This PR fixes an issue where admins couldn't edit ciphers in organization reports when the "Allow Admin Access to All Collection Items" setting was enabled.
The fix adds a check for organization.allowAdminAccessToAllCollectionItems in the canManage() method across all organization report components. When this setting is enabled, admins/owners can now properly edit all ciphers regardless of collection membership.
* enforce strict types on folders
* fix folder api service
* fix tests
* fix test
* fix type issue
* fix test
* add extra checks for folders. add specs
* fix folder.id checks
* fix id logic
* remove unecessary check
* name name and id optional in folder model
* fix tests
* Update folder and folderview
* fix folder with id export
* fix tests
* fix tests
* more defensive typing
* fix tests
* no need to check for presence
* check for empty name in folder toDomain
* fixes to folder
* initialize id in folder constructor. fix failing tests
* remove optional param to folder constructor
* fix folder
* fix test
* remove remaining checks for null folder id
* fix logic
* pass null for empty folder ids
* make id more explicit
* fix failing test
* fix failing test
* fix "No Folder" filter
Fix issue where ciphers appearing in the Org 2FA report would render without the cipher name shown. This was happening for all ciphers in Collections the active User did not have access to.
* Switch phishing data source to GitHub and remove fallback mechanism
The phish.co.za mirror is down, causing every update cycle to timeout on
the primary fetch before falling back to the GitHub raw URL. This removes
phish.co.za entirely and uses GitHub as the sole data source, which was
the original source before the mirror was introduced.
- Rename `remoteUrl`/`fallbackUrl` to `ghSourceUrl` on PhishingResource type
- Remove phish.co.za URLs from both Domains and Links resources
- Remove catchError fallback block in `_updateFullDataSet()`
- Errors now propagate to `_backgroundUpdate()` which already handles
retries (3 attempts with 5-minute delays) and graceful degradation
* revert the fallback logic removal, change prop name, add use fallback flag
* Update Links primaryUrl to Bitwarden-hosted blocklist
* remove all fallback logic
* Fix virtual scroll gap in exposed-passwords-report by setting rowSize to 54px
* Fix virtual scroll gap in weak-passwords-report by setting rowSize to 54px
Changed event parameter type from MouseEvent to Event in handleFillCipherClickEvent and handleViewCipherClickEvent to match the EventListener interface expected by useEventHandlersMemo.
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
* ignore events that do not originate from the user agent
* [pm-28831] Add isTrusted checks and update tests
* [pm-28831] Add isTrusted check to click events
* [pm-28831] Replace in-code jest exceptions with new utils
* [pm-28831] Move isTrusted checks to testable util
* [pm-28831] Remove redundant check in cipher-action.ts
* [pm-28831] Add isTrusted checks to click events in autofill-inine-menu-list
---------
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
Co-authored-by: Jonathan Prusik <jprusik@classynemesis.com>
* created 'berry' component
* added 'bit-berry' to 'popup-tab-navigation'
* simplified - removed null checks
* changed 'effectiveSize' to 'computedSize'
* fixed 'accentPrimary' color
* updated to not render berry if 'count' is 0 or negative number
* simplified checking count undefined
* updated computed padding
* switched from `[ngClass]` to `[class]`
* updated 'popup-tab-navigation' berry to use 'danger' variant
* fixed berry positioning in popup-tab-navigation
* updated content logic
* cleanup unused 'ngClass'
* updated conditional rendering of berry
* updated story 'Usage'
* updates with adding berry 'type'
* added type "status" to popup-tab-navigation
* fixed type error
* updated 'Count Behavior' description
First step of removing code for old Access Intelligence tabs. The old tabs should not appear when the milestone 11 feature flag is on. Once flipped in Production, the remainder of this ticket can be completed (old code entirely removed)
Also included in this change is a copy update for the sub heading of the page.
* display translated content for attachments that cannot be downloaded
* consume decryption failure from the sdk for attachments
* add decryption errors from sdk
* only show fix attachment issues for when key is null and it does not have a decryption failure
* separate decryption failure state in view
* Implement OnDestroy lifecycle hook in PoliciesComponent to close dialog on component destruction. Update dialog reference handling for improved resource management.
* Add documentation to dialogs.mdx so others can know how to prevent drawers staying open
* Fix for PR action test
* Update PoliciesComponent to use optional chaining for myDialogRef
Updates the buttons available in the Access Intelligence "Applications" tab.
- The "Mark as critical" button appears when at least 1 row is selected in the table, and if all selected applications are already marked critical, changes to a "Mark as not critical" button. This functionality allows Admins to either bulk mark critical applications, or bulk unmark critical applications.
- "Assign tasks" has been moved into this tab view, and now is only enabled when there are critical ciphers found without assigned password change tasks. A tooltip appears when hovering on the disabled state, informing the Admin that all tasks have already been assigned.
* Implement dynamic cipher creation permissions in vault header and new cipher menu components
* Enhance new cipher menu button behavior and accessibility. Implement dynamic button label based on creation permissions, allowing direct collection creation when applicable. Update button trigger logic to improve user experience.
* Update apps/web/src/app/vault/individual-vault/vault-header/vault-header.component.ts
Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
* Add canCreateCipher getter for improved readability
---------
Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
* fix(autofill): type throttle to preserve handler this/args and return void
* fix(autofill): strict TS and defaults for inline menu list, throttle typing, TOTP interval
* update snapshots
* swap mouse event for event
* prevent default does nothing on event
* [PM-31685] Removing email hashes
* [PM-31685] fixing tests, which are now passing
* [PM-31685] removing anon access emails field and reusing emails field
* [PM-31685] fixing missed tests
* [PM-31685] fixing missed tests
* [PM-31685] code review changes
* [PM-31685] do not encrypt emails by use of domain functionality
* [PM-31685] test fixes
* Enhance policy edit dialogs by updating dialog size to large for improved layout and switching to openDrawer method for better user experience.
* Enhance policy edit dialogs by adding policy status badges to indicate if a policy is enabled, improving user visibility and experience.
* Update dialog component styles to enhance drawer behavior by changing height to full screen and adding sticky footer for improved layout and user experience.
* Refactor policy display layout by wrapping buttons and badges in a flex container for improved alignment and spacing.
* Refactor password policy forms in admin console for improved layout
- Simplified the structure of form fields in `master-password.component.html` and `password-generator.component.html` by removing unnecessary div wrappers.
- Updated the label for the password type policy override in `messages.json` for clarity.
* Update dialog size in policy edit component for consistency
- Changed the dialog size from 'large' to 'default' in `policy-edit-dialog.component.html` to align with design standards.
* refactor(dialog): update dialog component styles for drawer layout
- Adjusted height class for drawer dialogs from 'tw-h-screen' to 'tw-h-full' for better layout management.
- Removed sticky positioning for footer in drawer mode to improve visual consistency.
* refactor(dialog): enhance form layout for policy edit dialogs
- Added classes for full height and flex column layout to the form elements in policy edit dialogs for improved visual consistency and usability.
* move existing prompting into separate service for the web vault
* add unit tests for web vault prompt service
* add provider
* remove `autoConfirmDialogRef`
* rename auto confirm dialog
* Refactor selection logic in VaultItemsComponent to ensure bulk selection matches visual order. Added getSortedEditableItems method for sorting based on current table configuration, enhancing user experience during selection.
* Refactor sorting logic in VaultItemsComponent to clarify collection prioritization. Updated comments to indicate that collection comparison is direction-independent, enhancing code readability and maintainability.
