From 3d7b427b0ea7d6b75cc1eebb7a7595314f564503 Mon Sep 17 00:00:00 2001
From: Jake Fink <jfink@bitwarden.com>
Date: Tue, 21 Dec 2021 12:02:56 -0500
Subject: [PATCH] Use MP policies when registering a new user through SSO
 (#587)

* use MP policies when registering a new user through SSO

* prettier and linting
---
 .../src/components/change-password.component.ts    |  2 +-
 angular/src/components/set-password.component.ts   |  2 ++
 common/src/abstractions/api.service.ts             |  4 ++++
 common/src/abstractions/policy.service.ts          |  1 +
 common/src/services/api.service.ts                 | 14 ++++++++++++++
 common/src/services/policy.service.ts              |  9 +++++++++
 6 files changed, 31 insertions(+), 1 deletion(-)

diff --git a/angular/src/components/change-password.component.ts b/angular/src/components/change-password.component.ts
index 6ca81494d9..2431ece289 100644
--- a/angular/src/components/change-password.component.ts
+++ b/angular/src/components/change-password.component.ts
@@ -40,7 +40,7 @@ export class ChangePasswordComponent implements OnInit {
 
   async ngOnInit() {
     this.email = await this.stateService.getEmail();
-    this.enforcedPolicyOptions = await this.policyService.getMasterPasswordPolicyOptions();
+    this.enforcedPolicyOptions ??= await this.policyService.getMasterPasswordPolicyOptions();
   }
 
   async submit() {
diff --git a/angular/src/components/set-password.component.ts b/angular/src/components/set-password.component.ts
index e651eca51b..89f6e520b4 100644
--- a/angular/src/components/set-password.component.ts
+++ b/angular/src/components/set-password.component.ts
@@ -79,6 +79,8 @@ export class SetPasswordComponent extends BaseChangePasswordComponent {
         const response = await this.apiService.getOrganizationAutoEnrollStatus(this.identifier);
         this.orgId = response.id;
         this.resetPasswordAutoEnroll = response.resetPasswordEnabled;
+        this.enforcedPolicyOptions =
+          await this.policyService.getMasterPasswordPoliciesForInvitedUsers(this.orgId);
       } catch {
         this.platformUtilsService.showToast("error", null, this.i18nService.t("errorOccurred"));
       }
diff --git a/common/src/abstractions/api.service.ts b/common/src/abstractions/api.service.ts
index ca648f0cc6..4ef3c1a93c 100644
--- a/common/src/abstractions/api.service.ts
+++ b/common/src/abstractions/api.service.ts
@@ -355,6 +355,10 @@ export abstract class ApiService {
     email: string,
     organizationUserId: string
   ) => Promise<ListResponse<PolicyResponse>>;
+  getPoliciesByInvitedUser: (
+    organizationId: string,
+    userId: string
+  ) => Promise<ListResponse<PolicyResponse>>;
   putPolicy: (
     organizationId: string,
     type: PolicyType,
diff --git a/common/src/abstractions/policy.service.ts b/common/src/abstractions/policy.service.ts
index 97dcb4adf3..f1f6b4e5c9 100644
--- a/common/src/abstractions/policy.service.ts
+++ b/common/src/abstractions/policy.service.ts
@@ -15,6 +15,7 @@ export abstract class PolicyService {
   getPolicyForOrganization: (policyType: PolicyType, organizationId: string) => Promise<Policy>;
   replace: (policies: { [id: string]: PolicyData }) => Promise<any>;
   clear: (userId?: string) => Promise<any>;
+  getMasterPasswordPoliciesForInvitedUsers: (orgId: string) => Promise<MasterPasswordPolicyOptions>;
   getMasterPasswordPolicyOptions: (policies?: Policy[]) => Promise<MasterPasswordPolicyOptions>;
   evaluateMasterPassword: (
     passwordStrength: number,
diff --git a/common/src/services/api.service.ts b/common/src/services/api.service.ts
index 2764108e19..16b94b091c 100644
--- a/common/src/services/api.service.ts
+++ b/common/src/services/api.service.ts
@@ -1047,6 +1047,20 @@ export class ApiService implements ApiServiceAbstraction {
     return new ListResponse(r, PolicyResponse);
   }
 
+  async getPoliciesByInvitedUser(
+    organizationId: string,
+    userId: string
+  ): Promise<ListResponse<PolicyResponse>> {
+    const r = await this.send(
+      "GET",
+      "/organizations/" + organizationId + "/policies/invited-user?" + "userId=" + userId,
+      null,
+      false,
+      true
+    );
+    return new ListResponse(r, PolicyResponse);
+  }
+
   async putPolicy(
     organizationId: string,
     type: PolicyType,
diff --git a/common/src/services/policy.service.ts b/common/src/services/policy.service.ts
index 79af726aea..dce9af6fe6 100644
--- a/common/src/services/policy.service.ts
+++ b/common/src/services/policy.service.ts
@@ -78,6 +78,15 @@ export class PolicyService implements PolicyServiceAbstraction {
     await this.stateService.setEncryptedPolicies(null, { userId: userId });
   }
 
+  async getMasterPasswordPoliciesForInvitedUsers(
+    orgId: string
+  ): Promise<MasterPasswordPolicyOptions> {
+    const userId = await this.stateService.getUserId();
+    const response = await this.apiService.getPoliciesByInvitedUser(orgId, userId);
+    const policies = await this.mapPoliciesFromToken(response);
+    return this.getMasterPasswordPolicyOptions(policies);
+  }
+
   async getMasterPasswordPolicyOptions(policies?: Policy[]): Promise<MasterPasswordPolicyOptions> {
     let enforcedOptions: MasterPasswordPolicyOptions = null;