From c682f460b2f7ebd0dc39d09ff65e34c5976620fa Mon Sep 17 00:00:00 2001 From: Thomas Rittson <31796059+eliykat@users.noreply.github.com> Date: Mon, 11 Oct 2021 23:32:30 +1000 Subject: [PATCH] Enforce password reprompt from reports pages (#1225) --- .../tools/exposed-passwords-report.component.ts | 5 +++-- .../tools/inactive-two-factor-report.component.ts | 5 +++-- .../tools/reused-passwords-report.component.ts | 5 +++-- .../tools/unsecured-websites-report.component.ts | 5 +++-- .../tools/weak-passwords-report.component.ts | 6 ++++-- src/app/tools/cipher-report.component.ts | 14 +++++++++++++- .../tools/exposed-passwords-report.component.ts | 5 +++-- .../tools/inactive-two-factor-report.component.ts | 5 +++-- src/app/tools/reused-passwords-report.component.ts | 6 ++++-- .../tools/unsecured-websites-report.component.ts | 5 +++-- src/app/tools/weak-passwords-report.component.ts | 7 ++++--- 11 files changed, 46 insertions(+), 22 deletions(-) diff --git a/src/app/organizations/tools/exposed-passwords-report.component.ts b/src/app/organizations/tools/exposed-passwords-report.component.ts index 2eac725946..f49a11e241 100644 --- a/src/app/organizations/tools/exposed-passwords-report.component.ts +++ b/src/app/organizations/tools/exposed-passwords-report.component.ts @@ -4,6 +4,7 @@ import { ActivatedRoute } from '@angular/router'; import { AuditService } from 'jslib-common/abstractions/audit.service'; import { CipherService } from 'jslib-common/abstractions/cipher.service'; import { MessagingService } from 'jslib-common/abstractions/messaging.service'; +import { PasswordRepromptService } from 'jslib-common/abstractions/passwordReprompt.service'; import { UserService } from 'jslib-common/abstractions/user.service'; import { ModalService } from 'jslib-angular/services/modal.service'; @@ -24,8 +25,8 @@ export class ExposedPasswordsReportComponent extends BaseExposedPasswordsReportC constructor(cipherService: CipherService, auditService: AuditService, modalService: ModalService, messagingService: MessagingService, - userService: UserService, private route: ActivatedRoute) { - super(cipherService, auditService, modalService, messagingService, userService); + userService: UserService, passwordRepromptService: PasswordRepromptService, private route: ActivatedRoute) { + super(cipherService, auditService, modalService, messagingService, userService, passwordRepromptService); } ngOnInit() { diff --git a/src/app/organizations/tools/inactive-two-factor-report.component.ts b/src/app/organizations/tools/inactive-two-factor-report.component.ts index 1040288759..b9af91c8f6 100644 --- a/src/app/organizations/tools/inactive-two-factor-report.component.ts +++ b/src/app/organizations/tools/inactive-two-factor-report.component.ts @@ -3,6 +3,7 @@ import { ActivatedRoute } from '@angular/router'; import { CipherService } from 'jslib-common/abstractions/cipher.service'; import { MessagingService } from 'jslib-common/abstractions/messaging.service'; +import { PasswordRepromptService } from 'jslib-common/abstractions/passwordReprompt.service'; import { UserService } from 'jslib-common/abstractions/user.service'; import { ModalService } from 'jslib-angular/services/modal.service'; @@ -19,9 +20,9 @@ import { CipherView } from 'jslib-common/models/view/cipherView'; }) export class InactiveTwoFactorReportComponent extends BaseInactiveTwoFactorReportComponent { constructor(cipherService: CipherService, modalService: ModalService, - messagingService: MessagingService, userService: UserService, + messagingService: MessagingService, userService: UserService, passwordRepromptService: PasswordRepromptService, private route: ActivatedRoute) { - super(cipherService, modalService, messagingService, userService); + super(cipherService, modalService, messagingService, userService, passwordRepromptService); } async ngOnInit() { diff --git a/src/app/organizations/tools/reused-passwords-report.component.ts b/src/app/organizations/tools/reused-passwords-report.component.ts index 14de327065..b9a18f1ed7 100644 --- a/src/app/organizations/tools/reused-passwords-report.component.ts +++ b/src/app/organizations/tools/reused-passwords-report.component.ts @@ -3,6 +3,7 @@ import { ActivatedRoute } from '@angular/router'; import { CipherService } from 'jslib-common/abstractions/cipher.service'; import { MessagingService } from 'jslib-common/abstractions/messaging.service'; +import { PasswordRepromptService } from 'jslib-common/abstractions/passwordReprompt.service'; import { UserService } from 'jslib-common/abstractions/user.service'; import { ModalService } from 'jslib-angular/services/modal.service'; @@ -23,9 +24,9 @@ export class ReusedPasswordsReportComponent extends BaseReusedPasswordsReportCom manageableCiphers: Cipher[]; constructor(cipherService: CipherService, modalService: ModalService, - messagingService: MessagingService, userService: UserService, + messagingService: MessagingService, userService: UserService, passwordRepromptService: PasswordRepromptService, private route: ActivatedRoute) { - super(cipherService, modalService, messagingService, userService); + super(cipherService, modalService, messagingService, userService, passwordRepromptService); } async ngOnInit() { diff --git a/src/app/organizations/tools/unsecured-websites-report.component.ts b/src/app/organizations/tools/unsecured-websites-report.component.ts index 01123f2070..081c883960 100644 --- a/src/app/organizations/tools/unsecured-websites-report.component.ts +++ b/src/app/organizations/tools/unsecured-websites-report.component.ts @@ -3,6 +3,7 @@ import { ActivatedRoute } from '@angular/router'; import { CipherService } from 'jslib-common/abstractions/cipher.service'; import { MessagingService } from 'jslib-common/abstractions/messaging.service'; +import { PasswordRepromptService } from 'jslib-common/abstractions/passwordReprompt.service'; import { UserService } from 'jslib-common/abstractions/user.service'; import { ModalService } from 'jslib-angular/services/modal.service'; @@ -19,9 +20,9 @@ import { CipherView } from 'jslib-common/models/view/cipherView'; }) export class UnsecuredWebsitesReportComponent extends BaseUnsecuredWebsitesReportComponent { constructor(cipherService: CipherService, modalService: ModalService, - messagingService: MessagingService, userService: UserService, + messagingService: MessagingService, userService: UserService, passwordRepromptService: PasswordRepromptService, private route: ActivatedRoute) { - super(cipherService, modalService, messagingService, userService); + super(cipherService, modalService, messagingService, userService, passwordRepromptService); } async ngOnInit() { diff --git a/src/app/organizations/tools/weak-passwords-report.component.ts b/src/app/organizations/tools/weak-passwords-report.component.ts index 5150a4cd90..f58623a469 100644 --- a/src/app/organizations/tools/weak-passwords-report.component.ts +++ b/src/app/organizations/tools/weak-passwords-report.component.ts @@ -4,6 +4,7 @@ import { ActivatedRoute } from '@angular/router'; import { CipherService } from 'jslib-common/abstractions/cipher.service'; import { MessagingService } from 'jslib-common/abstractions/messaging.service'; import { PasswordGenerationService } from 'jslib-common/abstractions/passwordGeneration.service'; +import { PasswordRepromptService } from 'jslib-common/abstractions/passwordReprompt.service'; import { UserService } from 'jslib-common/abstractions/user.service'; import { ModalService } from 'jslib-angular/services/modal.service'; @@ -25,8 +26,9 @@ export class WeakPasswordsReportComponent extends BaseWeakPasswordsReportCompone constructor(cipherService: CipherService, passwordGenerationService: PasswordGenerationService, modalService: ModalService, messagingService: MessagingService, - userService: UserService, private route: ActivatedRoute) { - super(cipherService, passwordGenerationService, modalService, messagingService, userService); + userService: UserService, passwordRepromptService: PasswordRepromptService, private route: ActivatedRoute) { + super(cipherService, passwordGenerationService, modalService, messagingService, userService, + passwordRepromptService); } async ngOnInit() { diff --git a/src/app/tools/cipher-report.component.ts b/src/app/tools/cipher-report.component.ts index c271a24591..5dd0528393 100644 --- a/src/app/tools/cipher-report.component.ts +++ b/src/app/tools/cipher-report.component.ts @@ -11,7 +11,10 @@ import { Organization } from 'jslib-common/models/domain/organization'; import { AddEditComponent as OrgAddEditComponent } from '../organizations/vault/add-edit.component'; import { AddEditComponent } from '../vault/add-edit.component'; +import { CipherRepromptType } from 'jslib-common/enums/cipherRepromptType'; + import { MessagingService } from 'jslib-common/abstractions/messaging.service'; +import { PasswordRepromptService } from 'jslib-common/abstractions/passwordReprompt.service'; import { UserService } from 'jslib-common/abstractions/user.service'; import { ModalService } from 'jslib-angular/services/modal.service'; @@ -26,7 +29,8 @@ export class CipherReportComponent { organization: Organization; constructor(private modalService: ModalService, protected userService: UserService, - protected messagingService: MessagingService, public requiresPaid: boolean) { } + protected messagingService: MessagingService, protected passwordRepromptService: PasswordRepromptService, + public requiresPaid: boolean) { } async load() { this.loading = true; @@ -36,6 +40,10 @@ export class CipherReportComponent { } async selectCipher(cipher: CipherView) { + if (!await this.repromptCipher(cipher)) { + return; + } + const type = this.organization != null ? OrgAddEditComponent : AddEditComponent; const [modal, childComponent] = await this.modalService.openViewRef(type, this.cipherAddEditModalRef, (comp: OrgAddEditComponent | AddEditComponent) => { @@ -85,4 +93,8 @@ export class CipherReportComponent { protected async setCiphers() { this.ciphers = []; } + + protected async repromptCipher(c: CipherView) { + return c.reprompt === CipherRepromptType.None || await this.passwordRepromptService.showPasswordPrompt(); + } } diff --git a/src/app/tools/exposed-passwords-report.component.ts b/src/app/tools/exposed-passwords-report.component.ts index ebf2c592d1..af5c8e3a79 100644 --- a/src/app/tools/exposed-passwords-report.component.ts +++ b/src/app/tools/exposed-passwords-report.component.ts @@ -6,6 +6,7 @@ import { import { AuditService } from 'jslib-common/abstractions/audit.service'; import { CipherService } from 'jslib-common/abstractions/cipher.service'; import { MessagingService } from 'jslib-common/abstractions/messaging.service'; +import { PasswordRepromptService } from 'jslib-common/abstractions/passwordReprompt.service'; import { UserService } from 'jslib-common/abstractions/user.service'; import { ModalService } from 'jslib-angular/services/modal.service'; @@ -25,8 +26,8 @@ export class ExposedPasswordsReportComponent extends CipherReportComponent imple constructor(protected cipherService: CipherService, protected auditService: AuditService, modalService: ModalService, messagingService: MessagingService, - userService: UserService) { - super(modalService, userService, messagingService, true); + userService: UserService, passwordRepromptService: PasswordRepromptService) { + super(modalService, userService, messagingService, passwordRepromptService, true); } ngOnInit() { diff --git a/src/app/tools/inactive-two-factor-report.component.ts b/src/app/tools/inactive-two-factor-report.component.ts index 32cca169c8..b7a3639e40 100644 --- a/src/app/tools/inactive-two-factor-report.component.ts +++ b/src/app/tools/inactive-two-factor-report.component.ts @@ -5,6 +5,7 @@ import { import { CipherService } from 'jslib-common/abstractions/cipher.service'; import { MessagingService } from 'jslib-common/abstractions/messaging.service'; +import { PasswordRepromptService } from 'jslib-common/abstractions/passwordReprompt.service'; import { UserService } from 'jslib-common/abstractions/user.service'; import { ModalService } from 'jslib-angular/services/modal.service'; @@ -26,8 +27,8 @@ export class InactiveTwoFactorReportComponent extends CipherReportComponent impl cipherDocs = new Map(); constructor(protected cipherService: CipherService, modalService: ModalService, - messagingService: MessagingService, userService: UserService) { - super(modalService, userService, messagingService, true); + messagingService: MessagingService, userService: UserService, passwordRepromptService: PasswordRepromptService) { + super(modalService, userService, messagingService, passwordRepromptService, true); } async ngOnInit() { diff --git a/src/app/tools/reused-passwords-report.component.ts b/src/app/tools/reused-passwords-report.component.ts index 8606a4a457..d699699fd8 100644 --- a/src/app/tools/reused-passwords-report.component.ts +++ b/src/app/tools/reused-passwords-report.component.ts @@ -5,6 +5,7 @@ import { import { CipherService } from 'jslib-common/abstractions/cipher.service'; import { MessagingService } from 'jslib-common/abstractions/messaging.service'; +import { PasswordRepromptService } from 'jslib-common/abstractions/passwordReprompt.service'; import { UserService } from 'jslib-common/abstractions/user.service'; import { ModalService } from 'jslib-angular/services/modal.service'; @@ -23,8 +24,9 @@ export class ReusedPasswordsReportComponent extends CipherReportComponent implem passwordUseMap: Map; constructor(protected cipherService: CipherService, modalService: ModalService, - messagingService: MessagingService, userService: UserService) { - super(modalService, userService, messagingService, true); + messagingService: MessagingService, userService: UserService, + passwordRepromptService: PasswordRepromptService) { + super(modalService, userService, messagingService, passwordRepromptService, true); } async ngOnInit() { diff --git a/src/app/tools/unsecured-websites-report.component.ts b/src/app/tools/unsecured-websites-report.component.ts index 76e811dfef..8715cdc84e 100644 --- a/src/app/tools/unsecured-websites-report.component.ts +++ b/src/app/tools/unsecured-websites-report.component.ts @@ -5,6 +5,7 @@ import { import { CipherService } from 'jslib-common/abstractions/cipher.service'; import { MessagingService } from 'jslib-common/abstractions/messaging.service'; +import { PasswordRepromptService } from 'jslib-common/abstractions/passwordReprompt.service'; import { UserService } from 'jslib-common/abstractions/user.service'; import { ModalService } from 'jslib-angular/services/modal.service'; @@ -21,8 +22,8 @@ import { CipherReportComponent } from './cipher-report.component'; }) export class UnsecuredWebsitesReportComponent extends CipherReportComponent implements OnInit { constructor(protected cipherService: CipherService, modalService: ModalService, - messagingService: MessagingService, userService: UserService) { - super(modalService, userService, messagingService, true); + messagingService: MessagingService, userService: UserService, passwordRepromptService: PasswordRepromptService) { + super(modalService, userService, messagingService, passwordRepromptService, true); } async ngOnInit() { diff --git a/src/app/tools/weak-passwords-report.component.ts b/src/app/tools/weak-passwords-report.component.ts index 475fffde28..39fed5fc08 100644 --- a/src/app/tools/weak-passwords-report.component.ts +++ b/src/app/tools/weak-passwords-report.component.ts @@ -6,6 +6,7 @@ import { import { CipherService } from 'jslib-common/abstractions/cipher.service'; import { MessagingService } from 'jslib-common/abstractions/messaging.service'; import { PasswordGenerationService } from 'jslib-common/abstractions/passwordGeneration.service'; +import { PasswordRepromptService } from 'jslib-common/abstractions/passwordReprompt.service'; import { UserService } from 'jslib-common/abstractions/user.service'; import { ModalService } from 'jslib-angular/services/modal.service'; @@ -27,9 +28,9 @@ export class WeakPasswordsReportComponent extends CipherReportComponent implemen private passwordStrengthCache = new Map(); constructor(protected cipherService: CipherService, protected passwordGenerationService: PasswordGenerationService, - modalService: ModalService, messagingService: MessagingService, - userService: UserService) { - super(modalService, userService, messagingService, true); + modalService: ModalService, messagingService: MessagingService, userService: UserService, + passwordRepromptService: PasswordRepromptService) { + super(modalService, userService, messagingService, passwordRepromptService, true); } async ngOnInit() {