From fdfb0196d09989ee86067fe7c27c8595d90dd3bc Mon Sep 17 00:00:00 2001 From: Bernd Schoolmann Date: Fri, 2 May 2025 18:51:01 +0200 Subject: [PATCH] [PM-20108] Update account recovery trust prompt, delete organization trust prompt (#14218) * Update trust prompt and move to shared km module * Delete organization trust component * Update org trust warning message --- apps/browser/src/_locales/en/messages.json | 24 +++++++ apps/desktop/src/locales/en/messages.json | 24 +++++++ .../manage/organization-trust.component.html | 23 ------- .../manage/organization-trust.component.ts | 69 ------------------- .../enroll-master-password-reset.component.ts | 4 +- .../src/app/shared/loose-components.module.ts | 3 - apps/web/src/locales/en/messages.json | 6 ++ .../account-recovery-trust.component.html | 4 +- 8 files changed, 59 insertions(+), 98 deletions(-) delete mode 100644 apps/web/src/app/admin-console/organizations/manage/organization-trust.component.html delete mode 100644 apps/web/src/app/admin-console/organizations/manage/organization-trust.component.ts diff --git a/apps/browser/src/_locales/en/messages.json b/apps/browser/src/_locales/en/messages.json index 6e1e2ef57ac..2b6adfdd7e8 100644 --- a/apps/browser/src/_locales/en/messages.json +++ b/apps/browser/src/_locales/en/messages.json @@ -3564,6 +3564,30 @@ "deviceTrusted": { "message": "Device trusted" }, + "trustOrganization": { + "message": "Trust organization" + }, + "trust": { + "message": "Trust" + }, + "doNotTrust": { + "message": "Do not trust" + }, + "organizationNotTrusted": { + "message": "Organization is not trusted" + }, + "emergencyAccessTrustWarning": { + "message": "For the security of your account, only confirm if you have granted emergency access to this user and their fingerprint matches what is displayed in their account" + }, + "orgTrustWarning": { + "message": "For the security of your account, only proceed if you are a member of this organization, have account recovery enabled, and the fingerprint displayed below matches the organization's fingerprint." + }, + "orgTrustWarning1": { + "message": "This organization has an Enterprise policy that will enroll you in account recovery. Enrollment will allow organization administrators to change your password. Only proceed if you recognize this organization and the fingerprint phrase displayed below matches the organization's fingerprint." + }, + "trustUser":{ + "message": "Trust user" + }, "sendsNoItemsTitle": { "message": "No active Sends", "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated." diff --git a/apps/desktop/src/locales/en/messages.json b/apps/desktop/src/locales/en/messages.json index 2350e0df4c7..7dee2c111d9 100644 --- a/apps/desktop/src/locales/en/messages.json +++ b/apps/desktop/src/locales/en/messages.json @@ -3152,6 +3152,30 @@ "deviceTrusted": { "message": "Device trusted" }, + "trustOrganization": { + "message": "Trust organization" + }, + "trust": { + "message": "Trust" + }, + "doNotTrust": { + "message": "Do not trust" + }, + "organizationNotTrusted": { + "message": "Organization is not trusted" + }, + "emergencyAccessTrustWarning": { + "message": "For the security of your account, only confirm if you have granted emergency access to this user and their fingerprint matches what is displayed in their account" + }, + "orgTrustWarning": { + "message": "For the security of your account, only proceed if you are a member of this organization, have account recovery enabled, and the fingerprint displayed below matches the organization's fingerprint." + }, + "orgTrustWarning1": { + "message": "This organization has an Enterprise policy that will enroll you in account recovery. Enrollment will allow organization administrators to change your password. Only proceed if you recognize this organization and the fingerprint phrase displayed below matches the organization's fingerprint." + }, + "trustUser":{ + "message": "Trust user" + }, "inputRequired": { "message": "Input is required." }, diff --git a/apps/web/src/app/admin-console/organizations/manage/organization-trust.component.html b/apps/web/src/app/admin-console/organizations/manage/organization-trust.component.html deleted file mode 100644 index 9a0310fde2a..00000000000 --- a/apps/web/src/app/admin-console/organizations/manage/organization-trust.component.html +++ /dev/null @@ -1,23 +0,0 @@ -
