* Migrated folder service from using active user state to single user state
Added extra test cases for encrypted folder and decrypted folders
Updated derived state to use decrypt with key
* Update callers in the web
* Update callers in the browser
* Update callers in libs
* Update callers in cli
* Fixed test
* Fixed folder state test
* Fixed test
* removed duplicate activeUserId
* Added takewhile operator to only make calls when userId is present
* Simplified to accept a single user id instead of an observable
* Required userid to be passed from notification service
* [PM-15635] Folders not working on desktop (#12333)
* Added folders memory state definition
* added decrypted folders state
* Refactored service to remove derived state
* removed combinedstate and added clear decrypted folders to methods
* Fixed test
* Fixed issue with editing folder on the desktop app
* Fixed test
* Changed state name
* fixed ts strict issue
* fixed ts strict issue
* fixed ts strict issue
* removed unnecessasry null encrypteed folder check
* Handle null folderdata
* [PM-16197] "Items with No Folder" shows as a folder to edit name and delete (#12470)
* Force redcryption anytime encryption state changes
* Fixed text file
* revert changes
* create new object with nofolder instead of modifying exisiting object
* Fixed failing test
* switched to use memory-large-object
* Fixed ts sctrict issue
---------
Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
* Use typescript-strict-plugin to iteratively turn on strict
* Add strict testing to pipeline
Can be executed locally through either `npm run test:types` for full type checking including spec files, or `npx tsc-strict` for only tsconfig.json included files.
* turn on strict for scripts directory
* Use plugin for all tsconfigs in monorepo
vscode is capable of executing tsc with plugins, but uses the most relevant tsconfig to do so. If the plugin is not a part of that config, it is skipped and developers get no feedback of strict compile time issues. These updates remedy that at the cost of slightly more complex removal of the plugin when the time comes.
* remove plugin from configs that extend one that already has it
* Update workspace settings to honor strict plugin
* Apply strict-plugin to native message test runner
* Update vscode workspace to use root tsc version
* `./node_modules/.bin/update-strict-comments` 🤖
This is a one-time operation. All future files should adhere to strict type checking.
* Add fixme to `ts-strict-ignore` comments
* `update-strict-comments` 🤖
repeated for new merge files
* allow admin console to see all collections when viewing a cipher
- When "manage all" option is selected all collections should be editable
* update cipher form service to use admin endpoints
* when saving a cipher, choose to move to collections first before saving any other edits
- This handles the case where a cipher is moving from unassigned to assigned and needs to have a collection to save any other edits
* set admin flag when the original cipher has zero collections
- handling the case where the user un-assigns themselves from a cipher
* add check for the users ability to edit items within the collection
* save cipher edit first to handle when the user unassigns themselves from the cipher
* update filter order of collections
* use cipher returned from the collections endpoint rather than re-fetching it
* fix unit tests by adding canEditItems
* re-enable collection control when orgId is present
* fetch the updated cipher from the respective service for editing a cipher
* [PM-13892] Introduce canClone$ method on CipherAuthorizationService
* [PM-13892] Use new canClone$ method for the 3dot menu in browser extension
* [PM-13892] Add todo for vault-items.component.ts
* [PM-13715] Launching page from cipher does not set correct autofill action
* [PM-13715] Fix autofill not triggering for correct cipher after page has been launched from browser extension
* Added inputs to the view and edit component to disable or remove the delete button when a user does not have manage rights
* Refactored editByCipherId to receive cipherview object
* Fixed issue where adding an item on the individual vault throws a null reference
* Fixed issue where adding an item on the AC vault throws a null reference
* Allow delete in unassigned collection
* created reusable service to check if a user has delete permission on an item
* Registered service
* Used authorizationservice on the browser and desktop
Only display the delete button when a user has delete permission
* Added comments to the service
* Passed active collectionId to add edit component
renamed constructor parameter
* restored input property used by the web
* Fixed dependency issue
* Fixed dependency issue
* Fixed dependency issue
* Modified service to cater for org vault
* Updated to include new dependency
* Updated components to use the observable
* Added check on the cli to know if user has rights to delete an item
* Renamed abstraction and renamed implementation to include Default
Fixed permission issues
* Fixed test to reflect changes in implementation
* Modified base classes to use new naming
Passed new parameters for the canDeleteCipher
* Modified base classes to use new naming
Made changes from base class
* Desktop changes
Updated reference naming
* cli changes
Updated reference naming
Passed new parameters for the canDeleteCipher$
* Updated references
* browser changes
Updated reference naming
Passed new parameters for the canDeleteCipher$
* Modified cipher form dialog to take in active collection id
used canDeleteCipher$ on the vault item dialog to disable the delete button when user does not have the required permissions
* Fix number of arguments issue
* Added active collection id
* Updated canDeleteCipher$ arguments
* Updated to pass the cipher object
* Fixed up refrences and comments
* Updated dependency
* updated check to canEditUnassignedCiphers
* Fixed unit tests
* Removed activeCollectionId from cipher form
