[PM-5404, PM-3518] Migrate user decryption options to new service (#7344)

* create new user decryption options service * rename new service to user decryption options * add hasMasterPassword to user decryption options service * migrate device trust service to new user decryption options service * add migration for user-decryption-options * migrate sync service and calls to trust-device-service * rename abstraction file * migrate two factor component * migrate two factor spec * migrate sso component * migrate set-password component * migrate base login decryption component * migrate organization options component * fix component imports * add missing imports - remove state service calls - add update user decryption options method * remove acct decryption options from account * lint * fix tests and linting * fix browser * fix desktop * add user decryption options service to cli * remove default value from migration * bump migration number * fix merge conflict * fix vault timeout settings * fix cli * more fixes * add user decryption options service to deps of vault timeout settings service * update login strategy service with user decryption options * remove early return from sync bandaid for user decryption options * move user decryption options service to lib/auth * move user decryption options to libs/auth * fix reference * fix browser * check user decryption options after 2fa check * update migration and revert tsconfig changes * add more documentation * clear user decryption options on logout * fix tests by creating helper for user decryption options * fix tests * pr feedback * fix factory * update migration * add tests * update missed migration num in test
2026-01-07 11:03:30 +00:00 · 2024-03-20 20:33:57 -04:00
parent e2fe1e1567
commit 2111b37c32
68 changed files with 1158 additions and 360 deletions
--- a/libs/auth/src/common/services/user-decryption-options/user-decryption-options.service.spec.ts
+++ b/libs/auth/src/common/services/user-decryption-options/user-decryption-options.service.spec.ts
@@ -0,0 +1,94 @@
+import { firstValueFrom } from "rxjs";
+
+import { AuthenticationStatus } from "@bitwarden/common/auth/enums/authentication-status";
+import { Utils } from "@bitwarden/common/platform/misc/utils";
+import {
+  FakeAccountService,
+  FakeStateProvider,
+  mockAccountServiceWith,
+} from "@bitwarden/common/spec";
+import { UserId } from "@bitwarden/common/types/guid";
+
+import {
+  USER_DECRYPTION_OPTIONS,
+  UserDecryptionOptionsService,
+} from "./user-decryption-options.service";
+
+describe("UserDecryptionOptionsService", () => {
+  let sut: UserDecryptionOptionsService;
+
+  const fakeUserId = Utils.newGuid() as UserId;
+  let fakeAccountService: FakeAccountService;
+  let fakeStateProvider: FakeStateProvider;
+
+  beforeEach(() => {
+    fakeAccountService = mockAccountServiceWith(fakeUserId);
+    fakeStateProvider = new FakeStateProvider(fakeAccountService);
+
+    sut = new UserDecryptionOptionsService(fakeStateProvider);
+  });
+
+  const userDecryptionOptions = {
+    hasMasterPassword: true,
+    trustedDeviceOption: {
+      hasAdminApproval: false,
+      hasLoginApprovingDevice: false,
+      hasManageResetPasswordPermission: true,
+    },
+    keyConnectorOption: {
+      keyConnectorUrl: "https://keyconnector.bitwarden.com",
+    },
+  };
+
+  describe("userDecryptionOptions$", () => {
+    it("should return the active user's decryption options", async () => {
+      await fakeStateProvider.setUserState(USER_DECRYPTION_OPTIONS, userDecryptionOptions);
+
+      const result = await firstValueFrom(sut.userDecryptionOptions$);
+
+      expect(result).toEqual(userDecryptionOptions);
+    });
+  });
+
+  describe("hasMasterPassword$", () => {
+    it("should return the hasMasterPassword property of the active user's decryption options", async () => {
+      await fakeStateProvider.setUserState(USER_DECRYPTION_OPTIONS, userDecryptionOptions);
+
+      const result = await firstValueFrom(sut.hasMasterPassword$);
+
+      expect(result).toBe(true);
+    });
+  });
+
+  describe("userDecryptionOptionsById$", () => {
+    it("should return the user decryption options for the given user", async () => {
+      const givenUser = Utils.newGuid() as UserId;
+      await fakeAccountService.addAccount(givenUser, {
+        name: "Test User 1",
+        email: "test1@email.com",
+        status: AuthenticationStatus.Locked,
+      });
+      await fakeStateProvider.setUserState(
+        USER_DECRYPTION_OPTIONS,
+        userDecryptionOptions,
+        givenUser,
+      );
+
+      const result = await firstValueFrom(sut.userDecryptionOptionsById$(givenUser));
+
+      expect(result).toEqual(userDecryptionOptions);
+    });
+  });
+
+  describe("setUserDecryptionOptions", () => {
+    it("should set the active user's decryption options", async () => {
+      await sut.setUserDecryptionOptions(userDecryptionOptions);
+
+      const result = await firstValueFrom(
+        fakeStateProvider.getActive(USER_DECRYPTION_OPTIONS).state$,
+      );
+
+      expect(result).toEqual(userDecryptionOptions);
+    });
+  });
+});
--- a/libs/auth/src/common/services/user-decryption-options/user-decryption-options.service.ts
+++ b/libs/auth/src/common/services/user-decryption-options/user-decryption-options.service.ts
@@ -0,0 +1,47 @@
+import { map } from "rxjs";
+
+import {
+  ActiveUserState,
+  StateProvider,
+  USER_DECRYPTION_OPTIONS_DISK,
+  UserKeyDefinition,
+} from "@bitwarden/common/platform/state";
+import { UserId } from "@bitwarden/common/src/types/guid";
+
+import { InternalUserDecryptionOptionsServiceAbstraction } from "../../abstractions/user-decryption-options.service.abstraction";
+import { UserDecryptionOptions } from "../../models";
+
+export const USER_DECRYPTION_OPTIONS = new UserKeyDefinition<UserDecryptionOptions>(
+  USER_DECRYPTION_OPTIONS_DISK,
+  "decryptionOptions",
+  {
+    deserializer: (decryptionOptions) => UserDecryptionOptions.fromJSON(decryptionOptions),
+    clearOn: ["logout"],
+  },
+);
+
+export class UserDecryptionOptionsService
+  implements InternalUserDecryptionOptionsServiceAbstraction
+{
+  private userDecryptionOptionsState: ActiveUserState<UserDecryptionOptions>;
+
+  userDecryptionOptions$;
+  hasMasterPassword$;
+
+  constructor(private stateProvider: StateProvider) {
+    this.userDecryptionOptionsState = this.stateProvider.getActive(USER_DECRYPTION_OPTIONS);
+
+    this.userDecryptionOptions$ = this.userDecryptionOptionsState.state$;
+    this.hasMasterPassword$ = this.userDecryptionOptions$.pipe(
+      map((options) => options?.hasMasterPassword ?? false),
+    );
+  }
+
+  userDecryptionOptionsById$(userId: UserId) {
+    return this.stateProvider.getUser(userId, USER_DECRYPTION_OPTIONS).state$;
+  }
+
+  async setUserDecryptionOptions(userDecryptionOptions: UserDecryptionOptions): Promise<void> {
+    await this.userDecryptionOptionsState.update((_) => userDecryptionOptions);
+  }
+}