mirror of
https://github.com/bitwarden/browser.git
synced 2024-12-24 16:49:26 +01:00
[Policy] Personal Ownership (#1481)
* Initial commit for personal ownership * Removed TODO // Updated allowPersonalOwnership logic to include necessary org/user checks * Fixed import order * Updated jslib (dcbd09e
->72bf18f
) * Fixed casing for error message
This commit is contained in:
parent
e42360a1b2
commit
a1542f050d
2
jslib
2
jslib
@ -1 +1 @@
|
||||
Subproject commit dcbd09e736b516b359369f9d9fe5b0f5a6c2a928
|
||||
Subproject commit 72bf18f369068d36767794bdc0ca377f734cf373
|
@ -1413,5 +1413,8 @@
|
||||
},
|
||||
"nativeMessagingInvalidEncryptionTitle": {
|
||||
"message": "Desktop communication interupted"
|
||||
},
|
||||
"personalOwnershipSubmitError": {
|
||||
"message": "Due to an Enterprise Policy, you are restricted from saving items to your personal vault. Change the Ownership option to an organization and choose from available Collections."
|
||||
}
|
||||
}
|
||||
|
@ -155,9 +155,9 @@ export default class MainBackground {
|
||||
async () => {
|
||||
if (this.nativeMessagingBackground != null) {
|
||||
const promise = this.nativeMessagingBackground.getResponse();
|
||||
|
||||
|
||||
try {
|
||||
await this.nativeMessagingBackground.send({command: 'biometricUnlock'});
|
||||
await this.nativeMessagingBackground.send({ command: 'biometricUnlock' });
|
||||
} catch (e) {
|
||||
return Promise.reject(e);
|
||||
}
|
||||
@ -243,7 +243,7 @@ export default class MainBackground {
|
||||
this.runtimeBackground = new RuntimeBackground(this, this.autofillService, this.cipherService,
|
||||
this.platformUtilsService as BrowserPlatformUtilsService, this.storageService, this.i18nService,
|
||||
this.analytics, this.notificationsService, this.systemService, this.vaultTimeoutService,
|
||||
this.environmentService);
|
||||
this.environmentService, this.policyService, this.userService);
|
||||
this.nativeMessagingBackground = new NativeMessagingBackground(this.storageService, this.cryptoService, this.cryptoFunctionService,
|
||||
this.vaultTimeoutService, this.runtimeBackground, this.i18nService, this.userService, this.messagingService);
|
||||
this.commandsBackground = new CommandsBackground(this, this.passwordGenerationService,
|
||||
|
@ -12,11 +12,13 @@ import { ConstantsService } from 'jslib/services/constants.service';
|
||||
import { EnvironmentService } from 'jslib/abstractions/environment.service';
|
||||
import { I18nService } from 'jslib/abstractions/i18n.service';
|
||||
import { NotificationsService } from 'jslib/abstractions/notifications.service';
|
||||
import { PolicyService } from 'jslib/abstractions/policy.service';
|
||||
import { PopupUtilsService } from '../popup/services/popup-utils.service';
|
||||
import { StateService } from 'jslib/abstractions/state.service';
|
||||
import { StorageService } from 'jslib/abstractions/storage.service';
|
||||
import { SyncService } from 'jslib/abstractions/sync.service';
|
||||
import { SystemService } from 'jslib/abstractions/system.service';
|
||||
import { UserService } from 'jslib/abstractions/user.service';
|
||||
import { VaultTimeoutService } from 'jslib/abstractions/vaultTimeout.service';
|
||||
|
||||
import { BrowserApi } from '../browser/browserApi';
|
||||
@ -27,6 +29,9 @@ import { NativeMessagingBackground } from './nativeMessaging.background';
|
||||
import { Analytics } from 'jslib/misc';
|
||||
import { Utils } from 'jslib/misc/utils';
|
||||
|
||||
import { OrganizationUserStatusType } from 'jslib/enums/organizationUserStatusType';
|
||||
import { PolicyType } from 'jslib/enums/policyType';
|
||||
|
||||
export default class RuntimeBackground {
|
||||
private runtime: any;
|
||||
private autofillTimeout: any;
|
||||
@ -39,7 +44,8 @@ export default class RuntimeBackground {
|
||||
private storageService: StorageService, private i18nService: I18nService,
|
||||
private analytics: Analytics, private notificationsService: NotificationsService,
|
||||
private systemService: SystemService, private vaultTimeoutService: VaultTimeoutService,
|
||||
private environmentService: EnvironmentService) {
|
||||
