1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-19 11:15:21 +01:00
Commit Graph

696 Commits

Author SHA1 Message Date
Jake Fink
a62f8cd652
[PM-3797] Client changes to use new key rotation process (#6881)
## Type of change

<!-- (mark with an `X`) -->

```
- [ ] Bug fix
- [ ] New feature development
- [x] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
- [ ] Build/deploy pipeline (DevOps)
- [ ] Other
```

## Objective

<!--Describe what the purpose of this PR is. For example: what bug you're fixing or what new feature you're adding-->
Final Client changes for Key Rotation Improvements. 

- Introduces a new `KeyRotationService` that is responsible for owning rotation process.
- Moves `Send` re-encryption to the `SendService` (`KeyRotationService` shouldn't have knowledge about how domains are encrypted).
- Moves `EmergencyAccess` re-encryption to the `EmergencyAccessService`.
- Renames `AccountRecoveryService` to `OrganizationUserResetPasswordService` after feedback from Admin Console


## Code changes

<!--Explain the changes you've made to each file or major component. This should help the reviewer understand your changes-->
<!--Also refer to any related changes or PRs in other repositories-->

Auth
- **emergency-access-update.request.ts:** New request model for domain updates that includes Id
- **emergency-access.service.ts:** Moved `EmergencyAccess` re-encryption to the `EmergencyAccessService`. Add deprecated method for legacy key rotations if feature flag is off
- **key-rotation.service/api/spec/module:** New key rotation service for owning the rotation process. Added api service, module, and spec file.
- **update-key.request.ts:** Moved to Auth ownership. Also added new properties for including other domains.
- **migrate-legacy-encryption.component.ts:** Use new key rotation service instead of old component specific service. Delete old service.
- **change-password.component.ts:** Use new key rotation service.
- **settings.module.ts:** Import key rotation module.

Admin Console
- **organization-user-reset-password.service.ts/spec:** Responsible for re-encryption of reset password keys during key rotation. Added tests.
- **organization-user-reset-password-enrollment.request.ts:** New request model for key rotations
- **reset-password.component.ts:** Update `AccountRecoveryService` to `OrganizationUserResetPasswordService`
- **enroll-master-password-reset.component.ts:** Update `AccountRecoveryService` to `OrganizationUserResetPasswordService`

Tools
- **send.service/spec.ts:** Responsible only for re-encryption of sends during key rotation. Added tests.

Other
- **api.service.ts:** Move `postAccountKey` to `KeyRotationApiService`
- **feature-flag.enum.ts:** add new feature flag

## Screenshots

<!--Required for any UI changes. Delete if not applicable-->

## Before you submit

- Please add **unit tests** where it makes sense to do so (encouraged but not required)
- If this change requires a **documentation update** - notify the documentation team
- If this change has particular **deployment requirements** - notify the DevOps team
- Ensure that all UI additions follow [WCAG AA requirements](https://contributing.bitwarden.com/contributing/accessibility/)
2023-12-22 10:31:24 -05:00
Shane Melton
a19a4ffdf7
[AC-1879] Add null check for collection view helpers (#7073)
* [AC-1879] Add null check for collection view helpers

* [AC-1879] Add additional null check to organization-options.component.ts
2023-12-21 15:51:48 -08:00
SmithThe4th
07d224d6bc
[PM-4239] When viewing an item with a passkey, passkey is not announced by screenreader (#7154)
* Made passkey field focusable

* Made passkey field focusableand accessibilty possible for screenreaders in announcing the field
2023-12-21 10:54:54 -05:00
cyprain-okeke
de04bc4410
[AC-1753] Automatically assign provider's pricing to new organizations (#7228)
* changes for the msp task

* fix an issues

* resolve pr comment
2023-12-20 22:55:30 +01:00
Will Martin
44fa727fc1
[CL-159] add bottom border to bit-banner (#7230)
* add bottom border to banner

