* feat(notification-processing): [PM-19877] System Notification Implementation - Implemented the full feature set for device approval from extension.
* test(notification-processing): [PM-19877] System Notification Implementation - Updated tests.
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* added master password unlock and decryption option fields into identity token connect response
* incorrect master password unlock response parsing
* use sdk
* use sdk
* better type checking on response parsing
* not using sdk
* revert of bad merge conflicts
* revert of bad merge conflicts
* master password unlock setter in state
* unit test coverage for responses processing
* master password unlock in identity user decryption options
* unit test coverage
* unit test coverage
* unit test coverage
* unit test coverage
* lint error
* set master password unlock data in state on identity response and sync response
* revert change in auth's user decryption options
* remove unnecessary cast
* better docs
* change to relative imports
* MasterPasswordUnlockData serialization issue
* explicit undefined type for `syncUserDecryption`
* incorrect identity token response tests
* Add ssoEnabled and ssoMemberDecryptionType properties to ProfileOrganizationResponse
* Add SSO support to Organization model with ssoEnabled and ssoMemberDecryptionType properties, and implement related tests
* Upsert organization SSO settings in memory after save
Updates organization data in memory with new SSO configuration values
to ensure immediate UI updates for Device Approvals page visibility.
* Refactor SSO component to simplify upsertOrganizationWithSsoChanges method
- Updated the method signature to accept a single OrganizationSsoRequest object instead of separate parameters.
- Adjusted the internal logic to directly use properties from the OrganizationSsoRequest for updating the organization state.
* Specify OrganizationData type for updatedOrganization in SSO component
* Add importer dummy lib, add cargo deps for win/mac
* Add Chromium importer source from bitwarden/password-access
* Mod crypto is no more
* Expose some Chromium importer functions via NAPI, replace home with home_dir crate
* Add Chromium importer to the main <-> renderer IPC, export all functions from Rust
* Add password and notes fields to the imported logins
* Fix windows to use homedir instead of home
* Return success/failure results
* Import from account logins and join
* Linux v10 support
* Use mod util on Windows
* Use mod util on macOS
* Refactor to move shared code into chromium.rs
* Fix windows
* Fix Linux as well
* Linux v11 support for Chrome/Gnome, everything is async now
* Support multiple browsers on Linux v11
* Move oo7 to Linux
* Fix Windows
* Fix macOS
* Add support for Brave browser in Linux configuration
* Add support for Opera browser in Linux configuration
* Fix Edge and add Arc on macOS
* Add Opera on macOS
* Add support for Vivaldi browser in macOS configuration
* Add support for Chromium browser in macOS configuration
* Fix Edge on Windows
* Add Opera on Windows
* Add Vivaldi on windows
* Add Chromium to supported browsers on Windows
* stub out UI options for chromium direct import
* call IPC funcs from import-desktop
* add notes to chrome csv importer
* remove (csv) from import tool names and format item names as hostnames
* Add ABE/v20 encryption support
* ABE/v20 architecture description
* Add a build step to produce admin.exe and service.exe
* Add Windows v20/ABE configuration functionality to specify the full path to the admin.exe and service.exe. Use ipc.platform.chromiumImporter.configureWindowsCryptoService to configure the Chromium importer on Windows.
* rename ARCHITECTURE.md to README.md
* aligns with guidance from architecture re: in-repository documentation.
* also fixes a failing lint.
