* [EC-1070] Introduce flag for enforcing master password policy on login
* [EC-1070] Update master password policy form
Add the ability to toggle enforceOnLogin flag in web
* [EC-1070] Add API method to retrieve all policies for the current user
* [EC-1070] Refactor forcePasswordReset in state service to support more options
- Use an options class to provide a reason and optional organization id
- Use the OnDiskMemory storage location so the option persists between the same auth session
* [AC-1070] Retrieve single master password policy from identity token response
Additionally, store the policy in the login strategy for future use
* [EC-1070] Introduce master password evaluation in the password login strategy
- If a master password policy is returned from the identity result, evaluate the password.
- If the password does not meet the requirements, save the forcePasswordReset options
- Add support for 2FA by storing the results of the password evaluation on the login strategy instance
- Add unit tests to password login strategy
* [AC-1070] Modify admin password reset component to support update master password on login
- Modify the warning message to depend on the reason
- Use the forcePasswordResetOptions in the update temp password component
* [EC-1070] Require current master password when updating weak mp on login
- Inject user verification service to verify the user
- Conditionally show the current master password field only when updating a weak mp. Admin reset does not require the current master password.
* [EC-1070] Implement password policy check during vault unlock
Checking the master password during unlock is the only applicable place to enforce the master password policy check for SSO users.
* [EC-1070] CLI - Add ability to load MP policies on login
Inject policyApi and organization services into the login command
* [EC-1070] CLI - Refactor update temp password logic to support updating weak passwords
- Introduce new shared method for collecting a valid and confirmed master password from the CLI and generating a new encryption key
- Add separate methods for updating temp passwords and weak passwords.
- Utilize those methods during login flow if not using an API key
* [EC-1070] Add route guard to force password reset when required
* [AC-1070] Use master password policy from verify password response in lock component
* [EC-1070] Update labels in update password component
* [AC-1070] Fix policy service tests
* [AC-1070] CLI - Force sync before any password reset flow
Move up the call to sync the vault before attempting to collect a new master password. Ensures the master password policies are available.
* [AC-1070] Remove unused getAllPolicies method from policy api service
* [AC-1070] Fix missing enforceOnLogin copy in policy service
* [AC-1070] Include current master password on desktop/browser update password page templates
* [AC-1070] Check for forced password reset on account switch in Desktop
* [AC-1070] Rename WeakMasterPasswordOnLogin to WeakMasterPassword
* [AC-1070] Update AuthServiceInitOptions
* [AC-1070] Add None force reset password reason
* [AC-1070] Remove redundant ForcePasswordResetOptions class and replace with ForcePasswordResetReason enum
* [AC-1070] Rename ForceResetPasswordReason file
* [AC-1070] Simplify conditional
* [AC-1070] Refactor logic that saves password reset flag
* [AC-1070] Remove redundant constructors
* [AC-1070] Remove unnecessary state service call
* [AC-1070] Update master password policy component
- Use typed reactive form
- Use CL form components
- Remove bootstrap
- Update error component to support min/max
- Use Utils.minimumPasswordLength value for min value form validation
* [AC-1070] Cleanup leftover html comment
* [AC-1070] Remove overridden default values from MasterPasswordPolicyResponse
* [AC-1070] Hide current master password input in browser for admin password reset
* [AC-1070] Remove clientside user verification
* [AC-1070] Update temp password web component to use CL
- Use CL for form inputs in the Web component template
- Remove most of the bootstrap classes in the Web component template
- Use userVerificationService to build the password request
- Remove redundant current master password null check
* [AC-1070] Replace repeated user inputs email parsing helpers
- Update passwordStrength() method to accept an optional email argument that will be parsed into separate user inputs for use with zxcvbn
- Remove all other repeated getUserInput helper methods that parsed user emails and use the new passwordStrength signature
* [AC-1070] Fix broken login command after forcePasswordReset enum refactor
* [AC-1070] Reduce side effects in base login strategy
- Remove masterPasswordPolicy property from base login.strategy.ts
- Include an IdentityResponse in base startLogin() in addition to AuthResult
- Use the new IdentityResponse to parse the master password policy info only in the PasswordLoginStrategy
* [AC-1070] Cleanup password login strategy tests
* [AC-1070] Remove unused field
* [AC-1070] Strongly type postAccountVerifyPassword API service method
- Remove redundant verify master password response
- Use MasterPasswordPolicyResponse instead
* [AC-1070] Use ForceResetPassword.None during account switch check
* [AC-1070] Fix check for forcePasswordReset reason after addition of None
