Update the scan operator in _setupReportState to detect organization
changes and handle them differently from same-org updates.
Logic:
1. If organizationId changed -> Use currState.data directly
- Allows null to clear old org's data when switching
- Fixes PM-26676: Org data persists when switching orgs
2. If same org (or no orgId) -> Preserve prevState.data when null
- Maintains critical flags during loading states
- Fixes PM-27291: Critical flags lost when generating new reports
This resolves the conflict between PR #17008 and PR #17053:
- PR #17008 needed: "Don't clear data when null" (preserve critical flags)
- PR #17053 needed: "Clear data when null" (remove old org data)
Now both behaviors work correctly by detecting the organization context.
Testing:
- Organization switching: Old org data cleared, new org data loads
- Critical apps: Flags preserved across report generation
- Cross-org: Each org maintains its own critical app flags
Update removeCriticalApplication$ and saveCriticalApplications$ to
preserve organizationId from the current report state when emitting
mark/unmark updates.
This ensures critical app flag updates maintain the organization
context, allowing the scan operator to correctly identify them as
same-org updates (which should preserve data) rather than org changes
(which should clear data).
Without this, mark/unmark updates would emit without organizationId,
causing the scan operator to incorrectly treat them as new org states.
Update _fetchReport$ and _generateNewApplicationsReport$ methods to
include organizationId in all state emissions (loading, success, error).
This ensures every state update knows which organization it belongs to,
enabling the scan operator to detect organization changes.
Changes:
- _fetchReport$: Add organizationId to all returned states
- _generateNewApplicationsReport$: Add organizationId to all returned states
Both methods receive organizationId as a parameter and now thread it
through to all state emissions.
Add optional organizationId field to ReportState to track which
organization the state belongs to. This enables the scan operator
to detect organization changes and handle them appropriately.
Part of fixing the conflict between:
- PM-27291 (preserve critical flags during report generation)
- PM-26676 (clear data when switching organizations)
The organizationId field allows us to distinguish between:
1. Null data from loading states (same org) - preserve critical flags
2. Null data from org switches - clear old org data
* Fix feature flag check for "pm-25855-chromium-importer-abe"
The old lofgic actually removed all chromium support when the flag was disabled. It should only remove those browser if the flag is disabled and when on Windows.
* Extend tests
* Update comment
* Remove duplicate test
* Add test for when device cannot be detected and throws and error
* Add descriptive comment to feature flag test case assertions
* Better test assertion
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Add tooltip to icon button to display label
* remove legacy cdr variable
* create overlay on focus or hover
* attach describdedby ids
* fix type errors
* remove aria-describedby when not necessary
* fix failing tests
* implement Claude feedback
* fixing broken specs
* remove host attr binding
* Simplify directive aria logic
* Move id to statis number
* do not render empty tooltip
* pass id to tooltip component
* remove pointer-events none to allow tooltip on normal buttons
* exclude some tooltip stories
* change describedby input name
* add story with tooltip on regular button
* enhanced tooltip docs
* set model directly
* change model to input
* Session timeout policy
* default "custom" is 8 hours, validation fixes
* ownership update
* default max allowed timeout is not selected
* adjusting defaults, fixing backwards compatibility, skip type confirmation dialog when switching between the never and on system lock
* unit test coverage
* wording update, custom hours, minutes jumping on errors
* wording update
* wrong session timeout action dropdown label
* show dialog as valid when opened first time, use @for loop, use controls instead of get
* dialog static opener
* easier to understand type value listener
* unit tests
* explicit maximum allowed timeout required error
* eslint revert
• ensure extension method can accept both `blob` type and `arrayBuffer` type
• replace usage of Swift's `url.absoluteString` with `url.path`
• explicitly discard promise returned by `downloadSafari()`
• confine `data` type to `string` since code all code paths assign a `string` value
* new drawer functions for crit apps
* logic for triggering the drawer functions in components
* cleanup unused logic and rename "navigation" to "action"
- ... since the click is now triggering the drawer instead of navigating to another tab/page
* null check for reportData in drawer methods
* use criticalReportResults$ to avoid duplicating logic
* use criticalReportResults$ to avoid dupe logic
* remove unused code
* Add runtime type guards for decrypted JSON data
- Create risk-insights-type-guards.ts with validation functions
- Replace unsafe type assertions with runtime validation in encryption service
- Validate ApplicationHealthReportDetail, OrganizationReportSummary, and OrganizationReportApplication
- Add detailed error messages for validation failures
- Remove TODO comments for type guard implementation
Improves security by preventing malformed data from bypassing type safety and ensures data integrity for decrypted report structures.