* cargo fmt
* cargo clippy fix
* Declare feature flag for using chromium importer
* Linter fix after executing npm run prettier
* Use feature flag to guard the use of the chromium importer
* Added temporary logging to further debug, why the Angular change detection isn't working as expected
* introduce importer metadata; host metadata from service; includes tests
* fix cli build
* Register autotype module in lib.rs
introduce by a bad merge
* Fix web build
* Fix issue with loaders being undefined and the feature flag turned off
* Add missing Chromium support when selecting chromecsv
* debugging
* remove chromium support from chromecsv metadata
* fix default loader selection
* [PM-24753] cargo lib file (#16090)
* Add new modules
* Fix chromium importer
* Fix compile bugs for toolchain
* remove importer folder
* remove IPC code
* undo setting change
* clippy fixes
* cargo fmt
* clippy fixes
* clippy fixes
* clippy fixes
* clippy fixes
* lint fix
* fix release build
* Add files in CODEOWNERS
* Create tools owned preload.ts
* Move chromium-importer.service under tools-ownership
* Fix typeError
When accessing the Chromium direct import options the file button is hidden, so trying to access it's values will fail
* Fix tools owned preload
* Remove dead code and redundant truncation
* Remove configureWindowsCryptoService function/methods
* Clean up cargo files
* Fix unused async
* Update apps/desktop/desktop_native/bitwarden_chromium_importer/Cargo.toml
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* Fix napi deps
* fix lints
* format
* fix linux lint
* fix windows lints
* format
* fix missing `?`
* fix a different missing `?`
---------
Co-authored-by: Dmitry Yakimenko <detunized@gmail.com>
Co-authored-by: Kyle Spearrin <kyle.spearrin@gmail.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: ✨ Audrey ✨ <ajensen@bitwarden.com>
Co-authored-by: ✨ Audrey ✨ <audrey@audreyality.com>
Co-authored-by: adudek-bw <adudek@bitwarden.com>
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* feat(inactive-user-server-notification): [PM-25130] Inactive User Server Notify - Adds in tests and feature for notifying inactive users.
* feat(inactive-user-server-notification): [PM-25130] Inactive User Server Notify - Added feature flag.
* fix(inactive-user-server-notification): [PM-25130] Inactive User Server Notify - Implemented trackedMerge.
* tests: remove feature flag use in tests
* tests: remove breadcrumbingPolicyTests and add service tests
* refactor: remove event log use of flag from org-layout component
* refactor: remove new policy code from org-layout component
* refactor: remove event log use of flag from events component
* refactor: remove event log use from collection dialog component
* refactor: remove event log use from vault-header component
* refactor: remove event-log route logic for org-reporting
* refactor: remove logic from org-settings routing
* refactor: remove breadcrumbing function and from billing service
* refactor: remove ConfigService from DI for billing service
* refactor: remove new policy code from policy-edit component
* refactor: remove new policy code from policies component
* refactor: remove feature flag
* fix(Admin Console): revert to use of reactive observables pattern
* fix(Admin Console): remove type artifact from reversion
* Passed in userId on RemovePasswordComponent.
* Added userId on other references to KeyConnectorService methods
* remove password component refactor, test coverage, enabled strict
* explicit user id provided to key connector service
* redirect to / instead when user not logged in or not managing organization
* key connector service explicit user id
* key connector service no longer requires account service
* key connector service missing null type
* cli convert to key connector unit tests
* remove unnecessary SyncService
* error toast not showing on ErrorResponse
* bad import due to merge conflict
* bad import due to merge conflict
* missing loading in remove password component for browser extension
* error handling in remove password component
* organization observable race condition in key-connector
* usesKeyConnector always returns boolean
* unit test coverage
* key connector reactive
* reactive key connector service
* introducing convertAccountRequired$
* cli build fix
* moving message sending side effect to sync
* key connector service unit tests
* fix unit tests
* move key connector components to KM team ownership
* new unit tests in wrong place
* key connector domain shown in remove password component
* type safety improvements
* convert to key connector command localization
* key connector domain in convert to key connector command
* convert to key connector command unit tests with prompt assert
* organization name placement change in the remove password component
* unit test update
* show key connector domain for new sso users
* confirm key connector domain page does not require auth guard
* confirm key connector domain page showing correctly
* key connector url required to be provided when migrating user
* missing locales
* desktop styling
* have to sync and navigate to vault after key connector keys exchange
* logging verbosity
* splitting the web client
* splitting the browser client
* cleanup
* splitting the desktop client
* cleanup
* cleanup
* not necessary if condition
* key connector domain tests fix for sso componrnt and login strategy
* confirm key connector domain base component unit tests coverage
* confirm key connector domain command for cli
* confirm key connector domain command for cli unit tests
* design adjustments
removed repeated text, vertical buttons on desktop, wrong paddings on browser extension
* key connector service unit test coverage
* new linting rules fixes
* accept invitation to organization called twice results in error.
