[Exemption] Updated policy messages (#984)

* Updated messages // added exemption message // added callout * updated strings - futureproofing
2025-01-21 21:41:21 +01:00 · 2020-11-10 09:53:44 -06:00 · 2020-11-10 09:53:44 -06:00 · d9cd7551fe
commit d9cd7551fe
parent 26fb6fc3b7
3 changed files with 14 additions and 3 deletions
--- a/bitwarden_license/src/Portal/Views/Policies/Edit.cshtml
+++ b/bitwarden_license/src/Portal/Views/Policies/Edit.cshtml
@ -42,6 +42,13 @@
            </h3>
            @i18nService.T("RequireSsoPolicyReq")
        </div>
+        <div class="callout callout-warning" role="alert">
+            <h3 class="callout-heading">
+                <i class="fa fa-warning" *ngIf="icon" aria-hidden="true"></i>
+                @i18nService.T("Warning")
+            </h3>
+            @i18nService.T("RequireSsoExemption")
+        </div>
    }
    
    <div asp-validation-summary="ModelOnly" class="alert alert-danger"></div>
--- a/src/Core/Resources/SharedResources.en.resx
+++ b/src/Core/Resources/SharedResources.en.resx
@ -149,7 +149,7 @@
    <value>Edit Policy - {0}</value>
  </data>
  <data name="EditPolicyTwoStepLoginWarning" xml:space="preserve">
-    <value>Organization members who do not have two-step login enabled for their personal account will be removed from the organization and will receive an email notifying them about the change.</value>
+    <value>Organization members who are not Owners or Administrators and do not have two-step login enabled for their personal account will be removed from the organization and will receive an email notifying them about the change.</value>
  </data>
  <data name="Save" xml:space="preserve">
    <value>Save</value>
@ -546,7 +546,7 @@
    <value>Restrict users from being able to join any other organizations.</value>
  </data>
  <data name="SingleOrganizationPolicyWarning" xml:space="preserve">
-    <value>Organization members who are already a part of another organization will be removed from this organization and will receive an email notifying them about the change.</value>
+    <value>Organization members who are not Owners or Administrators and are already a part of another organization will be removed from this organization and will receive an email notifying them about the change.</value>
  </data>
  <data name="RequireSso" xml:space="preserve">
    <value>Single Sign-On Authentication</value>
@ -563,4 +563,7 @@
  <data name="RequireSsoPolicyReqError" xml:space="preserve">
    <value>Single Organization policy not enabled.</value>
  </data>
+  <data name="RequireSsoExemption" xml:space="preserve">
+    <value>Organization Owners and Administrators are exempt from this policy's enforcement.</value>
+  </data>
 </root>
--- a/src/Core/Services/Implementations/PolicyService.cs
+++ b/src/Core/Services/Implementations/PolicyService.cs
@ -78,7 +78,8 @@ namespace Bit.Core.Services
                        policy.OrganizationId);
                    var removableOrgUsers = orgUsers.Where(ou =>
                        ou.Status != Enums.OrganizationUserStatusType.Invited &&
-                        ou.Type != Enums.OrganizationUserType.Owner && ou.UserId != savingUserId);
+                        ou.Type != Enums.OrganizationUserType.Owner && ou.Type != Enums.OrganizationUserType.Admin && 
+                        ou.UserId != savingUserId);
                    switch (currentPolicy.Type)
                    {
                        case Enums.PolicyType.TwoFactorAuthentication: