1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-12-04 13:44:00 +01:00
Commit Graph

112 Commits

Author SHA1 Message Date
Shane Melton
0afbd90a2d
[AC-1192] Create new device approvals component for TDE (#5548)
* Add feature flag route guard and tests

* Add additional test for not showing error toast

* Strengthen error toast test with message check

* Cleanup leaking test state in platformService mock

* Negate if statement to reduce nesting

* Update return type to CanActivateFn

* Use null check instead of undefined

* Introduce interface to support different feature flag types

- Switch to observable pattern to access serverConfig$ subject
- Add catchError handler to allow navigation in case of unexpected exception
- Add additional tests

* Add additional test for missing feature flag

* Remove subscription to the serverConfig observable

Introduce type checking logic to determine the appropriately typed flag getter to use in configService

* [AC-1192] Create initial device approvals component and route

* [AC-1192] Introduce appIfFeature directive for conditionally rendering content based on feature flags

* [AC-1192] Add DeviceApprovals link in Settings navigation

* Remove align middle from bitCell directive

The bitRow directive supports alignment for the entire row and should be used instead

* [AC-1192] Add initial device approvals page template

* [AC-1192] Introduce fingerprint pipe

* [AC-1192] Create core organization module in bitwarden_license directory

* [AC-1192] Add support for new Devices icon to no items component

- Add new Devices svg
- Make icon property of bit-no-items an Input property

* [AC-1192] Introduce organization-auth-request.service.ts with related views/responses

* [AC-1192] Display pending requests on device approvals page

- Add support for loading spinner and no items component

* [AC-1192] Add method to bulk deny auth requests

* [AC-1192] Add functionality to deny requests from device approvals page

* [AC-1192] Add organizationUserId to pending-auth-request.view.ts

* [AC-1192] Add approvePendingRequest method to organization-auth-request.service.ts

* [AC-1192] Add logic to approve a device approval request

* [AC-1192] Change bitMenuItem directive into a component and implement ButtonLikeAbstraction

Update the bitMenuItem to be a component and implement the ButtonLikeAbstraction to support the bitAction directive.

* [AC-1192] Update menu items to use bitActions

* [AC-1192] Update device approvals description copy

* [AC-1192] Revert changes to bitMenuItem directive

* [AC-1192] Rework menus to use click handlers

- Wrap async actions to catch/log any exceptions, set an in-progress state, and refresh after completion
- Show a loading spinner in the header when an action is in progress
- Disable all menu items when an action is in progress

* [AC-1192] Move Devices icon into admin-console web directory

* [AC-1192] bit-no-items formatting

* [AC-1192] Update appIfFeature directive to hide content on error

* [AC-1192] Remove deprecated providedIn for OrganizationAuthRequestService

* [AC-1192] Rename key to encryptedUserKey to be more descriptive

* [AC-1192] Cleanup loading/spinner logic on data refresh

* [AC-1192] Set middle as the default bitRow.alignContent

* [AC-1192] Change default alignRowContent for table story

* [AC-1192] Rename userId to fingerprintMaterial to be more general

The fingerprint material is not always the userId so this name is more general

* [AC-1192] Remove redundant alignContent attribute

* [AC-1192] Move fingerprint pipe to platform
2023-06-15 14:53:21 -07:00
Will Martin
f913d8b6be
[SM-749] Redirect to SA list if SA isn't found (#5511)
* redirect if SA isn't found

* refactor to use getByServiceAccountId

* add error toasts
2023-06-05 10:40:41 -04:00
Rui Tomé
dea4c6858f
[AC-1077] Update "Master Password Reset" policy copy (#5463)
* [AC-1077] Renamed "Master password reset" policy to "Account recovery administration"

* [AC-1077] Updated copy in TDE SSO option in configuration page to “Account Recovery Administration policy”

* [AC-1077] Updated “Reset password” action and modal to “Recover account”

* [AC-1077] Changed event message for user updating temporary password issued through account recovery

* [AC-1077] Renamed 'password reset' enrollment to 'account recovery'

* [AC-1077] Updated key names for messages that were modified for Account Recovery policy copy
2023-06-01 08:57:30 +01:00
Thomas Avery
2f44b9b0dd
[SM-628] Add trim validator to SM dialogs (#4993)
* Add trim validator to SM dialogs

* Swap to creating a generic component

* Swap to BitValidators.trimValidator

* Fix storybook

* update validator to auto trim whitespace

* update storybook copy

* fix copy

* update trim validator to run on submit

* add validator to project name in secret dialog; update secret name validation to on submit

---------

Co-authored-by: William Martin <contact@willmartian.com>
2023-05-30 18:52:02 -04:00
André Bispo
b9fe78796a
[PM-1019] Environment selection clients (#5480)
* [PM-169][PM-142][PM-191] Add Environments to Web and Desktop (#5294)

* [PM-1351] Add property to server-config.response. Change config to be able to fetch without being authed.

* [PM-1351] fetch every hour.

* [PM-1351] fetch on vault sync.

* [PM-1351] browser desktop fetch configs on sync complete.

* [PM-1351] Add methods to retrieve feature flags

* [PM-1351] Add enum to use as key to get values feature flag values

* [PM-1351] Remove debug code

* [PM-1351] Get flags when unauthed. Add enums as params. Hourly always fetch.

