bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2026-02-13 15:03:26 +00:00
Code Issues Releases Wiki Activity

Merge branch 'main' into ps/extension-refresh

Browse Source
This commit is contained in:
Vicki League
2024-10-02 09:58:03 -04:00
parent a5cf8e806b acd47c2b79
commit af772c020d
86 changed files with 2364 additions and 162 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
apps/browser/src/_locales/en/messages.json
View File

@@ -604,6 +604,15 @@
"yourVaultIsLocked": {
"message": "Your vault is locked. Verify your identity to continue."
},
"yourVaultIsLockedV2": {
"message": "Your vault is locked"
},
"yourAccountIsLocked": {
"message": "Your account is locked"
},
"or": {
"message": "or"
},
"unlock": {
"message": "Unlock"
},
@@ -1936,6 +1945,9 @@
"unlockWithBiometrics": {
"message": "Unlock with biometrics"
},
"unlockWithMasterPassword": {
"message": "Unlock with master password"
},
"awaitDesktop": {
"message": "Awaiting confirmation from desktop"
},
@@ -3623,6 +3635,9 @@
"typePasskey": {
"message": "Passkey"
},
"accessing": {
"message": "Accessing"
},
"passkeyNotCopied": {
"message": "Passkey will not be copied"
},

2
apps/browser/src/auth/popup/account-switching/current-account.component.ts
View File

@@ -59,7 +59,7 @@ export class CurrentAccountComponent {
}
async currentAccountClicked() {
if (this.route.snapshot.data.state.includes("account-switcher")) {
if (this.route.snapshot.data?.state?.includes("account-switcher")) {
this.location.back();
} else {
await this.router.navigate(["/account-switcher"]);

25
apps/browser/src/popup/app-routing.module.ts
View File

@@ -17,6 +17,8 @@ import { extensionRefreshSwap } from "@bitwarden/angular/utils/extension-refresh
import {
AnonLayoutWrapperComponent,
AnonLayoutWrapperData,
LockIcon,
LockV2Component,
PasswordHintComponent,
RegistrationFinishComponent,
RegistrationStartComponent,
@@ -181,6 +183,7 @@ const routes: Routes = [
path: "lock",
component: LockComponent,
canActivate: [lockGuard()],
canMatch: [extensionRefreshRedirect("/lockV2")],
data: { state: "lock", doNotSaveUrl: true } satisfies RouteDataProperties,
},
...twofactorRefactorSwap(
@@ -438,6 +441,28 @@ const routes: Routes = [
],
},
),
{
path: "",
component: ExtensionAnonLayoutWrapperComponent,
children: [
{
path: "lockV2",
canActivate: [canAccessFeature(FeatureFlag.ExtensionRefresh), lockGuard()],
data: {
pageIcon: LockIcon,
pageTitle: "yourVaultIsLockedV2",
showReadonlyHostname: true,
showAcctSwitcher: true,
} satisfies ExtensionAnonLayoutWrapperData,
children: [
{
path: "",
component: LockV2Component,
},
],
},
],
},
{
path: "",
component: AnonLayoutWrapperComponent,

8
apps/browser/src/popup/services/services.module.ts
View File

@@ -16,7 +16,7 @@ import {
CLIENT_TYPE,
} from "@bitwarden/angular/services/injection-tokens";
import { JslibServicesModule } from "@bitwarden/angular/services/jslib-services.module";
import { AnonLayoutWrapperDataService } from "@bitwarden/auth/angular";
import { AnonLayoutWrapperDataService, LockComponentService } from "@bitwarden/auth/angular";
import { LockService, PinServiceAbstraction } from "@bitwarden/auth/common";
import { EventCollectionService as EventCollectionServiceAbstraction } from "@bitwarden/common/abstractions/event/event-collection.service";
import { NotificationsService } from "@bitwarden/common/abstractions/notifications.service";
@@ -117,6 +117,7 @@ import { ForegroundTaskSchedulerService } from "../../platform/services/task-sch
import { BrowserStorageServiceProvider } from "../../platform/storage/browser-storage-service.provider";
import { ForegroundMemoryStorageService } from "../../platform/storage/foreground-memory-storage.service";
import { fromChromeRuntimeMessaging } from "../../platform/utils/from-chrome-runtime-messaging";
import { ExtensionLockComponentService } from "../../services/extension-lock-component.service";
import { ForegroundVaultTimeoutService } from "../../services/vault-timeout/foreground-vault-timeout.service";
import { BrowserSendStateService } from "../../tools/popup/services/browser-send-state.service";
import { FilePopoutUtilsService } from "../../tools/popup/services/file-popout-utils.service";
@@ -536,6 +537,11 @@ const safeProviders: SafeProvider[] = [
provide: CLIENT_TYPE,
useValue: ClientType.Browser,
}),
safeProvider({
provide: LockComponentService,
useClass: ExtensionLockComponentService,
deps: [],
}),
safeProvider({
provide: Fido2UserVerificationService,
useClass: Fido2UserVerificationService,

325
apps/browser/src/services/extension-lock-component.service.spec.ts Normal file
View File

@@ -0,0 +1,325 @@
import { TestBed } from "@angular/core/testing";
import { mock, MockProxy } from "jest-mock-extended";
import { firstValueFrom, of } from "rxjs";
import { BiometricsDisableReason, UnlockOptions } from "@bitwarden/auth/angular";
import {
PinServiceAbstraction,
UserDecryptionOptionsServiceAbstraction,
} from "@bitwarden/auth/common";
import { VaultTimeoutSettingsService } from "@bitwarden/common/abstractions/vault-timeout/vault-timeout-settings.service";
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
import { UserId } from "@bitwarden/common/types/guid";
import { BiometricsService } from "@bitwarden/key-management";
import { BrowserRouterService } from "../platform/popup/services/browser-router.service";
import { ExtensionLockComponentService } from "./extension-lock-component.service";
describe("ExtensionLockComponentService", () => {
let service: ExtensionLockComponentService;
let userDecryptionOptionsService: MockProxy<UserDecryptionOptionsServiceAbstraction>;
let platformUtilsService: MockProxy<PlatformUtilsService>;
let biometricsService: MockProxy<BiometricsService>;
let pinService: MockProxy<PinServiceAbstraction>;
let vaultTimeoutSettingsService: MockProxy<VaultTimeoutSettingsService>;
let cryptoService: MockProxy<CryptoService>;
let routerService: MockProxy<BrowserRouterService>;
beforeEach(() => {
userDecryptionOptionsService = mock<UserDecryptionOptionsServiceAbstraction>();
platformUtilsService = mock<PlatformUtilsService>();
biometricsService = mock<BiometricsService>();
pinService = mock<PinServiceAbstraction>();
vaultTimeoutSettingsService = mock<VaultTimeoutSettingsService>();
cryptoService = mock<CryptoService>();
routerService = mock<BrowserRouterService>();
TestBed.configureTestingModule({
providers: [
ExtensionLockComponentService,
{
provide: UserDecryptionOptionsServiceAbstraction,
useValue: userDecryptionOptionsService,
},
{
provide: PlatformUtilsService,
useValue: platformUtilsService,
},
{
provide: BiometricsService,
useValue: biometricsService,
},
{
provide: PinServiceAbstraction,
useValue: pinService,
},
{
provide: VaultTimeoutSettingsService,
useValue: vaultTimeoutSettingsService,
},
{
provide: CryptoService,
useValue: cryptoService,
},
{
provide: BrowserRouterService,
useValue: routerService,
},
],
});
service = TestBed.inject(ExtensionLockComponentService);
});
it("instantiates", () => {
expect(service).not.toBeFalsy();
});
describe("getPreviousUrl", () => {
it("returns the previous URL", () => {
routerService.getPreviousUrl.mockReturnValue("previousUrl");
expect(service.getPreviousUrl()).toBe("previousUrl");
});
});
describe("getBiometricsError", () => {
it("returns a biometric error description when given a valid error type", () => {
expect(
service.getBiometricsError({
message: "startDesktop",
}),
).toBe("startDesktopDesc");
});
it("returns null when given an invalid error type", () => {
expect(
service.getBiometricsError({
message: "invalidError",
}),
).toBeNull();
});
it("returns null when given a null input", () => {
expect(service.getBiometricsError(null)).toBeNull();
});
});
describe("isWindowVisible", () => {
it("throws an error", async () => {
await expect(service.isWindowVisible()).rejects.toThrow("Method not implemented.");
});
});
describe("getBiometricsUnlockBtnText", () => {
it("returns the biometric unlock button text", () => {
expect(service.getBiometricsUnlockBtnText()).toBe("unlockWithBiometrics");
});
});
describe("getAvailableUnlockOptions$", () => {
interface MockInputs {
hasMasterPassword: boolean;
osSupportsBiometric: boolean;
biometricLockSet: boolean;
hasBiometricEncryptedUserKeyStored: boolean;
platformSupportsSecureStorage: boolean;
pinDecryptionAvailable: boolean;
}
const table: [MockInputs, UnlockOptions][] = [
[
// MP + PIN + Biometrics available
{
hasMasterPassword: true,
osSupportsBiometric: true,
biometricLockSet: true,
hasBiometricEncryptedUserKeyStored: true,
platformSupportsSecureStorage: true,
pinDecryptionAvailable: true,
},
{
masterPassword: {
enabled: true,
},
pin: {
enabled: true,
},
biometrics: {
enabled: true,
disableReason: null,
},
},
],
[
// PIN + Biometrics available
{
hasMasterPassword: false,
osSupportsBiometric: true,
biometricLockSet: true,
hasBiometricEncryptedUserKeyStored: true,
platformSupportsSecureStorage: true,
pinDecryptionAvailable: true,
},
{
masterPassword: {
enabled: false,
},
pin: {
enabled: true,
},
biometrics: {
enabled: true,
disableReason: null,
},
},
],
[
// Biometrics available: user key stored with no secure storage
{
hasMasterPassword: false,
osSupportsBiometric: true,
biometricLockSet: true,
hasBiometricEncryptedUserKeyStored: true,
platformSupportsSecureStorage: false,
pinDecryptionAvailable: false,
},
{
masterPassword: {
enabled: false,
},
pin: {
enabled: false,
},
biometrics: {
enabled: true,
disableReason: null,
},
},
],
[
// Biometrics available: no user key stored with no secure storage
{
hasMasterPassword: false,
osSupportsBiometric: true,
biometricLockSet: true,
hasBiometricEncryptedUserKeyStored: false,
platformSupportsSecureStorage: false,
pinDecryptionAvailable: false,
},
{
masterPassword: {
enabled: false,
},
pin: {
enabled: false,
},
biometrics: {
enabled: true,
disableReason: null,
},
},
],
[
// Biometrics not available: biometric lock not set
{
hasMasterPassword: false,
osSupportsBiometric: true,
biometricLockSet: false,
hasBiometricEncryptedUserKeyStored: true,
platformSupportsSecureStorage: true,
pinDecryptionAvailable: false,
},
{
masterPassword: {
enabled: false,
},
pin: {
enabled: false,
},
biometrics: {
enabled: false,
disableReason: BiometricsDisableReason.EncryptedKeysUnavailable,
},
},
],
[
// Biometrics not available: user key not stored
{
hasMasterPassword: false,
osSupportsBiometric: true,
biometricLockSet: true,
hasBiometricEncryptedUserKeyStored: false,
platformSupportsSecureStorage: true,
pinDecryptionAvailable: false,
},
{
masterPassword: {
enabled: false,
},
pin: {
enabled: false,
},
biometrics: {
enabled: false,
disableReason: BiometricsDisableReason.EncryptedKeysUnavailable,
},
},
],
[
// Biometrics not available: OS doesn't support
{
hasMasterPassword: false,
osSupportsBiometric: false,
biometricLockSet: true,
hasBiometricEncryptedUserKeyStored: true,
platformSupportsSecureStorage: true,
pinDecryptionAvailable: false,
},
{
masterPassword: {
enabled: false,
},
pin: {
enabled: false,
},
biometrics: {
enabled: false,
disableReason: BiometricsDisableReason.NotSupportedOnOperatingSystem,
},
},
],
];
test.each(table)("returns unlock options", async (mockInputs, expectedOutput) => {
const userId = "userId" as UserId;
const userDecryptionOptions = {
hasMasterPassword: mockInputs.hasMasterPassword,
};
// MP
userDecryptionOptionsService.userDecryptionOptionsById$.mockReturnValue(
of(userDecryptionOptions),
);
// Biometrics
biometricsService.supportsBiometric.mockResolvedValue(mockInputs.osSupportsBiometric);
vaultTimeoutSettingsService.isBiometricLockSet.mockResolvedValue(mockInputs.biometricLockSet);
cryptoService.hasUserKeyStored.mockResolvedValue(
mockInputs.hasBiometricEncryptedUserKeyStored,
);
platformUtilsService.supportsSecureStorage.mockReturnValue(
mockInputs.platformSupportsSecureStorage,
);
// PIN
pinService.isPinDecryptionAvailable.mockResolvedValue(mockInputs.pinDecryptionAvailable);
const unlockOptions = await firstValueFrom(service.getAvailableUnlockOptions$(userId));
expect(unlockOptions).toEqual(expectedOutput);
});
});
});

