Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-29 12:55:21 +01:00
Code Issues Projects Releases Wiki Activity

Merge branch 'master' into tde-key-model-migration

Browse Source
This commit is contained in:
Jacob Fink 2023-06-23 13:05:13 -04:00
commit a4b329b413
No known key found for this signature in database
GPG Key ID: C2F7ACF05859D008
50 changed files with 622 additions and 289 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/brew-bump-cli.yml vendored
View File

@ -23,7 +23,7 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "brew-bump-workflow-pat"

2
.github/workflows/brew-bump-desktop.yml vendored
View File

@ -23,7 +23,7 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "brew-bump-workflow-pat"

4
.github/workflows/build-browser.yml vendored
View File

@ -354,7 +354,7 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "crowdin-api-token"
@ -416,7 +416,7 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
if: failure()
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "devops-alerts-slack-webhook-url"

2
.github/workflows/build-cli.yml vendored
View File

@ -404,7 +404,7 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
if: failure()
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "devops-alerts-slack-webhook-url"

8
.github/workflows/build-desktop.yml vendored
View File

@ -277,7 +277,7 @@ jobs:
node-gyp install $(node -v)
- name: Install AST
uses: bitwarden/gh-actions/install-ast@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/install-ast@37ffa14164a7308bc273829edfe75c97cd562375
- name: Set up environmentF
run: choco install checksum --no-progress
@ -302,7 +302,7 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "code-signing-vault-url,
@ -1190,7 +1190,7 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "crowdin-api-token"
@ -1269,7 +1269,7 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
if: failure()
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "devops-alerts-slack-webhook-url"

8
.github/workflows/build-web.yml vendored
View File

@ -235,7 +235,7 @@ jobs:
- name: Retrieve github PAT secrets
id: retrieve-secret-pat
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "github-pat-bitwarden-devops-bot-repo-scope"
@ -243,7 +243,7 @@ jobs:
- name: Setup DCT
if: ${{ env.is_publish_branch == 'true' }}
id: setup-dct
uses: bitwarden/gh-actions/setup-docker-trust@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/setup-docker-trust@37ffa14164a7308bc273829edfe75c97cd562375
with:
azure-creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
azure-keyvault-name: "bitwarden-ci"
@ -291,7 +291,7 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "crowdin-api-token"
@ -352,7 +352,7 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
if: failure()
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "devops-alerts-slack-webhook-url"

4
.github/workflows/crowdin-pull.yml vendored
View File

@ -32,13 +32,13 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "crowdin-api-token, github-gpg-private-key, github-gpg-private-key-passphrase"
- name: Download translations
uses: bitwarden/gh-actions/crowdin@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/crowdin@37ffa14164a7308bc273829edfe75c97cd562375
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }}

53
.github/workflows/deploy-eu-prod-web.yml vendored Normal file
View File

@ -0,0 +1,53 @@
---
name: Deploy Web to EU-PRD Cloud
on:
workflow_dispatch:
inputs:
tag:
description: "Branch name to deploy (examples: 'master', 'feature/sm')"
required: true
type: string
default: master
jobs:
azure-deploy:
name: Deploy to Azure
runs-on: ubuntu-22.04
env:
_WEB_ARTIFACT: "web-*-cloud-euprd.zip"
steps:
- name: Login to Azure - EU Subscription
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with:
creds: ${{ secrets.AZURE_KV_EU_PRD_SERVICE_PRINCIPAL }}
- name: Retrieve Storage Account connection string
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: webvault-westeurope-prod
secrets: "sa-bitwarden-web-vault-dev-key-temp"
- name: Download latest cloud asset
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-web.yml
path: apps/web
workflow_conclusion: success
branch: ${{ github.event.inputs.tag }}
artifacts: ${{ env._WEB_ARTIFACT }}
- name: Unzip build asset
working-directory: apps/web
run: unzip ${{ env._WEB_ARTIFACT }}
- name: Deploy to Azure Storage Account
working-directory: apps/web
run: |
az storage blob upload-batch --source "./build" \
--destination '$web' \
--account-name "bwwebvault1itgprod" \
--connection-string "${{ steps.retrieve-secrets.outputs.sa-bitwarden-web-vault-dev-key-temp }}" \
--overwrite \
--no-progress

2
.github/workflows/deploy-non-prod-web.yml vendored
View File

@ -64,7 +64,7 @@ jobs:
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
- name: Download latest cloud asset
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-web.yml
path: apps/web

13
.github/workflows/deploy-prod-web.yml vendored
View File

@ -1,13 +0,0 @@
---
name: Deploy Web - EU Prod - STUB
on:
workflow_dispatch:
jobs:
stub-job:
name: Stub Job
runs-on: ubuntu-22.04
steps:
- name: Stub Step
run: exit 0

6
.github/workflows/release-browser.yml vendored
View File

@ -41,7 +41,7 @@ jobs:
- name: Check Release Version
id: version
uses: bitwarden/gh-actions/release-version-check@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/release-version-check@37ffa14164a7308bc273829edfe75c97cd562375
with:
release-type: ${{ github.event.inputs.release_type }}
project-type: ts
@ -103,7 +103,7 @@ jobs:
- name: Download latest Release build artifacts
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-browser.yml
workflow_conclusion: success
@ -116,7 +116,7 @@ jobs:
- name: Dry Run - Download latest master build artifacts
if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-browser.yml
workflow_conclusion: success

24
.github/workflows/release-cli.yml vendored
View File

@ -57,7 +57,7 @@ jobs:
- name: Check Release Version
id: version
uses: bitwarden/gh-actions/release-version-check@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/release-version-check@37ffa14164a7308bc273829edfe75c97cd562375
with:
release-type: ${{ github.event.inputs.release_type }}
project-type: ts
@ -78,7 +78,7 @@ jobs:
- name: Download all Release artifacts
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-cli.yml
path: apps/cli
@ -87,7 +87,7 @@ jobs:
- name: Dry Run - Download all artifacts
if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-cli.yml
path: apps/cli
@ -150,7 +150,7 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "snapcraft-store-token"
@ -162,7 +162,7 @@ jobs:
- name: Download artifacts
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-cli.yml
path: apps/cli
@ -172,7 +172,7 @@ jobs:
- name: Dry Run - Download artifacts
if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-cli.yml
path: apps/cli
@ -204,7 +204,7 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "cli-choco-api-key"
@ -220,7 +220,7 @@ jobs:
- name: Download artifacts
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-cli.yml
path: apps/cli/dist
@ -230,7 +230,7 @@ jobs:
- name: Dry Run - Download artifacts
if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-cli.yml
path: apps/cli/dist
@ -263,14 +263,14 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "npm-api-key"
- name: Download artifacts
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-cli.yml
path: apps/cli/build
@ -280,7 +280,7 @@ jobs:
- name: Dry Run - Download artifacts
if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-cli.yml
path: apps/cli/build

8
.github/workflows/release-desktop-beta.yml vendored
View File

@ -47,7 +47,7 @@ jobs:
- name: Check Release Version
id: version
uses: bitwarden/gh-actions/release-version-check@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/release-version-check@37ffa14164a7308bc273829edfe75c97cd562375
with:
release-type: 'Initial Release'
project-type: ts
@ -231,7 +231,7 @@ jobs:
node-gyp install $(node -v)
- name: Install AST
uses: bitwarden/gh-actions/install-ast@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/install-ast@37ffa14164a7308bc273829edfe75c97cd562375
- name: Set up environment
run: choco install checksum --no-progress
@ -249,7 +249,7 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "code-signing-vault-url,
@ -932,7 +932,7 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "aws-electron-access-id,

