* [PM-11203] Hide collection/item checkboxes in AC when a user does not have manage/edit permissions for the collection/item
* [PM-11203] Remove restrict-provider-access flag
* [PM-11203] Adjust the editableItems array to use existing canEdit and canDelete helpers to determine eligibility
* PM-13318 - AnonLayoutWrapperData refactor to support all possible string scenarios (untranslated string, translated string, and translated string with placeholders)
* PM-13318 - Fix accidental check in
* PM-13318 - Revert the correct change.
* PM-13318 - Fix test failures
* [PM-6991] Remove self reference to cipherViews$
* [PM-6991] Update cipherViews$ observable to be reactive to encrypted ciphers and localData
* [PM-6991] Use the cipherViews$ observable in the Web vault
* [PM-6991] Update the vault filter service to use cipherViews$ observable
* [PM-6991] Add deprecation notice to getAllDecrypted
* [PM-6991] Ensure cipherViews$ emits an empty array whenever the decrypted cipher cache is cleared
* [PM-6991] Fix cipher service test
* [PM-6991] Use shareReplay instead of share
* [PM-6991] Remove ciphersExpectingUpdate and replace with a null filter instead for cipherViews$
* [PM-6991] Skip refreshing on null cipherViews$ to avoid flashing an empty vault after modifying ciphers
* Create web-specifc credential-generator component
* Add missing entries in en/messages.json
* Import and use conditional routing for new credential generator component
* Add comment about temporary using password-generator component
* Update comment to include FIXME which is more easily searchable
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Migrate `ResetPasswordComponent` off of bootstrap
* Remove redundant `[appApiAction]` directive usage
* Replace `app-callout` with `bit-callout`
* Remove `formPromise` from compononent. It is unused.
* Implement new password strength component
* WIP - access intelligence page
* finish access intelligence page
* finish access intelligence page
* use tab label directive
* remove extension swap change
* only show when feature flag enabled
* Move files under tools ownership
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* [PM-13284] Notification bar does not display for certain websites
* [PM-13284] Notification bar does not display for certain websites
* [PM-13284] Notification bar does not display for certain websites
We ran into some inconsistencies between how manifest v2 and v3 are handled in browsers. To resolve this we have a different flow for manifest v2 which dynamically imports, while v3 uses the sync importScripts.
* add `hideFolderSelection` for admin console ciphers
* hide folder form field when configuration has `hideFolderSelection` set to true
* add `addCipherV2` method in the admin console vault
* add browser refresh logic for add/edit form
* add admin console implementation of `AdminConsoleCipherFormConfigService`
* only allow edit dialog in admin console
* remove duplicate check
* refactor comments
* initial integration of combined dialog
* integrate add cipher with admin console vault
* account for special admin console collection permissions
* add `edit` variable to AC ciphers when the user has permissions
* Move comment to JSDoc
* pass full cipher to view component
* validate edit access when opening view form
* partial-edit not applicable for admin console
* refactor hideIndividualFields to be more generic and hide favorite button
* pass entire cipher into edit logic to match view logic
* add null check for cipher when attempting to view
* remove logic for personal ownership, not needed in AC
* [PM-12389] Hide delete button when there is no cipher to delete
* [PM-12389] Ensure decrypted collections and folders are available before building cipher form config
* [PM-12389] Hide the delete button when cloning ciphers
Follow up PR to #10974, flips the compile time flags to enabled and includes some debug logic to detect if users encounter issues with the WASM bundle in preparation for active consumption of the SDK.
* Added sorting to vault, name, permission and group
Added default sorting
* Fixed import
* reverted test on template
* Only add sorting functionality to admin console
* changed code order
* PM-13114 - WebEnvSvc - use hostname vs domain check for init and setEnv (tests TODO)
* PM-13114 - WebEnvSvc + URLs webpack config - use expected string variable on process.env.URLS to ensure tests can properly mock the WebEnvSvc
* PM-13114 - WebEnvSvc - setEnvironment - fix issue with returning currentRegion urls instead of currentEnv urls.
* PM-13114 - WebEnvSvc - setEnv - refactor names to improve clarity.
* PM-13114 - WebEnvSvc spec file - Test all prod scenarios
* PM-13144 - Work with Justin to move process.env.Urls access into injection token and remove webpack string type conversion.
* PM-13114 - WIP on getting additionalRegionConfigs injected via injection token to default env service.
* PM-13114 - Update all background inits to pass process.env.ADDITIONAL_REGIONS as unknown as RegionConfig[] to env service.