117
apps/browser/src/services/extension-lock-component.service.ts Normal file
View File

@@ -0,0 +1,117 @@
import { inject } from "@angular/core";
import { combineLatest, defer, map, Observable } from "rxjs";
import {
BiometricsDisableReason,
LockComponentService,
UnlockOptions,
} from "@bitwarden/auth/angular";
import {
PinServiceAbstraction,
UserDecryptionOptionsServiceAbstraction,
} from "@bitwarden/auth/common";
import { VaultTimeoutSettingsService } from "@bitwarden/common/abstractions/vault-timeout/vault-timeout-settings.service";
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
import { KeySuffixOptions } from "@bitwarden/common/platform/enums";
import { UserId } from "@bitwarden/common/types/guid";
import { BiometricsService } from "@bitwarden/key-management";
import { BiometricErrors, BiometricErrorTypes } from "../models/biometricErrors";
import { BrowserRouterService } from "../platform/popup/services/browser-router.service";
export class ExtensionLockComponentService implements LockComponentService {
private readonly userDecryptionOptionsService = inject(UserDecryptionOptionsServiceAbstraction);
private readonly platformUtilsService = inject(PlatformUtilsService);
private readonly biometricsService = inject(BiometricsService);
private readonly pinService = inject(PinServiceAbstraction);
private readonly vaultTimeoutSettingsService = inject(VaultTimeoutSettingsService);
private readonly cryptoService = inject(CryptoService);
private readonly routerService = inject(BrowserRouterService);
getPreviousUrl(): string | null {
return this.routerService.getPreviousUrl();
}
getBiometricsError(error: any): string | null {
const biometricsError = BiometricErrors[error?.message as BiometricErrorTypes];
if (!biometricsError) {
return null;
}
return biometricsError.description;
}
async isWindowVisible(): Promise<boolean> {
throw new Error("Method not implemented.");
}
getBiometricsUnlockBtnText(): string {
return "unlockWithBiometrics";
}
private async isBiometricLockSet(userId: UserId): Promise<boolean> {
const biometricLockSet = await this.vaultTimeoutSettingsService.isBiometricLockSet(userId);
const hasBiometricEncryptedUserKeyStored = await this.cryptoService.hasUserKeyStored(
KeySuffixOptions.Biometric,
userId,
);
const platformSupportsSecureStorage = this.platformUtilsService.supportsSecureStorage();
return (
biometricLockSet && (hasBiometricEncryptedUserKeyStored || !platformSupportsSecureStorage)
);
}
private getBiometricsDisabledReason(
osSupportsBiometric: boolean,
biometricLockSet: boolean,
): BiometricsDisableReason | null {
if (!osSupportsBiometric) {
return BiometricsDisableReason.NotSupportedOnOperatingSystem;
} else if (!biometricLockSet) {
return BiometricsDisableReason.EncryptedKeysUnavailable;
}
return null;
}
getAvailableUnlockOptions$(userId: UserId): Observable<UnlockOptions> {
return combineLatest([
// Note: defer is preferable b/c it delays the execution of the function until the observable is subscribed to
defer(() => this.biometricsService.supportsBiometric()),
defer(() => this.isBiometricLockSet(userId)),
this.userDecryptionOptionsService.userDecryptionOptionsById$(userId),
defer(() => this.pinService.isPinDecryptionAvailable(userId)),
]).pipe(
map(
([
supportsBiometric,
isBiometricsLockSet,
userDecryptionOptions,
pinDecryptionAvailable,
]) => {
const disableReason = this.getBiometricsDisabledReason(
supportsBiometric,
isBiometricsLockSet,
);
const unlockOpts: UnlockOptions = {
masterPassword: {
enabled: userDecryptionOptions.hasMasterPassword,
},
pin: {
enabled: pinDecryptionAvailable,
},
biometrics: {
enabled: supportsBiometric && isBiometricsLockSet,
disableReason: disableReason,
},
};
return unlockOpts;
},
),
);
}
}

3
apps/browser/src/tools/popup/send-v2/add-edit/send-add-edit.component.html
View File

@@ -4,7 +4,8 @@
<tools-send-form
formId="sendForm"
[config]="config"
(sendSaved)="onSendSaved()"
(onSendCreated)="onSendCreated($event)"
(onSendUpdated)="onSendUpdated($event)"
[submitBtn]="submitBtn"
>
</tools-send-form>

18
apps/browser/src/tools/popup/send-v2/add-edit/send-add-edit.component.ts
View File

@@ -2,12 +2,13 @@ import { CommonModule, Location } from "@angular/common";
import { Component } from "@angular/core";
import { takeUntilDestroyed } from "@angular/core/rxjs-interop";
import { FormsModule } from "@angular/forms";
import { ActivatedRoute, Params } from "@angular/router";
import { ActivatedRoute, Params, Router } from "@angular/router";
import { map, switchMap } from "rxjs";
import { JslibModule } from "@bitwarden/angular/jslib.module";
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
import { SendType } from "@bitwarden/common/tools/send/enums/send-type";
import { SendView } from "@bitwarden/common/tools/send/models/view/send.view";
import { SendApiService } from "@bitwarden/common/tools/send/services/send-api.service.abstraction";
import { SendId } from "@bitwarden/common/types/guid";
import {
@@ -95,14 +96,25 @@ export class SendAddEditComponent {
private sendApiService: SendApiService,
private toastService: ToastService,
private dialogService: DialogService,
private router: Router,
) {
this.subscribeToParams();
}
/**
* Handles the event when the send is saved.
* Handles the event when the send is created.
*/
onSendSaved() {
async onSendCreated(send: SendView) {
await this.router.navigate(["/send-created"], {
queryParams: { sendId: send.id },
});
return;
}
/**
* Handles the event when the send is updated.
*/
onSendUpdated(send: SendView) {
this.location.back();
}

7
apps/browser/src/tools/popup/send-v2/send-created/send-created.component.html
View File

@@ -1,6 +1,11 @@
<main class="tw-top-0">
<popup-page>
<popup-header slot="header" [pageTitle]="'createdSend' | i18n" showBackButton>
<popup-header
slot="header"
[pageTitle]="'createdSend' | i18n"
showBackButton
[backAction]="close.bind(this)"
>
<ng-container slot="end">
<app-pop-out></app-pop-out>
</ng-container>

11
apps/browser/src/tools/popup/send-v2/send-created/send-created.component.spec.ts
View File

@@ -1,6 +1,6 @@
import { CommonModule, Location } from "@angular/common";
import { ComponentFixture, TestBed } from "@angular/core/testing";
import { ActivatedRoute, RouterLink } from "@angular/router";
import { ActivatedRoute, Router, RouterLink } from "@angular/router";
import { RouterTestingModule } from "@angular/router/testing";
import { MockProxy, mock } from "jest-mock-extended";
import { of } from "rxjs";
@@ -33,6 +33,7 @@ describe("SendCreatedComponent", () => {
let location: MockProxy<Location>;
let activatedRoute: MockProxy<ActivatedRoute>;
let environmentService: MockProxy<EnvironmentService>;
let router: MockProxy<Router>;
const sendId = "test-send-id";
const deletionDate = new Date();
@@ -52,6 +53,7 @@ describe("SendCreatedComponent", () => {
location = mock<Location>();
activatedRoute = mock<ActivatedRoute>();
environmentService = mock<EnvironmentService>();
router = mock<Router>();
Object.defineProperty(environmentService, "environment$", {
configurable: true,
get: () => of(new SelfHostedEnvironment({ webVault: "https://example.com" })),
@@ -89,6 +91,7 @@ describe("SendCreatedComponent", () => {
{ provide: ConfigService, useValue: mock<ConfigService>() },
{ provide: EnvironmentService, useValue: environmentService },
{ provide: PopupRouterCacheService, useValue: mock<PopupRouterCacheService>() },
{ provide: Router, useValue: router },
],
}).compileComponents();
});
@@ -109,10 +112,10 @@ describe("SendCreatedComponent", () => {
expect(component["daysAvailable"]).toBe(7);
});
it("should navigate back on close", () => {
it("should navigate back to send list on close", async () => {
fixture.detectChanges();
component.close();
expect(location.back).toHaveBeenCalled();
await component.close();
expect(router.navigate).toHaveBeenCalledWith(["/tabs/send"]);
});
describe("getDaysAvailable", () => {

12
apps/browser/src/tools/popup/send-v2/send-created/send-created.component.ts
View File