* [PM-1351] add check for authed user using auth service

* [PM-169] Web: add drop down to select environment

* [PM-169] Fix pop up menu margins. Add DisplayEuEnvironmentFlag.

* [PM-169] Change menu name.

* [PM-169] Add environment selector ts and html. Add declaration and import on login.module

* [PM-169] Add environment selector to desktop.

* [PM-169] Ignore lint error.

* [PM-169] add takeUntil to subscribes

* [PM-191] PR Fixes, code format

* [PM-168] Add Environments to extension login/registration (#5434)
2023-05-19 17:35:42 +01:00
Shane Melton
bcda04ee86
[AC-358] SelfHosted update subscription page (#5101)
* [AC-358] Add selfHostSubscriptionExpiration property to organization-subscription.response.ts

* [AC-358] Update selfHost org subscription template

- Replace "Subscription" with "SubscriptionExpiration"
- Add question mark help link
- Add helper text for grace period
- Add support for graceful fallback in case of missing grace period in subscription response

* Update libs/common/src/billing/models/response/organization-subscription.response.ts

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [AC-358] Remove unnecessary hypen

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [AC-358] Introduce SelfHostedOrganizationSubscription view
- Encapsulate expiration/grace period logic in the new view object.
- Remove API response getters from the angular component
- Replace the API response object with the new view

* [AC-358] Clarify name for new expiration without grace period field

* [AC-358] Update constructor parameter name

* [AC-358] Simplify new selfhost subscription view

- Make expiration date properties public
- Remove obsolete expiration date getters
- Update the component to use new properties
- Add helper to component for determining if the subscription should be rendered as expired (red text)

* [AC-358] Rename isExpired to isExpiredAndOutsideGracePeriod to be more explicit

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2023-05-15 07:38:53 -07:00
Shane Melton
ab4d8df2ae
[AC-1145] Add trusted devices option to encryption settings on sso config (#5383)
* [AC-1145] Add TDE feature flag

* [AC-1145] Update sso-config to use new member decryption type and remove keyConnectorEnabled

* [AC-1145] Add new TDE option to SSO config form and update to CL radio buttons

* [AC-1145] Update checkboxes to CL checkboxes

* [AC-1145] Fix messages.json warning

* [AC-1145] Update to new form async actions

* [AC-1145] Modify key connector option display logic to check for TDE feature flag

* [AC-1145] Remove obsolete app-checkbox component

* [AC-1145] Update TDE option description to refer to master password reset policy
2023-05-10 12:51:56 -07:00
Robyn MacCallum
8dc7ead853
Add more descriptive titles for web vault rows (#5404)
* Add more descriptive titles for web vault rows

* Swap example strings
2023-05-09 14:03:31 -04:00
cd-bitwarden
e97390ba3f
[SM-664] Checking if the user has selected access tokens to revoke, if not err… (#5299)
* Checking if the user has selected access tokens to revoke, if not error message

* change messaging

* SM-664: Refactor revoke function and make the bwi-minus-circle red

---------

Co-authored-by: Colton Hurst <colton@coltonhurst.com>
2023-05-09 09:56:17 -04:00
SmithThe4th
50eea96ec5
[PM-1699] Updated low kdf iterations warning (#5170)
* updated low ksf iterations warning

* Removed test implementation

* Removed unused translation and updated key

* Enabled low kdf on this branch for testing

* Removed duplicate showKdf initialiazation

* [PM-1700] Put KDF warning behind a LaunchDarkly Feature Flag (#5308)

* Added feature flag for low kdf iteration

* Added feature flag implementation to component

* Renamed feature flag to align with what is setup on LaunchDarkly
2023-05-04 09:46:12 -04:00
Jonathan Prusik
d3efcd9279
add aria-label to account button (#5338) 2023-05-03 11:39:39 -04:00
Thomas Avery
208e3f30b4
[SM-670] Restrict UI actions based on user permission (#5090)
* Restrict UI actions based on user permission

* Swap to hiding bulk option without permission

* Fix read/write assignment in project service

* Filter projects based on permission in dialog

* Fix encryption error for updating secret result

* Fix spinner (#5182)

* Swap to bit-no-items

* [SM-699] Projects bulk delete - add bulk confirmation dialog (#5200)

* Add bulk confirmation dialog

* Code review updates

* Code review - load projects

* code review - swap to observable

* Code review - remove oninit
2023-04-26 13:09:30 -05:00
Shane Melton
07c2c2af20
[AC-1070] Enforce master password policy on login (#4795)
* [EC-1070] Introduce flag for enforcing master password policy on login

* [EC-1070] Update master password policy form

Add the ability to toggle enforceOnLogin flag in web

* [EC-1070] Add API method to retrieve all policies for the current user

* [EC-1070] Refactor forcePasswordReset in state service to support more options

- Use an options class to provide a reason and optional organization id
- Use the OnDiskMemory storage location so the option persists between the same auth session

* [AC-1070] Retrieve single master password policy from identity token response

Additionally, store the policy in the login strategy for future use

* [EC-1070] Introduce master password evaluation in the password login strategy

- If a master password policy is returned from the identity result, evaluate the password.
- If the password does not meet the requirements, save the forcePasswordReset options
- Add support for 2FA by storing the results of the password evaluation on the login strategy instance
- Add unit tests to password login strategy

* [AC-1070] Modify admin password reset component to support update master password on login

- Modify the warning message to depend on the reason

- Use the forcePasswordResetOptions in the update temp password component

* [EC-1070] Require current master password when updating weak mp on login

- Inject user verification service to verify the user
- Conditionally show the current master password field only when updating a weak mp. Admin reset does not require the current master password.

