bitwarden-estensione-browser/src/app/tools/weak-passwords-report.compo...

import {
    Component,
    OnInit,
} from '@angular/core';

import { CipherService } from 'jslib-common/abstractions/cipher.service';
import { MessagingService } from 'jslib-common/abstractions/messaging.service';
import { PasswordGenerationService } from 'jslib-common/abstractions/passwordGeneration.service';
import { PasswordRepromptService } from 'jslib-common/abstractions/passwordReprompt.service';
import { UserService } from 'jslib-common/abstractions/user.service';

import { ModalService } from 'jslib-angular/services/modal.service';

import { CipherView } from 'jslib-common/models/view/cipherView';

import { CipherType } from 'jslib-common/enums/cipherType';

import { CipherReportComponent } from './cipher-report.component';

@Component({
    selector: 'app-weak-passwords-report',
    templateUrl: 'weak-passwords-report.component.html',
})
export class WeakPasswordsReportComponent extends CipherReportComponent implements OnInit {

    passwordStrengthMap = new Map<string, [string, string]>();

    private passwordStrengthCache = new Map<string, number>();

    constructor(protected cipherService: CipherService, protected passwordGenerationService: PasswordGenerationService,
        modalService: ModalService, messagingService: MessagingService, userService: UserService,
        passwordRepromptService: PasswordRepromptService) {
        super(modalService, userService, messagingService, passwordRepromptService, true);
    }

    async ngOnInit() {
        if (await this.checkAccess()) {
            await super.load();
        }
    }

    async setCiphers() {
        const allCiphers = await this.getAllCiphers();
        const weakPasswordCiphers: CipherView[] = [];
        const isUserNameNotEmpty = (c: CipherView): boolean => {
            return c.login.username != null && c.login.username.trim() !== '';
        };
        const getCacheKey = (c: CipherView): string => {
            return c.login.password + '_____' + (isUserNameNotEmpty(c) ? c.login.username : '');
        };

        allCiphers.forEach(c => {
            if (c.type !== CipherType.Login || c.login.password == null || c.login.password === '' || c.isDeleted) {
                return;
            }
            const hasUserName = isUserNameNotEmpty(c);
            const cacheKey = getCacheKey(c);
            if (!this.passwordStrengthCache.has(cacheKey)) {
                let userInput: string[] = [];
                if (hasUserName) {
                    const atPosition = c.login.username.indexOf('@');
                    if (atPosition > -1) {
                        userInput = userInput.concat(
                            c.login.username.substr(0, atPosition).trim().toLowerCase().split(/[^A-Za-z0-9]/))
                            .filter(i => i.length >= 3);
                    } else {
                        userInput = c.login.username.trim().toLowerCase().split(/[^A-Za-z0-9]/)
                            .filter(i => i.length >= 3);
                    }
                }
                const result = this.passwordGenerationService.passwordStrength(c.login.password,
                    userInput.length > 0 ? userInput : null);
                this.passwordStrengthCache.set(cacheKey, result.score);
            }
            const score = this.passwordStrengthCache.get(cacheKey);
            if (score != null && score <= 2) {
                this.passwordStrengthMap.set(c.id, this.scoreKey(score));
                weakPasswordCiphers.push(c);
            }
        });
        weakPasswordCiphers.sort((a, b) => {
            return this.passwordStrengthCache.get(getCacheKey(a)) -
                this.passwordStrengthCache.get(getCacheKey(b));
        });
        this.ciphers = weakPasswordCiphers;
    }

    protected getAllCiphers(): Promise<CipherView[]> {
        return this.cipherService.getAllDecrypted();
    }

    protected canManageCipher(c: CipherView): boolean {
        // this will only ever be false from the org view;
        return true;
    }

    private scoreKey(score: number): [string, string] {
        switch (score) {
            case 4:
                return ['strong', 'success'];
            case 3:
                return ['good', 'primary'];
            case 2:
                return ['weak', 'warning'];
            default:
                return ['veryWeak', 'danger'];
        }
    }
}
weak passwords report 2018-12-11 23:49:51 +01:00			`import {`
			`Component,`
			`OnInit,`
			`} from '@angular/core';`