* [AC-1070] Redirect a user home if on the update temp password page without a reason
* [AC-1070] Use bit-select and bit-option
* [AC-1070] Reduce explicit form control definitions for readability
* [AC-1070] Import SelectModule in Shared web module
* [AC-1070] Add check for missing 'at' symbol
* [AC-1070] Remove redundant unpacking and null coalescing
* [AC-1070] Update passwordStrength signature and add jsdocs
* [AC-1070] Remove variable abbreviation
* [AC-1070] Restore Id attributes on form inputs
* [AC-1070] Clarify input value min/max error messages
* [AC-1070] Add input min/max value example to storybook
* [AC-1070] Add missing spinner to update temp password form
* [AC-1070] Add missing ids to form elements
* [AC-1070] Remove duplicate force sync and update comment
* [AC-1070] Switch backticks to quotation marks
---------
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* [AC-431] Add new organization invite process (#4841)
* [AC-431] Added properties 'key' and 'keys' to OrganizationUserAcceptRequest
* [AC-431] On organization accept added check for 'initOrganization' flag and send encrypt keys if true
* [AC-431] Reverted changes on AcceptOrganizationComponent and OrganizationUserAcceptRequest
* [AC-431] Created OrganizationUserAcceptInitRequest
* [AC-431] Added method postOrganizationUserAcceptInit to OrganizationUserService
* [AC-431] Created AcceptInitOrganizationComponent and added routing config. Added 'inviteInitAcceptedDesc' to messages
* [AC-431] Remove blank line
* [AC-431] Remove requirement for logging in again
* [AC-431] Removed accept-init-organization.component.html
* Update libs/common/src/abstractions/organization-user/organization-user.service.ts
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* [AC-431] Sending collection name when initializing an org
* [AC-431] Deleted component accept-init-organization and incorporated logic into accept-organization
* Update libs/common/src/abstractions/organization-user/organization-user.service.ts
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* [AC-431] Returning promise chains
* [AC-431] Moved ReAuth check to org accept only
* [AC-431] Fixed import issues
---------
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* [AC-434] Hide billing screen for reseller clients (#4955)
* [AC-434] Retrieving ProviderType for each Org
* [AC-434] Hide subscription details if user cannot manage billing
* [AC-434] Renamed providerType to provider-type
* [AC-434] Reverted change that showed Billing History and Payment Methods tabs
* [AC-434] Hiding Secrets Manager enroll
* [AC-434] Renamed Billing access variables to be more readable
* Apply suggestions from code review
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* [AC-434] Reduce duplication in permission code
* [AC-434] npm prettier
* [AC-434] Changed selfhost subscription permission
* [AC-434] Added canEditSubscription check for change plan buttons
* [AC-434] Removed message displaying provider name in subscription
* [AC-434] canEditSubscription logic depends on canViewSubscription
* [AC-434] Hiding next charge value for users without billing edit permission
* [AC-434] Changed canViewSubscription and canEditSubscription to be clearer
* [AC-434] Altered BillingSubscriptionItemResponse.amount and BillingSubscriptionUpcomingInvoiceResponse.amount to nullable
* [AC-434] Reverted change on BillingSubscriptionItemResponse.amount
---------
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* Updated IsPaidOrgGuard reference from org.CanManageBilling to canEditSubscription
---------
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
* [EC-974] feat: scaffold new vault-items component
* [EC-974] feat: add basic mocked data to story
* [EC-974] feat: add initial table version
* [EC-974] chore: split rows into separate components
* [EC-974] chore: rename item row to cipher row
* [EC-974] feat: create common vault item interface
* [EC-974] feat: use cdk virtual scrolling
* [EC-974] fix: tweak `itemSize`
* [EC-974] chore: move vault-items component to app/vault folder
* [EC-974] feat: initial support for extra column
* [EC-974] feat: start adding org badge
Having issues with modules import
* [EC-974] feat: add working owner column on collections row
* [EC-974] feat: add owner to ciphers
* [EC-974] fix: org name badge bugs when reused
* [EC-974] feat: fix and translate columns
* [EC-974] feat: allow collections to be non-editable
* [EC-974] feat: use data source
* [EC-974] fix: remove profile name from vault items
* [EC-974] feat: add events
* [EC-974] feat: add support for copy event
* [EC-974] feat: add support for collections column
* [EC-974] feat: add support for group badges
* [EC-974] chore: rename for consistency
* [EC-974] feat: change story to use template
* [EC-974] feat: add support for launching
* [EC-974] feat: add support for attachements
* [EC-974] feat: add stories for all use-cases
* [EC-974] feat: add support for cloning
* [EC-974] feat: add support for moving to organization
* [EC-974] feat: add support for editing cipher collections
* [EC-974] feat: add support for event logs
* [EC-974] feat: add support for trash/delete/restore
* [EC-974] feat: add support for editing collections
* [EC-974] feat: add support for access and delete collections
* [EC-974] feat: don't show menu if it's empty