* PM-13114 - WebEnvSvc - adjust order of constructor deps
* PM-13114 - WebEnvSvc - add WebRegionConfig to extend RegionConfig type and be accurate for what the WebEnvSvc uses.
* PM-13114 - WebEnvSvc Tests - US QA tested
* PM-13114 - WebEnvSvc tests - refactor QA naming to make it more clear.
* PM-13114 - WebEnvSvc - test QA EU
* PM-13114 - WebEnvSvc - remove promise resolve per PR feedback.
* Create desktop-specifc full credential-generator component
* Add missing entries in en/messages.json
* Import and use conditional routing for new credential generator component
app.component: The original if, didn't make any sense as it meant that it would behave differently on the Send page vs Vault, which it doesn't, in addition to a duplicate message receiver was added in vault.component which I also removed.
Old generator for cipher add/edit is still in place and will be replaced by the vault team
* Update comment to include FIXME which is more easily searchable
* Add fixme comment for future extension
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* add password/username generator strings to web app
* remove JSLibServicesModule from generator dependencies
* integrate username and password generators into browser extension
* integrate username and password generators into web app
* move Jslib order back
* remove margin from within the generator components
* add alternative background to web generator dialog
* remove unneeded margin from username generator
* remove disable margin from div
* Revert "remove unneeded margin from username generator"
This reverts commit ae3067e3f2.
* remove CSS to alter internal margins of the generator components
* [PM-12389] Cleanup attachment dialog UI bugs
* [PM-12389] Add formReady event to CipherForm
* [PM-12389] Use ngOnChanges for CipherView component initialization
* [PM-12389] Cleanup web specific services and components
* [PM-12389] Introduce combined Vault Item Dialog component
* [PM-12389] Use the new VaultItemDialog in the Individual Vault
* [PM-12389] Deprecate the AddEditV2 and View dialogs in Web
* [PM-12389] Fix failing test
* [PM-12389] Fix broken imports after move
* [PM-12389] Remove messages.json addition that is taken care of in another PR
* Add "back" functionality for Desktop.
* Return user to email field when logo is clicked in Web.
* Update function name.
* Move hideLogo to anchor wrapper.
* Use "/" route for logo back link.
* PM-9449 - Init stub of new lock comp
* PM-9449 - (1) Add new lock screen title to all clients (2) Add to temp web routing module config
* PM-9449 - LockV2Comp - Building now with web HTML
* PM-9449 - Libs/Auth LockComp - bring in all desktop ts code; WIP, need to stand up LockCompService to facilitate ipc communication.
* PM-9449 - Create LockComponentService for facilitating client logic; potentially will decompose later.
* PM-9449 - Add extension lock comp service.
* PM-9449 - Libs/auth LockComp - bring in browser extension logic
* PM-9449 - Libs/auth LockComp html start
* PM-9449 - Libs/Auth LockComp - (1) Remove unused dep (2) Update setEmailAsPageSubtitle to work.
* PM-9449 - Add getBiometricsError to lock comp service for extension.
* PM-9449 - LockComp - (1) Save off client type as public comp var (2) Rename biometricLock as biometricLockSet
* PM-9449 - Work on lock comp service getAvailableUnlockOptions
* PM-9449 - WIP libs/auth LockComp
* PM-9449 - (1) Remove default lock comp svc (2) Add web lock comp svc.
* PM-9449 - UnlockOptions - replace incorrect type
* PM-9449 - DesktopLockComponentService -get most of observable based getAvailableUnlockOptions$ logic in place.
* PM-9449 - LockCompSvc - getAvailableUnlockOptions in place for all clients.
* PM-9449 - Add getBiometricsUnlockBtnText to LockCompSvc and put TODO for wiring it up later
* PM-9449 - Lock Comp - Replace all manual bools with unlock options.
* PM-9449 - Desktop Lock Comp Svc - adjust spacing
* PM-9449 - LockCompSvc - remove biometricsEnabled method
* PM-9449 - LockComp - Clean up commented out code
* PM-9449 - LockComp - webVaultHostname --> envHostName
* PM-9449 - Fix lock comp svc deps
* PM-9449 - LockComp - HTML progress
* PM-9449 - LockComp cleanup
* PM-9449 - Web Routing Module - wire up lock vs lockv2 using extension swap
* PM-9449 - Wire up loading state
* PM-9449 - LockComp - start wiring up listenForActiveUnlockOptionChanges logic with reactivity
* PM-9449 - Update desktop & extension lock comp service to use new biometrics service vs platform utils for biometrics information.