@@ -1,7 +1,7 @@
import { CommonModule, Location } from "@angular/common";
import { CommonModule } from "@angular/common";
import { Component } from "@angular/core";
import { takeUntilDestroyed } from "@angular/core/rxjs-interop";
import { ActivatedRoute, RouterLink } from "@angular/router";
import { ActivatedRoute, Router, RouterLink, RouterModule } from "@angular/router";
import { firstValueFrom } from "rxjs";
import { JslibModule } from "@bitwarden/angular/jslib.module";
@@ -30,6 +30,7 @@ import { PopupPageComponent } from "../../../../platform/popup/layout/popup-page
PopupHeaderComponent,
PopupPageComponent,
RouterLink,
RouterModule,
PopupFooterComponent,
IconModule,
],
@@ -45,10 +46,11 @@ export class SendCreatedComponent {
private sendService: SendService,
private route: ActivatedRoute,
private toastService: ToastService,
private location: Location,
private router: Router,
private environmentService: EnvironmentService,
) {
const sendId = this.route.snapshot.queryParamMap.get("sendId");
this.sendService.sendViews$.pipe(takeUntilDestroyed()).subscribe((sendViews) => {
this.send = sendViews.find((s) => s.id === sendId);
if (this.send) {
@@ -62,8 +64,8 @@ export class SendCreatedComponent {
return Math.max(0, Math.ceil((send.deletionDate.getTime() - now) / (1000 * 60 * 60 * 24)));
}
close() {
this.location.back();
async close() {
await this.router.navigate(["/tabs/send"]);
}
async copyLink() {

19
apps/desktop/src/app/app-routing.module.ts
View File

@@ -11,9 +11,12 @@ import {
unauthGuardFn,
} from "@bitwarden/angular/auth/guards";
import { canAccessFeature } from "@bitwarden/angular/platform/guard/feature-flag.guard";
import { extensionRefreshRedirect } from "@bitwarden/angular/utils/extension-refresh-redirect";
import {
AnonLayoutWrapperComponent,
AnonLayoutWrapperData,
LockIcon,
LockV2Component,
PasswordHintComponent,
RegistrationFinishComponent,
RegistrationStartComponent,
@@ -62,6 +65,7 @@ const routes: Routes = [
path: "lock",
component: LockComponent,
canActivate: [lockGuard()],
canMatch: [extensionRefreshRedirect("/lockV2")],
},
{
path: "login",
@@ -190,6 +194,21 @@ const routes: Routes = [
},
],
},
{
path: "lockV2",
canActivate: [canAccessFeature(FeatureFlag.ExtensionRefresh), lockGuard()],
data: {
pageIcon: LockIcon,
pageTitle: "yourVaultIsLockedV2",
showReadonlyHostname: true,
} satisfies AnonLayoutWrapperData,
children: [
{
path: "",
component: LockV2Component,
},
],
},
{
path: "set-password-jit",
canActivate: [canAccessFeature(FeatureFlag.EmailVerification)],

8
apps/desktop/src/app/services/services.module.ts
View File

@@ -19,7 +19,7 @@ import {
CLIENT_TYPE,
} from "@bitwarden/angular/services/injection-tokens";
import { JslibServicesModule } from "@bitwarden/angular/services/jslib-services.module";
import { SetPasswordJitService } from "@bitwarden/auth/angular";
import { LockComponentService, SetPasswordJitService } from "@bitwarden/auth/angular";
import {
InternalUserDecryptionOptionsServiceAbstraction,
PinServiceAbstraction,
@@ -86,6 +86,7 @@ import { ElectronRendererStorageService } from "../../platform/services/electron
import { I18nRendererService } from "../../platform/services/i18n.renderer.service";
import { fromIpcMessaging } from "../../platform/utils/from-ipc-messaging";
import { fromIpcSystemTheme } from "../../platform/utils/from-ipc-system-theme";
import { DesktopLockComponentService } from "../../services/desktop-lock-component.service";
import { EncryptedMessageHandlerService } from "../../services/encrypted-message-handler.service";
import { NativeMessageHandlerService } from "../../services/native-message-handler.service";
import { NativeMessagingService } from "../../services/native-messaging.service";
@@ -277,6 +278,11 @@ const safeProviders: SafeProvider[] = [
useClass: NativeMessagingManifestService,
deps: [],
}),
safeProvider({
provide: LockComponentService,
useClass: DesktopLockComponentService,
deps: [],
}),
safeProvider({
provide: CLIENT_TYPE,
useValue: ClientType.Desktop,

4
apps/desktop/src/auth/login/login.component.html
View File

@@ -8,7 +8,9 @@
attr.aria-hidden="{{ showingModal }}"
>
<div id="content" class="content" style="padding-top: 50px">
<img class="logo-image" alt="Bitwarden" />
<a (click)="invalidateEmail()" class="tw-cursor-pointer">
<img class="logo-image" alt="Bitwarden" />
</a>
<p class="lead">{{ "loginOrCreateNewAccount" | i18n }}</p>
<!-- start email -->
<ng-container *ngIf="!validatedEmail; else loginPage">

7
apps/desktop/src/auth/login/login.component.ts
View File

@@ -227,4 +227,11 @@ export class LoginComponent extends BaseLoginComponent implements OnInit, OnDest
);
}
}
/**
* Force the validatedEmail flag to false, which will show the login page.
*/
invalidateEmail() {
this.validatedEmail = false;
}
}

18
apps/desktop/src/locales/en/messages.json
View File

@@ -918,6 +918,18 @@
"yourVaultIsLocked": {
"message": "Your vault is locked. Verify your identity to continue."
},
"yourAccountIsLocked": {
"message": "Your account is locked"
},
"or": {
"message": "or"
},
"unlockWithBiometrics": {
"message": "Unlock with biometrics"
},
"unlockWithMasterPassword": {
"message": "Unlock with master password"
},
"unlock": {
"message": "Unlock"
},
@@ -2256,6 +2268,9 @@
"locked": {
"message": "Locked"
},
"yourVaultIsLockedV2": {
"message": "Your vault is locked"
},
"unlocked": {
"message": "Unlocked"
},
@@ -2608,6 +2623,9 @@
"important": {
"message": "Important:"
},
"accessing": {
"message": "Accessing"
},
"accessTokenUnableToBeDecrypted": {
"message": "You have been logged out because your access token could not be decrypted. Please log in again to resolve this issue."
},

377
apps/desktop/src/services/desktop-lock-component.service.spec.ts Normal file
View File

@@ -0,0 +1,377 @@
import { TestBed } from "@angular/core/testing";
import { mock, MockProxy } from "jest-mock-extended";
import { firstValueFrom, of } from "rxjs";
import { BiometricsDisableReason, UnlockOptions } from "@bitwarden/auth/angular";
import {
PinServiceAbstraction,
UserDecryptionOptionsServiceAbstraction,
} from "@bitwarden/auth/common";
import { VaultTimeoutSettingsService } from "@bitwarden/common/abstractions/vault-timeout/vault-timeout-settings.service";
import { DeviceType } from "@bitwarden/common/enums";
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
import { UserId } from "@bitwarden/common/types/guid";
import { BiometricsService } from "@bitwarden/key-management";
import { DesktopLockComponentService } from "./desktop-lock-component.service";
// ipc mock global
const isWindowVisibleMock = jest.fn();
const biometricEnabledMock = jest.fn();
(global as any).ipc = {
keyManagement: {
biometric: {
enabled: biometricEnabledMock,
},
},
platform: {
isWindowVisible: isWindowVisibleMock,
},
};
describe("DesktopLockComponentService", () => {
let service: DesktopLockComponentService;
let userDecryptionOptionsService: MockProxy<UserDecryptionOptionsServiceAbstraction>;
let platformUtilsService: MockProxy<PlatformUtilsService>;
let biometricsService: MockProxy<BiometricsService>;
let pinService: MockProxy<PinServiceAbstraction>;
let vaultTimeoutSettingsService: MockProxy<VaultTimeoutSettingsService>;
let cryptoService: MockProxy<CryptoService>;
beforeEach(() => {
userDecryptionOptionsService = mock<UserDecryptionOptionsServiceAbstraction>();
platformUtilsService = mock<PlatformUtilsService>();
biometricsService = mock<BiometricsService>();
pinService = mock<PinServiceAbstraction>();
vaultTimeoutSettingsService = mock<VaultTimeoutSettingsService>();
cryptoService = mock<CryptoService>();
TestBed.configureTestingModule({
providers: [
DesktopLockComponentService,
{
provide: UserDecryptionOptionsServiceAbstraction,
useValue: userDecryptionOptionsService,
},
{
provide: PlatformUtilsService,
useValue: platformUtilsService,
},
{
provide: BiometricsService,
useValue: biometricsService,
},
{
provide: PinServiceAbstraction,
useValue: pinService,
},
{
provide: VaultTimeoutSettingsService,
useValue: vaultTimeoutSettingsService,
},
{
provide: CryptoService,
useValue: cryptoService,
},
],
});
service = TestBed.inject(DesktopLockComponentService);
});
it("instantiates", () => {
expect(service).not.toBeFalsy();
});
// getBiometricsError
describe("getBiometricsError", () => {
it("returns null when given null", () => {
const result = service.getBiometricsError(null);
expect(result).toBeNull();
});
it("returns null when given an unknown error", () => {
const result = service.getBiometricsError({ message: "unknown" });
expect(result).toBeNull();
});
});
describe("getPreviousUrl", () => {
it("returns null", () => {
const result = service.getPreviousUrl();
expect(result).toBeNull();
});
});
describe("isWindowVisible", () => {
it("returns the window visibility", async () => {
isWindowVisibleMock.mockReturnValue(true);
const result = await service.isWindowVisible();
expect(result).toBe(true);
});
});
describe("getBiometricsUnlockBtnText", () => {
it("returns the correct text for Mac OS", () => {
platformUtilsService.getDevice.mockReturnValue(DeviceType.MacOsDesktop);
const result = service.getBiometricsUnlockBtnText();
expect(result).toBe("unlockWithTouchId");
});
it("returns the correct text for Windows", () => {
platformUtilsService.getDevice.mockReturnValue(DeviceType.WindowsDesktop);
const result = service.getBiometricsUnlockBtnText();
expect(result).toBe("unlockWithWindowsHello");
});
it("returns the correct text for Linux", () => {
platformUtilsService.getDevice.mockReturnValue(DeviceType.LinuxDesktop);
const result = service.getBiometricsUnlockBtnText();
expect(result).toBe("unlockWithPolkit");
});
it("throws an error for an unsupported platform", () => {
platformUtilsService.getDevice.mockReturnValue("unsupported" as any);
expect(() => service.getBiometricsUnlockBtnText()).toThrowError("Unsupported platform");
});
});
describe("getAvailableUnlockOptions$", () => {
interface MockInputs {
hasMasterPassword: boolean;
osSupportsBiometric: boolean;
biometricLockSet: boolean;
biometricReady: boolean;
hasBiometricEncryptedUserKeyStored: boolean;
platformSupportsSecureStorage: boolean;
pinDecryptionAvailable: boolean;
}
const table: [MockInputs, UnlockOptions][] = [
[
// MP + PIN + Biometrics available
{
hasMasterPassword: true,
osSupportsBiometric: true,
biometricLockSet: true,
hasBiometricEncryptedUserKeyStored: true,
biometricReady: true,
platformSupportsSecureStorage: true,
pinDecryptionAvailable: true,
},
{
masterPassword: {
enabled: true,
},
pin: {
enabled: true,
},
biometrics: {
enabled: true,
disableReason: null,
},
},
],
[
// PIN + Biometrics available
{
hasMasterPassword: false,
osSupportsBiometric: true,
biometricLockSet: true,
hasBiometricEncryptedUserKeyStored: true,
biometricReady: true,
platformSupportsSecureStorage: true,
pinDecryptionAvailable: true,
},
{
masterPassword: {
enabled: false,
},
pin: {
enabled: true,
},
biometrics: {
enabled: true,
disableReason: null,
},
},
],
[
// Biometrics available: user key stored with no secure storage
{
hasMasterPassword: false,
osSupportsBiometric: true,
biometricLockSet: true,
hasBiometricEncryptedUserKeyStored: true,
biometricReady: true,
platformSupportsSecureStorage: false,
pinDecryptionAvailable: false,
},
{
masterPassword: {
enabled: false,
},
pin: {
enabled: false,
},
biometrics: {
enabled: true,
disableReason: null,
},
},
],
[
// Biometrics available: no user key stored with no secure storage
{
hasMasterPassword: false,
osSupportsBiometric: true,
biometricLockSet: true,
hasBiometricEncryptedUserKeyStored: false,
biometricReady: true,
platformSupportsSecureStorage: false,
pinDecryptionAvailable: false,
},
{
masterPassword: {
enabled: false,
},
pin: {
enabled: false,
},
biometrics: {
enabled: true,
disableReason: null,
},
},
],
[
// Biometrics not available: biometric not ready
{
hasMasterPassword: false,
osSupportsBiometric: true,
biometricLockSet: true,
hasBiometricEncryptedUserKeyStored: true,
biometricReady: false,
platformSupportsSecureStorage: true,
pinDecryptionAvailable: false,
},
{
masterPassword: {
enabled: false,
},
pin: {
enabled: false,
},
biometrics: {
enabled: false,
disableReason: BiometricsDisableReason.SystemBiometricsUnavailable,
},
},
],
[
// Biometrics not available: biometric lock not set
{
hasMasterPassword: false,
osSupportsBiometric: true,
biometricLockSet: false,
hasBiometricEncryptedUserKeyStored: true,
biometricReady: true,
platformSupportsSecureStorage: true,
pinDecryptionAvailable: false,
},
{
masterPassword: {
enabled: false,
},
pin: {
enabled: false,
},
biometrics: {
enabled: false,
disableReason: BiometricsDisableReason.EncryptedKeysUnavailable,
},
},
],
[
// Biometrics not available: user key not stored
{
hasMasterPassword: false,
osSupportsBiometric: true,
biometricLockSet: true,
hasBiometricEncryptedUserKeyStored: false,
biometricReady: true,
platformSupportsSecureStorage: true,
pinDecryptionAvailable: false,
},
{
masterPassword: {
enabled: false,
},
pin: {
enabled: false,
},
biometrics: {
enabled: false,
disableReason: BiometricsDisableReason.EncryptedKeysUnavailable,
},
},
],
[
// Biometrics not available: OS doesn't support
{
hasMasterPassword: false,
osSupportsBiometric: false,
biometricLockSet: true,
hasBiometricEncryptedUserKeyStored: true,
biometricReady: true,
platformSupportsSecureStorage: true,
pinDecryptionAvailable: false,
},
{
masterPassword: {
enabled: false,
},
pin: {
enabled: false,
},
biometrics: {
enabled: false,
disableReason: BiometricsDisableReason.NotSupportedOnOperatingSystem,
},
},
],
];
test.each(table)("returns unlock options", async (mockInputs, expectedOutput) => {
const userId = "userId" as UserId;
const userDecryptionOptions = {
hasMasterPassword: mockInputs.hasMasterPassword,
};
// MP
userDecryptionOptionsService.userDecryptionOptionsById$.mockReturnValue(
of(userDecryptionOptions),
);
// Biometrics
biometricsService.supportsBiometric.mockResolvedValue(mockInputs.osSupportsBiometric);
vaultTimeoutSettingsService.isBiometricLockSet.mockResolvedValue(mockInputs.biometricLockSet);
cryptoService.hasUserKeyStored.mockResolvedValue(
mockInputs.hasBiometricEncryptedUserKeyStored,
);
platformUtilsService.supportsSecureStorage.mockReturnValue(
mockInputs.platformSupportsSecureStorage,
);
biometricEnabledMock.mockResolvedValue(mockInputs.biometricReady);
// PIN
pinService.isPinDecryptionAvailable.mockResolvedValue(mockInputs.pinDecryptionAvailable);
const unlockOptions = await firstValueFrom(service.getAvailableUnlockOptions$(userId));
expect(unlockOptions).toEqual(expectedOutput);
});
});
});

