* refactor: Remove direct self-hosted org creation from OrganizationPlansComponent
* tests: Add comprehensive test suite for OrganizationPlansComponent
When "Owners and admins can manage all collections and items" is OFF, Password Manager
reports incorrectly filter out items from collections where the user has "Can view",
"Can view except passwords", or "Can edit except passwords" access.
The root cause is that all five PM report components filter ciphers using
`(!this.organization && !edit) || !viewPassword`. Since PM reports run without an
organization context (this.organization is undefined), this condition excludes any
item where edit=false or viewPassword=false. These permission checks are unnecessary
for PM reports because:
1. Personal vault items always have edit=true and viewPassword=true, so the checks
never applied to them.
2. Organization items should appear in reports regardless of permission level — the
user has collection access, and edit restrictions should only affect the item
dialog, not report visibility.
3. Admin Console reports (which work correctly) skip this filtering because
this.organization is always set, making the condition always false.
This also explains why "Can edit except passwords" items only appeared in the
Unsecured Websites report — it was the only report that didn't check !viewPassword.
Removed the edit/viewPassword filter conditions from all five PM report components:
- exposed-passwords-report
- weak-passwords-report
- reused-passwords-report
- inactive-two-factor-report
- unsecured-websites-report
* stabilize table column widths with fixed layout (PM-31163)
Add layout="fixed" and explicit width classes to report tables to prevent
column widths from shifting during virtual scroll.
Files changed:
- weak-passwords-report.component.html
- reused-passwords-report.component.html
- exposed-passwords-report.component.html
- inactive-two-factor-report.component.html
- unsecured-websites-report.component.html
* use auto width for name column to fix width calculation (PM-31163)
Remove tw-w-1/2 from name column headers. With layout="fixed", the
explicit percentages didn't sum to 100%, causing inconsistent column widths.
Before: | 48px | 50% | 25% | 25% | = 48px + 100% (overflow)
After: | 48px | auto | 25% | 25% | = columns sum correctly
Name column now uses auto to fill remaining space.
* render headers in Admin Console to fix column widths (PM-31163)
Admin Console reports had a very wide icon column because no headers were
rendered. Without headers, table-layout: fixed uses data row content to
determine column widths, causing inconsistent sizing.
Root cause:
Three reports had their entire <ng-container header> block inside
@if (!isAdminConsoleActive), so when isAdminConsoleActive=true (Admin
Console), no headers were rendered at all.
Before (broken):
@if (!isAdminConsoleActive) {
<ng-container header> <!-- Entire header skipped in Admin Console -->
<th>Icon</th>
<th>Name</th>
<th>Owner</th>
</ng-container>
}
After (fixed):
<ng-container header> <!-- Always render headers -->
<th>Icon</th>
<th>Name</th>
@if (!isAdminConsoleActive) {
<th>Owner</th> <!-- Only Owner is conditional -->
}
</ng-container>
This matches the pattern already used by weak-passwords-report and
exposed-passwords-report, which were working correctly.
Files changed:
- unsecured-websites-report.component.html
- reused-passwords-report.component.html
- inactive-two-factor-report.component.html
Result:
- Admin Console now renders headers with correct column widths
- Icon column is 48px (tw-w-12) as expected
- Owner column properly hidden in Admin Console view
* truncate long item names to prevent column overflow
- you can hover cursor for tooltip to see full name
* [PM-27782] Update Access Intelligence loading state text
Simplify the loading progress messages shown during Access Intelligence
report generation to be more user-friendly and concise.
Changes:
- Add new i18n keys with simplified text
- Update ProgressStepConfig to use new keys
Progress message updates:
- "Fetching member data..." → "Reviewing member data..."
- "Analyzing password health..." → "Analyzing passwords..."
- "Calculating risk scores..." → "Calculating risks..."
- "Generating report data..." → "Generating reports..."
- "Saving report..." → "Compiling insights..."
- "Compiling insights..." → "Done!"
* delete old messages
* remove all "this might take a few minutes"
* Implement the required changes
* Fix the family plan creation for expired sub
* Resolve the pr comments
* resolve the resubscribe issue
* Removed redirectOnCompletion: true from the resubscribe
* Display the Change payment method dialog on the subscription page
* adjust the page reload time
* revert payment method open in subscription page
* Enable cancel premium see the subscription page
* Revert the removal of hasPremiumPersonally
* remove extra space
* Add can view subscription
* Use the canViewSubscription
* Resolve the tab default to premium
* use the subscription Instead of hasPremium
* Revert the changes on user-subscription
* Use the flag to redirect to subscription page
* revert the canViewSubscription change
* resolve the route issue with premium
* Change the path to
* Revert the previous iteration changes
* Fix the build error
* [PM-31750] Refactor members routing and user confirmation logic
* Simplified user confirmation process by removing feature flag checks.
* Updated routing to directly use the new members component without feature flagging.
* Removed deprecated members component references from routing modules.
* Cleaned up feature flag enum by removing unused entries.
* trigger claude
* [PM-31750] Refactor members component and remove deprecated files
* Renamed vNextMembersComponent to MembersComponent for consistency.
* Removed deprecated_members.component.ts and associated HTML files.
* Updated routing and references to use the new MembersComponent.
* Cleaned up related tests to reflect the component name change.