* [EC-1070] Implement password policy check during vault unlock

Checking the master password during unlock is the only applicable place to enforce the master password policy check for SSO users.

* [EC-1070] CLI - Add ability to load MP policies on login

Inject policyApi and organization services into the login command

* [EC-1070] CLI - Refactor update temp password logic to support updating weak passwords

- Introduce new shared method for collecting a valid and confirmed master password from the CLI and generating a new encryption key
- Add separate methods for updating temp passwords and weak passwords.
- Utilize those methods during login flow if not using an API key

* [EC-1070] Add route guard to force password reset when required

* [AC-1070] Use master password policy from verify password response in lock component

* [EC-1070] Update labels in update password component

* [AC-1070] Fix policy service tests

* [AC-1070] CLI - Force sync before any password reset flow

Move up the call to sync the vault before attempting to collect a new master password. Ensures the master password policies are available.

* [AC-1070] Remove unused getAllPolicies method from policy api service

* [AC-1070] Fix missing enforceOnLogin copy in policy service

* [AC-1070] Include current master password on desktop/browser update password page templates

* [AC-1070] Check for forced password reset on account switch in Desktop

* [AC-1070] Rename WeakMasterPasswordOnLogin to WeakMasterPassword

* [AC-1070] Update AuthServiceInitOptions

* [AC-1070] Add None force reset password reason

* [AC-1070] Remove redundant ForcePasswordResetOptions class and replace with ForcePasswordResetReason enum

* [AC-1070] Rename ForceResetPasswordReason file

* [AC-1070] Simplify conditional

* [AC-1070] Refactor logic that saves password reset flag

* [AC-1070] Remove redundant constructors

* [AC-1070] Remove unnecessary state service call

* [AC-1070] Update master password policy component

- Use typed reactive form
- Use CL form components
- Remove bootstrap
- Update error component to support min/max
- Use Utils.minimumPasswordLength value for min value form validation

* [AC-1070] Cleanup leftover html comment

* [AC-1070] Remove overridden default values from MasterPasswordPolicyResponse

* [AC-1070] Hide current master password input in browser for admin password reset

* [AC-1070] Remove clientside user verification

* [AC-1070] Update temp password web component to use CL

- Use CL for form inputs in the Web component template
- Remove most of the bootstrap classes in the Web component template
- Use userVerificationService to build the password request
- Remove redundant current master password null check

* [AC-1070] Replace repeated user inputs email parsing helpers

- Update passwordStrength() method to accept an optional email argument that will be parsed into separate user inputs for use with zxcvbn
- Remove all other repeated getUserInput helper methods that parsed user emails and use the new passwordStrength signature

* [AC-1070] Fix broken login command after forcePasswordReset enum refactor

* [AC-1070] Reduce side effects in base login strategy

- Remove masterPasswordPolicy property from base login.strategy.ts
- Include an IdentityResponse in base startLogin() in addition to AuthResult
- Use the new IdentityResponse to parse the master password policy info only in the PasswordLoginStrategy

* [AC-1070] Cleanup password login strategy tests

* [AC-1070] Remove unused field

* [AC-1070] Strongly type postAccountVerifyPassword API service method

- Remove redundant verify master password response
- Use MasterPasswordPolicyResponse instead

* [AC-1070] Use ForceResetPassword.None during account switch check

* [AC-1070] Fix check for forcePasswordReset reason after addition of None

* [AC-1070] Redirect a user home if on the update temp password page without a reason

* [AC-1070] Use bit-select and bit-option

* [AC-1070] Reduce explicit form control definitions for readability

* [AC-1070] Import SelectModule in Shared web module

* [AC-1070] Add check for missing 'at' symbol

* [AC-1070] Remove redundant unpacking and null coalescing

* [AC-1070] Update passwordStrength signature and add jsdocs

* [AC-1070] Remove variable abbreviation

* [AC-1070] Restore Id attributes on form inputs

* [AC-1070] Clarify input value min/max error messages

* [AC-1070] Add input min/max value example to storybook

* [AC-1070] Add missing spinner to update temp password form

* [AC-1070] Add missing ids to form elements

* [AC-1070] Remove duplicate force sync and update comment

* [AC-1070] Switch backticks to quotation marks

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2023-04-17 07:35:37 -07:00
Jake Fink
fbbaf10488
[AC-1045] add action to vault timeout policy (#4782) 2023-04-15 00:11:33 +01:00
Rui Tomé
e3f31ac741
[AC-1081] Merge feature/billing-obfuscation (#5172)
* [AC-431] Add new organization invite process (#4841)

* [AC-431] Added properties 'key' and 'keys' to OrganizationUserAcceptRequest

* [AC-431] On organization accept added check for 'initOrganization' flag and send encrypt keys if true

* [AC-431] Reverted changes on AcceptOrganizationComponent and OrganizationUserAcceptRequest

* [AC-431] Created OrganizationUserAcceptInitRequest

* [AC-431] Added method postOrganizationUserAcceptInit to OrganizationUserService

