diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index d0526b1a79e..cc8eb662894 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -4,7 +4,7 @@ # The following owners will be the default owners for everything in the repo. # Unless a later match takes precedence -# @bitwarden/team-leads +@bitwarden/team-leads ## Secrets Manager team files ## bitwarden_license/bit-web/src/app/secrets-manager @bitwarden/team-secrets-manager-dev diff --git a/.github/workflows/brew-bump-cli.yml b/.github/workflows/brew-bump-cli.yml index cae9db880ec..d45e85ea15c 100644 --- a/.github/workflows/brew-bump-cli.yml +++ b/.github/workflows/brew-bump-cli.yml @@ -23,7 +23,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "brew-bump-workflow-pat" diff --git a/.github/workflows/brew-bump-desktop.yml b/.github/workflows/brew-bump-desktop.yml index 43b24f4553c..b7bb726722c 100644 --- a/.github/workflows/brew-bump-desktop.yml +++ b/.github/workflows/brew-bump-desktop.yml @@ -23,7 +23,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "brew-bump-workflow-pat" diff --git a/.github/workflows/build-browser.yml b/.github/workflows/build-browser.yml index 89fa40a53fe..4e9a15fbfaf 100644 --- a/.github/workflows/build-browser.yml +++ b/.github/workflows/build-browser.yml @@ -354,7 +354,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "crowdin-api-token" @@ -416,7 +416,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets if: failure() - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "devops-alerts-slack-webhook-url" diff --git a/.github/workflows/build-cli.yml b/.github/workflows/build-cli.yml index bc33a4ccd0a..c047133e1c2 100644 --- a/.github/workflows/build-cli.yml +++ b/.github/workflows/build-cli.yml @@ -404,7 +404,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets if: failure() - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "devops-alerts-slack-webhook-url" diff --git a/.github/workflows/build-desktop.yml b/.github/workflows/build-desktop.yml index b5da80f7f78..d00551ca36a 100644 --- a/.github/workflows/build-desktop.yml +++ b/.github/workflows/build-desktop.yml @@ -277,7 +277,7 @@ jobs: node-gyp install $(node -v) - name: Install AST - uses: bitwarden/gh-actions/install-ast@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/install-ast@37ffa14164a7308bc273829edfe75c97cd562375 - name: Set up environmentF run: choco install checksum --no-progress @@ -302,7 +302,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "code-signing-vault-url, @@ -1190,7 +1190,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "crowdin-api-token" @@ -1269,7 +1269,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets if: failure() - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "devops-alerts-slack-webhook-url" diff --git a/.github/workflows/build-web.yml b/.github/workflows/build-web.yml index fd4a700131f..4a7918a81b1 100644 --- a/.github/workflows/build-web.yml +++ b/.github/workflows/build-web.yml @@ -235,7 +235,7 @@ jobs: - name: Retrieve github PAT secrets id: retrieve-secret-pat - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "github-pat-bitwarden-devops-bot-repo-scope" @@ -243,7 +243,7 @@ jobs: - name: Setup DCT if: ${{ env.is_publish_branch == 'true' }} id: setup-dct - uses: bitwarden/gh-actions/setup-docker-trust@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/setup-docker-trust@37ffa14164a7308bc273829edfe75c97cd562375 with: azure-creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} azure-keyvault-name: "bitwarden-ci" @@ -291,7 +291,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "crowdin-api-token" @@ -352,7 +352,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets if: failure() - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "devops-alerts-slack-webhook-url" diff --git a/.github/workflows/chromatic.yml b/.github/workflows/chromatic.yml index d2f1f45c25d..11be51aaa9b 100644 --- a/.github/workflows/chromatic.yml +++ b/.github/workflows/chromatic.yml @@ -37,7 +37,7 @@ jobs: run: npm run build-storybook:ci - name: Publish to Chromatic - uses: chromaui/action@a2ed440e22f7d4e2c6b0710f7903aa2df70a1ecd + uses: chromaui/action@44caff7e88d584b04f79f04e31e819f9a95d4d8f with: token: ${{ secrets.GITHUB_TOKEN }} projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }} diff --git a/.github/workflows/crowdin-pull.yml b/.github/workflows/crowdin-pull.yml index f058c712031..44c753582c6 100644 --- a/.github/workflows/crowdin-pull.yml +++ b/.github/workflows/crowdin-pull.yml @@ -32,13 +32,13 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "crowdin-api-token, github-gpg-private-key, github-gpg-private-key-passphrase" - name: Download translations - uses: bitwarden/gh-actions/crowdin@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/crowdin@37ffa14164a7308bc273829edfe75c97cd562375 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }} diff --git a/.github/workflows/deploy-eu-prod-web.yml b/.github/workflows/deploy-eu-prod-web.yml new file mode 100644 index 00000000000..f650f08a9bd --- /dev/null +++ b/.github/workflows/deploy-eu-prod-web.yml @@ -0,0 +1,60 @@ +--- +name: Deploy Web to EU-PRD Cloud + +on: + workflow_dispatch: + inputs: + tag: + description: "Branch name to deploy (examples: 'master', 'feature/sm')" + required: true + type: string + default: master + +jobs: + azure-deploy: + name: Deploy to Azure + runs-on: ubuntu-22.04 + env: + _WEB_ARTIFACT: "web-*-cloud-euprd.zip" + steps: + - name: Login to Azure - EU Subscription + uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6 + with: + creds: ${{ secrets.AZURE_KV_EU_PRD_SERVICE_PRINCIPAL }} + + - name: Retrieve Storage Account connection string + id: retrieve-secrets + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 + with: + keyvault: webvault-westeurope-prod + secrets: "sa-bitwarden-web-vault-dev-key-temp" + + - name: Download latest cloud asset + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 + with: + workflow: build-web.yml + path: apps/web + workflow_conclusion: success + branch: ${{ github.event.inputs.tag }} + artifacts: ${{ env._WEB_ARTIFACT }} + + - name: Unzip build asset + working-directory: apps/web + run: unzip ${{ env._WEB_ARTIFACT }} + + - name: Empty container in Storage Account + run: | + az storage blob delete-batch \ + --source '$web' \ + --pattern '*' \ + --connection-string "${{ steps.retrieve-secrets.outputs.sa-bitwarden-web-vault-dev-key-temp }}" + + - name: Deploy to Azure Storage Account + working-directory: apps/web + run: | + az storage blob upload-batch \ + --source "./build" \ + --destination '$web' \ + --connection-string "${{ steps.retrieve-secrets.outputs.sa-bitwarden-web-vault-dev-key-temp }}" \ + --overwrite \ + --no-progress diff --git a/.github/workflows/deploy-non-prod-web.yml b/.github/workflows/deploy-non-prod-web.yml index e0b6977a781..d041369d849 100644 --- a/.github/workflows/deploy-non-prod-web.yml +++ b/.github/workflows/deploy-non-prod-web.yml @@ -64,7 +64,7 @@ jobs: uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Download latest cloud asset - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-web.yml path: apps/web diff --git a/.github/workflows/deploy-prod-web.yml b/.github/workflows/deploy-prod-web.yml deleted file mode 100644 index 144b23e390b..00000000000 --- a/.github/workflows/deploy-prod-web.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -name: Deploy Web - EU Prod - STUB - -on: - workflow_dispatch: - -jobs: - stub-job: - name: Stub Job - runs-on: ubuntu-22.04 - steps: - - name: Stub Step - run: exit 0 diff --git a/.github/workflows/release-browser.yml b/.github/workflows/release-browser.yml index c9f9b20c62d..1aebc9722cb 100644 --- a/.github/workflows/release-browser.yml +++ b/.github/workflows/release-browser.yml @@ -41,7 +41,7 @@ jobs: - name: Check Release Version id: version - uses: bitwarden/gh-actions/release-version-check@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/release-version-check@37ffa14164a7308bc273829edfe75c97cd562375 with: release-type: ${{ github.event.inputs.release_type }} project-type: ts @@ -103,7 +103,7 @@ jobs: - name: Download latest Release build artifacts if: ${{ github.event.inputs.release_type != 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-browser.yml workflow_conclusion: success @@ -116,7 +116,7 @@ jobs: - name: Dry Run - Download latest master build artifacts if: ${{ github.event.inputs.release_type == 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-browser.yml workflow_conclusion: success diff --git a/.github/workflows/release-cli.yml b/.github/workflows/release-cli.yml index 406b345c2fe..76b4915dbd3 100644 --- a/.github/workflows/release-cli.yml +++ b/.github/workflows/release-cli.yml @@ -57,7 +57,7 @@ jobs: - name: Check Release Version id: version - uses: bitwarden/gh-actions/release-version-check@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/release-version-check@37ffa14164a7308bc273829edfe75c97cd562375 with: release-type: ${{ github.event.inputs.release_type }} project-type: ts @@ -78,7 +78,7 @@ jobs: - name: Download all Release artifacts if: ${{ github.event.inputs.release_type != 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-cli.yml path: apps/cli @@ -87,7 +87,7 @@ jobs: - name: Dry Run - Download all artifacts if: ${{ github.event.inputs.release_type == 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-cli.yml path: apps/cli @@ -150,7 +150,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "snapcraft-store-token" @@ -162,7 +162,7 @@ jobs: - name: Download artifacts if: ${{ github.event.inputs.release_type != 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-cli.yml path: apps/cli @@ -172,7 +172,7 @@ jobs: - name: Dry Run - Download artifacts if: ${{ github.event.inputs.release_type == 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-cli.yml path: apps/cli @@ -204,7 +204,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "cli-choco-api-key" @@ -220,7 +220,7 @@ jobs: - name: Download artifacts if: ${{ github.event.inputs.release_type != 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-cli.yml path: apps/cli/dist @@ -230,7 +230,7 @@ jobs: - name: Dry Run - Download artifacts if: ${{ github.event.inputs.release_type == 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-cli.yml path: apps/cli/dist @@ -263,14 +263,14 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "npm-api-key" - name: Download artifacts if: ${{ github.event.inputs.release_type != 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-cli.yml path: apps/cli/build @@ -280,7 +280,7 @@ jobs: - name: Dry Run - Download artifacts if: ${{ github.event.inputs.release_type == 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-cli.yml path: apps/cli/build diff --git a/.github/workflows/release-desktop-beta.yml b/.github/workflows/release-desktop-beta.yml index f9a5e4d5ad3..87f188e9b14 100644 --- a/.github/workflows/release-desktop-beta.yml +++ b/.github/workflows/release-desktop-beta.yml @@ -47,7 +47,7 @@ jobs: - name: Check Release Version id: version - uses: bitwarden/gh-actions/release-version-check@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/release-version-check@37ffa14164a7308bc273829edfe75c97cd562375 with: release-type: 'Initial Release' project-type: ts @@ -231,7 +231,7 @@ jobs: node-gyp install $(node -v) - name: Install AST - uses: bitwarden/gh-actions/install-ast@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/install-ast@37ffa14164a7308bc273829edfe75c97cd562375 - name: Set up environment run: choco install checksum --no-progress @@ -249,7 +249,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "code-signing-vault-url, @@ -932,7 +932,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "aws-electron-access-id, diff --git a/.github/workflows/release-desktop.yml b/.github/workflows/release-desktop.yml index e8832528143..4ad90836835 100644 --- a/.github/workflows/release-desktop.yml +++ b/.github/workflows/release-desktop.yml @@ -67,7 +67,7 @@ jobs: - name: Check Release Version id: version - uses: bitwarden/gh-actions/release-version-check@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/release-version-check@37ffa14164a7308bc273829edfe75c97cd562375 with: release-type: ${{ github.event.inputs.release_type }} project-type: ts @@ -110,7 +110,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "aws-electron-access-id, @@ -123,7 +123,7 @@ jobs: - name: Download all artifacts if: ${{ github.event.inputs.release_type != 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-desktop.yml workflow_conclusion: success @@ -132,7 +132,7 @@ jobs: - name: Dry Run - Download all artifacts if: ${{ github.event.inputs.release_type == 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-desktop.yml workflow_conclusion: success @@ -185,7 +185,7 @@ jobs: --endpoint-url https://${CF_ACCOUNT}.r2.cloudflarestorage.com - name: Get checksum files - uses: bitwarden/gh-actions/get-checksum@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-checksum@37ffa14164a7308bc273829edfe75c97cd562375 with: packages_dir: "apps/desktop/artifacts" file_path: "apps/desktop/artifacts/sha256-checksums.txt" @@ -263,7 +263,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "snapcraft-store-token" @@ -279,7 +279,7 @@ jobs: - name: Download Snap artifact if: ${{ github.event.inputs.release_type != 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-desktop.yml workflow_conclusion: success @@ -289,7 +289,7 @@ jobs: - name: Dry Run - Download Snap artifact if: ${{ github.event.inputs.release_type == 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-desktop.yml workflow_conclusion: success @@ -329,7 +329,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "cli-choco-api-key" @@ -347,7 +347,7 @@ jobs: - name: Download choco artifact if: ${{ github.event.inputs.release_type != 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-desktop.yml workflow_conclusion: success @@ -357,7 +357,7 @@ jobs: - name: Dry Run - Download choco artifact if: ${{ github.event.inputs.release_type == 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-desktop.yml workflow_conclusion: success @@ -368,5 +368,5 @@ jobs: - name: Push to Chocolatey if: ${{ github.event.inputs.release_type != 'Dry Run' }} shell: pwsh - run: choco push + run: choco push --source=https://push.chocolatey.org/ working-directory: apps/desktop/dist diff --git a/.github/workflows/release-qa-web.yml b/.github/workflows/release-qa-web.yml index 60f38e9d320..044099052b7 100644 --- a/.github/workflows/release-qa-web.yml +++ b/.github/workflows/release-qa-web.yml @@ -23,7 +23,7 @@ jobs: uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 - name: Download latest cloud asset - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-web.yml path: apps/web diff --git a/.github/workflows/release-web.yml b/.github/workflows/release-web.yml index 1ba24a8369d..391f0f8715a 100644 --- a/.github/workflows/release-web.yml +++ b/.github/workflows/release-web.yml @@ -38,7 +38,7 @@ jobs: - name: Check Release Version id: version - uses: bitwarden/gh-actions/release-version-check@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/release-version-check@37ffa14164a7308bc273829edfe75c97cd562375 with: release-type: ${{ github.event.inputs.release_type }} project-type: ts @@ -70,7 +70,7 @@ jobs: ########## DockerHub ########## - name: Setup DCT id: setup-dct - uses: bitwarden/gh-actions/setup-docker-trust@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/setup-docker-trust@37ffa14164a7308bc273829edfe75c97cd562375 with: azure-creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} azure-keyvault-name: "bitwarden-ci" @@ -156,7 +156,7 @@ jobs: - name: Retrieve bot secrets id: retrieve-bot-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: bitwarden-ci secrets: "github-pat-bitwarden-devops-bot-repo-scope" @@ -170,7 +170,7 @@ jobs: - name: Download latest cloud asset if: ${{ github.event.inputs.release_type != 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-web.yml path: assets @@ -180,7 +180,7 @@ jobs: - name: Dry Run - Download latest cloud asset if: ${{ github.event.inputs.release_type == 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-web.yml path: assets @@ -253,7 +253,7 @@ jobs: - name: Download latest build artifacts if: ${{ github.event.inputs.release_type != 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-web.yml path: apps/web/artifacts @@ -264,7 +264,7 @@ jobs: - name: Dry Run - Download latest build artifacts if: ${{ github.event.inputs.release_type == 'Dry Run' }} - uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-web.yml path: apps/web/artifacts diff --git a/.github/workflows/staged-rollout-desktop.yml b/.github/workflows/staged-rollout-desktop.yml index 7221028df2e..a21413dcc64 100644 --- a/.github/workflows/staged-rollout-desktop.yml +++ b/.github/workflows/staged-rollout-desktop.yml @@ -26,7 +26,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "aws-electron-access-id, diff --git a/.github/workflows/version-bump.yml b/.github/workflows/version-bump.yml index cebe740b9d1..1c3e2c70644 100644 --- a/.github/workflows/version-bump.yml +++ b/.github/workflows/version-bump.yml @@ -49,7 +49,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: "bitwarden-ci" secrets: "github-gpg-private-key, github-gpg-private-key-passphrase" @@ -86,14 +86,14 @@ jobs: - name: Bump Browser Version - Manifest if: ${{ github.event.inputs.client == 'Browser' || github.event.inputs.client == 'All' }} - uses: bitwarden/gh-actions/version-bump@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/version-bump@37ffa14164a7308bc273829edfe75c97cd562375 with: version: ${{ github.event.inputs.version_number }} file_path: "apps/browser/src/manifest.json" - name: Bump Browser Version - Manifest v3 if: ${{ github.event.inputs.client == 'Browser' || github.event.inputs.client == 'All' }} - uses: bitwarden/gh-actions/version-bump@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/version-bump@37ffa14164a7308bc273829edfe75c97cd562375 with: version: ${{ github.event.inputs.version_number }} file_path: "apps/browser/src/manifest.v3.json" diff --git a/.github/workflows/workflow-linter.yml b/.github/workflows/workflow-linter.yml index 20525879d5a..9fe167ad72e 100644 --- a/.github/workflows/workflow-linter.yml +++ b/.github/workflows/workflow-linter.yml @@ -8,4 +8,4 @@ on: jobs: call-workflow: - uses: bitwarden/gh-actions/.github/workflows/workflow-linter.yml@72594be690a4e7bfa87b1402b2aedc75acdbff12 + uses: bitwarden/gh-actions/.github/workflows/workflow-linter.yml@37ffa14164a7308bc273829edfe75c97cd562375 diff --git a/apps/browser/package.json b/apps/browser/package.json index 4872af87d3f..7eb29bcc05b 100644 --- a/apps/browser/package.json +++ b/apps/browser/package.json @@ -1,6 +1,6 @@ { "name": "@bitwarden/browser", - "version": "2023.5.0", + "version": "2023.5.1", "scripts": { "build": "webpack", "build:mv3": "cross-env MANIFEST_VERSION=3 webpack", diff --git a/apps/browser/src/autofill/commands/autofill-tab-command.ts b/apps/browser/src/autofill/commands/autofill-tab-command.ts index 4910a6cf6fa..b51edd929ee 100644 --- a/apps/browser/src/autofill/commands/autofill-tab-command.ts +++ b/apps/browser/src/autofill/commands/autofill-tab-command.ts @@ -46,6 +46,7 @@ export class AutofillTabCommand { onlyEmptyFields: false, onlyVisibleFields: false, fillNewPassword: true, + allowTotpAutofill: true, }); } diff --git a/apps/browser/src/autofill/services/abstractions/autofill.service.ts b/apps/browser/src/autofill/services/abstractions/autofill.service.ts index b3ad26f0a0b..18830b32102 100644 --- a/apps/browser/src/autofill/services/abstractions/autofill.service.ts +++ b/apps/browser/src/autofill/services/abstractions/autofill.service.ts @@ -21,6 +21,7 @@ export interface AutoFillOptions { fillNewPassword?: boolean; skipLastUsed?: boolean; allowUntrustedIframe?: boolean; + allowTotpAutofill?: boolean; } export interface FormData { diff --git a/apps/browser/src/autofill/services/autofill-constants.ts b/apps/browser/src/autofill/services/autofill-constants.ts index fcab50712c9..58c295c0c21 100644 --- a/apps/browser/src/autofill/services/autofill-constants.ts +++ b/apps/browser/src/autofill/services/autofill-constants.ts @@ -20,6 +20,17 @@ export class AutoFillConstants { "benutzer id", ]; + static readonly TotpFieldNames: string[] = [ + "totp", + "2fa", + "mfa", + "totpcode", + "2facode", + "mfacode", + "twofactor", + "twofactorcode", + ]; + static readonly PasswordFieldIgnoreList: string[] = [ "onetimepassword", "captcha", diff --git a/apps/browser/src/autofill/services/autofill.service.ts b/apps/browser/src/autofill/services/autofill.service.ts index 54e7a833b65..493e463c524 100644 --- a/apps/browser/src/autofill/services/autofill.service.ts +++ b/apps/browser/src/autofill/services/autofill.service.ts @@ -32,6 +32,7 @@ export interface GenerateFillScriptOptions { onlyEmptyFields: boolean; onlyVisibleFields: boolean; fillNewPassword: boolean; + allowTotpAutofill: boolean; cipher: CipherView; tabUrl: string; defaultUriMatch: UriMatchType; @@ -127,69 +128,72 @@ export default class AutofillService implements AutofillServiceInterface { const defaultUriMatch = (await this.stateService.getDefaultUriMatch()) ?? UriMatchType.Domain; let didAutofill = false; - options.pageDetails.forEach((pd) => { - // make sure we're still on correct tab - if (pd.tab.id !== tab.id || pd.tab.url !