129
apps/desktop/src/services/desktop-lock-component.service.ts Normal file
View File

@@ -0,0 +1,129 @@
import { inject } from "@angular/core";
import { combineLatest, defer, map, Observable } from "rxjs";
import {
BiometricsDisableReason,
LockComponentService,
UnlockOptions,
} from "@bitwarden/auth/angular";
import {
PinServiceAbstraction,
UserDecryptionOptionsServiceAbstraction,
} from "@bitwarden/auth/common";
import { VaultTimeoutSettingsService } from "@bitwarden/common/abstractions/vault-timeout/vault-timeout-settings.service";
import { DeviceType } from "@bitwarden/common/enums";
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
import { KeySuffixOptions } from "@bitwarden/common/platform/enums";
import { UserId } from "@bitwarden/common/types/guid";
import { BiometricsService } from "@bitwarden/key-management";
export class DesktopLockComponentService implements LockComponentService {
private readonly userDecryptionOptionsService = inject(UserDecryptionOptionsServiceAbstraction);
private readonly platformUtilsService = inject(PlatformUtilsService);
private readonly biometricsService = inject(BiometricsService);
private readonly pinService = inject(PinServiceAbstraction);
private readonly vaultTimeoutSettingsService = inject(VaultTimeoutSettingsService);
private readonly cryptoService = inject(CryptoService);
constructor() {}
getBiometricsError(error: any): string | null {
return null;
}
getPreviousUrl(): string | null {
return null;
}
async isWindowVisible(): Promise<boolean> {
return ipc.platform.isWindowVisible();
}
getBiometricsUnlockBtnText(): string {
switch (this.platformUtilsService.getDevice()) {
case DeviceType.MacOsDesktop:
return "unlockWithTouchId";
case DeviceType.WindowsDesktop:
return "unlockWithWindowsHello";
case DeviceType.LinuxDesktop:
return "unlockWithPolkit";
default:
throw new Error("Unsupported platform");
}
}
private async isBiometricLockSet(userId: UserId): Promise<boolean> {
const biometricLockSet = await this.vaultTimeoutSettingsService.isBiometricLockSet(userId);
const hasBiometricEncryptedUserKeyStored = await this.cryptoService.hasUserKeyStored(
KeySuffixOptions.Biometric,
userId,
);
const platformSupportsSecureStorage = this.platformUtilsService.supportsSecureStorage();
return (
biometricLockSet && (hasBiometricEncryptedUserKeyStored || !platformSupportsSecureStorage)
);
}
private async isBiometricsSupportedAndReady(
userId: UserId,
): Promise<{ supportsBiometric: boolean; biometricReady: boolean }> {
const supportsBiometric = await this.biometricsService.supportsBiometric();
const biometricReady = await ipc.keyManagement.biometric.enabled(userId);
return { supportsBiometric, biometricReady };
}
getAvailableUnlockOptions$(userId: UserId): Observable<UnlockOptions> {
return combineLatest([
// Note: defer is preferable b/c it delays the execution of the function until the observable is subscribed to
defer(() => this.isBiometricsSupportedAndReady(userId)),
defer(() => this.isBiometricLockSet(userId)),
this.userDecryptionOptionsService.userDecryptionOptionsById$(userId),
defer(() => this.pinService.isPinDecryptionAvailable(userId)),
]).pipe(
map(
([biometricsData, isBiometricsLockSet, userDecryptionOptions, pinDecryptionAvailable]) => {
const disableReason = this.getBiometricsDisabledReason(
biometricsData.supportsBiometric,
isBiometricsLockSet,
biometricsData.biometricReady,
);
const unlockOpts: UnlockOptions = {
masterPassword: {
enabled: userDecryptionOptions.hasMasterPassword,
},
pin: {
enabled: pinDecryptionAvailable,
},
biometrics: {
enabled:
biometricsData.supportsBiometric &&
isBiometricsLockSet &&
biometricsData.biometricReady,
disableReason: disableReason,
},
};
return unlockOpts;
},
),
);
}
private getBiometricsDisabledReason(
osSupportsBiometric: boolean,
biometricLockSet: boolean,
biometricReady: boolean,
): BiometricsDisableReason | null {
if (!osSupportsBiometric) {
return BiometricsDisableReason.NotSupportedOnOperatingSystem;
} else if (!biometricLockSet) {
return BiometricsDisableReason.EncryptedKeysUnavailable;
} else if (!biometricReady) {
return BiometricsDisableReason.SystemBiometricsUnavailable;
}
return null;
}
}

28
apps/web/src/app/admin-console/organizations/core/views/collection-access-selection.view.ts
View File

@@ -1,28 +0,0 @@
import { View } from "@bitwarden/common/models/view/view";
interface SelectionResponseLike {
id: string;
readOnly: boolean;
hidePasswords: boolean;
manage: boolean;
}
export class CollectionAccessSelectionView extends View {
readonly id: string;
readonly readOnly: boolean;
readonly hidePasswords: boolean;
readonly manage: boolean;
constructor(response?: SelectionResponseLike) {
super();
if (!response) {
return;
}
this.id = response.id;
this.readOnly = response.readOnly;
this.hidePasswords = response.hidePasswords;
this.manage = response.manage;
}
}

3
apps/web/src/app/admin-console/organizations/core/views/group.view.ts
View File

@@ -1,9 +1,8 @@
import { CollectionAccessSelectionView } from "@bitwarden/admin-console/common";
import { View } from "@bitwarden/common/src/models/view/view";
import { GroupDetailsResponse, GroupResponse } from "../services/group/responses/group.response";
import { CollectionAccessSelectionView } from "./collection-access-selection.view";
export class GroupView implements View {
id: string;
organizationId: string;

1
apps/web/src/app/admin-console/organizations/core/views/index.ts
View File

@@ -1,4 +1,3 @@
export * from "./collection-access-selection.view";
export * from "./group.view";
export * from "./organization-user.view";
export * from "./organization-user-admin-view";

3
apps/web/src/app/admin-console/organizations/core/views/organization-user-admin-view.ts
View File

@@ -1,11 +1,10 @@
import { CollectionAccessSelectionView } from "@bitwarden/admin-console/common";
import {
OrganizationUserStatusType,
OrganizationUserType,
} from "@bitwarden/common/admin-console/enums";
import { PermissionsApi } from "@bitwarden/common/admin-console/models/api/permissions.api";
import { CollectionAccessSelectionView } from "./collection-access-selection.view";
export class OrganizationUserAdminView {
id: string;
userId: string;

7
apps/web/src/app/admin-console/organizations/core/views/organization-user.view.ts
View File