* Update libs/components/src/banner/banner.component.html

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>

---------

Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
2023-12-19 17:23:13 -05:00
Jared Snider
9544da28c7
PM-5304 - Sync Service - setForceSetPasswordReasonIfNeeded(...) - Add bandaid to early return if state gets corrupted with undefined acctDecryptionOpts so that the sync won't error and prevent users from accessing their data added on another device. (#7265) 2023-12-19 22:04:25 +00:00
Oscar Hinton
017da06f9a
[CL-160] Rename BadgeType to BadgeVariant (#7244)
We're establishing a common language for the Component Library. As part of this work we're renaming componentType to variant. Starting with badges.
2023-12-19 19:22:37 +01:00
Shane Melton
cdb59f0939
[AC-1982] Add AllowAdminAccessToAllCollectionItems setting to the organization (#7268) 2023-12-19 11:32:53 +10:00
Jonathan Prusik
f04cd7eeef
autofill overlay visibility setting should be off by default (#7266) 2023-12-18 18:10:47 -05:00
Matt Gibson
87b6651f8e
[pm-5287] fix account switch logout routing (#7231)
* Navigate to home from account switcher

Also updates the main background handling of logout to either finish switch or logout, depending on which occurred

* Prefer observable guards

we were racing the account switch process on `accountService` and this async guard. It only depended on account status, which is available from `accountService`, so the correct move was to observe that status.

The unauthGuardFn allows for updating homepage depending on window state because popout windows have different nav to other locations.
2023-12-18 14:23:43 -05:00
Matt Gibson
69657a5ab5
Ps/allow state provider migrations from v 9 (#7263)
* Provide missing spec helpers and fakers

* We need to be able to migrate v9 stuff to state providers
2023-12-18 07:50:04 -05:00
Will Martin
4d5c955018
[CL-152] undeprecate openSimpleDialogRef (#7232) 2023-12-15 11:22:19 -05:00
Will Martin
e102919c2f
[CL-133] add skip links to bit-layout (#7213)
* Add light LinkType to link directive

* add skip link to bit-layout; update i18n for all apps

* install storybook interaction testing packages

* update storybook config

* add skiplink story to bit-layout

* update route and focus logic

* remove focus ring
2023-12-15 09:06:05 -05:00
Will Martin
b73d73b508
create team owned libs for billing, admin-console, platform (#7233)
* add admin-console lib files

* add billing lib files

* add platform lib files

* update lib references in config files

* update package-lock
2023-12-15 09:02:21 -05:00
bharat
96d1c83385
[PM-4077] safeincloud multiple url fix (#6394)
* safeincloud multiple url fix
* Ensure LoginView.uris is consistently populated
2023-12-14 16:40:51 +00:00
Justin Baur
7abbe0dafd
State definitions tests (#7173)
* Add StateDefinition Tests and Rules

* Update Comments
2023-12-14 10:00:36 -05:00
Daniel James Smith
60d9f3d150
[PM-1925][PM-2741][AC-1334] flexible collections export page (#5759)
* Use bitTypography for page title

* Replaced app-callout with bit-callout

* Replace button with bit-button

* Update radio buttons to use CL

* Use searchable select for fileFormat dropdown

* Remove unneeded divs (old styling)

* pm-1826 remove eslint-disable tailwindcss/no-custom-classname

* Removed for-attribute from bit-labels

* Removed bitInput from bit-selects

* Removed name-attribute from bit-selects

* Make format a required field

* Removed unused dependency on cryptoService

* Remove unused dependency on BroadcasterService

* Removed dependency on window

* Moved organizationId into BaseExportComponent

* Add vaultSelector

Add organizationService as new dependency
Retrieve organizations a user has access to
Add vaultSelector dropdown
Add `export from` label
Add exportFromHint

* Removed hint as discussed by product&design

* Add function to check for import/export permission

* Export callout should listen to changes

Even though the organizationId was changed, the Input did not trigger changing the scope

* Reading FlexibleCollections feature flag to show the vault-selector on export (#7196)

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: aj-rosado <109146700+aj-rosado@users.noreply.github.com>
2023-12-14 13:55:54 +01:00
Daniel James Smith
3c7f369e40
[PM-5164] Update description of passwordsafe xml importer (#7115)
* Add comment to the PasswordSafeXmlImporter to show it's the one from pwsafe.org and not from passwordsafe.com

* Update dropdown value for pwsafexml, toshow it's from pwsafe.org

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2023-12-13 12:16:27 -05:00
Matt Gibson
fd85d13b18
Ps/avoid state emit until updated (#7198)
* Add a small default time to limit timing failures

* Handle subscription race conditions

* Add Symbols to tracked emission types

This is a bit of a cheat, but Symbols can't be cloned, so
we need to nudge them to something we can handle.
They are rare enough that anyone hitting this is likely to
expect some special handling.

