2021-12-17 15:57:11 +01:00
|
|
|
import { Component } from "@angular/core";
|
2022-06-08 21:56:26 +02:00
|
|
|
import { ActivatedRoute, Params, Router } from "@angular/router";
|
2021-12-17 15:57:11 +01:00
|
|
|
|
2022-06-14 17:10:53 +02:00
|
|
|
import { CryptoService } from "@bitwarden/common/abstractions/crypto.service";
|
|
|
|
import { I18nService } from "@bitwarden/common/abstractions/i18n.service";
|
|
|
|
import { LogService } from "@bitwarden/common/abstractions/log.service";
|
2022-12-29 17:20:19 +01:00
|
|
|
import { MessagingService } from "@bitwarden/common/abstractions/messaging.service";
|
2022-12-19 19:56:16 +01:00
|
|
|
import { OrganizationUserService } from "@bitwarden/common/abstractions/organization-user/organization-user.service";
|
2023-04-14 12:14:18 +02:00
|
|
|
import {
|
|
|
|
OrganizationUserAcceptInitRequest,
|
|
|
|
OrganizationUserAcceptRequest,
|
|
|
|
} from "@bitwarden/common/abstractions/organization-user/requests";
|
2022-06-14 17:10:53 +02:00
|
|
|
import { PlatformUtilsService } from "@bitwarden/common/abstractions/platformUtils.service";
|
|
|
|
import { StateService } from "@bitwarden/common/abstractions/state.service";
|
[AC-1011] Admin Console / Billing code ownership (#4973)
* refactor: move SCIM component to admin-console, refs EC-1011
* refactor: move scimProviderType to admin-console, refs EC-1011
* refactor: move scim-config.api to admin-console, refs EC-1011
* refactor: create models folder and nest existing api contents, refs EC-1011
* refactor: move scim-config to admin-console models, refs EC-1011
* refactor: move billing.component to billing, refs EC-1011
* refactor: remove nested app folder from new billing structure, refs EC-1011
* refactor: move organizations/billing to billing, refs EC-1011
* refactor: move add-credit and adjust-payment to billing/settings, refs EC-1011
* refactor: billing history/sync to billing, refs EC-1011
* refactor: move org plans, payment/method to billing/settings, refs EC-1011
* fix: update legacy file paths for payment-method and tax-info, refs EC-1011
* fix: update imports for scim component, refs EC-1011
* refactor: move subscription and tax-info into billing, refs EC-1011
* refactor: move user-subscription to billing, refs EC-1011
* refactor: move images/cards to billing and update base path, refs EC-1011
* refactor: move payment-method, plan subscription, and plan to billing, refs EC-1011
* refactor: move transaction-type to billing, refs EC-1011
* refactor: move billing-sync-config to billing, refs EC-1011
* refactor: move billing-sync and bit-pay-invoice request to billing, refs EC-1011
* refactor: move org subscription and tax info update requests to billing, refs EC-1011
* fix: broken paths to billing, refs EC-1011
* refactor: move payment request to billing, refs EC-1011
* fix: update remaining imports for payment-request, refs EC-1011
* refactor: move tax-info-update to billing, refs EC-1011
* refactor: move billing-payment, billing-history, and billing responses to billing, refs EC-1011
* refactor: move organization-subscription-responset to billing, refs EC-1011
* refactor: move payment and plan responses to billing, refs EC-1011
* refactor: move subscription response to billing ,refs EC-1011
* refactor: move tax info and rate responses to billing, refs EC-1011
* fix: update remaining path to base response for tax-rate response, refs EC-1011
* refactor: (browser) move organization-service to admin-console, refs EC-1011