@@ -1,12 +1,13 @@
import { OrganizationUserUserDetailsResponse } from "@bitwarden/admin-console/common";
import {
OrganizationUserUserDetailsResponse,
CollectionAccessSelectionView,
} from "@bitwarden/admin-console/common";
import {
OrganizationUserStatusType,
OrganizationUserType,
} from "@bitwarden/common/admin-console/enums";
import { PermissionsApi } from "@bitwarden/common/admin-console/models/api/permissions.api";
import { CollectionAccessSelectionView } from "./collection-access-selection.view";
export class OrganizationUserView {
id: string;
userId: string;

8
apps/web/src/app/admin-console/organizations/manage/group-add-edit.component.ts
View File

@@ -14,7 +14,11 @@ import {
takeUntil,
} from "rxjs";
import { OrganizationUserApiService } from "@bitwarden/admin-console/common";
import {
CollectionAdminService,
CollectionAdminView,
OrganizationUserApiService,
} from "@bitwarden/admin-console/common";
import { ApiService } from "@bitwarden/common/abstractions/api.service";
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
@@ -26,8 +30,6 @@ import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/pl
import { UserId } from "@bitwarden/common/types/guid";
import { DialogService, ToastService } from "@bitwarden/components";
import { CollectionAdminService } from "../../../vault/core/collection-admin.service";
import { CollectionAdminView } from "../../../vault/core/views/collection-admin.view";
import { InternalGroupService as GroupService, GroupView } from "../core";
import {
AccessItemType,

12
apps/web/src/app/admin-console/organizations/members/components/member-dialog/member-dialog.component.ts
View File

@@ -13,7 +13,12 @@ import {
takeUntil,
} from "rxjs";
import { OrganizationUserApiService } from "@bitwarden/admin-console/common";
import {
CollectionAccessSelectionView,
CollectionAdminService,
CollectionAdminView,
OrganizationUserApiService,
} from "@bitwarden/admin-console/common";
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
import {
OrganizationUserStatusType,
@@ -24,14 +29,10 @@ import { Organization } from "@bitwarden/common/admin-console/models/domain/orga
import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
import { ProductTierType } from "@bitwarden/common/billing/enums";
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
import { CollectionView } from "@bitwarden/common/vault/models/view/collection.view";
import { DialogService, ToastService } from "@bitwarden/components";
import { CollectionAdminService } from "../../../../../vault/core/collection-admin.service";
import { CollectionAdminView } from "../../../../../vault/core/views/collection-admin.view";
import {
CollectionAccessSelectionView,
GroupService,
GroupView,
OrganizationUserAdminView,
@@ -133,7 +134,6 @@ export class MemberDialogComponent implements OnDestroy {
@Inject(DIALOG_DATA) protected params: MemberDialogParams,
private dialogRef: DialogRef<MemberDialogResult>,
private i18nService: I18nService,
private platformUtilsService: PlatformUtilsService,
private formBuilder: FormBuilder,
// TODO: We should really look into consolidating naming conventions for these services
private collectionAdminService: CollectionAdminService,

2
apps/web/src/app/admin-console/organizations/settings/org-import.component.ts
View File

@@ -2,6 +2,7 @@ import { Component, OnInit } from "@angular/core";
import { ActivatedRoute, Router } from "@angular/router";
import { firstValueFrom } from "rxjs";
import { CollectionAdminService } from "@bitwarden/admin-console/common";
import {
canAccessVaultTab,
OrganizationService,
@@ -11,7 +12,6 @@ import { ImportComponent } from "@bitwarden/importer/ui";
import { LooseComponentsModule, SharedModule } from "../../../shared";
import { ImportCollectionAdminService } from "../../../tools/import/import-collection-admin.service";
import { CollectionAdminService } from "../../../vault/core/collection-admin.service";
@Component({
templateUrl: "org-import.component.html",

7
apps/web/src/app/admin-console/organizations/shared/components/access-selector/access-selector.models.ts
View File

@@ -1,11 +1,14 @@
import { OrganizationUserUserDetailsResponse } from "@bitwarden/admin-console/common";
import {
CollectionAccessSelectionView,
OrganizationUserUserDetailsResponse,
} from "@bitwarden/admin-console/common";
import {
OrganizationUserStatusType,
OrganizationUserType,
} from "@bitwarden/common/admin-console/enums";
import { SelectItemView } from "@bitwarden/components";
import { CollectionAccessSelectionView, GroupView } from "../../../core";
import { GroupView } from "../../../core";
/**
* Permission options that replace/correspond with manage, readOnly, and hidePassword server fields.

1
apps/web/src/app/auth/core/services/index.ts
View File

@@ -1,3 +1,4 @@
export * from "./webauthn-login";
export * from "./set-password-jit";
export * from "./registration";
export * from "./web-lock-component.service";

94
apps/web/src/app/auth/core/services/web-lock-component.service.spec.ts Normal file
View File

@@ -0,0 +1,94 @@
import { TestBed } from "@angular/core/testing";
import { mock, MockProxy } from "jest-mock-extended";
import { firstValueFrom, of } from "rxjs";
import { UserDecryptionOptionsServiceAbstraction } from "@bitwarden/auth/common";
import { UserId } from "@bitwarden/common/types/guid";
import { WebLockComponentService } from "./web-lock-component.service";
describe("WebLockComponentService", () => {
let service: WebLockComponentService;
let userDecryptionOptionsService: MockProxy<UserDecryptionOptionsServiceAbstraction>;
beforeEach(() => {
userDecryptionOptionsService = mock<UserDecryptionOptionsServiceAbstraction>();
TestBed.configureTestingModule({
providers: [
WebLockComponentService,
{
provide: UserDecryptionOptionsServiceAbstraction,
useValue: userDecryptionOptionsService,
},
],
});
service = TestBed.inject(WebLockComponentService);
});
it("instantiates", () => {
expect(service).not.toBeFalsy();
});
describe("getBiometricsError", () => {
it("throws an error when given a null input", () => {
expect(() => service.getBiometricsError(null)).toThrow(
"Biometric unlock is not supported in the web app. See getAvailableUnlockOptions$",
);
});
it("throws an error when given a non-null input", () => {
expect(() => service.getBiometricsError("error")).toThrow(
"Biometric unlock is not supported in the web app. See getAvailableUnlockOptions$",
);
});
});
describe("getPreviousUrl", () => {
it("returns null", () => {
expect(service.getPreviousUrl()).toBeNull();
});
});
describe("isWindowVisible", () => {
it("throws an error", async () => {
await expect(service.isWindowVisible()).rejects.toThrow("Method not implemented.");
});
});
describe("getBiometricsUnlockBtnText", () => {
it("throws an error", () => {
expect(() => service.getBiometricsUnlockBtnText()).toThrow(
"Biometric unlock is not supported in the web app. See getAvailableUnlockOptions$",
);
});
});
describe("getAvailableUnlockOptions$", () => {
it("returns an observable of unlock options", async () => {
const userId = "user-id" as UserId;
const userDecryptionOptions = {
hasMasterPassword: true,
};
userDecryptionOptionsService.userDecryptionOptionsById$.mockReturnValueOnce(
of(userDecryptionOptions),
);
const unlockOptions = await firstValueFrom(service.getAvailableUnlockOptions$(userId));
expect(unlockOptions).toEqual({
masterPassword: {
enabled: true,
},
pin: {
enabled: false,
},
biometrics: {
enabled: false,
disableReason: null,
},
});
});
});
});

55
apps/web/src/app/auth/core/services/web-lock-component.service.ts Normal file
View File

@@ -0,0 +1,55 @@
import { inject } from "@angular/core";
import { map, Observable } from "rxjs";
import { LockComponentService, UnlockOptions } from "@bitwarden/auth/angular";
import {
UserDecryptionOptions,
UserDecryptionOptionsServiceAbstraction,
} from "@bitwarden/auth/common";
import { UserId } from "@bitwarden/common/types/guid";
export class WebLockComponentService implements LockComponentService {
private readonly userDecryptionOptionsService = inject(UserDecryptionOptionsServiceAbstraction);
constructor() {}
getBiometricsError(error: any): string | null {
throw new Error(
"Biometric unlock is not supported in the web app. See getAvailableUnlockOptions$",
);
}
getPreviousUrl(): string | null {
return null;
}
async isWindowVisible(): Promise<boolean> {
throw new Error("Method not implemented.");
}
getBiometricsUnlockBtnText(): string {
throw new Error(
"Biometric unlock is not supported in the web app. See getAvailableUnlockOptions$",
);
}
getAvailableUnlockOptions$(userId: UserId): Observable<UnlockOptions> {
return this.userDecryptionOptionsService.userDecryptionOptionsById$(userId).pipe(
map((userDecryptionOptions: UserDecryptionOptions) => {
const unlockOpts: UnlockOptions = {
masterPassword: {
enabled: userDecryptionOptions.hasMasterPassword,
},
pin: {
enabled: false,
},
biometrics: {
enabled: false,
disableReason: null,
},
};
return unlockOpts;
}),
);
}
}

2
apps/web/src/app/billing/organizations/billing-sync-api-key.component.html
View File

@@ -1,7 +1,7 @@
<form [formGroup]="formGroup" [bitSubmit]="submit">
<bit-dialog>
<h1 bitDialogTitle>
{{ (hasBillingToken ? "viewBillingSyncToken" : "generateBillingSyncToken") | i18n }}
{{ (hasBillingToken ? "viewBillingToken" : "generateBillingToken") | i18n }}
</h1>
<div bitDialogContent>
<app-user-verification formControlName="verification" *ngIf="!clientSecret">

2
apps/web/src/app/billing/organizations/billing-sync-key.component.html
View File

@@ -1,7 +1,7 @@
<form [formGroup]="formGroup" [bitSubmit]="submit">
<bit-dialog>
<h1 bitDialogTitle>
{{ "manageBillingSync" | i18n }}
{{ "manageBillingTokenSync" | i18n }}
</h1>
<div bitDialogContent>
<p>{{ "billingSyncKeyDesc" | i18n }}</p>

2
apps/web/src/app/billing/organizations/organization-subscription-cloud.component.html
View File

@@ -280,7 +280,7 @@
(click)="manageBillingSync()"
*ngIf="canManageBillingSync"
>
{{ (hasBillingSyncToken ? "manageBillingSync" : "setUpBillingSync") | i18n }}
{{ (hasBillingSyncToken ? "viewBillingToken" : "setUpBillingSync") | i18n }}
</button>
</div>
<ng-container *ngIf="userOrg.canEditSubscription">

6
apps/web/src/app/billing/organizations/organization-subscription-selfhost.component.html
View File

@@ -89,7 +89,7 @@
</a>
</bit-label>
<bit-hint>
{{ "billingSyncDesc" | i18n }}
{{ "automaticBillingSyncDesc" | i18n }}
</bit-hint>
</bit-radio-button>
<ng-container *ngIf="updateMethod === licenseOptions.SYNC">
@@ -100,7 +100,7 @@
type="button"
(click)="manageBillingSyncSelfHosted()"
>
{{ "manageBillingSync" | i18n }}
{{ "manageBillingTokenSync" | i18n }}
</button>
<button
bitButton
@@ -122,7 +122,7 @@
>
<bit-label>{{ "manualUpload" | i18n }}</bit-label>
<bit-hint>
{{ "manualUploadDesc" | i18n }}
{{ "manualBillingTokenUploadDesc" | i18n }}
</bit-hint>
</bit-radio-button>
<ng-container *ngIf="updateMethod === licenseOptions.UPLOAD">