* Ref count state listeners to minimize storage activity

* Ensure statuses are updated

* Remove notes

* Use `test` when gramatically more proper

* Copy race and subscription improvements to single user

* Simplify observer initialization

* Correct parameter names

* Simplify update promises

test we don't accidentally deadlock along the `getFromState` path

* Fix save mock

* WIP: most tests working

* Avoid infinite update loop

* Avoid potential deadlocks with awaiting assigned promises

We were awaiting a promise assigned in a thenable. It turns out that
assignment occurs before all thenables are concatenated, which can cause
deadlocks. Likely, these were not showing up in tests because we're
using very quick memory storage.

* Fix update deadlock test

* Add user update tests

* Assert no double emit for multiple observers

* Add use intent to method name

* Ensure new subscriptions receive only newest data

TODO: is this worth doing for active user state?

* Remove unnecessary design requirement

We don't need to await an executing update promise, we
can support two emissions as long as the observable is
guaranteed to get the new data.

* Cleanup await spam

* test cleanup option behavior

* Remove unnecessary typecast

* Throw over coerce for definition options

* Fix state$ observable durability on cleanup
2023-12-13 08:06:24 -05:00
✨ Audrey ✨
df406a9862
[PM-252] fix inconsistent generator configuration behavior (#6755)
* decompose password generator policy enforcement
* integrate new logic with UI
* improve UX of minimum password length
* improve password generator policy options documentation
* initialize min length to default minimum length boundary
* reset form value on input to prevent UI desync from model

---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2023-12-12 19:17:20 -05:00
Will Martin
02ba26e53c
[AC-1786] deprecate manager role (#6931)
* add deprecation message

* hide manager option

* deprecate manager enum
2023-12-12 09:43:47 -05:00
Matt Gibson
08b69fffe1
Revert "Ps/avoid state emit until updated (#7124)" (#7187)
This reverts commit 38c335d8fb.
2023-12-12 08:07:42 -05:00
Will Martin
79dbe051c8
[AC-1747] deprecate access control indicator (#6796)
---------

Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2023-12-11 22:40:11 -05:00
Matt Gibson
38c335d8fb
Ps/avoid state emit until updated (#7124)
* Add a small default time to limit timing failures

* Handle subscription race conditions

* Add Symbols to tracked emission types

This is a bit of a cheat, but Symbols can't be cloned, so
we need to nudge them to something we can handle.
They are rare enough that anyone hitting this is likely to
expect some special handling.

* Ref count state listeners to minimize storage activity

* Ensure statuses are updated

* Remove notes

* Use `test` when gramatically more proper

* Copy race and subscription improvements to single user

* Simplify observer initialization

* Correct parameter names

* Simplify update promises

test we don't accidentally deadlock along the `getFromState` path

* Fix save mock

* WIP: most tests working

* Avoid infinite update loop

* Avoid potential deadlocks with awaiting assigned promises

We were awaiting a promise assigned in a thenable. It turns out that
assignment occurs before all thenables are concatenated, which can cause
deadlocks. Likely, these were not showing up in tests because we're
using very quick memory storage.

* Fix update deadlock test

* Add user update tests

* Assert no double emit for multiple observers

* Add use intent to method name

* Ensure new subscriptions receive only newest data

TODO: is this worth doing for active user state?

* Remove unnecessary design requirement

We don't need to await an executing update promise, we
can support two emissions as long as the observable is
guaranteed to get the new data.

* Cleanup await spam

* test cleanup option behavior

* Remove unnecessary typecast

* Throw over coerce for definition options
2023-12-11 20:32:39 -05:00
Rui Tomé
483a197e4d
[AC-1139] Flexible collections: deprecate Manage/Edit/Delete Assigned Collections custom permissions (#6906)
* [AC-1139] Add new layout for MemberDialogComponent when FC feature flag is enabled

* [AC-1139] Deprecated Organization canEditAssignedCollections, canDeleteAssignedCollections, canViewAssignedCollections

* [AC-1139] Checking if FC feature flag is enabled when using canDeleteAssignedCollections or canViewAssignedCollections

* [AC-1139] Added missing parameter to customRedirect

* [AC-1139] Fixed canEdit permission

* [AC-1139] Fixed CanDelete logic

* [AC-1139] Changed canAccessVaultTab function to receive configService

* Override deprecated values on sync

* [AC-1139] Reverted change that introduced ConfigService as a parameter to canAccessVaultTab

* [AC-1139] Fixed circular dependency

* [AC-1139] Moved overriding of deprecated values to syncService

* Revert "[AC-1139] Fixed circular dependency"

This reverts commit 6484420976.

