feat(policies): PM-25570 Admin Console UI for URI Match Default Policy (#16752)

Admin Console UI for URI Match Default Policy

---------

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
Co-authored-by: Jonathan Prusik <jprusik@users.noreply.github.com>

apps/browser/src/autofill/popup/settings/autofill.component.html

@@ -232,7 +232,7 @@
             <input formControlName="enableAutoTotpCopy" bitCheckbox id="totp" type="checkbox" />
             <bit-label for="totp">{{ "enableAutoTotpCopy" | i18n }}</bit-label>
           </bit-form-control>
-          <bit-form-field>
+          <bit-form-field [disableMargin]="isDefaultUriMatchDisabledByPolicy">
             <bit-label for="clearClipboard">{{ "clearClipboard" | i18n }}</bit-label>
             <bit-select
               formControlName="clearClipboard"
@@ -250,7 +250,7 @@
               {{ "clearClipboardDesc" | i18n }}
             </bit-hint>
           </bit-form-field>
-          <bit-form-field disableMargin>
+          <bit-form-field disableMargin *ngIf="!isDefaultUriMatchDisabledByPolicy">
             <bit-label for="defaultUriMatch">{{ "defaultUriMatchDetection" | i18n }}</bit-label>
             <bit-select
               formControlName="defaultUriMatch"
@@ -265,9 +265,6 @@
                 [disabled]="option.disabled"
               ></bit-option>
             </bit-select>
-            <bit-hint *ngIf="isDefaultUriMatchDisabledByPolicy">
-              {{ "settingDisabledByPolicy" | i18n }}
-            </bit-hint>
             <bit-hint *ngIf="getMatchHints() as hints">
               {{ hints[0] | i18n }}
               <ng-container *ngIf="hints.length > 1">

apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/index.ts

@@ -10,6 +10,7 @@ export { RestrictedItemTypesPolicy } from "./restricted-item-types.component";
 export { SendOptionsPolicy } from "./send-options.component";
 export { SingleOrgPolicy } from "./single-org.component";
 export { TwoFactorAuthenticationPolicy } from "./two-factor-authentication.component";
+export { UriMatchDefaultPolicy } from "./uri-match-default.component";
 export {
   vNextOrganizationDataOwnershipPolicy,
   vNextOrganizationDataOwnershipPolicyComponent,

apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/uri-match-default.component.html

@@ -0,0 +1,22 @@
+<bit-callout title="{{ 'prerequisite' | i18n }}">
+  {{ "requireSsoPolicyReq" | i18n }}
+</bit-callout>
+
+<bit-form-control>
+  <input type="checkbox" bitCheckbox [formControl]="enabled" id="enabled" />
+  <bit-label>{{ "turnOn" | i18n }}</bit-label>
+</bit-form-control>
+
+<div [formGroup]="data">
+  <bit-form-field class="tw-flex-auto">
+    <bit-label>{{ "uriMatchDetectionOptionsLabel" | i18n }}</bit-label>
+    <bit-select formControlName="uriMatchDetection" id="uriMatchDetection">
+      <bit-option
+        *ngFor="let o of uriMatchOptions"
+        [label]="o.label"
+        [value]="o.value"
+        [disabled]="o.disabled"
+      ></bit-option>
+    </bit-select>
+  </bit-form-field>
+</div>

apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/uri-match-default.component.ts