- - - {{ "orgTrustWarning" | i18n }} -

- {{ "fingerprintPhrase" | i18n }} {{ fingerprint }} -

- - - - - - -
diff --git a/apps/web/src/app/admin-console/organizations/manage/organization-trust.component.ts b/apps/web/src/app/admin-console/organizations/manage/organization-trust.component.ts deleted file mode 100644 index 3f013c9fc74..00000000000 --- a/apps/web/src/app/admin-console/organizations/manage/organization-trust.component.ts +++ /dev/null @@ -1,69 +0,0 @@ -import { DialogRef, DIALOG_DATA } from "@angular/cdk/dialog"; -import { Component, OnInit, Inject } from "@angular/core"; -import { FormBuilder } from "@angular/forms"; - -import { OrganizationManagementPreferencesService } from "@bitwarden/common/admin-console/abstractions/organization-management-preferences/organization-management-preferences.service"; -import { LogService } from "@bitwarden/common/platform/abstractions/log.service"; -import { DialogService } from "@bitwarden/components"; -import { KeyService } from "@bitwarden/key-management"; - -type OrganizationTrustDialogData = { - /** display name of the organization */ - name: string; - /** identifies the organization */ - orgId: string; - /** org public key */ - publicKey: Uint8Array; -}; -@Component({ - selector: "organization-trust", - templateUrl: "organization-trust.component.html", -}) -export class OrganizationTrustComponent implements OnInit { - loading = true; - fingerprint: string = ""; - confirmForm = this.formBuilder.group({}); - - constructor( - @Inject(DIALOG_DATA) protected params: OrganizationTrustDialogData, - private formBuilder: FormBuilder, - private keyService: KeyService, - protected organizationManagementPreferencesService: OrganizationManagementPreferencesService, - private logService: LogService, - private dialogRef: DialogRef, - ) {} - - async ngOnInit() { - try { - const fingerprint = await this.keyService.getFingerprint( - this.params.orgId, - this.params.publicKey, - ); - if (fingerprint != null) { - this.fingerprint = fingerprint.join("-"); - } - } catch (e) { - this.logService.error(e); - } - this.loading = false; - } - - submit = async () => { - if (this.loading) { - return; - } - - this.dialogRef.close(true); - }; - - /** - * Strongly typed helper to open a OrganizationTrustComponent - * @param dialogService Instance of the dialog service that will be used to open the dialog - * @param data The data to pass to the dialog - */ - static open(dialogService: DialogService, data: OrganizationTrustDialogData) { - return dialogService.open(OrganizationTrustComponent, { - data, - }); - } -} diff --git a/apps/web/src/app/admin-console/organizations/users/enroll-master-password-reset.component.ts b/apps/web/src/app/admin-console/organizations/users/enroll-master-password-reset.component.ts index 15e7af1cd2d..b63171ae6e6 100644 --- a/apps/web/src/app/admin-console/organizations/users/enroll-master-password-reset.component.ts +++ b/apps/web/src/app/admin-console/organizations/users/enroll-master-password-reset.component.ts @@ -18,8 +18,8 @@ import { Utils } from "@bitwarden/common/platform/misc/utils"; import { SyncService } from "@bitwarden/common/vault/abstractions/sync/sync.service.abstraction"; import { DialogService, ToastService } from "@bitwarden/components"; import { KeyService } from "@bitwarden/key-management"; +import { AccountRecoveryTrustComponent } from "@bitwarden/key-management-ui"; -import { OrganizationTrustComponent } from "../manage/organization-trust.component"; import { OrganizationUserResetPasswordService } from "../members/services/organization-user-reset-password/organization-user-reset-password.service"; interface EnrollMasterPasswordResetData { @@ -62,7 +62,7 @@ export class EnrollMasterPasswordReset { await userVerificationService.buildRequest( secret, ); - const dialogRef = OrganizationTrustComponent.open(dialogService, { + const dialogRef = AccountRecoveryTrustComponent.open(dialogService, { name: data.organization.name, orgId: data.organization.id, publicKey, diff --git a/apps/web/src/app/shared/loose-components.module.ts b/apps/web/src/app/shared/loose-components.module.ts index 90e4c6ba9c3..e43c73cc3fb 100644 --- a/apps/web/src/app/shared/loose-components.module.ts +++ b/apps/web/src/app/shared/loose-components.module.ts @@ -9,7 +9,6 @@ import { LayoutComponent, NavigationModule } from "@bitwarden/components"; import { OrganizationLayoutComponent } from "../admin-console/organizations/layouts/organization-layout.component"; import { EventsComponent as OrgEventsComponent } from "../admin-console/organizations/manage/events.component"; -import { OrganizationTrustComponent } from "../admin-console/organizations/manage/organization-trust.component"; import { UserConfirmComponent as OrgUserConfirmComponent } from "../admin-console/organizations/manage/user-confirm.component"; import { VerifyRecoverDeleteOrgComponent } from "../admin-console/organizations/manage/verify-recover-delete-org.component"; import { AcceptFamilySponsorshipComponent } from "../admin-console/organizations/sponsorships/accept-family-sponsorship.component"; @@ -111,7 +110,6 @@ import { SharedModule } from "./shared.module"; OrgReusedPasswordsReportComponent, OrgUnsecuredWebsitesReportComponent, OrgUserConfirmComponent, - OrganizationTrustComponent, OrgWeakPasswordsReportComponent, PreferencesComponent, PremiumBadgeComponent, @@ -157,7 +155,6 @@ import { SharedModule } from "./shared.module"; OrgReusedPasswordsReportComponent, OrgUnsecuredWebsitesReportComponent, OrgUserConfirmComponent, - OrganizationTrustComponent, OrgWeakPasswordsReportComponent, PreferencesComponent, PremiumBadgeComponent, diff --git a/apps/web/src/locales/en/messages.json b/apps/web/src/locales/en/messages.json index 8a37db4afda..a1d8d794f03 100644 --- a/apps/web/src/locales/en/messages.json +++ b/apps/web/src/locales/en/messages.json @@ -10397,12 +10397,18 @@ "doNotTrust": { "message": "Do not trust" }, + "organizationNotTrusted": { + "message": "Organization is not trusted" + }, "emergencyAccessTrustWarning": { "message": "For the security of your account, only confirm if you have granted emergency access to this user and their fingerprint matches what is displayed in their account" }, "orgTrustWarning": { "message": "For the security of your account, only proceed if you are a member of this organization, have account recovery enabled, and the fingerprint displayed below matches the organization's fingerprint." }, + "orgTrustWarning1": { + "message": "This organization has an Enterprise policy that will enroll you in account recovery. Enrollment will allow organization administrators to change your password. Only proceed if you recognize this organization and the fingerprint phrase displayed below matches the organization's fingerprint." + }, "trustUser":{ "message": "Trust user" }, diff --git a/libs/key-management-ui/src/trust/account-recovery-trust.component.html b/libs/key-management-ui/src/trust/account-recovery-trust.component.html index 5829558dd69..6d4c5b34dc2 100644 --- a/libs/key-management-ui/src/trust/account-recovery-trust.component.html +++ b/libs/key-management-ui/src/trust/account-recovery-trust.component.html @@ -5,8 +5,10 @@ [subtitle]="params.name" > - {{ "orgTrustWarning" | i18n }}

+ {{ "orgTrustWarning1" | i18n }} +
+
{{ "fingerprintPhrase" | i18n }} {{ fingerprint }}