26
apps/web/src/app/core/core.module.ts
View File

@@ -1,7 +1,11 @@
import { CommonModule } from "@angular/common";
import { APP_INITIALIZER, NgModule, Optional, SkipSelf } from "@angular/core";
import { OrganizationUserApiService } from "@bitwarden/admin-console/common";
import {
CollectionAdminService,
DefaultCollectionAdminService,
OrganizationUserApiService,
} from "@bitwarden/admin-console/common";
import { SafeProvider, safeProvider } from "@bitwarden/angular/platform/utils/safe-provider";
import {
CLIENT_TYPE,
@@ -20,6 +24,7 @@ import { JslibServicesModule } from "@bitwarden/angular/services/jslib-services.
import { ModalService as ModalServiceAbstraction } from "@bitwarden/angular/services/modal.service";
import {
RegistrationFinishService as RegistrationFinishServiceAbstraction,
LockComponentService,
SetPasswordJitService,
} from "@bitwarden/auth/angular";
import { InternalUserDecryptionOptionsServiceAbstraction } from "@bitwarden/auth/common";
@@ -59,10 +64,15 @@ import {
ThemeStateService,
} from "@bitwarden/common/platform/theming/theme-state.service";
import { VaultTimeout, VaultTimeoutStringType } from "@bitwarden/common/types/vault-timeout.type";
import { CollectionService } from "@bitwarden/common/vault/abstractions/collection.service";
import { BiometricsService } from "@bitwarden/key-management";
import { PolicyListService } from "../admin-console/core/policy-list.service";
import { WebRegistrationFinishService, WebSetPasswordJitService } from "../auth";
import {
WebSetPasswordJitService,
WebRegistrationFinishService,
WebLockComponentService,
} from "../auth";
import { AcceptOrganizationInviteService } from "../auth/organization-invite/accept-organization.service";
import { HtmlStorageService } from "../core/html-storage.service";
import { I18nService } from "../core/i18n.service";
@@ -70,7 +80,6 @@ import { WebBiometricsService } from "../key-management/web-biometric.service";
import { WebEnvironmentService } from "../platform/web-environment.service";
import { WebMigrationRunner } from "../platform/web-migration-runner";
import { WebStorageServiceProvider } from "../platform/web-storage-service.provider";
import { CollectionAdminService } from "../vault/core/collection-admin.service";
import { EventService } from "./event.service";
import { InitService } from "./init.service";
@@ -144,7 +153,6 @@ const safeProviders: SafeProvider[] = [
useClass: WebFileDownloadService,
useAngularDecorators: true,
}),
safeProvider(CollectionAdminService),
safeProvider({
provide: WindowStorageService,
useFactory: () => new WindowStorageService(window.localStorage),
@@ -197,6 +205,11 @@ const safeProviders: SafeProvider[] = [
PolicyService,
],
}),
safeProvider({
provide: LockComponentService,
useClass: WebLockComponentService,
deps: [],
}),
safeProvider({
provide: SetPasswordJitService,
useClass: WebSetPasswordJitService,
@@ -217,6 +230,11 @@ const safeProviders: SafeProvider[] = [
useClass: DefaultAppIdService,
deps: [OBSERVABLE_DISK_LOCAL_STORAGE, LogService],
}),
safeProvider({
provide: CollectionAdminService,
useClass: DefaultCollectionAdminService,
deps: [ApiService, CryptoServiceAbstraction, EncryptService, CollectionService],
}),
];
@NgModule({

52
apps/web/src/app/oss-routing.module.ts
View File

@@ -10,6 +10,7 @@ import {
unauthGuardFn,
} from "@bitwarden/angular/auth/guards";
import { canAccessFeature } from "@bitwarden/angular/platform/guard/feature-flag.guard";
import { extensionRefreshSwap } from "@bitwarden/angular/utils/extension-refresh-swap";
import {
AnonLayoutWrapperComponent,
AnonLayoutWrapperData,
@@ -20,6 +21,7 @@ import {
RegistrationStartSecondaryComponentData,
SetPasswordJitComponent,
RegistrationLinkExpiredComponent,
LockV2Component,
LockIcon,
UserLockIcon,
} from "@bitwarden/auth/angular";
@@ -337,21 +339,41 @@ const routes: Routes = [
pageTitle: "logIn",
},
},
{
path: "lock",
canActivate: [deepLinkGuard(), lockGuard()],
children: [
{
path: "",
component: LockComponent,
},
],
data: {
pageTitle: "yourVaultIsLockedV2",
pageIcon: LockIcon,
showReadonlyHostname: true,
} satisfies AnonLayoutWrapperData,
},
...extensionRefreshSwap(
LockComponent,
LockV2Component,
{
path: "lock",
canActivate: [deepLinkGuard(), lockGuard()],
children: [
{
path: "",
component: LockComponent,
},
],
data: {
pageTitle: "yourVaultIsLockedV2",
pageIcon: LockIcon,
showReadonlyHostname: true,
} satisfies AnonLayoutWrapperData,
},
{
path: "lock",
canActivate: [deepLinkGuard(), lockGuard()],
children: [
{
path: "",
component: LockV2Component,
},
],
data: {
pageTitle: "yourAccountIsLocked",
pageIcon: LockIcon,
showReadonlyHostname: true,
} satisfies AnonLayoutWrapperData,
},
),
{
path: "2fa",
canActivate: [unauthGuardFn()],

4
apps/web/src/app/tools/import/import-collection-admin.service.ts
View File

@@ -1,8 +1,8 @@
import { Injectable } from "@angular/core";
import { CollectionAdminService, CollectionAdminView } from "@bitwarden/admin-console/common";
import { ImportCollectionServiceAbstraction } from "../../../../../../libs/importer/src/services/import-collection.service.abstraction";
import { CollectionAdminService } from "../../vault/core/collection-admin.service";
import { CollectionAdminView } from "../../vault/core/views/collection-admin.view";
@Injectable()
export class ImportCollectionAdminService implements ImportCollectionServiceAbstraction {

11
apps/web/src/app/vault/components/collection-dialog/collection-dialog.component.ts
View File

@@ -14,6 +14,9 @@ import {
import { first } from "rxjs/operators";
import {
CollectionAccessSelectionView,
CollectionAdminService,
CollectionAdminView,
OrganizationUserApiService,
OrganizationUserUserMiniResponse,
} from "@bitwarden/admin-console/common";
@@ -26,11 +29,7 @@ import { CollectionResponse } from "@bitwarden/common/vault/models/response/coll
import { CollectionView } from "@bitwarden/common/vault/models/view/collection.view";
import { BitValidators, DialogService } from "@bitwarden/components";
import {
CollectionAccessSelectionView,
GroupService,
GroupView,
} from "../../../admin-console/organizations/core";
import { GroupService, GroupView } from "../../../admin-console/organizations/core";
import { PermissionMode } from "../../../admin-console/organizations/shared/components/access-selector/access-selector.component";
import {
AccessItemType,
@@ -40,8 +39,6 @@ import {
convertToPermission,
convertToSelectionView,
} from "../../../admin-console/organizations/shared/components/access-selector/access-selector.models";
import { CollectionAdminService } from "../../core/collection-admin.service";
import { CollectionAdminView } from "../../core/views/collection-admin.view";
export enum CollectionDialogTabType {
Info = 0,

3
apps/web/src/app/vault/components/vault-items/vault-collection-row.component.ts
View File

@@ -1,12 +1,11 @@
import { Component, EventEmitter, Input, Output } from "@angular/core";
import { CollectionAdminView, Unassigned } from "@bitwarden/admin-console/common";
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
import { CollectionView } from "@bitwarden/common/vault/models/view/collection.view";
import { GroupView } from "../../../admin-console/organizations/core";
import { CollectionAdminView } from "../../core/views/collection-admin.view";
import { Unassigned } from "../../individual-vault/vault-filter/shared/models/routed-vault-filter.model";
import {
convertToPermission,

2
apps/web/src/app/vault/components/vault-items/vault-items.component.ts
View File

@@ -1,13 +1,13 @@
import { SelectionModel } from "@angular/cdk/collections";
import { Component, EventEmitter, Input, Output } from "@angular/core";
import { Unassigned } from "@bitwarden/admin-console/common";
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
import { CollectionView } from "@bitwarden/common/vault/models/view/collection.view";
import { TableDataSource } from "@bitwarden/components";
import { GroupView } from "../../../admin-console/organizations/core";
import { Unassigned } from "../../individual-vault/vault-filter/shared/models/routed-vault-filter.model";
import { VaultItem } from "./vault-item";
import { VaultItemEvent } from "./vault-item-event";

12
apps/web/src/app/vault/components/vault-items/vault-items.stories.ts
View File

@@ -3,6 +3,11 @@ import { RouterModule } from "@angular/router";
import { applicationConfig, Meta, moduleMetadata, StoryObj } from "@storybook/angular";
import { BehaviorSubject, of } from "rxjs";
import {
CollectionAccessSelectionView,
CollectionAdminView,
Unassigned,
} from "@bitwarden/admin-console/common";
import { OrganizationUserType } from "@bitwarden/common/admin-console/enums";
import { PermissionsApi } from "@bitwarden/common/admin-console/models/api/permissions.api";
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
@@ -19,13 +24,8 @@ import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
import { LoginUriView } from "@bitwarden/common/vault/models/view/login-uri.view";
import { LoginView } from "@bitwarden/common/vault/models/view/login.view";
import {
CollectionAccessSelectionView,
GroupView,
} from "../../../admin-console/organizations/core";
import { GroupView } from "../../../admin-console/organizations/core";
import { PreloadedEnglishI18nModule } from "../../../core/tests";
import { CollectionAdminView } from "../../core/views/collection-admin.view";
import { Unassigned } from "../../individual-vault/vault-filter/shared/models/routed-vault-filter.model";
import { VaultItemsComponent } from "./vault-items.component";
import { VaultItemsModule } from "./vault-items.module";

7
apps/web/src/app/vault/core/bulk-collection-access.request.ts
View File

@@ -1,7 +0,0 @@
import { SelectionReadOnlyRequest } from "@bitwarden/common/admin-console/models/request/selection-read-only.request";
export class BulkCollectionAccessRequest {
collectionIds: string[];
users: SelectionReadOnlyRequest[];
groups: SelectionReadOnlyRequest[];
}