private environmentService: EnvironmentService, private policyService: PolicyService,
|
||||
private userService: UserService) {
|
||||
this.isSafari = this.platformUtilsService.isSafari();
|
||||
this.runtime = this.isSafari ? {} : chrome.runtime;
|
||||
|
||||
@ -318,6 +324,11 @@ export default class RuntimeBackground {
|
||||
if (disabledAddLogin) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (!(await this.allowPersonalOwnership())) {
|
||||
return;
|
||||
}
|
||||
|
||||
// remove any old messages for this tab
|
||||
this.removeTabFromNotificationQueue(tab);
|
||||
this.main.notificationQueue.push({
|
||||
@ -436,8 +447,9 @@ export default class RuntimeBackground {
|
||||
const responseData: any = {};
|
||||
if (responseCommand === 'notificationBarDataResponse') {
|
||||
responseData.neverDomains = await this.storageService.get<any>(ConstantsService.neverDomainsKey);
|
||||
responseData.disabledAddLoginNotification = await this.storageService.get<boolean>(
|
||||
const disableAddLoginFromOptions = await this.storageService.get<boolean>(
|
||||
ConstantsService.disableAddLoginNotificationKey);
|
||||
responseData.disabledAddLoginNotification = disableAddLoginFromOptions || !(await this.allowPersonalOwnership());
|
||||
responseData.disabledChangedPasswordNotification = await this.storageService.get<boolean>(
|
||||
ConstantsService.disableChangedPasswordNotificationKey);
|
||||
} else if (responseCommand === 'autofillerAutofillOnPageLoadEnabledResponse') {
|
||||
@ -459,4 +471,20 @@ export default class RuntimeBackground {
|
||||
|
||||
await BrowserApi.tabSendMessageData(tab, responseCommand, responseData);
|
||||
}
|
||||
|
||||
private async allowPersonalOwnership(): Promise<boolean> {
|
||||
const personalOwnershipPolicies = await this.policyService.getAll(PolicyType.PersonalOwnership);
|
||||
if (personalOwnershipPolicies != null) {
|
||||
for (const policy of personalOwnershipPolicies) {
|
||||
if (policy.enabled) {
|
||||
const org = await this.userService.getOrganization(policy.organizationId);
|
||||
if (org != null && org.enabled && org.usePolicies && !org.isAdmin
|
||||
&& org.status == OrganizationUserStatusType.Confirmed) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
@ -340,7 +340,7 @@
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="box" *ngIf="(!editMode || cloneMode) && ownershipOptions && ownershipOptions.length > 1">
|
||||
<div class="box" *ngIf="allowOwnershipOptions()">
|
||||
<div class="box-header">
|
||||
{{'ownership' | i18n}}
|
||||
</div>
|
||||
|
@ -15,6 +15,7 @@ import { FolderService } from 'jslib/abstractions/folder.service';
|
||||
import { I18nService } from 'jslib/abstractions/i18n.service';
|
||||
import { MessagingService } from 'jslib/abstractions/messaging.service';
|
||||
import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
|
||||
import { PolicyService } from 'jslib/abstractions/policy.service';
|
||||
import { StateService } from 'jslib/abstractions/state.service';
|
||||
import { UserService } from 'jslib/abstractions/user.service';
|
||||
|
||||
@ -36,9 +37,9 @@ export class AddEditComponent extends BaseAddEditComponent {
|
||||
userService: UserService, collectionService: CollectionService,
|
||||
messagingService: MessagingService, private route: ActivatedRoute,
|
||||
private router: Router, private location: Location,
|
||||
eventService: EventService) {
|
||||
eventService: EventService, policyService: PolicyService) {
|
||||
super(cipherService, folderService, i18nService, platformUtilsService, auditService, stateService,
|
||||
userService, collectionService, messagingService, eventService);
|
||||
userService, collectionService, messagingService, eventService, policyService);
|
||||
}
|
||||
|
||||
async ngOnInit() {
|
||||
@ -161,4 +162,9 @@ export class AddEditComponent extends BaseAddEditComponent {
|
||||
const u = (uri as any);
|
||||
u.showCurrentUris = !u.showCurrentUris;
|
||||
}
|
||||
|
||||
allowOwnershipOptions(): boolean {
|
||||
return (!this.editMode || this.cloneMode) && this.ownershipOptions
|
||||
&& (this.ownershipOptions.length > 1 || !this.allowPersonal);
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user