* [EC-974] feat: initial buggy implementation of selection
* [EC-974] feat: implement bulk move
* [EC-974] feat: add support for bulk moving to org
* [EC-974] feat: add support for bulk restore
* [EC-974] feat: add support for bulk delete
* [EC-974] feat: add ability to disable the table
* [EC-974] feat: create new filter function based on routed model
* [EC-974] wip: start replacing vault items component
* [EC-974] feat: add support for fetching ciphers
* [EC-974] feat: hide trash by default
* [EC-974] feat: add support for the rest of the data
* [EC-974] feat: implement organization filtering using org badge
* [EC-974] feat: fix navigation to "my vault"
* [EC-974] feat: don't show bulk move options when filtering on org items
* [EC-974] feat: prepare for disabling table
* [EC-974] fix: add missing router link to collections
* [EC-974] feat: connect all outputs
* [EC-974] fix: list not properly refreshing after delete
* [EC-974] feat: limit selection to top 500 items
* [EC-974] feat: implement refresh tracker
* [EC-974] feat: use refresh tracker to disable vault items
* [EC-974] feat: add empty list message
* [AC-974] feat: add initial load with spinner and fix empty -> show list bug
* [EC-974] feat: replace action promise with simple loading boolean
* [EC-974] feat: refactor individual vault header
* [EC-974] feat: cache and make observables long lived
* [EC-974] feat: implement searching
* [EC-974] feat: add support for showing collections
* [EC-974] feat: add ciphers to org vault list
* [EC-974] feat: show group column
* [EC-974] feat: tweak settings for org vault
* [EC-974] feat: implement search using query params
* [EC-974] feat: add support for events that are common with individual vault
* [EC-974] feat: add support for all events
* [EC-974] feat: add support for empty list message and no permission message
* [EC-974] feat: always show table
* [EC-974] feat: fix layout issues due to incorrect row height
* [EC-974] feat: disable list if empty
* [EC-974] feat: improve sync handling
* [EC-974] feat: improve initial loading sequence
* [EC-974] feat: improve initial load sequence in org vault
* [EC-974] refactor: simplify and optimize data fetching
* [EC-974] feat: use observables from org service
* [EC-974] feat: refactor org vault header
* [EC-974] fix: data not refreshing properly
* [EC-974] fix: avoid collection double fetching
* [EC-974] chore: clean up refresh tracker
* [EC-974] chore: clean up old vault-items components
* [EC-974] chore: clean up old code in vault component
* [EC-974] fix: reduce rows in story
The story ends up too big for chromatic.
* [EC-974] docs: tweak and typo fixes of asyncToObservable docs comment
* [EC-974] fix: `attachements` typo
* [EC-974] chore: remove review question comment
* [EC-974] chore: remove unused `securityCode` if statement
* [EC-974] fix: use `takeUntill` for legacy dialogs
* [EC-974] fix: use CollectionDialogTabType instead of custom strings
* [EC-974] fix: copy implementation
* [EC-974] fix: use `useTotp` to check for premium features
* [EC-974] fix: use `tw-sr-only`
* [EC-974] chore: remove unecessary eslint disable
* [EC-974] fix: clarify vault item event naming
* [EC-974] fix: remove `new` from `app-new-vault-items`
* [EC-974] fix: collection row not disabled during loading
* [EC-974] chore: simplify router links without path changes
* [EC-974] feat: invert filter function to get rid of `cipherPassesFilter`
* [EC-974] fix: move `NestingDelimiter` to collection view
Nesting is currently only a presentational construct, and the concept does not exist in our domain.
* [EC-974] fix: org vault header not updating when switching org
* [EC-974] fix: table sizing jumping around
* [EC-974] fix: list not refreshing after restoring item
* [EC-974] fix: re-add missing unassigned collection
* [EC-974] fix don't show new item button in unassigned collection
* [EC-974] fix: navigations always leading to individual vault
* [EC-974] fix: remove checkbox when collections are not editable
* [EC-974] fix: null reference blocking collections from refreshing after delete
* [EC-974] fix: don't show checbox for collections that user does not have permissions to delete
* [EC-974] fix: navigate away from deleted folder
* [EC-974] chore: clean up un-used output
* [EC-974] fix: org badge changing color randomly
* [EC-974] fix: lint issues after merge
* [EC-974] fix: lower amount of ciphers in story
chromatic doesn't like large snapshots
* [EC-974] fix: "all collections" not taking `organizationId` filter into account
* [EC-974] fix: make sure unassigned appears in table too
* [EC-974] feat: add unassigned to storybook
* [EC-974] fix: forced row height not being applied properly
* [EC-974] fix: hopefully fix table jumping once and for all
* [EC-974] fix: attachemnts getting hidden
* [EC-974] feat: extract collection editable logic to parent component
* [EC-974] feat: separately track editable items
* [EC-974] feat: optimize permission checks
* [EC-974] fix: bulk menu hidden on chrome
:lolcry:
* [EC-974] fix: don't show groups column if org doesnt use groups
* [EC-974] feat: make entire row clickable
* [EC-974] fix: typo resulting in non-editable collections
* Prefer callback over error-flow to prompt for password
Remove error-flow to request file password
Prefer callback, which has to be provided when retrieving/creating an instance.