Add jslib as a "real" dependency (#951) * Add jslib as a dependency * Cleanup tsconfig, webpack, add jslib-angular to package.json * Update all import paths * Add back @types/node. * Lint * Remove dummy module * Remove merge conflict * Group imports * Bump jslib 2021-06-07 20:13:58 +02:00			`import { CipherService } from 'jslib-common/abstractions/cipher.service';`
			`import { MessagingService } from 'jslib-common/abstractions/messaging.service';`
			`import { PasswordGenerationService } from 'jslib-common/abstractions/passwordGeneration.service';`
Enforce password reprompt from reports pages (#1225) 2021-10-11 15:32:30 +02:00			`import { PasswordRepromptService } from 'jslib-common/abstractions/passwordReprompt.service';`
Add jslib as a "real" dependency (#951) * Add jslib as a dependency * Cleanup tsconfig, webpack, add jslib-angular to package.json * Update all import paths * Add back @types/node. * Lint * Remove dummy module * Remove merge conflict * Group imports * Bump jslib 2021-06-07 20:13:58 +02:00			`import { UserService } from 'jslib-common/abstractions/user.service';`
weak passwords report 2018-12-11 23:49:51 +01:00
Add show/hide button to password prompt (#1034) 2021-08-27 14:50:58 +02:00			`import { ModalService } from 'jslib-angular/services/modal.service';`

Add jslib as a "real" dependency (#951) * Add jslib as a dependency * Cleanup tsconfig, webpack, add jslib-angular to package.json * Update all import paths * Add back @types/node. * Lint * Remove dummy module * Remove merge conflict * Group imports * Bump jslib 2021-06-07 20:13:58 +02:00			`import { CipherView } from 'jslib-common/models/view/cipherView';`
weak passwords report 2018-12-11 23:49:51 +01:00
Add jslib as a "real" dependency (#951) * Add jslib as a dependency * Cleanup tsconfig, webpack, add jslib-angular to package.json * Update all import paths * Add back @types/node. * Lint * Remove dummy module * Remove merge conflict * Group imports * Bump jslib 2021-06-07 20:13:58 +02:00			`import { CipherType } from 'jslib-common/enums/cipherType';`
weak passwords report 2018-12-11 23:49:51 +01:00
base cipher report component class 2018-12-12 15:11:10 +01:00			`import { CipherReportComponent } from './cipher-report.component';`
weak passwords report 2018-12-11 23:49:51 +01:00
			`@Component({`
			`selector: 'app-weak-passwords-report',`
			`templateUrl: 'weak-passwords-report.component.html',`
			`})`
base cipher report component class 2018-12-12 15:11:10 +01:00			`export class WeakPasswordsReportComponent extends CipherReportComponent implements OnInit {`
Sort weak passwords by severity (#446) * Sort weak passwords by weakness * Move static methods into local const 2021-04-06 00:23:48 +02:00
weak passwords report 2018-12-11 23:49:51 +01:00			`passwordStrengthMap = new Map<string, [string, string]>();`

use cache instead of async 2018-12-12 17:22:11 +01:00			`private passwordStrengthCache = new Map<string, number>();`

add more org reports 2018-12-14 20:42:04 +01:00			`constructor(protected cipherService: CipherService, protected passwordGenerationService: PasswordGenerationService,`
Enforce password reprompt from reports pages (#1225) 2021-10-11 15:32:30 +02:00			`modalService: ModalService, messagingService: MessagingService, userService: UserService,`
			`passwordRepromptService: PasswordRepromptService) {`
			`super(modalService, userService, messagingService, passwordRepromptService, true);`
base cipher report component class 2018-12-12 15:11:10 +01:00			`}`
weak passwords report 2018-12-11 23:49:51 +01:00
premium checks on reports 2018-12-12 15:29:51 +01:00			`async ngOnInit() {`
exposed passwords report for orgs 2018-12-14 19:56:01 +01:00			`if (await this.checkAccess()) {`
premium checks on reports 2018-12-12 15:29:51 +01:00			`await super.load();`
			`}`
weak passwords report 2018-12-11 23:49:51 +01:00			`}`