* [AC-431] Created AcceptInitOrganizationComponent and added routing config. Added 'inviteInitAcceptedDesc' to messages

* [AC-431] Remove blank line

* [AC-431] Remove requirement for logging in again

* [AC-431] Removed accept-init-organization.component.html

* Update libs/common/src/abstractions/organization-user/organization-user.service.ts

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [AC-431] Sending collection name when initializing an org

* [AC-431] Deleted component accept-init-organization and incorporated logic into accept-organization

* Update libs/common/src/abstractions/organization-user/organization-user.service.ts

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [AC-431] Returning promise chains

* [AC-431] Moved ReAuth check to org accept only

* [AC-431] Fixed import issues

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [AC-434] Hide billing screen for reseller clients (#4955)

* [AC-434] Retrieving ProviderType for each Org

* [AC-434] Hide subscription details if user cannot manage billing

* [AC-434] Renamed providerType to provider-type

* [AC-434] Reverted change that showed Billing History and Payment Methods tabs

* [AC-434] Hiding Secrets Manager enroll

* [AC-434] Renamed Billing access variables to be more readable

* Apply suggestions from code review

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* [AC-434] Reduce duplication in permission code

* [AC-434] npm prettier

* [AC-434] Changed selfhost subscription permission

* [AC-434] Added canEditSubscription check for change plan buttons

* [AC-434] Removed message displaying provider name in subscription

* [AC-434] canEditSubscription logic depends on canViewSubscription

* [AC-434] Hiding next charge value for users without billing edit permission

* [AC-434] Changed canViewSubscription and canEditSubscription to be clearer

* [AC-434] Altered BillingSubscriptionItemResponse.amount and BillingSubscriptionUpcomingInvoiceResponse.amount to nullable

* [AC-434] Reverted change on BillingSubscriptionItemResponse.amount

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>

* Updated IsPaidOrgGuard reference from org.CanManageBilling to canEditSubscription

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2023-04-14 11:14:18 +01:00
Thomas Rittson
94db1db432
[AC-1233] Fix description of auto-fill on page load policy (#5161) 2023-04-07 07:55:55 +10:00
Daniel James Smith
cf2d8b266a
[PM-1071] Display import-details-dialog on successful import (#4817)
* Prefer callback over error-flow to prompt for password

Remove error-flow to request file password
Prefer callback, which has to be provided when retrieving/creating an instance.
Delete ImportError
Call BitwardenPasswordProtector for all Bitwarden json imports, as it extends BitwardenJsonImporter
Throw errors instead of returning
Return ImportResult
Fix and extend tests import.service
Replace "@fluffy-spoon/substitute" with "jest-mock-extended"

* Fix up test cases

Delete bitwarden-json-importer.spec.ts
Add test case to ensure bitwarden-json-importer.ts is called given unencrypted or account-protected files

* Move file-password-prompt into dialog-folder

* Add import success dialog

* Fix typo

* Only list the type when at least one got imported

* update copy based on design feedback

* Remove unnecessary /index import

* Remove promptForPassword_callback from interface

PR feedback from @MGibson1 that giving every importer the ability to request a password is unnecessary. Instead, we can pass the callback into the constructor for every importer that needs this functionality

* Remove unneeded import of BitwardenJsonImporter

* Fix spec constructor

* Fixed organizational import

Added an else statement, or else we'd import into an org and then also import into an individual vault
2023-04-06 22:41:09 +02:00
SmithThe4th
b79554a13b
[PM-283] Fix Reports UI behavior for premium and free users (#4926)
* Prevent rerouting to dispaly modal message, and refactored components where thsi was used

* Added upgrade badge to organization reports view

* created guard to prevent free organization users from accessing reports

* Added isUpgradeRequired getter to organization class

* Modifiewd reports home to pass upgrade badge and add new guard to organization reports module

* Fixed routing bug when routing to billing subscription page

* Refactored to use async pipe and observables

* Renamed getter name to be more descriptive

* Removed checkAccess from reports

* Renamed guard

* Removed unused variables

* Lint fix

* Lint fix

* prettier fix

* Corrected organiztion service reference

* Moved homepage to ngonInit

* [PM-1629] Update the upgrade dialog for users without billing rights (#5102)

* Show dialog with description when user does not have access to the billing page

* switched conditions to nested if to make the logic clearer
2023-03-30 16:27:03 -04:00
Andreas Coroiu
7e905d518b
[AC-471] Cloud update subscription page (#4897)
* [AC-471] feat: update copy

* [AC-471] feat: change text color when expired

* [AC-471] feat: remove charge amount
2023-03-24 09:39:22 +01:00
Thomas Avery
57b5d93ecb
update sa delete message (#5000) 2023-03-17 15:51:28 -05:00
Oscar Hinton
c2edc0fd0a
[SM-626] Change create access token to new access token (#4992) 2023-03-17 18:33:57 +01:00
Daniel James Smith
ca0a525895
Remove "Mir" CC brand option (#5011) 2023-03-16 13:14:49 +01:00
Jake Fink
7892834f97
[AC-1046] activate autofill on page load policy (#4860)
* [EC-1046] add activate autofill policy to web

* [EC-1046] add local setting if policy needs to be set

* [AC-1046] activate autofill on page load if flag exists

* [AC-1046] move activation to current tab page

* [AC-1046] add warning to autofill policy

* [AC-1046] add useActivateAutofillPolicy to organization reponse

* [AC-1046] autofill to auto-fill
2023-03-10 12:52:43 -05:00
Brandon Maharaj
0c84fcbcef
[SG-1016] Move MP confirmation to modal for encryptions settings changes (#4762)
* work: moving the form

* fix: lint do be crazy sometimes

* fix: remove debug stuff

* fix: dialogService

* per Danielle Flinn: option 1, leave sizing wide.