24
.github/workflows/release-desktop.yml vendored
View File

@ -67,7 +67,7 @@ jobs:
- name: Check Release Version
id: version
uses: bitwarden/gh-actions/release-version-check@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/release-version-check@37ffa14164a7308bc273829edfe75c97cd562375
with:
release-type: ${{ github.event.inputs.release_type }}
project-type: ts
@ -110,7 +110,7 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "aws-electron-access-id,
@ -123,7 +123,7 @@ jobs:
- name: Download all artifacts
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-desktop.yml
workflow_conclusion: success
@ -132,7 +132,7 @@ jobs:
- name: Dry Run - Download all artifacts
if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-desktop.yml
workflow_conclusion: success
@ -185,7 +185,7 @@ jobs:
--endpoint-url https://${CF_ACCOUNT}.r2.cloudflarestorage.com
- name: Get checksum files
uses: bitwarden/gh-actions/get-checksum@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-checksum@37ffa14164a7308bc273829edfe75c97cd562375
with:
packages_dir: "apps/desktop/artifacts"
file_path: "apps/desktop/artifacts/sha256-checksums.txt"
@ -263,7 +263,7 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "snapcraft-store-token"
@ -279,7 +279,7 @@ jobs:
- name: Download Snap artifact
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-desktop.yml
workflow_conclusion: success
@ -289,7 +289,7 @@ jobs:
- name: Dry Run - Download Snap artifact
if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-desktop.yml
workflow_conclusion: success
@ -329,7 +329,7 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "cli-choco-api-key"
@ -347,7 +347,7 @@ jobs:
- name: Download choco artifact
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-desktop.yml
workflow_conclusion: success
@ -357,7 +357,7 @@ jobs:
- name: Dry Run - Download choco artifact
if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-desktop.yml
workflow_conclusion: success
@ -368,5 +368,5 @@ jobs:
- name: Push to Chocolatey
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
shell: pwsh
run: choco push
run: choco push --source=https://push.chocolatey.org/
working-directory: apps/desktop/dist

2
.github/workflows/release-qa-web.yml vendored
View File

@ -23,7 +23,7 @@ jobs:
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
- name: Download latest cloud asset
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-web.yml
path: apps/web

14
.github/workflows/release-web.yml vendored
View File

@ -38,7 +38,7 @@ jobs:
- name: Check Release Version
id: version
uses: bitwarden/gh-actions/release-version-check@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/release-version-check@37ffa14164a7308bc273829edfe75c97cd562375
with:
release-type: ${{ github.event.inputs.release_type }}
project-type: ts
@ -70,7 +70,7 @@ jobs:
########## DockerHub ##########
- name: Setup DCT
id: setup-dct
uses: bitwarden/gh-actions/setup-docker-trust@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/setup-docker-trust@37ffa14164a7308bc273829edfe75c97cd562375
with:
azure-creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
azure-keyvault-name: "bitwarden-ci"
@ -156,7 +156,7 @@ jobs:
- name: Retrieve bot secrets
id: retrieve-bot-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: bitwarden-ci
secrets: "github-pat-bitwarden-devops-bot-repo-scope"
@ -170,7 +170,7 @@ jobs:
- name: Download latest cloud asset
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-web.yml
path: assets
@ -180,7 +180,7 @@ jobs:
- name: Dry Run - Download latest cloud asset
if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-web.yml
path: assets
@ -253,7 +253,7 @@ jobs:
- name: Download latest build artifacts
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-web.yml
path: apps/web/artifacts
@ -264,7 +264,7 @@ jobs:
- name: Dry Run - Download latest build artifacts
if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
with:
workflow: build-web.yml
path: apps/web/artifacts

2
.github/workflows/staged-rollout-desktop.yml vendored
View File

@ -26,7 +26,7 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "aws-electron-access-id,

6
.github/workflows/version-bump.yml vendored
View File

@ -49,7 +49,7 @@ jobs:
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
with:
keyvault: "bitwarden-ci"
secrets: "github-gpg-private-key, github-gpg-private-key-passphrase"
@ -86,14 +86,14 @@ jobs:
- name: Bump Browser Version - Manifest
if: ${{ github.event.inputs.client == 'Browser' || github.event.inputs.client == 'All' }}
uses: bitwarden/gh-actions/version-bump@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/version-bump@37ffa14164a7308bc273829edfe75c97cd562375
with:
version: ${{ github.event.inputs.version_number }}
file_path: "apps/browser/src/manifest.json"
- name: Bump Browser Version - Manifest v3
if: ${{ github.event.inputs.client == 'Browser' || github.event.inputs.client == 'All' }}
uses: bitwarden/gh-actions/version-bump@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/version-bump@37ffa14164a7308bc273829edfe75c97cd562375
with:
version: ${{ github.event.inputs.version_number }}
file_path: "apps/browser/src/manifest.v3.json"

2
.github/workflows/workflow-linter.yml vendored
View File

@ -8,4 +8,4 @@ on:
jobs:
call-workflow:
uses: bitwarden/gh-actions/.github/workflows/workflow-linter.yml@72594be690a4e7bfa87b1402b2aedc75acdbff12
uses: bitwarden/gh-actions/.github/workflows/workflow-linter.yml@37ffa14164a7308bc273829edfe75c97cd562375

2
apps/browser/package.json
View File

@ -1,6 +1,6 @@
{
"name": "@bitwarden/browser",
"version": "2023.5.0",
"version": "2023.5.1",
"scripts": {
"build": "webpack",
"build:mv3": "cross-env MANIFEST_VERSION=3 webpack",

1
apps/browser/src/autofill/commands/autofill-tab-command.ts
View File

@ -46,6 +46,7 @@ export class AutofillTabCommand {
onlyEmptyFields: false,
onlyVisibleFields: false,
fillNewPassword: true,
allowTotpAutofill: true,
});
}

1
apps/browser/src/autofill/services/abstractions/autofill.service.ts
View File

@ -21,6 +21,7 @@ export interface AutoFillOptions {
fillNewPassword?: boolean;
skipLastUsed?: boolean;
allowUntrustedIframe?: boolean;
allowTotpAutofill?: boolean;
}
export interface FormData {

11
apps/browser/src/autofill/services/autofill-constants.ts
View File

@ -20,6 +20,17 @@ export class AutoFillConstants {
"benutzer id",
];
static readonly TotpFieldNames: string[] = [
"totp",
"2fa",
"mfa",
"totpcode",
"2facode",
"mfacode",
"twofactor",
"twofactorcode",
];
static readonly PasswordFieldIgnoreList: string[] = [
"onetimepassword",
"captcha",