* Revert "Override deprecated values on sync"

This reverts commit f0c25a6996.

* [AC-1139] Added back the deprecation of methods canEditAssignedCollections, canDeleteAssignedCollections, canViewAssignedCollections

* [AC-1139] Reverted change on syncService

* [AC-1139] Override deprecated values on sync

* [AC-1139] Fix canDelete logic in
collection-dialog.component.ts and
bulk-delete-dialog.component.ts

* [AC-1139] Moved override logic from syncService to organizationService

* [AC-1139] Add ability to have titlecase titles on nested-checkbox.component checkboxes; use on member-dialog.component

* Revert "[AC-1139] Add ability to have titlecase titles on nested-checkbox.component checkboxes; use on member-dialog.component"

This reverts commit 9ede0fc5ac.

* [AC-1139] Fix bulk delete functionality

* [AC-1139] Refactor canEdit and canDelete to use ternary operator

* [AC-1139] Fix canDelete condition in VaultComponent

---------

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2023-12-08 18:07:52 +00:00
Will Martin
0b6af73435
[CL-149] add stacked banner story (#7106) 2023-12-08 11:49:20 -05:00
Will Martin
04741bcab4
[CL-135] update CL migration docs (#6926) 2023-12-08 11:37:03 -05:00
Oscar Hinton
5a3ac7d73e
[CL-155] Add support for hiding the close button on banner (#7142) 2023-12-08 17:15:57 +01:00
ttalty
c4b31c9f8f
Tools/pm 3567 import xxe detection (#6918)
* RegEx to prevent external entities from being imported in xml

* Adding the test case

* Changing the regex and updating test case description
2023-12-08 09:50:02 -05:00
Todd Martin
2b3faca86b
Move PasswordStrengthComponent to Tools (#7125)
* Moved password-strength component to Tools

* Move zxcvbn into Tools ownership

zxcvbn is the library currently used to calculate the password-strength

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2023-12-07 14:11:05 -05:00
Justin Baur
c3e114e36f
Update Expectations of update method (#7119)
* Update Expectations of `update` method

Change `update` to return current state
when `shouldUpdate` returns false.

* Delete Accidental Tests
2023-12-06 14:14:49 -05:00
Matt Gibson
09d626bb4b
[PM-4345] Ps/provide migration helpers for key definitions (#7050)
* Provide helpers to build keys from KeyDefinitions

* Move usage comments to the helper class

* `npm run prettier` 🤖

* Prefer setters and getters to key builders

* Add documentation to migration helper methods

* Fix migration helper tests

* Prefer defined types to ad hoc

* `npm run prettier` 🤖
2023-12-06 13:07:27 -05:00
rr-bw
ac899bebeb
[PM-194] Browser Account Switcher UI (#6772)
* Handle switch messaging

TODO: handle loading state for account switcher

* Async updates required for state

* Fallback to email for current account avatar

* Await un-awaited promises

* Remove unnecessary Prune

Prune was getting confused in browser and deleting memory in browser on
account switch. This method isn't needed since logout already removes
memory data, which is the condition for pruning

* Fix temp password in browser

* Use direct memory access until data is serializable

Safari uses a different message object extraction than firefox/chrome
and is removing `UInt8Array`s. Until all data passed into StorageService
is guaranteed serializable, we need to use direct access in state
service

* Reload badge and context menu on switch

* Gracefully switch account as they log out.

* Maintain location on account switch

* Remove unused state definitions

* Prefer null for state

undefined can be misinterpreted to indicate a value has not been set.

* Hack: structured clone in memory storage

We are currently getting dead objects on account switch due to updating
the object in the foreground state service. However, the storage service
is owned by the background. This structured clone hack ensures that all
objects stored in memory are owned by the appropriate context

* Null check nullable values

active account can be null, so we should include null safety in the
equality

* Correct background->foreground switch command

* Already providing background memory storage

* Handle connection and clipboard on switch account

* Prefer strict equal

* Ensure structuredClone is available to jsdom

This is a deficiency in jsdom --
https://github.com/jsdom/jsdom/issues/3363 -- structured clone is well
supported.

