Remove eager loading of module

* Allow firefox relay service in generator

* Update generator.component.ts

* Update generator.component.ts

* make pretty

.github/workflows/release.yml

@@ -19,8 +19,8 @@ jobs:
     name: Setup
     runs-on: ubuntu-20.04
     outputs:
-      release_version: ${{ steps.version.outputs.package }}
-      tag_version: ${{ steps.version.outputs.tag }}
+      release_version: ${{ steps.version.outputs.version }}
+      tag_version: ${{ steps.version.outputs.version }}
       branch_name: ${{ steps.branch.outputs.branch_name }}
     steps:
       - name: Branch check
@@ -38,20 +38,11 @@ jobs:
 
       - name: Check Release Version
         id: version
-        run: |
-          version=$( jq -r ".version" package.json)
-          previous_release_tag_version=$(
-            curl -sL https://api.github.com/repos/$GITHUB_REPOSITORY/releases/latest | jq -r ".tag_name"
-          )
-
-          if [ "v$version" == "$previous_release_tag_version" ] && \
-          [ "${{ github.event.inputs.release_type }}" == "Initial Release" ]; then
-            echo "[!] Already released v$version. Please bump version to continue"
-            exit 1
-          fi
-
-          echo "::set-output name=package::$version"
-          echo "::set-output name=tag::v$version"
+        uses: bitwarden/gh-actions/release-version-check@ea9fab01d76940267b4147cc1c4542431246b9f6
+        with:
+          release-type: ${{ github.event.inputs.release_type }}
+          project-type: ts
+          file: package.json
 
       - name: Get branch name
         id: branch

bitwarden_license/src/app/organizations/organizations-routing.module.ts

@@ -22,14 +22,16 @@ const routes: Routes = [
         component: ManageComponent,
         canActivate: [PermissionsGuard],
         data: {
-          permissions: NavigationPermissionsService.getPermissions("manage").concat(
-            Permissions.ManageSso
-          ),
+          permissions: NavigationPermissionsService.getPermissions("manage"),
         },
         children: [
           {
             path: "sso",
             component: SsoComponent,
+            canActivate: [PermissionsGuard],
+            data: {
+              permissions: [Permissions.ManageSso],
+            },
           },
         ],
       },

bitwarden_license/src/app/providers/providers.module.ts

@@ -1,11 +1,9 @@
-import { CommonModule } from "@angular/common";
 import { ComponentFactoryResolver, NgModule } from "@angular/core";
-import { FormsModule } from "@angular/forms";
 
-import { JslibModule } from "jslib-angular/jslib.module";
 import { ModalService } from "jslib-angular/services/modal.service";
 
-import { OssModule } from "src/app/oss.module";
+import { LayoutsModule } from "src/app/layouts/layouts.module";
+import { SharedModule } from "src/app/modules/shared.module";
 
 import { AddOrganizationComponent } from "./clients/add-organization.component";
 import { ClientsComponent } from "./clients/clients.component";
@@ -28,7 +26,7 @@ import { SetupProviderComponent } from "./setup/setup-provider.component";
 import { SetupComponent } from "./setup/setup.component";
 
 @NgModule({
-  imports: [CommonModule, FormsModule, OssModule, JslibModule, ProvidersRoutingModule],
+  imports: [SharedModule, LayoutsModule, ProvidersRoutingModule],
   declarations: [
     AcceptProviderComponent,
     AccountComponent,

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "@bitwarden/web-vault",
-  "version": "2.28.1",
+  "version": "2022.05.0",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "@bitwarden/web-vault",
-      "version": "2.28.1",
+      "version": "2022.05.0",
       "hasInstallScript": true,
       "license": "GPL-3.0",
       "dependencies": {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bitwarden/web-vault",
-  "version": "2.28.1",
+  "version": "2022.05.0",
   "license": "GPL-3.0",
   "repository": "https://github.com/bitwarden/web",
   "scripts": {

src/app/accounts/register.component.html

@@ -101,7 +101,7 @@
       <div [ngClass]="{ 'col-5': layout, 'col-12': !layout }">
         <div class="row justify-content-md-center mt-5">
           <div [ngClass]="{ 'col-5': !layout, 'col-12': layout }">
-            <p class="lead text-center mb-4" *ngIf="!layout">{{ "createAccount" | i18n }}</p>
+            <h1 class="lead text-center mb-4" *ngIf="!layout">{{ "createAccount" | i18n }}</h1>
             <div class="card d-block">
               <div class="card-body">
                 <app-callout

src/app/common/base.events.component.ts

@@ -122,17 +122,20 @@ export abstract class BaseEventsComponent {
         const userId = r.actingUserId == null ? r.userId : r.actingUserId;
         const eventInfo = await this.eventService.getEventInfo(r);
         const user = this.getUserName(r, userId);
+        const userName = user != null ? user.name : this.i18nService.t("unknown");
+
         return new EventView({
           message: eventInfo.message,
           humanReadableMessage: eventInfo.humanReadableMessage,
           appIcon: eventInfo.appIcon,
           appName: eventInfo.appName,
           userId: userId,
-          userName: user != null ? user.name : this.i18nService.t("unknown"),
+          userName: r.installationId != null ? `Installation: ${r.installationId}` : userName,
           userEmail: user != null ? user.email : "",
           date: r.date,
           ip: r.ipAddress,
           type: r.type,
+          installationId: r.installationId,
         });
       })
     );

src/app/layouts/footer.component.html

@@ -1,6 +1,6 @@
 <div class="container footer text-muted">
   <div class="row">
-    <div class="col">&copy; {{ year }}, Bitwarden Inc.</div>
+    <div class="col">&copy; {{ year }} Bitwarden Inc.</div>
     <div class="col text-center"></div>
     <div class="col text-right">
       {{ "versionNumber" | i18n: version }}

src/app/layouts/frontend-layout.component.html

@@ -1,5 +1,5 @@
 <router-outlet></router-outlet>
 <div class="container my-5 text-muted text-center">
-  &copy; {{ year }}, Bitwarden Inc. <br />
+  &copy; {{ year }} Bitwarden Inc. <br />
   {{ "versionNumber" | i18n: version }}
 </div>

src/app/layouts/layouts.module.ts

@@ -0,0 +1,13 @@
+import { NgModule } from "@angular/core";
+
+import { FooterComponent } from "../layouts/footer.component";
+import { FrontendLayoutComponent } from "../layouts/frontend-layout.component";
+import { NavbarComponent } from "../layouts/navbar.component";
+import { SharedModule } from "../modules/shared.module";
+
+@NgModule({
+  imports: [SharedModule],
+  declarations: [NavbarComponent, FooterComponent, FrontendLayoutComponent],
+  exports: [NavbarComponent, FooterComponent],
+})
+export class LayoutsModule {}