* PM-9449 - LockV2 - Swap platform util usage with toast svc
* PM-9449 - LockV2Comp - Bring over user id logic from PM-8933
* PM-9449 - LockV2Comp - Adjust everything to use activeAccount.id.
* PM-9449 - LockV2Comp - Progress on wiring up unlock option reactive stream.
* PM-9449 - LockComp ts - some refactoring and minor progress.
* PM-9449 - LockComp HTML - refactoring based on new idea to keep unlock options as separate as possible.
* PM-9449 - Add PIN translation to web
* PM-9449 - (1) Lock HTML refactor to make as independent verticals as possible (2) Refactor Lock ts (3) LockSvc - replace type with enum.
* PM-9449 - LockV2Comp - remove hardcoded await.
* PM-9449 - LockComp HTML - add todo
* PM-9449 - Web - Routing module - cleanup commented out stuff
* PM-9449 - LockV2Comp - Wire up biometrics + mild refactor.
* PM-9449 - Desktop - Wire up lockV2 redirection
* PM-9449 - LockV2 - Desktop - don't focus until unlock opts defined.
* PM-9449 - Fix accidental check in
* PM-9449 - LockV2 - loading state depends on unlock opts
* PM-9449 - LockV2 comp - remove unnecessary hr
* PM-9449 - Migrate "yourVaultIsLockedV2" translation to desktop & browser.
* PM-9449 - LockV2 - Layout tweaks for biometrics
* PM-9449 - LockV2 - Biometric btn text
* PM-9449 - LockV2 - Wire up biometrics loading / disable state + remove unnecessary conditions around biometricsUnlockBtnText
* PM-9449 - DesktopLockSvc - Per discussion with Bernd, remove interval polling and just check once for biometric support and availability.
* PM-9449 - AuthGuard - Add todo to remove promptBiometric
* PM-9449 - LockV2 - Refactor primary and desktop init logic + misc clean up
* PM-9449 - LockV2 - Reorder init methods
* PM-9449 - LockV2 - Per discussion with Product, deprecate windows biometric settings update warning
* PM-9449 - Add TODO per discussion with Justin and remove TODO
* PM-9449 - LockV2 - Restore hide password on desktop window hidden functionality.
* PM-9449 - Clean up accomplished todo
* PM-9449 - LockV2 - Refactor func name.
* PM-9449 - LockV2 Comp - (1) TODO cleanup (2) Add browser logic to handleBiometricsUnlockEnabled
* PM-9449 - LockCompSvc changes - (1) Observability for isFido2Session (2) Adjust errors and returns per discussion with Justin
* PM-9449 - Per product, no longer need to support special fido2 case on extension.
* PM-9449 - LockCompSvc - add getPreviousUrl support
* PM-9449 - LockV2 - Continued ts cleanup
* PM-9449 - LockV2Comp - clean up unused props
* PM-9449 - LockV2Comp - Rename response to masterPasswordVerificationResponse
* PM-9449 - LockV2 - Remove unused formPromise prop
* PM-9449 - Add missing translations + update desktop to showReadonlyHostName
* PM-9449 - LockV2 - cleanup TODO
* PM-9449 - LockV2 - more cleanup
* PM-9449 - Desktop Routing Module - only allow LockV2 access if extension refresh flag is enabled.
* PM-9449 - Extension - AppRoutingModule - Add extension redirect + new lockV2 route.
* PM-9449 - Extension - AppRoutingModule - Add lockV2 to the ExtensionAnonLayoutWrapperComponent intead of the regular one.
* PM-9449 - Extension - CurrentAccountComp - add null checks as anon layout components don't have a state today. This prevents the account switcher from working on the new lockV2 comp.
* PM-9449 - Extension AppRoutingModule - LockV2 should use ExtensionAnonLayoutWrapperData
* PM-9449 - LockComp - BiometricUnlock - cancelling is a valid action.
* PM-9449 - LockV2 - Biometric autoprompt cleanup
* PM-9449 - LockV2 - (1) Add TODO for KM team (2) Fix submit logic.
* PM-9449 - Tweak TODO to add task #
* PM-9449 - Test WebLockComponentService
* PM-9449 - ExtensionLockComponentService tested
* PM-9449 - Tweak extension lock comp svc test
* PM-9449 - DesktopLockComponentService tested
* PM-9449 - Add task # to TODO
* PM-9449 - Update apps/browser/src/services/extension-lock-component.service.ts per PR feedback
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* PM-9449 - Per PR feedback, replace from with defer for better reactive execution of promise based functions.
* PM-9449 - Per PR feedback replace enum with type.
* PM-9449 - Fix imports and tests due to key management file moves.