* work: move modules to own container

* work: reorg modules

---------

Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2023-03-09 23:54:11 -05:00
cd-bitwarden
6971c3dca2
[SM-401] Adding the ability to edit service account name (#4845)
* Adding the ability to edit service account name

* Update bitwarden_license/bit-web/src/app/secrets-manager/service-accounts/service-accounts-list.component.html

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>

* Suggested Updates

* removing unecessary messages

* Adding back messages.json entry, updating API Call

* fix

* Update bitwarden_license/bit-web/src/app/secrets-manager/service-accounts/service-account.service.ts

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>

* Update bitwarden_license/bit-web/src/app/secrets-manager/service-accounts/models/requests/service-account-update.request.ts

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>

* Update bitwarden_license/bit-web/src/app/secrets-manager/service-accounts/dialog/service-account-dialog.component.ts

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>

* Fixing endpoints after Server side change

* changes

* updates

* adding loading notification

* adding description to message

* Update bitwarden_license/bit-web/src/app/secrets-manager/service-accounts/service-accounts-list.component.html

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Thomas's suggested changes

* reorder list

---------

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2023-03-08 15:50:23 -05:00
Oscar Hinton
fbd0d41b51
[SM-568] Delete service accounts (#4881) 2023-03-06 20:25:06 +01:00
Thomas Avery
c711312fee
[SM-581] User access removal warnings (#4904)
* init refactor

* Fix current user access checks

* Add in warning dialogs that are aware of other APs

* cleanup handlers; refresh sa list on removal

* Code review updates

* [SM-580] Add warning dialog for Service account People tab (#4893)

* Add warning dialog from figma

* move dialog out of access selector component; add after delete event; remove people-sa logic

* remove commented code and unused service

* Updates to work with SM-581

---------

Co-authored-by: William Martin <contact@willmartian.com>

---------

Co-authored-by: William Martin <contact@willmartian.com>
2023-03-06 11:32:02 -06:00
Oscar Hinton
7736a981e7
[SM-589][SM-592] Remove router reuse hack (#4913)
* Remove router reuse hack

* Add AuthGuard

* Change to distinctUntilChanged

* Extract show logic
2023-03-03 15:28:59 +01:00
Thomas Rittson
f7618e180a
Fix duplicate success toast on license upload (#4820) 2023-03-03 10:14:25 +10:00
Colton Hurst
f80e9cfafd
SM-534: Update delete project toast text (#4902) 2023-03-02 10:12:34 -05:00
Maximilian Power
ce6c975dd9
[SM-489] Added descriptions for all SM related strings (#4692)
* added descriptions for all SM related strings

* rm trailing comma

* Updated descriptions based on feedback

* Update messages.json

* Update messages.json

* Reorder prompts

---------

Co-authored-by: maxkpower <mpower@bitwarden.com>
Co-authored-by: patrick-bitwarden <pbehforrest@bitwarden.com>
Co-authored-by: Patrick <94560851+patrick-bitwarden@users.noreply.github.com>
2023-03-01 11:49:36 -05:00
cd-bitwarden
abbfb0696f
removing Write only (#4884) 2023-02-28 18:15:39 -05:00
Oscar Hinton
6348269a1a
[SM-352] Projects tab for service accounts (#4858)
* Init service layer changes

* refactor service to inherit abstract

* refactor access-selector component

* update access selector in projects

* add service accounts access selector

* update i18n

* fix delete action; use useExisting in providers

* update static permissions

* service account people should be readwrite on creation

* use setter instead of observable input

* remove warning callout

* remove abstract service

* truncate name in table

* remove extra comments

* Add projects access policy page

* Add locale

* use map instead of forEach

* refactor view factories

* update SA people copy

* map list responses

* Swap to using granted policies endpoints

* Remove text-xl from icon

---------

Co-authored-by: Thomas Avery <tavery@bitwarden.com>
Co-authored-by: William Martin <contact@willmartian.com>
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2023-02-28 09:31:19 -06:00
Thomas Avery
84aa7fffd7
[SM-474] Service Account - People Tab (#4689)
* Init service layer changes

* refactor service to inherit abstract

* refactor access-selector component

* update access selector in projects

* add service accounts access selector

* update i18n

* fix delete action; use useExisting in providers

* update static permissions

* service account people should be readwrite on creation

* use setter instead of observable input

* remove warning callout

* remove abstract service

* truncate name in table

* remove extra comments

* use map instead of forEach

* refactor view factories

* update SA people copy

* map list responses

---------

Co-authored-by: William Martin <contact@willmartian.com>
2023-02-27 09:43:06 -06:00
Oscar Hinton
a643074709
[SM-389] Event log for service account (#4679) 2023-02-24 16:44:24 +01:00
Carlos Gonçalves
30a66a9f65
Master password security checks - web (#4799)
* [SG-571][SG-572][SG-573][SG-574] Master password change (web vault) (#4635)