* refactor: (browser) move organizaiton-service to admin-console, refs EC-1011
* refactor: (cli) move share command to admin-console, refs EC-1011
* refactor: move organization-collect request model to admin-console, refs EC-1011
* refactor: (web) move organization, collection/user responses to admin-console, refs EC-1011
* refactor: (cli) move selection-read-only to admin-console, refs EC-1011
* refactor: (desktop) move organization-filter to admin-console, refs EC-1011
* refactor: (web) move organization-switcher to admin-console, refs EC-1011
* refactor: (web) move access-selector to admin-console, refs EC-1011
* refactor: (web) move create folder to admin-console, refs EC-1011
* refactor: (web) move org guards folder to admin-console, refs EC-1011
* refactor: (web) move org layout to admin-console, refs EC-1011
* refactor: move manage collections to admin console, refs EC-1011
* refactor: (web) move collection-dialog to admin-console, refs EC-1011
* refactor: (web) move entity users/events and events component to admin-console, refs EC-1011
* refactor: (web) move groups/group-add-edit to admin-console, refs EC-1011
* refactor: (web) move manage, org-manage module, and user-confirm to admin-console, refs EC-1011
* refactor: (web) move people to admin-console, refs EC-1011
* refactor: (web) move reset-password to admin-console, refs EC-1011
* refactor: (web) move organization-routing and module to admin-console, refs EC-1011
* refactor: move admin-console and billing within app scope, refs EC-1011
* fix: update leftover merge conflicts, refs EC-1011
* refactor: (web) member-dialog to admin-console, refs EC-1011
* refactor: (web) move policies to admin-console, refs EC-1011
* refactor: (web) move reporting to admin-console, refs EC-1011
* refactor: (web) move settings to admin-console, refs EC-1011
* refactor: (web) move sponsorships to admin-console, refs EC-1011
* refactor: (web) move tools to admin-console, refs EC-1011
* refactor: (web) move users to admin-console, refs EC-1011
* refactor: (web) move collections to admin-console, refs EC-1011
* refactor: (web) move create-organization to admin-console, refs EC-1011
* refactor: (web) move licensed components to admin-console, refs EC-1011
* refactor: (web) move bit organization modules to admin-console, refs EC-1011
* fix: update leftover import statements for organizations.module, refs EC-1011
* refactor: (web) move personal vault and max timeout to admin-console, refs EC-1011
* refactor: (web) move providers to admin-console, refs EC-1011
* refactor: (libs) move organization service to admin-console, refs EC-1011
* refactor: (libs) move profile org/provider responses and other misc org responses to admin-console, refs EC-1011
* refactor: (libs) move provider request and selectionion-read-only request to admin-console, refs EC-1011
* fix: update missed import path for provider-user-update request, refs EC-1011
* refactor: (libs) move abstractions to admin-console, refs EC-1011
* refactor: (libs) move org/provider enums to admin-console, refs EC-1011
* fix: update downstream import statements from libs changes, refs EC-1011
* refactor: (libs) move data files to admin-console, refs EC-1011
* refactor: (libs) move domain to admin-console, refs EC-1011
* refactor: (libs) move request objects to admin-console, refs EC-1011
* fix: update downstream import changes from libs, refs EC-1011
* refactor: move leftover provider files to admin-console, refs EC-1011
* refactor: (browser) move group policy environment to admin-console, refs EC-1011