* test file fix
* date validation
* add runtime type guards and validation failure tests
Issue 1: Missing Test Coverage for Type Guard Validation Failures
- Create comprehensive test suite with 17 tests covering all validation scenarios
- Test invalid structures, missing fields, wrong types, and edge cases
- Verify proper error messages and validation logic for all data types
Issue 2: Silent Failure on Validation Errors (Security Concern)
- Re-throw validation errors instead of silently returning empty/default data
- Add descriptive error messages indicating potential data corruption or tampering
- Ensure all validation failures are surfaced as security issues, not swallowed
Additional Fix: Date Validation Vulnerability
- Validate date strings before creating Date objects to prevent Invalid Date (NaN)
- Throw explicit errors for unparseable date strings
- Update error handling to catch and properly surface date validation failures
* add empty string validation and sanitize error messages
- Validate array elements are non-empty strings (atRiskCipherIds, cipherIds, newApplications)
- Sanitize validation error messages to prevent information disclosure
- Log detailed errors for debugging, re-throw generic messages
- Add tests for empty string validation and error message sanitization
* add comprehensive validation for scalar strings and numeric ranges
- Validate all scalar string fields are non-empty (applicationName, userName, email, cipherId, userGuid)
- Add numeric range validation (finite, non-negative) for all count fields
- Export type guard functions for testability and reusability
- Add 19 new tests covering edge cases (empty strings, NaN, Infinity, negative numbers)
* prevent prototype pollution and unexpected property injection in type guards
- Validate object prototype is Object.prototype (prevents __proto__ attacks)
- Check for dangerous own properties (constructor, prototype)
- Strict property enumeration - reject objects with unexpected properties
- Add comprehensive security tests (prototype pollution, unexpected props)
- Protects against data tampering and information leakage
* security: always sanitize error messages to prevent information disclosure
- Remove fragile pattern matching in error handlers
- Always throw generic error messages by default
- Log detailed errors for debugging, never expose to callers
- Future-proof against validation error message changes
- Prevents disclosure of internal data structure details
Applies to all decryption/validation methods in encryption service
* security: comprehensive hardening of type validation system
CRITICAL FIXES:
- Add __proto__ to prototype pollution checks (loop-based)
- Remove conditional error sanitization (always sanitize)
SECURITY ENHANCEMENTS:
- Add integer overflow protection (Number.isSafeInteger)
- Add DoS prevention (array/string length limits: 50K/1K)
- Strengthen all 4 type guards with 10-layer validation
LIMITS:
- Max string length: 1,000 characters
- Max array length: 50,000 elements
- Max safe integer: 2^53 - 1
DOCUMENTATION:
- Update code-review-methodology.md with patterns
- Update .cursorrules with security best practices
- Create comprehensive security audit document
All 57 tests passing. No linting errors.
Defense-in-depth complete - production ready.
* fix: consolidate security constants and add upper bound validation
CRITICAL FIXES:
- Consolidate MAX_STRING_LENGTH and MAX_ARRAY_LENGTH to file level (DRY)
- Add MAX_COUNT constant (10M) for upper bound validation
- Apply upper bound checks to all 12 count fields
BENEFITS:
- Single source of truth for security limits
- Prevents business logic issues from extreme values
- Easier maintenance and updates
* fix(billing): update and refactor observable logic
* tests(billing): add additional expects for dialog
* fix(billing): update for claude feedback
* tests(billing): update test conditions and comments
* add state definition for auto confirm
* typo
* refactor organziation user service
* WIP create auto confirm service
* add POST method, finish implementation
* add missing userId param, jsdoc
* fix DI
* refactor organziation user service
* WIP create auto confirm service
* add POST method, finish implementation
* add missing userId param, jsdoc
* clean up, more DI fixes
* remove @Injectable from service, fix tests
* remove from libs/common, fix dir structure, add tests
* filter at risk passwords count to only critical apps
* PM-26929 assign tasks to those apps that are marked as critical
---------
Co-authored-by: voommen-livefront <voommen@livefront.com>
