Merge branch 'main' into PM-7853-Clients-Hide-Send-from-navigation-when-user-is-subject-to-the-disable-Send-policy

2026-02-07 20:24:01 +00:00 · 2025-12-15 09:23:26 -05:00
parent 7b775dd276 bab2684bbd
commit 46aec5e35b
6 changed files with 59 additions and 45 deletions
--- a/apps/desktop/src/key-management/electron-key.service.spec.ts
+++ b/apps/desktop/src/key-management/electron-key.service.spec.ts
@@ -13,11 +13,13 @@ import { UserKey } from "@bitwarden/common/types/key";
 import { BiometricStateService, KdfConfigService } from "@bitwarden/key-management";

 import {
-  makeSymmetricCryptoKey,
  FakeAccountService,
-  mockAccountServiceWith,
  FakeStateProvider,
+  makeSymmetricCryptoKey,
+  mockAccountServiceWith,
 } from "../../../../libs/common/spec";
+// eslint-disable-next-line no-restricted-imports
+import { VAULT_TIMEOUT } from "../../../../libs/common/src/key-management/vault-timeout";

 import { DesktopBiometricsService } from "./biometrics/desktop.biometrics.service";
 import { ElectronKeyService } from "./electron-key.service";
@@ -40,11 +42,13 @@ describe("ElectronKeyService", () => {
  let accountService: FakeAccountService;
  let masterPasswordService: FakeMasterPasswordService;

-  beforeEach(() => {
+  beforeEach(async () => {
    accountService = mockAccountServiceWith(mockUserId);
    masterPasswordService = new FakeMasterPasswordService();
    stateProvider = new FakeStateProvider(accountService);

+    await stateProvider.setUserState(VAULT_TIMEOUT, 10, mockUserId);
+
    keyService = new ElectronKeyService(
      masterPasswordService,
      keyGenerationService,
@@ -79,38 +83,17 @@ describe("ElectronKeyService", () => {
        expect(biometricStateService.getBiometricUnlockEnabled).toHaveBeenCalledWith(mockUserId);
      });

-      describe("biometric unlock enabled", () => {
-        beforeEach(() => {
-          biometricStateService.getBiometricUnlockEnabled.mockResolvedValue(true);
-        });
+      it("sets biometric key when biometric unlock enabled", async () => {
+        biometricStateService.getBiometricUnlockEnabled.mockResolvedValue(true);

-        it("sets null biometric client key half and biometric unlock key when require password on start disabled", async () => {
-          biometricStateService.getRequirePasswordOnStart.mockResolvedValue(false);
+        await keyService.setUserKey(userKey, mockUserId);

-          await keyService.setUserKey(userKey, mockUserId);
-
-          expect(biometricService.setBiometricProtectedUnlockKeyForUser).toHaveBeenCalledWith(
-            mockUserId,
-            userKey,
-          );
-          expect(biometricStateService.setEncryptedClientKeyHalf).not.toHaveBeenCalled();
-          expect(biometricStateService.getBiometricUnlockEnabled).toHaveBeenCalledWith(mockUserId);
-        });
-
-        describe("require password on start enabled", () => {
-          beforeEach(() => {
-            biometricStateService.getRequirePasswordOnStart.mockResolvedValue(true);
-          });
-
-          it("sets biometric key", async () => {
-            await keyService.setUserKey(userKey, mockUserId);
-
-            expect(biometricService.setBiometricProtectedUnlockKeyForUser).toHaveBeenCalledWith(
-              mockUserId,
-              userKey,
-            );
-          });
-        });
+        expect(biometricService.setBiometricProtectedUnlockKeyForUser).toHaveBeenCalledWith(
+          mockUserId,
+          userKey,
+        );
+        expect(biometricStateService.setEncryptedClientKeyHalf).not.toHaveBeenCalled();
+        expect(biometricStateService.getBiometricUnlockEnabled).toHaveBeenCalledWith(mockUserId);
      });
    });
  });
--- a/libs/common/src/key-management/vault-timeout/index.ts
+++ b/libs/common/src/key-management/vault-timeout/index.ts
@@ -10,3 +10,5 @@ export {
  VaultTimeoutNumberType,
  VaultTimeoutStringType,
 } from "./types/vault-timeout.type";
+// Only used by desktop's electron-key.service.spec.ts test
+export { VAULT_TIMEOUT } from "./services/vault-timeout-settings.state";
--- a/libs/common/src/key-management/vault-timeout/services/vault-timeout-settings.service.ts
+++ b/libs/common/src/key-management/vault-timeout/services/vault-timeout-settings.service.ts
@@ -13,6 +13,7 @@ import {
  shareReplay,
  switchMap,
  tap,
+  concatMap,
 } from "rxjs";