* fix: (browser) update downstream import statements, refs EC-1011
* fix: (desktop) update downstream libs moves, refs EC-1011
* fix: (cli) update downstream import changes from libs, refs EC-1011
* refactor: move org-auth related files to admin-console, refs EC-1011
* refactor: (libs) move request objects to admin-console, refs EC-1011
* refactor: move persmissions to admin-console, refs EC-1011
* refactor: move sponsored families to admin-console and fix libs changes, refs EC-1011
* refactor: move collections to admin-console, refs EC-1011
* refactor: move spec file back to spec scope, refs EC-1011
* fix: update downstream imports due to libs changes, refs EC-1011
* fix: udpate downstream import changes due to libs, refs EC-1011
* fix: update downstream imports due to libs changes, refs EC-1011
* fix: update downstream imports from libs changes, refs EC-1011
* fix: update path malformation in jslib-services.module, refs EC-1011
* fix: lint errors from improper casing, refs AC-1011
* fix: update downstream filename changes, refs AC-1011
* fix: (cli) update downstream filename changes, refs AC-1011
* fix: (desktop) update downstream filename changes, refs AC-1011
* fix: (browser) update downstream filename changes, refs AC-1011
* fix: lint errors, refs AC-1011
* fix: prettier, refs AC-1011
* fix: lint fixes for import order, refs AC-1011
* fix: update import path for provider user type, refs AC-1011
* fix: update new codes import paths for admin console structure, refs AC-1011
* fix: lint/prettier, refs AC-1011
* fix: update layout stories path, refs AC-1011
* fix: update comoponents card icons base variable in styles, refs AC-1011
* fix: update provider service path in permissions guard spec, refs AC-1011
* fix: update provider permission guard path, refs AC-1011
* fix: remove unecessary TODO for shared index export statement, refs AC-1011
* refactor: move browser-organization service and cli organization-user response out of admin-console, refs AC-1011
* refactor: move web/browser/desktop collections component to vault domain, refs AC-1011
* refactor: move organization.module out of admin-console scope, refs AC-1011
* fix: prettier, refs AC-1011
* refactor: move organizations-api-key.request out of admin-console scope, refs AC-1011
2023-03-22 16:03:50 +01:00
|
|
|
import { OrganizationApiServiceAbstraction } from "@bitwarden/common/admin-console/abstractions/organization/organization-api.service.abstraction";
|
|
|
|
import { PolicyApiServiceAbstraction } from "@bitwarden/common/admin-console/abstractions/policy/policy-api.service.abstraction";
|
|
|
|
import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
|
|
|
|
import { Policy } from "@bitwarden/common/admin-console/models/domain/policy";
|
2023-04-14 12:14:18 +02:00
|
|
|
import { OrganizationKeysRequest } from "@bitwarden/common/admin-console/models/request/organization-keys.request";
|
2022-06-14 17:10:53 +02:00
|
|
|
import { Utils } from "@bitwarden/common/misc/utils";
|
2021-12-17 15:57:11 +01:00
|
|
|
|
2023-05-02 22:08:52 +02:00
|
|
|
import { BaseAcceptComponent } from "../common/base.accept.component";
|
2018-07-12 22:05:42 +02:00
|
|
|
|
|
|
|
@Component({
|
2021-12-17 15:57:11 +01:00
|
|
|
selector: "app-accept-organization",
|
|
|
|
templateUrl: "accept-organization.component.html",
|
2018-07-12 22:05:42 +02:00
|
|
|
})
|
2021-06-15 21:02:04 +02:00
|
|
|
export class AcceptOrganizationComponent extends BaseAcceptComponent {
|