* Fixup types in faker class

* add avatar and simple navigation to header

* add options buttons

* add app-header to necessary pages

* add back button and adjust avatar sizes

* add helper text when account limit reached

* convert magic number to constant

* add clarifying comment

* adjust homepage header styles

* navigate to previousp page upon avatar click when already on '/account-switcher'

* move account UI to own component

* add i18n

* show correct auth status

* add aria-hidden to icons

* use listbox role

* add screen reader accessibility to account component

* more SR a11y updates to account component

* add hover and focus states to avatar

* refactor hover and focus states for avatar

* add screen reader text for avatar

* add slide-down animation on account switcher close

* remove comment

* setup account component story

* add all stories

* move navigation call to account component

* implement account lock

* add button hover effect

* implement account logout

* implement lockAll accounts functionality

* replace 'any' with custom type

* add account switcher button to /home login page

* use <main> tag (enables scrolling)

* change temp server filler name

* temporarily remove server arg from account story

* don't show avatar on /home if no accounts, and don't show 'lock'/'logout' buttons if no currentAccount

* add translation and a11y to /home avatar

* add correct server url to account component

* add 'server' to AccountOption type

* Enabled account switching client-side feature flag.

* add slide-in transition to /account-switcher page

* change capitalization to reflect figma design

* make screen reader read active account email, address more capitalization

* fix web avatar misalignment

* make avatar color based on user settings and in sync with other clients

* make property private

* change accountOptions to availableAccounts for clarity

* refactor to remove 'else' template ref

* remove empty scss rule

* use tailwind instead of scss

* rename isSelected to isActive

* add 'isButton' to /home page avatar

* move files to services folder

* update import

* Remove duplicate active account button

* Move no account button to current-account component

* Always complete logging out

Fixes PM-4866

* make screenreader read off email, not name

* refactor avatar for button case

* Do not next object updates

StateService's init was calling `updateState` at multiple layers,
once overall and then again for each account updated. Because
we were not maintaining a single state object through the
process, it was ending up in a consistent, but incomplete state.
Fixed by returning the updated state everywhere. This very well
may not be all the bugs associated with this

* Treat null switch account as no active user

* Listen for switchAccountFinish before routing (#6950)

* adjust avatar style when wrapped in a button

* show alt text for favicon setting

* move stories to browser

* Send Finish Message on null

* Dynamically set active user when locking all

This is required because some user lock states are not recoverable after
process reload (those with logout timeout). This waits until reload is
occurring, then sets the next user appropriately

* Move Finished Message to Finally Block

Fix tests

* Drop problematic key migration

Fixes PM-4933. This was an instance of foreground/background collision
when writing state. We have several other fallbacks of clearing
these deprecated keys.

* Prefer location to homebrew router service

* Initialize account disk cache from background

Uses the `isRecoveredSession` bool to re-initialize foreground caches
from a background message. This avoids a lengthy first-read for
foregrounds

* PM-4865 - Browser Acct Switcher - only show lock btn for lockable accounts (#6991)

* Lock of active account first, when locking multiple.

Fixes PM-4996

* Fix linter

* Hide lock now for locked users (#7020)

* Hide lock now for locked users

* Prefer disabling button to removing

* Add tooltip to TDE without unlock method

* Load all auth states on state init (#7027)

This is a temporary fix until the owning services can update state
themselves. It uses the presence of an auto key to surmise unlocked
state on init. This is safe since it's run only once on extension start.

* Ps/pm 5004/add load to account switcher (#7032)

* Add load spinner to account switcher

* Remove ul list icons

* Properly size account switcher in popout

* [PM-5005] Prevent Double Navigation (#7035)

* Delete Overriden Method

* Add Lock Transition

* truncate email and server name

* remove account.stories.ts (will add in separate PR)

* Do not switch user at reload if no user is active

* fix prettier issues

---------

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
Co-authored-by: bnagawiecki <107435978+bnagawiecki@users.noreply.github.com>
2023-12-06 09:22:48 -08:00
Todd Martin
299a880cba
[PM-5111] Reduce calls to config endpoint (#7069)
* Removed second active account observable and added distinctUntilChanged.

* Updated comment.
2023-12-06 11:21:29 -05:00
Daniel James Smith
6846026961
Fix PhoneNumber value of 1pux LoginFieldTypeEnum (#7113)
According to https://support.1password.com/1pux-format/#item-details it needs to be `TEL` instead of `T`

As far as I know, this has not been an issue, as I haven't been able to create a loginfield of type PhoneNumber within 1Password.

