1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-12-24 16:49:26 +01:00

[Policy] Personal Ownership (#1481)

* Initial commit for personal ownership

* Removed TODO // Updated allowPersonalOwnership logic to include necessary org/user checks

* Fixed import order

* Updated jslib (dcbd09e -> 72bf18f)

* Fixed casing for error message
This commit is contained in:
Vincent Salucci 2020-12-09 14:11:25 -06:00 committed by GitHub
parent e42360a1b2
commit a1542f050d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 46 additions and 9 deletions

2
jslib

@ -1 +1 @@
Subproject commit dcbd09e736b516b359369f9d9fe5b0f5a6c2a928
Subproject commit 72bf18f369068d36767794bdc0ca377f734cf373

View File

@ -1413,5 +1413,8 @@
},
"nativeMessagingInvalidEncryptionTitle": {
"message": "Desktop communication interupted"
},
"personalOwnershipSubmitError": {
"message": "Due to an Enterprise Policy, you are restricted from saving items to your personal vault. Change the Ownership option to an organization and choose from available Collections."
}
}

View File

@ -155,9 +155,9 @@ export default class MainBackground {
async () => {
if (this.nativeMessagingBackground != null) {
const promise = this.nativeMessagingBackground.getResponse();
try {
await this.nativeMessagingBackground.send({command: 'biometricUnlock'});
await this.nativeMessagingBackground.send({ command: 'biometricUnlock' });
} catch (e) {
return Promise.reject(e);
}
@ -243,7 +243,7 @@ export default class MainBackground {
this.runtimeBackground = new RuntimeBackground(this, this.autofillService, this.cipherService,
this.platformUtilsService as BrowserPlatformUtilsService, this.storageService, this.i18nService,
this.analytics, this.notificationsService, this.systemService, this.vaultTimeoutService,
this.environmentService);
this.environmentService, this.policyService, this.userService);
this.nativeMessagingBackground = new NativeMessagingBackground(this.storageService, this.cryptoService, this.cryptoFunctionService,
this.vaultTimeoutService, this.runtimeBackground, this.i18nService, this.userService, this.messagingService);
this.commandsBackground = new CommandsBackground(this, this.passwordGenerationService,

View File

@ -12,11 +12,13 @@ import { ConstantsService } from 'jslib/services/constants.service';
import { EnvironmentService } from 'jslib/abstractions/environment.service';
import { I18nService } from 'jslib/abstractions/i18n.service';
import { NotificationsService } from 'jslib/abstractions/notifications.service';
import { PolicyService } from 'jslib/abstractions/policy.service';
import { PopupUtilsService } from '../popup/services/popup-utils.service';
import { StateService } from 'jslib/abstractions/state.service';
import { StorageService } from 'jslib/abstractions/storage.service';
import { SyncService } from 'jslib/abstractions/sync.service';
import { SystemService } from 'jslib/abstractions/system.service';
import { UserService } from 'jslib/abstractions/user.service';
import { VaultTimeoutService } from 'jslib/abstractions/vaultTimeout.service';
import { BrowserApi } from '../browser/browserApi';
@ -27,6 +29,9 @@ import { NativeMessagingBackground } from './nativeMessaging.background';
import { Analytics } from 'jslib/misc';
import { Utils } from 'jslib/misc/utils';
import { OrganizationUserStatusType } from 'jslib/enums/organizationUserStatusType';
import { PolicyType } from 'jslib/enums/policyType';
export default class RuntimeBackground {
private runtime: any;
private autofillTimeout: any;
@ -39,7 +44,8 @@ export default class RuntimeBackground {
private storageService: StorageService, private i18nService: I18nService,
private analytics: Analytics, private notificationsService: NotificationsService,
private systemService: SystemService, private vaultTimeoutService: VaultTimeoutService,
private environmentService: EnvironmentService) {
private environmentService: EnvironmentService, private policyService: PolicyService,
private userService: UserService) {
this.isSafari = this.platformUtilsService.isSafari();
this.runtime = this.isSafari ? {} : chrome.runtime;
@ -318,6 +324,11 @@ export default class RuntimeBackground {
if (disabledAddLogin) {
return;
}
if (!(await this.allowPersonalOwnership())) {
return;
}
// remove any old messages for this tab
this.removeTabFromNotificationQueue(tab);
this.main.notificationQueue.push({
@ -436,8 +447,9 @@ export default class RuntimeBackground {
const responseData: any = {};
if (responseCommand === 'notificationBarDataResponse') {
responseData.neverDomains = await this.storageService.get<any>(ConstantsService.neverDomainsKey);
responseData.disabledAddLoginNotification = await this.storageService.get<boolean>(
const disableAddLoginFromOptions = await this.storageService.get<boolean>(
ConstantsService.disableAddLoginNotificationKey);
responseData.disabledAddLoginNotification = disableAddLoginFromOptions || !(await this.allowPersonalOwnership());
responseData.disabledChangedPasswordNotification = await this.storageService.get<boolean>(
ConstantsService.disableChangedPasswordNotificationKey);
} else if (responseCommand === 'autofillerAutofillOnPageLoadEnabledResponse') {
@ -459,4 +471,20 @@ export default class RuntimeBackground {
await BrowserApi.tabSendMessageData(tab, responseCommand, responseData);
}
private async allowPersonalOwnership(): Promise<boolean> {
const personalOwnershipPolicies = await this.policyService.getAll(PolicyType.PersonalOwnership);
if (personalOwnershipPolicies != null) {
for (const policy of personalOwnershipPolicies) {
if (policy.enabled) {
const org = await this.userService.getOrganization(policy.organizationId);
if (org != null && org.enabled && org.usePolicies && !org.isAdmin
&& org.status == OrganizationUserStatusType.Confirmed) {
return false;
}
}
}
}
return true;
}
}

View File

@ -340,7 +340,7 @@
</div>
</div>
</div>
<div class="box" *ngIf="(!editMode || cloneMode) && ownershipOptions && ownershipOptions.length > 1">
<div class="box" *ngIf="allowOwnershipOptions()">
<div class="box-header">
{{'ownership' | i18n}}
</div>

View File

@ -15,6 +15,7 @@ import { FolderService } from 'jslib/abstractions/folder.service';
import { I18nService } from 'jslib/abstractions/i18n.service';
import { MessagingService } from 'jslib/abstractions/messaging.service';
import { PlatformUtilsService } from 'jslib/abstractions/platformUtils.service';
import { PolicyService } from 'jslib/abstractions/policy.service';
import { StateService } from 'jslib/abstractions/state.service';
import { UserService } from 'jslib/abstractions/user.service';
@ -36,9 +37,9 @@ export class AddEditComponent extends BaseAddEditComponent {
userService: UserService, collectionService: CollectionService,
messagingService: MessagingService, private route: ActivatedRoute,
private router: Router, private location: Location,
eventService: EventService) {
eventService: EventService, policyService: PolicyService) {
super(cipherService, folderService, i18nService, platformUtilsService, auditService, stateService,
userService, collectionService, messagingService, eventService);
userService, collectionService, messagingService, eventService, policyService);
}
async ngOnInit() {
@ -161,4 +162,9 @@ export class AddEditComponent extends BaseAddEditComponent {
const u = (uri as any);
u.showCurrentUris = !u.showCurrentUris;
}
allowOwnershipOptions(): boolean {
return (!this.editMode || this.cloneMode) && this.ownershipOptions
&& (this.ownershipOptions.length > 1 || !this.allowPersonal);
}
}