[AC-1435] Copy updates for Single Organization policy prerequisite for Account Recovery policy (#5774)

* [AC-1435] Update copy/formatting on account recovery policy dialog * [AC-1435] Cleanup account recovery dialog component * [AC-1435] Update AccountRecovery policy description * [AC-1435] Update Tde option description to include notice for Single Org policy * fix: remove extra hyphen from help link, refs AC-1435 --------- Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com>
2024-12-22 16:29:09 +01:00 · 2023-07-18 08:00:43 -07:00 · 2023-07-18 08:00:43 -07:00 · 9d8f52ef6a
commit 9d8f52ef6a
parent 7aad24727d
4 changed files with 75 additions and 91 deletions
--- a/apps/web/src/app/admin-console/organizations/policies/reset-password.component.html
+++ b/apps/web/src/app/admin-console/organizations/policies/reset-password.component.html
@ -1,40 +1,23 @@
-<app-callout type="info" *ngIf="showKeyConnectorInfo">
+<bit-callout type="info" *ngIf="showKeyConnectorInfo">
  {{ "keyConnectorPolicyRestriction" | i18n }}
-</app-callout>
+</bit-callout>
-<app-callout type="warning">
+<bit-callout type="success" [title]="'prerequisite' | i18n" icon="bwi-lightbulb">
-  {{ "resetPasswordPolicyWarning" | i18n }}
+  {{ "accountRecoverySingleOrgRequirementDesc" | i18n }}
-</app-callout>
+</bit-callout>
-<div class="form-group">
+<bit-callout type="warning">
-  <div class="form-check">
+  {{ "accountRecoveryPolicyWarning" | i18n }}
-    <input
+</bit-callout>
      class="form-check-input"
      type="checkbox"
      id="enabled"
      [formControl]="enabled"
      name="Enabled"
    />
    <label class="form-check-label" for="enabled">{{ "turnOn" | i18n }}</label>
  </div>
 </div>
-<div [formGroup]="data">
+<bit-form-control class="!tw-mb-1">
-  <h3 class="mt-4">{{ "resetPasswordPolicyAutoEnroll" | i18n }}</h3>
+  <input type="checkbox" bitCheckbox [formControl]="enabled" id="enabled" />
-  <p>{{ "resetPasswordPolicyAutoEnrollDescription" | i18n }}</p>
+  <bit-label>{{ "turnOn" | i18n }}</bit-label>
-  <app-callout type="warning">
+</bit-form-control>
-    {{ "resetPasswordPolicyAutoEnrollWarning" | i18n }}
+
-  </app-callout>
+<ng-container [formGroup]="data">
-  <div class="form-check">
+  <bit-form-control class="!tw-mb-1">
-    <input
+    <input type="checkbox" bitCheckbox formControlName="autoEnrollEnabled" id="autoEnrollEnabled" />
-      class="form-check-input"
+    <bit-label>{{ "resetPasswordPolicyAutoEnrollCheckbox" | i18n }}</bit-label>
-      type="checkbox"
+  </bit-form-control>
-      id="autoEnrollEnabled"
+</ng-container>
      name="AutoEnrollEnabled"
      formControlName="autoEnrollEnabled"
    />
    <label class="form-check-label" for="autoEnrollEnabled">
      {{ "resetPasswordPolicyAutoEnrollCheckbox" | i18n }}
    </label>
  </div>
 </div>
--- a/apps/web/src/app/admin-console/organizations/policies/reset-password.component.ts
+++ b/apps/web/src/app/admin-console/organizations/policies/reset-password.component.ts
@ -1,5 +1,5 @@
 import { Component } from "@angular/core";
-import { UntypedFormBuilder } from "@angular/forms";
+import { FormBuilder } from "@angular/forms";
 import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
 import { PolicyType } from "@bitwarden/common/admin-console/enums";
@ -9,7 +9,7 @@ import { BasePolicy, BasePolicyComponent } from "./base-policy.component";
 export class ResetPasswordPolicy extends BasePolicy {
  name = "accountRecoveryPolicy";
-  description = "accountRecoveryPolicyDescription";
+  description = "accountRecoveryPolicyDesc";
  type = PolicyType.ResetPassword;
  component = ResetPasswordPolicyComponent;
@ -26,14 +26,9 @@ export class ResetPasswordPolicyComponent extends BasePolicyComponent {
  data = this.formBuilder.group({
    autoEnrollEnabled: false,
  });
  defaultTypes: { name: string; value: string }[];
  showKeyConnectorInfo = false;
-  constructor(
+  constructor(private formBuilder: FormBuilder, private organizationService: OrganizationService) {
    private formBuilder: UntypedFormBuilder,
    private organizationService: OrganizationService
  ) {
    super();
  }
--- a/apps/web/src/locales/en/messages.json
+++ b/apps/web/src/locales/en/messages.json
@ -404,8 +404,7 @@
  "viewItem": {
    "message": "View item"
  },
-  "new":
+  "new": {
  {
    "message": "New",
    "description": "for adding new items"
  },
@ -4595,21 +4594,18 @@
  "accountRecoveryPolicy": {
    "message": "Account recovery administration"
  },
-  "accountRecoveryPolicyDescription": {
+  "accountRecoveryPolicyDesc": {
-    "message": "Recover member accounts when master password or trusted devices are forgotten or lost. The recovery processes is based on the account encryption method."