247
apps/browser/src/autofill/services/autofill.service.ts
View File

@ -32,6 +32,7 @@ export interface GenerateFillScriptOptions {
onlyEmptyFields: boolean;
onlyVisibleFields: boolean;
fillNewPassword: boolean;
allowTotpAutofill: boolean;
cipher: CipherView;
tabUrl: string;
defaultUriMatch: UriMatchType;
@ -127,69 +128,72 @@ export default class AutofillService implements AutofillServiceInterface {
const defaultUriMatch = (await this.stateService.getDefaultUriMatch()) ?? UriMatchType.Domain;
let didAutofill = false;
options.pageDetails.forEach((pd) => {
// make sure we're still on correct tab
if (pd.tab.id !== tab.id || pd.tab.url !== tab.url) {
return;
}
const fillScript = this.generateFillScript(pd.details, {
skipUsernameOnlyFill: options.skipUsernameOnlyFill || false,
onlyEmptyFields: options.onlyEmptyFields || false,
onlyVisibleFields: options.onlyVisibleFields || false,
fillNewPassword: options.fillNewPassword || false,
cipher: options.cipher,
tabUrl: tab.url,
defaultUriMatch: defaultUriMatch,
});
if (!fillScript || !fillScript.script || !fillScript.script.length) {
return;
}
if (
fillScript.untrustedIframe &&
options.allowUntrustedIframe != undefined &&
!options.allowUntrustedIframe
) {
this.logService.info("Auto-fill on page load was blocked due to an untrusted iframe.");
return;
}
// Add a small delay between operations
fillScript.properties.delay_between_operations = 20;
didAutofill = true;
if (!options.skipLastUsed) {
this.cipherService.updateLastUsedDate(options.cipher.id);
}
BrowserApi.tabSendMessage(
tab,
{
command: "fillForm",
fillScript: fillScript,
url: tab.url,
},
{ frameId: pd.frameId }
);
if (
options.cipher.type !== CipherType.Login ||
totpPromise ||
!options.cipher.login.totp ||
(!canAccessPremium && !options.cipher.organizationUseTotp)
) {
return;
}
totpPromise = this.stateService.getDisableAutoTotpCopy().then((disabled) => {
if (!disabled) {
return this.totpService.getCode(options.cipher.login.totp);
await Promise.all(
options.pageDetails.map(async (pd) => {
// make sure we're still on correct tab
if (pd.tab.id !== tab.id || pd.tab.url !== tab.url) {
return;
}
return null;
});
});
const fillScript = await this.generateFillScript(pd.details, {
skipUsernameOnlyFill: options.skipUsernameOnlyFill || false,
onlyEmptyFields: options.onlyEmptyFields || false,
onlyVisibleFields: options.onlyVisibleFields || false,
fillNewPassword: options.fillNewPassword || false,
allowTotpAutofill: options.allowTotpAutofill || false,
cipher: options.cipher,
tabUrl: tab.url,
defaultUriMatch: defaultUriMatch,
});
if (!fillScript || !fillScript.script || !fillScript.script.length) {
return;
}
if (
fillScript.untrustedIframe &&
options.allowUntrustedIframe != undefined &&
!options.allowUntrustedIframe
) {
this.logService.info("Auto-fill on page load was blocked due to an untrusted iframe.");
return;
}
// Add a small delay between operations
fillScript.properties.delay_between_operations = 20;
didAutofill = true;
if (!options.skipLastUsed) {
this.cipherService.updateLastUsedDate(options.cipher.id);
}
BrowserApi.tabSendMessage(
tab,
{
command: "fillForm",
fillScript: fillScript,
url: tab.url,
},
{ frameId: pd.frameId }
);
if (
options.cipher.type !== CipherType.Login ||
totpPromise ||
!options.cipher.login.totp ||
(!canAccessPremium && !options.cipher.organizationUseTotp)
) {
return;
}
totpPromise = this.stateService.getDisableAutoTotpCopy().then((disabled) => {
if (!disabled) {
return this.totpService.getCode(options.cipher.login.totp);
}
return null;
});
})
);
if (didAutofill) {
this.eventCollectionService.collect(EventType.Cipher_ClientAutofilled, options.cipher.id);
@ -244,6 +248,7 @@ export default class AutofillService implements AutofillServiceInterface {
onlyVisibleFields: !fromCommand,
fillNewPassword: fromCommand,
allowUntrustedIframe: fromCommand,
allowTotpAutofill: fromCommand,
});
// Update last used index as autofill has succeed
@ -280,10 +285,10 @@ export default class AutofillService implements AutofillServiceInterface {
return tab;
}
private generateFillScript(
private async generateFillScript(
pageDetails: AutofillPageDetails,
options: GenerateFillScriptOptions
): AutofillScript {
): Promise<AutofillScript> {
if (!pageDetails || !options.cipher) {
return null;
}
@ -333,7 +338,12 @@ export default class AutofillService implements AutofillServiceInterface {
switch (options.cipher.type) {
case CipherType.Login:
fillScript = this.generateLoginFillScript(fillScript, pageDetails, filledFields, options);
fillScript = await this.generateLoginFillScript(
fillScript,
pageDetails,
filledFields,
options
);
break;
case CipherType.Card:
fillScript = this.generateCardFillScript(fillScript, pageDetails, filledFields, options);
@ -353,20 +363,22 @@ export default class AutofillService implements AutofillServiceInterface {
return fillScript;
}
private generateLoginFillScript(
private async generateLoginFillScript(
fillScript: AutofillScript,
pageDetails: AutofillPageDetails,
filledFields: { [id: string]: AutofillField },
options: GenerateFillScriptOptions
): AutofillScript {
): Promise<AutofillScript> {
if (!options.cipher.login) {
return null;
}
const passwords: AutofillField[] = [];
const usernames: AutofillField[] = [];
const totps: AutofillField[] = [];
let pf: AutofillField = null;
let username: AutofillField = null;
let totp: AutofillField = null;
const login = options.cipher.login;
fillScript.savedUrls =
login?.uris?.filter((u) => u.match != UriMatchType.Never).map((u) => u.uri) ?? [];
@ -420,6 +432,19 @@ export default class AutofillService implements AutofillServiceInterface {
usernames.push(username);
}
}
if (options.allowTotpAutofill && login.totp) {
totp = this.findTotpField(pageDetails, pf, false, false, false);
if (!totp && !options.onlyVisibleFields) {
// not able to find any viewable totp fields. maybe there are some "hidden" ones?
totp = this.findTotpField(pageDetails, pf, true, true, true);
}
if (totp) {
totps.push(totp);
}
}
});
}
@ -442,18 +467,42 @@ export default class AutofillService implements AutofillServiceInterface {
usernames.push(username);
}
}
if (options.allowTotpAutofill && login.totp && pf.elementNumber > 0) {
totp = this.findTotpField(pageDetails, pf, false, false, true);
if (!totp && !options.onlyVisibleFields) {
// not able to find any viewable username fields. maybe there are some "hidden" ones?
totp = this.findTotpField(pageDetails, pf, true, true, true);
}
if (totp) {
totps.push(totp);
}
}
}
if (!passwordFields.length && !options.skipUsernameOnlyFill) {
if (!passwordFields.length) {
// No password fields on this page. Let's try to just fuzzy fill the username.
pageDetails.fields.forEach((f) => {
if (
!options.skipUsernameOnlyFill &&
f.viewable &&
(f.type === "text" || f.type === "email" || f.type === "tel") &&
AutofillService.fieldIsFuzzyMatch(f, AutoFillConstants.UsernameFieldNames)
) {
usernames.push(f);
}
if (
options.allowTotpAutofill &&
f.viewable &&
(f.type === "text" || f.type === "number") &&
(AutofillService.fieldIsFuzzyMatch(f, AutoFillConstants.TotpFieldNames) ||
f.autoCompleteType === "one-time-code")
) {
totps.push(f);
}
});
}
@ -477,6 +526,20 @@ export default class AutofillService implements AutofillServiceInterface {
AutofillService.fillByOpid(fillScript, p, login.password);
});
if (options.allowTotpAutofill) {
await Promise.all(
totps.map(async (t) => {
if (Object.prototype.hasOwnProperty.call(filledFields, t.opid)) {
return;
}
filledFields[t.opid] = t;
const totpValue = await this.totpService.getCode(login.totp);
AutofillService.fillByOpid(fillScript, t, totpValue);
})
);
}
fillScript = AutofillService.setFillScriptForFocus(filledFields, fillScript);
return fillScript;
}
@ -1258,6 +1321,42 @@ export default class AutofillService implements AutofillServiceInterface {
return usernameField;
}
private findTotpField(
pageDetails: AutofillPageDetails,
passwordField: AutofillField,
canBeHidden: boolean,
canBeReadOnly: boolean,
withoutForm: boolean
) {
let totpField: AutofillField = null;
for (let i = 0; i < pageDetails.fields.length; i++) {
const f = pageDetails.fields[i];
if (AutofillService.forCustomFieldsOnly(f)) {
continue;
}
if (
!f.disabled &&
(canBeReadOnly || !f.readonly) &&
(withoutForm || f.form === passwordField.form) &&
(canBeHidden || f.viewable) &&
(f.type === "text" || f.type === "number")
) {
totpField = f;
if (
this.findMatchingFieldIndex(f, AutoFillConstants.TotpFieldNames) > -1 ||
f.autoCompleteType === "one-time-code"
) {
// We found an exact match. No need to keep looking.
break;
}
}
}
return totpField;
}
private findMatchingFieldIndex(field: AutofillField, names: string[]): number {
for (let i = 0; i < names.length; i++) {
if (names[i].indexOf("=") > -1) {
@ -1267,6 +1366,12 @@ export default class AutofillService implements AutofillServiceInterface {
if (this.fieldPropertyIsPrefixMatch(field, "htmlName", names[i], "name")) {
return i;
}
if (this.fieldPropertyIsPrefixMatch(field, "label-left", names[i], "label")) {
return i;
}
if (this.fieldPropertyIsPrefixMatch(field, "label-right", names[i], "label")) {
return i;
}
if (this.fieldPropertyIsPrefixMatch(field, "label-tag", names[i], "label")) {
return i;
}
@ -1284,6 +1389,12 @@ export default class AutofillService implements AutofillServiceInterface {
if (this.fieldPropertyIsMatch(field, "htmlName", names[i])) {
return i;
}
if (this.fieldPropertyIsMatch(field, "label-left", names[i])) {
return i;
}
if (this.fieldPropertyIsMatch(field, "label-right", names[i])) {
return i;
}
if (this.fieldPropertyIsMatch(field, "label-tag", names[i])) {
return i;
}

1
apps/browser/src/background/runtime.background.ts
View File

@ -224,6 +224,7 @@ export default class RuntimeBackground {
cipher: this.main.loginToAutoFill,
pageDetails: this.pageDetailsToAutoFill,
fillNewPassword: true,
allowTotpAutofill: true,
});
if (totpCode != null) {

2
apps/browser/src/manifest.json
View File

@ -2,7 +2,7 @@
"manifest_version": 2,
"name": "__MSG_extName__",
"short_name": "__MSG_appName__",
"version": "2023.5.0",
"version": "2023.5.1",
"description": "__MSG_extDesc__",
"default_locale": "en",
"author": "Bitwarden Inc.",