* PM-9449 - Another test file import fix
---------
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
* send created redirect
* fix test
* fix test
* fix send form save
* return SendData from saveSend
* When saving a Send, bubble up a SendView which can be passed to the SendCreated component
* Use events to initiate navigation and move actual navigation into client-specific component
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* refactor vault-list-item to be a button so it is keyboard accessible
- an anchor tag without an `href` isn't included in the tab order
* allow bit-item-content focus state to be visible
- cdk-virtual-scroll-viewport applied certain styles that hid overflow. Because each bit-item-group isn't a scroll container for vault items, these should be safe to alter.
* [deps]: Lock file maintenance
* Lock glob version to the _very_ old one we need
This seems to be due to electron-builder having old dependencies. REMOVE when electron-builder is updated
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Move ownership of biometrics to key-management
* Move biometrics ipc ownership to km
* Move further files to km; split off preload / ipc to km
* Fix linting
* Fix linting
* Fix tests
* Fix tests
* Update .github/CODEOWNERS
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Update .github/CODEOWNERS
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Change ownership of native messaging to key-management
* Move biometrics to libs/key-management
* Add README to capital whitelist
* Update package-lock.json
* Move km to key-management
* Move km to key-management
* Fix build for cli
* Import fixes
* Apply prettier fix
* Fix test
* Import fixes
* Import fixes
* Update libs/key-management/README.md
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Update libs/key-management/package.json
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Update lock file
* Change imports to top level km package
---------
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Add missing column header to weak-password report
* Add missing column header to exposed-password report
* Add missing column header to reused-password report
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* add username and email engines to generators
* introduce username and email settings components
* introduce generator algorithm metadata
* inline generator policies
* wait until settings are available during generation
* Simplify the filter(toggle group) to filter by organizationId instead of a orgFilterStatus property which is not present on the CipherView
* Add sorting to weak password report table
- Create new type to represent a row within the report
- Add types and remove usage of any
- Include the score/badge within the data passed to the datasource/table instead of looking it up via the `passwordStrengthMap`
- Remove unneeded passwordStrengthCache
- Enable sorting via bitSortable
- Set default sort to order by weakness
* Show headers and sort also within AC version of weak-password report, but hide the Owner column
* Clarify that we are filtering by OrgId
* Use a typed object for the reportValue instead of an array
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* [deps]: Lock file maintenance
* Works on my machine
* Lock minimatch types version to the _very_ old one we need
This is yet another dependency locked to years old due to gulp. REMOVE THIS OVERRIDE WHEN WE DROP GULP
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
* Add password dialog component.
* Properly direct to browser password history screen.
* Add padding to history items.
* Update test to correct password history route.
* Remove unneeded provider.
* Use relative path for SharedModule.
* simplify logic and fix some pattern-matching bugs
* add first pass at parsing combined expiry year and month from user input
* clean up code
* fix broken three-digit parsing case
* fix case where splitCombinedDateValues returns empty strings when the input is only a delimiter
* fix incorrect expectation of falsy negative integers
* clean up code
* split out logic from parseYearMonthExpiry
* move utils from vault to autofill
* add appearance option to disable animations
* add check to only show the form after it's populated to avoid flash of inaccurate values
* switch to form loading while waiting for form values
* autofill name for new ciphers
* only include name and uri when the extension is not popped out
* only populate name and uri for login ciphers
* source the URL directly from the new item dropdown component
* fix new item dropdown tests
* add constraint support to UserStateSubject
* add dynamic constraints
* implement password policy constraints
* replace policy evaluator with constraints in credential generation service
* add cascade between minNumber and minSpecial
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
* Added skipLocationChange while navigating to the view cipher to prevent pushing view cipher route to state
* Fix navigation bug after restore or delete
* Simplified to just use popupRouterCacheService.back
* [PM-281] Visual distinction required for login page links
* add bitLink to report links
* add bitLink to billing history
* [PM-281] Adding more references to bitLink and incorporating changes to aria labels for a variety of buttons
* Added editItemWithName to announce links within reports even better
---------
Co-authored-by: Vicki League <vleague@bitwarden.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* [PM-11343] Add param to conditionally disable the edit button
* [PM-11343] Cleanup router navigation and move query param handling to callers of the View dialog
* [PM-11343] Fix failing test
* [PM-11343] Fix missing router after merge
* [PM-11343] Add null checks in case the dialog result is undefined (due to closing via the ESC key)
* [PM-11343] Add support to provide a list of collections to the cipher view component
* [PM-11343] Add collections as an optional view cipher dialog parameter
* [PM-11343] Update the org vault to provide collections when opening the View cipher dialog
* [PM-11343] Fix import
* [PM-11343] Use [replaceUrl] for cipher items to avoid needing double back button
* remove nord and solarized dark from AppearanceV2 component
- This component already behind the extension refresh feature flag
* update the users theme to system when nord or solarized dark is selected
* For desktop, still allow all theme types by overriding the default theme service.
