[PM-27283] [BEEEP] Reactive availableVaultTimeoutActions$ in vault timeout settings (#17731)

* reactive `availableVaultTimeoutActions$` in vault timeout settings

* cleanup

* deprecation docs

* explicitly provided user id

* clearer mocking

* better docs

apps/browser/src/auth/popup/settings/account-security.component.ts

@@ -257,7 +257,7 @@ export class AccountSecurityComponent implements OnInit, OnDestroy {
       pin: await this.pinService.isPinSet(activeAccount.id),
       pinLockWithMasterPassword:
         (await this.pinService.getPinLockType(activeAccount.id)) == "EPHEMERAL",
-      biometric: await this.vaultTimeoutSettingsService.isBiometricLockSet(),
+      biometric: await this.vaultTimeoutSettingsService.isBiometricLockSet(activeAccount.id),
       enableAutoBiometricsPrompt: await firstValueFrom(
         this.biometricStateService.promptAutomatically$,
       ),

apps/browser/src/key-management/biometrics/background-browser-biometrics.service.ts

@@ -35,7 +35,7 @@ export class BackgroundBrowserBiometricsService extends BiometricsService {
     super();
     // Always connect to the native messaging background if biometrics are enabled, not just when it is used
     // so that there is no wait when used.
-    const biometricsEnabled = this.biometricStateService.biometricUnlockEnabled$;
+    const biometricsEnabled = this.biometricStateService.biometricUnlockEnabled$();
 
     combineLatest([timer(0, this.BACKGROUND_POLLING_INTERVAL), biometricsEnabled])
       .pipe(

apps/browser/src/key-management/lock/services/extension-lock-component.service.spec.ts

@@ -375,7 +375,7 @@ describe("ExtensionLockComponentService", () => {
       platformUtilsService.supportsSecureStorage.mockReturnValue(
         mockInputs.platformSupportsSecureStorage,
       );
-      biometricStateService.biometricUnlockEnabled$ = of(true);
+      biometricStateService.biometricUnlockEnabled$.mockReturnValue(of(true));
 
       //  PIN
       pinService.isPinDecryptionAvailable.mockResolvedValue(mockInputs.pinDecryptionAvailable);
@@ -386,6 +386,7 @@ describe("ExtensionLockComponentService", () => {
       const unlockOptions = await firstValueFrom(service.getAvailableUnlockOptions$(userId));
 
       expect(unlockOptions).toEqual(expectedOutput);
+      expect(biometricStateService.biometricUnlockEnabled$).toHaveBeenCalledWith(userId);
     });
   });
 });

apps/browser/src/key-management/lock/services/extension-lock-component.service.ts

@@ -69,7 +69,7 @@ export class ExtensionLockComponentService implements LockComponentService {
     return combineLatest([
       // Note: defer is preferable b/c it delays the execution of the function until the observable is subscribed to
       defer(async () => {
-        if (!(await firstValueFrom(this.biometricStateService.biometricUnlockEnabled$))) {
+        if (!(await firstValueFrom(this.biometricStateService.biometricUnlockEnabled$(userId)))) {
           return BiometricsStatus.NotEnabledLocally;
         } else {
           // TODO remove after 2025.3

apps/desktop/src/app/accounts/settings.component.ts

@@ -385,7 +385,7 @@ export class SettingsComponent implements OnInit, OnDestroy {
         this.vaultTimeoutSettingsService.getVaultTimeoutActionByUserId$(activeAccount.id),
       ),
       pin: this.userHasPinSet,
-      biometric: await this.vaultTimeoutSettingsService.isBiometricLockSet(),
+      biometric: await this.vaultTimeoutSettingsService.isBiometricLockSet(activeAccount.id),
       requireMasterPasswordOnAppRestart: !(await this.biometricsService.hasPersistentKey(
         activeAccount.id,
       )),