* Fixed issue where bulk delete option shows for can edit users
* Fix null reference when checking if a cipher belongs to the unassigned collection
* Fixed bug where allowedCollection passed is undefined
* Modified cipher by adding a isAdminConsoleAction argument to tell when a reuqest comes from the admin console
* Passed isAdminConsoleAction as true when request is from the admin console
* [PM-6991] Remove self reference to cipherViews$
* [PM-6991] Update cipherViews$ observable to be reactive to encrypted ciphers and localData
* [PM-6991] Use the cipherViews$ observable in the Web vault
* [PM-6991] Update the vault filter service to use cipherViews$ observable
* [PM-6991] Add deprecation notice to getAllDecrypted
* [PM-6991] Ensure cipherViews$ emits an empty array whenever the decrypted cipher cache is cleared
* [PM-6991] Fix cipher service test
* [PM-6991] Use shareReplay instead of share
* [PM-6991] Remove ciphersExpectingUpdate and replace with a null filter instead for cipherViews$
* [PM-6991] Skip refreshing on null cipherViews$ to avoid flashing an empty vault after modifying ciphers
* add option to delete all folders if migration fails
* update text and flow to reattempt migration
* clear encrypted folders as well on delete all
* Update messaging
* Require userId for setting masterKeyEncryptedUserKey
* Replace folders for specified user
* Require userId for collection replace
* Cipher Replace requires userId
* Require UserId to update equivalent domains
* Require userId for policy replace
* sync state updates between fake state for better testing
* Revert to public observable tests
Since they now sync, we can test single-user updates impacting active user observables
* Do not init fake states through sync
Do not sync initial null values, that might wipe out already existing data.
* Require userId for Send replace
* Include userId for organization replace
* Require userId for billing sync data
* Require user Id for key connector sync data
* Allow decode of token by userId
* Require userId for synced key connector updates
* Add userId to policy setting during organization invite accept
* Fix cli
* Handle null userId
---------
Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
* updated cipher service to stop using the deprecated getUserKeyWithLegacySupport and use the version that requires a user id
* Added account service mock
* fixed cipher test
* Fixed test
* removed async from encryptCipher
* updated encryptSharedCipher to pass userId to the encrypt function
* Pass userId to getUserKeyWithLegacySupport on encryptSharedCipher
* pass in userid when setting masterKeyEncryptedUserKey
* Added activer usedId to new web refresh function
* move cli service-container to new folder
* fix imports
* add tsconfig and fix type issues in other services
* fix more imports in service-container
* make ts server happy in service-container
* fix actual bugs in cli service-container
* fix package json reference path
* fix service-container import
* update type on cipher service
* [BEEEP] Autofill Identity and Card Ciphers From Keyboard Shortcut
* [PM-10079] Add keyboard shortcut to autofill identity and credit card ciphers
* [PM-10079] Fixing jest tests
* [PM-10079] Added an enum for the autofill commands, and adjusted how we filter out cipher types before sorting them by last used when calling for ID and card ciphers
* [PM-10079] Updating copywriting for the autofill settings revolving around keyboard shortcuts
* [PM-10079] Setting a method within CipherService as private
* Implement multi-worker encryption service
* Fix feature flag being flipped and check for empty input earlier
* Add tests
* Small cleanup
* Remove restricted import
* Rename feature flag
* Refactor to BulkEncryptService
* Rename feature flag
* Fix cipher service spec
* Implement browser bulk encryption service
* Un-deprecate browserbulkencryptservice
* Load browser bulk encrypt service on feature flag asynchronously
* Fix bulk encryption service factories
* Deprecate BrowserMultithreadEncryptServiceImplementation
* Copy tests for browser-bulk-encrypt-service-implementation from browser-multithread-encrypt-service-implementation
* Make sure desktop uses non-bulk fallback during feature rollout
* Rename FallbackBulkEncryptService and fix service dependency issue
* Disable bulk encrypt service on mv3
* Change condition order to avoid expensive api call
* Set default hardware concurrency to 1 if not available
* Make getdecrypteditemfromworker private
* Fix cli build
* Add check for key being null
* finish key rotation distribution and fix legacy user
* add ticket to TODO
* PR feedback: docs and renaming
* fix webauthn tests
* add test for send service
* add await to test
* [PM-7683] Add fullAddressForCopy helper to identity.view
* [PM-7683] Introduce CopyCipherFieldService to the Vault library
- A new CopyCipherFieldService that can be used to copy a cipher's field to the user clipboard
- A new appCopyField directive to make it easy to copy a cipher's fields in templates
- Tests for the CopyCipherFieldService
* [PM-7683] Introduce item-copy-actions.component
* [PM-7683] Fix username value in copy cipher directive
* [PM-7683] Add title to View item link
* [PM-8456] Introduce initial item-more-options.component
* [PM-8456] Add logic to show/hide login menu options
* [PM-8456] Implement favorite/unfavorite menu option
* [PM-8456] Implement clone menu option
* [PM-8456] Hide launch website instead of disabling it
* [PM-8456] Ensure cipherList observable updates on cipher changes
* [PM-7683] Move disabled logic into own method
* [PM-8456] Cleanup spec file to use Angular testbed
* [PM-8456] Fix more options tooltip
* [PM-8485] Introduce new PopupCipherView
* [PM-8485] Use new PopupCipherView in items service
* [PM-8485] Add org icon for items that belong to an organization
* [PM-8485] Fix tests
* [PM-8485] Remove share operator from cipherViews$
* PM-7392 - EncryptSvc - add new method for detecting if a simple string is an enc string.