* SG-571 Add option to check master password breach

* SG-571 Fix lint errors

* SG-572 SG-573 SG-574 Add logic for leaked password

* SG-571 Show error when new password equals hint

* SG-571 Minor changes

* SG-571 Undo changes

* [SG-457][SG-553][SG-554][SG-555][SG-761] Master password security update - account creation (web) (#4672)

* SG-571 Add option to check master password breach

* SG-571 Fix lint errors

* SG-572 SG-573 SG-574 Add logic for leaked password

* SG-571 Show error when new password equals hint

* SG-571 Minor changes

* SG-761 Improve copy on master password

* SG-571 Undo changes

* SG-457 Add option to check for password leak

* SG-457 Updated master password hint copy

* SG-457 Hide minimum char message when joining org

* SG-457 Added missing changes from last commit

* SG-457 Fixed minimum length

* SG-457 Updated message with dynamic minimum length

* SG-457 Set checkForBreaches to true by default
2023-02-23 15:15:45 +00:00
Oscar Hinton
3305c808d1
[SM-396] Self-enroll Secrets Manager (#4666) 2023-02-21 18:24:55 +01:00
Will Martin
581f69256d
[SM-453] user onboarding component (#4707)
* wip onboarding component

* fix button type

* remove dismiss button

* add completion logic

* update styles; add download cli section; add click logic; add loading spinner

* update i18n

* update icons; rearrange items; fix import item logic

* add complete i18n

* fix reactivity

* move visibility logic into presentational component

* add button type

* apply code reviews

* add loading spinner to page

* onboarding dismissal should persist when switching orgs

* add workaround for inconsistent icon size

* fix full storybook

* apply code review; update stories
2023-02-21 11:25:41 -05:00
Colton Hurst
d11f03cb78
SM-281: Secrets Manager Trash (#4730)
* SM-281: Initial commit with trash component setup

* SM-281: Customize secrets list component, add ability to hard delete secrets

* SM-281: Add support for restoring secrets in SM

* SM-281: restoreSecret emit values as an array

* SM-281: Fix bug caused by mistake when doing merge conflict resolution

* SM-281: Clean up TrashService and move more functionality to TrashApiService

* Cleanup responses

* Merge TrashService and SecretService

* Remove tw-text-sm from dialogs

* Split delete into two components

* Change secrets table to have a single boolean for trash

* SM-281: Rename component to secret-hard-delete

* Remove unused organizationId

* Remove duplicate buttons

---------

Co-authored-by: Hinton <hinton@users.noreply.github.com>
2023-02-21 10:03:37 -05:00
Jared Snider
a348c78a79
Defect/SG-1083 - Fix SSO Form Validation (#4791)
* SG-1083 - Refactor SSO form validation to work per EC requirements

* Move SSO component into its own folder for better folder management for future components in auth.

* Defect SG-1086 - Domain verification table: Change domain name from anchor tag to button + add title

* SG-1083 - Send null instead of empty string for sso identifier to avoid duplicate key in database issues.

* SG-1086 - Add button type to domain verification button to pass lint rules.
2023-02-17 16:55:57 -05:00
UnderAndOver
bf03e62a41
added important to strings for localization (#4655)
Co-authored-by: Daniel James Smith <djsmith@web.de>
2023-02-16 23:31:56 +01:00
Brandon Maharaj
91600bb610
[SG-1022] Update min password requirements to 12 char (#4690)
* fix: change to 10

* work: 12!

* Update register.component.ts

* fix: whoops, missed a few

* fix: can't believe i missed this.

---------

Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2023-02-16 13:15:47 -05:00
Will Martin
375c552623
[SM-455] add projects and secrets to dashboard page (#4722)
* add projects and secrets to dashboard

* add header title

* add section component

* only show latest projects and secrets

* reorganize view model; all view all link

* fix i18n; update table styles; add bitSortable to secrets table

* apply code reviews

* remove basePath input; add viewProjectEvent output

* fix style and merge issue

* fix route

* use absolute route with org id
2023-02-16 09:18:17 -05:00
Oscar Hinton
55741445ec
[SM-501] Revoke Access Tokens (#4746)
* Add support for revoking access tokens
2023-02-16 10:51:11 +01:00
Jared Snider
36633bcb04
[SG-147] - Feature/web-organization-domain-claiming (#4734)
* Feature/SG-680 - Create Domain Verification Comp (#4283)

* domain-base.ts - added link to Architectural docs describing domain base class purpose

* SG-680 - (1) Created Org Domain API and observable based data store service (2) Created required response and request models

* SG-680 - Renaming org domain service abstractions to match existing convention

* SG-680 - (1) Updated getByOrgId method to return array of data to match back end + renamed it as such (2) Updated OrgDomainApiService get methods to update the OrgDomainService observables

* Two-factor-setup comp - change "tabbed-header" class to "page-header" to achieve visual consistency with other settings components.

