[PM-17745] Catch network errors in new device notification guard (#13161)

* [PM-17745] Wrap new device guard applicability check in try/catch to prevent crashes from network errors * [PM-17745] Fix broken test
2025-12-10 13:23:34 +00:00 · 2025-01-30 12:18:22 -08:00
parent cbba1a686c
commit a404729c9e
2 changed files with 24 additions and 12 deletions
--- a/libs/angular/src/vault/guards/new-device-verification-notice.guard.spec.ts
+++ b/libs/angular/src/vault/guards/new-device-verification-notice.guard.spec.ts
@@ -36,7 +36,7 @@ describe("NewDeviceVerificationNoticeGuard", () => {

    return Promise.resolve(false);
  });
-  const isSelfHost = jest.fn().mockResolvedValue(false);
+  const isSelfHost = jest.fn().mockReturnValue(false);
  const getProfileTwoFactorEnabled = jest.fn().mockResolvedValue(false);
  const policyAppliesToActiveUser$ = jest.fn().mockReturnValue(new BehaviorSubject<boolean>(false));
  const noticeState$ = jest.fn().mockReturnValue(new BehaviorSubject(null));
@@ -139,6 +139,12 @@ describe("NewDeviceVerificationNoticeGuard", () => {
    expect(await newDeviceGuard()).toBe(true);
  });

+  it("returns `true` when the profile service throws an error", async () => {
+    getProfileCreationDate.mockRejectedValueOnce(new Error("test"));
+
+    expect(await newDeviceGuard()).toBe(true);
+  });
+
  describe("temp flag", () => {
    beforeEach(() => {
      getFeatureFlag.mockImplementation((key) => {
--- a/libs/angular/src/vault/guards/new-device-verification-notice.guard.ts
+++ b/libs/angular/src/vault/guards/new-device-verification-notice.guard.ts
@@ -1,6 +1,6 @@
 import { inject } from "@angular/core";
 import { ActivatedRouteSnapshot, CanActivateFn, Router } from "@angular/router";
-import { Observable, firstValueFrom } from "rxjs";
+import { firstValueFrom, Observable } from "rxjs";

 import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
 import { PolicyType } from "@bitwarden/common/admin-console/enums";
@@ -47,17 +47,23 @@ export const NewDeviceVerificationNoticeGuard: CanActivateFn = async (
    return router.createUrlTree(["/login"]);
  }

-  const has2FAEnabled = await hasATwoFactorProviderEnabled(vaultProfileService, currentAcct.id);
-  const isSelfHosted = await platformUtilsService.isSelfHost();
-  const requiresSSO = await isSSORequired(policyService);
-  const isProfileLessThanWeekOld = await profileIsLessThanWeekOld(
-    vaultProfileService,
-    currentAcct.id,
-  );
+  try {
+    const isSelfHosted = platformUtilsService.isSelfHost();
+    const requiresSSO = await isSSORequired(policyService);
+    const has2FAEnabled = await hasATwoFactorProviderEnabled(vaultProfileService, currentAcct.id);
+    const isProfileLessThanWeekOld = await profileIsLessThanWeekOld(
+      vaultProfileService,
+      currentAcct.id,
+    );

-  // When any of the following are true, the device verification notice is
-  // not applicable for the user.
-  if (has2FAEnabled || isSelfHosted || requiresSSO || isProfileLessThanWeekOld) {
+    // When any of the following are true, the device verification notice is
+    // not applicable for the user.
+    if (has2FAEnabled || isSelfHosted || requiresSSO || isProfileLessThanWeekOld) {
+      return true;
+    }
+  } catch {
+    // Skip showing the notice if there was a problem determining applicability
+    // The most likely problem to occur is the user not having a network connection
    return true;
  }