 // This import has been flagged as unallowed for this class. It may be involved in a circular dependency loop.
@@ -150,7 +151,7 @@ export class VaultTimeoutSettingsService implements VaultTimeoutSettingsServiceA
        return from(
          this.determineVaultTimeout(currentVaultTimeout, maxSessionTimeoutPolicyData),
        ).pipe(
-          tap((vaultTimeout: VaultTimeout) => {
+          concatMap(async (vaultTimeout: VaultTimeout) => {
            this.logService.debug(
              "[VaultTimeoutSettingsService] Determined vault timeout is %o for user id %s",
              vaultTimeout,
@@ -159,8 +160,9 @@ export class VaultTimeoutSettingsService implements VaultTimeoutSettingsServiceA

            // As a side effect, set the new value determined by determineVaultTimeout into state if it's different from the current
            if (vaultTimeout !== currentVaultTimeout) {
-              return this.stateProvider.setUserState(VAULT_TIMEOUT, vaultTimeout, userId);
+              await this.stateProvider.setUserState(VAULT_TIMEOUT, vaultTimeout, userId);
            }
+            return vaultTimeout;
          }),
          catchError((error: unknown) => {
            // Protect outer observable from canceling on error by catching and returning EMPTY
--- a/libs/components/src/avatar/avatar.component.ts
+++ b/libs/components/src/avatar/avatar.component.ts
@@ -1,5 +1,5 @@
 import { NgClass } from "@angular/common";
-import { Component, computed, input } from "@angular/core";
+import { ChangeDetectionStrategy, Component, computed, input } from "@angular/core";

 import { Utils } from "@bitwarden/common/platform/misc/utils";

@@ -14,13 +14,11 @@ const SizeClasses: Record<SizeTypes, string[]> = {
 };

 /**
-  * Avatars display a unique color that helps a user visually recognize their logged in account.
-
-  * A variance in color across the avatar component is important as it is used in Account Switching as a
-  * visual indicator to recognize which of a personal or work account a user is logged into.
-*/
-// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
-// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
+ * Avatars display a unique color that helps a user visually recognize their logged in account.
+ *
+ * A variance in color across the avatar component is important as it is used in Account Switching as a
+ * visual indicator to recognize which of a personal or work account a user is logged into.
+ */
@Component({
  selector: "bit-avatar",
  template: `
@@ -49,13 +47,38 @@ const SizeClasses: Record<SizeTypes, string[]> = {
    </span>
  `,
  imports: [NgClass],
+  changeDetection: ChangeDetectionStrategy.OnPush,
 })
 export class AvatarComponent {
+  /**
+   * Whether to display a border around the avatar.
+   */
  readonly border = input(false);
+
+  /**
+   * Custom background color for the avatar. If not provided, a color will be generated based on the id or text.
+   */
  readonly color = input<string>();
+
+  /**
+   * Unique identifier used to generate a consistent background color. Takes precedence over text for color generation.
+   */
  readonly id = input<string>();
+
+  /**
+   * Text to display in the avatar. The first letters of words (up to 2 characters) will be shown.
+   * Also used to generate background color if id is not provided.
+   */
  readonly text = input<string>();
+
+  /**
+   * Title attribute for the avatar. If not provided, falls back to the text value.
+   */
  readonly title = input<string>();
+
+  /**
+   * Size of the avatar.
+   */
  readonly size = input<SizeTypes>("default");

  protected readonly svgCharCount = 2;
--- a/libs/key-management/src/key.service.spec.ts
+++ b/libs/key-management/src/key.service.spec.ts
@@ -69,11 +69,13 @@ describe("keyService", () => {
  let accountService: FakeAccountService;
  let masterPasswordService: FakeMasterPasswordService;

-  beforeEach(() => {
+  beforeEach(async () => {
    accountService = mockAccountServiceWith(mockUserId);
    masterPasswordService = new FakeMasterPasswordService();
    stateProvider = new FakeStateProvider(accountService);

+    await stateProvider.setUserState(VAULT_TIMEOUT, VaultTimeoutStringType.Never, mockUserId);
+
    keyService = new DefaultKeyService(
      masterPasswordService,
      keyGenerationService,
--- a/libs/key-management/src/key.service.ts
+++ b/libs/key-management/src/key.service.ts
@@ -691,7 +691,9 @@ export class DefaultKeyService implements KeyServiceAbstraction {
        // the VaultTimeoutSettingsSvc and this service.
        // This should be fixed as part of the PM-7082 - Auto Key Service work.
        const vaultTimeout = await firstValueFrom(
-          this.stateProvider.getUserState$(VAULT_TIMEOUT, userId),
+          this.stateProvider
+            .getUserState$(VAULT_TIMEOUT, userId)
+            .pipe(filter((timeout) => timeout != null)),
        );

        shouldStoreKey = vaultTimeout == VaultTimeoutStringType.Never;