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2023-12-06 09:36:15 -05:00
Oscar Hinton
2eebf890b5
[PM-4273] Add tests for TotpService (#7058)
Adds tests for the TOTP service in preparation for migrating it to the SDK.
2023-12-05 12:32:49 -05:00
Oscar Hinton
7bbdee9daa
[PM-3565] Enforce higher minimum KDF (#6440)
Changes minimum iterations for PBKDF2 to 600 000. Also converts the constants into ranges to ensure there is only a single place for all checks.
2023-12-05 10:55:12 -05:00
Matt Gibson
e045c6b103
Ps/introduce single user state (#7053)
* Specify state provider for currently active user

* Split active and single user States

UserStateProvider is still the mechanism to build each State object.
The SingleUserState is basically a repeat of GlobalState, but with
additional scoping.

* Fixup global state cache

* fix fakers to new interface

* Make userId available in single user state

* Split providers by dependency requirements

This allows usage of the single state provider in contexts that would
otherwise form circular dependencies.

* Offer convenience wrapper classes for common use

* Import for docs

* Bind wrapped methods
2023-12-05 10:20:16 -05:00
Justin Baur
3deb6ea0c8
Only Keep Active User Alive When A View is Open (#7045) 2023-12-05 10:01:41 -05:00
Vincent Salucci
10d1e7de8e
fix: replace isAdmin conditional with isManager for CanCreateNewCollections, refs AC-1857 (#7052) 2023-12-01 09:23:13 -06:00
Jake Fink
cf6ed0d8a6
shallow copy credentials in strategies that store them (#7047)
- add warnings about dead objects in firefox
2023-11-30 16:09:52 -05:00
Will Martin
ebc28244cd
[CL-145] add secondary variant to bit-layout side nav (#7038) 2023-11-30 11:44:42 -05:00
renovate[bot]
28de9439be
[deps] Autofill: Update prettier to v3 (#7014)
* [deps] Autofill: Update prettier to v3

* prettier formatting updates

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Jonathan Prusik <jprusik@classynemesis.com>
2023-11-29 16:15:20 -05:00
Matt Gibson
7a7fe08a32
Ps/pm 2910/handle switch messaging (#6823)
* Handle switch messaging

TODO: handle loading state for account switcher

* Async updates required for state

* Fallback to email for current account avatar

* Await un-awaited promises

* Remove unnecessary Prune

Prune was getting confused in browser and deleting memory in browser on
account switch. This method isn't needed since logout already removes
memory data, which is the condition for pruning

* Fix temp password in browser

* Use direct memory access until data is serializable

Safari uses a different message object extraction than firefox/chrome
and is removing `UInt8Array`s. Until all data passed into StorageService
is guaranteed serializable, we need to use direct access in state
service

* Reload badge and context menu on switch

* Gracefully switch account as they log out.

* Maintain location on account switch

* Remove unused state definitions

* Prefer null for state

undefined can be misinterpreted to indicate a value has not been set.

* Hack: structured clone in memory storage

We are currently getting dead objects on account switch due to updating
the object in the foreground state service. However, the storage service
is owned by the background. This structured clone hack ensures that all
objects stored in memory are owned by the appropriate context

* Null check nullable values

active account can be null, so we should include null safety in the
equality

* Correct background->foreground switch command

* Already providing background memory storage

* Handle connection and clipboard on switch account

* Prefer strict equal

* Ensure structuredClone is available to jsdom

This is a deficiency in jsdom --
https://github.com/jsdom/jsdom/issues/3363 -- structured clone is well
supported.

* Fixup types in faker class
2023-11-29 09:59:50 -05:00
Justin Baur
3451ee8133
Vault Timeout Service Tests & Bug Fix (#7021)
* Add Tests to VaultTimeoutService

* Fix Bug

Get availableTimeoutActions for the user actually locking
instead of getting the timeout actions for the active user.
2023-11-29 09:31:18 -05:00
ttalty
ed865a6747
[PM-3560] Adding the password complexity component to the password protected va… (#6936)
* Adding the password complexity component to the password protected valut export

* Removing the zxcvbn import as the component handles the strength check
2023-11-28 14:44:06 -05:00
Oscar Hinton
a5e3432f85
Assign ownership to many libs files (#6928)
Assign ownership to many of the remaining libs/common files.