+    "message": "Based on the encryption method, recover accounts when master passwords or trusted devices are forgotten or lost."
  },
-  "resetPasswordPolicyWarning": {
+  "accountRecoveryPolicyWarning": {
-    "message": "Members in the organization will need to self-enroll or be auto-enrolled before administrators can reset their master password."
+    "message": "Existing accounts with master passwords will require members to self-enroll before administrators can recover their accounts. Automatic enrollment will turn on account recovery for new members."
  },
  "accountRecoverySingleOrgRequirementDesc": {
    "message": "The single organization Enterprise policy must be turned on before activating this policy."
  },
  "resetPasswordPolicyAutoEnroll": {
    "message": "Automatic enrollment"
  },
  "resetPasswordPolicyAutoEnrollDescription": {
    "message": "All members will be automatically enrolled in password reset once their invite is accepted and will not be allowed to withdraw."
  },
  "resetPasswordPolicyAutoEnrollWarning": {
    "message": "Members already in the organization will not be retroactively enrolled in password reset. They will need to self-enroll before administrators can reset their master password."
  },
  "resetPasswordPolicyAutoEnrollCheckbox": {
    "message": "Require new members to be enrolled automatically"
  },
@ -5225,8 +5221,8 @@
    "message": "Use the",
    "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Use the require single-sign-on authentication policy to require all members to log in with SSO.'"
  },
-  "ssoPolicyHelpLink": {
+  "ssoPolicyHelpAnchor": {
-    "message": "require single-sign-on authentication policy",
+    "message": "require single sign-on authentication policy",
    "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Use the require single-sign-on authentication policy to require all members to log in with SSO.'"
  },
  "ssoPolicyHelpEnd": {
@ -5855,10 +5851,10 @@
    "message": "Delete secrets",
    "description": "The action to delete multiple secrets from the system."
  },
-  "hardDeleteSecret":{
+  "hardDeleteSecret": {
    "message": "Permanently delete secret"
  },
-  "hardDeleteSecrets":{
+  "hardDeleteSecrets": {
    "message": "Permanently delete secrets"
  },
  "secretProjectAssociationDescription": {
@ -5937,7 +5933,7 @@
    "message": "To get started, add a new secret or import secrets.",
    "description": "Message to encourage the user to start adding secrets."
  },
-  "secretsTrashNoItemsMessage":{
+  "secretsTrashNoItemsMessage": {
    "message": "There are no secrets in the trash."
  },
  "serviceAccountsNoItemsMessage": {
@ -5973,10 +5969,10 @@
      }
    }
  },
-  "deleteServiceAccountsDialogMessage":{
+  "deleteServiceAccountsDialogMessage": {
    "message": "Deleting service accounts is permanent and irreversible."
  },
-  "deleteServiceAccountsConfirmMessage":{
+  "deleteServiceAccountsConfirmMessage": {
    "message": "Delete $COUNT$ service accounts",
    "placeholders": {
      "count": {
@ -5985,19 +5981,19 @@
      }
    }
  },
-  "deleteServiceAccountToast":{
+  "deleteServiceAccountToast": {
    "message": "Service account deleted"
  },
-  "deleteServiceAccountsToast":{
+  "deleteServiceAccountsToast": {
    "message": "Service accounts deleted"
  },
  "searchServiceAccounts": {
    "message": "Search service accounts",
    "description": "Placeholder text for searching service accounts."
  },
-  "editServiceAccount":{
+  "editServiceAccount": {
-    "message":"Edit service account",
+    "message": "Edit service account",
-    "description" : "Title for editing a service account."
+    "description": "Title for editing a service account."
  },
  "addProject": {
    "message": "Add project",
@ -6037,8 +6033,8 @@
  "hardDeleteSecretsConfirmation": {
    "message": "Are you sure you want to permanently delete these secrets?"
