MaximumVaultTimeout policy fixes (#1573)

2021-10-12 15:35:01 +02:00 · 2021-10-12 15:35:01 +02:00 · c9ce7256e5
parent 34aba0e168
commit c9ce7256e5
2 changed files with 30 additions and 20 deletions
--- a/src/App/Pages/Settings/SettingsPage/SettingsPageViewModel.cs
+++ b/src/App/Pages/Settings/SettingsPage/SettingsPageViewModel.cs
@ -418,25 +418,6 @@ namespace Bit.App.Pages
                new SettingsPageListItem { Name = AppResources.LockNow },
                new SettingsPageListItem { Name = AppResources.TwoStepLogin }
            };
-            if (_vaultTimeoutDisplayValue == AppResources.Custom)
-            {
-                securityItems.Insert(1, new SettingsPageListItem
-                {
-                    Name = AppResources.Custom,
-                    Time = TimeSpan.FromMinutes(Math.Abs((double) _vaultTimeout)),
-                });
-            }
-            if (_vaultTimeoutPolicy != null)
-            {
-                var maximumTimeout = _policyService.GetPolicyInt(_vaultTimeoutPolicy, "minutes").GetValueOrDefault();
-                securityItems.Insert(0, new SettingsPageListItem
-                {
-                    Name = string.Format(AppResources.VaultTimeoutPolicyInEffect,
-                        Math.Floor((float) maximumTimeout / 60),
-                        maximumTimeout % 60),
-                    UseFrame = true,
-                });
-            }
            if (_supportsBiometric || _biometric)
            {
                var biometricName = AppResources.Biometrics;
@ -452,6 +433,25 @@ namespace Bit.App.Pages
                };
                securityItems.Insert(2, item);
            }
+            if (_vaultTimeoutDisplayValue == AppResources.Custom)
+            {
+                securityItems.Insert(1, new SettingsPageListItem
+                {
+                    Name = AppResources.Custom,
+                    Time = TimeSpan.FromMinutes(Math.Abs((double)_vaultTimeout)),
+                });
+            }
+            if (_vaultTimeoutPolicy != null)
+            {
+                var maximumTimeout = _policyService.GetPolicyInt(_vaultTimeoutPolicy, "minutes").GetValueOrDefault();
+                securityItems.Insert(0, new SettingsPageListItem
+                {
+                    Name = string.Format(AppResources.VaultTimeoutPolicyInEffect,
+                        Math.Floor((float)maximumTimeout / 60),
+                        maximumTimeout % 60),
+                    UseFrame = true,
+                });
+            }
            var accountItems = new List<SettingsPageListItem>
            {
                new SettingsPageListItem { Name = AppResources.FingerprintPhrase },
--- a/src/Core/Services/PolicyService.cs
+++ b/src/Core/Services/PolicyService.cs
@ -220,10 +220,20 @@ namespace Bit.Core.Services
                o.Enabled &&
                o.Status >= OrganizationUserStatusType.Accepted &&
                o.UsePolicies &&
-                !o.isExemptFromPolicies &&
+                !isExcemptFromPolicies(o, policyType) &&
                policySet.Contains(o.Id));
        }

+        private bool isExcemptFromPolicies(Organization organization, PolicyType policyType)
+        {
+            if (policyType == PolicyType.MaximumVaultTimeout)
+            {
+                return organization.Type == OrganizationUserType.Owner;
+            }
+
+            return organization.isExemptFromPolicies;
+        }
+
        public int? GetPolicyInt(Policy policy, string key)
        {
            if (policy.Data.ContainsKey(key))