Criteria for ownership:
* Files used by a single team, is now owned by that team.
* Files related to a domain owned by a team is now owned by that team.
* Where ownership is unclear the "lowest level" service takes ownership.
2023-11-27 20:59:44 +00:00
Shane Melton
f82f9ba0d0
[AC-1122] Add new admin access to all collections and items settings (#6703)
* [AC-1117] Add manage permission (#5910)

* Add 'manage' option to collection access permissions

* Add 'manage' to collection permissions

* remove service accidentally committed from another branch

* Update CLI commands

* update message casing to be consistent

* access selector model updates

* [AC-1374] Limit collection create/delete (#5963)

* feat: udate request/response/data/domain models for new column, refs AC-1374

* feat: create collection management ui, refs AC-1374

* fix: remove limitCollectionCdOwnerAdmin boolean from org update request, refs AC-1374

* fix: moved collection management UI, removed comments, refs AC-1374

* fix: observable chaining now properly calls API when local org updated, refs AC-1374

* fix: remove unused form template variables, refs AC-1374

* fix: clean up observable chain, refs AC-1374

* fix: remove parent.parent route, refs AC-1374

* fix: add cd explaination, refs AC-1374

* [AC-1649] Remove organizationId from collection-bulk-delete.request (#6343)

* refactor: remove organizationId from collection-bulk-delete-request, refs AC-1649

* refactor: remove request model from dialog component, refs AC-1649

* [AC-1174] Bulk collection management (#6133)

* [AC-1174] Add bulk edit collection access event type

* [AC-1174] Add bulk edit collection access menu option

* [AC-1174] Add initial bulk collections access dialog

* [AC-1174] Add logic to open bulk edit collections dialog

* [AC-1174] Move AccessItemView helper methods to access selector model to be shared

* [AC-1174] Add access selector to bulk collections dialog

* [AC-1174] Add bulk assign access method to collection-admin service

* [AC-1174] Introduce strongly typed BulkCollectionAccessRequest model

* [AC-1174] Update vault item event type name

* Update DialogService dependency

---------

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>

* Rename LimitCollectionCdOwnerAdmin -> LimitCollectionCreationDeletion (#6409)

* Add manage property to synced Collection data

* Revert "Add manage property to synced Collection data"

Pushed to feature branch instead of a new one

This reverts commit 65cd39589c.

* Add manage property to synced Collection data

* Revert "Add manage property to synced Collection data"

This reverts commit f7fa30b79a.

* [AC-1680] Add manage property to collection view and response models (#6417)

* Add manage property to synced Collection data

* Update tests

* feat: add LimitCollectionCreationDeletion conditional to canCreateNewCollections logic, refs AC-1659 (#6429)

* [AC-1669] Enforce Can Manage permission on Collection dialog (#6493)

* [AC-1669] Cleanup unhandled promise warnings

* [AC-1669] Force change detection to ensure AccessSelector has the most recent items

* [AC-1669] Initially select acting member when creating a new collection

* [AC-1669] Add validator to ensure manage permission is selected

* [AC-1669] Update error toast logic to support access tab errors

* [AC-1669] Add error icon

* [AC-1713] [Flexible collections] Add feature flags to clients (#6486)

* Add FlexibleCollections and BulkCollectionAccess flags

* Flag Collection Management settings

* Flag bulk collection access dialog

* Flag collection access modal changes

* [AC-1662] Add LimitCollecitonCreationDeletion conditional to CanDelete logic (#6526)

* feat: implement limitCollectionCreationDeletion into canDelete logic, refs AC-1662

* feat: make canDelete functions backwards compatible with feature flag, refs AC-1662

* feat: update vault-items.component for async getter, refs AC-1662

* feat: update configService injection, refs AC-1662

* feat: add config service to canDelete reference, refs AC-1662

* fix: remove configservice dependency from views, refs AC-1757 (#6686)

* Add missing provider to vault-items.stories (#6690)

* [AC-1730] Add new AllowAdminAccessToAllCollectionItems setting to org response models

* [AC-1730] Add new AllowAdminAccessToAllCollectionItems setting to org request model