* PM-7392 - TokenSvc - add checks when setting and retrieving the access token to improve handling around the access token encryption.
* PM-7392 - (1) Clean up token svc (2) export access token key type for use in tests.
* PM-7392 - Get token svc tests passing; WIP more tests to come for new scenarios.
* PM-7392 - Access token secure storage to disk fallback WIP but mostly functional besides weird logout behavior.
* PM-7392 - Clean up unnecessary comment
* PM-7392 - TokenSvc - refresh token disk storage fallback
* PM-7392 - Fix token service tests in prep for adding tests for new scenarios.
* PM-7392 - TokenSvc tests - Test new setRefreshToken scenarios
* PM-7392 - TokenSvc - getRefreshToken should return null or a value - not undefined.
* PM-7392 - Fix test name.
* PM-7392 - TokenSvc tests - clean up test names that reference removed refresh token migrated flag.
* PM-7392 - getRefreshToken tests done.
* PM-7392 - Fix error quote
* PM-7392 - TokenSvc tests - setAccessToken new scenarios tested.
* PM-7392 - TokenSvc - getAccessToken - if secure storage errors add error to log.
* PM-7392 - TokenSvc tests - getAccessToken - all new scenarios tested
* PM-7392 - EncryptSvc - test new stringIsEncString method
* PM-7392 - Main.ts - fix circ dep issue.
* PM-7392 - Main.ts - remove comment.
* PM-7392 - Don't re-invent the wheel and simply use existing isSerializedEncString static method.
* PM-7392 - Enc String - (1) Add handling for Nan in parseEncryptedString (2) Added null handling to isSerializedEncString. (3) Plan to remove encrypt service implementation
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* PM-7392 - Remove encrypt service method
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* PM-7392 - Actually fix circ dep issues with Justin. Ty!
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* PM-7392 - TokenSvc - update to use EncString instead of EncryptSvc + fix tests.
* PM-7392 - TokenSvc - (1) Remove test code (2) Refactor decryptAccessToken method to accept access token key and error on failure to pass required decryption key to method.
* PM-7392 - Per PR feedback and discussion, do not log the user out if hte refresh token cannot be found. This will allow users to continue to use the app until their access token expires and we will error on trying to refresh it. The app will then still work on a fresh login for 55 min.
* PM-7392 - API service - update doAuthRefresh error to clarify which token cannot be refreshed.
* PM-7392 - Fix SetRefreshToken case where a null input would incorrectly trigger a fallback to disk.
* PM-7392 - If the access token cannot be refreshed due to a missing refresh token or API keys, then surface an error to the user and log it so it isn't a silent failure + we get a log.
* PM-7392 - Fix CLI build errors
* PM-7392 - Per PR feedback, add missing tests (thank you Jake for writing these!)
Co-authored-by: Jake Fink <jfink@bitwarden.com>
* PM-7392 - Per PR feedback, update incorrect comment from 3 releases to 3 months.
* PM-7392 - Per PR feedback, remove links.
* PM-7392 - Per PR feedback, move tests to existing describe.
* PM-7392 - Per PR feedback, adjust all test names to match naming convention.
* PM-7392 - ApiService - refreshIdentityToken - log error before swallowing it so we have a record of it.
* PM-7392 - Fix copy for errorRefreshingAccessToken
* PM-7392 - Per PR feedback, move error handling toast responsibility to client specific app component logic reached via messaging.