2
apps/browser/src/manifest.v3.json
View File

@ -3,7 +3,7 @@
"minimum_chrome_version": "102.0",
"name": "__MSG_extName__",
"short_name": "__MSG_appName__",
"version": "2023.5.0",
"version": "2023.5.1",
"description": "__MSG_extDesc__",
"default_locale": "en",
"author": "Bitwarden Inc.",

1
apps/browser/src/vault/popup/components/vault/current-tab.component.ts
View File

@ -180,6 +180,7 @@ export class CurrentTabComponent implements OnInit, OnDestroy {
pageDetails: this.pageDetails,
doc: window.document,
fillNewPassword: true,
allowTotpAutofill: true,
});
if (this.totpCode != null) {
this.platformUtilsService.copyToClipboard(this.totpCode, { window: window });

1
apps/browser/src/vault/popup/components/vault/view.component.ts
View File

@ -288,6 +288,7 @@ export class ViewComponent extends BaseViewComponent {
pageDetails: this.pageDetails,
doc: window.document,
fillNewPassword: true,
allowTotpAutofill: true,
});
if (this.totpCode != null) {
this.platformUtilsService.copyToClipboard(this.totpCode, { window: window });

4
apps/cli/src/commands/serve.command.ts
View File

@ -245,6 +245,10 @@ export class ServeCommand {
});
router.post("/unlock", async (ctx, next) => {
// Do not allow guessing password location through serve command
delete ctx.request.query.passwordFile;
delete ctx.request.query.passwordEnv;
const response = await this.unlockCommand.run(
ctx.request.body.password == null ? null : (ctx.request.body.password as string),
ctx.request.query

26
apps/desktop/src/locales/eo/messages.json
View File

@ -6,13 +6,13 @@
"message": "Filtriloj"
},
"allItems": {
"message": "All items"
"message": "Ĉiuj Eroj"
},
"favorites": {
"message": "Favorites"
"message": "Plej ŝatataj"
},
"types": {
"message": "Types"
"message": "Tipoj"
},
"typeLogin": {
"message": "Saluto"
@ -21,7 +21,7 @@
"message": "Karto"
},
"typeIdentity": {
"message": "Identity"
"message": "Idento"
},
"typeSecureNote": {
"message": "Sekura noto"
@ -30,10 +30,10 @@
"message": "Dosierujoj"
},
"collections": {
"message": "Collections"
"message": "Kolektoj"
},
"searchVault": {
"message": "Search vault"
"message": "Traserĉu trezorejon"
},
"addItem": {
"message": "Aldoni elementon"
@ -45,10 +45,10 @@
"message": "Kundividi"
},
"moveToOrganization": {
"message": "Move to organization"
"message": "Movu al organizo"
},
"movedItemToOrg": {
"message": "$ITEMNAME$ moved to $ORGNAME$",
"message": "$ITEMNAME$ moviĝis al $ORGNAME$",
"placeholders": {
"itemname": {
"content": "$1",
@ -61,7 +61,7 @@
}
},
"moveToOrgDesc": {
"message": "Choose an organization that you wish to move this item to. Moving to an organization transfers ownership of the item to that organization. You will no longer be the direct owner of this item once it has been moved."
"message": "Elektu organizon kun kiu vi volas dividi ĉi tiun eron. Dividado transdonas posedon de la ero al la organizo. Vi ne plu estos la rekta posedanto de ĉi tiu ero post kiam ĝi estos dividita."
},
"attachments": {
"message": "Aldonaĵoj"
@ -104,10 +104,10 @@
"message": "Retpoŝta adreso"
},
"verificationCodeTotp": {
"message": "Verification code (TOTP)"
"message": "Kontrola kodo (TOTP)"
},
"website": {
"message": "Website"
"message": "Retejo"
},
"notes": {
"message": "Notoj"
@ -116,10 +116,10 @@
"message": "Propraj kampoj"
},
"launch": {
"message": "Launch"
"message": "Lanĉo"
},
"copyValue": {
"message": "Copy value",
"message": "Kopii valoron",
"description": "Copy value to clipboard"
},
"minimizeOnCopyToClipboard": {

2
apps/desktop/src/locales/fi/messages.json
View File

@ -962,7 +962,7 @@
"message": "Käynnistä automaattisesti kirjauduttaessa"
},
"openAtLoginDesc": {
"message": "Käynnistä sovellus automaattisesti kirjautumisen yhteydessä."
"message": "Käynnistä Bitwarden-sovellus automaattisesti kirjautumisen yhteydessä."
},
"alwaysShowDock": {
"message": "Näytä aina Dockissa"

4
apps/web/config/euprd.json
View File

@ -1,8 +1,8 @@
{
"urls": {
"icons": "https://icons.bitwarden.net",
"notifications": "https://notifications.bitwarden.net",
"scim": "https://scim.bitwarden.net"
"notifications": "https://notifications.beta.bitwarden.net",
"scim": "https://scim.beta.bitwarden.net"
},
"flags": {
"secretsManager": true,

2
apps/web/package.json
View File

@ -1,6 +1,6 @@
{
"name": "@bitwarden/web-vault",
"version": "2023.5.0",
"version": "2023.5.1",
"scripts": {
"build:oss": "webpack",
"build:bit": "webpack -c ../../bitwarden_license/bit-web/webpack.config.js",

18
apps/web/src/app/admin-console/organizations/members/components/member-dialog/member-dialog.component.ts
View File

@ -35,6 +35,7 @@ import {
} from "../../../shared/components/access-selector";
import { commaSeparatedEmails } from "./validators/comma-separated-emails.validator";
import { freeOrgSeatLimitReachedValidator } from "./validators/free-org-inv-limit-reached.validator";
export enum MemberDialogTab {
Role = 0,
@ -46,6 +47,7 @@ export interface MemberDialogParams {
name: string;
organizationId: string;
organizationUserId: string;
allOrganizationUserEmails: string[];
usesKeyConnector: boolean;
initialTab?: MemberDialogTab;
}
@ -79,7 +81,7 @@ export class MemberDialogComponent implements OnInit, OnDestroy {
protected groupAccessItems: AccessItemView[] = [];
protected tabIndex: MemberDialogTab;
protected formGroup = this.formBuilder.group({
emails: ["", [Validators.required, commaSeparatedEmails]],
emails: ["", { updateOn: "blur" }],
type: OrganizationUserType.User,
externalId: this.formBuilder.control({ value: "", disabled: true }),
accessAllCollections: false,
@ -167,6 +169,20 @@ export class MemberDialogComponent implements OnInit, OnDestroy {
this.canUseCustomPermissions = organization.useCustomPermissions;
this.canUseSecretsManager = organization.useSecretsManager && flagEnabled("secretsManager");
const emailsControlValidators = [
Validators.required,
commaSeparatedEmails,
freeOrgSeatLimitReachedValidator(
this.organization,
this.params.allOrganizationUserEmails,
this.i18nService.t("subscriptionFreePlan", organization.seats)
),
];
const emailsControl = this.formGroup.get("emails");
emailsControl.setValidators(emailsControlValidators);
emailsControl.updateValueAndValidity();
this.collectionAccessItems = [].concat(
collections.map((c) => mapCollectionToAccessItemView(c))
);

106
apps/web/src/app/admin-console/organizations/members/components/member-dialog/validators/free-org-inv-limit-reached.validator.spec.ts Normal file
View File