* [AC-1730] Add new collection setting to UI and include it when submitting

* [AC-1122] Add V1 feature flag

* [AC-1122] Hide new setting behind V1 feature flag

* [AC-1122] Add support for disabled form control

---------

Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2023-11-27 11:44:15 -08:00
Jared Snider
687ec0c4c0
PM-5001 - WebAuthn-Login.strategy - set user key should set the master key encrypted user key if it exists so that the passkey authN + MP decryption flow can work. (#6978) 2023-11-27 13:33:15 -05:00
Vincent Salucci
aac4177a6c
[AC-1179][AC-1738] Event log for collection management setting (#6699)
* [AC-1117] Add manage permission (#5910)

* Add 'manage' option to collection access permissions

* Add 'manage' to collection permissions

* remove service accidentally committed from another branch

* Update CLI commands

* update message casing to be consistent

* access selector model updates

* [AC-1374] Limit collection create/delete (#5963)

* feat: udate request/response/data/domain models for new column, refs AC-1374

* feat: create collection management ui, refs AC-1374

* fix: remove limitCollectionCdOwnerAdmin boolean from org update request, refs AC-1374

* fix: moved collection management UI, removed comments, refs AC-1374

* fix: observable chaining now properly calls API when local org updated, refs AC-1374

* fix: remove unused form template variables, refs AC-1374

* fix: clean up observable chain, refs AC-1374

* fix: remove parent.parent route, refs AC-1374

* fix: add cd explaination, refs AC-1374

* [AC-1649] Remove organizationId from collection-bulk-delete.request (#6343)

* refactor: remove organizationId from collection-bulk-delete-request, refs AC-1649

* refactor: remove request model from dialog component, refs AC-1649

* [AC-1174] Bulk collection management (#6133)

* [AC-1174] Add bulk edit collection access event type

* [AC-1174] Add bulk edit collection access menu option

* [AC-1174] Add initial bulk collections access dialog

* [AC-1174] Add logic to open bulk edit collections dialog

* [AC-1174] Move AccessItemView helper methods to access selector model to be shared

* [AC-1174] Add access selector to bulk collections dialog

* [AC-1174] Add bulk assign access method to collection-admin service

* [AC-1174] Introduce strongly typed BulkCollectionAccessRequest model

* [AC-1174] Update vault item event type name

* Update DialogService dependency

---------

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>

* Rename LimitCollectionCdOwnerAdmin -> LimitCollectionCreationDeletion (#6409)

* Add manage property to synced Collection data

* Revert "Add manage property to synced Collection data"

Pushed to feature branch instead of a new one

This reverts commit 65cd39589c.

* Add manage property to synced Collection data

* Revert "Add manage property to synced Collection data"

This reverts commit f7fa30b79a.

* [AC-1680] Add manage property to collection view and response models (#6417)

* Add manage property to synced Collection data

* Update tests

* feat: add LimitCollectionCreationDeletion conditional to canCreateNewCollections logic, refs AC-1659 (#6429)

* [AC-1669] Enforce Can Manage permission on Collection dialog (#6493)

* [AC-1669] Cleanup unhandled promise warnings

* [AC-1669] Force change detection to ensure AccessSelector has the most recent items

* [AC-1669] Initially select acting member when creating a new collection

* [AC-1669] Add validator to ensure manage permission is selected

* [AC-1669] Update error toast logic to support access tab errors

* [AC-1669] Add error icon

* [AC-1713] [Flexible collections] Add feature flags to clients (#6486)

* Add FlexibleCollections and BulkCollectionAccess flags

* Flag Collection Management settings

* Flag bulk collection access dialog

* Flag collection access modal changes

* feat: update event type with new collection management event, refs AC-1179

* [AC-1662] Add LimitCollecitonCreationDeletion conditional to CanDelete logic (#6526)

* feat: implement limitCollectionCreationDeletion into canDelete logic, refs AC-1662

* feat: make canDelete functions backwards compatible with feature flag, refs AC-1662

* feat: update vault-items.component for async getter, refs AC-1662

* feat: update configService injection, refs AC-1662

* feat: add config service to canDelete reference, refs AC-1662

* fix: remove configservice dependency from views, refs AC-1757 (#6686)

* feat: add new event type and update event service, refs AC-1179

* Add missing provider to vault-items.stories (#6690)

* fix: enum typo and name scheme, refs AC-1179

* fix: update message example, refs AC-1179

* fix: modifiedCollectionManagement message example, refs AC-1179

---------

Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com>
Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: Shane Melton <smelton@bitwarden.com>
2023-11-27 12:08:25 -06:00