* PM-7392 - Swap logout reason from enum to type.
* PM-7392 - ApiService - Stop using messaging to trigger toast to let user know about refresh access token errors; replace with client specific callback logic.
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* PM-7392 - Per PR feedback, adjust enc string changes and tests.
* PM-7392 - Rename file to be type from enum
* PM-7392 - ToastService - we need to await the activeToast.onHidden observable so return the activeToast from the showToast.
* PM-7392 - Desktop AppComp - cleanup messaging
* PM-7392 - Move Logout reason custom type to auth/common
* PM-7392 - WIP - Enhancing logout callback to consider the logout reason + move show toast logic into logout callback
* PM-7392 - Logout callback should simply pass along the LogoutReason instead of handling it - let each client's message listener handle it.
* PM-7392 - More replacements of expired with logoutReason
* PM-7392 - More expired to logoutReason replacements
* PM-7392 - Build new handlers for displaying the logout reason for desktop & web.
* PM-7392 - Revert ToastService changes
* PM-7392 - TokenSvc - Replace messageSender with logout callback per PR feedback.
* PM-7392 - Desktop App comp - replace toast usage with simple dialog to guarantee users will see the reason for them being logged out.
* PM-7392 - Web app comp - fix issue
* PM-7392 - Desktop App comp - don't show cancel btn on simple dialogs.
* PM-7392 - Desktop App comp - Don't open n simple dialogs.
* PM-7392 - Fix browser build
* PM-7392 - Remove logout reason from CLI as each logout call handles messaging on its own.
* PM-7392 - Previously, if a security stamp was invalid, the session was marked as expired. Restore that functionality.
* PM-7392 - Update sync service logoutCallback to include optional user id.
* PM-7392 - Clean up web app comp
* PM-7392 - Web - app comp - only handle actually possible web logout scenarios.
* PM-7392 - Browser Popup app comp - restore done logging out message functionality + add new default logout message
* PM-7392 - Add optional user id to logout callbacks.
* PM-7392 - Main.background.ts - add clarifying comment.
* PM-7392 - Per feedback, use danger simple dialog type for error.
* PM-7392 - Browser Popup - add comment clarifying expectation of seeing toasts.
* PM-7392 - Consolidate invalidSecurityStamp error handling
* PM-7392 - Per PR feedback, REFRESH_ACCESS_TOKEN_ERROR_CALLBACK can be completely sync. + Refactor to method in main.background.
* PM-7392 - Per PR feedback, use a named callback for refreshAccessTokenErrorCallback in CLI
* PM-7392 - Add TODO
* PM-7392 - Re-apply bw.ts changes to new service-container.
* PM-7392 - TokenSvc - tweak error message.
* PM-7392 - Fix test
* PM-7392 - Clean up merge conflict where I duplicated dependencies.
* PM-7392 - Per discussion with product, change default logout toast to be info
* PM-7392 - After merge, add new logout reason to sync service.
* PM-7392 - Remove default logout message per discussion with product since it isn't really visible on desktop or browser.
* PM-7392 - address PR feedback.
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: Jake Fink <jfink@bitwarden.com>
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Add Helper For Preparing a Record For Use in `forkJoin`
* Update & Test CryptoService Changes
* Delete Unused Code
* Update DeviceTrustService
* Update CipherService
* Make `userPublicKey$` Public
* Rename convertValues File
* Update libs/common/src/platform/abstractions/crypto.service.ts
Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
* Add `convertValues` Tests
* Add Doc Comments
* Convert to `function`'s
Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
* Fix Test Typos
* Add param doc
* Update Test Name
* Add `@throws` Docs
---------
Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
magical black-box key retrieval is slow, due to needing to repeatedly resolve (and potentially decrypt) keys. Doing the work up front is both more explicit and much faster.
It would be preferable to move OrganizationId to an opaque type in the models, but that has rippling effects all over the place and ultimately is stopped by vault filtering on strings rather than ids, but still calling the property `organizationId`, we need to fix that first.
