Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-23 11:56:00 +01:00
Code Issues Projects Releases Wiki Activity
1,417 Commits 697 Branches 458 Tags 951 MiB
b99103d3f7
Commit Graph

70 Commits

Author SHA1 Message Date
Kyle Spearrin
b99103d3f7
validate path for directory traversal (#540) 
* validate path for directory traversal

* use previously constructed requestUrl
 2021-11-10 15:13:13 -05:00
Kyle Spearrin
1b4a5508bd Revert "clean api url paths from directory traversal (#539)" 
This reverts commit ea29f580a5.
 2021-11-10 13:37:31 -05:00
Kyle Spearrin
ea29f580a5
clean api url paths from directory traversal (#539) 2021-11-09 15:37:58 -05:00
Kyle Spearrin
c4fb4a35ab
don't allow @ character in uriString prefixing (#538) 2021-11-09 11:16:40 -05:00
Oscar Hinton
8f177e2d3a
Add support for requesting and using otp for verifying some requests (#527) 
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
 2021-11-09 17:01:22 +01:00
Thomas Rittson
dbda39e10f
Add Linked Field as custom field type (#431) 
* Basic proof of concept of Linked custom fields

* Linked Fields for all cipher types, use dropdown

* Move linkedFieldOptions to view models

* Move add-edit custom fields to own component

* Fix change handling if cipherType changes

* Use Field.LinkedId to store linked field info

* Refactor accessors in cipherView for type safety

* Use map for linkedFieldOptions

* Refactor: use decorators to record linkable info

* Add ItemView

* Use enums for linked field ids

* Add union type for linkedId enums, add jsdoc comment

* Use parameter properties for linkedFieldOption

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>

* Fix type casting

Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
 2021-11-03 08:03:37 +10:00
Matt Gibson
e90cc40f68
Allow managers to create collections (#530) 2021-10-27 13:06:27 -05:00
pan93412
257de6517c
feat: add an importer for Safari (CSV) (#512) 
* feat(importers/safariCsvImporter): add the importer for Safari (CSV)

* Revert changes to package-lock.json

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
 2021-10-26 17:00:03 +10:00
Oscar Hinton
71f8ef601f
Add support for crypto agent (#520) 2021-10-25 18:21:40 +02:00
Matt Gibson
815b436f7c
Fix Typo. Collection create has full view access (#523) 2021-10-20 10:31:25 -05:00
Oscar Hinton
f09fb69882
Remove empty catch blocks, and update tslint rule (#513) 2021-10-19 10:32:14 +02:00
Oscar Hinton
14a60773cc
Add logic for fetching organization policies if the user has access through a provider (#519) 2021-10-14 09:33:46 +02:00
Oscar Hinton
e3ab324d59
Fix OrganizationSsoResponse not behaving correctly in production (#515) 2021-10-12 13:57:08 +02:00
Oscar Hinton
764dc40b36
Change policyAppliesToUser to behave differently for MaximumVaultTimeout (#514) 2021-10-11 18:35:06 +02:00
Oscar Hinton
bfa9a1e1bc
Remove Business Portal, add SSO configuration models (#506) 2021-10-06 19:36:20 +02:00
Matt Gibson
562e1fe459
Feature/split manage collections permission (#504) 
* Split manage collections permissions

* Convert camel to pascal case for element id -> name
 2021-10-01 07:50:30 -05:00
Thomas Rittson
ce71c0c0bd
Add theme enums and platformUtilsService helper (#497) 
* Use enum for themes, add getEffectiveTheme

* Update electron and cli to use theme refactor
 2021-09-30 06:37:36 +10:00
Oscar Hinton
206ef610d0
Bump signalr to 5.0.10 (#502) 2021-09-28 15:47:19 +02:00
Vincent Salucci
16e998e664
[Reset Password v1] Refactor ForcePasswordReset into AuthResult (#481) 2021-09-17 10:53:50 -05:00
Matt Gibson
5cec31f871
Organization autoscaling (#487) 
* Seat autoscaling api changes

* Update all organization subscription
aspects with one api call

* Remove disable autoscale option

* Remove autoscale request references

* Remove autoscale update
 2021-09-17 10:20:48 -05:00
Oscar Hinton
83548a6753
Remove deprecated index.ts (#490) 
* Remove deprecated index.ts

* Update tests
 2021-09-17 14:57:31 +02:00
Dane Powell
da6fde4b15
Add constants for biometrics auto-prompt option (#483) 
* Add constants for biometrics auto-prompt option

* rename constant

Co-authored-by: Michael Cho <mcho@tutanota.com>
 2021-09-16 21:00:13 +02:00
Vincent Salucci
da132217da
[SSO Auto Enroll] Auto Enroll status retrieval (#486) 
* [SSO Auto Enroll] Auto Enroll status retrieval

* Fixed import order

* Updated object property
 2021-09-15 12:54:44 -05:00
Oscar Hinton
ee1ea922a9
Disable Private Vault Export Policy (#482) 2021-09-14 16:32:06 +02:00
Oscar Hinton
32774561f3
Add MaximumVaultTimeout policy type (#480) 2021-09-09 17:05:40 +02:00
Thomas Rittson
5f64d95652
Fixes and cleanup for policyAppliesToUser (#476) 
* Fix canManagePolicies logic to include providers