@ -0,0 +1,106 @@
import { AbstractControl, FormControl, ValidationErrors } from "@angular/forms";
import { OrganizationUserType } from "@bitwarden/common/admin-console/enums";
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
import { ProductType } from "@bitwarden/common/enums";
import { freeOrgSeatLimitReachedValidator } from "./free-org-inv-limit-reached.validator";
const orgFactory = (props: Partial<Organization> = {}) =>
Object.assign(
new Organization(),
{
id: "myOrgId",
enabled: true,
type: OrganizationUserType.Admin,
},
props
);
describe("freeOrgSeatLimitReachedValidator", () => {
let organization: Organization;
let allOrganizationUserEmails: string[];
let validatorFn: (control: AbstractControl) => ValidationErrors | null;
beforeEach(() => {
allOrganizationUserEmails = ["user1@example.com"];
});
it("should return null when control value is empty", () => {
validatorFn = freeOrgSeatLimitReachedValidator(
organization,
allOrganizationUserEmails,
"You cannot invite more than 2 members without upgrading your plan."
);
const control = new FormControl("");
const result = validatorFn(control);
expect(result).toBeNull();
});
it("should return null when control value is null", () => {
validatorFn = freeOrgSeatLimitReachedValidator(
organization,
allOrganizationUserEmails,
"You cannot invite more than 2 members without upgrading your plan."
);
const control = new FormControl(null);
const result = validatorFn(control);
expect(result).toBeNull();
});
it("should return null when max seats are not exceeded on free plan", () => {
organization = orgFactory({
planProductType: ProductType.Free,
seats: 2,
});
validatorFn = freeOrgSeatLimitReachedValidator(
organization,
allOrganizationUserEmails,
"You cannot invite more than 2 members without upgrading your plan."
);
const control = new FormControl("user2@example.com");
const result = validatorFn(control);
expect(result).toBeNull();
});
it("should return validation error when max seats are exceeded on free plan", () => {
organization = orgFactory({
planProductType: ProductType.Free,
seats: 2,
});
const errorMessage = "You cannot invite more than 2 members without upgrading your plan.";
validatorFn = freeOrgSeatLimitReachedValidator(
organization,
allOrganizationUserEmails,
"You cannot invite more than 2 members without upgrading your plan."
);
const control = new FormControl("user2@example.com,user3@example.com");
const result = validatorFn(control);
expect(result).toStrictEqual({ freePlanLimitReached: { message: errorMessage } });
});
it("should return null when not on free plan", () => {
const control = new FormControl("user2@example.com,user3@example.com");
organization = orgFactory({
planProductType: ProductType.Enterprise,
seats: 100,
});
validatorFn = freeOrgSeatLimitReachedValidator(
organization,
allOrganizationUserEmails,
"You cannot invite more than 2 members without upgrading your plan."
);
const result = validatorFn(control);
expect(result).toBeNull();
});
});

36
apps/web/src/app/admin-console/organizations/members/components/member-dialog/validators/free-org-inv-limit-reached.validator.ts Normal file
View File

@ -0,0 +1,36 @@
import { AbstractControl, ValidationErrors, ValidatorFn } from "@angular/forms";
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
import { ProductType } from "@bitwarden/common/enums";
/**
* Checks if the limit of free organization seats has been reached when adding new users
* @param organization An object representing the organization
* @param allOrganizationUserEmails An array of strings with existing user email addresses
* @param errorMessage A localized string to display if validation fails
* @returns A function that validates an `AbstractControl` and returns `ValidationErrors` or `null`
*/
export function freeOrgSeatLimitReachedValidator(
organization: Organization,
allOrganizationUserEmails: string[],
errorMessage: string
): ValidatorFn {
return (control: AbstractControl): ValidationErrors | null => {
if (control.value === "" || !control.value) {
return null;
}
const newEmailsToAdd = control.value
.split(",")
.filter(
(newEmailToAdd: string) =>
newEmailToAdd &&
!allOrganizationUserEmails.some((existingEmail) => existingEmail === newEmailToAdd)
);
return organization.planProductType === ProductType.Free &&
allOrganizationUserEmails.length + newEmailsToAdd.length > organization.seats
? { freePlanLimitReached: { message: errorMessage } }
: null;
};
}

1
apps/web/src/app/admin-console/organizations/members/people.component.ts
View File

@ -396,6 +396,7 @@ export class PeopleComponent
name: this.userNamePipe.transform(user),
organizationId: this.organization.id,
organizationUserId: user != null ? user.id : null,
allOrganizationUserEmails: this.allUsers?.map((user) => user.email) ?? [],
usesKeyConnector: user?.usesKeyConnector,
initialTab: initialTab,
},

4
apps/web/src/app/core/init.service.ts
View File

@ -38,11 +38,15 @@ export class InitService {
init() {
return async () => {
// Workaround to ignore stateService.activeAccount until process.env.URLS are set
// TODO: Remove this when implementing ticket PM-2637
this.environmentService.initialized = false;
await this.stateService.init();
const urls = process.env.URLS as Urls;
urls.base ??= this.win.location.origin;
this.environmentService.setUrls(urls);
this.environmentService.initialized = true;
setTimeout(() => this.notificationsService.init(), 3000);
(this.vaultTimeoutService as VaultTimeoutService).init(true);

15
apps/web/src/app/vault/individual-vault/vault.component.ts
View File

@ -38,7 +38,6 @@ import { OrganizationService } from "@bitwarden/common/admin-console/abstraction
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
import { TokenService } from "@bitwarden/common/auth/abstractions/token.service";
import { DEFAULT_PBKDF2_ITERATIONS, EventType, KdfType } from "@bitwarden/common/enums";
import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
import { ServiceUtils } from "@bitwarden/common/misc/serviceUtils";
import { TreeNode } from "@bitwarden/common/models/domain/tree-node";
import { BroadcasterService } from "@bitwarden/common/platform/abstractions/broadcaster.service";
@ -857,17 +856,9 @@ export class VaultComponent implements OnInit, OnDestroy {
}
async isLowKdfIteration() {
const showLowKdfEnabled = await this.configService.getFeatureFlagBool(
FeatureFlag.DisplayLowKdfIterationWarningFlag
);
if (showLowKdfEnabled) {
const kdfType = await this.stateService.getKdfType();
const kdfOptions = await this.stateService.getKdfConfig();
return kdfType === KdfType.PBKDF2_SHA256 && kdfOptions.iterations < DEFAULT_PBKDF2_ITERATIONS;
}
return showLowKdfEnabled;
const kdfType = await this.stateService.getKdfType();
const kdfOptions = await this.stateService.getKdfConfig();
return kdfType === KdfType.PBKDF2_SHA256 && kdfOptions.iterations < DEFAULT_PBKDF2_ITERATIONS;
}
protected async repromptCipher(ciphers: CipherView[]) {

4
apps/web/src/locales/da/messages.json
View File

@ -658,7 +658,7 @@
"message": "Hovedadgangskoden er den adgangskode, du bruger, når du tilgår din boks. Det er meget vigtigt, at hovedadgangskoden ikke glemmes, da der ikke er nogen måde, hvorpå den kan genoprettes."
},
"masterPassImportant": {
"message": "Hovedadgangskoder kan ikke gendannes, hvis du glemmer dem!"
"message": "Hovedadgangskoden kan ikke gendannes, hvis den glemmes!"
},
"masterPassHintDesc": {
"message": "Et hovedadgangskodetip kan bidrage til at komme i tanke om adgangskoden, hvis den glemmes."
@ -5231,7 +5231,7 @@
"description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Connect login with SSO to your self-hosted decryption key server. Using this option, members wont need to use their master passwords to decrypt vault data. The require SSO authentication and single organization policies are required to set up Key Connector decryption. Contact Bitwarden Support for set up assistance.'"
},
"memberDecryptionKeyConnectorDescLink": {
"message": "require SSO authentication and single organization policies",
"message": "kræver SSO-godkendelse samt enkeltorganisationspolitikker",
"description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Connect login with SSO to your self-hosted decryption key server. Using this option, members wont need to use their master passwords to decrypt vault data. The require SSO authentication and single organization policies are required to set up Key Connector decryption. Contact Bitwarden Support for set up assistance.'"
},
"memberDecryptionKeyConnectorDescEnd": {

4
apps/web/src/locales/fi/messages.json
View File

@ -6553,7 +6553,7 @@
"message": "Laskutuksen synkronoinnin ohje"
},
"licensePaidFeaturesHelp": {
"message": "Maksullisen lisenssin oiminaisuusopas"
"message": "Maksullisen lisenssin ominaisuusopas"
},
"selfHostGracePeriodHelp": {
"message": "Kun tilauksesi päättyy, sinulla on 60 päivää aikaa päivittää organisaatiosi lisenssitiedosto ajan tasalle. Varoaika päättyy $GRACE_PERIOD_END_DATE$.",
@ -6830,7 +6830,7 @@
"description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Once authenticated, members will decrypt vault data using a key stored on their device. The master password reset policy with automatic enrollment will turn on when this option is used.'"
},
"notFound": {
"message": "$RESOURCE$ ei löytynyt",
"message": "Resurssia $RESOURCE$ ei löytynyt",
"placeholders": {
"resource": {
"content": "$1",