src/app/modules/loose-components.module.ts

@@ -20,66 +20,10 @@ import { UpdateTempPasswordComponent } from "../accounts/update-temp-password.co
 import { VerifyEmailTokenComponent } from "../accounts/verify-email-token.component";
 import { VerifyRecoverDeleteComponent } from "../accounts/verify-recover-delete.component";
 import { NestedCheckboxComponent } from "../components/nested-checkbox.component";
-import { OrganizationSwitcherComponent } from "../components/organization-switcher.component";
 import { PasswordRepromptComponent } from "../components/password-reprompt.component";
-import { PasswordStrengthComponent } from "../components/password-strength.component";
 import { PremiumBadgeComponent } from "../components/premium-badge.component";
-import { FooterComponent } from "../layouts/footer.component";
-import { FrontendLayoutComponent } from "../layouts/frontend-layout.component";
-import { NavbarComponent } from "../layouts/navbar.component";
+import { LayoutsModule } from "../layouts/layouts.module";
 import { UserLayoutComponent } from "../layouts/user-layout.component";
-import { OrganizationLayoutComponent } from "../organizations/layouts/organization-layout.component";
-import { BulkConfirmComponent as OrgBulkConfirmComponent } from "../organizations/manage/bulk/bulk-confirm.component";
-import { BulkRemoveComponent as OrgBulkRemoveComponent } from "../organizations/manage/bulk/bulk-remove.component";
-import { BulkStatusComponent as OrgBulkStatusComponent } from "../organizations/manage/bulk/bulk-status.component";
-import { CollectionAddEditComponent as OrgCollectionAddEditComponent } from "../organizations/manage/collection-add-edit.component";
-import { CollectionsComponent as OrgManageCollectionsComponent } from "../organizations/manage/collections.component";
-import { EntityEventsComponent as OrgEntityEventsComponent } from "../organizations/manage/entity-events.component";
-import { EventsComponent as OrgEventsComponent } from "../organizations/manage/events.component";
-import { GroupAddEditComponent as OrgGroupAddEditComponent } from "../organizations/manage/group-add-edit.component";
-import { GroupsComponent as OrgGroupsComponent } from "../organizations/manage/groups.component";
-import { ManageComponent as OrgManageComponent } from "../organizations/manage/manage.component";
-import { PeopleComponent as OrgPeopleComponent } from "../organizations/manage/people.component";
-import { PoliciesComponent as OrgPoliciesComponent } from "../organizations/manage/policies.component";
-import { PolicyEditComponent as OrgPolicyEditComponent } from "../organizations/manage/policy-edit.component";
-import { ResetPasswordComponent as OrgResetPasswordComponent } from "../organizations/manage/reset-password.component";
-import { UserAddEditComponent as OrgUserAddEditComponent } from "../organizations/manage/user-add-edit.component";
-import { UserConfirmComponent as OrgUserConfirmComponent } from "../organizations/manage/user-confirm.component";
-import { UserGroupsComponent as OrgUserGroupsComponent } from "../organizations/manage/user-groups.component";
-import { DisableSendPolicyComponent } from "../organizations/policies/disable-send.component";
-import { MasterPasswordPolicyComponent } from "../organizations/policies/master-password.component";
-import { PasswordGeneratorPolicyComponent } from "../organizations/policies/password-generator.component";
-import { PersonalOwnershipPolicyComponent } from "../organizations/policies/personal-ownership.component";
-import { RequireSsoPolicyComponent } from "../organizations/policies/require-sso.component";
-import { ResetPasswordPolicyComponent } from "../organizations/policies/reset-password.component";
-import { SendOptionsPolicyComponent } from "../organizations/policies/send-options.component";
-import { SingleOrgPolicyComponent } from "../organizations/policies/single-org.component";
-import { TwoFactorAuthenticationPolicyComponent } from "../organizations/policies/two-factor-authentication.component";
-import { AccountComponent as OrgAccountComponent } from "../organizations/settings/account.component";
-import { AdjustSubscription } from "../organizations/settings/adjust-subscription.component";
-import { BillingSyncApiKeyComponent } from "../organizations/settings/billing-sync-api-key.component";
-import { ChangePlanComponent } from "../organizations/settings/change-plan.component";
-import { DeleteOrganizationComponent } from "../organizations/settings/delete-organization.component";
-import { DownloadLicenseComponent } from "../organizations/settings/download-license.component";
-import { ImageSubscriptionHiddenComponent as OrgSubscriptionHiddenComponent } from "../organizations/settings/image-subscription-hidden.component";
-import { OrganizationBillingComponent } from "../organizations/settings/organization-billing.component";
-import { OrganizationSubscriptionComponent } from "../organizations/settings/organization-subscription.component";
-import { SettingsComponent as OrgSettingComponent } from "../organizations/settings/settings.component";
-import { TwoFactorSetupComponent as OrgTwoFactorSetupComponent } from "../organizations/settings/two-factor-setup.component";
-import { AcceptFamilySponsorshipComponent } from "../organizations/sponsorships/accept-family-sponsorship.component";
-import { FamiliesForEnterpriseSetupComponent } from "../organizations/sponsorships/families-for-enterprise-setup.component";
-import { ExportComponent as OrgExportComponent } from "../organizations/tools/export.component";
-import { ExposedPasswordsReportComponent as OrgExposedPasswordsReportComponent } from "../organizations/tools/exposed-passwords-report.component";
-import { ImportComponent as OrgImportComponent } from "../organizations/tools/import.component";
-import { InactiveTwoFactorReportComponent as OrgInactiveTwoFactorReportComponent } from "../organizations/tools/inactive-two-factor-report.component";
-import { ReusedPasswordsReportComponent as OrgReusedPasswordsReportComponent } from "../organizations/tools/reused-passwords-report.component";
-import { ToolsComponent as OrgToolsComponent } from "../organizations/tools/tools.component";
-import { UnsecuredWebsitesReportComponent as OrgUnsecuredWebsitesReportComponent } from "../organizations/tools/unsecured-websites-report.component";
-import { WeakPasswordsReportComponent as OrgWeakPasswordsReportComponent } from "../organizations/tools/weak-passwords-report.component";
-import { AddEditComponent as OrgAddEditComponent } from "../organizations/vault/add-edit.component";
-import { AttachmentsComponent as OrgAttachmentsComponent } from "../organizations/vault/attachments.component";
-import { CiphersComponent as OrgCiphersComponent } from "../organizations/vault/ciphers.component";
-import { CollectionsComponent as OrgCollectionsComponent } from "../organizations/vault/collections.component";
 import { ProvidersComponent } from "../providers/providers.component";
 import { BreachReportComponent } from "../reports/breach-report.component";
 import { ExposedPasswordsReportComponent } from "../reports/exposed-passwords-report.component";
@@ -114,10 +58,7 @@ import { EmergencyAccessTakeoverComponent } from "../settings/emergency-access-t
 import { EmergencyAccessViewComponent } from "../settings/emergency-access-view.component";
 import { EmergencyAccessComponent } from "../settings/emergency-access.component";
 import { EmergencyAddEditComponent } from "../settings/emergency-add-edit.component";
-import { LinkSsoComponent } from "../settings/link-sso.component";
-import { OrganizationPlansComponent } from "../settings/organization-plans.component";
 import { PaymentMethodComponent } from "../settings/payment-method.component";
-import { PaymentComponent } from "../settings/payment.component";
 import { PreferencesComponent } from "../settings/preferences.component";
 import { PremiumComponent } from "../settings/premium.component";
 import { ProfileComponent } from "../settings/profile.component";
@@ -169,11 +110,10 @@ import { OrganizationBadgeModule } from "./vault/modules/organization-badge/orga
 // Please do not add to this list of declarations - we should refactor these into modules when doing so makes sense until there are none left.
 // If you are building new functionality, please create or extend a feature module instead.
 @NgModule({
-  imports: [SharedModule, VaultFilterModule, OrganizationBadgeModule, PipesModule],
+  imports: [SharedModule, VaultFilterModule, OrganizationBadgeModule, PipesModule, LayoutsModule],
   declarations: [
     PremiumBadgeComponent,
     AcceptEmergencyComponent,
-    AcceptFamilySponsorshipComponent,
     AcceptOrganizationComponent,
     AccessComponent,
     AccountComponent,
@@ -183,10 +123,8 @@ import { OrganizationBadgeModule } from "./vault/modules/organization-badge/orga
     AddEditCustomFieldsComponent,
     AdjustPaymentComponent,
     AdjustStorageComponent,
-    AdjustSubscription,
     ApiKeyComponent,
     AttachmentsComponent,
-    BillingSyncApiKeyComponent,
     BillingSyncKeyComponent,
     BreachReportComponent,
     BulkActionsComponent,
@@ -197,16 +135,12 @@ import { OrganizationBadgeModule } from "./vault/modules/organization-badge/orga
     ChangeEmailComponent,
     ChangeKdfComponent,
     ChangePasswordComponent,
-    ChangePlanComponent,
     CiphersComponent,
     CollectionsComponent,
     CreateOrganizationComponent,
     DeauthorizeSessionsComponent,
     DeleteAccountComponent,
-    DeleteOrganizationComponent,
-    DisableSendPolicyComponent,
     DomainRulesComponent,
-    DownloadLicenseComponent,
     EmergencyAccessAddEditComponent,
     EmergencyAccessAttachmentsComponent,
     EmergencyAccessComponent,
@@ -216,65 +150,17 @@ import { OrganizationBadgeModule } from "./vault/modules/organization-badge/orga
     EmergencyAddEditComponent,
     ExportComponent,
     ExposedPasswordsReportComponent,
-    FamiliesForEnterpriseSetupComponent,
     FolderAddEditComponent,
-    FooterComponent,
-    FrontendLayoutComponent,
     HintComponent,
     ImportComponent,
     InactiveTwoFactorReportComponent,
-    LinkSsoComponent,
     LockComponent,
     LoginComponent,
-    MasterPasswordPolicyComponent,
-    NavbarComponent,
     NestedCheckboxComponent,
-    OrganizationSwitcherComponent,
-    OrgAccountComponent,
-    OrgAddEditComponent,
-    OrganizationBillingComponent,
-    OrganizationLayoutComponent,
-    OrganizationPlansComponent,
-    OrganizationSubscriptionComponent,
-    OrgAttachmentsComponent,
-    OrgBulkConfirmComponent,
-    OrgBulkRemoveComponent,
-    OrgBulkStatusComponent,
-    OrgCiphersComponent,
-    OrgCollectionAddEditComponent,
-    OrgCollectionsComponent,
-    OrgEntityEventsComponent,
-    OrgEventsComponent,
-    OrgExportComponent,
-    OrgExposedPasswordsReportComponent,
-    OrgGroupAddEditComponent,
-    OrgGroupsComponent,
-    OrgImportComponent,
-    OrgInactiveTwoFactorReportComponent,
-    OrgManageCollectionsComponent,
-    OrgManageComponent,
-    OrgPeopleComponent,
-    OrgPoliciesComponent,
-    OrgPolicyEditComponent,
-    OrgResetPasswordComponent,
-    OrgReusedPasswordsReportComponent,
-    OrgSettingComponent,
-    OrgToolsComponent,
-    OrgTwoFactorSetupComponent,
-    OrgSubscriptionHiddenComponent,
-    OrgUnsecuredWebsitesReportComponent,
-    OrgUserAddEditComponent,
-    OrgUserConfirmComponent,
-    OrgUserGroupsComponent,
-    OrgWeakPasswordsReportComponent,
     GeneratorComponent,
     PasswordGeneratorHistoryComponent,
-    PasswordGeneratorPolicyComponent,
     PasswordRepromptComponent,
-    PasswordStrengthComponent,
-    PaymentComponent,
     PaymentMethodComponent,
-    PersonalOwnershipPolicyComponent,
     PreferencesComponent,
     PremiumBadgeComponent,
     PremiumComponent,
@@ -288,26 +174,21 @@ import { OrganizationBadgeModule } from "./vault/modules/organization-badge/orga
     ReportCardComponent,
     ReportListComponent,
     ReportsComponent,
-    RequireSsoPolicyComponent,
-    ResetPasswordPolicyComponent,
     ReusedPasswordsReportComponent,
     SecurityComponent,
     SecurityKeysComponent,
     SendAddEditComponent,
     SendComponent,
     SendEffluxDatesComponent,
-    SendOptionsPolicyComponent,
     SetPasswordComponent,
     SettingsComponent,
     ShareComponent,
-    SingleOrgPolicyComponent,
     SponsoredFamiliesComponent,
     SponsoringOrgRowComponent,
     SsoComponent,
     SubscriptionComponent,
     TaxInfoComponent,
     ToolsComponent,
-    TwoFactorAuthenticationPolicyComponent,
     TwoFactorAuthenticatorComponent,
     TwoFactorComponent,
     TwoFactorDuoComponent,
@@ -345,7 +226,6 @@ import { OrganizationBadgeModule } from "./vault/modules/organization-badge/orga
     AddEditCustomFieldsComponent,
     AdjustPaymentComponent,
     AdjustStorageComponent,
-    AdjustSubscription,
     ApiKeyComponent,
     AttachmentsComponent,
     BreachReportComponent,
@@ -357,16 +237,12 @@ import { OrganizationBadgeModule } from "./vault/modules/organization-badge/orga
     ChangeEmailComponent,
     ChangeKdfComponent,
     ChangePasswordComponent,
-    ChangePlanComponent,
     CiphersComponent,
     CollectionsComponent,
     CreateOrganizationComponent,
     DeauthorizeSessionsComponent,
     DeleteAccountComponent,
-    DeleteOrganizationComponent,
-    DisableSendPolicyComponent,
     DomainRulesComponent,
-    DownloadLicenseComponent,
     EmergencyAccessAddEditComponent,
     EmergencyAccessAttachmentsComponent,
     EmergencyAccessComponent,
@@ -376,64 +252,17 @@ import { OrganizationBadgeModule } from "./vault/modules/organization-badge/orga
     EmergencyAddEditComponent,
     ExportComponent,
     ExposedPasswordsReportComponent,
-    FamiliesForEnterpriseSetupComponent,
     FolderAddEditComponent,
-    FooterComponent,
-    FrontendLayoutComponent,
     HintComponent,
     ImportComponent,
     InactiveTwoFactorReportComponent,
-    LinkSsoComponent,
     LockComponent,
     LoginComponent,
-    MasterPasswordPolicyComponent,
-    NavbarComponent,
     NestedCheckboxComponent,
-    OrganizationSwitcherComponent,
-    OrgAccountComponent,
-    OrgAddEditComponent,
-    OrganizationBillingComponent,
-    OrganizationLayoutComponent,
-    OrganizationPlansComponent,
-    OrganizationSubscriptionComponent,
-    OrgAttachmentsComponent,
-    OrgBulkConfirmComponent,
-    OrgBulkRemoveComponent,
-    OrgBulkStatusComponent,
-    OrgCiphersComponent,
-    OrgCollectionAddEditComponent,
-    OrgCollectionsComponent,
-    OrgEntityEventsComponent,
-    OrgEventsComponent,
-    OrgExportComponent,
-    OrgExposedPasswordsReportComponent,
-    OrgGroupAddEditComponent,
-    OrgGroupsComponent,
-    OrgImportComponent,
-    OrgInactiveTwoFactorReportComponent,
-    OrgManageCollectionsComponent,
-    OrgManageComponent,
-    OrgPeopleComponent,
-    OrgPoliciesComponent,
-    OrgPolicyEditComponent,
-    OrgResetPasswordComponent,
-    OrgReusedPasswordsReportComponent,
-    OrgSettingComponent,
-    OrgToolsComponent,
-    OrgTwoFactorSetupComponent,
-    OrgUnsecuredWebsitesReportComponent,
-    OrgUserAddEditComponent,
-    OrgUserConfirmComponent,
-    OrgUserGroupsComponent,
-    OrgWeakPasswordsReportComponent,
     GeneratorComponent,
     PasswordGeneratorHistoryComponent,
-    PasswordGeneratorPolicyComponent,
     PasswordRepromptComponent,
-    PasswordStrengthComponent,
-    PaymentComponent,
     PaymentMethodComponent,
-    PersonalOwnershipPolicyComponent,
     PreferencesComponent,
     PremiumBadgeComponent,
     PremiumComponent,
@@ -447,26 +276,21 @@ import { OrganizationBadgeModule } from "./vault/modules/organization-badge/orga
     ReportCardComponent,
     ReportListComponent,
     ReportsComponent,
-    RequireSsoPolicyComponent,
-    ResetPasswordPolicyComponent,
     ReusedPasswordsReportComponent,
     SecurityComponent,
     SecurityKeysComponent,
     SendAddEditComponent,
     SendComponent,
     SendEffluxDatesComponent,
-    SendOptionsPolicyComponent,
     SetPasswordComponent,
     SettingsComponent,
     ShareComponent,
-    SingleOrgPolicyComponent,
     SponsoredFamiliesComponent,
     SponsoringOrgRowComponent,
     SsoComponent,
     SubscriptionComponent,
     TaxInfoComponent,
     ToolsComponent,
-    TwoFactorAuthenticationPolicyComponent,
     TwoFactorAuthenticatorComponent,
     TwoFactorComponent,
     TwoFactorDuoComponent,