* Move new logic to isOwner (same as server)

* Refactor policyAppliesToUser

* Use const instead of var

* Fix linting
 2021-09-09 07:34:27 +10:00
Oscar Hinton
bbe8d3df48
Revert "Vault Timeout Policy (#474)" (#479) 
This reverts commit bba2812fdd.
 2021-09-08 23:06:42 +02:00
Oscar Hinton
bba2812fdd
Vault Timeout Policy (#474) 2021-09-08 22:02:19 +02:00
Joseph Flinn
5784a6d4fc
Adding a PayPalConfig environment type (#478) 
* Adding a PayPalConfig environment type for the web vault

* Adding missing semicolon
 2021-09-08 12:34:23 -07:00
Vincent Salucci
ef743ea8ca
[SSO] Set password auto enroll update (#472) 
* [SSO/Auto Enroll] Set Password enrolls new user

* Fixed typo

* Linter updates

* Cleanup // Constructor for SetPasswordRequest
 2021-09-03 14:49:03 -05:00
Thomas Rittson
6c9485596c
Add event type for ResetSsoLink (#475) 2021-09-03 09:59:22 -04:00
Thomas Rittson
30419a625f
Move policy checks within policyService (#466) 
* Move policy logic within policyService

* Remove unneeded import

* Clean up unused code

* Fix linting

* Enforce policies from accepting org invite

* Only exempt owner or admin from policies

* Use canManagePolicies as exemption criteria

* Make orgUser status check more semantic

Co-authored-by: Addison Beck <abeck@bitwarden.com>

Co-authored-by: Addison Beck <abeck@bitwarden.com>
 2021-08-31 06:52:57 +10:00
Oscar Hinton
daa4f6f9a6
Dynamic Modals (#417) 
* Move backdrop and click handler to modal service since they should not be used in web

* Add support for opening modals using ViewContainerRef
 2021-08-26 10:04:29 +02:00
Thomas Rittson
358260596b
Add null check to electronStorageService.Save (#461) 
* Add default value for ForcePasswordReset

* Add null check to electronStorageService instead

* Add default value to ForcePasswordReset

* Update electron/src/services/electronStorage.service.ts

* Fix indention issue from GH suggestion

Co-authored-by: Oscar Hinton <oscar@oscarhinton.com>
 2021-08-20 16:01:50 +02:00
Oscar Hinton
f1f5d1a7f2
Revert WebAuthn iFrame handler (#462) 2021-08-20 14:46:02 +02:00
Daniel James Smith
309ea8ca9d
Add missing locale entry for AZ language (#459) 2021-08-19 22:43:28 +02:00
Matt Gibson
1f0127966e
Generalize token refreshing to include reauth by api key (#456) 2021-08-13 08:28:03 -05:00
Matt Gibson
0180d0cce5
Provide information to set webauthn allow in html template (#455) 2021-08-12 15:12:31 -05:00
Matt Gibson
c5f236c2e4
Use apikey client secret as captcha validation (#454) 
* Use apikey client secret as captcha validation

* Linter fixes
 2021-08-12 15:11:26 -05:00
Thomas Rittson
c694591e4c
Use UrlB64 encoding for auth-email header (#450) 2021-08-11 06:33:15 +10:00
Vincent Salucci
c2e434e333
[Reset Password v1] Update Temp Password (#446) 
* [Reset Password v1] Update Temp Password

* Updating router to protected for child classes to access
 2021-08-10 08:02:53 -04:00
Matt Gibson
027747246c
Add event type for provider accessing client vault (#448) 2021-08-05 07:50:56 -05:00
Matt Gibson
65c998dd0d
Iterate over enum values (#445) 2021-07-30 13:57:42 -05:00
Matt Gibson
fdf0eb989b
Provide owner with Provider client org create requst (#444) 2021-07-30 08:11:12 -05:00
Matt Gibson
db2e2f1977
Correct ProviderOrgCreate return type (#442) 2021-07-29 07:43:38 -05:00
Matt Gibson
ecdd08624f
Feature/cli fail login on captcha request (#439) 
* Fail CLI login if captcha is required by the server.

* Linter fixes
 2021-07-23 14:27:48 -05:00
Oscar Hinton
e1ce721364
[Provider] Refresh identity token on full sync (#437) 2021-07-23 20:05:34 +02:00
Oscar Hinton
de288913e4
Add helper methods to EnvironmentService for retrieving urls (#435) 2021-07-23 20:03:52 +02:00
Matt Gibson
e9d9cd0182
Feature/use hcaptcha on register if bot (#434) 
* Parse captcha required from error messages

CaptchaProtectedAttribute produces an error with captcha information.
We want to parse that data out to make it easily accessible to components

* Don't show error on catpcha

The component should hande this situation.

* Add captchaResponse to captcha protected api endpoints

* Extract captcha logic to abstract base class

* Add captcha to register

* linter fixes

* Make sure to log Captcha required responses

* Match file naming convention

* Separate import into logical groups by folder

* PR review
 2021-07-22 12:28:45 -05:00
Matt Gibson
ea0c8267d4
Rename captcha bypass token (#433) 2021-07-21 13:35:15 -05:00