[PM-19300] Session timeout policy (#16583)

* Session timeout policy * default "custom" is 8 hours, validation fixes * ownership update * default max allowed timeout is not selected * adjusting defaults, fixing backwards compatibility, skip type confirmation dialog when switching between the never and on system lock * unit test coverage * wording update, custom hours, minutes jumping on errors * wording update * wrong session timeout action dropdown label * show dialog as valid when opened first time, use @for loop, use controls instead of get * dialog static opener * easier to understand type value listener * unit tests * explicit maximum allowed timeout required error * eslint revert
2025-12-06 00:13:28 +00:00 · 2025-10-28 20:28:34 +01:00
parent 69d5c533ef
commit ff30df3dd6
12 changed files with 853 additions and 122 deletions
--- a/apps/web/src/locales/en/messages.json
+++ b/apps/web/src/locales/en/messages.json
@@ -6495,17 +6495,32 @@
  "tdeDisabledMasterPasswordRequired": {
    "message": "Your organization has updated your decryption options. Please set a master password to access your vault."
  },
-  "maximumVaultTimeout": {
-    "message": "Vault timeout"
+  "sessionTimeoutPolicyTitle": {
+    "message": "Session timeout"
  },
-  "maximumVaultTimeoutDesc": {
-    "message": "Set a maximum vault timeout for members."
+  "sessionTimeoutPolicyDescription": {
+    "message": "Set a maximum session timeout for all members except owners."
  },
-  "maximumVaultTimeoutLabel": {
-    "message": "Maximum vault timeout"
+  "maximumAllowedTimeout": {
+    "message": "Maximum allowed timeout"
  },
-  "invalidMaximumVaultTimeout": {
-    "message": "Invalid maximum vault timeout."
+  "maximumAllowedTimeoutRequired": {
+    "message": "Maximum allowed timeout is required."
+  },
+  "sessionTimeoutPolicyInvalidTime": {
+    "message": "Time is invalid. Change at least one value."
+  },
+  "sessionTimeoutAction": {
+    "message": "Session timeout action"
+  },
+  "immediately": {
+    "message": "Immediately"
+  },
+  "onSystemLock": {
+    "message": "On system lock"
+  },
+  "onAppRestart": {
+    "message": "On app restart"
  },
  "hours": {
    "message": "Hours"
@@ -6513,6 +6528,21 @@
  "minutes": {
    "message": "Minutes"
  },
+  "sessionTimeoutConfirmationNeverTitle": {
+    "message": "Are you certain you want to allow a maximum timeout of \"Never\" for all members?"
+  },
+  "sessionTimeoutConfirmationNeverDescription": {
+    "message": "This option will save your members' encryption keys on their devices. If you choose this option, ensure that their devices are adequately protected."
+  },
+  "learnMoreAboutDeviceProtection": {
+    "message": "Learn more about device protection"
+  },
+  "sessionTimeoutConfirmationOnSystemLockTitle": {
+    "message": "\"System lock\" will only apply to the browser and desktop app"
+  },
+  "sessionTimeoutConfirmationOnSystemLockDescription": {
+    "message": "The mobile and web app will use \"on app restart\" as their maximum allowed timeout, since the option is not supported."
+  },
  "vaultTimeoutPolicyInEffect": {
    "message": "Your organization policies have set your maximum allowed vault timeout to $HOURS$ hour(s) and $MINUTES$ minute(s).",
    "placeholders": {