== tab.url) { - return; - } - - const fillScript = this.generateFillScript(pd.details, { - skipUsernameOnlyFill: options.skipUsernameOnlyFill || false, - onlyEmptyFields: options.onlyEmptyFields || false, - onlyVisibleFields: options.onlyVisibleFields || false, - fillNewPassword: options.fillNewPassword || false, - cipher: options.cipher, - tabUrl: tab.url, - defaultUriMatch: defaultUriMatch, - }); - - if (!fillScript || !fillScript.script || !fillScript.script.length) { - return; - } - - if ( - fillScript.untrustedIframe && - options.allowUntrustedIframe != undefined && - !options.allowUntrustedIframe - ) { - this.logService.info("Auto-fill on page load was blocked due to an untrusted iframe."); - return; - } - - // Add a small delay between operations - fillScript.properties.delay_between_operations = 20; - - didAutofill = true; - if (!options.skipLastUsed) { - this.cipherService.updateLastUsedDate(options.cipher.id); - } - - BrowserApi.tabSendMessage( - tab, - { - command: "fillForm", - fillScript: fillScript, - url: tab.url, - }, - { frameId: pd.frameId } - ); - - if ( - options.cipher.type !== CipherType.Login || - totpPromise || - !options.cipher.login.totp || - (!canAccessPremium && !options.cipher.organizationUseTotp) - ) { - return; - } - - totpPromise = this.stateService.getDisableAutoTotpCopy().then((disabled) => { - if (!disabled) { - return this.totpService.getCode(options.cipher.login.totp); + await Promise.all( + options.pageDetails.map(async (pd) => { + // make sure we're still on correct tab + if (pd.tab.id !== tab.id || pd.tab.url !== tab.url) { + return; } - return null; - }); - }); + + const fillScript = await this.generateFillScript(pd.details, { + skipUsernameOnlyFill: options.skipUsernameOnlyFill || false, + onlyEmptyFields: options.onlyEmptyFields || false, + onlyVisibleFields: options.onlyVisibleFields || false, + fillNewPassword: options.fillNewPassword || false, + allowTotpAutofill: options.allowTotpAutofill || false, + cipher: options.cipher, + tabUrl: tab.url, + defaultUriMatch: defaultUriMatch, + }); + + if (!fillScript || !fillScript.script || !fillScript.script.length) { + return; + } + + if ( + fillScript.untrustedIframe && + options.allowUntrustedIframe != undefined && + !options.allowUntrustedIframe + ) { + this.logService.info("Auto-fill on page load was blocked due to an untrusted iframe."); + return; + } + + // Add a small delay between operations + fillScript.properties.delay_between_operations = 20; + + didAutofill = true; + if (!options.skipLastUsed) { + this.cipherService.updateLastUsedDate(options.cipher.id); + } + + BrowserApi.tabSendMessage( + tab, + { + command: "fillForm", + fillScript: fillScript, + url: tab.url, + }, + { frameId: pd.frameId } + ); + + if ( + options.cipher.type !== CipherType.Login || + totpPromise || + !options.cipher.login.totp || + (!canAccessPremium && !options.cipher.organizationUseTotp) + ) { + return; + } + + totpPromise = this.stateService.getDisableAutoTotpCopy().then((disabled) => { + if (!disabled) { + return this.totpService.getCode(options.cipher.login.totp); + } + return null; + }); + }) + ); if (didAutofill) { this.eventCollectionService.collect(EventType.Cipher_ClientAutofilled, options.cipher.id); @@ -244,6 +248,7 @@ export default class AutofillService implements AutofillServiceInterface { onlyVisibleFields: !fromCommand, fillNewPassword: fromCommand, allowUntrustedIframe: fromCommand, + allowTotpAutofill: fromCommand, }); // Update last used index as autofill has succeed @@ -280,10 +285,10 @@ export default class AutofillService implements AutofillServiceInterface { return tab; } - private generateFillScript( + private async generateFillScript( pageDetails: AutofillPageDetails, options: GenerateFillScriptOptions - ): AutofillScript { + ): Promise { if (!pageDetails || !options.cipher) { return null; } @@ -333,7 +338,12 @@ export default class AutofillService implements AutofillServiceInterface { switch (options.cipher.type) { case CipherType.Login: - fillScript = this.generateLoginFillScript(fillScript, pageDetails, filledFields, options); + fillScript = await this.generateLoginFillScript( + fillScript, + pageDetails, + filledFields, + options + ); break; case CipherType.Card: fillScript = this.generateCardFillScript(fillScript, pageDetails, filledFields, options); @@ -353,20 +363,22 @@ export default class AutofillService implements AutofillServiceInterface { return fillScript; } - private generateLoginFillScript( + private async generateLoginFillScript( fillScript: AutofillScript, pageDetails: AutofillPageDetails, filledFields: { [id: string]: AutofillField }, options: GenerateFillScriptOptions - ): AutofillScript { + ): Promise { if (!options.cipher.login) { return null; } const passwords: AutofillField[] = []; const usernames: AutofillField[] = []; + const totps: AutofillField[] = []; let pf: AutofillField = null; let username: AutofillField = null; + let totp: AutofillField = null; const login = options.cipher.login; fillScript.savedUrls = login?.uris?.filter((u) => u.match != UriMatchType.Never).map((u) => u.uri) ?? []; @@ -420,6 +432,19 @@ export default class AutofillService implements AutofillServiceInterface { usernames.push(username); } } + + if (options.allowTotpAutofill && login.totp) { + totp = this.findTotpField(pageDetails, pf, false, false, false); + + if (!totp && !options.onlyVisibleFields) { + // not able to find any viewable totp fields. maybe there are some "hidden" ones? + totp = this.findTotpField(pageDetails, pf, true, true, true); + } + + if (totp) { + totps.push(totp); + } + } }); } @@ -442,18 +467,42 @@ export default class AutofillService implements AutofillServiceInterface { usernames.push(username); } } + + if (options.allowTotpAutofill && login.totp && pf.elementNumber > 0) { + totp = this.findTotpField(pageDetails, pf, false, false, true); + + if (!totp && !options.onlyVisibleFields) { + // not able to find any viewable username fields. maybe there are some "hidden" ones? + totp = this.findTotpField(pageDetails, pf, true, true, true); + } + + if (totp) { + totps.push(totp); + } + } } - if (!passwordFields.length && !options.skipUsernameOnlyFill) { + if (!passwordFields.length) { // No password fields on this page. Let's try to just fuzzy fill the username. pageDetails.fields.forEach((f) => { if ( + !options.skipUsernameOnlyFill && f.viewable && (f.type === "text" || f.type === "email" || f.type === "tel") && AutofillService.fieldIsFuzzyMatch(f, AutoFillConstants.UsernameFieldNames) ) { usernames.push(f); } + + if ( + options.allowTotpAutofill && + f.viewable && + (f.type === "text" || f.type === "number") && + (AutofillService.fieldIsFuzzyMatch(f, AutoFillConstants.TotpFieldNames) || + f.autoCompleteType === "one-time-code") + ) { + totps.push(f); + } }); } @@ -477,6 +526,20 @@ export default class AutofillService implements AutofillServiceInterface { AutofillService.fillByOpid(fillScript, p, login.password); }); + if (options.allowTotpAutofill) { + await Promise.all( + totps.map(async (t) => { + if (Object.prototype.hasOwnProperty.call(filledFields, t.opid)) { + return; + } + + filledFields[t.opid] = t; + const totpValue = await this.totpService.getCode(login.totp); + AutofillService.fillByOpid(fillScript, t, totpValue); + }) + ); + } + fillScript = AutofillService.setFillScriptForFocus(filledFields, fillScript); return fillScript; } @@ -1258,6 +1321,42 @@ export default class AutofillService implements AutofillServiceInterface { return usernameField; } + private findTotpField( + pageDetails: AutofillPageDetails, + passwordField: AutofillField, + canBeHidden: boolean, + canBeReadOnly: boolean, + withoutForm: boolean + ) { + let totpField: AutofillField = null; + for (let i = 0; i < pageDetails.fields.length; i++) { + const f = pageDetails.fields[i]; + if (AutofillService.forCustomFieldsOnly(f)) { + continue; + } + + if ( + !f.disabled && + (canBeReadOnly || !f.readonly) && + (withoutForm || f.form === passwordField.form) && + (canBeHidden || f.viewable) && + (f.type === "text" || f.type === "number") + ) { + totpField = f; + + if ( + this.findMatchingFieldIndex(f, AutoFillConstants.TotpFieldNames) > -1 || + f.autoCompleteType === "one-time-code" + ) { + // We found an exact match. No need to keep looking. + break; + } + } + } + + return totpField; + } + private findMatchingFieldIndex(field: AutofillField, names: string[]): number { for (let i = 0; i < names.length; i++) { if (names[i].indexOf("=") > -1) { @@ -1267,6 +1366,12 @@ export default class AutofillService implements AutofillServiceInterface { if (this.fieldPropertyIsPrefixMatch(field, "htmlName", names[i], "name")) { return i; } + if (this.fieldPropertyIsPrefixMatch(field, "label-left", names[i], "label")) { + return i; + } + if (this.fieldPropertyIsPrefixMatch(field, "label-right", names[i], "label")) { + return i; + } if (this.fieldPropertyIsPrefixMatch(field, "label-tag", names[i], "label")) { return i; } @@ -1284,6 +1389,12 @@ export default class AutofillService implements AutofillServiceInterface { if (this.fieldPropertyIsMatch(field, "htmlName", names[i])) { return i; } + if (this.fieldPropertyIsMatch(field, "label-left", names[i])) { + return i; + } + if (this.fieldPropertyIsMatch(field, "label-right", names[i])) { + return i; + } if (this.fieldPropertyIsMatch(field, "label-tag", names[i])) { return i; } diff --git a/apps/browser/src/background/runtime.background.ts b/apps/browser/src/background/runtime.background.ts index a06ba43eff4..81f7376a94d 100644 --- a/apps/browser/src/background/runtime.background.ts +++ b/apps/browser/src/background/runtime.background.ts @@ -224,6 +224,7 @@ export default class RuntimeBackground { cipher: this.main.loginToAutoFill, pageDetails: this.pageDetailsToAutoFill, fillNewPassword: true, + allowTotpAutofill: true, }); if (totpCode != null) { diff --git a/apps/browser/src/manifest.json b/apps/browser/src/manifest.json index 429e18cf526..e969f2924a9 100644 --- a/apps/browser/src/manifest.json +++ b/apps/browser/src/manifest.json @@ -2,7 +2,7 @@ "manifest_version": 2, "name": "__MSG_extName__", "short_name": "__MSG_appName__", - "version": "2023.5.0", + "version": "2023.5.1", "description": "__MSG_extDesc__", "default_locale": "en", "author": "Bitwarden Inc.", diff --git a/apps/browser/src/manifest.v3.json b/apps/browser/src/manifest.v3.json index 5f76416c3b8..face29b7da5 100644 --- a/apps/browser/src/manifest.v3.json +++ b/apps/browser/src/manifest.v3.json @@ -3,7 +3,7 @@ "minimum_chrome_version": "102.0", "name": "__MSG_extName__", "short_name": "__MSG_appName__", - "version": "2023.5.0", + "version": "2023.5.1", "description": "__MSG_extDesc__", "default_locale": "en", "author": "Bitwarden Inc.", diff --git a/apps/browser/src/vault/popup/components/vault/current-tab.component.ts b/apps/browser/src/vault/popup/components/vault/current-tab.component.ts index a48c7003759..4b2c62a0e0d 100644 --- a/apps/browser/src/vault/popup/components/vault/current-tab.component.ts +++ b/apps/browser/src/vault/popup/components/vault/current-tab.component.ts @@ -180,6 +180,7 @@ export class CurrentTabComponent implements OnInit, OnDestroy { pageDetails: this.pageDetails, doc: window.document, fillNewPassword: true, + allowTotpAutofill: true, }); if (this.totpCode != null) { this.platformUtilsService.copyToClipboard(this.totpCode, { window: window }); diff --git a/apps/browser/src/vault/popup/components/vault/view.component.ts b/apps/browser/src/vault/popup/components/vault/view.component.ts index efdb48b95cd..aa17c16f26d 100644 --- a/apps/browser/src/vault/popup/components/vault/view.component.ts +++ b/apps/browser/src/vault/popup/components/vault/view.component.ts @@ -288,6 +288,7 @@ export class ViewComponent extends BaseViewComponent { pageDetails: this.pageDetails, doc: window.document, fillNewPassword: true, + allowTotpAutofill: true, }); if (this.totpCode != null) { this.platformUtilsService.copyToClipboard(this.totpCode, { window: window }); diff --git a/apps/cli/src/commands/serve.command.ts b/apps/cli/src/commands/serve.command.ts index 92e8747bc33..8808dcaafb8 100644 --- a/apps/cli/src/commands/serve.command.ts +++ b/apps/cli/src/commands/serve.command.ts @@ -245,6 +245,10 @@ export class ServeCommand { }); router.post("/unlock", async (ctx, next) => { + // Do not allow guessing password location through serve command + delete ctx.request.query.passwordFile; + delete ctx.request.query.passwordEnv; + const response = await this.unlockCommand.run( ctx.request.body.password == null ? null : (ctx.request.body.password as string), ctx.request.query diff --git a/apps/desktop/src/locales/eo/messages.json b/apps/desktop/src/locales/eo/messages.json index b230e753025..1ece91c1e15 100644 --- a/apps/desktop/src/locales/eo/messages.json +++ b/apps/desktop/src/locales/eo/messages.json @@ -6,13 +6,13 @@ "message": "Filtriloj" }, "allItems": { - "message": "All items" + "message": "Ĉiuj Eroj" }, "favorites": { - "message": "Favorites" + "message": "Plej ŝatataj" }, "types": { - "message": "Types" + "message": "Tipoj" }, "typeLogin": { "message": "Saluto" @@ -21,7 +21,7 @@ "message": "Karto" }, "typeIdentity": { - "message": "Identity" + "message": "Idento" }, "typeSecureNote": { "message": "Sekura noto" @@ -30,10 +30,10 @@ "message": "Dosierujoj" }, "collections": { - "message": "Collections" + "message": "Kolektoj" }, "searchVault": { - "message": "Search vault" + "message": "Traserĉu trezorejon" }, "addItem": { "message": "Aldoni elementon" @@ -45,10 +45,10 @@ "message": "Kundividi" }, "moveToOrganization": { - "message": "Move to organization" + "message": "Movu al organizo" }, "movedItemToOrg": { - "message": "$ITEMNAME$ moved to $ORGNAME$", + "message": "$ITEMNAME$ moviĝis al $ORGNAME$", "placeholders": { "itemname": { "content": "$1", @@ -61,7 +61,7 @@ } }, "moveToOrgDesc": { - "message": "Choose an organization that you wish to move this item to. Moving to an organization transfers ownership of the item to that organization. You will no longer be the direct owner of this item once it has been moved." + "message": "Elektu organizon kun kiu vi volas dividi ĉi tiun eron. Dividado transdonas posedon de la ero al la organizo. Vi ne plu estos la rekta posedanto de ĉi tiu ero post kiam ĝi estos dividita." }, "attachments": { "message": "Aldonaĵoj" @@ -104,10 +104,10 @@ "message": "Retpoŝta adreso" }, "verificationCodeTotp": { - "message": "Verification code (TOTP)" + "message": "Kontrola kodo (TOTP)" }, "website": { - "message": "Website" + "message": "Retejo" }, "notes": { "message": "Notoj" @@ -116,10 +116,10 @@ "message": "Propraj kampoj" }, "launch": { - "message": "Launch" + "message": "Lanĉo" }, "copyValue": { - "message": "Copy value", + "message": "Kopii valoron", "description": "Copy value to clipboard" }, "minimizeOnCopyToClipboard": { diff --git a/apps/desktop/src/locales/fi/messages.json b/apps/desktop/src/locales/fi/messages.json index 96b7282f13c..4372bf86359 100644 --- a/apps/desktop/src/locales/fi/messages.json +++ b/apps/desktop/src/locales/fi/messages.json @@ -962,7 +962,7 @@ "message": "Käynnistä automaattisesti kirjauduttaessa" }, "openAtLoginDesc": { - "message": "Käynnistä sovellus automaattisesti kirjautumisen yhteydessä." + "message": "Käynnistä Bitwarden-sovellus automaattisesti kirjautumisen yhteydessä." }, "alwaysShowDock": { "message": "Näytä aina Dockissa" diff --git a/apps/web/config/euprd.json b/apps/web/config/euprd.json index 3813074b7cf..576b5b4cfa1 100644 --- a/apps/web/config/euprd.json +++ b/apps/web/config/euprd.json @@ -1,8 +1,8 @@ { "urls": { "icons": "https://icons.bitwarden.net", - "notifications": "https://notifications.bitwarden.net", - "scim": "https://scim.bitwarden.net" + "notifications": "https://notifications.bitwarden.eu", + "scim": "https://scim.bitwarden.eu" }, "flags": { "secretsManager": true, diff --git a/apps/web/package.json b/apps/web/package.json index 1aed639fdcc..5b5f25d4374 100644 --- a/apps/web/package.json +++ b/apps/web/package.json @@ -1,6 +1,6 @@ { "name": "@bitwarden/web-vault", - "version": "2023.5.0", + "version": "2023.5.1", "scripts": { "build:oss": "webpack", "build:bit": "webpack -c ../../bitwarden_license/bit-web/webpack.config.js", diff --git a/apps/web/src/app/billing/accounts/trial-initiation/billing.component.ts b/apps/web/src/app/billing/accounts/trial-initiation/billing.component.ts index 35aee967450..1830b49a45b 100644 --- a/apps/web/src/app/billing/accounts/trial-initiation/billing.component.ts +++ b/apps/web/src/app/billing/accounts/trial-initiation/billing.component.ts @@ -1,18 +1,7 @@ import { Component, EventEmitter, Input, Output } from "@angular/core"; -import { UntypedFormBuilder, FormGroup } from "@angular/forms"; -import { Router } from "@angular/router"; +import { FormGroup } from "@angular/forms"; -import { ApiService } from "@bitwarden/common/abstractions/api.service"; -import { OrganizationApiServiceAbstraction } from "@bitwarden/common/admin-console/abstractions/organization/organization-api.service.abstraction"; -import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction"; -import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction"; import { ProductType } from "@bitwarden/common/enums"; -import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service"; -import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; -import { LogService } from "@bitwarden/common/platform/abstractions/log.service"; -import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service"; -import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service"; -import { SyncService } from "@bitwarden/common/vault/abstractions/sync/sync.service.abstraction"; import { OrganizationPlansComponent } from "../../settings/organization-plans.component"; @@ -24,36 +13,6 @@ export class BillingComponent extends OrganizationPlansComponent { @Input() orgInfoForm: FormGroup; @Output() previousStep = new EventEmitter(); - constructor( - apiService: ApiService, - i18nService: I18nService, - platformUtilsService: PlatformUtilsService, - cryptoService: CryptoService, - router: Router, - syncService: SyncService, - policyService: PolicyService, - organizationService: OrganizationService, - logService: LogService, - messagingService: MessagingService, - formBuilder: UntypedFormBuilder, - organizationApiService: OrganizationApiServiceAbstraction - ) { - super( - apiService, - i18nService, - platformUtilsService, - cryptoService, - router, - syncService, - policyService, - organizationService, - logService, - messagingService, - formBuilder, - organizationApiService - ); - } - async ngOnInit() { const additionalSeats = this.product == ProductType.Families ? 0 : 1; this.formGroup.patchValue({ diff --git a/apps/web/src/app/billing/organizations/adjust-subscription.component.ts b/apps/web/src/app/billing/organizations/adjust-subscription.component.ts index 7fbdcf0581a..0fb8c4e3a66 100644 --- a/apps/web/src/app/billing/organizations/adjust-subscription.component.ts +++ b/apps/web/src/app/billing/organizations/adjust-subscription.component.ts @@ -43,7 +43,7 @@ export class AdjustSubscription { seatAdjustment, this.newMaxSeats ); - this.formPromise = this.organizationApiService.updateSubscription( + this.formPromise = this.organizationApiService.updatePasswordManagerSeats( this.organizationId, request ); diff --git a/apps/web/src/app/billing/organizations/organization-billing.module.ts b/apps/web/src/app/billing/organizations/organization-billing.module.ts index 37639a76b4c..6349c6c5815 100644 --- a/apps/web/src/app/billing/organizations/organization-billing.module.ts +++ b/apps/web/src/app/billing/organizations/organization-billing.module.ts @@ -12,8 +12,8 @@ import { OrganizationBillingRoutingModule } from "./organization-billing-routing import { OrganizationBillingTabComponent } from "./organization-billing-tab.component"; import { OrganizationSubscriptionCloudComponent } from "./organization-subscription-cloud.component"; import { OrganizationSubscriptionSelfhostComponent } from "./organization-subscription-selfhost.component"; -import { SecretsManagerEnrollComponent } from "./secrets-manager/enroll.component"; import { SecretsManagerAdjustSubscriptionComponent } from "./secrets-manager/sm-adjust-subscription.component"; +import { SecretsManagerBillingModule } from "./secrets-manager/sm-billing.module"; import { SubscriptionHiddenComponent } from "./subscription-hidden.component"; @NgModule({ @@ -22,6 +22,7 @@ import { SubscriptionHiddenComponent } from "./subscription-hidden.component"; LooseComponentsModule, OrganizationBillingRoutingModule, UserVerificationModule, + SecretsManagerBillingModule, ], declarations: [ AdjustSubscription, @@ -34,7 +35,6 @@ import { SubscriptionHiddenComponent } from "./subscription-hidden.component"; OrganizationSubscriptionCloudComponent, SubscriptionHiddenComponent, SecretsManagerAdjustSubscriptionComponent, - SecretsManagerEnrollComponent, ], }) export class OrganizationBillingModule {} diff --git a/apps/web/src/app/billing/organizations/organization-subscription-cloud.component.html b/apps/web/src/app/billing/organizations/organization-subscription-cloud.component.html index 01db951ce9c..86e5306fd9e 100644 --- a/apps/web/src/app/billing/organizations/organization-subscription-cloud.component.html +++ b/apps/web/src/app/billing/organizations/organization-subscription-cloud.component.html @@ -21,7 +21,7 @@ [providerName]="userOrg.providerName" > - + - - + + @@ -151,7 +151,7 @@ > {{ "removeSponsorship" | i18n }} -