170
apps/web/src/app/vault/core/collection-admin.service.ts
View File

@@ -1,170 +0,0 @@
import { Injectable } from "@angular/core";
import { ApiService } from "@bitwarden/common/abstractions/api.service";
import { SelectionReadOnlyRequest } from "@bitwarden/common/admin-console/models/request/selection-read-only.request";
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.service";
import { EncString } from "@bitwarden/common/platform/models/domain/enc-string";
import { CollectionService } from "@bitwarden/common/vault/abstractions/collection.service";
import { CollectionData } from "@bitwarden/common/vault/models/data/collection.data";
import { CollectionRequest } from "@bitwarden/common/vault/models/request/collection.request";
import {
CollectionAccessDetailsResponse,
CollectionDetailsResponse,
CollectionResponse,
} from "@bitwarden/common/vault/models/response/collection.response";
import { CollectionAccessSelectionView } from "../../admin-console/organizations/core";
import { BulkCollectionAccessRequest } from "./bulk-collection-access.request";
import { CollectionAdminView } from "./views/collection-admin.view";
@Injectable()
export class CollectionAdminService {
constructor(
private apiService: ApiService,
private cryptoService: CryptoService,
private encryptService: EncryptService,
private collectionService: CollectionService,
) {}
async getAll(organizationId: string): Promise<CollectionAdminView[]> {
const collectionResponse =
await this.apiService.getManyCollectionsWithAccessDetails(organizationId);
if (collectionResponse?.data == null || collectionResponse.data.length === 0) {
return [];
}
return await this.decryptMany(organizationId, collectionResponse.data);
}
async get(
organizationId: string,
collectionId: string,
): Promise<CollectionAdminView | undefined> {
const collectionResponse = await this.apiService.getCollectionAccessDetails(
organizationId,
collectionId,
);
if (collectionResponse == null) {
return undefined;
}
const [view] = await this.decryptMany(organizationId, [collectionResponse]);
return view;
}
async save(collection: CollectionAdminView): Promise<CollectionDetailsResponse> {
const request = await this.encrypt(collection);
let response: CollectionDetailsResponse;
if (collection.id == null) {
response = await this.apiService.postCollection(collection.organizationId, request);
collection.id = response.id;
} else {
response = await this.apiService.putCollection(
collection.organizationId,
collection.id,
request,
);
}
if (response.assigned) {
await this.collectionService.upsert(new CollectionData(response));
} else {
await this.collectionService.delete(collection.id);
}
return response;
}
async delete(organizationId: string, collectionId: string): Promise<void> {
await this.apiService.deleteCollection(organizationId, collectionId);
}
async bulkAssignAccess(
organizationId: string,
collectionIds: string[],
users: CollectionAccessSelectionView[],
groups: CollectionAccessSelectionView[],
): Promise<void> {
const request = new BulkCollectionAccessRequest();
request.collectionIds = collectionIds;
request.users = users.map(
(u) => new SelectionReadOnlyRequest(u.id, u.readOnly, u.hidePasswords, u.manage),
);
request.groups = groups.map(
(g) => new SelectionReadOnlyRequest(g.id, g.readOnly, g.hidePasswords, g.manage),
);
await this.apiService.send(
"POST",
`/organizations/${organizationId}/collections/bulk-access`,
request,
true,
false,
);
}
private async decryptMany(
organizationId: string,
collections: CollectionResponse[] | CollectionAccessDetailsResponse[],
): Promise<CollectionAdminView[]> {
const orgKey = await this.cryptoService.getOrgKey(organizationId);
const promises = collections.map(async (c) => {
const view = new CollectionAdminView();
view.id = c.id;
view.name = await this.encryptService.decryptToUtf8(new EncString(c.name), orgKey);
view.externalId = c.externalId;
view.organizationId = c.organizationId;
if (isCollectionAccessDetailsResponse(c)) {
view.groups = c.groups;
view.users = c.users;
view.assigned = c.assigned;
view.readOnly = c.readOnly;
view.hidePasswords = c.hidePasswords;
view.manage = c.manage;
view.unmanaged = c.unmanaged;
}
return view;
});
return await Promise.all(promises);
}
private async encrypt(model: CollectionAdminView): Promise<CollectionRequest> {
if (model.organizationId == null) {
throw new Error("Collection has no organization id.");
}
const key = await this.cryptoService.getOrgKey(model.organizationId);
if (key == null) {
throw new Error("No key for this collection's organization.");
}
const collection = new CollectionRequest();
collection.externalId = model.externalId;
collection.name = (await this.encryptService.encrypt(model.name, key)).encryptedString;
collection.groups = model.groups.map(
(group) =>
new SelectionReadOnlyRequest(group.id, group.readOnly, group.hidePasswords, group.manage),
);
collection.users = model.users.map(
(user) =>
new SelectionReadOnlyRequest(user.id, user.readOnly, user.hidePasswords, user.manage),
);
return collection;
}
}
function isCollectionAccessDetailsResponse(
response: CollectionResponse | CollectionAccessDetailsResponse,
): response is CollectionAccessDetailsResponse {
const anyResponse = response as any;
return anyResponse?.groups instanceof Array && anyResponse?.users instanceof Array;
}

96
apps/web/src/app/vault/core/views/collection-admin.view.ts
View File

@@ -1,96 +0,0 @@
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
import { CollectionAccessDetailsResponse } from "@bitwarden/common/src/vault/models/response/collection.response";
import { CollectionView } from "@bitwarden/common/vault/models/view/collection.view";
import { CollectionAccessSelectionView } from "../../../admin-console/organizations/core/views/collection-access-selection.view";
import { Unassigned } from "../../individual-vault/vault-filter/shared/models/routed-vault-filter.model";
export class CollectionAdminView extends CollectionView {
groups: CollectionAccessSelectionView[] = [];
users: CollectionAccessSelectionView[] = [];
/**
* Flag indicating the collection has no active user or group assigned to it with CanManage permissions
* In this case, the collection can be managed by admins/owners or custom users with appropriate permissions
*/
unmanaged: boolean;
/**
* Flag indicating the user has been explicitly assigned to this Collection
*/
assigned: boolean;
constructor(response?: CollectionAccessDetailsResponse) {
super(response);
if (!response) {
return;
}
this.groups = response.groups
? response.groups.map((g) => new CollectionAccessSelectionView(g))
: [];
this.users = response.users
? response.users.map((g) => new CollectionAccessSelectionView(g))
: [];
this.assigned = response.assigned;
}
/**
* Returns true if the user can edit a collection (including user and group access) from the Admin Console.
*/
override canEdit(org: Organization): boolean {
return (
org?.canEditAnyCollection ||
(this.unmanaged && org?.canEditUnmanagedCollections) ||
super.canEdit(org)
);
}
/**
* Returns true if the user can delete a collection from the Admin Console.
*/
override canDelete(org: Organization): boolean {
return org?.canDeleteAnyCollection || super.canDelete(org);
}
/**
* Whether the user can modify user access to this collection
*/
canEditUserAccess(org: Organization): boolean {
return (
(org.permissions.manageUsers && org.allowAdminAccessToAllCollectionItems) || this.canEdit(org)
);
}
/**
* Whether the user can modify group access to this collection
*/
canEditGroupAccess(org: Organization): boolean {
return (
(org.permissions.manageGroups && org.allowAdminAccessToAllCollectionItems) ||
this.canEdit(org)
);
}
/**
* Returns true if the user can view collection info and access in a read-only state from the Admin Console
*/
override canViewCollectionInfo(org: Organization | undefined): boolean {
if (this.isUnassignedCollection) {
return false;
}
return this.manage || org?.isAdmin || org?.permissions.editAnyCollection;
}
/**
* True if this collection represents the pseudo "Unassigned" collection
* This is different from the "unmanaged" flag, which indicates that no users or groups have access to the collection
*/
get isUnassignedCollection() {
return this.id === Unassigned;
}
}

3
apps/web/src/app/vault/individual-vault/organization-badge/organization-name-badge.component.ts
View File

@@ -1,13 +1,12 @@
import { Component, Input, OnChanges } from "@angular/core";
import { firstValueFrom } from "rxjs";
import { Unassigned } from "@bitwarden/admin-console/common";
import { AvatarService } from "@bitwarden/common/auth/abstractions/avatar.service";
import { TokenService } from "@bitwarden/common/auth/abstractions/token.service";
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
import { Utils } from "@bitwarden/common/platform/misc/utils";
import { Unassigned } from "../vault-filter/shared/models/routed-vault-filter.model";
@Component({
selector: "app-org-badge",
templateUrl: "organization-name-badge.component.html",

2
apps/web/src/app/vault/individual-vault/vault-filter/services/abstractions/vault-filter.service.ts
View File

@@ -1,11 +1,11 @@
import { Observable } from "rxjs";
import { CollectionAdminView } from "@bitwarden/admin-console/common";
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
import { CollectionView } from "@bitwarden/common/src/vault/models/view/collection.view";
import { FolderView } from "@bitwarden/common/src/vault/models/view/folder.view";
import { TreeNode } from "@bitwarden/common/vault/models/domain/tree-node";
import { CollectionAdminView } from "../../../../core/views/collection-admin.view";
import {
CipherTypeFilter,
CollectionFilter,

7
apps/web/src/app/vault/individual-vault/vault-filter/services/routed-vault-filter-bridge.service.ts
View File

@@ -2,15 +2,12 @@ import { Injectable } from "@angular/core";
import { Router } from "@angular/router";
import { combineLatest, map, Observable } from "rxjs";
import { Unassigned } from "@bitwarden/admin-console/common";
import { TreeNode } from "@bitwarden/common/vault/models/domain/tree-node";
import { ServiceUtils } from "@bitwarden/common/vault/service-utils";
import { RoutedVaultFilterBridge } from "../shared/models/routed-vault-filter-bridge.model";
import {
RoutedVaultFilterModel,
Unassigned,
All,
} from "../shared/models/routed-vault-filter.model";
import { RoutedVaultFilterModel, All } from "../shared/models/routed-vault-filter.model";
import { VaultFilter } from "../shared/models/vault-filter.model";
import {
CipherTypeFilter,

2
apps/web/src/app/vault/individual-vault/vault-filter/services/vault-filter.service.ts
View File

@@ -10,6 +10,7 @@ import {
switchMap,
} from "rxjs";
import { CollectionAdminView } from "@bitwarden/admin-console/common";
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
import { PolicyType } from "@bitwarden/common/admin-console/enums";
@@ -26,7 +27,6 @@ import { FolderView } from "@bitwarden/common/vault/models/view/folder.view";
import { ServiceUtils } from "@bitwarden/common/vault/service-utils";
import { COLLAPSED_GROUPINGS } from "@bitwarden/common/vault/services/key-state/collapsed-groupings.state";
import { CollectionAdminView } from "../../../core/views/collection-admin.view";
import {
CipherTypeFilter,
CollectionFilter,

3
apps/web/src/app/vault/individual-vault/vault-filter/shared/models/filter-function.spec.ts
View File

@@ -1,8 +1,9 @@
import { Unassigned } from "@bitwarden/admin-console/common";
import { CipherType } from "@bitwarden/common/vault/enums";
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
import { createFilterFunction } from "./filter-function";
import { Unassigned, All } from "./routed-vault-filter.model";
import { All } from "./routed-vault-filter.model";
describe("createFilter", () => {
describe("given a generic cipher", () => {

3
apps/web/src/app/vault/individual-vault/vault-filter/shared/models/filter-function.ts
View File

@@ -1,7 +1,8 @@
import { Unassigned } from "@bitwarden/admin-console/common";
import { CipherType } from "@bitwarden/common/vault/enums";
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
import { All, RoutedVaultFilterModel, Unassigned } from "./routed-vault-filter.model";
import { All, RoutedVaultFilterModel } from "./routed-vault-filter.model";
export type FilterFunction = (cipher: CipherView) => boolean;

2
apps/web/src/app/vault/individual-vault/vault-filter/shared/models/routed-vault-filter-bridge.model.ts
View File

@@ -1,3 +1,4 @@
import { Unassigned } from "@bitwarden/admin-console/common";
import { CipherType } from "@bitwarden/common/vault/enums";
import { TreeNode } from "@bitwarden/common/vault/models/domain/tree-node";
@@ -8,7 +9,6 @@ import {
isRoutedVaultFilterItemType,
RoutedVaultFilterItemType,
RoutedVaultFilterModel,
Unassigned,
} from "./routed-vault-filter.model";
import { VaultFilter, VaultFilterFunction } from "./vault-filter.model";
import {

2
apps/web/src/app/vault/individual-vault/vault-filter/shared/models/routed-vault-filter.model.ts
View File

@@ -1,5 +1,3 @@
export const Unassigned = "unassigned";
export const All = "all";
// TODO: Remove `All` when moving to vertical navigation.