* Refactor import statements in security-tasks.service.ts for improved readability
* Update apps/web/src/app/admin-console/organizations/manage/user-confirm.component.ts
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
* Remove BaseMembersComponent and related imports from the admin console, streamlining member management functionality.
* Remove unused ConfigService import from UserConfirmComponent to clean up code.
* Implement feature flag logic for user restoration in MemberDialogComponent, allowing conditional restoration based on DefaultUserCollectionRestore flag.
---------
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
* Changes on browser
* Changes on desktop
* Changes on web
* Fix chromatic story
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
This PR fixes an issue where admins couldn't edit ciphers in organization reports when the "Allow Admin Access to All Collection Items" setting was enabled.
The fix adds a check for organization.allowAdminAccessToAllCollectionItems in the canManage() method across all organization report components. When this setting is enabled, admins/owners can now properly edit all ciphers regardless of collection membership.
Fix issue where ciphers appearing in the Org 2FA report would render without the cipher name shown. This was happening for all ciphers in Collections the active User did not have access to.
* Fix virtual scroll gap in exposed-passwords-report by setting rowSize to 54px
* Fix virtual scroll gap in weak-passwords-report by setting rowSize to 54px
First step of removing code for old Access Intelligence tabs. The old tabs should not appear when the milestone 11 feature flag is on. Once flipped in Production, the remainder of this ticket can be completed (old code entirely removed)
Also included in this change is a copy update for the sub heading of the page.
* display translated content for attachments that cannot be downloaded
* consume decryption failure from the sdk for attachments
* add decryption errors from sdk
* only show fix attachment issues for when key is null and it does not have a decryption failure
* separate decryption failure state in view
* Implement OnDestroy lifecycle hook in PoliciesComponent to close dialog on component destruction. Update dialog reference handling for improved resource management.
* Add documentation to dialogs.mdx so others can know how to prevent drawers staying open
* Fix for PR action test
* Update PoliciesComponent to use optional chaining for myDialogRef
Updates the buttons available in the Access Intelligence "Applications" tab.
- The "Mark as critical" button appears when at least 1 row is selected in the table, and if all selected applications are already marked critical, changes to a "Mark as not critical" button. This functionality allows Admins to either bulk mark critical applications, or bulk unmark critical applications.
- "Assign tasks" has been moved into this tab view, and now is only enabled when there are critical ciphers found without assigned password change tasks. A tooltip appears when hovering on the disabled state, informing the Admin that all tasks have already been assigned.
* Implement dynamic cipher creation permissions in vault header and new cipher menu components
* Enhance new cipher menu button behavior and accessibility. Implement dynamic button label based on creation permissions, allowing direct collection creation when applicable. Update button trigger logic to improve user experience.
* Update apps/web/src/app/vault/individual-vault/vault-header/vault-header.component.ts
Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
* Add canCreateCipher getter for improved readability
---------
Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
* Enhance policy edit dialogs by updating dialog size to large for improved layout and switching to openDrawer method for better user experience.
* Enhance policy edit dialogs by adding policy status badges to indicate if a policy is enabled, improving user visibility and experience.
* Update dialog component styles to enhance drawer behavior by changing height to full screen and adding sticky footer for improved layout and user experience.
* Refactor policy display layout by wrapping buttons and badges in a flex container for improved alignment and spacing.
* Refactor password policy forms in admin console for improved layout
- Simplified the structure of form fields in `master-password.component.html` and `password-generator.component.html` by removing unnecessary div wrappers.
- Updated the label for the password type policy override in `messages.json` for clarity.
* Update dialog size in policy edit component for consistency
- Changed the dialog size from 'large' to 'default' in `policy-edit-dialog.component.html` to align with design standards.
* refactor(dialog): update dialog component styles for drawer layout
- Adjusted height class for drawer dialogs from 'tw-h-screen' to 'tw-h-full' for better layout management.
- Removed sticky positioning for footer in drawer mode to improve visual consistency.
* refactor(dialog): enhance form layout for policy edit dialogs
- Added classes for full height and flex column layout to the form elements in policy edit dialogs for improved visual consistency and usability.
* move existing prompting into separate service for the web vault
* add unit tests for web vault prompt service
* add provider
* remove `autoConfirmDialogRef`
* rename auto confirm dialog
* Refactor selection logic in VaultItemsComponent to ensure bulk selection matches visual order. Added getSortedEditableItems method for sorting based on current table configuration, enhancing user experience during selection.
* Refactor sorting logic in VaultItemsComponent to clarify collection prioritization. Updated comments to indicate that collection comparison is direction-independent, enhancing code readability and maintainability.
Centralize edit permission checks in CipherAuthorizationService instead of using the disableForm parameter passed to VaultItemDialogComponent. This refactoring improves consistency with how delete and restore permissions are handled, establishes a single source of truth for authorization logic, and simplifies caller components.
This change also fixes the bug in ticket, which allows Users to properly edit Ciphers inside of the various Admin Console report types.
Adds a "Select all" checkbox to the table in the Access Intelligence applications tab. This allows users to quickly select or deselect all applications currently showing in the table for marking as critical apps.
* Enhance layout responsiveness in vault components by adding flex properties to improve structure and ensure proper height management.
* Refactor vault component layout to rid of my changes
* Update apps/web/src/app/vault/individual-vault/vault.component.html
Co-authored-by: Jackson Engstrom <jengstrom@bitwarden.com>
---------
Co-authored-by: Jackson Engstrom <jengstrom@bitwarden.com>