{{ "storage" | i18n }}

+

{{ "storage" | i18n }}

{{ "subscriptionStorage" | i18n : sub.maxStorageGb || 0 : sub.storageName || "0 MB" }}

diff --git a/apps/web/src/app/billing/organizations/organization-subscription-cloud.component.ts b/apps/web/src/app/billing/organizations/organization-subscription-cloud.component.ts index 25f412aebc9..992cf4b9071 100644 --- a/apps/web/src/app/billing/organizations/organization-subscription-cloud.component.ts +++ b/apps/web/src/app/billing/organizations/organization-subscription-cloud.component.ts @@ -41,6 +41,8 @@ export class OrganizationSubscriptionCloudComponent implements OnInit, OnDestroy hasBillingSyncToken: boolean; showAdjustSecretsManager = false; + showSecretsManagerSubscribe = false; + firstLoaded = false; loading: boolean; @@ -110,6 +112,17 @@ export class OrganizationSubscriptionCloudComponent implements OnInit, OnDestroy (i) => i.keyType === OrganizationApiKeyType.BillingSync ); + this.showSecretsManagerSubscribe = + this.userOrg.canEditSubscription && + !this.userOrg.useSecretsManager && + !this.subscription.cancelled && + !this.subscriptionMarkedForCancel; + + // Remove next line when the sm-ga-billing flag is deleted + this.showSecretsManagerSubscribe = + this.showSecretsManagerSubscribe && + (await this.configService.getFeatureFlagBool(FeatureFlag.SecretsManagerBilling)); + this.showAdjustSecretsManager = this.userOrg.canEditSubscription && this.userOrg.useSecretsManager && diff --git a/apps/web/src/app/billing/organizations/secrets-manager/enroll.component.html b/apps/web/src/app/billing/organizations/secrets-manager/enroll.component.html index de2b6aa566d..e69de29bb2d 100644 --- a/apps/web/src/app/billing/organizations/secrets-manager/enroll.component.html +++ b/apps/web/src/app/billing/organizations/secrets-manager/enroll.component.html @@ -1,13 +0,0 @@ -
-