2021-12-17 15:57:11 +01:00
|
|
|
orgName: string;
|
|
|
|
|
|
|
|
protected requiredParameters: string[] = ["organizationId", "organizationUserId", "token"];
|
|
|
|
|
|
|
|
constructor(
|
|
|
|
router: Router,
|
|
|
|
platformUtilsService: PlatformUtilsService,
|
|
|
|
i18nService: I18nService,
|
|
|
|
route: ActivatedRoute,
|
|
|
|
stateService: StateService,
|
|
|
|
private cryptoService: CryptoService,
|
2022-08-08 11:04:36 +02:00
|
|
|
private policyApiService: PolicyApiServiceAbstraction,
|
2021-12-17 15:57:11 +01:00
|
|
|
private policyService: PolicyService,
|
2022-08-24 18:33:05 +02:00
|
|
|
private logService: LogService,
|
2022-12-19 19:56:16 +01:00
|
|
|
private organizationApiService: OrganizationApiServiceAbstraction,
|
2022-12-29 17:20:19 +01:00
|
|
|
private organizationUserService: OrganizationUserService,
|
|
|
|
private messagingService: MessagingService
|
2021-12-17 15:57:11 +01:00
|
|
|
) {
|
|
|
|
super(router, platformUtilsService, i18nService, route, stateService);
|
|
|
|
}
|
|
|
|
|
2022-06-08 21:56:26 +02:00
|
|
|
async authedHandler(qParams: Params): Promise<void> {
|
2023-04-14 12:14:18 +02:00
|
|
|
const initOrganization =
|
|
|
|
qParams.initOrganization != null && qParams.initOrganization.toLocaleLowerCase() === "true";
|
|
|
|
if (initOrganization) {
|
|
|
|
this.actionPromise = this.acceptInitOrganizationFlow(qParams);
|
|
|
|
} else {
|
|
|
|
const needsReAuth = (await this.stateService.getOrganizationInvitation()) == null;
|
|
|
|
if (needsReAuth) {
|
|
|
|
// Accepting an org invite requires authentication from a logged out state
|
|
|
|
this.messagingService.send("logout", { redirect: false });
|
|
|
|
await this.prepareOrganizationInvitation(qParams);
|
|
|
|
return;
|
|
|
|
}
|
2022-12-29 17:20:19 +01:00
|
|
|
|
2023-04-14 12:14:18 +02:00
|
|
|
// User has already logged in and passed the Master Password policy check
|
|
|
|
this.actionPromise = this.acceptFlow(qParams);
|
|
|
|
}
|
2021-06-15 21:02:04 +02:00
|
|
|
|
2021-12-17 15:57:11 +01:00
|
|
|
await this.actionPromise;
|
2023-04-14 12:14:18 +02:00
|
|
|
await this.stateService.setOrganizationInvitation(null);
|
2021-12-17 15:57:11 +01:00
|
|
|
this.platformUtilService.showToast(
|
|
|
|
"success",
|
|
|
|
this.i18nService.t("inviteAccepted"),
|
2023-04-14 12:14:18 +02:00
|
|
|
initOrganization
|
|
|
|
? this.i18nService.t("inviteInitAcceptedDesc")
|
|
|
|
: this.i18nService.t("inviteAcceptedDesc"),
|
2021-12-17 15:57:11 +01:00
|
|
|
{ timeout: 10000 }
|
|
|
|
);
|
|
|
|
this.router.navigate(["/vault"]);
|
|
|
|
}
|
|
|
|
|
2022-06-08 21:56:26 +02:00
|
|
|
async unauthedHandler(qParams: Params): Promise<void> {
|
2022-12-29 17:20:19 +01:00
|
|
|
await this.prepareOrganizationInvitation(qParams);
|
2021-12-17 15:57:11 +01:00
|
|
|
}
|
|
|
|
|
2023-04-14 12:14:18 +02:00
|
|
|
private async acceptInitOrganizationFlow(qParams: Params): Promise<any> {
|
|
|
|
return this.prepareAcceptInitRequest(qParams).then((request) =>
|
|
|
|
this.organizationUserService.postOrganizationUserAcceptInit(
|
|
|
|
qParams.organizationId,
|
|
|
|
qParams.organizationUserId,
|
|
|
|
request
|
|
|
|
)
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
private async acceptFlow(qParams: Params): Promise<any> {
|
|
|
|
return this.prepareAcceptRequest(qParams).then((request) =>
|
|
|
|
this.organizationUserService.postOrganizationUserAccept(
|
|
|
|
qParams.organizationId,
|
|
|
|
qParams.organizationUserId,
|
|
|
|
request
|
|
|
|
)
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