8
apps/web/src/locales/fr/messages.json
View File

@ -574,7 +574,7 @@
"message": "Êtes-vous sûr de vouloir écraser le mot de passe actuel ?"
},
"editedFolder": {
"message": "Dossier modifié"
"message": "Dossier enregistré"
},
"addedFolder": {
"message": "Dossier ajouté"
@ -634,7 +634,7 @@
"message": "Commencer la Période d'Essai"
},
"logIn": {
"message": "S'identifier"
"message": "Se connecter"
},
"logInInitiated": {
"message": "Connexion initiée"
@ -676,7 +676,7 @@
"message": "Paramètres"
},
"passwordHint": {
"message": "Indice du mot de passe"
"message": "Indice de mot de passe"
},
"enterEmailToGetHint": {
"message": "Saisissez l'adresse électronique de votre compte pour recevoir l'indice de votre mot de passe principal."
@ -6900,6 +6900,6 @@
"message": "Aucun mot de passe principal"
},
"removeMembersWithoutMasterPasswordWarning": {
"message": "La suppression des membres qui n'ont pas de mot de passe principal sans leur en définir un, peut restreindre l'accès à leur compte dans soin intégralité."
"message": "La suppression des membres qui n'ont pas de mot de passe principal sans leur en définir un, peut restreindre l'accès à leur compte dans son intégralité."
}
}

4
apps/web/src/locales/it/messages.json
View File

@ -6849,7 +6849,7 @@
"description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
},
"deviceApprovals": {
"message": "Approvazioni dispositivi"
"message": "Approva dispositivi"
},
"deviceApprovalsDesc": {
"message": "Approva le richieste di accesso qui sotto per consentire ai membri di completare l'accesso. Le richieste non approvate scadono dopo 1 settimana. Verifica le informazioni del membro prima di approvare."
@ -6870,7 +6870,7 @@
"message": "Approva richiesta"
},
"noDeviceRequests": {
"message": "Nessuna richiesta dispositivo"
"message": "Nessuna richiesta da approvare"
},
"noDeviceRequestsDesc": {
"message": "Le richieste di approvazione dei dispositivi dei membri appariranno qui"