{{ "secretsManagerBeta" | i18n }}

-

{{ "secretsManagerSubscriptionDesc" | i18n }}

- - - - {{ "secretsManagerEnable" | i18n }} - - - -
diff --git a/apps/web/src/app/billing/organizations/secrets-manager/enroll.component.ts b/apps/web/src/app/billing/organizations/secrets-manager/enroll.component.ts deleted file mode 100644 index edcedc8d548..00000000000 --- a/apps/web/src/app/billing/organizations/secrets-manager/enroll.component.ts +++ /dev/null @@ -1,52 +0,0 @@ -import { Component, Input, OnInit } from "@angular/core"; -import { FormBuilder } from "@angular/forms"; - -import { OrganizationApiServiceAbstraction } from "@bitwarden/common/admin-console/abstractions/organization/organization-api.service.abstraction"; -import { OrganizationEnrollSecretsManagerRequest } from "@bitwarden/common/admin-console/models/request/organization/organization-enroll-secrets-manager.request"; -import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; -import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service"; -import { SyncService } from "@bitwarden/common/vault/abstractions/sync/sync.service.abstraction"; - -import { flagEnabled } from "../../../../utils/flags"; - -@Component({ - selector: "sm-enroll", - templateUrl: "enroll.component.html", -}) -export class SecretsManagerEnrollComponent implements OnInit { - @Input() enabled: boolean; - @Input() organizationId: string; - - protected formGroup = this.formBuilder.group({ - enabled: [false], - }); - - protected showSecretsManager = false; - - constructor( - private formBuilder: FormBuilder, - private organizationApiService: OrganizationApiServiceAbstraction, - private platformUtilsService: PlatformUtilsService, - private i18nService: I18nService, - private syncService: SyncService - ) { - this.showSecretsManager = flagEnabled("secretsManager"); - } - - ngOnInit(): void { - this.formGroup.setValue({ - enabled: this.enabled, - }); - } - - protected submit = async () => { - this.formGroup.markAllAsTouched(); - - const request = new OrganizationEnrollSecretsManagerRequest(); - request.enabled = this.formGroup.value.enabled; - - await this.organizationApiService.updateEnrollSecretsManager(this.organizationId, request); - await this.syncService.fullSync(true); - this.platformUtilsService.showToast("success", null, this.i18nService.t("subscriptionUpdated")); - }; -} diff --git a/apps/web/src/app/billing/organizations/secrets-manager/index.ts b/apps/web/src/app/billing/organizations/secrets-manager/index.ts new file mode 100644 index 00000000000..fc0bcd35343 --- /dev/null +++ b/apps/web/src/app/billing/organizations/secrets-manager/index.ts @@ -0,0 +1,3 @@ +export * from "./sm-billing.module"; +export * from "./sm-subscribe.component"; +export * from "./sm-subscribe-standalone.component"; diff --git a/apps/web/src/app/billing/organizations/secrets-manager/sm-adjust-subscription.component.ts b/apps/web/src/app/billing/organizations/secrets-manager/sm-adjust-subscription.component.ts index 99f8fda1ad8..9645c768a6b 100644 --- a/apps/web/src/app/billing/organizations/secrets-manager/sm-adjust-subscription.component.ts +++ b/apps/web/src/app/billing/organizations/secrets-manager/sm-adjust-subscription.component.ts @@ -147,7 +147,7 @@ export class SecretsManagerAdjustSubscriptionComponent implements OnInit, OnDest this.formGroup.value.serviceAccountLimit ); - await this.organizationApiService.updateSubscription(this.organizationId, request); + await this.organizationApiService.updatePasswordManagerSeats(this.organizationId, request); await this.platformUtilsService.showToast( "success", diff --git a/apps/web/src/app/billing/organizations/secrets-manager/sm-billing.module.ts b/apps/web/src/app/billing/organizations/secrets-manager/sm-billing.module.ts new file mode 100644 index 00000000000..a46286fc5a3 --- /dev/null +++ b/apps/web/src/app/billing/organizations/secrets-manager/sm-billing.module.ts @@ -0,0 +1,13 @@ +import { NgModule } from "@angular/core"; + +import { SharedModule } from "../../../shared"; + +import { SecretsManagerSubscribeStandaloneComponent } from "./sm-subscribe-standalone.component"; +import { SecretsManagerSubscribeComponent } from "./sm-subscribe.component"; + +@NgModule({ + imports: [SharedModule], + declarations: [SecretsManagerSubscribeComponent, SecretsManagerSubscribeStandaloneComponent], + exports: [SecretsManagerSubscribeComponent, SecretsManagerSubscribeStandaloneComponent], +}) +export class SecretsManagerBillingModule {} diff --git a/apps/web/src/app/billing/organizations/secrets-manager/sm-subscribe-standalone.component.html b/apps/web/src/app/billing/organizations/secrets-manager/sm-subscribe-standalone.component.html new file mode 100644 index 00000000000..84c74ee4282 --- /dev/null +++ b/apps/web/src/app/billing/organizations/secrets-manager/sm-subscribe-standalone.component.html @@ -0,0 +1,8 @@ +
+ +
diff --git a/apps/web/src/app/billing/organizations/secrets-manager/sm-subscribe-standalone.component.ts b/apps/web/src/app/billing/organizations/secrets-manager/sm-subscribe-standalone.component.ts new file mode 100644 index 00000000000..1aa95a6c7a2 --- /dev/null +++ b/apps/web/src/app/billing/organizations/secrets-manager/sm-subscribe-standalone.component.ts @@ -0,0 +1,42 @@ +import { Component, EventEmitter, Input, Output } from "@angular/core"; +import { FormBuilder } from "@angular/forms"; + +import { OrganizationApiServiceAbstraction } from "@bitwarden/common/admin-console/abstractions/organization/organization-api.service.abstraction"; +import { Organization } from "@bitwarden/common/admin-console/models/domain/organization"; +import { SecretsManagerSubscribeRequest } from "@bitwarden/common/billing/models/request/sm-subscribe.request"; +import { PlanResponse } from "@bitwarden/common/billing/models/response/plan.response"; +import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; +import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service"; + +import { secretsManagerSubscribeFormFactory } from "./sm-subscribe.component"; + +@Component({ + selector: "sm-subscribe-standalone", + templateUrl: "sm-subscribe-standalone.component.html", +}) +export class SecretsManagerSubscribeStandaloneComponent { + @Input() plan: PlanResponse; + @Input() organization: Organization; + @Output() onSubscribe = new EventEmitter(); + + formGroup = secretsManagerSubscribeFormFactory(this.formBuilder); + + constructor( + private formBuilder: FormBuilder, + private platformUtilsService: PlatformUtilsService, + private i18nService: I18nService, + private organizationApiService: OrganizationApiServiceAbstraction + ) {} + + submit = async () => { + const request = new SecretsManagerSubscribeRequest(); + request.additionalSmSeats = this.formGroup.value.userSeats; + request.additionalServiceAccounts = this.formGroup.value.additionalServiceAccounts; + + await this.organizationApiService.subscribeToSecretsManager(this.organization.id, request); + + this.platformUtilsService.showToast("success", null, this.i18nService.t("subscriptionUpdated")); + + this.onSubscribe.emit(); + }; +} diff --git a/apps/web/src/app/billing/organizations/secrets-manager/sm-subscribe.component.html b/apps/web/src/app/billing/organizations/secrets-manager/sm-subscribe.component.html new file mode 100644 index 00000000000..e0a1f2066ed --- /dev/null +++ b/apps/web/src/app/billing/organizations/secrets-manager/sm-subscribe.component.html @@ -0,0 +1,68 @@ +
+

{{ "moreFromBitwarden" | i18n }}

+
+
+ +
+
+
+

{{ "secretsManagerForPlan" | i18n : planName }}

+
+ {{ "secretsManagerForPlanDesc" | i18n }} +
    +
  • {{ "limitedUsers" | i18n : maxUsers }}
    • +
  • {{ "unlimitedSecrets" | i18n }}
    • +
  • + {{ "projectsIncluded" | i18n : maxProjects }} +
    • + +
  • {{ "unlimitedProjects" | i18n }}
    • +     +
  • {{ "serviceAccountsIncluded" | i18n : serviceAccountsIncluded }}
    • +
  • + {{ + "additionalServiceAccountCost" | i18n : (monthlyCostPerServiceAccount | currency : "$") + }} +
    • +
+
+ +
+ + {{ "costPerUser" | i18n : (monthlyCostPerUser | currency : "$") }} /{{ "month" | i18n }} + + + {{ "freeForever" | i18n }} + +
+ + + + {{ "addSecretsManager" | i18n }} + {{ "addSecretsManagerUpgradeDesc" | i18n }} + + +
+ + {{ "userSeats" | i18n }} + + {{ "userSeatsHowManyDesc" | i18n }} + + + + {{ "additionalServiceAccounts" | i18n }} + + {{ + "additionalServiceAccountsDesc" + | i18n : serviceAccountsIncluded : (monthlyCostPerServiceAccount | currency : "$") + }} + + + +
+
+
diff --git a/apps/web/src/app/billing/organizations/secrets-manager/sm-subscribe.component.ts b/apps/web/src/app/billing/organizations/secrets-manager/sm-subscribe.component.ts new file mode 100644 index 00000000000..ef6b73584aa --- /dev/null +++ b/apps/web/src/app/billing/organizations/secrets-manager/sm-subscribe.component.ts @@ -0,0 +1,104 @@ +import { Component, Input, OnDestroy, OnInit } from "@angular/core"; +import { FormBuilder, FormGroup, Validators } from "@angular/forms"; +import { Subject, startWith, takeUntil } from "rxjs"; + +import { ControlsOf } from "@bitwarden/angular/types/controls-of"; +import { PlanResponse } from "@bitwarden/common/billing/models/response/plan.response"; +import { ProductType } from "@bitwarden/common/enums"; +import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; + +import { SecretsManagerLogo } from "../../../../../../../bitwarden_license/bit-web/src/app/secrets-manager/layout/secrets-manager-logo"; + +export interface SecretsManagerSubscription { + enabled: boolean; + userSeats: number; + additionalServiceAccounts: number; +} + +export const secretsManagerSubscribeFormFactory = ( + formBuilder: FormBuilder +): FormGroup> => + formBuilder.group({ + enabled: [false], + userSeats: [1, [Validators.required, Validators.min(1), Validators.max(100000)]], + additionalServiceAccounts: [ + 0, + [Validators.required, Validators.min(0), Validators.max(100000)], + ], + }); + +@Component({ + selector: "sm-subscribe", + templateUrl: "sm-subscribe.component.html", +}) +export class SecretsManagerSubscribeComponent implements OnInit, OnDestroy { + @Input() formGroup: FormGroup>; + @Input() upgradeOrganization: boolean; + @Input() showSubmitButton = false; + @Input() selectedPlan: PlanResponse; + + logo = SecretsManagerLogo; + productTypes = ProductType; + + private destroy$ = new Subject(); + + constructor(private i18nService: I18nService) {} + + ngOnInit() { + this.formGroup.controls.enabled.valueChanges + .pipe(startWith(this.formGroup.value.enabled), takeUntil(this.destroy$)) + .subscribe((enabled) => { + if (enabled) { + this.formGroup.controls.userSeats.enable(); + this.formGroup.controls.additionalServiceAccounts.enable(); + } else { + this.formGroup.controls.userSeats.disable(); + this.formGroup.controls.additionalServiceAccounts.disable(); + } + }); + } + + ngOnDestroy(): void { + this.destroy$.next(); + this.destroy$.complete(); + } + + get product() { + return this.selectedPlan.product; + } + + get planName() { + switch (this.product) { + case ProductType.Free: + return this.i18nService.t("free2PersonOrganization"); + case ProductType.Teams: + return this.i18nService.t("planNameTeams"); + case ProductType.Enterprise: + return this.i18nService.t("planNameEnterprise"); + } + } + + get serviceAccountsIncluded() { + return this.selectedPlan.baseServiceAccount; + } + + get monthlyCostPerServiceAccount() { + return this.selectedPlan.isAnnual + ? this.selectedPlan.additionalPricePerServiceAccount / 12 + : this.selectedPlan.additionalPricePerServiceAccount; + } + + get maxUsers() { + return this.selectedPlan.maxUsers; + } + + get maxProjects() { + return this.selectedPlan.maxProjects; + } + + get monthlyCostPerUser() { + return this.selectedPlan.isAnnual + ? this.selectedPlan.seatPrice / 12 + : this.selectedPlan.seatPrice; + } +} diff --git a/apps/web/src/app/billing/settings/organization-plans.component.html b/apps/web/src/app/billing/settings/organization-plans.component.html index a7698f1bf2c..dea4e21c9d3 100644 --- a/apps/web/src/app/billing/settings/organization-plans.component.html +++ b/apps/web/src/app/billing/settings/organization-plans.component.html @@ -28,7 +28,7 @@ (ngSubmit)="submit()" [appApiAction]="formPromise" ngNativeValidate - *ngIf="!loading && !selfHosted && this.plans" + *ngIf="!loading && !selfHosted && this.passwordManagerPlans && this.secretsManagerPlans" class="tw-pt-6" > {{ "freeForever" | i18n }} -
+