src/app/modules/organizations/users/enroll-master-password-reset.component.html

@@ -0,0 +1,59 @@
+<div
+  class="modal fade"
+  role="dialog"
+  aria-modal="true"
+  aria-labelledby="enrollMasterPasswordResetTitle"
+>
+  <div class="modal-dialog modal-dialog-scrollable" role="document">
+    <form
+      class="modal-content"
+      #form
+      (ngSubmit)="submit()"
+      [appApiAction]="formPromise"
+      ngNativeValidate
+    >
+      <div class="modal-header">
+        <h2 class="modal-title" id="enrollMasterPasswordResetTitle">
+          {{ (isEnrolled ? "withdrawPasswordReset" : "enrollPasswordReset") | i18n }}
+        </h2>
+        <button
+          type="button"
+          class="close"
+          data-dismiss="modal"
+          appA11yTitle="{{ 'close' | i18n }}"
+        >
+          <span aria-hidden="true">&times;</span>
+        </button>
+      </div>
+      <div class="modal-body">
+        <app-callout type="warning" *ngIf="!isEnrolled">
+          {{ "resetPasswordEnrollmentWarning" | i18n }}
+        </app-callout>
+        <app-user-verification [(ngModel)]="verification" name="secret"> </app-user-verification>
+      </div>
+      <div class="modal-footer">
+        <button bit-button buttonType="primary" type="submit" [disabled]="form.loading">
+          <i
+            class="bwi bwi-spinner bwi-spin"
+            title="{{ 'loading' | i18n }}"
+            *ngIf="form.loading"
+          ></i>
+          <span>
+            {{ "submit" | i18n }}
+          </span>
+        </button>
+        <button
+          bit-button
+          buttonType="secondary"
+          type="button"
+          data-dismiss="modal"
+          appA11yTitle="{{ 'close' | i18n }}"
+        >
+          <span>
+            {{ "cancel" | i18n }}
+          </span>
+        </button>
+      </div>
+    </form>
+  </div>
+</div>

src/app/modules/organizations/users/enroll-master-password-reset.component.ts

@@ -0,0 +1,97 @@
+import { Component } from "@angular/core";
+
+import { ModalRef } from "jslib-angular/components/modal/modal.ref";
+import { ModalConfig } from "jslib-angular/services/modal.service";
+import { ApiService } from "jslib-common/abstractions/api.service";
+import { CryptoService } from "jslib-common/abstractions/crypto.service";
+import { I18nService } from "jslib-common/abstractions/i18n.service";
+import { LogService } from "jslib-common/abstractions/log.service";
+import { PlatformUtilsService } from "jslib-common/abstractions/platformUtils.service";
+import { SyncService } from "jslib-common/abstractions/sync.service";
+import { UserVerificationService } from "jslib-common/abstractions/userVerification.service";
+import { Utils } from "jslib-common/misc/utils";
+import { Organization } from "jslib-common/models/domain/organization";
+import { OrganizationUserResetPasswordEnrollmentRequest } from "jslib-common/models/request/organizationUserResetPasswordEnrollmentRequest";
+import { Verification } from "jslib-common/types/verification";
+
+@Component({
+  selector: "app-enroll-master-password-reset",
+  templateUrl: "enroll-master-password-reset.component.html",
+})
+export class EnrollMasterPasswordReset {
+  organization: Organization;
+
+  verification: Verification;
+  formPromise: Promise<any>;
+
+  constructor(
+    private userVerificationService: UserVerificationService,
+    private apiService: ApiService,
+    private platformUtilsService: PlatformUtilsService,
+    private i18nService: I18nService,
+    private cryptoService: CryptoService,
+    private syncService: SyncService,
+    private logService: LogService,
+    private modalRef: ModalRef,
+    config: ModalConfig
+  ) {
+    this.organization = config.data.organization;
+  }
+
+  async submit() {
+    let toastStringRef = "withdrawPasswordResetSuccess";
+
+    this.formPromise = this.userVerificationService
+      .buildRequest(this.verification, OrganizationUserResetPasswordEnrollmentRequest)
+      .then(async (request) => {
+        // Set variables
+        let keyString: string = null;
+
+        // Enrolling
+        if (!this.organization.resetPasswordEnrolled) {
+          // Retrieve Public Key
+          const orgKeys = await this.apiService.getOrganizationKeys(this.organization.id);
+          if (orgKeys == null) {
+            throw new Error(this.i18nService.t("resetPasswordOrgKeysError"));
+          }
+
+          const publicKey = Utils.fromB64ToArray(orgKeys.publicKey);
+
+          // RSA Encrypt user's encKey.key with organization public key
+          const encKey = await this.cryptoService.getEncKey();
+          const encryptedKey = await this.cryptoService.rsaEncrypt(encKey.key, publicKey.buffer);
+          keyString = encryptedKey.encryptedString;
+          toastStringRef = "enrollPasswordResetSuccess";
+
+          // Create request and execute enrollment
+          request.resetPasswordKey = keyString;
+          await this.apiService.putOrganizationUserResetPasswordEnrollment(
+            this.organization.id,
+            this.organization.userId,
+            request
+          );
+        } else {
+          // Withdrawal
+          request.resetPasswordKey = keyString;
+          await this.apiService.putOrganizationUserResetPasswordEnrollment(
+            this.organization.id,
+            this.organization.userId,
+            request
+          );
+        }
+
+        await this.syncService.fullSync(true);
+      });
+    try {
+      await this.formPromise;
+      this.platformUtilsService.showToast("success", null, this.i18nService.t(toastStringRef));
+      this.modalRef.close();
+    } catch (e) {
+      this.logService.error(e);
+    }
+  }
+
+  get isEnrolled(): boolean {
+    return this.organization.resetPasswordEnrolled;
+  }
+}

src/app/modules/organizations/users/organization-user.module.ts

@@ -0,0 +1,14 @@
+import { ScrollingModule } from "@angular/cdk/scrolling";
+import { NgModule } from "@angular/core";
+
+import { LooseComponentsModule } from "../../loose-components.module";
+import { SharedModule } from "../../shared.module";
+
+import { EnrollMasterPasswordReset } from "./enroll-master-password-reset.component";
+
+@NgModule({
+  imports: [SharedModule, ScrollingModule, LooseComponentsModule],
+  declarations: [EnrollMasterPasswordReset],
+  exports: [EnrollMasterPasswordReset],
+})
+export class OrganizationUserModule {}

src/app/modules/shared.module.ts

@@ -59,6 +59,10 @@ import { ToastrModule } from "ngx-toastr";
 
 import { JslibModule } from "jslib-angular/jslib.module";
 
