From df846a058d68f336cef8f8343dea41278cfb71d0 Mon Sep 17 00:00:00 2001
From: Bernd Schoolmann <mail@quexten.com>
Date: Mon, 2 Dec 2024 12:03:57 +0100
Subject: [PATCH] Cleanup and fix process reload on non-desktop

---
 apps/desktop/desktop_native/napi/src/lib.rs   |  8 ++------
 .../src/app/services/services.module.ts       |  2 ++
 .../default-process-reload.service.ts         | 19 +++++++++++++++++++
 3 files changed, 23 insertions(+), 6 deletions(-)

diff --git a/apps/desktop/desktop_native/napi/src/lib.rs b/apps/desktop/desktop_native/napi/src/lib.rs
index 3260b826caa..2058b9ba9e4 100644
--- a/apps/desktop/desktop_native/napi/src/lib.rs
+++ b/apps/desktop/desktop_native/napi/src/lib.rs
@@ -526,7 +526,6 @@ pub mod ipc {
 #[napi]
 pub mod epheremal_values {
     use desktop_core::epheremal_values::EpheremalValueStore;
-    use std::collections::HashMap;
 
     #[napi]
     pub struct EpheremalValueStoreWrapper {
@@ -535,7 +534,7 @@ pub mod epheremal_values {
 
     #[napi]
     impl EpheremalValueStoreWrapper {
-        /// Create a new epheremal value store.
+
         #[napi(constructor)]
         pub fn new() -> napi::Result<Self> {
             Ok(EpheremalValueStoreWrapper {
@@ -543,22 +542,19 @@ pub mod epheremal_values {
             })
         }
 
-        /// Set a value in the store.
         #[napi]
         pub fn set(&mut self, key: String, value: String) {
             self.store.set(key, value);
         }
 
-        /// Get a value from the store.
         #[napi]
         pub fn get(&self, key: String) -> Option<String> {
             self.store.get(&key).cloned()
         }
 
-        /// Remove a value from the store.
         #[napi]
         pub fn remove(&mut self, key: String) {
             self.store.remove(&key);
         }
     }
-}
\ No newline at end of file
+}
diff --git a/apps/desktop/src/app/services/services.module.ts b/apps/desktop/src/app/services/services.module.ts
index cfb930f9480..36f1b318609 100644
--- a/apps/desktop/src/app/services/services.module.ts
+++ b/apps/desktop/src/app/services/services.module.ts
@@ -234,6 +234,8 @@ const safeProviders: SafeProvider[] = [
       BiometricStateService,
       AccountServiceAbstraction,
       LogService,
+      PlatformUtilsServiceAbstraction,
+      PinServiceAbstraction,
     ],
   }),
   safeProvider({
diff --git a/libs/common/src/key-management/services/default-process-reload.service.ts b/libs/common/src/key-management/services/default-process-reload.service.ts
index 5c38fd11330..80c53a6b451 100644
--- a/libs/common/src/key-management/services/default-process-reload.service.ts
+++ b/libs/common/src/key-management/services/default-process-reload.service.ts
@@ -1,7 +1,10 @@
 import { firstValueFrom, map, timeout } from "rxjs";
 
+import { PinServiceAbstraction } from "@bitwarden/auth/common";
+import { ClientType } from "@bitwarden/common/enums";
 import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
 import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service";
+import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
 import { BiometricStateService } from "@bitwarden/key-management";
 
 import { VaultTimeoutSettingsService } from "../../abstractions/vault-timeout/vault-timeout-settings.service";
@@ -22,6 +25,8 @@ export class DefaultProcessReloadService implements ProcessReloadServiceAbstract
     private biometricStateService: BiometricStateService,
     private accountService: AccountService,
     private logService: LogService,
+    private platformUtilsService: PlatformUtilsService,
+    private pinService: PinServiceAbstraction,
   ) {}
 
   async startProcessReload(authService: AuthService): Promise<void> {
@@ -49,6 +54,20 @@ export class DefaultProcessReloadService implements ProcessReloadServiceAbstract
       return;
     }
 
+    if (this.platformUtilsService.getClientType() !== ClientType.Desktop) {
+      // If there is an active user, check if they have a pinKeyEncryptedUserKeyEphemeral. If so, prevent process reload upon lock.
+      const userId = (await firstValueFrom(this.accountService.activeAccount$))?.id;
+      if (userId != null) {
+        const ephemeralPin = await this.pinService.getPinKeyEncryptedUserKeyEphemeral(userId);
+        if (ephemeralPin != null) {
+          this.logService.info(
+            `[ProcessReloadService] User ${userId} has ephemeral pin, skipping process reload`,
+          );
+          return;
+        }
+      }
+    }
+
     this.cancelProcessReload();
     await this.executeProcessReload();
   }