* SG-680 - Refactor Org Domain API & domain services to conform to ADR 0013 - Avoid layered folder structure for request/response models (i.e., put models near "owner" services)

* SG-680 - Update Organization model to include a canManageDomainVerification check

* SG-680 - Created Domain Verification component and started scaffolding out HTML

* SG-680 - New OrgDomain state and API services need to be registered on jslib-services.module in order to be injectable into components for use (this is what maps abstractions to implementation for dependency injection)

* SG-680 - OrgDomainApiServiceAbstraction should be an abstract class

* SG-680 - Update OrgDomainApiService to use ListResponse and map into OrganizationDomainResponse properly

* SG-680 - Moved domain verification comp into subfolder to add clarity in folder structure

* SG-680 - Good start on Domain Add Edit Dialog

* SG-680 - Domain Add Edit Dialog - (1) Random generation of DNS TXT Record now working (2) DNS TXT Record Copyable (3) Additional translations added (4) Info callout added

* SG-680 - Domain Add Edit Dialog - (1) Added custom validator for domain name (2) Disable verify btn if form invalid

* SG-680 - Updated Domain Name custom validator to pass back error message in format the error.component.ts expected so it can be displayed without an untranslated error prefix of "invalidDomainName"

* Form-button - Added useful note regarding use of the bitFormButton directive and how it requires the use of the bitButton directive as well.

* SG-680 - OrgDomain.service - replace delete with splice as delete doesn't actually alter array. Duh.

* SG-680 -  Domain verification progress - (1) Table layout + loading working for the most part (more translations needed (2) Add & edit opening dialog (3) Dialog first draft of save and verify

* SG-680 - DomainAddEditDialog - Unique domain name enforcement implemented

* SG-680 - Domain Name Custom Reactive forms validator refactor - swapped to regex to support proper domain format (which now enforces the requirement of a .com or similar)

* SG-680 - OrgDomainApi svc - must await send of delete call otherwise runs synchronously. Duh.

* SG-680 - Domain verification progress - (1) CopyDnsTxt added to state service (2) Refactored dialog to use async actions (3) Dialog form changes now mark form controls as touched for more responsive error handling

* SG-680 - Domain-add-edit-dialog - Confirmation required now for domain deletion

* SG-680 - Domain verification table options now supports removing domains with confirmation prompt

* Shared module - merge conflict resolution + removing unused imports so I can check this in.

* SG-680 - Adding missing translations

* SG-680 - Comment clean up + todo

* Revert "Shared module - merge conflict resolution + removing unused imports so I can check this in."

This reverts commit 98fe346e67.

* SG-680 - DomainAddEditDialog - Replace bitAction with leveraging bitSubmit so that when users hit enter in a field the form gets submitted.

* SG-680 - Added httpStatusCode enum

* SG-680 - OrgDomainAPI - Verify endpoint now returns domain response model so upsert to sync obs state service

* SG-680 - Domain Verification comp - (1) Display last checked date (2) Verify first attempt in place (3) justify options content per design

* SG-680 - DomainAddEditDialog - Validation and error handling overhaul

* SG-680 - DomainAddEditDialog - (1) Autofocus domain name on new domain creation (2) Removed form.invalid == form disabled logic because of accessibility concerns

* SG-680 - OrgDomainResponse model refactor - back end is sending lower cased props

* SG-680 - OrgDomain service refactor - (1) Use proper abstraction for i18n svc (2) Don't make non-async methods async for no reason

* SG-680 - OrgDomainService - Added test suite

* SG-680 - Renaming httpStatusCode.enum to strip off .enum in attempt to pass eslint issue

* SG-680 - Renaming httpStatusCode enum file again to remove all capitalized letters to pass eslint rules.

* SG-680 - Updating HttpStatusCode import b/c auto import update missed it.

* SG-680 - DomainAddEditDialog - Don't show callout if domain is verified

* SG-680 - DomainVerificationComp - Add error handling to verify to handle case where domain isn't available

* SG-680 - OrgDomainApiSvc - svc should use abstractions in constructor

* SG-680 - OrgDomainApiSvc - added full test suite

* SG-680 - OrgDomainSvc test suite - fixing broken test

* SG-680 - Domain Verification Validation Scenario: show form control error when domain verification fails  - (1) Enhanced bitSubmit to optionally allowDisabledFormSubmit (2) Enhanced bitInput to optionally allow showErrorsWhenDisabled + added new docs

* SG-680 - Adjusting location & name of the bitInput docs to be in the top level docs section to match historical consensus and existing pattern.

* SG-680 - Removed TODO for adding tests since I've already added tests.

* SG-680 - DomainAddEditDialog - Handle verify domain conflict exceptions just in case

* SG-680 - Adjusting location of Domain verification settings item in the organization settings menu to match figma.

* SG-680 - Removing unnecessary comment

* SG-680 - Domain Verification component - updated svg to not have alt text so it is treated as decorative by screen readers for accessibility.

* SG-680 - Fixing messages.json missing }

* SG-680 - DomainAddEditDialog - Hardcoding inputs to bit-dialog as component vars are not needed for dynamic anything right now.

* SG-680 - Dialog comment refactor

* SG-680 -  OrgDomainSvc - comment and console log removals.

* SG-680 - Updating OrgDomain Service test suites to have better test titles.

* Defect/web org domain claiming bugfixes (#4458)

* SG-949 - OrgDomainVerification - Domain name validator now supports n levels of subdomains as well as top level domains.

* SG-955 - On domain verification error or failure, call to update the individual org domain item to get an updated last checked date on the client.

