mirror of
https://github.com/bitwarden/browser
synced 2026-02-10 13:40:06 +00:00
dd55086cbb
* refactor SSO policy check to check for SSO users that have `ssoBound` true on any of their organizations
* Revert "refactor SSO policy check to check for SSO users that have `ssoBound` true on any of their organizations"
This reverts commit 419c26fbbc.
* update new device verification guard to check for master password usage
* add sso check for new device verification guard
162 lines
5.2 KiB
TypeScript
162 lines
5.2 KiB
TypeScript
import { TestBed } from "@angular/core/testing";
|
|
|
|
import { ApiService } from "@bitwarden/common/abstractions/api.service";
|
|
import { OrganizationUserType } from "@bitwarden/common/admin-console/enums";
|
|
|
|
import { VaultProfileService } from "./vault-profile.service";
|
|
|
|
describe("VaultProfileService", () => {
|
|
let service: VaultProfileService;
|
|
const userId = "profile-id";
|
|
const hardcodedDateString = "2024-02-24T12:00:00Z";
|
|
|
|
const getProfile = jest.fn().mockResolvedValue({
|
|
creationDate: hardcodedDateString,
|
|
twoFactorEnabled: true,
|
|
id: "new-user-id",
|
|
organizations: [
|
|
{
|
|
ssoBound: true,
|
|
type: OrganizationUserType.Admin,
|
|
},
|
|
],
|
|
});
|
|
|
|
beforeEach(() => {
|
|
getProfile.mockClear();
|
|
|
|
TestBed.configureTestingModule({
|
|
providers: [{ provide: ApiService, useValue: { getProfile } }],
|
|
});
|
|
|
|
jest.useFakeTimers();
|
|
jest.setSystemTime(new Date("2024-02-22T00:00:00Z"));
|
|
service = TestBed.runInInjectionContext(() => new VaultProfileService());
|
|
service["userId"] = userId;
|
|
});
|
|
|
|
afterEach(() => {
|
|
jest.useRealTimers();
|
|
});
|
|
|
|
describe("getProfileCreationDate", () => {
|
|
it("calls `getProfile` when stored profile date is not set", async () => {
|
|
expect(service["profileCreatedDate"]).toBeNull();
|
|
|
|
const date = await service.getProfileCreationDate(userId);
|
|
|
|
expect(date.toISOString()).toBe("2024-02-24T12:00:00.000Z");
|
|
expect(getProfile).toHaveBeenCalled();
|
|
});
|
|
|
|
it("calls `getProfile` when stored profile id does not match", async () => {
|
|
service["profileCreatedDate"] = hardcodedDateString;
|
|
service["userId"] = "old-user-id";
|
|
|
|
const date = await service.getProfileCreationDate(userId);
|
|
|
|
expect(date.toISOString()).toBe("2024-02-24T12:00:00.000Z");
|
|
expect(getProfile).toHaveBeenCalled();
|
|
});
|
|
|
|
it("does not call `getProfile` when the date is already stored", async () => {
|
|
service["profileCreatedDate"] = hardcodedDateString;
|
|
|
|
const date = await service.getProfileCreationDate(userId);
|
|
|
|
expect(date.toISOString()).toBe("2024-02-24T12:00:00.000Z");
|
|
expect(getProfile).not.toHaveBeenCalled();
|
|
});
|
|
});
|
|
|
|
describe("getProfileTwoFactorEnabled", () => {
|
|
it("calls `getProfile` when stored 2FA property is not stored", async () => {
|
|
expect(service["profile2FAEnabled"]).toBeNull();
|
|
|
|
const twoFactorEnabled = await service.getProfileTwoFactorEnabled(userId);
|
|
|
|
expect(twoFactorEnabled).toBe(true);
|
|
expect(getProfile).toHaveBeenCalled();
|
|
});
|
|
|
|
it("calls `getProfile` when stored profile id does not match", async () => {
|
|
service["profile2FAEnabled"] = false;
|
|
service["userId"] = "old-user-id";
|
|
|
|
const twoFactorEnabled = await service.getProfileTwoFactorEnabled(userId);
|
|
|
|
expect(twoFactorEnabled).toBe(true);
|
|
expect(getProfile).toHaveBeenCalled();
|
|
});
|
|
|
|
it("does not call `getProfile` when 2FA property is already stored", async () => {
|
|
service["profile2FAEnabled"] = false;
|
|
|
|
const twoFactorEnabled = await service.getProfileTwoFactorEnabled(userId);
|
|
|
|
expect(twoFactorEnabled).toBe(false);
|
|
expect(getProfile).not.toHaveBeenCalled();
|
|
});
|
|
});
|
|
|
|
describe("getUserSSOBound", () => {
|
|
it("calls `getProfile` when stored ssoBound property is not stored", async () => {
|
|
expect(service["userIsSsoBound"]).toBeNull();
|
|
|
|
const userIsSsoBound = await service.getUserSSOBound(userId);
|
|
|
|
expect(userIsSsoBound).toBe(true);
|
|
expect(getProfile).toHaveBeenCalled();
|
|
});
|
|
|
|
it("calls `getProfile` when stored profile id does not match", async () => {
|
|
service["userIsSsoBound"] = false;
|
|
service["userId"] = "old-user-id";
|
|
|
|
const userIsSsoBound = await service.getUserSSOBound(userId);
|
|
|
|
expect(userIsSsoBound).toBe(true);
|
|
expect(getProfile).toHaveBeenCalled();
|
|
});
|
|
|
|
it("does not call `getProfile` when ssoBound property is already stored", async () => {
|
|
service["userIsSsoBound"] = false;
|
|
|
|
const userIsSsoBound = await service.getUserSSOBound(userId);
|
|
|
|
expect(userIsSsoBound).toBe(false);
|
|
expect(getProfile).not.toHaveBeenCalled();
|
|
});
|
|
});
|
|
|
|
describe("getUserSSOBoundAdminOwner", () => {
|
|
it("calls `getProfile` when stored userIsSsoBoundAdminOwner property is not stored", async () => {
|
|
expect(service["userIsSsoBoundAdminOwner"]).toBeNull();
|
|
|
|
const userIsSsoBoundAdminOwner = await service.getUserSSOBoundAdminOwner(userId);
|
|
|
|
expect(userIsSsoBoundAdminOwner).toBe(true);
|
|
expect(getProfile).toHaveBeenCalled();
|
|
});
|
|
|
|
it("calls `getProfile` when stored profile id does not match", async () => {
|
|
service["userIsSsoBoundAdminOwner"] = false;
|
|
service["userId"] = "old-user-id";
|
|
|
|
const userIsSsoBoundAdminOwner = await service.getUserSSOBoundAdminOwner(userId);
|
|
|
|
expect(userIsSsoBoundAdminOwner).toBe(true);
|
|
expect(getProfile).toHaveBeenCalled();
|
|
});
|
|
|
|
it("does not call `getProfile` when userIsSsoBoundAdminOwner property is already stored", async () => {
|
|
service["userIsSsoBoundAdminOwner"] = false;
|
|
|
|
const userIsSsoBoundAdminOwner = await service.getUserSSOBoundAdminOwner(userId);
|
|
|
|
expect(userIsSsoBoundAdminOwner).toBe(false);
|
|
expect(getProfile).not.toHaveBeenCalled();
|
|
});
|
|
});
|
|
});
|