100644 --- a/libs/angular/src/services/jslib-services.module.ts +++ b/libs/angular/src/services/jslib-services.module.ts @@ -1,6 +1,7 @@ // FIXME: Update this file to be type safe and remove this and next line // @ts-strict-ignore import { APP_INITIALIZER, ErrorHandler, LOCALE_ID, NgModule } from "@angular/core"; +import { Router } from "@angular/router"; import { Subject } from "rxjs"; // This import has been flagged as unallowed for this class. It may be involved in a circular dependency loop. @@ -1725,6 +1726,7 @@ const safeProviders: SafeProvider[] = [ DialogService, ToastService, I18nServiceAbstraction, + Router, ], }), safeProvider({