+import { PasswordStrengthComponent } from "../components/password-strength.component";
+import { OrganizationPlansComponent } from "../settings/organization-plans.component";
+import { PaymentComponent } from "../settings/payment.component";
+
 registerLocaleData(localeAf, "af");
 registerLocaleData(localeAz, "az");
 registerLocaleData(localeBe, "be");
@@ -127,6 +131,7 @@ registerLocaleData(localeZhTw, "zh-TW");
     ButtonModule,
     MenuModule,
   ],
+  declarations: [PasswordStrengthComponent, OrganizationPlansComponent, PaymentComponent],
   exports: [
     CommonModule,
     DragDropModule,
@@ -142,6 +147,9 @@ registerLocaleData(localeZhTw, "zh-TW");
     BadgeModule,
     ButtonModule,
     MenuModule,
+    PasswordStrengthComponent,
+    OrganizationPlansComponent,
+    PaymentComponent,
   ],
   providers: [DatePipe],
   bootstrap: [],

src/app/modules/vault-filter/components/collection-filter.component.html

@@ -16,7 +16,7 @@
         aria-hidden="true"
       ></i>
     </button>
-    <h3 class="filter-title">{{ collectionsGrouping.name | i18n }}</h3>
+    <h3 class="filter-title">&nbsp;{{ collectionsGrouping.name | i18n }}</h3>
   </div>
   <ul id="collection-filters" *ngIf="!isCollapsed(collectionsGrouping)" class="filter-options">
     <ng-template #recursiveCollections let-collections>
@@ -31,7 +31,7 @@
           <button
             class="toggle-button"
             *ngIf="c.children.length"
-            (click)="collapse(c.node)"
+            (click)="toggleCollapse(c.node)"
             title="{{ 'toggleCollapse' | i18n }}"
             [attr.aria-expanded]="!isCollapsed(c.node)"
             [attr.aria-controls]="c.node.name + '_children'"
@@ -51,7 +51,7 @@
               class="bwi bwi-collection bwi-fw"
               aria-hidden="true"
             ></i
-            >{{ c.node.name }}
+            >&nbsp;{{ c.node.name }}
           </button>
         </span>
         <ul

src/app/modules/vault-filter/components/folder-filter.component.html

@@ -16,9 +16,7 @@
         }"
       ></i>
     </button>
-    <h3 class="filter-title">
-      {{ "folders" | i18n }}
-    </h3>
+    <h3 class="filter-title">&nbsp;{{ "folders" | i18n }}</h3>
     <button
       class="text-muted ml-auto add-button"
       (click)="addFolder()"
@@ -56,7 +54,7 @@
           </button>
           <button class="filter-button" (click)="applyFilter(f.node)">
             <i *ngIf="f.children.length === 0" class="bwi bwi-fw bwi-folder" aria-hidden="true"></i
-            >{{ f.node.name }}
+            >&nbsp;{{ f.node.name }}
           </button>
           <button
             class="edit-button"

src/app/modules/vault-filter/components/organization-filter.component.html

@@ -14,7 +14,7 @@
           <span class="filter-buttons">
             <a href="#" routerLink="/create-organization" class="filter-button">
               <i class="bwi bwi-plus bwi-fw" aria-hidden="true"></i>
-              {{ "newOrganization" | i18n }}
+              &nbsp;{{ "newOrganization" | i18n }}
             </a>
           </span>
         </li>
@@ -45,14 +45,6 @@
         >
           &nbsp;{{ organizationGrouping.name | i18n }}
         </button>
-        <a
-          href="#"
-          routerLink="/create-organization"
-          class="text-muted ml-auto create-organization-link"
-          appA11yTitle="{{ 'newOrganization' | i18n }}"
-        >
-          <i class="bwi bwi-plus bwi-fw" aria-hidden="true"></i>
-        </a>
       </div>
       <ul id="organization-filters" *ngIf="!isCollapsed" class="filter-options">
         <li
@@ -75,6 +67,14 @@
             </ng-container>
           </span>
         </li>
+        <li class="filter-option">
+          <span class="filter-buttons">
+            <a href="#" routerLink="/create-organization" class="filter-button">
+              <i class="bwi bwi-plus bwi-fw" aria-hidden="true"></i>
+              &nbsp;{{ "newOrganization" | i18n }}
+            </a>
+          </span>
+        </li>
       </ul>
     </ng-container>
     <ng-container *ngSwitchCase="'singleOrganizationAndPersonalOwnershipPolicies'">
@@ -110,15 +110,6 @@
         >
           &nbsp;{{ organizationGrouping.name | i18n }}
         </button>
-        <a
-          href="#"
-          routerLink="/create-organization"
-          class="text-muted ml-auto create-organization-link"
-          appA11yTitle="{{ 'newOrganization' | i18n }}"
-          *ngIf="!(displayMode === 'singleOrganizationPolicy')"
-        >
-          <i class="bwi bwi-plus bwi-fw" aria-hidden="true"></i>
-        </a>
       </div>
       <ul id="organization-filters" *ngIf="!isCollapsed" class="filter-options">
         <li class="filter-option" [ngClass]="{ active: activeFilter.myVaultOnly }">
@@ -149,6 +140,14 @@
             </ng-container>
           </span>
         </li>
+        <li class="filter-option" *ngIf="!(displayMode === 'singleOrganizationPolicy')">
+          <span class="filter-buttons">
+            <a href="#" routerLink="/create-organization" class="filter-button">
+              <i class="bwi bwi-plus bwi-fw" aria-hidden="true"></i>
+              &nbsp;{{ "newOrganization" | i18n }}
+            </a>
+          </span>
+        </li>
       </ul>
     </ng-container>
   </ng-container>

src/app/modules/vault-filter/components/organization-options.component.ts

@@ -1,17 +1,17 @@
 import { Component, Input } from "@angular/core";
 
+import { ModalService } from "jslib-angular/services/modal.service";
 import { ApiService } from "jslib-common/abstractions/api.service";
-import { CryptoService } from "jslib-common/abstractions/crypto.service";
 import { I18nService } from "jslib-common/abstractions/i18n.service";
 import { LogService } from "jslib-common/abstractions/log.service";
 import { PlatformUtilsService } from "jslib-common/abstractions/platformUtils.service";
 import { PolicyService } from "jslib-common/abstractions/policy.service";
 import { SyncService } from "jslib-common/abstractions/sync.service";
 import { PolicyType } from "jslib-common/enums/policyType";
-import { Utils } from "jslib-common/misc/utils";
 import { Organization } from "jslib-common/models/domain/organization";
 import { Policy } from "jslib-common/models/domain/policy";
-import { OrganizationUserResetPasswordEnrollmentRequest } from "jslib-common/models/request/organizationUserResetPasswordEnrollmentRequest";
+
+import { EnrollMasterPasswordReset } from "../../organizations/users/enroll-master-password-reset.component";
 
 @Component({
   selector: "app-organization-options",
@@ -29,8 +29,8 @@ export class OrganizationOptionsComponent {
     private i18nService: I18nService,
     private apiService: ApiService,
     private syncService: SyncService,
-    private cryptoService: CryptoService,
     private policyService: PolicyService,
+    private modalService: ModalService,
     private logService: LogService
   ) {}
 
@@ -113,70 +113,11 @@ export class OrganizationOptionsComponent {
   }
 
   async toggleResetPasswordEnrollment(org: Organization) {
-    // Set variables
-    let keyString: string = null;
-    let toastStringRef = "withdrawPasswordResetSuccess";
-
-    // Enrolling
-    if (!org.resetPasswordEnrolled) {
-      // Alert user about enrollment
-      const confirmed = await this.platformUtilsService.showDialog(
-        this.i18nService.t("resetPasswordEnrollmentWarning"),
-        null,
-        this.i18nService.t("yes"),
-        this.i18nService.t("no"),
-        "warning"
-      );
-      if (!confirmed) {
-        return;
-      }
-
-      // Retrieve Public Key
-      this.actionPromise = this.apiService
-        .getOrganizationKeys(org.id)
-        .then(async (response) => {
-          if (response == null) {
-            throw new Error(this.i18nService.t("resetPasswordOrgKeysError"));
-          }
-
-          const publicKey = Utils.fromB64ToArray(response.publicKey);
-
-          // RSA Encrypt user's encKey.key with organization public key
-          const encKey = await this.cryptoService.getEncKey();
-          const encryptedKey = await this.cryptoService.rsaEncrypt(encKey.key, publicKey.buffer);
-          keyString = encryptedKey.encryptedString;
-          toastStringRef = "enrollPasswordResetSuccess";
-
-          // Create request and execute enrollment
-          const request = new OrganizationUserResetPasswordEnrollmentRequest();
-          request.resetPasswordKey = keyString;
-          return this.apiService.putOrganizationUserResetPasswordEnrollment(
-            org.id,
-            org.userId,
-            request
-          );
-        })
-        .then(() => {
-          return this.syncService.fullSync(true);
-        });
-    } else {
-      // Withdrawal
-      const request = new OrganizationUserResetPasswordEnrollmentRequest();
-      request.resetPasswordKey = keyString;
-      this.actionPromise = this.apiService
-        .putOrganizationUserResetPasswordEnrollment(org.id, org.userId, request)
-        .then(() => {
-          return this.syncService.fullSync(true);
-        });
-    }
-
-    try {
-      await this.actionPromise;
-      this.platformUtilsService.showToast("success", null, this.i18nService.t(toastStringRef));
-      await this.load();
-    } catch (e) {
-      this.platformUtilsService.showToast("error", this.i18nService.t("errorOccurred"), e.message);
-      this.logService.error(e);
-    }
+    this.modalService.open(EnrollMasterPasswordReset, {
+      allowMultipleModals: true,
+      data: {
+        organization: org,
+      },
+    });
   }
 }

src/app/modules/vault-filter/components/type-filter.component.html

@@ -15,9 +15,7 @@
       }"
     ></i>
   </button>
-  <h3>
-    {{ "types" | i18n }}
-  </h3>
+  <h3>&nbsp;{{ "types" | i18n }}</h3>
 </div>
 <ul id="type-filters" *ngIf="!isCollapsed" class="filter-options">
   <li
@@ -26,14 +24,14 @@
   >
     <span class="filter-buttons">
       <button class="filter-button" (click)="applyFilter(cipherTypeEnum.Login)">
-        <i class="bwi bwi-fw bwi-globe" aria-hidden="true"></i>{{ "typeLogin" | i18n }}
+        <i class="bwi bwi-fw bwi-globe" aria-hidden="true"></i>&nbsp;{{ "typeLogin" | i18n }}
       </button>
     </span>
   </li>
   <li class="filter-option" [ngClass]="{ active: activeFilter.cipherType === cipherTypeEnum.Card }">
     <span class="filter-buttons">
       <button class="filter-button" (click)="applyFilter(cipherTypeEnum.Card)">
-        <i class="bwi bwi-fw bwi-credit-card" aria-hidden="true"></i>{{ "typeCard" | i18n }}
+        <i class="bwi bwi-fw bwi-credit-card" aria-hidden="true"></i>&nbsp;{{ "typeCard" | i18n }}
       </button>
     </span>
   </li>
@@ -43,7 +41,7 @@
   >
     <span class="filter-buttons">
       <button class="filter-button" (click)="applyFilter(cipherTypeEnum.Identity)">
-        <i class="bwi bwi-fw bwi-id-card" aria-hidden="true"></i>{{ "typeIdentity" | i18n }}
+        <i class="bwi bwi-fw bwi-id-card" aria-hidden="true"></i>&nbsp;{{ "typeIdentity" | i18n }}
       </button>
     </span>
   </li>
@@ -53,7 +51,9 @@
   >
     <span class="filter-buttons">
       <button class="filter-button" (click)="applyFilter(cipherTypeEnum.SecureNote)">
-        <i class="bwi bwi-fw bwi-sticky-note" aria-hidden="true"></i>{{ "typeSecureNote" | i18n }}
+        <i class="bwi bwi-fw bwi-sticky-note" aria-hidden="true"></i>&nbsp;{{
+          "typeSecureNote" | i18n
+        }}
       </button>
     </span>
   </li>

src/app/modules/vault-filter/vault-filter.component.ts

@@ -28,16 +28,6 @@ export class VaultFilterComponent extends BaseVaultFilterComponent {
     this.onSearchTextChanged.emit(this.searchText);
   }
 