@@ -0,0 +1,72 @@
+import { Component, ChangeDetectionStrategy } from "@angular/core";
+import { FormBuilder, FormControl, Validators } from "@angular/forms";
+
+import { PolicyType } from "@bitwarden/common/admin-console/enums";
+import { PolicyRequest } from "@bitwarden/common/admin-console/models/request/policy.request";
+import {
+  UriMatchStrategy,
+  UriMatchStrategySetting,
+} from "@bitwarden/common/models/domain/domain-service";
+import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
+
+import { SharedModule } from "../../../../shared";
+import { BasePolicyEditDefinition, BasePolicyEditComponent } from "../base-policy-edit.component";
+
+export class UriMatchDefaultPolicy extends BasePolicyEditDefinition {
+  name = "uriMatchDetectionPolicy";
+  description = "uriMatchDetectionPolicyDesc";
+  type = PolicyType.UriMatchDefaults;
+  component = UriMatchDefaultPolicyComponent;
+}
+@Component({
+  changeDetection: ChangeDetectionStrategy.OnPush,
+  templateUrl: "uri-match-default.component.html",
+  imports: [SharedModule],
+})
+export class UriMatchDefaultPolicyComponent extends BasePolicyEditComponent {
+  uriMatchOptions: { label: string; value: UriMatchStrategySetting | null; disabled?: boolean }[];
+
+  constructor(
+    private formBuilder: FormBuilder,
+    private i18nService: I18nService,
+  ) {
+    super();
+
+    this.data = this.formBuilder.group({
+      uriMatchDetection: new FormControl<UriMatchStrategySetting>(UriMatchStrategy.Domain, {
+        validators: [Validators.required],
+        nonNullable: true,
+      }),
+    });
+
+    this.uriMatchOptions = [
+      { label: i18nService.t("baseDomain"), value: UriMatchStrategy.Domain },
+      { label: i18nService.t("host"), value: UriMatchStrategy.Host },
+      { label: i18nService.t("exact"), value: UriMatchStrategy.Exact },
+      { label: i18nService.t("never"), value: UriMatchStrategy.Never },
+    ];
+  }
+
+  protected loadData() {
+    const uriMatchDetection = this.policyResponse?.data?.uriMatchDetection;
+
+    this.data?.patchValue({
+      uriMatchDetection: uriMatchDetection,
+    });
+  }
+
+  protected buildRequestData() {
+    return {
+      uriMatchDetection: this.data?.value?.uriMatchDetection,
+    };
+  }
+
+  async buildRequest(): Promise<PolicyRequest> {
+    const request = await super.buildRequest();
+    if (request.data?.uriMatchDetection == null) {
+      throw new Error(this.i18nService.t("invalidUriMatchDefaultPolicySetting"));
+    }
+
+    return request;
+  }
+}

apps/web/src/app/admin-console/organizations/policies/policy-edit-register.ts

@@ -13,6 +13,7 @@ import {
   SendOptionsPolicy,
   SingleOrgPolicy,
   TwoFactorAuthenticationPolicy,
+  UriMatchDefaultPolicy,
   vNextOrganizationDataOwnershipPolicy,
 } from "./policy-edit-definitions";
 
@@ -34,5 +35,6 @@ export const ossPolicyEditRegister: BasePolicyEditDefinition[] = [
   new SendOptionsPolicy(),
   new RestrictedItemTypesPolicy(),
   new DesktopAutotypeDefaultSettingPolicy(),
+  new UriMatchDefaultPolicy(),
   new AutoConfirmPolicy(),
 ];

apps/web/src/locales/en/messages.json

@@ -5881,6 +5881,19 @@
     "message": "Always show member’s email address with recipients when creating or editing a Send.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
+  "uriMatchDetectionPolicy": {
+    "message": "Default URI match detection"
+  },
+  "uriMatchDetectionPolicyDesc": {
+    "message": "Determine when logins are suggested for autofill. Admins and owners are exempt from this policy."
+  },
+  "uriMatchDetectionOptionsLabel": {
+    "message": "Default URI match detection"
+  },
+    "invalidUriMatchDefaultPolicySetting": {
+    "message": "Please select a valid URI match detection option.",
+    "description": "Error message displayed when a user attempts to save URI match detection policy settings with an invalid selection."
+  },
   "modifiedPolicyId": {
     "message": "Modified policy $ID$.",
     "placeholders": {
@@ -9659,7 +9672,7 @@
     "message": "Common formats",
     "description": "Label indicating the most common import formats"
   },
-     "uriMatchDefaultStrategyHint": {
+    "uriMatchDefaultStrategyHint": {
     "message": "URI match detection is how Bitwarden identifies autofill suggestions.",
     "description": "Explains to the user that URI match detection determines how Bitwarden suggests autofill options, and clarifies that this default strategy applies when no specific match detection is set for a login item."
   },