From 8690f51e2f68ccd8639fa632f392ebcde1f1dcdd Mon Sep 17 00:00:00 2001
From: Oscar Hinton <oscar@oscarhinton.com>
Date: Wed, 15 Sep 2021 15:57:43 +0200
Subject: [PATCH] Disable Private Vault Export Policy (#371)

---
 jslib                          |  2 +-
 src/bw.ts                      |  2 +-
 src/commands/export.command.ts | 14 ++++++++++++--
 src/commands/login.command.ts  |  2 +-
 src/vault.program.ts           |  2 +-
 5 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/jslib b/jslib
index 5f64d95652..ee1ea922a9 160000
--- a/jslib
+++ b/jslib
@@ -1 +1 @@
-Subproject commit 5f64d956520612a681611a27c5f4f2e5f27b640e
+Subproject commit ee1ea922a9d5a51ef8df2abf4b97fc035ed782be
diff --git a/src/bw.ts b/src/bw.ts
index 436217f635..d8924a8f34 100644
--- a/src/bw.ts
+++ b/src/bw.ts
@@ -138,7 +138,7 @@ export class Main {
             this.storageService, this.i18nService, this.cryptoFunctionService);
         this.vaultTimeoutService = new VaultTimeoutService(this.cipherService, this.folderService,
             this.collectionService, this.cryptoService, this.platformUtilsService, this.storageService,
-            this.messagingService, this.searchService, this.userService, this.tokenService,
+            this.messagingService, this.searchService, this.userService, this.tokenService, this.policyService,
             async () => await this.cryptoService.clearStoredKey('auto'), null);
         this.syncService = new SyncService(this.userService, this.apiService, this.settingsService,
             this.folderService, this.cipherService, this.cryptoService, this.collectionService,
diff --git a/src/commands/export.command.ts b/src/commands/export.command.ts
index 1b0ab37dad..38f85edbbf 100644
--- a/src/commands/export.command.ts
+++ b/src/commands/export.command.ts
@@ -3,17 +3,27 @@ import * as inquirer from 'inquirer';
 
 import { CryptoService } from 'jslib-common/abstractions/crypto.service';
 import { ExportService } from 'jslib-common/abstractions/export.service';
+import { PolicyService } from 'jslib-common/abstractions/policy.service';
 
 import { Response } from 'jslib-node/cli/models/response';
 
-import { CliUtils } from '../utils';
+import { PolicyType } from 'jslib-common/enums/policyType';
 
 import { Utils } from 'jslib-common/misc/utils';
 
+import { CliUtils } from '../utils';
+
 export class ExportCommand {
-    constructor(private cryptoService: CryptoService, private exportService: ExportService) { }
+    constructor(private cryptoService: CryptoService, private exportService: ExportService,
+        private policyService: PolicyService) { }
 
     async run(password: string, options: program.OptionValues): Promise<Response> {
+        if (options.organizationid == null &&
+            await this.policyService.policyAppliesToUser(PolicyType.DisablePersonalVaultExport)) {
+            return Response.badRequest(
+                'One or more organization policies prevents you from exporting your personal vault.'
+            );
+        }
         const canInteract = process.env.BW_NOINTERACTION !== 'true';
         if ((password == null || password === '') && canInteract) {
             const answer: inquirer.Answers = await inquirer.createPromptModule({ output: process.stderr })({
diff --git a/src/commands/login.command.ts b/src/commands/login.command.ts
index 085031fe35..0ffbadc685 100644
--- a/src/commands/login.command.ts
+++ b/src/commands/login.command.ts
@@ -3,8 +3,8 @@ import * as inquirer from 'inquirer';
 
 import { ApiService } from 'jslib-common/abstractions/api.service';
 import { AuthService } from 'jslib-common/abstractions/auth.service';
-import { CryptoFunctionService } from 'jslib-common/abstractions/cryptoFunction.service';
 import { CryptoService } from 'jslib-common/abstractions/crypto.service';
+import { CryptoFunctionService } from 'jslib-common/abstractions/cryptoFunction.service';
 import { EnvironmentService } from 'jslib-common/abstractions/environment.service';
 import { I18nService } from 'jslib-common/abstractions/i18n.service';
 import { PasswordGenerationService } from 'jslib-common/abstractions/passwordGeneration.service';
diff --git a/src/vault.program.ts b/src/vault.program.ts
index 7209c8319a..f359915138 100644
--- a/src/vault.program.ts
+++ b/src/vault.program.ts
@@ -424,7 +424,7 @@ export class VaultProgram extends Program {
             })
             .action(async (password, options) => {
                 await this.exitIfLocked();
-                const command = new ExportCommand(this.main.cryptoService, this.main.exportService);
+                const command = new ExportCommand(this.main.cryptoService, this.main.exportService, this.main.policyService);
                 const response = await command.run(password, options);
                 this.processResponse(response);
             });