From 12615c203fcc4783b6045a4a87038e92e0ccc9e8 Mon Sep 17 00:00:00 2001
From: Matt Gibson <mgibson@bitwarden.com>
Date: Wed, 6 Jul 2022 15:19:58 -0400
Subject: [PATCH] [PS-1051] Fix/add master pass hash to all org reset key
 requests (#3049)

* clarify master password reset calls

* Add master password hash to master password change requests
---
 .../components/organization-options.component.ts             | 1 +
 apps/web/src/app/settings/change-password.component.ts       | 5 +++--
 libs/angular/src/components/set-password.component.ts        | 1 +
 3 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/apps/web/src/app/modules/vault-filter/components/organization-options.component.ts b/apps/web/src/app/modules/vault-filter/components/organization-options.component.ts
index 919e39f2ac..fd2cd437e2 100644
--- a/apps/web/src/app/modules/vault-filter/components/organization-options.component.ts
+++ b/apps/web/src/app/modules/vault-filter/components/organization-options.component.ts
@@ -120,6 +120,7 @@ export class OrganizationOptionsComponent {
         },
       });
     } else {
+      // Remove reset password
       const request = new OrganizationUserResetPasswordEnrollmentRequest();
       request.masterPasswordHash = "ignored";
       request.resetPasswordKey = null;
diff --git a/apps/web/src/app/settings/change-password.component.ts b/apps/web/src/app/settings/change-password.component.ts
index 9b7e541c6a..9e4fde680b 100644
--- a/apps/web/src/app/settings/change-password.component.ts
+++ b/apps/web/src/app/settings/change-password.component.ts
@@ -224,7 +224,7 @@ export class ChangePasswordComponent extends BaseChangePasswordComponent {
 
     await this.updateEmergencyAccesses(encKey[0]);
 
-    await this.updateAllResetPasswordKeys(encKey[0]);
+    await this.updateAllResetPasswordKeys(encKey[0], masterPasswordHash);
   }
 
   private async updateEmergencyAccesses(encKey: SymmetricCryptoKey) {
@@ -252,7 +252,7 @@ export class ChangePasswordComponent extends BaseChangePasswordComponent {
     }
   }
 
-  private async updateAllResetPasswordKeys(encKey: SymmetricCryptoKey) {
+  private async updateAllResetPasswordKeys(encKey: SymmetricCryptoKey, masterPasswordHash: string) {
     const orgs = await this.organizationService.getAll();
 
     for (const org of orgs) {
@@ -270,6 +270,7 @@ export class ChangePasswordComponent extends BaseChangePasswordComponent {
 
       // Create/Execute request
       const request = new OrganizationUserResetPasswordEnrollmentRequest();
+      request.masterPasswordHash = masterPasswordHash;
       request.resetPasswordKey = encryptedKey.encryptedString;
 
       await this.apiService.putOrganizationUserResetPasswordEnrollment(org.id, org.userId, request);
diff --git a/libs/angular/src/components/set-password.component.ts b/libs/angular/src/components/set-password.component.ts
index 9ae12b9ebb..3db85a6547 100644
--- a/libs/angular/src/components/set-password.component.ts
+++ b/libs/angular/src/components/set-password.component.ts
@@ -128,6 +128,7 @@ export class SetPasswordComponent extends BaseChangePasswordComponent {
             );
 
             const resetRequest = new OrganizationUserResetPasswordEnrollmentRequest();
+            resetRequest.masterPasswordHash = masterPasswordHash;
             resetRequest.resetPasswordKey = encryptedKey.encryptedString;
 
             return this.apiService.putOrganizationUserResetPasswordEnrollment(