-  // This method exists because the vault component gets its data mixed up during the initial sync on first login. It looks for data before the sync is complete.
-  // It should be removed as soon as doing so makes sense.
-  async reloadOrganizations() {
-    this.organizations = await this.vaultFilterService.buildOrganizations();
-    this.activePersonalOwnershipPolicy =
-      await this.vaultFilterService.checkForPersonalOwnershipPolicy();
-    this.activeSingleOrganizationPolicy =
-      await this.vaultFilterService.checkForSingleOrganizationPolicy();
-  }
-
   async initCollections() {
     return await this.vaultFilterService.buildCollections(this.organization?.id);
   }

src/app/modules/vault-filter/vault-filter.module.ts

@@ -12,6 +12,7 @@ import { SharedModule } from "../shared.module";
 
 import { CollectionFilterComponent } from "./components/collection-filter.component";
 import { FolderFilterComponent } from "./components/folder-filter.component";
+import { LinkSsoComponent } from "./components/link-sso.component";
 import { OrganizationFilterComponent } from "./components/organization-filter.component";
 import { OrganizationOptionsComponent } from "./components/organization-options.component";
 import { StatusFilterComponent } from "./components/status-filter.component";
@@ -28,6 +29,7 @@ import { VaultFilterComponent } from "./vault-filter.component";
     OrganizationOptionsComponent,
     StatusFilterComponent,
     TypeFilterComponent,
+    LinkSsoComponent,
   ],
   exports: [VaultFilterComponent],
   providers: [

src/app/modules/vault/modules/individual-vault/individual-vault.component.ts

@@ -58,7 +58,6 @@ export class IndividualVaultComponent implements OnInit, OnDestroy {
   updateKeyModalRef: ViewContainerRef;
 
   favorites = false;
-  type: CipherType = null;
   folderId: string = null;
   collectionId: string = null;
   organizationId: string = null;
@@ -327,7 +326,7 @@ export class IndividualVaultComponent implements OnInit, OnDestroy {
 
   async addCipher() {
     const component = await this.editCipher(null);
-    component.type = this.type;
+    component.type = this.activeFilter.cipherType;
     component.folderId = this.folderId === "none" ? null : this.folderId;
     if (this.activeFilter.selectedCollectionId != null) {
       const collection = this.filterComponent.collections.fullList.filter(
@@ -399,7 +398,7 @@ export class IndividualVaultComponent implements OnInit, OnDestroy {
     if (queryParams == null) {
       queryParams = {
         favorites: this.favorites ? true : null,
-        type: this.type,
+        type: this.activeFilter.cipherType,
         folderId: this.folderId,
         collectionId: this.collectionId,
         deleted: this.deleted ? true : null,

src/app/modules/vault/modules/organization-vault/add-edit.component.ts

@@ -22,11 +22,11 @@ import { Organization } from "jslib-common/models/domain/organization";
 import { CipherCreateRequest } from "jslib-common/models/request/cipherCreateRequest";
 import { CipherRequest } from "jslib-common/models/request/cipherRequest";
 
-import { AddEditComponent as BaseAddEditComponent } from "../../vault/add-edit.component";
+import { AddEditComponent as BaseAddEditComponent } from "../../../../vault/add-edit.component";
 
 @Component({
   selector: "app-org-vault-add-edit",
-  templateUrl: "../../vault/add-edit.component.html",
+  templateUrl: "../../../../vault/add-edit.component.html",
 })
 export class AddEditComponent extends BaseAddEditComponent {
   organization: Organization;

src/app/modules/vault/modules/organization-vault/attachments.component.ts

@@ -12,11 +12,11 @@ import { Cipher } from "jslib-common/models/domain/cipher";
 import { Organization } from "jslib-common/models/domain/organization";
 import { AttachmentView } from "jslib-common/models/view/attachmentView";
 
-import { AttachmentsComponent as BaseAttachmentsComponent } from "../../vault/attachments.component";
+import { AttachmentsComponent as BaseAttachmentsComponent } from "../../../../vault/attachments.component";
 
 @Component({
   selector: "app-org-vault-attachments",
-  templateUrl: "../../vault/attachments.component.html",
+  templateUrl: "../../../../vault/attachments.component.html",
 })
 export class AttachmentsComponent extends BaseAttachmentsComponent {
   viewOnly = false;

src/app/modules/vault/modules/organization-vault/ciphers.component.ts

@@ -15,11 +15,11 @@ import { TotpService } from "jslib-common/abstractions/totp.service";
 import { Organization } from "jslib-common/models/domain/organization";
 import { CipherView } from "jslib-common/models/view/cipherView";
 
-import { CiphersComponent as BaseCiphersComponent } from "../../vault/ciphers.component";
+import { CiphersComponent as BaseCiphersComponent } from "../../../../vault/ciphers.component";
 
 @Component({
   selector: "app-org-vault-ciphers",
-  templateUrl: "../../vault/ciphers.component.html",
+  templateUrl: "../../../../vault/ciphers.component.html",
 })
 export class CiphersComponent extends BaseCiphersComponent {
   @Output() onEventsClicked = new EventEmitter<CipherView>();

src/app/modules/vault/modules/organization-vault/collections.component.ts

@@ -11,11 +11,11 @@ import { Cipher } from "jslib-common/models/domain/cipher";
 import { Organization } from "jslib-common/models/domain/organization";
 import { CipherCollectionsRequest } from "jslib-common/models/request/cipherCollectionsRequest";
 
-import { CollectionsComponent as BaseCollectionsComponent } from "../../vault/collections.component";
+import { CollectionsComponent as BaseCollectionsComponent } from "../../../../vault/collections.component";
 
 @Component({
   selector: "app-org-vault-collections",
-  templateUrl: "../../vault/collections.component.html",
+  templateUrl: "../../../../vault/collections.component.html",
 })
 export class CollectionsComponent extends BaseCollectionsComponent {
   organization: Organization;

src/app/modules/vault/modules/organization-vault/organization-vault.component.ts

@@ -25,13 +25,14 @@ import { Organization } from "jslib-common/models/domain/organization";
 import { CipherView } from "jslib-common/models/view/cipherView";
 
 import { EntityEventsComponent } from "../../../../organizations/manage/entity-events.component";
-import { AddEditComponent } from "../../../../organizations/vault/add-edit.component";
-import { AttachmentsComponent } from "../../../../organizations/vault/attachments.component";
-import { CiphersComponent } from "../../../../organizations/vault/ciphers.component";
-import { CollectionsComponent } from "../../../../organizations/vault/collections.component";
 import { VaultFilterComponent } from "../../../vault-filter/vault-filter.component";
 import { VaultService } from "../../vault.service";
 
+import { AddEditComponent } from "./add-edit.component";
+import { AttachmentsComponent } from "./attachments.component";
+import { CiphersComponent } from "./ciphers.component";
+import { CollectionsComponent } from "./collections.component";
+
 const BroadcasterSubscriptionId = "OrgVaultComponent";
 
 @Component({

src/app/modules/vault/modules/organization-vault/organization-vault.module.ts

@@ -2,12 +2,22 @@ import { NgModule } from "@angular/core";
 
 import { VaultModule } from "../../vault.module";
 
+import { AddEditComponent } from "./add-edit.component";
+import { AttachmentsComponent } from "./attachments.component";
+import { CiphersComponent } from "./ciphers.component";
+import { CollectionsComponent } from "./collections.component";
 import { OrganizationVaultRoutingModule } from "./organization-vault-routing.module";
 import { OrganizationVaultComponent } from "./organization-vault.component";
 
 @NgModule({
   imports: [VaultModule, OrganizationVaultRoutingModule],
-  declarations: [OrganizationVaultComponent],
+  declarations: [
+    OrganizationVaultComponent,
+    AddEditComponent,
+    AttachmentsComponent,
+    CiphersComponent,
+    CollectionsComponent,
+  ],
   exports: [OrganizationVaultComponent],
 })
 export class OrganizationVaultModule {}

src/app/organizations/guards/permissions.guard.ts

@@ -1,5 +1,5 @@
 import { Injectable } from "@angular/core";
-import { ActivatedRouteSnapshot, CanActivate, Router } from "@angular/router";
+import { ActivatedRouteSnapshot, CanActivate, Router, RouterStateSnapshot } from "@angular/router";
 
 import { I18nService } from "jslib-common/abstractions/i18n.service";
 import { OrganizationService } from "jslib-common/abstractions/organization.service";
@@ -17,7 +17,7 @@ export class PermissionsGuard implements CanActivate {
     private syncService: SyncService
   ) {}
 
-  async canActivate(route: ActivatedRouteSnapshot) {
+  async canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot) {
     // TODO: We need to fix this issue once and for all.
     if ((await this.syncService.getLastSync()) == null) {
       await this.syncService.fullSync(false);
@@ -39,6 +39,16 @@ export class PermissionsGuard implements CanActivate {
 
     const permissions = route.data == null ? [] : (route.data.permissions as Permissions[]);
     if (permissions != null && !org.hasAnyPermission(permissions)) {
+      // Handle linkable ciphers for organizations the user only has view access to
+      // https://bitwarden.atlassian.net/browse/EC-203
+      if (state.root.queryParamMap.has("cipherId")) {
+        return this.router.createUrlTree(["/vault"], {
+          queryParams: {
+            cipherId: state.root.queryParamMap.get("cipherId"),
+          },
+        });
+      }
+
       this.platformUtilsService.showToast("error", null, this.i18nService.t("accessDenied"));
       return this.router.createUrlTree(["/"]);
     }

src/app/organizations/layouts/organization-switcher.component.ts

@@ -5,7 +5,7 @@ import { OrganizationService } from "jslib-common/abstractions/organization.serv
 import { Utils } from "jslib-common/misc/utils";
 import { Organization } from "jslib-common/models/domain/organization";
 
-import { NavigationPermissionsService } from "../organizations/services/navigation-permissions.service";
+import { NavigationPermissionsService } from "../services/navigation-permissions.service";
 