* SG-953 - In domain verification dialog edit, if verify called and failed, then must manually mark domain name as touched for errors to show up.

* SG-954 - Domain Verification edit dialog - Fixing delete button not having trash icon displayed + added i18n translation for title prop.

* SG-956 - Fixing domain claiming event logs so that they show up on the client (more to do as there are some events missing client & member)

* Form button directive comment update

* SG-977 - Event Log improvements: (1) Add new device type of server (2) Add EventSystemUser mapping to translated value.  The end result is that both SCIM and Domain verification logs properly show server as the client and SCIM or Domain verification as the member.

* Add comment to clarify use of SCIM in EVENT_SYSTEM_USER_TO_TRANSLATION  dict

* DeviceType.Server must be incremented to 22 b/c server master already has a DeviceType.SDK of 21.

* Add SDK w/ value of 21 to DeviceType to match master server

* Defect/web org domain claiming bugfixes the sequel (#4530)

* Update <bit-table> to latest standard so it works again (swap body from ng-container to ng-template)

* Input directive - showErrorsWhenDisabled case doesn't need to care if input isActive or not.

* SG-949 - Update domain name validator regex to prevent http://, https://, and www.

* SG-771 - Added claimed domain logic to web client (#4603)

* SG-771 / SG-772 / SG-743 - Add claimed domain logic which skips entry of Org SSO Id when an org has a claimed and verified domain to web, browser, and desktop.

* Fix lint errors by adding button types

---------

Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
2023-02-15 15:50:39 -05:00
Colton Hurst
63563bd87d
SM-365: Add SM Import & Export (#4323)
* SM-365: Add scaffolding for settings, import, and export components

* SM-365: Build out SM export component and retrieve org name

* Add password verification

* Add SMExportService

* SM-365: Add full export functionality for client side

* SM-365: Add SM Import UI, combine import & export services, general cleanup

* SM-365: Small updates, fix settings navigation for SM

* SM-365: Refactorings based on PR comments, part 1

* SM-365: Refactorings based on PR comments, part 2

* SM-365: remove unneeded import file parsing code

* Attempt New SM Export Auth Flow (#4596)

* Attempt new sm-export auth flow

* Fix component

* SM-365: Add error messaging for failed import

* SM-365: Fix import error dialog

* SM-365: Fix layout of pages, title, and success messaging

* SM-365: Address majority of PR comments, clear import form on success

* SM-365: Refactor error handling, refactor date formatting

* SM-365: Refactored names, logic, added SM porting api service, added needed error checking, etc.

* SM-365: Refactor fileContents to pastedContents to be more clear

* SM-365: Refactoring based on PR comments

* SM-365: Update based on PR comments, refactoring ngOnInit for sm-import

* SM-365: Fix wrong type on choose import file button
2023-02-13 10:52:47 -05:00
Will Martin
40e6471070
[SM-73] fix defects (#4572)
* [SM-431] fix project name overflow

* [SM-432] sort project list alphabetically

* [SM-458] add delete button

* [SM-430] misc UI fixes

* override tw-break-words in table cell

* update copy

* remove unused copy
2023-02-06 22:41:08 -05:00
Thomas Avery
4ffe1c7e57
[SM-409] Project Access Policies (#4472)
* Initial working multi select

* Create project access selector component

* Refactor to shared components for access policies

* Refactor access policies table

* Initial working create & update access policies

* Add dynamic multi-select + DRY refactor

* FIGMA updates

* Fix table and refactor access-policy service

* Code review updates

* Fix disable/loading logic for selector

* Don't run onchange for creation

* Migrate to new group service

* simplify async action

* Refactor access-policies

Co-authored-by: Will Martin <willmartian@users.noreply.github.com>

* Refactor access-selector

* Add using potential grantee endpoints.

* refactor to use observables

* combine access-selector and access-policies component

* lift dynamic i18n out of template

* use strict equality

* fix multiselect refresh

* change grantees to function

* Fix multiple HTTP calls

* don't broadcast on AP update

* Code review updates

* Use refactored potential-grantees endpoint

* potential grantees refactor v2

---------

Co-authored-by: Will Martin <willmartian@users.noreply.github.com>
Co-authored-by: William Martin <contact@willmartian.com>
2023-02-06 11:28:51 -06:00
Andreas Coroiu
55d9ee22ab
[EC-667] Collection modal add search function (#4291)
* [EC-667] feat: scaffold new select component

* [EC-667] feat: sort of working implementation

* [EC-667] feat: support for using in forms

* [EC-667] feat: add bit-select example to full form

* [EC-667] fix: broken aria label connetion

* [EC-667] fix: web not building

* [EC-667] fix: dropdown getting trapped in dialog

* [EC-667] fix: select not emitting correct value

* [EC-667] feat: add collection icon to options

* [EC-667] feat: add default select placeholder translation

* [EC-667] fix: undefined handling

* [EC-667] fix: value vs options race condition

* [EC-667] feat: remove x and add "no collection" option

* [EC-667] chore: add country list disclaimer

* chore: clean up comments

* [EC-667] chore: cleanup commented import

* [EC-667] fix: input text color not applying to single-select
2023-02-06 15:54:23 +01:00
Oscar Hinton
2757fcee86
[SM-378] Enable SM on a user basis (#4497)
* Add support for giving individual users access to secrets manager
2023-01-31 19:03:27 +01:00