182
apps/web/src/locales/pt_PT/messages.json
View File

@ -1001,7 +1001,7 @@
"message": "Confirmar a palavra-passe do ficheiro"
},
"accountRestrictedOptionDescription": {
"message": "Use your account encryption key, derived from your account's username and Master Password, to encrypt the export and restrict import to only the current Bitwarden account."
"message": "Utilize a chave de encriptação da sua conta, derivada do nome de utilizador e da palavra-passe mestra da sua conta, para encriptar a exportação e restringir a importação apenas à conta Bitwarden atual."
},
"passwordProtectedOptionDescription": {
"message": "Defina uma palavra-passe do ficheiro para encriptar a exportação e importe-a para qualquer conta Bitwarden utilizando a palavra-passe de desencriptação."
@ -1256,7 +1256,7 @@
"message": "Dados importados com sucesso"
},
"importSuccessNumberOfItems": {
"message": "A total of $AMOUNT$ items were imported.",
"message": "Foi importado um total de $AMOUNT$ itens.",
"placeholders": {
"amount": {
"content": "$1",
@ -1919,7 +1919,7 @@
}
},
"premiumPriceWithFamilyPlan": {
"message": "Go premium for just $PRICE$ /year, or get premium accounts for $FAMILYPLANUSERCOUNT$ users and unlimited family sharing with a ",
"message": "Adquira uma conta Premium por apenas $PRICE$ /ano, ou obtenha contas Premium para $FAMILYPLANUSERCOUNT$ utilizadores e partilha familiar ilimitada com um ",
"placeholders": {
"price": {
"content": "$1",
@ -1932,7 +1932,7 @@
}
},
"bitwardenFamiliesPlan": {
"message": "Bitwarden Families plan."
"message": "plano Familiar do Bitwarden."
},
"addons": {
"message": "Addons"
@ -2029,7 +2029,7 @@
"message": "Cancelar subscrição"
},
"subscriptionExpiration": {
"message": "Subscription expiration"
"message": "Validade da subscrição"
},
"subscriptionCanceled": {
"message": "A subscrição foi cancelada."
@ -2265,7 +2265,7 @@
}
},
"planNameFamilies": {
"message": "Famílias"
"message": "Familiar"
},
"planDescFamilies": {
"message": "Para uso pessoal, para partilhar com a família e amigos."
@ -2472,7 +2472,7 @@
"message": "Tem a certeza de que pretende eliminar este grupo?"
},
"deleteMultipleGroupsConfirmation": {
"message": "Are you sure you want to delete the following $QUANTITY$ group(s)?",
"message": "Tem a certeza de que pretende eliminar o(s) seguinte(s) $QUANTITY$ grupo(s)?",
"placeholders": {
"quantity": {
"content": "$1",
@ -2532,7 +2532,7 @@
"message": "Editar membro"
},
"fieldOnTabRequiresAttention": {
"message": "A field on the '$TAB$' tab requires your attention.",
"message": "Um campo no separador '$TAB$' precisa da sua atenção.",
"placeholders": {
"tab": {
"content": "$1",
@ -2823,7 +2823,7 @@
}
},
"deletedCollections": {
"message": "Deleted collections"
"message": "Coleções eliminadas"
},
"deletedCollectionId": {
"message": "Coleção $ID$ eliminada.",
@ -2871,7 +2871,7 @@
}
},
"deletedManyGroups": {
"message": "Deleted $QUANTITY$ group(s).",
"message": "$QUANTITY$ grupo(s) eliminados.",
"placeholders": {
"quantity": {
"content": "$1",
@ -3363,7 +3363,7 @@
}
},
"subscriptionFreePlan": {
"message": "You cannot invite more than $COUNT$ members without upgrading your plan.",
"message": "Não pode convidar mais do que $COUNT$ membros sem atualizar o seu plano.",
"placeholders": {
"count": {
"content": "$1",
@ -3372,7 +3372,7 @@
}
},
"subscriptionFamiliesPlan": {
"message": "You cannot invite more than $COUNT$ members without upgrading your plan. Please contact Customer Support to upgrade.",
"message": "Não pode convidar mais do que $COUNT$ membros sem atualizar o seu plano. Contacte o Apoio ao cliente para atualizar.",
"placeholders": {
"count": {
"content": "$1",
@ -3381,7 +3381,7 @@
}
},
"subscriptionSponsoredFamiliesPlan": {
"message": "Your subscription allows for a total of $COUNT$ members. Your plan is sponsored and billed to an external organization.",
"message": "A sua subscrição permite um total de $COUNT$ membros. O seu plano é patrocinado e faturado por uma organização externa.",
"placeholders": {
"count": {
"content": "$1",
@ -5443,7 +5443,7 @@
"message": "Histórico de faturação"
},
"backToReports": {
"message": "Back to reports"
"message": "Voltar aos relatórios"
},
"organizationPicker": {
"message": "Organization picker"
@ -5503,7 +5503,7 @@
"message": "Palavra aleatória"
},
"service": {
"message": "Service"
"message": "Serviço"
},
"unknownCipher": {
"message": "Item desconhecido, poderá ser necessário pedir autorização para aceder a este item."
@ -5961,7 +5961,7 @@
"message": "A eliminação de contas de serviço é permanente e irreversível."
},
"deleteServiceAccountsConfirmMessage": {
"message": "Delete $COUNT$ service accounts",
"message": "Eliminar $COUNT$ contas de serviço",
"placeholders": {
"count": {
"content": "$1",
@ -5970,13 +5970,13 @@
}
},
"deleteServiceAccountToast": {
"message": "Service account deleted"
"message": "Conta de serviço eliminada"
},
"deleteServiceAccountsToast": {
"message": "Service accounts deleted"
"message": "Contas de serviço eliminadas"
},
"searchServiceAccounts": {
"message": "Search service accounts",
"message": "Procurar contas de serviço",
"description": "Placeholder text for searching service accounts."
},
"editServiceAccount": {
@ -6071,7 +6071,7 @@
}
},
"deleteProjectInputLabel": {
"message": "Type \"$CONFIRM$\" to continue",
"message": "Escreva \"$CONFIRM$\" para continuar",
"description": "Users are prompted to type 'confirm' to delete a project",
"placeholders": {
"confirm": {
@ -6081,7 +6081,7 @@
}
},
"deleteProjectConfirmMessage": {
"message": "Delete $PROJECT$",
"message": "Eliminar $PROJECT$",
"description": "Confirmation prompt to delete a specific project, where '$PROJECT$' is a placeholder for the name of the project.",
"placeholders": {
"project": {
@ -6091,7 +6091,7 @@
}
},
"deleteProjectsConfirmMessage": {
"message": "Delete $COUNT$ Projects",
"message": "Eliminar $COUNT$ projetos",
"description": "Confirmation prompt to delete multiple projects, where '$COUNT$' is a placeholder for the number of projects to be deleted.",
"placeholders": {
"count": {
@ -6113,22 +6113,22 @@
"description": "Message to be displayed when there are no projects to display in the list."
},
"smConfirmationRequired": {
"message": "Confirmation required",
"message": "Confirmação necessária",
"description": "Indicates that user confirmation is required for an action to proceed."
},
"bulkDeleteProjectsErrorMessage": {
"message": "The following projects could not be deleted:",
"message": "Os seguintes projetos não puderam ser eliminados:",
"description": "Message to be displayed when there is an error during bulk project deletion."
},
"softDeleteSuccessToast": {
"message": "Secret sent to trash",
"message": "Segredo movido para o lixo",
"description": "Notification to be displayed when a secret is successfully sent to the trash."
},
"hardDeleteSuccessToast": {
"message": "Secret permanently deleted"
"message": "Segredo eliminado permanentemente"
},
"accessTokens": {
"message": "Access tokens",
"message": "Tokens de acesso",
"description": "Title for the section displaying access tokens."
},
"newAccessToken": {
@ -6136,7 +6136,7 @@
"description": "Button label for creating a new access token."
},
"expires": {
"message": "Expires",
"message": "Expira a",
"description": "Label for the expiration date of an access token."
},
"canRead": {
@ -6144,11 +6144,11 @@
"description": "Label for the access level of an access token (Read only)."
},
"accessTokensNoItemsTitle": {
"message": "No access tokens to show",
"message": "Sem tokens de acesso para mostrar",
"description": "Title to be displayed when there are no access tokens to display in the list."
},
"accessTokensNoItemsDesc": {
"message": "To get started, create an access token",
"message": "Para começar, crie um token de acesso",
"description": "Message to be displayed when there are no access tokens to display in the list."
},
"downloadAccessToken": {
@ -6156,7 +6156,7 @@
"description": "Message to be displayed before closing an access token, reminding the user to download or copy it."
},
"expiresOnAccessToken": {
"message": "Expires on:",
"message": "Expira a:",
"description": "Label for the expiration date of an access token."
},
"accessTokenCallOutTitle": {
@ -6164,15 +6164,15 @@
"description": "Notification to inform the user that access tokens are only displayed once and cannot be retrieved again."
},
"copyToken": {
"message": "Copy token",
"message": "Copiar token",
"description": "Copies the generated access token to the user's clipboard."
},
"accessToken": {
"message": "Access token",
"message": "Token de acesso",
"description": "A unique string that gives a client application (eg. CLI) access to a secret or set of secrets."
},
"accessTokenExpirationRequired": {
"message": "Expiration date required",
"message": "Data de validade necessária",
"description": "Error message indicating that an expiration date for the access token must be set."
},
"accessTokenCreatedAndCopied": {
@ -6226,7 +6226,7 @@
}
},
"groupInfo": {
"message": "Group info"
"message": "Informações do grupo"
},
"editGroupMembersDesc": {
"message": "Grant members access to the group's assigned collections."
@ -6241,22 +6241,22 @@
"message": "If checked, this will replace all other collection permissions."
},
"selectMembers": {
"message": "Select members"
"message": "Selecionar membros"
},
"selectCollections": {
"message": "Select collections"
"message": "Selecionar coleções"
},
"role": {
"message": "Função"
},
"removeMember": {
"message": "Remove member"
"message": "Remover membro"
},
"collection": {
"message": "Collection"
"message": "Coleção"
},
"noCollection": {
"message": "No collection"
"message": "Sem coleções"
},
"canView": {
"message": "Pode ver"
@ -6271,7 +6271,7 @@
"message": "Pode editar, excepto palavras-passe"
},
"noCollectionsAdded": {
"message": "No collections added"
"message": "Sem coleções adicionadas"
},
"noMembersAdded": {
"message": "No members added"
@ -6364,28 +6364,28 @@
}
},
"domainStatusVerified": {
"message": "Verified"
"message": "Verificado"
},
"domainStatusUnverified": {
"message": "Unverified"
"message": "Não verificado"
},
"domainNameTh": {
"message": "Name"
"message": "Nome"
},
"domainStatusTh": {
"message": "Status"
"message": "Estado"
},
"lastChecked": {
"message": "Last checked"
},
"editDomain": {
"message": "Edit domain"
"message": "Editar domínio"
},
"domainFormInvalid": {
"message": "There are form errors that need your attention"
},
"addedDomain": {
"message": "Added domain $DOMAIN$",
"message": "Domínio $DOMAIN$ adicionado",
"placeholders": {
"DOMAIN": {
"content": "$1",
@ -6421,16 +6421,16 @@
}
},
"membersColumnHeader": {
"message": "Member/Group"
"message": "Membro/Grupo"
},
"groupAndMemberColumnHeader": {
"message": "Member"
"message": "Membro"
},
"selectGroupsAndMembers": {
"message": "Select groups and members"
"message": "Selecionar grupos e membros"
},
"selectGroups": {
"message": "Select groups"
"message": "Selecionar grupos"
},
"userPermissionOverrideHelper": {
"message": "Permissions set for a member will replace permissions set by that member's group"
@ -6439,13 +6439,13 @@
"message": "No members or groups added"
},
"deleted": {
"message": "Deleted"
"message": "Eliminado"
},
"memberStatusFilter": {
"message": "Member status filter"
},
"inviteMember": {
"message": "Invite member"
"message": "Convidar membro"
},
"needsConfirmation": {
"message": "Needs confirmation"
@ -6496,10 +6496,10 @@
}
},
"server": {
"message": "Server"
"message": "Servidor"
},
"exportData": {
"message": "Export data"
"message": "Exportar dados"
},
"exportingOrganizationSecretDataTitle": {
"message": "Exporting Organization Secret Data"
@ -6619,13 +6619,13 @@
"message": "This user can access the Secrets Manager Beta"
},
"important": {
"message": "Important:"
"message": "Importante:"
},
"viewAll": {
"message": "View all"
"message": "Ver tudo"
},
"showingPortionOfTotal": {
"message": "Showing $PORTION$ of $TOTAL$",
"message": "A mostrar $PORTION$ de $TOTAL$",
"placeholders": {
"portion": {
"content": "$1",
@ -6638,16 +6638,16 @@
}
},
"resolveTheErrorsBelowAndTryAgain": {
"message": "Resolve the errors below and try again."
"message": "Resolva os erros abaixo e tente novamente."
},
"description": {
"message": "Description"
"message": "Descrição"
},
"errorReadingImportFile": {
"message": "An error occurred when trying to read the import file"
"message": "Ocorreu um erro ao tentar ler o ficheiro de importação"
},
"accessedSecret": {
"message": "Accessed secret $SECRET_ID$.",
"message": "Segredo $SECRET_ID$ acedido.",
"placeholders": {
"secret_id": {
"content": "$1",
@ -6660,29 +6660,29 @@
"description": "Software Development Kit"
},
"createSecret": {
"message": "Create a secret"
"message": "Criar um segredo"
},
"createProject": {
"message": "Create a project"
"message": "Criar um projeto"
},
"createServiceAccount": {
"message": "Create a service account"
"message": "Criar uma conta de serviço"
},
"downloadThe": {
"message": "Download the",
"message": "Descarregar o",
"description": "Link to a downloadable resource. This will be used as part of a larger phrase. Example: Download the Secrets Manager CLI"
},
"smCLI": {
"message": "Secrets Manager CLI"
"message": "gestor de segredos CLI"
},
"importSecrets": {
"message": "Import secrets"
"message": "Importar segredos"
},
"getStarted": {
"message": "Get started"
"message": "Começar"
},
"complete": {
"message": "$COMPLETED$/$TOTAL$ Complete",
"message": "$COMPLETED$/$TOTAL$ concluídos",
"placeholders": {
"COMPLETED": {
"content": "$1",
@ -6695,25 +6695,25 @@
}
},
"restoreSecret": {
"message": "Restore secret"
"message": "Restaurar segredo"
},
"restoreSecrets": {
"message": "Restore secrets"
"message": "Restaurar segredos"
},
"restoreSecretPrompt": {
"message": "Are you sure you want to restore this secret?"
"message": "Tem a certeza de que quer recuperar este segredo?"
},
"restoreSecretsPrompt": {
"message": "Are you sure you want to restore these secrets?"
"message": "Tem a certeza de que quer recuperar estes segredos?"
},
"secretRestoredSuccessToast": {
"message": "Secret restored"
"message": "Segredo restaurado"
},
"secretsRestoredSuccessToast": {
"message": "Secrets restored"
"message": "Segredos restaurados"
},
"selectionIsRequired": {
"message": "Selection is required."
"message": "É necessária uma seleção."
},
"secretsManagerSubscriptionDesc": {
"message": "Turn on organization access to the Secrets Manager at no charge during the Beta program. Users can be granted access to the Beta in Members."
@ -6740,25 +6740,25 @@
"message": "This action will remove your access to the service account."
},
"removeAccess": {
"message": "Remove access"
"message": "Remover acesso"
},
"checkForBreaches": {
"message": "Check known data breaches for this password"
"message": "Verificar violações de dados conhecidas para esta palavra-passe"
},
"exposedMasterPassword": {
"message": "Exposed Master Password"
"message": "Palavra-passe mestra exposta"
},
"exposedMasterPasswordDesc": {
"message": "Password found in a data breach. Use a unique password to protect your account. Are you sure you want to use an exposed password?"
"message": "Palavra-passe encontrada numa violação de dados. Utilize uma palavra-passe única para proteger a sua conta. Tem a certeza de que pretende utilizar uma palavra-passe exposta?"
},
"weakAndExposedMasterPassword": {
"message": "Weak and Exposed Master Password"
"message": "Palavra-passe mestra fraca e exposta"
},
"weakAndBreachedMasterPasswordDesc": {
"message": "Weak password identified and found in a data breach. Use a strong and unique password to protect your account. Are you sure you want to use this password?"
"message": "Palavra-passe fraca identificada e encontrada numa violação de dados. Utilize uma palavra-passe forte e única para proteger a sua conta. Tem a certeza de que pretende utilizar esta palavra-passe?"
},
"characterMinimum": {
"message": "$LENGTH$ character minimum",
"message": "$LENGTH$ caracteres no mínimo",
"placeholders": {
"length": {
"content": "$1",
@ -6783,14 +6783,14 @@
"message": "Dispensar"
},
"notAvailableForFreeOrganization": {
"message": "This feature is not available for free organizations. Contact your organization owner to upgrade."
"message": "Esta funcionalidade não está disponível para organizações gratuitas. Contacte o proprietário da organização para atualizar."
},
"smProjectSecretsNoItemsNoAccess": {
"message": "Contact your organization's admin to manage secrets for this project.",
"message": "Contacte o administrador da sua organização para gerir os segredos deste projeto.",
"description": "The message shown to the user under a project's secrets tab when the user only has read access to the project."
},
"enforceOnLoginDesc": {
"message": "Require existing members to change their passwords"
"message": "Exigir que os membros existentes alterem as suas palavras-passe"
},
"region": {
"message": "Região"
@ -6804,18 +6804,18 @@
"description": "United States"
},
"smProjectDeleteAccessRestricted": {
"message": "You don't have permissions to delete this project",
"message": "Não tem permissões para eliminar este projeto",
"description": "The individual description shown to the user when the user doesn't have access to delete a project."
},
"smProjectsDeleteBulkConfirmation": {
"message": "The following projects can not be deleted. Would you like to continue?",
"message": "Os seguintes projetos não podem ser eliminados. Gostaria de continuar?",
"description": "The message shown to the user when bulk deleting projects and the user doesn't have access to some projects."
},
"updateKdfSettings": {
"message": "Update KDF settings"
"message": "Atualizar definições KDF"
},
"trustedDeviceEncryption": {
"message": "Trusted device encryption"
"message": "Encriptação de dispositivo de confiança"
},
"memberDecryptionTdeDescriptionStart": {
"message": "Uma vez autenticados, os membros desencriptam os dados do cofre utilizando uma chave armazenada no seu dispositivo. A",