 @Component({
   selector: "app-organization-switcher",

src/app/organizations/manage/manage-routing.module.ts

@@ -0,0 +1,89 @@
+import { NgModule } from "@angular/core";
+import { RouterModule, Routes } from "@angular/router";
+
+import { Permissions } from "jslib-common/enums/permissions";
+
+import { PermissionsGuard } from "../guards/permissions.guard";
+import { PoliciesComponent } from "../policies/policies.component";
+import { NavigationPermissionsService } from "../services/navigation-permissions.service";
+
+import { CollectionsComponent } from "./collections.component";
+import { EventsComponent } from "./events.component";
+import { GroupsComponent } from "./groups.component";
+import { ManageComponent } from "./manage.component";
+import { PeopleComponent } from "./people.component";
+
+const routes: Routes = [
+  {
+    path: "",
+    component: ManageComponent,
+    canActivate: [PermissionsGuard],
+    data: {
+      permissions: NavigationPermissionsService.getPermissions("manage"),
+    },
+    children: [
+      {
+        path: "",
+        pathMatch: "full",
+        redirectTo: "people",
+      },
+      {
+        path: "collections",
+        component: CollectionsComponent,
+        canActivate: [PermissionsGuard],
+        data: {
+          titleId: "collections",
+          permissions: [
+            Permissions.CreateNewCollections,
+            Permissions.EditAnyCollection,
+            Permissions.DeleteAnyCollection,
+            Permissions.EditAssignedCollections,
+            Permissions.DeleteAssignedCollections,
+          ],
+        },
+      },
+      {
+        path: "events",
+        component: EventsComponent,
+        canActivate: [PermissionsGuard],
+        data: {
+          titleId: "eventLogs",
+          permissions: [Permissions.AccessEventLogs],
+        },
+      },
+      {
+        path: "groups",
+        component: GroupsComponent,
+        canActivate: [PermissionsGuard],
+        data: {
+          titleId: "groups",
+          permissions: [Permissions.ManageGroups],
+        },
+      },
+      {
+        path: "people",
+        component: PeopleComponent,
+        canActivate: [PermissionsGuard],
+        data: {
+          titleId: "people",
+          permissions: [Permissions.ManageUsers, Permissions.ManageUsersPassword],
+        },
+      },
+      {
+        path: "policies",
+        component: PoliciesComponent,
+        canActivate: [PermissionsGuard],
+        data: {
+          titleId: "policies",
+          permissions: [Permissions.ManagePolicies],
+        },
+      },
+    ],
+  },
+];
+
+@NgModule({
+  imports: [RouterModule.forChild(routes)],
+  exports: [RouterModule],
+})
+export class ManageRoutingModule {}

src/app/organizations/manage/manage.module.ts

@@ -0,0 +1,46 @@
+import { CommonModule } from "@angular/common";
+import { NgModule } from "@angular/core";
+
+import { SharedModule } from "../../modules/shared.module";
+import { PoliciesModule } from "../policies/policies.module";
+
+import { BulkConfirmComponent } from "./bulk/bulk-confirm.component";
+import { BulkRemoveComponent } from "./bulk/bulk-remove.component";
+import { BulkStatusComponent } from "./bulk/bulk-status.component";
+import { CollectionAddEditComponent } from "./collection-add-edit.component";
+import { CollectionsComponent as ManageCollectionsComponent } from "./collections.component";
+import { EntityEventsComponent } from "./entity-events.component";
+import { EventsComponent } from "./events.component";
+import { GroupAddEditComponent } from "./group-add-edit.component";
+import { GroupsComponent } from "./groups.component";
+import { ManageRoutingModule } from "./manage-routing.module";
+import { ManageComponent } from "./manage.component";
+import { PeopleComponent } from "./people.component";
+import { PolicyEditComponent } from "./policy-edit.component";
+import { ResetPasswordComponent } from "./reset-password.component";
+import { UserAddEditComponent } from "./user-add-edit.component";
+import { UserConfirmComponent } from "./user-confirm.component";
+import { UserGroupsComponent } from "./user-groups.component";
+
+@NgModule({
+  imports: [CommonModule, SharedModule, PoliciesModule, ManageRoutingModule],
+  declarations: [
+    BulkConfirmComponent,
+    BulkRemoveComponent,
+    BulkStatusComponent,
+    CollectionAddEditComponent,
+    EntityEventsComponent,
+    EventsComponent,
+    GroupAddEditComponent,
+    GroupsComponent,
+    ManageCollectionsComponent,
+    ManageComponent,
+    PeopleComponent,
+    PolicyEditComponent,
+    ResetPasswordComponent,
+    UserAddEditComponent,
+    UserConfirmComponent,
+    UserGroupsComponent,
+  ],
+})
+export class ManageModule {}

src/app/organizations/manage/user-add-edit.component.html

@@ -52,7 +52,7 @@
             target="_blank"
             rel="noopener"
             appA11yTitle="{{ 'learnMore' | i18n }}"
-            href="https://bitwarden.com/help/provider-users/"
+            href="https://bitwarden.com/help/user-types-access-control/"
           >
             <i class="bwi bwi-question-circle" aria-hidden="true"></i>
           </a>

src/app/organizations/organization-routing.module.ts

@@ -1,222 +0,0 @@
-import { NgModule } from "@angular/core";
-import { RouterModule, Routes } from "@angular/router";
-
-import { AuthGuard } from "jslib-angular/guards/auth.guard";
-import { Permissions } from "jslib-common/enums/permissions";
-
-import { PermissionsGuard } from "./guards/permissions.guard";
-import { OrganizationLayoutComponent } from "./layouts/organization-layout.component";
-import { CollectionsComponent } from "./manage/collections.component";
-import { EventsComponent } from "./manage/events.component";
-import { GroupsComponent } from "./manage/groups.component";
-import { ManageComponent } from "./manage/manage.component";
-import { PeopleComponent } from "./manage/people.component";
-import { PoliciesComponent } from "./manage/policies.component";
-import { NavigationPermissionsService } from "./services/navigation-permissions.service";
-import { AccountComponent } from "./settings/account.component";
-import { OrganizationBillingComponent } from "./settings/organization-billing.component";
-import { OrganizationSubscriptionComponent } from "./settings/organization-subscription.component";
-import { SettingsComponent } from "./settings/settings.component";
-import { TwoFactorSetupComponent } from "./settings/two-factor-setup.component";
-import { ExportComponent } from "./tools/export.component";
-import { ExposedPasswordsReportComponent } from "./tools/exposed-passwords-report.component";
-import { ImportComponent } from "./tools/import.component";
-import { InactiveTwoFactorReportComponent } from "./tools/inactive-two-factor-report.component";
-import { ReusedPasswordsReportComponent } from "./tools/reused-passwords-report.component";
-import { ToolsComponent } from "./tools/tools.component";
-import { UnsecuredWebsitesReportComponent } from "./tools/unsecured-websites-report.component";
-import { WeakPasswordsReportComponent } from "./tools/weak-passwords-report.component";
-
-const routes: Routes = [
-  {
-    path: ":organizationId",
-    component: OrganizationLayoutComponent,
-    canActivate: [AuthGuard, PermissionsGuard],
-    data: {
-      permissions: NavigationPermissionsService.getPermissions("admin"),
-    },
-    children: [
-      { path: "", pathMatch: "full", redirectTo: "vault" },
-      {
-        path: "vault",
-        loadChildren: async () =>
-          (await import("../modules/vault/modules/organization-vault/organization-vault.module"))
-            .OrganizationVaultModule,
-      },
-      {
-        path: "tools",
-        component: ToolsComponent,
-        canActivate: [PermissionsGuard],
-        data: { permissions: NavigationPermissionsService.getPermissions("tools") },
-        children: [
-          {
-            path: "",
-            pathMatch: "full",
-            redirectTo: "import",
-          },
-          {
-            path: "import",
-            component: ImportComponent,
-            canActivate: [PermissionsGuard],
-            data: {
-              titleId: "importData",
-              permissions: [Permissions.AccessImportExport],
-            },
-          },
-          {
-            path: "export",
-            component: ExportComponent,
-            canActivate: [PermissionsGuard],
-            data: {
-              titleId: "exportVault",
-              permissions: [Permissions.AccessImportExport],
-            },
-          },
-          {
-            path: "exposed-passwords-report",
-            component: ExposedPasswordsReportComponent,
-            canActivate: [PermissionsGuard],
-            data: {
-              titleId: "exposedPasswordsReport",
-              permissions: [Permissions.AccessReports],
-            },
-          },
-          {
-            path: "inactive-two-factor-report",
-            component: InactiveTwoFactorReportComponent,
-            canActivate: [PermissionsGuard],
-            data: {
-              titleId: "inactive2faReport",
-              permissions: [Permissions.AccessReports],
-            },
-          },
-          {
-            path: "reused-passwords-report",
-            component: ReusedPasswordsReportComponent,
-            canActivate: [PermissionsGuard],
-            data: {
-              titleId: "reusedPasswordsReport",
-              permissions: [Permissions.AccessReports],
-            },
-          },
-          {
-            path: "unsecured-websites-report",
-            component: UnsecuredWebsitesReportComponent,
-            canActivate: [PermissionsGuard],
-            data: {
-              titleId: "unsecuredWebsitesReport",
-              permissions: [Permissions.AccessReports],
-            },
-          },
-          {
-            path: "weak-passwords-report",
-            component: WeakPasswordsReportComponent,
-            canActivate: [PermissionsGuard],
-            data: {
-              titleId: "weakPasswordsReport",
-              permissions: [Permissions.AccessReports],
-            },
-          },
-        ],
-      },
-      {
-        path: "manage",
-        component: ManageComponent,
-        canActivate: [PermissionsGuard],
-        data: {
-          permissions: NavigationPermissionsService.getPermissions("manage"),
-        },
-        children: [
-          {
-            path: "",
-            pathMatch: "full",
-            redirectTo: "people",
-          },
-          {
-            path: "collections",
-            component: CollectionsComponent,
-            canActivate: [PermissionsGuard],
-            data: {
-              titleId: "collections",
-              permissions: [
-                Permissions.CreateNewCollections,
-                Permissions.EditAnyCollection,
-                Permissions.DeleteAnyCollection,
-                Permissions.EditAssignedCollections,
-                Permissions.DeleteAssignedCollections,
-              ],
-            },
-          },
-          {
-            path: "events",
-            component: EventsComponent,
-            canActivate: [PermissionsGuard],
-            data: {
-              titleId: "eventLogs",
-              permissions: [Permissions.AccessEventLogs],
-            },
-          },
-          {
-            path: "groups",
-            component: GroupsComponent,
-            canActivate: [PermissionsGuard],
-            data: {
-              titleId: "groups",
-              permissions: [Permissions.ManageGroups],
-            },
-          },
-          {
-            path: "people",
-            component: PeopleComponent,
-            canActivate: [PermissionsGuard],
-            data: {
-              titleId: "people",
-              permissions: [Permissions.ManageUsers, Permissions.ManageUsersPassword],
-            },
-          },
-          {
-            path: "policies",
-            component: PoliciesComponent,
-            canActivate: [PermissionsGuard],
-            data: {
-              titleId: "policies",
-              permissions: [Permissions.ManagePolicies],
-            },
-          },
-        ],
-      },
-      {
-        path: "settings",
-        component: SettingsComponent,
-        canActivate: [PermissionsGuard],
-        data: { permissions: NavigationPermissionsService.getPermissions("settings") },
-        children: [
-          { path: "", pathMatch: "full", redirectTo: "account" },
-          { path: "account", component: AccountComponent, data: { titleId: "myOrganization" } },
-          {
-            path: "two-factor",
-            component: TwoFactorSetupComponent,
-            data: { titleId: "twoStepLogin" },
-          },
-          {
-            path: "billing",
-            component: OrganizationBillingComponent,
-            canActivate: [PermissionsGuard],
-            data: { titleId: "billing", permissions: [Permissions.ManageBilling] },
-          },
-          {
-            path: "subscription",
-            component: OrganizationSubscriptionComponent,
-            data: { titleId: "subscription" },
-          },
-        ],
-      },
-    ],
-  },
-];
-
-@NgModule({
-  imports: [RouterModule.forChild(routes)],
-  exports: [RouterModule],
-})
-export class OrganizationsRoutingModule {}