private async prepareAcceptInitRequest(
|
|
|
|
qParams: Params
|
|
|
|
): Promise<OrganizationUserAcceptInitRequest> {
|
|
|
|
const request = new OrganizationUserAcceptInitRequest();
|
|
|
|
request.token = qParams.token;
|
|
|
|
|
|
|
|
const [encryptedOrgShareKey, orgShareKey] = await this.cryptoService.makeShareKey();
|
|
|
|
const [orgPublicKey, encryptedOrgPrivateKey] = await this.cryptoService.makeKeyPair(
|
|
|
|
orgShareKey
|
|
|
|
);
|
|
|
|
const collection = await this.cryptoService.encrypt(
|
|
|
|
this.i18nService.t("defaultCollection"),
|
|
|
|
orgShareKey
|
|
|
|
);
|
|
|
|
|
|
|
|
request.key = encryptedOrgShareKey.encryptedString;
|
|
|
|
request.keys = new OrganizationKeysRequest(
|
|
|
|
orgPublicKey,
|
|
|
|
encryptedOrgPrivateKey.encryptedString
|
|
|
|
);
|
|
|
|
request.collectionName = collection.encryptedString;
|
|
|
|
|
|
|
|
return request;
|
|
|
|
}
|
|
|
|
|
2022-06-08 21:56:26 +02:00
|
|
|
private async prepareAcceptRequest(qParams: Params): Promise<OrganizationUserAcceptRequest> {
|
|
|
|
const request = new OrganizationUserAcceptRequest();
|
|
|
|
request.token = qParams.token;
|
|
|
|
|
|
|
|
if (await this.performResetPasswordAutoEnroll(qParams)) {
|
2022-08-24 18:33:05 +02:00
|
|
|
const response = await this.organizationApiService.getKeys(qParams.organizationId);
|
2022-06-08 21:56:26 +02:00
|
|
|
|
|
|
|
if (response == null) {
|
|
|
|
throw new Error(this.i18nService.t("resetPasswordOrgKeysError"));
|
|
|
|
}
|
|
|
|
|
|
|
|
const publicKey = Utils.fromB64ToArray(response.publicKey);
|
|
|
|
|
|
|
|
// RSA Encrypt user's encKey.key with organization public key
|
|
|
|
const encKey = await this.cryptoService.getEncKey();
|
|
|
|
const encryptedKey = await this.cryptoService.rsaEncrypt(encKey.key, publicKey.buffer);
|
|
|
|
|
|
|
|
// Add reset password key to accept request
|
|
|
|
request.resetPasswordKey = encryptedKey.encryptedString;
|
|
|
|
}
|
|
|
|
return request;
|
|
|
|
}
|
|
|
|
|
2022-08-24 18:33:05 +02:00
|
|
|
private async performResetPasswordAutoEnroll(qParams: Params): Promise<boolean> {
|
2021-12-17 15:57:11 +01:00
|
|
|
let policyList: Policy[] = null;
|
|
|
|
try {
|
2022-08-08 11:04:36 +02:00
|
|
|
const policies = await this.policyApiService.getPoliciesByToken(
|
2021-12-17 15:57:11 +01:00
|
|
|
qParams.organizationId,
|
|
|
|
qParams.token,
|
|
|
|
qParams.email,
|
|
|
|
qParams.organizationUserId
|
|
|
|
);
|
|
|
|
policyList = this.policyService.mapPoliciesFromToken(policies);
|
|
|
|
} catch (e) {
|
|
|
|
this.logService.error(e);
|
2018-07-12 22:05:42 +02:00
|
|
|
}
|
2021-06-02 18:35:49 +02:00
|
|
|
|
2021-12-17 15:57:11 +01:00
|
|
|
if (policyList != null) {
|
|
|
|
const result = this.policyService.getResetPasswordPolicyOptions(
|
|
|
|
policyList,
|
|
|
|
qParams.organizationId
|
|
|
|
);
|
|
|
|
// Return true if policy enabled and auto-enroll enabled
|
|
|
|
return result[1] && result[0].autoEnrollEnabled;
|
2021-06-02 18:35:49 +02:00
|
|
|
}
|
2021-12-17 15:57:11 +01:00
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
2022-12-29 17:20:19 +01:00
|
|
|
|
|
|
|
private async prepareOrganizationInvitation(qParams: Params): Promise<void> {
|
|
|
|
this.orgName = qParams.organizationName;
|
|
|
|
if (this.orgName != null) {
|
|
|
|
// Fix URL encoding of space issue with Angular
|
|
|
|
this.orgName = this.orgName.replace(/\+/g, " ");
|
|
|
|
}
|
|
|
|
await this.stateService.setOrganizationInvitation(qParams);
|
|
|
|
}
|
2018-07-12 22:05:42 +02:00
|
|
|
}
|