3
apps/web/src/app/vault/individual-vault/vault-filter/shared/models/vault-filter.type.ts
View File

@@ -1,10 +1,9 @@
import { CollectionAdminView } from "@bitwarden/admin-console/common";
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
import { FolderView } from "@bitwarden/common/src/vault/models/view/folder.view";
import { CipherType } from "@bitwarden/common/vault/enums";
import { ITreeNodeObject } from "@bitwarden/common/vault/models/domain/tree-node";
import { CollectionAdminView } from "../../../../core/views/collection-admin.view";
export type CipherStatus = "all" | "favorites" | "trash" | CipherType;
export type CipherTypeFilter = ITreeNodeObject & { type: CipherStatus; icon: string };

2
apps/web/src/app/vault/individual-vault/vault-header/vault-header.component.ts
View File

@@ -9,6 +9,7 @@ import {
} from "@angular/core";
import { firstValueFrom } from "rxjs";
import { Unassigned } from "@bitwarden/admin-console/common";
import { JslibModule } from "@bitwarden/angular/jslib.module";
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
@@ -26,7 +27,6 @@ import { PipesModule } from "../pipes/pipes.module";
import {
All,
RoutedVaultFilterModel,
Unassigned,
} from "../vault-filter/shared/models/routed-vault-filter.model";
@Component({

2
apps/web/src/app/vault/individual-vault/vault.component.ts
View File

@@ -28,6 +28,7 @@ import {
tap,
} from "rxjs/operators";
import { Unassigned } from "@bitwarden/admin-console/common";
import { SearchPipe } from "@bitwarden/angular/pipes/search.pipe";
import { ModalService } from "@bitwarden/angular/services/modal.service";
import { ApiService } from "@bitwarden/common/abstractions/api.service";
@@ -118,7 +119,6 @@ import { createFilterFunction } from "./vault-filter/shared/models/filter-functi
import {
All,
RoutedVaultFilterModel,
Unassigned,
} from "./vault-filter/shared/models/routed-vault-filter.model";
import { VaultFilter } from "./vault-filter/shared/models/vault-filter.model";
import { FolderFilter, OrganizationFilter } from "./vault-filter/shared/models/vault-filter.type";

6
apps/web/src/app/vault/org-vault/bulk-collections-dialog/bulk-collections-dialog.component.ts
View File

@@ -3,7 +3,10 @@ import { Component, Inject, OnDestroy } from "@angular/core";
import { FormBuilder } from "@angular/forms";
import { combineLatest, of, Subject, switchMap, takeUntil } from "rxjs";
import { OrganizationUserApiService } from "@bitwarden/admin-console/common";
import {
CollectionAdminService,
OrganizationUserApiService,
} from "@bitwarden/admin-console/common";
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
@@ -23,7 +26,6 @@ import {
PermissionMode,
} from "../../../admin-console/organizations/shared/components/access-selector";
import { SharedModule } from "../../../shared";
import { CollectionAdminService } from "../../core/collection-admin.service";
export interface BulkCollectionsDialogParams {
organizationId: string;

2
apps/web/src/app/vault/org-vault/vault-filter/vault-filter.service.ts
View File

@@ -1,6 +1,7 @@
import { Injectable, OnDestroy } from "@angular/core";
import { map, Observable, ReplaySubject, Subject } from "rxjs";
import { CollectionAdminView } from "@bitwarden/admin-console/common";
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
@@ -10,7 +11,6 @@ import { CollectionService } from "@bitwarden/common/vault/abstractions/collecti
import { FolderService } from "@bitwarden/common/vault/abstractions/folder/folder.service.abstraction";
import { TreeNode } from "@bitwarden/common/vault/models/domain/tree-node";
import { CollectionAdminView } from "../../../vault/core/views/collection-admin.view";
import { VaultFilterService as BaseVaultFilterService } from "../../individual-vault/vault-filter/services/vault-filter.service";
import { CollectionFilter } from "../../individual-vault/vault-filter/shared/models/vault-filter.type";

8
apps/web/src/app/vault/org-vault/vault-header/vault-header.component.ts
View File

@@ -3,6 +3,11 @@ import { Component, EventEmitter, Input, OnInit, Output } from "@angular/core";
import { Router } from "@angular/router";
import { firstValueFrom } from "rxjs";
import {
CollectionAdminService,
CollectionAdminView,
Unassigned,
} from "@bitwarden/admin-console/common";
import { JslibModule } from "@bitwarden/angular/jslib.module";
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
@@ -22,13 +27,10 @@ import {
import { HeaderModule } from "../../../layouts/header/header.module";
import { SharedModule } from "../../../shared";
import { CollectionAdminView } from "../../../vault/core/views/collection-admin.view";
import { CollectionDialogTabType } from "../../components/collection-dialog";
import { CollectionAdminService } from "../../core/collection-admin.service";
import {
All,
RoutedVaultFilterModel,
Unassigned,
} from "../../individual-vault/vault-filter/shared/models/routed-vault-filter.model";
@Component({

8
apps/web/src/app/vault/org-vault/vault.component.ts
View File

@@ -30,6 +30,11 @@ import {
withLatestFrom,
} from "rxjs/operators";
import {
CollectionAdminService,
CollectionAdminView,
Unassigned,
} from "@bitwarden/admin-console/common";
import { SearchPipe } from "@bitwarden/angular/pipes/search.pipe";
import { ModalService } from "@bitwarden/angular/services/modal.service";
import { ApiService } from "@bitwarden/common/abstractions/api.service";
@@ -72,8 +77,6 @@ import {
} from "../components/collection-dialog";
import { VaultItemEvent } from "../components/vault-items/vault-item-event";
import { VaultItemsModule } from "../components/vault-items/vault-items.module";
import { CollectionAdminService } from "../core/collection-admin.service";
import { CollectionAdminView } from "../core/views/collection-admin.view";
import {
BulkDeleteDialogResult,
openBulkDeleteDialog,
@@ -85,7 +88,6 @@ import { createFilterFunction } from "../individual-vault/vault-filter/shared/mo
import {
All,
RoutedVaultFilterModel,
Unassigned,
} from "../individual-vault/vault-filter/shared/models/routed-vault-filter.model";
import {
openViewCipherDialog,

3
apps/web/src/app/vault/utils/collection-utils.ts
View File

@@ -1,3 +1,4 @@
import { CollectionAdminView } from "@bitwarden/admin-console/common";
import { TreeNode } from "@bitwarden/common/vault/models/domain/tree-node";
import {
CollectionView,
@@ -5,8 +6,6 @@ import {
} from "@bitwarden/common/vault/models/view/collection.view";
import { ServiceUtils } from "@bitwarden/common/vault/service-utils";
import { CollectionAdminView } from "../../vault/core/views/collection-admin.view";
export function getNestedCollectionTree(
collections: CollectionAdminView[],
): TreeNode<CollectionAdminView>[];

43
apps/web/src/locales/en/messages.json
View File

@@ -1099,8 +1099,11 @@
"yourVaultIsLockedV2": {
"message": "Your vault is locked"
},
"uuid": {
"message": "UUID"
"yourAccountIsLocked": {
"message": "Your account is locked"
},
"uuid":{
"message" : "UUID"
},
"unlock": {
"message": "Unlock"
@@ -2564,6 +2567,9 @@
"downloadLicense": {
"message": "Download license"
},
"viewBillingToken": {
"message": "View Billing Token"
},
"updateLicense": {
"message": "Update license"
},
@@ -3169,6 +3175,10 @@
"incorrectPin": {
"message": "Incorrect PIN"
},
"pin": {
"message": "PIN",
"description": "PIN code. Ex. The short code (often numeric) that you use to unlock a device."
},
"exportedVault": {
"message": "Vault exported"
},
@@ -5994,8 +6004,8 @@
"viewBillingSyncToken": {
"message": "View billing sync token"
},
"generateBillingSyncToken": {
"message": "Generate billing sync token"
"generateBillingToken": {
"message": "Generate billing token"
},
"copyPasteBillingSync": {
"message": "Copy and paste this token into the billing sync settings of your self-hosted organization."
@@ -6003,8 +6013,8 @@
"billingSyncCanAccess": {
"message": "Your billing sync token can access and edit this organization's subscription settings."
},
"manageBillingSync": {
"message": "Manage billing sync"
"manageBillingTokenSync": {
"message": "Manage Billing Token"
},
"setUpBillingSync": {
"message": "Set up billing sync"
@@ -6063,15 +6073,15 @@
"billingSyncApiKeyRotated": {
"message": "Token rotated"
},
"billingSyncDesc": {
"message": "Billing sync unlocks Families sponsorships and automatic license syncing on your server. After making updates in the Bitwarden cloud server, select Sync License to apply changes."
},
"billingSyncKeyDesc": {
"message": "A billing sync token from your cloud organization's subscription settings is required to complete this form."
},
"billingSyncKey": {
"message": "Billing sync token"
},
"automaticBillingSyncDesc": {
"message": "Automatic sync unlocks Families sponsorships and allows you to sync your license without uploading a file. After making updates in the Bitwarden cloud server, select Sync License to apply changes."
},
"active": {
"message": "Active"
},
@@ -7463,6 +7473,15 @@
"or": {
"message": "or"
},
"unlockWithBiometrics": {
"message": "Unlock with biometrics"
},
"unlockWithPin": {
"message": "Unlock with PIN"
},
"unlockWithMasterPassword": {
"message": "Unlock with master password"
},
"licenseAndBillingManagement": {
"message": "License and billing management"
},
@@ -7472,11 +7491,11 @@
"manualUpload": {
"message": "Manual upload"
},
"manualUploadDesc": {
"message": "If you do not want to opt into billing sync, manually upload your license here."
"manualBillingTokenUploadDesc": {
"message": "If you do not want to opt into billing sync, manually upload your license here. This will not automatically unlock Families sponsorships."
},
"syncLicense": {
"message": "Sync license"
"message": "Sync License"
},
"licenseSyncSuccess": {
"message": "Successfully synced license"