src/app/organizations/organizations-routing.module.ts

@@ -0,0 +1,46 @@
+import { NgModule } from "@angular/core";
+import { RouterModule, Routes } from "@angular/router";
+
+import { AuthGuard } from "jslib-angular/guards/auth.guard";
+
+import { PermissionsGuard } from "./guards/permissions.guard";
+import { OrganizationLayoutComponent } from "./layouts/organization-layout.component";
+import { NavigationPermissionsService } from "./services/navigation-permissions.service";
+
+const routes: Routes = [
+  {
+    path: ":organizationId",
+    component: OrganizationLayoutComponent,
+    canActivate: [AuthGuard, PermissionsGuard],
+    data: {
+      permissions: NavigationPermissionsService.getPermissions("admin"),
+    },
+    children: [
+      { path: "", pathMatch: "full", redirectTo: "vault" },
+      {
+        path: "vault",
+        loadChildren: async () =>
+          (await import("../modules/vault/modules/organization-vault/organization-vault.module"))
+            .OrganizationVaultModule,
+      },
+      {
+        path: "tools",
+        loadChildren: async () => (await import("./tools/tools.module")).ToolsModule,
+      },
+      {
+        path: "manage",
+        loadChildren: async () => (await import("./manage/manage.module")).ManageModule,
+      },
+      {
+        path: "settings",
+        loadChildren: async () => (await import("./settings/settings.module")).SettingsModule,
+      },
+    ],
+  },
+];
+
+@NgModule({
+  imports: [RouterModule.forChild(routes)],
+  exports: [RouterModule],
+})
+export class OrganizationsRoutingModule {}

src/app/organizations/organizations.module.ts

@@ -0,0 +1,22 @@
+import { CommonModule } from "@angular/common";
+import { NgModule } from "@angular/core";
+
+import { LayoutsModule } from "../layouts/layouts.module";
+import { SharedModule } from "../modules/shared.module";
+
+import { OrganizationLayoutComponent } from "./layouts/organization-layout.component";
+import { OrganizationSwitcherComponent } from "./layouts/organization-switcher.component";
+import { OrganizationsRoutingModule } from "./organizations-routing.module";
+import { AcceptFamilySponsorshipComponent } from "./sponsorships/accept-family-sponsorship.component";
+import { FamiliesForEnterpriseSetupComponent } from "./sponsorships/families-for-enterprise-setup.component";
+
+@NgModule({
+  imports: [CommonModule, OrganizationsRoutingModule, SharedModule, LayoutsModule],
+  declarations: [
+    AcceptFamilySponsorshipComponent,
+    FamiliesForEnterpriseSetupComponent,
+    OrganizationLayoutComponent,
+    OrganizationSwitcherComponent,
+  ],
+})
+export class OrganizationsModule {}

src/app/organizations/policies/policies.component.ts

@@ -10,9 +10,9 @@ import { Organization } from "jslib-common/models/domain/organization";
 import { PolicyResponse } from "jslib-common/models/response/policyResponse";
 
 import { PolicyListService } from "../../services/policy-list.service";
-import { BasePolicy } from "../policies/base-policy.component";
+import { PolicyEditComponent } from "../manage/policy-edit.component";
 
-import { PolicyEditComponent } from "./policy-edit.component";
+import { BasePolicy } from "./base-policy.component";
 
 @Component({
   selector: "app-org-policies",

src/app/organizations/policies/policies.module.ts

@@ -0,0 +1,32 @@
+import { CommonModule } from "@angular/common";
+import { NgModule } from "@angular/core";
+
+import { SharedModule } from "../../modules/shared.module";
+
+import { DisableSendPolicyComponent } from "./disable-send.component";
+import { MasterPasswordPolicyComponent } from "./master-password.component";
+import { PasswordGeneratorPolicyComponent } from "./password-generator.component";
+import { PersonalOwnershipPolicyComponent } from "./personal-ownership.component";
+import { PoliciesComponent } from "./policies.component";
+import { RequireSsoPolicyComponent } from "./require-sso.component";
+import { ResetPasswordPolicyComponent } from "./reset-password.component";
+import { SendOptionsPolicyComponent } from "./send-options.component";
+import { SingleOrgPolicyComponent } from "./single-org.component";
+import { TwoFactorAuthenticationPolicyComponent } from "./two-factor-authentication.component";
+
+@NgModule({
+  imports: [CommonModule, SharedModule],
+  declarations: [
+    DisableSendPolicyComponent,
+    MasterPasswordPolicyComponent,
+    PasswordGeneratorPolicyComponent,
+    PersonalOwnershipPolicyComponent,
+    RequireSsoPolicyComponent,
+    ResetPasswordPolicyComponent,
+    SendOptionsPolicyComponent,
+    SingleOrgPolicyComponent,
+    TwoFactorAuthenticationPolicyComponent,
+    PoliciesComponent,
+  ],
+})
+export class PoliciesModule {}

src/app/organizations/settings/billing.component.ts

@@ -12,9 +12,9 @@ import { BillingResponse } from "jslib-common/models/response/billingResponse";
 
 @Component({
   selector: "app-org-billing",
-  templateUrl: "./organization-billing.component.html",
+  templateUrl: "./billing.component.html",
 })
-export class OrganizationBillingComponent implements OnInit {
+export class BillingComponent implements OnInit {
   loading = false;
   firstLoaded = false;
   showAdjustPayment = false;

src/app/organizations/settings/settings-routing.module.ts

@@ -0,0 +1,48 @@
+import { NgModule } from "@angular/core";
+import { RouterModule, Routes } from "@angular/router";
+
+import { Permissions } from "jslib-common/enums/permissions";
+
+import { PermissionsGuard } from "../guards/permissions.guard";
+import { NavigationPermissionsService } from "../services/navigation-permissions.service";
+
+import { AccountComponent } from "./account.component";
+import { BillingComponent } from "./billing.component";
+import { SettingsComponent } from "./settings.component";
+import { SubscriptionComponent } from "./subscription.component";
+import { TwoFactorSetupComponent } from "./two-factor-setup.component";
+
+const routes: Routes = [
+  {
+    path: "",
+    component: SettingsComponent,
+    canActivate: [PermissionsGuard],
+    data: { permissions: NavigationPermissionsService.getPermissions("settings") },
+    children: [
+      { path: "", pathMatch: "full", redirectTo: "account" },
+      { path: "account", component: AccountComponent, data: { titleId: "myOrganization" } },
+      {
+        path: "two-factor",
+        component: TwoFactorSetupComponent,
+        data: { titleId: "twoStepLogin" },
+      },
+      {
+        path: "billing",
+        component: BillingComponent,
+        canActivate: [PermissionsGuard],
+        data: { titleId: "billing", permissions: [Permissions.ManageBilling] },
+      },
+      {
+        path: "subscription",
+        component: SubscriptionComponent,
+        data: { titleId: "subscription" },
+      },
+    ],
+  },
+];
+
+@NgModule({
+  imports: [RouterModule.forChild(routes)],
+  exports: [RouterModule],
+})
+export class SettingsRoutingModule {}

src/app/organizations/settings/settings.module.ts

@@ -0,0 +1,35 @@
+import { CommonModule } from "@angular/common";
+import { NgModule } from "@angular/core";
+
+import { SharedModule } from "../../modules/shared.module";
+
+import { AccountComponent } from "./account.component";
+import { AdjustSubscription } from "./adjust-subscription.component";
+import { BillingSyncApiKeyComponent } from "./billing-sync-api-key.component";
+import { BillingComponent } from "./billing.component";
+import { ChangePlanComponent } from "./change-plan.component";
+import { DeleteOrganizationComponent } from "./delete-organization.component";
+import { DownloadLicenseComponent } from "./download-license.component";
+import { ImageSubscriptionHiddenComponent } from "./image-subscription-hidden.component";
+import { SettingsRoutingModule } from "./settings-routing.module";
+import { SettingsComponent } from "./settings.component";
+import { SubscriptionComponent } from "./subscription.component";
+import { TwoFactorSetupComponent } from "./two-factor-setup.component";
+
+@NgModule({
+  imports: [CommonModule, SharedModule, SettingsRoutingModule],
+  declarations: [
+    AccountComponent,
+    AdjustSubscription,
+    BillingComponent,
+    BillingSyncApiKeyComponent,
+    ChangePlanComponent,
+    DeleteOrganizationComponent,
+    DownloadLicenseComponent,
+    ImageSubscriptionHiddenComponent,
+    SettingsComponent,
+    SubscriptionComponent,
+    TwoFactorSetupComponent,
+  ],
+})
+export class SettingsModule {}

src/app/organizations/settings/subscription.component.ts

@@ -23,9 +23,9 @@ import { BillingSyncApiKeyComponent } from "./billing-sync-api-key.component";
 