{{ "users" | i18n }}

@@ -230,7 +230,8 @@ {{ "users" | i18n }}: {{ formGroup.controls["additionalSeats"].value || 0 }} × {{ selectablePlan.seatPrice / 12 | currency : "$" }} × 12 - {{ "monthAbbr" | i18n }} = {{ seatTotal(selectablePlan) | currency : "$" }} /{{ + {{ "monthAbbr" | i18n }} = + {{ seatTotal(selectablePlan, formGroup.value.additionalSeats) | currency : "$" }} /{{ "year" | i18n }} @@ -256,7 +257,9 @@ {{ "users" | i18n }}: {{ formGroup.controls["additionalSeats"].value || 0 }} × {{ selectablePlan.seatPrice | currency : "$" }} {{ "monthAbbr" | i18n }} = - {{ seatTotal(selectablePlan) | currency : "$" }} /{{ "month" | i18n }} + {{ seatTotal(selectablePlan, formGroup.value.additionalSeats) | currency : "$" }} /{{ + "month" | i18n + }} {{ "additionalStorageGb" | i18n }}: @@ -268,8 +271,21 @@
-
-

+

+ + +
+ +
+ + +
+

{{ (createOrganization ? "paymentInformation" : "billingInformation") | i18n }}

@@ -279,8 +295,12 @@
- {{ "planPrice" | i18n }}: {{ subtotal | currency : "USD $" }} + {{ "passwordManagerPlanPrice" | i18n }}: {{ passwordManagerSubtotal | currency : "USD $" }}
+ + {{ "secretsManagerPlanPrice" | i18n }}: {{ secretsManagerSubtotal | currency : "USD $" }} +
+ {{ "estimatedTax" | i18n }}: {{ taxCharges | currency : "USD $" }} diff --git a/apps/web/src/app/billing/settings/organization-plans.component.ts b/apps/web/src/app/billing/settings/organization-plans.component.ts index 363f7bc46bc..577df025ae2 100644 --- a/apps/web/src/app/billing/settings/organization-plans.component.ts +++ b/apps/web/src/app/billing/settings/organization-plans.component.ts @@ -7,7 +7,7 @@ import { Output, ViewChild, } from "@angular/core"; -import { UntypedFormBuilder, Validators } from "@angular/forms"; +import { FormBuilder, Validators } from "@angular/forms"; import { Router } from "@angular/router"; import { Subject, takeUntil } from "rxjs"; @@ -21,8 +21,11 @@ import { OrganizationKeysRequest } from "@bitwarden/common/admin-console/models/ import { OrganizationUpgradeRequest } from "@bitwarden/common/admin-console/models/request/organization-upgrade.request"; import { ProviderOrganizationCreateRequest } from "@bitwarden/common/admin-console/models/request/provider/provider-organization-create.request"; import { PaymentMethodType, PlanType } from "@bitwarden/common/billing/enums"; +import { BitwardenProductType } from "@bitwarden/common/billing/enums/bitwarden-product-type.enum"; import { PlanResponse } from "@bitwarden/common/billing/models/response/plan.response"; import { ProductType } from "@bitwarden/common/enums"; +import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; +import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction"; import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service"; import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; import { LogService } from "@bitwarden/common/platform/abstractions/log.service"; @@ -32,6 +35,8 @@ import { EncString } from "@bitwarden/common/platform/models/domain/enc-string"; import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key"; import { SyncService } from "@bitwarden/common/vault/abstractions/sync/sync.service.abstraction"; +import { secretsManagerSubscribeFormFactory } from "../organizations/secrets-manager/sm-subscribe.component"; + import { PaymentComponent } from "./payment.component"; import { TaxInfoComponent } from "./tax-info.component"; @@ -51,24 +56,29 @@ export class OrganizationPlansComponent implements OnInit, OnDestroy { @Input() showFree = true; @Input() showCancel = false; @Input() acceptingSponsorship = false; + @Input() get product(): ProductType { return this._product; } + set product(product: ProductType) { this._product = product; this.formGroup?.controls?.product?.setValue(product); } + private _product = ProductType.Free; @Input() get plan(): PlanType { return this._plan; } + set plan(plan: PlanType) { this._plan = plan; this.formGroup?.controls?.plan?.setValue(plan); } + private _plan = PlanType.Free; @Input() providerId?: string; @Output() onSuccess = new EventEmitter(); @@ -82,6 +92,9 @@ export class OrganizationPlansComponent implements OnInit, OnDestroy { singleOrgPolicyAppliesToActiveUser = false; isInTrialFlow = false; discount = 0; + showSecretsManagerSubscribe: boolean; + + secretsManagerSubscription = secretsManagerSubscribeFormFactory(this.formBuilder); formGroup = this.formBuilder.group({ name: [""], @@ -94,9 +107,11 @@ export class OrganizationPlansComponent implements OnInit, OnDestroy { businessName: [""], plan: [this.plan], product: [this.product], + secretsManager: this.secretsManagerSubscription, }); - plans: PlanResponse[]; + passwordManagerPlans: PlanResponse[]; + secretsManagerPlans: PlanResponse[]; private destroy$ = new Subject(); @@ -111,8 +126,9 @@ export class OrganizationPlansComponent implements OnInit, OnDestroy { private organizationService: OrganizationService, private logService: LogService, private messagingService: MessagingService, - private formBuilder: UntypedFormBuilder, - private organizationApiService: OrganizationApiServiceAbstraction + private formBuilder: FormBuilder, + private organizationApiService: OrganizationApiServiceAbstraction, + private configService: ConfigServiceAbstraction ) { this.selfHosted = platformUtilsService.isSelfHost(); } @@ -120,7 +136,13 @@ export class OrganizationPlansComponent implements OnInit, OnDestroy { async ngOnInit() { if (!this.selfHosted) { const plans = await this.apiService.getPlans(); - this.plans = plans.data; + this.passwordManagerPlans = plans.data.filter( + (plan) => plan.bitwardenProduct === BitwardenProductType.PasswordManager + ); + this.secretsManagerPlans = plans.data.filter( + (plan) => plan.bitwardenProduct === BitwardenProductType.SecretsManager + ); + if (this.product === ProductType.Enterprise || this.product === ProductType.Teams) { this.formGroup.controls.businessOwned.setValue(true); } @@ -131,12 +153,9 @@ export class OrganizationPlansComponent implements OnInit, OnDestroy { this.changedOwnedBusiness(); } - if (!this.createOrganization || this.acceptingSponsorship) { - this.formGroup.controls.product.setValue(ProductType.Families); - this.changedProduct(); - } - - if (this.createOrganization) { + if (!this.createOrganization) { + this.upgradeFlowPrefillForm(); + } else { this.formGroup.controls.name.addValidators([Validators.required, Validators.maxLength(50)]); this.formGroup.controls.billingEmail.addValidators(Validators.required); } @@ -148,6 +167,11 @@ export class OrganizationPlansComponent implements OnInit, OnDestroy { this.singleOrgPolicyAppliesToActiveUser = policyAppliesToActiveUser; }); + this.showSecretsManagerSubscribe = await this.configService.getFeatureFlagBool( + FeatureFlag.SecretsManagerBilling, + false + ); + this.loading = false; } @@ -165,7 +189,15 @@ export class OrganizationPlansComponent implements OnInit, OnDestroy { } get selectedPlan() { - return this.plans.find((plan) => plan.type === this.formGroup.controls.plan.value); + return this.passwordManagerPlans.find( + (plan) => plan.type === this.formGroup.controls.plan.value + ); + } + + get selectedSecretsManagerPlan() { + return this.secretsManagerPlans.find( + (plan) => plan.type === this.formGroup.controls.plan.value + ); } get selectedPlanInterval() { @@ -173,7 +205,7 @@ export class OrganizationPlansComponent implements OnInit, OnDestroy { } get selectableProducts() { - let validPlans = this.plans.filter((plan) => plan.type !== PlanType.Custom); + let validPlans = this.passwordManagerPlans.filter((plan) => plan.type !== PlanType.Custom); if (this.formGroup.controls.businessOwned.value) { validPlans = validPlans.filter((plan) => plan.canBeUsedByBusiness); @@ -191,7 +223,9 @@ export class OrganizationPlansComponent implements OnInit, OnDestroy { ); if (this.acceptingSponsorship) { - const familyPlan = this.plans.find((plan) => plan.type === PlanType.FamiliesAnnually); + const familyPlan = this.passwordManagerPlans.find( + (plan) => plan.type === PlanType.FamiliesAnnually + ); this.discount = familyPlan.basePrice; validPlans = [familyPlan]; } @@ -200,7 +234,7 @@ export class OrganizationPlansComponent implements OnInit, OnDestroy { } get selectablePlans() { - return this.plans?.filter( + return this.passwordManagerPlans?.filter( (plan) => !plan.legacyYear && !plan.disabled && plan.product === this.formGroup.controls.product.value ); @@ -231,21 +265,32 @@ export class OrganizationPlansComponent implements OnInit, OnDestroy { ); } - seatTotal(plan: PlanResponse): number { + seatTotal(plan: PlanResponse, seats: number): number { if (!plan.hasAdditionalSeatsOption) { return 0; } - return plan.seatPrice * Math.abs(this.formGroup.controls.additionalSeats.value || 0); + return plan.seatPrice * Math.abs(seats || 0); } - get subtotal() { + additionalServiceAccountTotal(plan: PlanResponse): number { + if (!plan.hasAdditionalServiceAccountOption) { + return 0; + } + + return ( + plan.additionalPricePerServiceAccount * + Math.abs(this.secretsManagerForm.value.additionalServiceAccounts || 0) + ); + } + + get passwordManagerSubtotal() { let subTotal = this.selectedPlan.basePrice; if ( this.selectedPlan.hasAdditionalSeatsOption && this.formGroup.controls.additionalSeats.value ) { - subTotal += this.seatTotal(this.selectedPlan); + subTotal += this.seatTotal(this.selectedPlan, this.formGroup.value.additionalSeats); } if ( this.selectedPlan.hasAdditionalStorageOption && @@ -262,18 +307,39 @@ export class OrganizationPlansComponent implements OnInit, OnDestroy { return subTotal - this.discount; } + get secretsManagerSubtotal() { + const plan = this.selectedSecretsManagerPlan; + const formValues = this.secretsManagerForm.value; + + if (!this.planOffersSecretsManager || !formValues.enabled) { + return 0; + } + + let subTotal = plan.basePrice; + if (plan.hasAdditionalSeatsOption && formValues.userSeats) { + subTotal += this.seatTotal(plan, formValues.userSeats); + } + + if (plan.hasAdditionalStorageOption && formValues.additionalServiceAccounts) { + subTotal += this.additionalServiceAccountTotal(this.selectedPlan); + } + + return subTotal; + } + get freeTrial() { return this.selectedPlan.trialPeriodDays != null; } get taxCharges() { return this.taxComponent != null && this.taxComponent.taxRate != null - ? (this.taxComponent.taxRate / 100) * this.subtotal + ? (this.taxComponent.taxRate / 100) * + (this.passwordManagerSubtotal + this.secretsManagerSubtotal) : 0; } get total() { - return this.subtotal + this.taxCharges || 0; + return this.passwordManagerSubtotal + this.secretsManagerSubtotal + this.taxCharges || 0; } get paymentDesc() { @@ -286,6 +352,14 @@ export class OrganizationPlansComponent implements OnInit, OnDestroy { } } + get secretsManagerForm() { + return this.formGroup.controls.secretsManager; + } + + get planOffersSecretsManager() { + return this.selectedSecretsManagerPlan != null; + } + changedProduct() { this.formGroup.controls.plan.setValue(this.selectablePlans[0].type); if (!this.selectedPlan.hasPremiumAccessOption) { @@ -303,6 +377,14 @@ export class OrganizationPlansComponent implements OnInit, OnDestroy { ) { this.formGroup.controls.additionalSeats.setValue(1); } + + if (this.planOffersSecretsManager) { + this.secretsManagerForm.enable(); + } else { + this.secretsManagerForm.disable(); + } + + this.secretsManagerForm.updateValueAndValidity(); } changedOwnedBusiness() { @@ -407,6 +489,9 @@ export class OrganizationPlansComponent implements OnInit, OnDestroy { request.billingAddressCountry = this.taxComponent.taxInfo.country; request.billingAddressPostalCode = this.taxComponent.taxInfo.postalCode; + // Secrets Manager + this.buildSecretsManagerRequest(request); + // Retrieve org info to backfill pub/priv key if necessary const org = await this.organizationService.get(this.organizationId); if (!org.hasPublicAndPrivateKeys) { @@ -462,6 +547,9 @@ export class OrganizationPlansComponent implements OnInit, OnDestroy { } } + // Secrets Manager + this.buildSecretsManagerRequest(request); + if (this.providerId) { const providerRequest = new ProviderOrganizationCreateRequest( this.formGroup.controls.clientOwnerEmail.value, @@ -517,4 +605,40 @@ export class OrganizationPlansComponent implements OnInit, OnDestroy { return text; } + + private buildSecretsManagerRequest( + request: OrganizationCreateRequest | OrganizationUpgradeRequest + ): void { + const formValues = this.secretsManagerForm.value; + + request.useSecretsManager = this.planOffersSecretsManager && formValues.enabled; + + if (!request.useSecretsManager) { + return; + } + + if (this.selectedSecretsManagerPlan.hasAdditionalSeatsOption) { + request.additionalSmSeats = formValues.userSeats; + } + + if (this.selectedSecretsManagerPlan.hasAdditionalServiceAccountOption) { + request.additionalServiceAccounts = formValues.additionalServiceAccounts; + } + } + + private upgradeFlowPrefillForm() { + if (this.acceptingSponsorship) { + this.formGroup.controls.product.setValue(ProductType.Families); + this.changedProduct(); + return; + } + + // If they already have SM enabled, bump them up to Teams and enable SM to maintain this access + const organization = this.organizationService.get(this.organizationId); + if (organization.useSecretsManager) { + this.formGroup.controls.product.setValue(ProductType.Teams); + this.secretsManagerForm.controls.enabled.setValue(true); + this.changedProduct(); + } + } } diff --git a/apps/web/src/app/core/init.service.ts b/apps/web/src/app/core/init.service.ts index 60eeeeea18b..4a2ef2f4955 100644 --- a/apps/web/src/app/core/init.service.ts +++ b/apps/web/src/app/core/init.service.ts @@ -38,11 +38,15 @@ export class InitService { init() { return async () => { + // Workaround to ignore stateService.activeAccount until process.env.URLS are set + // TODO: Remove this when implementing ticket PM-2637 + this.environmentService.initialized = false; await this.stateService.init(); const urls = process.env.URLS as Urls; urls.base ??