* [PM-6825] Add temporary vault page header
* [PM-6825] Expose cipherViews$ observable
* [PM-6825] Refactor getAllDecryptedForUrl to expose filter functionality for reuse
* [PM-6825] Introduce VaultPopupItemsService
* [PM-6825] Introduce initial VaultListItem and VaultListItemsContainer components
* [PM-6825] Add VaultListItems to VaultV2 component
* [PM-6825] Introduce autofill-vault-list-items.component to encapsulate autofill logic
* [PM-6825] Add temporary Vault icon
* [PM-6825] Add empty and no results states to Vault tab
* [PM-6825] Add unit tests for vault popup items service
* [PM-6825] Negate noFilteredResults placeholder
* [PM-6825] Cleanup new Vault components
* [PM-6825] Move new components into its own module
* [PM-6825] Fix missing button type
* [PM-6825] Add booleanAttribute to showAutofill input
* [PM-6825] Replace empty refresh BehaviorSubject with Subject
* [PM-6825] Combine *ngIfs for vault list items container
* [PM-6825] Use popup-section-header component
* [PM-6825] Use small variant for icon buttons
* [PM-6825] Use anchor tag for vault items
* [PM-6825] Consolidate vault-list-items-container to include list item component functionality directly
* [PM-6825] Add Tailwind classes to new Vault icon
* [PM-6825] Remove temporary header comment
* [PM-6825] Fix auto fill suggestion font size and padding
* [PM-6825] Use tailwind for vault icon styling
* [PM-6825] Add libs/angular to tailwind.config content
* [PM-6825] Cleanup missing i18n
* [PM-6825] Make VaultV2 standalone and cleanup Browser App module
* [PM-6825] Use explicit type annotation
* [PM-6825] Use property binding instead of interpolation
* Create ForegroundSyncService For Delegating `fullSync` calls to the background
* Relax `isExternalMessage` to Allow For Typed Payload
* Null Coalesce The `startListening` Method
* Filter To Only External Messages
* Update activity when switching users
* Clear data of designated user
* Do not switchMap to null, always to Promise or Observable
* handle uninitialized popup services
* Switch to new account immediately and log out as inactive.
Split up done logging out and navigation so we can always display expire warning.
* Do not navigate in account switcher, main.background takes care of it
* Ignore storage updates from reseed events
* Remove loading on cancelled logout
* Catch missed account switch errors
* Avoid usage of active user state in sync service
Send service does not currently support specified user data
manipulation, so we ensure that the notification was sent to the
active user prior to processing the notification.
* Clear sequentialize caches on account switch
These caches are used to ensure that rapid calls to an async method are not repeated. However, the cached promises are valid only within a given userId context and must be cleared when that context changes.
* Revert `void` promise for notification reconnect
* Update libs/angular/src/services/jslib-services.module.ts
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Handle switch account routing through messaging background -> app
* Use account switch status to handle unlocked navigation case.
* Revert "Handle switch account routing through messaging background -> app"
This reverts commit 8f35078ecb.
---------
Co-authored-by: Cesar Gonzalez <cesar.a.gonzalezcs@gmail.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Use account service to track accounts and active account
* Remove state service active account Observables.
* Add email verified to account service
* Do not store account info on logged out accounts
* Add account activity tracking to account service
* Use last account activity from account service
* migrate or replicate account service data
* Add `AccountActivityService` that handles storing account last active data
* Move active and next active user to account service
* Remove authenticated accounts from state object
* Fold account activity into account service
* Fix builds
* Fix desktop app switch
* Fix logging out non active user
* Expand helper to handle new authenticated accounts location
* Prefer view observable to tons of async pipes
* Fix `npm run test:types`
* Correct user activity sorting test
* Be more precise about log out messaging
* Fix dev compare errors
All stored values are serializable, the next step wasn't necessary and was erroring on some types that lack `toString`.
* If the account in unlocked on load of lock component, navigate away from lock screen
* Handle no users case for auth service statuses
* Specify account to switch to
* Filter active account out of inactive accounts
* Prefer constructor init
* Improve comparator
* Use helper methods internally
* Fixup component tests
* Clarify name
* Ensure accounts object has only valid userIds
* Capitalize const values
* Prefer descriptive, single-responsibility guards
* Update libs/common/src/state-migrations/migrate.ts
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* Fix merge
* Add user Id validation
activity for undefined was being set, which was resulting in requests for the auth status of `"undefined"` (string) userId, due to key enumeration. These changes stop that at both locations, as well as account add for good measure.
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* [PM-7710] Avoid re-indexing ciphers on current tab component and re-setting null storage values for popup components
* [PM-7710] Avoid re-indexing ciphers on current tab component and re-setting null storage values for popup components
* PM-6689 - Add security stamp to Token state
* PM-6689 - Remove Security Stamp from account and state service
* PM-6689 - Add security stamp get and set to token service + abstraction + tests
* PM-6689 - Add migration for security stamp, test it, and register it with migrator
* PM-6689 - Update sync service + deps to use token service.
* PM-6689 - Cleanup missed usages of account tokens which has been removed.
* PM-6689 - Per PR feedback, remove unnecessary data migration as the security stamp is only in memory and doesn't need to be migrated.