* change theme on the fly rather than updating local state.
- When the feature flag is removed then a migration will have to take place
* [deps] Tools: Update electron to v32.1.1
* Bump version in electron-builder.json
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Add MessagingService to LoginCredentialView component.
* Add comments.
* Add WIP PremiumUpgradeService
* Simplify web PremiumUpgradeServices into one service.
* Relocate service files.
* Add browser version of PremiumUpgradePromptService.
* Cleanup debug comments.
* Run prettier.
* rework promptForPremium to take organization id and add test.
* Add test for browser
* Rework imports to fix linter errors.
* Add Shane's reworked WebVaultPremiumUpgradePromptService.
* Add sorting to exposed passwords report
- Create new type to represent a row within the report
- Add types and remove usage of any
- Include the exposed number of times within the data passed to the datasource/table instead of looking it up via the `exposedPasswordMap`
- Enable sorting via bitSortable
- Set default sort to order by exposed number of times in descending order
* Show headers and sort also within AC version of exposed-passwords report but hide the Owner column
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Resolve the discount issues
* Resolve the payment cvv alignment
* Resolve the wrong message for secrets manager
* Remove unused commented code
* resolve the display message bug on sm flow
* Temporary local changes not meant to be merged
* WIP - send text details
* send text details
* remove extraneous code
* create base send details component
* remove file components
* fix send text details form
* remove comments
* fix send text details component
* revert type changes
* send created redirect
* Revert "send created redirect"
This reverts commit 36711d54a3.
* Removed hint under textArea, as per design
* Removed unused message keys
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* add copy specific aria-labels for login ciphers
* add copy specific aria-labels for card ciphers
* add copy translations for identity to web translations
* Refactor `POPUP_VIEW_MEMORY` to use `disk` rather than memory for the browser extension.
- When FireFox opens the popup in an standalone window memory is lost, thus causing the `popup-route-history` to be lost and back navigation ceases to work
* spelling
* revert state definition change
* add `onUpdated` event for firefox
* rework observable handling
* remove unneeded `from`
* [PM-11667] Remove all code related to the outdated custom permissions 'Edit/Delete Assigned Collections'
* Revert change made to data model in state migration
* Move Lock All To Happen in Background
- Make it done serially
- Have the promise only resolve once it's complete
* Unlock Active Account Last
* Add Tests
* Update Comment
* Testing out a rework of the performance improvements introduced into extension
* Working through improvements
* Implementing max_depth methodology for the deepQuery approach used when querying elements
* Refactoring implementation
* Refactoring implementation
* Fixing jest tests
* Incorporating documenation within domQueryService
* [PM-11519] `browser` global reference triggering an error when sending an extension message
* [PM-11517] Working through refactoring and jest testing of the domQueryService
* [PM-11517] Working through refactoring and jest testing of the domQueryService
* [PM-11517] Incorporating tests for the debounce util method
* [PM-11517] Incorporating tests for the debounce util method
* [PM-11517] Removing unnecessary property
* [PM-11517] Starting to work through an idea regarding querying without the shadowDom on pages that definitively do not contain a ShadowDOM element
* [PM-11419] Adjusting implementation to ensure we clear any active requests when the passkeys setting is modified
* [PM-11517] Removing unnecessary comments
* setup component, services, and web HTML
* make Web and Browser functional
* make desktop functional
* update template to solidify common client HTML
* simplify template and class
* update browser routing
* move canActivate to correct location
* simplify post submit routing
* update routing to use unauthUiRefreshSwap()
* constrain AnonLayout title/subtitle width, reduce height on destkop to account for header
* reduce height on browser to account for header (otherwise have to scroll to see EnvSelector
* resolve email issue when clicking 'cancel' on extension popout
* update routing for web
* persist email to popout
* update web router and anon-layout min-h based on client
* change anchor link to button
* remove unnecessary formatting changes
* add new icon
* remove unnecessary call to loginEmailService
* Send loggedOut/locked events on logout/lock event
* Revert "Send loggedOut/locked events on logout/lock event"
This reverts commit 293f2d6131.
* Ensure loggedOut is sent for non-active user logouts too
* Make loggedOut accept userIds
* Add userBeingLoggedOut in desktop app component
* Await updateconnection calls