= this.win.location.origin; this.environmentService.setUrls(urls); + this.environmentService.initialized = true; setTimeout(() => this.notificationsService.init(), 3000); (this.vaultTimeoutService as VaultTimeoutService).init(true); diff --git a/apps/web/src/app/shared/loose-components.module.ts b/apps/web/src/app/shared/loose-components.module.ts index c17cf5c76bf..cf9a43915a0 100644 --- a/apps/web/src/app/shared/loose-components.module.ts +++ b/apps/web/src/app/shared/loose-components.module.ts @@ -50,6 +50,7 @@ import { UpdatePasswordComponent } from "../auth/update-password.component"; import { UpdateTempPasswordComponent } from "../auth/update-temp-password.component"; import { VerifyEmailTokenComponent } from "../auth/verify-email-token.component"; import { VerifyRecoverDeleteComponent } from "../auth/verify-recover-delete.component"; +import { SecretsManagerBillingModule } from "../billing/organizations/secrets-manager/sm-billing.module"; import { AddCreditComponent } from "../billing/settings/add-credit.component"; import { AdjustPaymentComponent } from "../billing/settings/adjust-payment.component"; import { BillingHistoryViewComponent } from "../billing/settings/billing-history-view.component"; @@ -123,6 +124,9 @@ import { SharedModule } from "./shared.module"; ChangeKdfModule, DynamicAvatarComponent, AccountFingerprintComponent, + + // To be removed when OrganizationPlansComponent is moved to its own module (see AC-1453) + SecretsManagerBillingModule, ], declarations: [ PremiumBadgeComponent, diff --git a/apps/web/src/app/vault/individual-vault/vault.component.ts b/apps/web/src/app/vault/individual-vault/vault.component.ts index 176fb3fcb36..6e07915662a 100644 --- a/apps/web/src/app/vault/individual-vault/vault.component.ts +++ b/apps/web/src/app/vault/individual-vault/vault.component.ts @@ -38,7 +38,6 @@ import { OrganizationService } from "@bitwarden/common/admin-console/abstraction import { Organization } from "@bitwarden/common/admin-console/models/domain/organization"; import { TokenService } from "@bitwarden/common/auth/abstractions/token.service"; import { DEFAULT_PBKDF2_ITERATIONS, EventType, KdfType } from "@bitwarden/common/enums"; -import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; import { ServiceUtils } from "@bitwarden/common/misc/serviceUtils"; import { TreeNode } from "@bitwarden/common/models/domain/tree-node"; import { BroadcasterService } from "@bitwarden/common/platform/abstractions/broadcaster.service"; @@ -857,17 +856,9 @@ export class VaultComponent implements OnInit, OnDestroy { } async isLowKdfIteration() { - const showLowKdfEnabled = await this.configService.getFeatureFlagBool( - FeatureFlag.DisplayLowKdfIterationWarningFlag - ); - - if (showLowKdfEnabled) { - const kdfType = await this.stateService.getKdfType(); - const kdfOptions = await this.stateService.getKdfConfig(); - return kdfType === KdfType.PBKDF2_SHA256 && kdfOptions.iterations < DEFAULT_PBKDF2_ITERATIONS; - } - - return showLowKdfEnabled; + const kdfType = await this.stateService.getKdfType(); + const kdfOptions = await this.stateService.getKdfConfig(); + return kdfType === KdfType.PBKDF2_SHA256 && kdfOptions.iterations < DEFAULT_PBKDF2_ITERATIONS; } protected async repromptCipher(ciphers: CipherView[]) { diff --git a/apps/web/src/locales/da/messages.json b/apps/web/src/locales/da/messages.json index 0ae0562ced3..4ca36d6c24c 100644 --- a/apps/web/src/locales/da/messages.json +++ b/apps/web/src/locales/da/messages.json @@ -658,7 +658,7 @@ "message": "Hovedadgangskoden er den adgangskode, du bruger, når du tilgår din boks. Det er meget vigtigt, at hovedadgangskoden ikke glemmes, da der ikke er nogen måde, hvorpå den kan genoprettes." }, "masterPassImportant": { - "message": "Hovedadgangskoder kan ikke gendannes, hvis du glemmer dem!" + "message": "Hovedadgangskoden kan ikke gendannes, hvis den glemmes!" }, "masterPassHintDesc": { "message": "Et hovedadgangskodetip kan bidrage til at komme i tanke om adgangskoden, hvis den glemmes." @@ -5231,7 +5231,7 @@ "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Connect login with SSO to your self-hosted decryption key server. Using this option, members won’t need to use their master passwords to decrypt vault data. The require SSO authentication and single organization policies are required to set up Key Connector decryption. Contact Bitwarden Support for set up assistance.'" }, "memberDecryptionKeyConnectorDescLink": { - "message": "require SSO authentication and single organization policies", + "message": "kræver SSO-godkendelse samt enkeltorganisationspolitikker", "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Connect login with SSO to your self-hosted decryption key server. Using this option, members won’t need to use their master passwords to decrypt vault data. The require SSO authentication and single organization policies are required to set up Key Connector decryption. Contact Bitwarden Support for set up assistance.'" }, "memberDecryptionKeyConnectorDescEnd": { diff --git a/apps/web/src/locales/en/messages.json b/apps/web/src/locales/en/messages.json index edc1d37ce28..da48423900e 100644 --- a/apps/web/src/locales/en/messages.json +++ b/apps/web/src/locales/en/messages.json @@ -6908,26 +6908,62 @@ "removeMembersWithoutMasterPasswordWarning": { "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account." }, - "passwordManager": { - "message": "Password Manager" + "secretsManagerForPlan": { + "message": "Secrets Manager for $PLAN$", + "placeholders": { + "plan": { + "content": "$1", + "example": "Teams" + } + } }, - "freeOrganization": { - "message": "Free Organization" + "secretsManagerForPlanDesc": { + "message": "For engineering and DevOps teams to manage secrets throughout the software development lifecycle." + }, + "free2PersonOrganization": { + "message": "Free 2-person Organizations" + }, + "unlimitedSecrets": { + "message": "Unlimited secrets" + }, + "unlimitedProjects": { + "message": "Unlimited projects" + }, + "projectsIncluded": { + "message": "$COUNT$ projects included", + "placeholders": { + "count": { + "content": "$1", + "example": "3" + } + } + }, + "serviceAccountsIncluded": { + "message": "$COUNT$ service accounts included", + "placeholders": { + "count": { + "content": "$1", + "example": "3" + } + } + }, + "additionalServiceAccountCost": { + "message": "$COST$ per month for additional service accounts", + "placeholders": { + "cost": { + "content": "$1", + "example": "$0.50" + } + } + }, + "addSecretsManager": { + "message": "Add Secrets Manager" + }, + "addSecretsManagerUpgradeDesc": { + "message": "Add Secrets Manager to your upgraded plan to maintain access to any secrets created with your previous plan." }, "additionalServiceAccounts": { - "message": "Additional Service Accounts" - }, - "limitServiceAccounts": { - "message": "Limit service accounts (optional)" - }, - "limitServiceAccountsDesc": { - "message": "Set a limit for your service accounts. Once this limit is reached, you will not be able to create new service accounts." - }, - "serviceAccountLimit": { - "message": "Service account limit (optional)" - }, - "maxServiceAccountCost": { - "message": "Max potential service account cost" + "message": "Additional service accounts" }, "additionalServiceAccountsDesc": { "message": "Your plan comes with $COUNT$ service accounts. You can add additional service accounts for $COST$ per month.", @@ -6941,5 +6977,29 @@ "example": "$0.50" } } + }, + "passwordManagerPlanPrice": { + "message": "Password Manager plan price" + }, + "secretsManagerPlanPrice": { + "message": "Secrets Manager plan price" + }, + "passwordManager": { + "message": "Password Manager" + }, + "freeOrganization": { + "message": "Free Organization" + }, + "limitServiceAccounts": { + "message": "Limit service accounts (optional)" + }, + "limitServiceAccountsDesc": { + "message": "Set a limit for your service accounts. Once this limit is reached, you will not be able to create new service accounts." + }, + "serviceAccountLimit": { + "message": "Service account limit (optional)" + }, + "maxServiceAccountCost": { + "message": "Max potential service account cost" } } diff --git a/apps/web/src/locales/fi/messages.json b/apps/web/src/locales/fi/messages.json index 2302822a165..8642902010c 100644 --- a/apps/web/src/locales/fi/messages.json +++ b/apps/web/src/locales/fi/messages.json @@ -6553,7 +6553,7 @@ "message": "Laskutuksen synkronoinnin ohje" }, "licensePaidFeaturesHelp": { - "message": "Maksullisen lisenssin oiminaisuusopas" + "message": "Maksullisen lisenssin ominaisuusopas" }, "selfHostGracePeriodHelp": { "message": "Kun tilauksesi päättyy, sinulla on 60 päivää aikaa päivittää organisaatiosi lisenssitiedosto ajan tasalle. Varoaika päättyy $GRACE_PERIOD_END_DATE$.", @@ -6830,7 +6830,7 @@ "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Once authenticated, members will decrypt vault data using a key stored on their device. The master password reset policy with automatic enrollment will turn on when this option is used.'" }, "notFound": { - "message": "$RESOURCE$ ei löytynyt", + "message": "Resurssia $RESOURCE$ ei löytynyt", "placeholders": { "resource": { "content": "$1", diff --git a/apps/web/src/locales/fr/messages.json b/apps/web/src/locales/fr/messages.json index dcac82ba594..e6b92524ae6 100644 --- a/apps/web/src/locales/fr/messages.json +++ b/apps/web/src/locales/fr/messages.json @@ -574,7 +574,7 @@ "message": "Êtes-vous sûr de vouloir écraser le mot de passe actuel ?" }, "editedFolder": { - "message": "Dossier modifié" + "message": "Dossier enregistré" }, "addedFolder": { "message": "Dossier ajouté" @@ -634,7 +634,7 @@ "message": "Commencer la Période d'Essai" }, "logIn": { - "message": "S'identifier" + "message": "Se connecter" }, "logInInitiated": { "message": "Connexion initiée" @@ -676,7 +676,7 @@ "message": "Paramètres" }, "passwordHint": { - "message": "Indice du mot de passe" + "message": "Indice de mot de passe" }, "enterEmailToGetHint": { "message": "Saisissez l'adresse électronique de votre compte pour recevoir l'indice de votre mot de passe principal." @@ -6900,6 +6900,6 @@ "message": "Aucun mot de passe principal" }, "removeMembersWithoutMasterPasswordWarning": { - "message": "La suppression des membres qui n'ont pas de mot de passe principal sans leur en définir un, peut restreindre l'accès à leur compte dans soin intégralité." + "message": "La suppression des membres qui n'ont pas de mot de passe principal sans leur en définir un, peut restreindre l'accès à leur compte dans son intégralité." } } diff --git a/apps/web/src/locales/it/messages.json b/apps/web/src/locales/it/messages.json index c2c81e9ef6f..df18adc0e4c 100644 --- a/apps/web/src/locales/it/messages.json +++ b/apps/web/src/locales/it/messages.json @@ -6849,7 +6849,7 @@ "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing." }, "deviceApprovals": { - "message": "Approvazioni dispositivi" + "message": "Approva dispositivi" }, "deviceApprovalsDesc": { "message": "Approva le richieste di accesso qui sotto per consentire ai membri di completare l'accesso. Le richieste non approvate scadono dopo 1 settimana. Verifica le informazioni del membro prima di approvare." @@ -6870,7 +6870,7 @@ "message": "Approva richiesta" }, "noDeviceRequests": { - "message": "Nessuna richiesta dispositivo" + "message": "Nessuna richiesta da approvare" }, "noDeviceRequestsDesc": { "message": "Le richieste di approvazione dei dispositivi dei membri appariranno qui" diff --git a/apps/web/src/locales/pt_PT/messages.json b/apps/web/src/locales/pt_PT/messages.json index 673ae54a9c7..4c6654245a2 100644 --- a/apps/web/src/locales/pt_PT/messages.json +++ b/apps/web/src/locales/pt_PT/messages.json @@ -1001,7 +1001,7 @@ "message": "Confirmar a palavra-passe do ficheiro" }, "accountRestrictedOptionDescription": { - "message": "Use your account encryption key, derived from your account's username and Master Password, to encrypt the export and restrict import to only the current Bitwarden account." + "message": "Utilize a chave de encriptação da sua conta, derivada do nome de utilizador e da palavra-passe mestra da sua conta, para encriptar a exportação e restringir a importação apenas à conta Bitwarden atual." }, "passwordProtectedOptionDescription": { "message": "Defina uma palavra-passe do ficheiro para encriptar a exportação e importe-a para qualquer conta Bitwarden utilizando a palavra-passe de desencriptação." @@ -1256,7 +1256,7 @@ "message": "Dados importados com sucesso" }, "importSuccessNumberOfItems": { - "message": "A total of $AMOUNT$ items were imported.", + "message": "Foi importado um total de $AMOUNT$ itens.", "placeholders": { "amount": { "content": "$1", @@ -1919,7 +1919,7 @@ } }, "premiumPriceWithFamilyPlan": { - "message": "Go premium for just $PRICE$ /year, or get premium accounts for $FAMILYPLANUSERCOUNT$ users and unlimited family sharing with a ", + "message": "Adquira uma conta Premium por apenas $PRICE$ /ano, ou obtenha contas Premium para $FAMILYPLANUSERCOUNT$ utilizadores e partilha familiar ilimitada com um ", "placeholders": { "price": { "content": "$1", @@ -1932,7 +1932,7 @@ } }, "bitwardenFamiliesPlan": { - "message": "Bitwarden Families plan." + "message": "plano Familiar do Bitwarden." }, "addons": { "message": "Addons" @@ -2029,7 +2029,7 @@ "message": "Cancelar subscrição" }, "subscriptionExpiration": { - "message": "Subscription expiration" + "message": "Validade da subscrição" }, "subscriptionCanceled": { "message": "A subscrição foi cancelada." @@ -2265,7 +2265,7 @@ } }, "planNameFamilies": { - "message": "Famílias" + "message": "Familiar" }, "planDescFamilies": { "message": "Para uso pessoal, para partilhar com a família e amigos." @@ -2472,7 +2472,7 @@ "message": "Tem a certeza de que pretende eliminar este grupo?" }, "deleteMultipleGroupsConfirmation": { - "message": "Are you sure you want to delete the following $QUANTITY$ group(s)?", + "message": "Tem a certeza de que pretende eliminar o(s) seguinte(s) $QUANTITY$ grupo(s)?", "placeholders": { "quantity": { "content": "$1", @@ -2532,7 +2532,7 @@ "message": "Editar membro" }, "fieldOnTabRequiresAttention": { - "message": "A field on the '$TAB$' tab requires your attention.", + "message": "Um campo no separador '$TAB$' precisa da sua atenção.", "placeholders": { "tab": { "content": "$1", @@ -2823,7 +2823,7 @@ } }, "deletedCollections": { - "message": "Deleted collections" + "message": "Coleções eliminadas" }, "deletedCollectionId": { "message": "Coleção $ID$ eliminada.", @@ -2871,7 +2871,7 @@ } }, "deletedManyGroups": { - "message": "Deleted $QUANTITY$ group(s).", + "message": "$QUANTITY$ grupo(s) eliminados.", "placeholders": { "quantity": { "content": "$1", @@ -3363,7 +3363,7 @@ } }, "subscriptionFreePlan": { - "message": "You cannot invite more than $COUNT$ members without upgrading your plan.", + "message": "Não pode convidar mais do que $COUNT$ membros sem atualizar o seu plano.", "placeholders": { "count": { "content": "$1", @@ -3372,7 +3372,7 @@ } }, "subscriptionFamiliesPlan": { - "message": "You cannot invite more than $COUNT$ members without upgrading your plan. Please contact Customer Support to upgrade.", + "message": "Não pode convidar mais do que $COUNT$ membros sem atualizar o seu plano. Contacte o Apoio ao cliente para atualizar.", "placeholders": { "count": { "content": "$1", @@ -3381,7 +3381,7 @@ } }, "subscriptionSponsoredFamiliesPlan": { - "message": "Your subscription allows for a total of $COUNT$ members. Your plan is sponsored and billed to an external organization.", + "message": "A sua subscrição permite um total de $COUNT$ membros. O seu plano é patrocinado e faturado por uma organização externa.", "placeholders": { "count": { "content": "$1", @@ -5443,7 +5443,7 @@ "message": "Histórico de faturação" }, "backToReports": { - "message": "Back to reports" + "message": "Voltar aos relatórios" }, "organizationPicker": { "message": "Organization picker" @@ -5503,7 +5503,7 @@ "message": "Palavra aleatória" }, "service": { - "message": "Service" + "message": "Serviço" }, "unknownCipher": { "message": "Item desconhecido, poderá ser necessário pedir autorização para aceder a este item." @@ -5961,7 +5961,7 @@ "message": "A eliminação de contas de serviço é permanente e irreversível." }, "deleteServiceAccountsConfirmMessage": { - "message": "Delete $COUNT$ service accounts", + "message": "Eliminar $COUNT$ contas de serviço", "placeholders": { "count": { "content": "$1", @@ -5970,13 +5970,13 @@ } }, "deleteServiceAccountToast": { - "message": "Service account deleted" + "message": "Conta de serviço eliminada" }, "deleteServiceAccountsToast": { - "message": "Service accounts deleted" + "message": "Contas de serviço eliminadas" }, "searchServiceAccounts": { - "message": "Search service accounts", + "message": "Procurar contas de serviço", "description": "Placeholder text for searching service accounts." }, "editServiceAccount": { @@ -6071,7 +6071,7 @@ } }, "deleteProjectInputLabel": { - "message": "Type \"$CONFIRM$\" to continue", + "message": "Escreva \"$CONFIRM$\" para continuar", "description": "Users are prompted to type 'confirm' to delete a project", "placeholders": { "confirm": { @@ -6081,7 +6081,7 @@ } }, "deleteProjectConfirmMessage": { - "message": "Delete $PROJECT$", + "message": "Eliminar $PROJECT$", "description": "Confirmation prompt to delete a specific project, where '$PROJECT$' is a placeholder for the name of the project.", "placeholders": { "project": { @@ -6091,7 +6091,7 @@ } }, "deleteProjectsConfirmMessage": { - "message": "Delete $COUNT$ Projects", + "message": "Eliminar $COUNT$ projetos", "description": "Confirmation prompt to delete multiple projects, where '$COUNT$' is a placeholder for the number of projects to be deleted.", "placeholders": { "count": { @@ -6113,22 +6113,22 @@ "description": "Message to be displayed when there are no projects to display in the list." }, "smConfirmationRequired": { - "message": "Confirmation required", + "message": "Confirmação necessária", "description": "Indicates that user confirmation is required for an action to proceed." }, "bulkDeleteProjectsErrorMessage": { - "message": "The following projects could not be deleted:", + "message": "Os seguintes projetos não puderam ser eliminados:", "description": "Message to be displayed when there is an error during bulk project deletion." }, "softDeleteSuccessToast": { - "message": "Secret sent to trash", + "message": "Segredo movido para o lixo", "description": "Notification to be displayed when a secret is successfully sent to the trash." }, "hardDeleteSuccessToast": { - "message": "Secret permanently deleted" + "message": "Segredo eliminado permanentemente" }, "accessTokens": { - "message": "Access tokens", + "message": "Tokens de acesso", "description": "Title for the section displaying access tokens." }, "newAccessToken": { @@ -6136,7 +6136,7 @@ "description": "Button label for creating a new access token." }, "expires": { - "message": "Expires", + "message": "Expira a", "description": "Label for the expiration date of an access token." }, "canRead": { @@ -6144,11 +6144,11 @@ "description": "Label for the access level of an access token (Read only)." }, "accessTokensNoItemsTitle": { - "message": "No access tokens to show", + "message": "Sem tokens de acesso para mostrar", "description": "Title to be displayed when there are no access tokens to display in the list." }, "accessTokensNoItemsDesc": { - "message": "To get started, create an access token", + "message": "Para começar, crie um token de acesso", "description": "Message to be displayed when there are no access tokens to display in the list." }, "downloadAccessToken": { @@ -6156,7 +6156,7 @@ "description": "Message to be displayed before closing an access token, reminding the user to download or copy it." }, "expiresOnAccessToken": { - "message": "Expires on:", + "message": "Expira a:", "description": "Label for the expiration date of an access token." }, "accessTokenCallOutTitle": { @@ -6164,15 +6164,15 @@ "description": "Notification to inform the user that access tokens are only displayed once and cannot be retrieved again." }, "copyToken": { - "message": "Copy token", + "message": "Copiar token", "description": "Copies the generated access token to the user's clipboard." }, "accessToken": { - "message": "Access token", + "message": "Token de acesso", "description": "A unique string that gives a client application (eg. CLI) access to a secret or set of secrets." }, "accessTokenExpirationRequired": { - "message": "Expiration date required", + "message": "Data de validade necessária", "description": "Error message indicating that an expiration date for the access token must be set." }, "accessTokenCreatedAndCopied": { @@ -6226,7 +6226,7 @@ } }, "groupInfo": { - "message": "Group info" + "message": "Informações do grupo" }, "editGroupMembersDesc": { "message": "Grant members access to the group's assigned collections." @@ -6241,22 +6241,22 @@ "message": "If checked, this will replace all other collection permissions." }, "selectMembers": { - "message": "Select members" + "message": "Selecionar membros" }, "selectCollections": { - "message": "Select collections" + "message": "Selecionar coleções" }, "role": { "message": "Função" }, "removeMember": { - "message": "Remove member" + "message": "Remover membro" }, "collection": { - "message": "Collection" + "message": "Coleção" }, "noCollection": { - "message": "No collection" + "message": "Sem coleções" }, "canView": { "message": "Pode ver" @@ -6271,7 +6271,7 @@ "message": "Pode editar, excepto palavras-passe" }, "noCollectionsAdded": { - "message": "No collections added" + "message": "Sem coleções adicionadas" }, "noMembersAdded": { "message": "No members added" @@ -6364,28 +6364,28 @@ } }, "domainStatusVerified": { - "message": "Verified" + "message": "Verificado" }, "domainStatusUnverified": { - "message": "Unverified" + "message": "Não verificado" }, "domainNameTh": { - "message": "Name" + "message": "Nome" }, "domainStatusTh": { - "message": "Status" + "message": "Estado" }, "lastChecked": { "message": "Last checked" }, "editDomain": { - "message": "Edit domain" + "message": "Editar domínio" }, "domainFormInvalid": { "message": "There are form errors that need your attention" }, "addedDomain": { - "message": "Added domain $DOMAIN$", + "message": "Domínio $DOMAIN$ adicionado", "placeholders": { "DOMAIN": { "content": "$1", @@ -6421,16 +6421,16 @@ } }, "membersColumnHeader": { - "message": "Member/Group" + "message": "Membro/Grupo" }, "groupAndMemberColumnHeader": { - "message": "Member" + "message": "Membro" }, "selectGroupsAndMembers": { - "message": "Select groups and members" + "message": "Selecionar grupos e membros" }, "selectGroups": { - "message": "Select groups" + "message": "Selecionar grupos" }, "userPermissionOverrideHelper": { "message": "Permissions set for a member will replace permissions set by that member's group" @@ -6439,13 +6439,13 @@ "message": "No members or groups added" }, "deleted": { - "message": "Deleted" + "message": "Eliminado" }, "memberStatusFilter": { "message": "Member status filter" }, "inviteMember": { - "message": "Invite member" + "message": "Convidar membro" }, "needsConfirmation": { "message": "Needs confirmation" @@ -6496,10 +6496,10 @@ } }, "server": { - "message": "Server" + "message": "Servidor" }, "exportData": { - "message": "Export data" + "message": "Exportar dados" }, "exportingOrganizationSecretDataTitle": { "message": "Exporting Organization Secret Data" @@ -6619,13 +6619,13 @@ "message": "This user can access the Secrets Manager Beta" }, "important": { - "message": "Important:" + "message": "Importante:" }, "viewAll": { - "message": "View all" + "message": "Ver tudo" }, "showingPortionOfTotal": { - "message": "Showing $PORTION$ of $TOTAL$", + "message": "A mostrar $PORTION$ de $TOTAL$", "placeholders": { "portion": { "content": "$1", @@ -6638,16 +6638,16 @@ } }, "resolveTheErrorsBelowAndTryAgain": { - "message": "Resolve the errors below and try again." + "message": "Resolva os erros abaixo e tente novamente." }, "description": { - "message": "Description" + "message": "Descrição" }, "errorReadingImportFile": { - "message": "An error occurred when trying to read the import file" + "message": "Ocorreu um erro ao tentar ler o ficheiro de importação" }, "accessedSecret": { - "message": "Accessed secret $SECRET_ID$.", + "message": "Segredo $SECRET_ID$ acedido.", "placeholders": { "secret_id": { "content": "$1", @@ -6660,29 +6660,29 @@ "description": "Software Development Kit" }, "createSecret": { - "message": "Create a secret" + "message": "Criar um segredo" }, "createProject": { - "message": "Create a project" + "message": "Criar um projeto" }, "createServiceAccount": { - "message": "Create a service account" + "message": "Criar uma conta de serviço" }, "downloadThe": { - "message": "Download the", + "message": "Descarregar o", "description": "Link to a downloadable resource. This will be used as part of a larger phrase. Example: Download the Secrets Manager CLI" }, "smCLI": { - "message": "Secrets Manager CLI" + "message": "gestor de segredos CLI" }, "importSecrets": { - "message": "Import secrets" + "message": "Importar segredos" }, "getStarted": { - "message": "Get started" + "message": "Começar" }, "complete": { - "message": "$COMPLETED$/$TOTAL$ Complete", + "message": "$COMPLETED$/$TOTAL$ concluídos", "placeholders": { "COMPLETED": { "content": "$1", @@ -6695,25 +6695,25 @@ } }, "restoreSecret": { - "message": "Restore secret" + "message": "Restaurar segredo" }, "restoreSecrets": { - "message": "Restore secrets" + "message": "Restaurar segredos" }, "restoreSecretPrompt": { - "message": "Are you sure you want to restore this secret?" + "message": "Tem a certeza de que quer recuperar este segredo?" }, "restoreSecretsPrompt": { - "message": "Are you sure you want to restore these secrets?" + "message": "Tem a certeza de que quer recuperar estes segredos?" }, "secretRestoredSuccessToast": { - "message": "Secret restored" + "message": "Segredo restaurado" }, "secretsRestoredSuccessToast": { - "message": "Secrets restored" + "message": "Segredos restaurados" }, "selectionIsRequired": { - "message": "Selection is required." + "message": "É necessária uma seleção." }, "secretsManagerSubscriptionDesc": { "message": "Turn on organization access to the Secrets Manager at no charge during the Beta program. Users can be granted access to the Beta in Members." @@ -6740,25 +6740,25 @@ "message": "This action will remove your access to the service account." }, "removeAccess": { - "message": "Remove access" + "message": "Remover acesso" }, "checkForBreaches": { - "message": "Check known data breaches for this password" + "message": "Verificar violações de dados conhecidas para esta palavra-passe" }, "exposedMasterPassword": { - "message": "Exposed Master Password" + "message": "Palavra-passe mestra exposta" }, "exposedMasterPasswordDesc": { - "message": "Password found in a data breach. Use a unique password to protect your account. Are you sure you want to use an exposed password?" + "message": "Palavra-passe encontrada numa violação de dados. Utilize uma palavra-passe única para proteger a sua conta. Tem a certeza de que pretende utilizar uma palavra-passe exposta?" }, "weakAndExposedMasterPassword": { - "message": "Weak and Exposed Master Password" + "message": "Palavra-passe mestra fraca e exposta" }, "weakAndBreachedMasterPasswordDesc": { - "message": "Weak password identified and found in a data breach. Use a strong and unique password to protect your account. Are you sure you want to use this password?" + "message": "Palavra-passe fraca identificada e encontrada numa violação de dados. Utilize uma palavra-passe forte e única para proteger a sua conta. Tem a certeza de que pretende utilizar esta palavra-passe?" }, "characterMinimum": { - "message": "$LENGTH$ character minimum", + "message": "$LENGTH$ caracteres no mínimo", "placeholders": { "length": { "content": "$1", @@ -6783,14 +6783,14 @@ "message": "Dispensar" }, "notAvailableForFreeOrganization": { - "message": "This feature is not available for free organizations. Contact your organization owner to upgrade." + "message": "Esta funcionalidade não está disponível para organizações gratuitas. Contacte o proprietário da organização para atualizar." }, "smProjectSecretsNoItemsNoAccess": { - "message": "Contact your organization's admin to manage secrets for this project.", + "message": "Contacte o administrador da sua organização para gerir os segredos deste projeto.", "description": "The message shown to the user under a project's secrets tab when the user only has read access to the project." }, "enforceOnLoginDesc": { - "message": "Require existing members to change their passwords" + "message": "Exigir que os membros existentes alterem as suas palavras-passe" }, "region": { "message": "Região" @@ -6804,18 +6804,18 @@ "description": "United States" }, "smProjectDeleteAccessRestricted": { - "message": "You don't have permissions to delete this project", + "message": "Não tem permissões para eliminar este projeto", "description": "The individual description shown to the user when the user doesn't have access to delete a project." }, "smProjectsDeleteBulkConfirmation": { - "message": "The following projects can not be deleted. Would you like to continue?", + "message": "Os seguintes projetos não podem ser eliminados. Gostaria de continuar?", "description": "The message shown to the user when bulk deleting projects and the user doesn't have access to some projects." }, "updateKdfSettings": { - "message": "Update KDF settings" + "message": "Atualizar definições KDF" }, "trustedDeviceEncryption": { - "message": "Trusted device encryption" + "message": "Encriptação de dispositivo de confiança" }, "memberDecryptionTdeDescriptionStart": { "message": "Uma vez autenticados, os membros desencriptam os dados do cofre