Web vault remembers it's original route destination, which we do not want in case of accepting invitation and Key Connector, since provisioning new user through SSO and Key Connector, the user is already accepted.
* moved required key connector domain confirmation into state
* revert redirect from auth guard
* cleanup
* sso-login.strategy unit test failing
* two-factor-auth.component unit test failing
* two-factor-auth.component unit test coverage
* cli unit test failing
* removal of redundant logs
* removal of un-necessary new lines
* consolidated component
* consolidated component css cleanup
* use KdfConfig type
* consolidate KDF into KdfConfig type in identity token response
* moving KC requiresDomainConfirmation lower in order, after successful auth
* simplification of trySetUserKeyWithMasterKey
* redirect to confirm key connector route when locked but can't unlock yet
---------
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
* [PM-24243] Load config service feature flag into SDK client during initialization
* [PM-24243] Bump sdk version
* [PM-24243] Update load_flags to use generic Map instead of strongly typed object
* [PM-24243] Pass entire feature states object into SDK
* [PM-24243] Bump SDK version
* [PM-24243] Fix failing test
* add exclamation badge for at risk passwords on tab
* add berry icon for the badge when pending tasks are present
* remove integration wtih autofill for pending task badge
* add ability to override Never match strategy
- This is helpful for non-autofill purposes but cipher matching is still needed. This will default to the domain.
* add at-risk-cipher badge updater service
* Revert "add exclamation badge for at risk passwords on tab"
This reverts commit a9643c03d5.
* remove nullish-coalescing
* ensure that all user related observables use the same user.id
---------
Co-authored-by: Shane Melton <smelton@bitwarden.com>
* remove flag and instances of use
* feedback jprusik: additional removals of pageContainsShadowDomElements
* feedback jprusik: remove a stray logic branch
* migrate change login password service to use bitwarden server rather than fetch directly
- avoids CSP entirely
* add `HelpUsersUpdatePasswords` policy to policy type
* add `HelpUsersUpdatePasswordsPolicy` components
* allow list description override for policy description
* add `HelpUsersUpdatePasswordsPolicy` when the feature flag is enabled
* apply `HelpUsersUpdatePasswords` to everyone in an org
* use policy to guard the well known password API
* fix tests
* refactor to use `policyAppliesToUser$`
* remove policy work for change password - this was removed from scope
* update copy for show favicon setting - it now handles both favicons and change password urls
* remove favicon setting description - no longer needed
* only call change password service when the setting is enabled
* add popover for permitting cipher details
* import permit popover directly into the settings component
* replace `nativeFetch` with `fetch`
* use string literal to construct URL rather than `URL` class
- The `getIconsUrl` can return with an appended path which the new URL constructor will strip when passed as the base parameter
* use string literal to construct URL rather than `URL` class instance (#16045)
- The `getIconsUrl` can return with an appended path which the new URL constructor will strip when passed as the base parameter
* [PM-24716] UI changes for Change URI work (#16043)
* use platform service to launch the URI
- this allows desktop to open a separate browser instance rather than use electron
* fix spacing on web app
* add bitLink for focus/hover states
* remove spacing around links
* enforce restrictions based on collection type, set default collection type
* fix ts strict errors
* fix default collection enforcement in vault header
* enforce default collection restrictions in vault collection row
* enforce default collection restrictions in AC vault header
* enforce default collection restriction for select all
* fix ts strict error
* switch to signal, fix feature flag
* fix story
* clean up
* remove feature flag, move check for defaultCollecion to CollecitonView
* fix test
* remove unused configService
* fix test: coerce null to undefined for collection Id
* clean up leaky abstraction for default collection
* fix ts-strict error
* fix parens
* add new property to models, update logic, refactor for ts-strict
* fix type
* rename defaultCollection getter
* clean up
* clean up
* clean up, add comment, fix submit
* add comment
* add feature flag
* check model for name
* cleanup readonly logic, remove featureflag logic
* wip
* refactor CollectionRequest into Create and Update models
* fix readonly logic
* cleanup
* set defaultUserCollectionEmail in decryption from Collection
* split save into update/create methods
* fix readonly logic
* fix collections post and put requests
* add defaultUserCollection email to model when submitting collection dialog
* Add back notifications connection on locked accounts
* Updated tests.
