Improved handling of grantor access to organizations after takeover (#820)

* Add emergency access warning for Owners of orgs

* Add master password policy enforcement

* Only show password policy if taking over an Owner

* Fix linting errors

* Fix code style and typos

* Fix implicit 'any' type

* Get grantor policies in separate api call

* Update jslib

src/app/settings/emergency-access-takeover.component.html

@@ -12,6 +12,25 @@
             </div>
             <div class="modal-body">
                 <app-callout type="warning">{{'loggedOutWarning' | i18n}}</app-callout>
+                <app-callout type="info" *ngIf="enforcedPolicyOptions">
+                    {{'masterPasswordPolicyInEffect' | i18n}}
+                    <ul class="mb-0">
+                        <li *ngIf="enforcedPolicyOptions?.minComplexity > 0">
+                            {{'policyInEffectMinComplexity' | i18n : getPasswordScoreAlertDisplay()}}
+                        </li>
+                        <li *ngIf="enforcedPolicyOptions?.minLength > 0">
+                            {{'policyInEffectMinLength' | i18n : enforcedPolicyOptions?.minLength.toString()}}
+                        </li>
+                        <li *ngIf="enforcedPolicyOptions?.requireUpper">
+                            {{'policyInEffectUppercase' | i18n}}</li>
+                        <li *ngIf="enforcedPolicyOptions?.requireLower">
+                            {{'policyInEffectLowercase' | i18n}}</li>
+                        <li *ngIf="enforcedPolicyOptions?.requireNumbers">
+                            {{'policyInEffectNumbers' | i18n}}</li>
+                        <li *ngIf="enforcedPolicyOptions?.requireSpecial">
+                            {{'policyInEffectSpecial' | i18n : '!@#$%^&*'}}</li>
+                    </ul>
+                </app-callout>
                 <div class="row">
                     <div class="col-6">
                         <div class="form-group">

src/app/settings/emergency-access-takeover.component.ts

@@ -19,8 +19,13 @@ import { UserService } from 'jslib/abstractions/user.service';
 import { ChangePasswordComponent } from 'jslib/angular/components/change-password.component';
 
 import { KdfType } from 'jslib/enums/kdfType';
+import { PolicyData } from 'jslib/models/data/policyData';
+import { Policy } from 'jslib/models/domain/policy';
 import { SymmetricCryptoKey } from 'jslib/models/domain/symmetricCryptoKey';
 import { EmergencyAccessPasswordRequest } from 'jslib/models/request/emergencyAccessPasswordRequest';
+import { ListResponse } from 'jslib/models/response';
+import { EmergencyAccessTakeoverResponse } from 'jslib/models/response/emergencyAccessResponse';
+import { PolicyResponse } from 'jslib/models/response/policyResponse';
 
 @Component({
     selector: 'emergency-access-takeover',
@@ -45,8 +50,13 @@ export class EmergencyAccessTakeoverComponent extends ChangePasswordComponent im
             platformUtilsService, policyService);
     }
 
-    // tslint:disable-next-line
-    async ngOnInit() { }
+    async ngOnInit() {
+        const response = await this.apiService.getEmergencyGrantorPolicies(this.emergencyAccessId);
+        if (response.data != null && response.data.length > 0) {
+            const policies = response.data.map((policyResponse: PolicyResponse) => new Policy(new PolicyData(policyResponse)));
+            this.enforcedPolicyOptions = await this.policyService.getMasterPasswordPolicyOptions(policies);
+        }
+     }
 
     async submit() {
         if (!await this.strongPassword()) {

src/app/settings/emergency-access.component.html

@@ -8,6 +8,10 @@
     </a>
 </p>
 
+<p *ngIf="isOrganizationOwner">
+    <b>{{'warning' | i18n }}:</b> {{'emergencyAccessOwnerWarning' | i18n}}
+</p>
+
 <div class="page-header d-flex">
     <h2>
         {{'trustedEmergencyContacts' | i18n}}

src/app/settings/emergency-access.component.ts

@@ -36,6 +36,7 @@ export class EmergencyAccessComponent implements OnInit {
     emergencyAccessType = EmergencyAccessType;
     emergencyAccessStatusType = EmergencyAccessStatusType;
     actionPromise: Promise<any>;
+    isOrganizationOwner: boolean;
 
     private modal: ModalComponent = null;
 
@@ -48,6 +49,8 @@ export class EmergencyAccessComponent implements OnInit {
 
     async ngOnInit() {
         this.canAccessPremium = await this.userService.canAccessPremium();
+        const orgs = await this.userService.getAllOrganizations();
+        this.isOrganizationOwner = orgs.some(o => o.isOwner);
         this.load();
     }
 

src/locales/en/messages.json

@@ -3424,7 +3424,10 @@
     "message": "Emergency Access"
   },
   "emergencyAccessDesc": {
-    "message": "Grant and manage emergency access for trusted contacts. Trusted contacts may request access to either View or Takeover your account in case of a emergency. Visit our help page for more information and details into how zero knowledge sharing works."
+    "message": "Grant and manage emergency access for trusted contacts. Trusted contacts may request access to either View or Takeover your account in case of an emergency. Visit our help page for more information and details into how zero knowledge sharing works."
+  },
+  "emergencyAccessOwnerWarning": {
+    "message": "You are an Owner of one or more organizations. If you give takeover access to an emergency contact, they will be able to use all your permissions as Owner after a takeover."
   },
   "trustedEmergencyContacts": {
     "message": "Trusted emergency contacts"