[PM-8979] Check that user is authed before getting user config (#10031)

* Check that user is authed before getting user config * Accept PR Suggestion Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com> * Use Strict Equal --------- Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
2024-11-25 12:15:18 +01:00 · 2024-07-15 10:41:10 -04:00 · 2024-07-15 10:41:10 -04:00 · 5fcf4bbd10
commit 5fcf4bbd10
parent 5a46c7d5cc
5 changed files with 56 additions and 6 deletions
--- a/apps/browser/src/background/main.background.ts
+++ b/apps/browser/src/background/main.background.ts
@ -716,6 +716,7 @@ export default class MainBackground {
      this.environmentService,
      this.logService,
      this.stateProvider,
      this.authService,
    );
    this.cipherService = new CipherService(
--- a/apps/cli/src/service-container.ts
+++ b/apps/cli/src/service-container.ts
@ -586,6 +586,7 @@ export class ServiceContainer {
      this.environmentService,
      this.logService,
      this.stateProvider,
      this.authService,
    );
    this.cipherService = new CipherService(
--- a/libs/angular/src/services/jslib-services.module.ts
+++ b/libs/angular/src/services/jslib-services.module.ts
@ -954,7 +954,13 @@ const safeProviders: SafeProvider[] = [
  safeProvider({
    provide: DefaultConfigService,
    useClass: DefaultConfigService,
-    deps: [ConfigApiServiceAbstraction, EnvironmentService, LogService, StateProvider],
+    deps: [
      ConfigApiServiceAbstraction,
      EnvironmentService,
      LogService,
      StateProvider,
      AuthServiceAbstraction,
    ],
  }),
  safeProvider({
    provide: ConfigService,
--- a/libs/common/src/platform/services/config/config.service.spec.ts
+++ b/libs/common/src/platform/services/config/config.service.spec.ts
@ -14,6 +14,8 @@ import {
  mockAccountServiceWith,
 } from "../../../../spec";
 import { subscribeTo } from "../../../../spec/observable-tracker";
 import { AuthService } from "../../../auth/abstractions/auth.service";
 import { AuthenticationStatus } from "../../../auth/enums/authentication-status";
 import { UserId } from "../../../types/guid";
 import { ConfigApiServiceAbstraction } from "../../abstractions/config/config-api.service.abstraction";
 import { ServerConfig } from "../../abstractions/config/server-config";
@ -39,6 +41,9 @@ describe("ConfigService", () => {
  const configApiService = mock<ConfigApiServiceAbstraction>();
  const environmentService = mock<EnvironmentService>();
  const logService = mock<LogService>();
  const authService = mock<AuthService>({
    authStatusFor$: (userId) => of(AuthenticationStatus.Unlocked),
  });
  let stateProvider: FakeStateProvider;
  let globalState: FakeGlobalState<Record<ApiUrl, ServerConfig>>;
  let userState: FakeSingleUserState<ServerConfig>;
@ -71,6 +76,7 @@ describe("ConfigService", () => {
        environmentService,
        logService,
        stateProvider,
        authService,
      );
    });
@ -188,6 +194,30 @@ describe("ConfigService", () => {
    });
  });
  it("gets global config when there is an locked active user", async () => {
    await accountService.switchAccount(userId);
    environmentService.environment$ = of(environmentFactory(activeApiUrl));
    globalState.stateSubject.next({
      [activeApiUrl]: serverConfigFactory(activeApiUrl + "global"),
    });
    userState.nextState(serverConfigFactory(userId));
    const sut = new DefaultConfigService(
      configApiService,
      environmentService,
      logService,
      stateProvider,
      mock<AuthService>({
        authStatusFor$: () => of(AuthenticationStatus.Locked),
      }),
    );
    const config = await firstValueFrom(sut.serverConfig$);
    expect(config.gitHash).toEqual(activeApiUrl + "global");
  });
  describe("environment change", () => {
    let sut: DefaultConfigService;
    let environmentSubject: Subject<Environment>;
@ -205,6 +235,7 @@ describe("ConfigService", () => {
        environmentService,
        logService,
        stateProvider,
        authService,
      );
    });
--- a/libs/common/src/platform/services/config/default-config.service.ts
+++ b/libs/common/src/platform/services/config/default-config.service.ts
@ -13,6 +13,8 @@ import {
 } from "rxjs";
 import { SemVer } from "semver";
 import { AuthService } from "../../../auth/abstractions/auth.service";
 import { AuthenticationStatus } from "../../../auth/enums/authentication-status";
 import {
  DefaultFeatureFlagValue,
  FeatureFlag,
@ -60,16 +62,25 @@ export class DefaultConfigService implements ConfigService {
    private environmentService: EnvironmentService,
    private logService: LogService,
    private stateProvider: StateProvider,
    private authService: AuthService,
  ) {
    const apiUrl$ = this.environmentService.environment$.pipe(
      map((environment) => environment.getApiUrl()),
    );
    const userId$ = this.stateProvider.activeUserId$;
    const authStatus$ = userId$.pipe(
      switchMap((userId) => (userId == null ? of(null) : this.authService.authStatusFor$(userId))),
    );
-    this.serverConfig$ = combineLatest([this.stateProvider.activeUserId$, apiUrl$]).pipe(
+    this.serverConfig$ = combineLatest([userId$, apiUrl$, authStatus$]).pipe(
-      switchMap(([userId, apiUrl]) => {
+      switchMap(([userId, apiUrl, authStatus]) => {
-        const config$ =
+        if (userId == null || authStatus !== AuthenticationStatus.Unlocked) {
-          userId == null ? this.globalConfigFor$(apiUrl) : this.userConfigFor$(userId);
+          return this.globalConfigFor$(apiUrl).pipe(
-        return config$.pipe(map((config) => [config, userId, apiUrl] as const));
+            map((config) => [config, null, apiUrl] as const),
          );
        }
        return this.userConfigFor$(userId).pipe(map((config) => [config, userId, apiUrl] as const));
      }),
      tap(async (rec) => {
        const [existingConfig, userId, apiUrl] = rec;