  },
-  "hardDeletesSuccessToast":{
+  "hardDeletesSuccessToast": {
-    "message":"Secrets permanently deleted"
+    "message": "Secrets permanently deleted"
  },
  "smAccess": {
    "message": "Access",
@ -6140,8 +6136,8 @@
    "message": "Secret sent to trash",
    "description": "Notification to be displayed when a secret is successfully sent to the trash."
  },
-  "hardDeleteSuccessToast":{
+  "hardDeleteSuccessToast": {
-    "message":"Secret permanently deleted"
+    "message": "Secret permanently deleted"
  },
  "accessTokens": {
    "message": "Access tokens",
@ -6832,19 +6828,27 @@
  "trustedDeviceEncryption": {
    "message": "Trusted device encryption"
  },
-  "memberDecryptionTdeDescriptionStart": {
+  "memberDecryptionTdeDescriptionPartOne": {
    "message": "Once authenticated, members will decrypt vault data using a key stored on their device. The",
-    "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Once authenticated, members will decrypt vault data using a key stored on their device. The account recovery administration policy with automatic enrollment will turn on when this option is used.'"
+    "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Once authenticated, members will decrypt vault data using a key stored on their device. The single organization policy and account recovery administration policy with automatic enrollment will turn on when this option is used.'"
  },
-  "memberDecryptionTdeDescriptionLink": {
+  "memberDecryptionTdeDescriptionLinkOne": {
-    "message": "account recovery administration policy",
+    "message": "single organization",
-    "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Once authenticated, members will decrypt vault data using a key stored on their device. The account recovery administration policy with automatic enrollment will turn on when this option is used.'"
+    "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Once authenticated, members will decrypt vault data using a key stored on their device. The single organization policy and account recovery administration policy with automatic enrollment will turn on when this option is used.'"
  },
-  "memberDecryptionTdeDescriptionEnd": {
+  "memberDecryptionTdeDescriptionPartTwo": {
-    "message": "with automatic enrollment will turn on when this option is used.",
+    "message": "policy and ",
-    "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Once authenticated, members will decrypt vault data using a key stored on their device. The master password reset policy with automatic enrollment will turn on when this option is used.'"
+    "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Once authenticated, members will decrypt vault data using a key stored on their device. The single organization policy and account recovery administration policy with automatic enrollment will turn on when this option is used.'"
  },
-  "notFound":{
+  "memberDecryptionTdeDescriptionLinkTwo": {
    "message": "account recovery administration",
    "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Once authenticated, members will decrypt vault data using a key stored on their device. The single organization policy and account recovery administration policy with automatic enrollment will turn on when this option is used.'"
  },
  "memberDecryptionTdeDescriptionPartThree": {
    "message": "policy with automatic enrollment will turn on when this option is used.",
    "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Once authenticated, members will decrypt vault data using a key stored on their device. The single organization policy and account recovery administration policy with automatic enrollment will turn on when this option is used.'"
  },
  "notFound": {
    "message": "$RESOURCE$ not found",
    "placeholders": {
      "resource": {
--- a/bitwarden_license/bit-web/src/app/auth/sso/sso.component.html
+++ b/bitwarden_license/bit-web/src/app/auth/sso/sso.component.html
@ -14,7 +14,7 @@
 <form [formGroup]="ssoConfigForm" [bitSubmit]="submit" *ngIf="!loading">
  <p>
    {{ "ssoPolicyHelpStart" | i18n }}
-    <a routerLink="../policies">{{ "ssoPolicyHelpLink" | i18n }}</a>
+    <a routerLink="../policies">{{ "ssoPolicyHelpAnchor" | i18n }}</a>
    {{ "ssoPolicyHelpEnd" | i18n }}
    <br />
  </p>
@ -81,9 +81,11 @@
          {{ "trustedDeviceEncryption" | i18n }}
        </bit-label>
        <bit-hint>
-          {{ "memberDecryptionTdeDescriptionStart" | i18n }}
+          {{ "memberDecryptionTdeDescriptionPartOne" | i18n }}
-          <a routerLink="../policies">{{ "memberDecryptionTdeDescriptionLink" | i18n }}</a>
+          <a routerLink="../policies">{{ "memberDecryptionTdeDescriptionLinkOne" | i18n }}</a>
-          {{ "memberDecryptionTdeDescriptionEnd" | i18n }}
+          {{ "memberDecryptionTdeDescriptionPartTwo" | i18n }}
          <a routerLink="../policies">{{ "memberDecryptionTdeDescriptionLinkTwo" | i18n }}</a>
          {{ "memberDecryptionTdeDescriptionPartThree" | i18n }}
        </bit-hint>
      </bit-radio-button>
    </bit-radio-group>