utilizando uma chave armazenada no seu dispositivo. A", diff --git a/libs/angular/src/auth/components/environment-selector.component.ts b/libs/angular/src/auth/components/environment-selector.component.ts index 7989e0f2ca3..d622b4c6dbd 100644 --- a/libs/angular/src/auth/components/environment-selector.component.ts +++ b/libs/angular/src/auth/components/environment-selector.component.ts @@ -88,11 +88,10 @@ export class EnvironmentSelectorComponent implements OnInit, OnDestroy { } async updateEnvironmentInfo() { + this.selectedEnvironment = this.environmentService.selectedRegion; this.euServerFlagEnabled = await this.configService.getFeatureFlagBool( FeatureFlag.DisplayEuEnvironmentFlag ); - - this.selectedEnvironment = this.environmentService.selectedRegion; } close() { diff --git a/libs/common/src/admin-console/abstractions/organization/organization-api.service.abstraction.ts b/libs/common/src/admin-console/abstractions/organization/organization-api.service.abstraction.ts index 93f4de2ffdf..c6ce62f232b 100644 --- a/libs/common/src/admin-console/abstractions/organization/organization-api.service.abstraction.ts +++ b/libs/common/src/admin-console/abstractions/organization/organization-api.service.abstraction.ts @@ -6,6 +6,7 @@ import { OrganizationSsoResponse } from "../../../auth/models/response/organizat import { OrganizationSubscriptionUpdateRequest } from "../../../billing/models/request/organization-subscription-update.request"; import { OrganizationTaxInfoUpdateRequest } from "../../../billing/models/request/organization-tax-info-update.request"; import { PaymentRequest } from "../../../billing/models/request/payment.request"; +import { SecretsManagerSubscribeRequest } from "../../../billing/models/request/sm-subscribe.request"; import { BillingResponse } from "../../../billing/models/response/billing.response"; import { OrganizationSubscriptionResponse } from "../../../billing/models/response/organization-subscription.response"; import { PaymentResponse } from "../../../billing/models/response/payment.response"; @@ -16,7 +17,6 @@ import { StorageRequest } from "../../../models/request/storage.request"; import { VerifyBankRequest } from "../../../models/request/verify-bank.request"; import { ListResponse } from "../../../models/response/list.response"; import { OrganizationApiKeyType } from "../../enums"; -import { OrganizationEnrollSecretsManagerRequest } from "../../models/request/organization/organization-enroll-secrets-manager.request"; import { OrganizationCreateRequest } from "../../models/request/organization-create.request"; import { OrganizationKeysRequest } from "../../models/request/organization-keys.request"; import { OrganizationUpdateRequest } from "../../models/request/organization-update.request"; @@ -37,7 +37,10 @@ export class OrganizationApiServiceAbstraction { save: (id: string, request: OrganizationUpdateRequest) => Promise; updatePayment: (id: string, request: PaymentRequest) => Promise; upgrade: (id: string, request: OrganizationUpgradeRequest) => Promise; - updateSubscription: (id: string, request: OrganizationSubscriptionUpdateRequest) => Promise; + updatePasswordManagerSeats: ( + id: string, + request: OrganizationSubscriptionUpdateRequest + ) => Promise; updateSeats: (id: string, request: SeatRequest) => Promise; updateStorage: (id: string, request: StorageRequest) => Promise; verifyBank: (id: string, request: VerifyBankRequest) => Promise; @@ -60,8 +63,5 @@ export class OrganizationApiServiceAbstraction { getSso: (id: string) => Promise; updateSso: (id: string, request: OrganizationSsoRequest) => Promise; selfHostedSyncLicense: (id: string) => Promise; - updateEnrollSecretsManager: ( - id: string, - request: OrganizationEnrollSecretsManagerRequest - ) => Promise; + subscribeToSecretsManager: (id: string, request: SecretsManagerSubscribeRequest) => Promise; } diff --git a/libs/common/src/admin-console/models/request/organization-create.request.ts b/libs/common/src/admin-console/models/request/organization-create.request.ts index 616c37c00ca..729cf453653 100644 --- a/libs/common/src/admin-console/models/request/organization-create.request.ts +++ b/libs/common/src/admin-console/models/request/organization-create.request.ts @@ -23,4 +23,8 @@ export class OrganizationCreateRequest { billingAddressState: string; billingAddressPostalCode: string; billingAddressCountry: string; + + useSecretsManager: boolean; + additionalSmSeats: number; + additionalServiceAccounts: number; } diff --git a/libs/common/src/admin-console/models/request/organization-upgrade.request.ts b/libs/common/src/admin-console/models/request/organization-upgrade.request.ts index bf0eb5f47f8..eba897f31b6 100644 --- a/libs/common/src/admin-console/models/request/organization-upgrade.request.ts +++ b/libs/common/src/admin-console/models/request/organization-upgrade.request.ts @@ -11,4 +11,8 @@ export class OrganizationUpgradeRequest { billingAddressCountry: string; billingAddressPostalCode: string; keys: OrganizationKeysRequest; + + useSecretsManager: boolean; + additionalSmSeats: number; + additionalServiceAccounts: number; } diff --git a/libs/common/src/admin-console/models/request/organization/organization-enroll-secrets-manager.request.ts b/libs/common/src/admin-console/models/request/organization/organization-enroll-secrets-manager.request.ts deleted file mode 100644 index a213b07bba7..00000000000 --- a/libs/common/src/admin-console/models/request/organization/organization-enroll-secrets-manager.request.ts +++ /dev/null @@ -1,3 +0,0 @@ -export class OrganizationEnrollSecretsManagerRequest { - enabled: boolean; -} diff --git a/libs/common/src/admin-console/services/organization/organization-api.service.ts b/libs/common/src/admin-console/services/organization/organization-api.service.ts index 3a1d3555242..503aeb3820f 100644 --- a/libs/common/src/admin-console/services/organization/organization-api.service.ts +++ b/libs/common/src/admin-console/services/organization/organization-api.service.ts @@ -7,6 +7,7 @@ import { OrganizationSsoResponse } from "../../../auth/models/response/organizat import { OrganizationSubscriptionUpdateRequest } from "../../../billing/models/request/organization-subscription-update.request"; import { OrganizationTaxInfoUpdateRequest } from "../../../billing/models/request/organization-tax-info-update.request"; import { PaymentRequest } from "../../../billing/models/request/payment.request"; +import { SecretsManagerSubscribeRequest } from "../../../billing/models/request/sm-subscribe.request"; import { BillingResponse } from "../../../billing/models/response/billing.response"; import { OrganizationSubscriptionResponse } from "../../../billing/models/response/organization-subscription.response"; import { PaymentResponse } from "../../../billing/models/response/payment.response"; @@ -19,7 +20,6 @@ import { ListResponse } from "../../../models/response/list.response"; import { SyncService } from "../../../vault/abstractions/sync/sync.service.abstraction"; import { OrganizationApiServiceAbstraction } from "../../abstractions/organization/organization-api.service.abstraction"; import { OrganizationApiKeyType } from "../../enums"; -import { OrganizationEnrollSecretsManagerRequest } from "../../models/request/organization/organization-enroll-secrets-manager.request"; import { OrganizationCreateRequest } from "../../models/request/organization-create.request"; import { OrganizationKeysRequest } from "../../models/request/organization-keys.request"; import { OrganizationUpdateRequest } from "../../models/request/organization-update.request"; @@ -120,7 +120,7 @@ export class OrganizationApiService implements OrganizationApiServiceAbstraction return new PaymentResponse(r); } - async updateSubscription( + async updatePasswordManagerSeats( id: string, request: OrganizationSubscriptionUpdateRequest ): Promise { @@ -294,13 +294,16 @@ export class OrganizationApiService implements OrganizationApiServiceAbstraction ); } - async updateEnrollSecretsManager(id: string, request: OrganizationEnrollSecretsManagerRequest) { - await this.apiService.send( + async subscribeToSecretsManager( + id: string, + request: SecretsManagerSubscribeRequest + ): Promise { + return await this.apiService.send( "POST", - "/organizations/" + id + "/enroll-secrets-manager", + "/organizations/" + id + "/subscribe-secrets-manager", request, true, - true + false ); } } diff --git a/libs/common/src/auth/services/auth.service.ts b/libs/common/src/auth/services/auth.service.ts index 56f601da56f..7164b0ae4f2 100644 --- a/libs/common/src/auth/services/auth.service.ts +++ b/libs/common/src/auth/services/auth.service.ts @@ -304,13 +304,16 @@ export class AuthService implements AuthServiceAbstraction { ).encKey, pubKey.buffer ); - const encryptedMasterPassword = await this.cryptoService.rsaEncrypt( - Utils.fromUtf8ToArray(await this.stateService.getKeyHash()), - pubKey.buffer - ); + let encryptedMasterPassword = null; + if ((await this.stateService.getKeyHash()) != null) { + encryptedMasterPassword = await this.cryptoService.rsaEncrypt( + Utils.fromUtf8ToArray(await this.stateService.getKeyHash()), + pubKey.buffer + ); + } const request = new PasswordlessAuthRequest( encryptedKey.encryptedString, - encryptedMasterPassword.encryptedString, + encryptedMasterPassword?.encryptedString, await this.appIdService.getAppId(), requestApproved ); diff --git a/libs/common/src/billing/models/request/sm-subscribe.request.ts b/libs/common/src/billing/models/request/sm-subscribe.request.ts new file mode 100644 index 00000000000..581d3007c81 --- /dev/null +++ b/libs/common/src/billing/models/request/sm-subscribe.request.ts @@ -0,0 +1,4 @@ +export class SecretsManagerSubscribeRequest { + additionalSmSeats: number; + additionalServiceAccounts: number; +} diff --git a/libs/common/src/billing/models/response/plan.response.ts b/libs/common/src/billing/models/response/plan.response.ts index fe6f9b68ecf..45838358be5 100644 --- a/libs/common/src/billing/models/response/plan.response.ts +++ b/libs/common/src/billing/models/response/plan.response.ts @@ -6,9 +6,9 @@ import { BitwardenProductType } from "../../enums/bitwarden-product-type.enum"; export class PlanResponse extends BaseResponse { type: PlanType; product: ProductType; + bitwardenProduct: BitwardenProductType; name: string; isAnnual: boolean; - bitwardenProduct: BitwardenProductType; nameLocalizationKey: string; descriptionLocalizationKey: string; canBeUsedByBusiness: boolean; @@ -99,6 +99,7 @@ export class PlanResponse extends BaseResponse { this.seatPrice = this.getResponseProperty("SeatPrice"); this.additionalStoragePricePerGb = this.getResponseProperty("AdditionalStoragePricePerGb"); this.premiumAccessOptionPrice = this.getResponseProperty("PremiumAccessOptionPrice"); + this.bitwardenProduct = this.getResponseProperty("BitwardenProduct"); this.additionalPricePerServiceAccount = this.getResponseProperty( "AdditionalPricePerServiceAccount" diff --git a/libs/common/src/platform/abstractions/environment.service.ts b/libs/common/src/platform/abstractions/environment.service.ts index 68327f4fd63..aa963baf0a7 100644 --- a/libs/common/src/platform/abstractions/environment.service.ts +++ b/libs/common/src/platform/abstractions/environment.service.ts @@ -28,6 +28,7 @@ export abstract class EnvironmentService { usUrls: Urls; euUrls: Urls; selectedRegion?: Region; + initialized = true; hasBaseUrl: () => boolean; getNotificationsUrl: () => string; diff --git a/libs/common/src/platform/services/environment.service.ts b/libs/common/src/platform/services/environment.service.ts index b2f62a22b19..6b27f9c13ce 100644 --- a/libs/common/src/platform/services/environment.service.ts +++ b/libs/common/src/platform/services/environment.service.ts @@ -12,6 +12,7 @@ export class EnvironmentService implements EnvironmentServiceAbstraction { private readonly urlsSubject = new Subject(); urls: Observable = this.urlsSubject.asObservable(); selectedRegion?: Region; + initialized = true; protected baseUrl: string; protected webVaultUrl: string; @@ -49,6 +50,9 @@ export class EnvironmentService implements EnvironmentServiceAbstraction { this.stateService.activeAccount$ .pipe( concatMap(async () => { + if (!this.initialized) { + return; + } await this.setUrlsFromStorage(); }) ) @@ -157,22 +161,23 @@ export class EnvironmentService implements EnvironmentServiceAbstraction { // fix environment urls for old users if (savedUrls.base === "https://vault.bitwarden.com") { - this.setRegion(Region.US); + await this.setRegion(Region.US); return; } if (savedUrls.base === "https://vault.bitwarden.eu") { - this.setRegion(Region.EU); + await this.setRegion(Region.EU); return; } switch (region) { case Region.EU: - this.setRegion(Region.EU); + await this.setRegion(Region.EU); return; case Region.US: - this.setRegion(Region.US); + await this.setRegion(Region.US); return; case Region.SelfHosted: + case null: default: this.baseUrl = envUrls.base = savedUrls.base; this.webVaultUrl = savedUrls.webVault; @@ -182,9 +187,9 @@ export class EnvironmentService implements EnvironmentServiceAbstraction { this.notificationsUrl = savedUrls.notifications; this.eventsUrl = envUrls.events = savedUrls.events; this.keyConnectorUrl = savedUrls.keyConnector; + await this.setRegion(Region.SelfHosted); // scimUrl is not saved to storage this.urlsSubject.next(); - this.setRegion(Region.SelfHosted); break; } } @@ -270,7 +275,7 @@ export class EnvironmentService implements EnvironmentServiceAbstraction { case Region.SelfHosted: // if user saves with empty fields, default to US if (this.isEmpty()) { - this.setRegion(Region.US); + await this.setRegion(Region.US); } break; } diff --git a/libs/common/src/services/api.service.ts b/libs/common/src/services/api.service.ts index ad7c1348896..9c098632b18 100644 --- a/libs/common/src/services/api.service.ts +++ b/libs/common/src/services/api.service.ts @@ -881,7 +881,7 @@ export class ApiService implements ApiServiceAbstraction { // Plan APIs async getPlans(): Promise> { - const r = await this.send("GET", "/plans/", null, false, true); + const r = await this.send("GET", "/plans/all", null, false, true); return new ListResponse(r, PlanResponse); } diff --git a/package-lock.json b/package-lock.json index 5a380576c99..39e2f923547 100644 --- a/package-lock.json +++ b/package-lock.json @@ -189,7 +189,7 @@ }, "apps/browser": { "name": "@bitwarden/browser", - "version": "2023.5.0" + "version": "2023.5.1" }, "apps/cli": { "name": "@bitwarden/cli", @@ -243,7 +243,7 @@ }, "apps/web": { "name": "@bitwarden/web-vault", - "version": "2023.5.0" + "version": "2023.5.1" }, "libs/angular": { "name": "@bitwarden/angular",