From 07355694792999042e6373ebd1b3571329a969cc Mon Sep 17 00:00:00 2001 From: Thomas Rittson <31796059+eliykat@users.noreply.github.com> Date: Fri, 26 Mar 2021 08:27:43 +1000 Subject: [PATCH] Hide email address in Sends (#310) * Let organizations disable anonymous Sends only * Add HideEmail to send models and service * Delete unnecessary model * Enforce new Send policy, fix naming conventions * Fix linting * Fully disable editing anonymous Sends per policy * Revert disableSendPolicy, add sendOptionsPolicy * Rework UI for enforcing disableHideEmail * Fix linting and cleanup after refactor --- src/angular/components/send/add-edit.component.ts | 14 ++++++++++++-- src/enums/policyType.ts | 1 + src/models/data/sendData.ts | 2 ++ src/models/domain/send.ts | 2 ++ src/models/request/sendRequest.ts | 2 ++ src/models/response/sendResponse.ts | 2 ++ src/models/view/sendView.ts | 2 ++ src/services/send.service.ts | 1 + 8 files changed, 24 insertions(+), 2 deletions(-) diff --git a/src/angular/components/send/add-edit.component.ts b/src/angular/components/send/add-edit.component.ts index 5f2c2b263e..dcd41f0ea0 100644 --- a/src/angular/components/send/add-edit.component.ts +++ b/src/angular/components/send/add-edit.component.ts @@ -47,6 +47,7 @@ export class AddEditComponent implements OnInit { copyLink = false; disableSend = false; + disableHideEmail = false; send: SendView; deletionDate: string; deletionDateFallback: string; @@ -149,14 +150,23 @@ export class AddEditComponent implements OnInit { } async load() { - const policies = await this.policyService.getAll(PolicyType.DisableSend); + const disableSendPolicies = await this.policyService.getAll(PolicyType.DisableSend); const organizations = await this.userService.getAllOrganizations(); this.disableSend = organizations.some(o => { return o.enabled && o.status === OrganizationUserStatusType.Confirmed && o.usePolicies && !o.canManagePolicies && - policies.some(p => p.organizationId === o.id && p.enabled); + disableSendPolicies.some(p => p.organizationId === o.id && p.enabled); + }); + + const sendOptionsPolicies = await this.policyService.getAll(PolicyType.SendOptions); + this.disableHideEmail = await organizations.some(o => { + return o.enabled && + o.status === OrganizationUserStatusType.Confirmed && + o.usePolicies && + !o.canManagePolicies && + sendOptionsPolicies.some(p => p.organizationId === o.id && p.enabled && p.data.disableHideEmail); }); this.canAccessPremium = await this.userService.canAccessPremium(); diff --git a/src/enums/policyType.ts b/src/enums/policyType.ts index 8ed07c9d77..6b743b8ab1 100644 --- a/src/enums/policyType.ts +++ b/src/enums/policyType.ts @@ -6,4 +6,5 @@ export enum PolicyType { RequireSso = 4, // Requires users to authenticate with SSO PersonalOwnership = 5, // Disables personal vault ownership for adding/cloning items DisableSend = 6, // Disables the ability to create and edit Bitwarden Sends + SendOptions = 7, // Sets restrictions or defaults for Bitwarden Sends } diff --git a/src/models/data/sendData.ts b/src/models/data/sendData.ts index 2d60a37115..363429ccbe 100644 --- a/src/models/data/sendData.ts +++ b/src/models/data/sendData.ts @@ -22,6 +22,7 @@ export class SendData { deletionDate: string; password: string; disabled: boolean; + hideEmail: boolean; constructor(response?: SendResponse, userId?: string) { if (response == null) { @@ -42,6 +43,7 @@ export class SendData { this.deletionDate = response.deletionDate; this.password = response.password; this.disabled = response.disable; + this.hideEmail = response.hideEmail; switch (this.type) { case SendType.Text: diff --git a/src/models/domain/send.ts b/src/models/domain/send.ts index fabfc1471f..32fcce3791 100644 --- a/src/models/domain/send.ts +++ b/src/models/domain/send.ts @@ -30,6 +30,7 @@ export class Send extends Domain { deletionDate: Date; password: string; disabled: boolean; + hideEmail: boolean; constructor(obj?: SendData, alreadyEncrypted: boolean = false) { super(); @@ -54,6 +55,7 @@ export class Send extends Domain { this.revisionDate = obj.revisionDate != null ? new Date(obj.revisionDate) : null; this.deletionDate = obj.deletionDate != null ? new Date(obj.deletionDate) : null; this.expirationDate = obj.expirationDate != null ? new Date(obj.expirationDate) : null; + this.hideEmail = obj.hideEmail; switch (this.type) { case SendType.Text: diff --git a/src/models/request/sendRequest.ts b/src/models/request/sendRequest.ts index e07804e96a..5e5861f0e8 100644 --- a/src/models/request/sendRequest.ts +++ b/src/models/request/sendRequest.ts @@ -18,6 +18,7 @@ export class SendRequest { file: SendFileApi; password: string; disabled: boolean; + hideEmail: boolean; constructor(send: Send, fileLength?: number) { this.type = send.type; @@ -30,6 +31,7 @@ export class SendRequest { this.key = send.key != null ? send.key.encryptedString : null; this.password = send.password; this.disabled = send.disabled; + this.hideEmail = send.hideEmail; switch (this.type) { case SendType.Text: diff --git a/src/models/response/sendResponse.ts b/src/models/response/sendResponse.ts index 039efee4fe..fdbbf33441 100644 --- a/src/models/response/sendResponse.ts +++ b/src/models/response/sendResponse.ts @@ -21,6 +21,7 @@ export class SendResponse extends BaseResponse { deletionDate: string; password: string; disable: boolean; + hideEmail: boolean; constructor(response: any) { super(response); @@ -37,6 +38,7 @@ export class SendResponse extends BaseResponse { this.deletionDate = this.getResponseProperty('DeletionDate'); this.password = this.getResponseProperty('Password'); this.disable = this.getResponseProperty('Disabled') || false; + this.hideEmail = this.getResponseProperty('HideEmail') || false; const text = this.getResponseProperty('Text'); if (text != null) { diff --git a/src/models/view/sendView.ts b/src/models/view/sendView.ts index 701a932606..1730bce643 100644 --- a/src/models/view/sendView.ts +++ b/src/models/view/sendView.ts @@ -25,6 +25,7 @@ export class SendView implements View { expirationDate: Date = null; password: string = null; disabled: boolean = false; + hideEmail: boolean = false; constructor(s?: Send) { if (!s) { @@ -41,6 +42,7 @@ export class SendView implements View { this.expirationDate = s.expirationDate; this.disabled = s.disabled; this.password = s.password; + this.hideEmail = s.hideEmail; } get urlB64Key(): string { diff --git a/src/services/send.service.ts b/src/services/send.service.ts index 9230d70373..205a495345 100644 --- a/src/services/send.service.ts +++ b/src/services/send.service.ts @@ -50,6 +50,7 @@ export class SendService implements SendServiceAbstraction { send.id = model.id; send.type = model.type; send.disabled = model.disabled; + send.hideEmail = model.hideEmail; send.maxAccessCount = model.maxAccessCount; if (model.key == null) { model.key = await this.cryptoFunctionService.randomBytes(16);