* Make sure web push connection service is started synchronously
* Fixed merge conflicts.
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* [PM-24229] Ensure existing dates are persisted when using CipherExport.toView
* [PM-24229] Test both null and undefined
* [PM-24229] Add test for copied date values
* [PM-24143] Add perUserCache$ to SearchService index$
* [PM-24143] Cleanup and optimize isSearchable
* [PM-24143] Remove unused search flags and subscription from the vault-items component
* [PM-24143] Add search text for desktop vault items. Consolidate SearchTextDebounceInterval constant to SearchService
* [PM-24143] Ensure cipher search indexing is non-blocking
* [PM-24143] Remove redundant index ciphers operation
* [PM-24143] Add search performance measurements
* [PM-24143] Remove artificial delay
* [PM-24143] Remove startWith from index$ to avoid basic search with lunr queries
* [PM-24143] Re-organize isSearchable to check long lunr queries for index existence
* [PM-19479] Client-Managed SDK state definition
* Remove test code
* Update based on latest sdk
* Add DB config
* Remove uuid conversion step
* Move mapper into separate file
* Revert to client managed state
* Move mapper to Cipher
* Typo
---------
Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
* feat(notification-processing): [PM-19877] System Notification Implementation - Minor changes to popup logic and removed content in login component.
* docs(notification-processing): [PM-19877] System Notification Implementation - Added more docs.
* docs(notification-processing): [PM-19877] System Notification Implementation - Added markdown document.
* fix(notification-processing): [PM-19877] System Notification Implementation - Updated condition for if notification is supported.
* fix(notification-processing): [PM-19877] System Notification Implementation - Updated services module with correct platform utils service.
* Adding enums for additional event logs for secrets
* updating messages
* Updating messages to be consistent for logs
* Displaying project logs, and fixing search query param searching in projects list, having deleted log for secrets and projects not show as a link
* Viewing secret and project event logs in event modal, adding to the context menu for secrets and projects the ability to view the logs if user has permission. Restricting logs to SM projs and Secs if the logged in user has event log access but not SM access.
* lint
* Lint Fixes
* fix to messages file
* fixing lint
* Bug fix, make sure event logs related to service accounts are still links that take you to the object
* removing unused import
Adds `shouldUpdate()` checks to frequently updated disk state in the Auth domain, specifically:
- `account_verifyNewDeviceLogin`
- `token_accessToken`
- `token_refreshToken`
- `masterPassword_masterKeyHash`
This ensures that the state only updates if the new value is different from the previous value, thus avoiding unnecessary updates.
* [NO LOGIC] Rename BillableEntity to BitwardenSubscriber
This helps us maintain paraody with server where we call this choice type ISubscriber. I chose BitwardenSubscriber to avoid overlap with RxJS
* [NO LOGIC] Move subscriber-billing.client to clients folder
* [NO LOGIC] Move organization warnings under organization folder
* Move getWarnings from OrganizationBillingApiService to new OrganizationBillingClient
I'd like us to move away from stashing so much in libs and utilizing the JsLibServicesModule when it's not necessary to do so. These are invocations used exclusively by the Web Vault and, until that changes, they should be treated as such
* Refactor OrganizationWarningsService
There was a case added to the Inactive Subscription warning for a free trial, but free trials do not represent inactive subscriptions so this was semantically incorrect. This creates another method that pulls the free trial warning and shows a dialog asking the user to subscribe if they're on one.
* Implement Tax ID Warnings throughout Admin Console and Provider Portal
* Fix linting error
* Jimmy's feedback
