[PM-23789][PM-237090][PM-23791][PM-23792] - [Web][Desktop][Browser] - Do not import cards if policy is enabled (#15740)

* restrict item types in import * add comment * fix spec * fix dep * clean up logic
2025-12-10 05:13:29 +00:00 · 2025-07-23 10:37:40 -07:00
parent d45cacc1af
commit fe1c040993
5 changed files with 20 additions and 0 deletions
--- a/libs/importer/src/components/import.component.ts
+++ b/libs/importer/src/components/import.component.ts
@@ -100,6 +100,7 @@ const safeProviders: SafeProvider[] = [
      PinServiceAbstraction,
      AccountService,
      SdkService,
+      RestrictedItemTypesService,
    ],
  }),
 ];
--- a/libs/importer/src/services/import.service.spec.ts
+++ b/libs/importer/src/services/import.service.spec.ts
@@ -13,6 +13,7 @@ import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.servi
 import { FolderService } from "@bitwarden/common/vault/abstractions/folder/folder.service.abstraction";
 import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
 import { FolderView } from "@bitwarden/common/vault/models/view/folder.view";
+import { RestrictedItemTypesService } from "@bitwarden/common/vault/services/restricted-item-types.service";
 import { KeyService } from "@bitwarden/key-management";

 import { BitwardenPasswordProtectedImporter } from "../importers/bitwarden/bitwarden-password-protected-importer";
@@ -34,6 +35,7 @@ describe("ImportService", () => {
  let pinService: MockProxy<PinServiceAbstraction>;
  let accountService: MockProxy<AccountService>;
  let sdkService: MockSdkService;
+  let restrictedItemTypesService: MockProxy<RestrictedItemTypesService>;

  beforeEach(() => {
    cipherService = mock<CipherService>();
@@ -45,6 +47,7 @@ describe("ImportService", () => {
    encryptService = mock<EncryptService>();
    pinService = mock<PinServiceAbstraction>();
    sdkService = new MockSdkService();
+    restrictedItemTypesService = mock<RestrictedItemTypesService>();

    importService = new ImportService(
      cipherService,
@@ -57,6 +60,7 @@ describe("ImportService", () => {
      pinService,
      accountService,
      sdkService,
+      restrictedItemTypesService,
    );
  });

--- a/libs/importer/src/services/import.service.ts
+++ b/libs/importer/src/services/import.service.ts
@@ -26,6 +26,7 @@ import { CipherRequest } from "@bitwarden/common/vault/models/request/cipher.req
 import { FolderWithIdRequest } from "@bitwarden/common/vault/models/request/folder-with-id.request";
 import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
 import { FolderView } from "@bitwarden/common/vault/models/view/folder.view";
+import { RestrictedItemTypesService } from "@bitwarden/common/vault/services/restricted-item-types.service";
 import { KeyService } from "@bitwarden/key-management";

 import {
@@ -119,6 +120,7 @@ export class ImportService implements ImportServiceAbstraction {
    private pinService: PinServiceAbstraction,
    private accountService: AccountService,
    private sdkService: SdkService,
+    private restrictedItemTypesService: RestrictedItemTypesService,
  ) {}

  getImportOptions(): ImportOption[] {
@@ -166,6 +168,17 @@ export class ImportService implements ImportServiceAbstraction {
      }
    }

+    const restrictedItemTypes = await firstValueFrom(
+      this.restrictedItemTypesService.restricted$.pipe(
+        map((restrictedItemTypes) => restrictedItemTypes.map((r) => r.cipherType)),
+      ),
+    );
+
+    // Filter out restricted item types from the import result
+    importResult.ciphers = importResult.ciphers.filter(
+      (cipher) => !restrictedItemTypes.includes(cipher.type),
+    );
+
    if (organizationId && !selectedImportTarget && !canAccessImportExport) {
      const hasUnassignedCollections =
        importResult.collectionRelationships.length < importResult.ciphers.length;