 @Component({
   selector: "app-org-subscription",
-  templateUrl: "organization-subscription.component.html",
+  templateUrl: "subscription.component.html",
 })
-export class OrganizationSubscriptionComponent implements OnInit {
+export class SubscriptionComponent implements OnInit {
   @ViewChild("setupBillingSyncTemplate", { read: ViewContainerRef, static: true })
   setupBillingSyncModalRef: ViewContainerRef;
 

src/app/organizations/tools/tools-routing.module.ts

@@ -0,0 +1,101 @@
+import { NgModule } from "@angular/core";
+import { RouterModule, Routes } from "@angular/router";
+
+import { Permissions } from "jslib-common/enums/permissions";
+
+import { PermissionsGuard } from "../guards/permissions.guard";
+import { NavigationPermissionsService } from "../services/navigation-permissions.service";
+
+import { ExportComponent } from "./export.component";
+import { ExposedPasswordsReportComponent } from "./exposed-passwords-report.component";
+import { ImportComponent } from "./import.component";
+import { InactiveTwoFactorReportComponent } from "./inactive-two-factor-report.component";
+import { ReusedPasswordsReportComponent } from "./reused-passwords-report.component";
+import { ToolsComponent } from "./tools.component";
+import { UnsecuredWebsitesReportComponent } from "./unsecured-websites-report.component";
+import { WeakPasswordsReportComponent } from "./weak-passwords-report.component";
+
+const routes: Routes = [
+  {
+    path: "",
+    component: ToolsComponent,
+    canActivate: [PermissionsGuard],
+    data: { permissions: NavigationPermissionsService.getPermissions("tools") },
+    children: [
+      {
+        path: "",
+        pathMatch: "full",
+        redirectTo: "import",
+      },
+      {
+        path: "import",
+        component: ImportComponent,
+        canActivate: [PermissionsGuard],
+        data: {
+          titleId: "importData",
+          permissions: [Permissions.AccessImportExport],
+        },
+      },
+      {
+        path: "export",
+        component: ExportComponent,
+        canActivate: [PermissionsGuard],
+        data: {
+          titleId: "exportVault",
+          permissions: [Permissions.AccessImportExport],
+        },
+      },
+      {
+        path: "exposed-passwords-report",
+        component: ExposedPasswordsReportComponent,
+        canActivate: [PermissionsGuard],
+        data: {
+          titleId: "exposedPasswordsReport",
+          permissions: [Permissions.AccessReports],
+        },
+      },
+      {
+        path: "inactive-two-factor-report",
+        component: InactiveTwoFactorReportComponent,
+        canActivate: [PermissionsGuard],
+        data: {
+          titleId: "inactive2faReport",
+          permissions: [Permissions.AccessReports],
+        },
+      },
+      {
+        path: "reused-passwords-report",
+        component: ReusedPasswordsReportComponent,
+        canActivate: [PermissionsGuard],
+        data: {
+          titleId: "reusedPasswordsReport",
+          permissions: [Permissions.AccessReports],
+        },
+      },
+      {
+        path: "unsecured-websites-report",
+        component: UnsecuredWebsitesReportComponent,
+        canActivate: [PermissionsGuard],
+        data: {
+          titleId: "unsecuredWebsitesReport",
+          permissions: [Permissions.AccessReports],
+        },
+      },
+      {
+        path: "weak-passwords-report",
+        component: WeakPasswordsReportComponent,
+        canActivate: [PermissionsGuard],
+        data: {
+          titleId: "weakPasswordsReport",
+          permissions: [Permissions.AccessReports],
+        },
+      },
+    ],
+  },
+];
+
+@NgModule({
+  imports: [RouterModule.forChild(routes)],
+  exports: [RouterModule],
+})
+export class ToolsRoutingModule {}

src/app/organizations/tools/tools.module.ts

@@ -0,0 +1,29 @@
+import { CommonModule } from "@angular/common";
+import { NgModule } from "@angular/core";
+
+import { SharedModule } from "../../modules/shared.module";
+
+import { ExportComponent } from "./export.component";
+import { ExposedPasswordsReportComponent } from "./exposed-passwords-report.component";
+import { ImportComponent } from "./import.component";
+import { InactiveTwoFactorReportComponent } from "./inactive-two-factor-report.component";
+import { ReusedPasswordsReportComponent } from "./reused-passwords-report.component";
+import { ToolsRoutingModule } from "./tools-routing.module";
+import { ToolsComponent } from "./tools.component";
+import { UnsecuredWebsitesReportComponent } from "./unsecured-websites-report.component";
+import { WeakPasswordsReportComponent } from "./weak-passwords-report.component";
+
+@NgModule({
+  imports: [CommonModule, SharedModule, ToolsRoutingModule],
+  declarations: [
+    ExportComponent,
+    ExposedPasswordsReportComponent,
+    ImportComponent,
+    InactiveTwoFactorReportComponent,
+    ReusedPasswordsReportComponent,
+    ToolsComponent,
+    UnsecuredWebsitesReportComponent,
+    WeakPasswordsReportComponent,
+  ],
+})
+export class ToolsModule {}

src/app/oss-routing.module.ts

@@ -233,10 +233,8 @@ const routes: Routes = [
   },
   {
     path: "organizations",
-    loadChildren: () =>
-      import("./organizations/organization-routing.module").then(
-        (m) => m.OrganizationsRoutingModule
-      ),
+    loadChildren: async () =>
+      (await import("./organizations/organizations.module")).OrganizationsModule,
   },
 ];
 

src/app/oss.module.ts

@@ -2,19 +2,19 @@ import { NgModule } from "@angular/core";
 
 import { LooseComponentsModule } from "./modules/loose-components.module";
 import { OrganizationManageModule } from "./modules/organizations/manage/organization-manage.module";
+import { OrganizationUserModule } from "./modules/organizations/users/organization-user.module";
 import { PipesModule } from "./modules/pipes/pipes.module";
-import { SharedModule } from "./modules/shared.module";
 import { VaultFilterModule } from "./modules/vault-filter/vault-filter.module";
 import { OrganizationBadgeModule } from "./modules/vault/modules/organization-badge/organization-badge.module";
 
 @NgModule({
   imports: [
-    SharedModule,
     LooseComponentsModule,
     VaultFilterModule,
     OrganizationBadgeModule,
     PipesModule,
     OrganizationManageModule,
+    OrganizationUserModule,
   ],
   exports: [LooseComponentsModule, VaultFilterModule, OrganizationBadgeModule, PipesModule],
   bootstrap: [],

src/app/reports/cipher-report.component.ts

@@ -8,7 +8,7 @@ import { CipherRepromptType } from "jslib-common/enums/cipherRepromptType";
 import { Organization } from "jslib-common/models/domain/organization";
 import { CipherView } from "jslib-common/models/view/cipherView";
 
-import { AddEditComponent as OrgAddEditComponent } from "../organizations/vault/add-edit.component";
+import { AddEditComponent as OrgAddEditComponent } from "../modules/vault/modules/organization-vault/add-edit.component";
 import { AddEditComponent } from "../vault/add-edit.component";
 
 @Directive()

src/app/send/access.component.html

@@ -1,7 +1,7 @@
 <form #form (ngSubmit)="load()" [appApiAction]="formPromise" class="container" ngNativeValidate>
   <div class="row justify-content-center mt-5">
     <div class="col-12">
-      <p class="lead text-center mb-4">Bitwarden Send</p>
+      <h1 class="lead text-center mb-4">Bitwarden Send</h1>
     </div>
     <div class="col-12 text-center" *ngIf="creatorIdentifier != null">
       <p>{{ "sendCreatorIdentifier" | i18n: creatorIdentifier }}</p>

src/app/services/event.service.ts

@@ -307,6 +307,9 @@ export class EventService {
       case EventType.Organization_DisabledKeyConnector:
         msg = humanReadableMsg = this.i18nService.t("disabledKeyConnector");
         break;
+      case EventType.Organization_SponsorshipsSynced:
+        msg = humanReadableMsg = this.i18nService.t("sponsorshipsSynced");
+        break;
       // Policies
       case EventType.Policy_Updated: {
         msg = this.i18nService.t("modifiedPolicyId", this.formatPolicyId(ev));

src/app/settings/billing-sync-key.component.ts

@@ -3,7 +3,6 @@ import { Component } from "@angular/core";
 import { ApiService } from "jslib-common/abstractions/api.service";
 import { LogService } from "jslib-common/abstractions/log.service";
 import { OrganizationConnectionType } from "jslib-common/enums/organizationConnectionType";
-import { Utils } from "jslib-common/misc/utils";
 import { BillingSyncConfigApi } from "jslib-common/models/api/billingSyncConfigApi";
 import { BillingSyncConfigRequest } from "jslib-common/models/request/billingSyncConfigRequest";
 import { OrganizationConnectionRequest } from "jslib-common/models/request/organizationConnectionRequest";

src/app/tools/generator.component.ts

@@ -40,11 +40,13 @@ export class GeneratorComponent extends BaseGeneratorComponent {
       route,
       window
     );
-    // Cannot use Firefox Relay on the web vault yet due to CORS issues with Firefox Relay API
-    this.forwardOptions.splice(
-      this.forwardOptions.findIndex((o) => o.value === "firefoxrelay"),
-      1
-    );
+    if (platformUtilsService.isSelfHost()) {
+      // Cannot use Firefox Relay on self hosted web vaults due to CORS issues with Firefox Relay API
+      this.forwardOptions.splice(
+        this.forwardOptions.findIndex((o) => o.value === "firefoxrelay"),
+        1
+      );
+    }
   }
 
   async history() {

src/locales/en/messages.json

@@ -4163,7 +4163,7 @@
     "message": "Password reset success!"
   },
   "resetPasswordEnrollmentWarning": {
-    "message": "Enrollment will allow organization administrators to change your master password. Are you sure you want to enroll?"
+    "message": "Enrollment will allow organization administrators to change your master password"
   },
   "resetPasswordPolicy": {
     "message": "Master Password Reset"
@@ -4674,8 +4674,8 @@
   "removeSponsorshipSuccess": {
     "message": "Sponsorship Removed"
   },
-  "ssoKeyConnectorUnavailable": {
-    "message": "Unable to reach the Key Connector, try again later."
+  "ssoKeyConnectorError": {
+    "message": "Key Connector error: make sure Key Connector is available and working correctly."
   },
   "keyConnectorUrl": {
     "message": "Key Connector URL"
@@ -5005,7 +5005,7 @@
     "message": "Service"
   },
   "unknownCipher": {
-    "message": "Unknown Item, you may need to login with another account to access this item."
+    "message": "Unknown Item, you may need to request permission to access this item."
   },
   "cannotSponsorSelf": {
     "message": "You cannot redeem for the active account. Enter a different email."
@@ -5041,6 +5041,9 @@
     "message": "Last Sync",
     "Description": "Used as a prefix to indicate the last time a sync occured. Example \"Last sync 1968-11-16 00:00:00\""
   },
+  "sponsorshipsSynced": {
+    "message": "Self-hosted sponsorships synced."
+  },
   "billingManagedByProvider": {
     "message": "Managed by $PROVIDER$",
     "placeholders": {

src/scss/vault-filters.scss

@@ -14,14 +14,6 @@
     font-size: $font-size-base;
   }
 
-  a.create-organization-link {
-    &:hover {
-      @include themify($themes) {
-        color: themed("iconHover") !important;
-      }
-    }
-  }
-
   button {
     @extend .no-btn;
   }