3
libs/angular/src/auth/components/environment-selector.component.ts
View File

@ -88,11 +88,10 @@ export class EnvironmentSelectorComponent implements OnInit, OnDestroy {
}
async updateEnvironmentInfo() {
this.selectedEnvironment = this.environmentService.selectedRegion;
this.euServerFlagEnabled = await this.configService.getFeatureFlagBool(
FeatureFlag.DisplayEuEnvironmentFlag
);
this.selectedEnvironment = this.environmentService.selectedRegion;
}
close() {

11
libs/common/src/auth/services/auth.service.ts
View File

@ -304,10 +304,13 @@ export class AuthService implements AuthServiceAbstraction {
throw new Error("Master key not found");
}
const encryptedKey = await this.cryptoService.rsaEncrypt(masterKey.encKey, pubKey.buffer);
const encryptedMasterPasswordHash = await this.cryptoService.rsaEncrypt(
Utils.fromUtf8ToArray(await this.stateService.getKeyHash()),
pubKey.buffer
);
let encryptedMasterPasswordHash = null;
if ((await this.stateService.getKeyHash()) != null) {
encryptedMasterPasswordHash = await this.cryptoService.rsaEncrypt(
Utils.fromUtf8ToArray(await this.stateService.getKeyHash()),
pubKey.buffer
);
}
const request = new PasswordlessAuthRequest(
encryptedKey.encryptedString,
encryptedMasterPasswordHash.encryptedString,

1
libs/common/src/platform/abstractions/environment.service.ts
View File

@ -28,6 +28,7 @@ export abstract class EnvironmentService {
usUrls: Urls;
euUrls: Urls;
selectedRegion?: Region;
initialized = true;
hasBaseUrl: () => boolean;
getNotificationsUrl: () => string;

17
libs/common/src/platform/services/environment.service.ts
View File

@ -12,6 +12,7 @@ export class EnvironmentService implements EnvironmentServiceAbstraction {
private readonly urlsSubject = new Subject<void>();
urls: Observable<void> = this.urlsSubject.asObservable();
selectedRegion?: Region;
initialized = true;
protected baseUrl: string;
protected webVaultUrl: string;
@ -49,6 +50,9 @@ export class EnvironmentService implements EnvironmentServiceAbstraction {
this.stateService.activeAccount$
.pipe(
concatMap(async () => {
if (!this.initialized) {
return;
}
await this.setUrlsFromStorage();
})
)
@ -157,22 +161,23 @@ export class EnvironmentService implements EnvironmentServiceAbstraction {
// fix environment urls for old users
if (savedUrls.base === "https://vault.bitwarden.com") {
this.setRegion(Region.US);
await this.setRegion(Region.US);
return;
}
if (savedUrls.base === "https://vault.bitwarden.eu") {
this.setRegion(Region.EU);
await this.setRegion(Region.EU);
return;
}
switch (region) {
case Region.EU:
this.setRegion(Region.EU);
await this.setRegion(Region.EU);
return;
case Region.US:
this.setRegion(Region.US);
await this.setRegion(Region.US);
return;
case Region.SelfHosted:
case null:
default:
this.baseUrl = envUrls.base = savedUrls.base;
this.webVaultUrl = savedUrls.webVault;
@ -182,9 +187,9 @@ export class EnvironmentService implements EnvironmentServiceAbstraction {
this.notificationsUrl = savedUrls.notifications;
this.eventsUrl = envUrls.events = savedUrls.events;
this.keyConnectorUrl = savedUrls.keyConnector;
await this.setRegion(Region.SelfHosted);
// scimUrl is not saved to storage
this.urlsSubject.next();
this.setRegion(Region.SelfHosted);
break;
}
}
@ -270,7 +275,7 @@ export class EnvironmentService implements EnvironmentServiceAbstraction {
case Region.SelfHosted:
// if user saves with empty fields, default to US
if (this.isEmpty()) {
this.setRegion(Region.US);
await this.setRegion(Region.US);
}
break;
}

4
package-lock.json generated
View File

@ -189,7 +189,7 @@
},
"apps/browser": {
"name": "@bitwarden/browser",
"version": "2023.5.0"
"version": "2023.5.1"
},
"apps/cli": {
"name": "@bitwarden/cli",
@ -243,7 +243,7 @@
},
"apps/web": {
"name": "@bitwarden/web-vault",
"version": "2023.5.0"
"version": "2023.5.1"
},
"libs/angular": {
"name": "@bitwarden/angular",