Delete ImportError
Call BitwardenPasswordProtector for all Bitwarden json imports, as it extends BitwardenJsonImporter
Throw errors instead of returning
Return ImportResult
Fix and extend tests import.service
Replace "@fluffy-spoon/substitute" with "jest-mock-extended"
* Fix up test cases
Delete bitwarden-json-importer.spec.ts
Add test case to ensure bitwarden-json-importer.ts is called given unencrypted or account-protected files
* Move file-password-prompt into dialog-folder
* Add import success dialog
* Fix typo
* Only list the type when at least one got imported
* update copy based on design feedback
* Remove unnecessary /index import
* Remove promptForPassword_callback from interface
PR feedback from @MGibson1 that giving every importer the ability to request a password is unnecessary. Instead, we can pass the callback into the constructor for every importer that needs this functionality
* Remove unneeded import of BitwardenJsonImporter
* Fix spec constructor
* Fixed organizational import
Added an else statement, or else we'd import into an org and then also import into an individual vault
* fix: renamed to billing sync token
* Use translated string
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
---------
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Prevent rerouting to dispaly modal message, and refactored components where thsi was used
* Added upgrade badge to organization reports view
* created guard to prevent free organization users from accessing reports
* Added isUpgradeRequired getter to organization class
* Modifiewd reports home to pass upgrade badge and add new guard to organization reports module
* Fixed routing bug when routing to billing subscription page
* Refactored to use async pipe and observables
* Renamed getter name to be more descriptive
* Removed checkAccess from reports
* Renamed guard
* Removed unused variables
* Lint fix
* Lint fix
* prettier fix
* Corrected organiztion service reference
* Moved homepage to ngonInit
* [PM-1629] Update the upgrade dialog for users without billing rights (#5102)
* Show dialog with description when user does not have access to the billing page
* switched conditions to nested if to make the logic clearer
* Split out api methods into sendApiService
* Move SendService and abstraction
* Libs updates
* Web updates
* CLI updates
* Desktop updates
* libs send service fixes
* browser factory additions
* Browser updates
* Fix service injection for CLI SendReceiveCommand
* Deprecate directly calling send state service methods
* SendService observables updates
* Update components to use new observables
* Modify CLI to use state service instead of observables
* Remove unnecessary await on get()
* Move delete() to InternalSendService
* SendService unit tests
* Split fileUploadService by send and cipher
* send and cipher service factory updates
* Add file upload methods to get around circular dependency issues
* Move api methods from sendService to sendApiService
* Update cipherService to use fileApi methods
* libs service injection and component changes
* browser service injection and component changes
* Desktop component changes
* Web component changes
* cipher service test fix
* Fix file capitalization
* CLI service import and command updates
* Remove extra abstract fileUploadService
* WIP: Condense callbacks for file upload
Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
* Send callbacks for file upload
* Fix circular service dependencies
* Fix response return on upload
* Fix function definitions
* Service injection fixes and bug fixes
* Fix folder casing
* Service injection cleanup
* Remove deleted file from capital letters whitelist
* Create new SendApiService for popup
* Move cipherFileUploadService to vault
* Move SendFileUploadService methods into SendApiService
* Rename methods to remove 'WithServer'
* Properly subscribe to sendViews
* Fix Send serialization
* Implement fromJSON on sendFile and sendText
* [PM-1347] Fix send key serialization (#4989)
* Properly serialize key on send fromJSON
* Remove call that nulled out decrypted sends
* Fix null checks in fromJSON methods for models
* lint fixes
---------
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* [PM-108] Fingerprint is calculated based on pubKey
* [PM-108] Change userId to userEmail. Remove fingerprint from AuthResponse
* [PM-130][PM-107] Remove fingerprint from request and clients UI
* Create and register new libs/importer
Create package.json
Create tsconfig
Create jest.config
Extend shared and root tsconfig and jest.configs
Register with eslint
* Move importer-related files to libs/importer
* Move importer-spec-related files to libs/importer
Move import.service.spec
* Update package-lock.json
* Set CODEOWNERS for new libs/importer
* Register libs/importer with cli and fix imports
* Register libs/importer with web and fix imports
* Move importOption into models
Rename importOptions to import-options
* Fix linting issues after updating prettier
* Only expose necessary files from libs/importer
Fix tsconfig files
- Removes the trailing /index on imports in web/cli
As the spec-files no longer can access the internals via @bitwarden/importer they import by path (../src/importers)
* Add barrel files to vendors with more than one importer