base cipher report component class 2018-12-12 15:11:10 +01:00			`async setCiphers() {`
add more org reports 2018-12-14 20:42:04 +01:00			`const allCiphers = await this.getAllCiphers();`
weak passwords report 2018-12-11 23:49:51 +01:00			`const weakPasswordCiphers: CipherView[] = [];`
Sort weak passwords by severity (#446) * Sort weak passwords by weakness * Move static methods into local const 2021-04-06 00:23:48 +02:00			`const isUserNameNotEmpty = (c: CipherView): boolean => {`
			`return c.login.username != null && c.login.username.trim() !== '';`
Resolve org user confirm not showing error when hide fingerprint is enabled (#918) 2021-04-09 00:46:16 +02:00			`};`
			`const getCacheKey = (c: CipherView): string => {`
Sort weak passwords by severity (#446) * Sort weak passwords by weakness * Move static methods into local const 2021-04-06 00:23:48 +02:00			`return c.login.password + '_____' + (isUserNameNotEmpty(c) ? c.login.username : '');`
Resolve org user confirm not showing error when hide fingerprint is enabled (#918) 2021-04-09 00:46:16 +02:00			`};`
Sort weak passwords by severity (#446) * Sort weak passwords by weakness * Move static methods into local const 2021-04-06 00:23:48 +02:00
Fix glob processing in npm. Ban single param parens (#818) 2021-02-03 18:41:33 +01:00			`allCiphers.forEach(c => {`
Exclude deleted items from any/all reports (#700) 2020-11-24 18:36:40 +01:00			`if (c.type !== CipherType.Login \|\| c.login.password == null \|\| c.login.password === '' \|\| c.isDeleted) {`
weak passwords report 2018-12-11 23:49:51 +01:00			`return;`
			`}`
Sort weak passwords by severity (#446) * Sort weak passwords by weakness * Move static methods into local const 2021-04-06 00:23:48 +02:00			`const hasUserName = isUserNameNotEmpty(c);`
			`const cacheKey = getCacheKey(c);`
userInputs for strength check based on username 2018-12-13 01:37:27 +01:00			`if (!this.passwordStrengthCache.has(cacheKey)) {`
			`let userInput: string[] = [];`
Sort weak passwords by severity (#446) * Sort weak passwords by weakness * Move static methods into local const 2021-04-06 00:23:48 +02:00			`if (hasUserName) {`
userInputs for strength check based on username 2018-12-13 01:37:27 +01:00			`const atPosition = c.login.username.indexOf('@');`
			`if (atPosition > -1) {`
			`userInput = userInput.concat(`
			`c.login.username.substr(0, atPosition).trim().toLowerCase().split(/[^A-Za-z0-9]/))`
Fix glob processing in npm. Ban single param parens (#818) 2021-02-03 18:41:33 +01:00			`.filter(i => i.length >= 3);`
userInputs for strength check based on username 2018-12-13 01:37:27 +01:00			`} else {`
			`userInput = c.login.username.trim().toLowerCase().split(/[^A-Za-z0-9]/)`
Fix glob processing in npm. Ban single param parens (#818) 2021-02-03 18:41:33 +01:00			`.filter(i => i.length >= 3);`
userInputs for strength check based on username 2018-12-13 01:37:27 +01:00			`}`
			`}`
			`const result = this.passwordGenerationService.passwordStrength(c.login.password,`
			`userInput.length > 0 ? userInput : null);`
			`this.passwordStrengthCache.set(cacheKey, result.score);`
use cache instead of async 2018-12-12 17:22:11 +01:00			`}`
userInputs for strength check based on username 2018-12-13 01:37:27 +01:00			`const score = this.passwordStrengthCache.get(cacheKey);`
Stop showing score 3 passwords as weak passwords (#445) 2020-01-27 14:30:19 +01:00			`if (score != null && score <= 2) {`
use cache instead of async 2018-12-12 17:22:11 +01:00			`this.passwordStrengthMap.set(c.id, this.scoreKey(score));`
			`weakPasswordCiphers.push(c);`
			`}`
weak passwords report 2018-12-11 23:49:51 +01:00			`});`
Sort weak passwords by severity (#446) * Sort weak passwords by weakness * Move static methods into local const 2021-04-06 00:23:48 +02:00			`weakPasswordCiphers.sort((a, b) => {`
			`return this.passwordStrengthCache.get(getCacheKey(a)) -`
			`this.passwordStrengthCache.get(getCacheKey(b));`
			`});`
weak passwords report 2018-12-11 23:49:51 +01:00			`this.ciphers = weakPasswordCiphers;`
			`}`

add more org reports 2018-12-14 20:42:04 +01:00			`protected getAllCiphers(): Promise<CipherView[]> {`
			`return this.cipherService.getAllDecrypted();`
			`}`

Implemented Custom role and permissions (#750) * Implemented Custom role and permissions * converted Permissions interface into a class * fixed a merge issue * updated jslib * code review cleanup for Permissions * trailing commas 2021-01-12 21:31:22 +01:00			`protected canManageCipher(c: CipherView): boolean {`
			`// this will only ever be false from the org view;`
			`return true;`
			`}`

weak passwords report 2018-12-11 23:49:51 +01:00			`private scoreKey(score: number): [string, string] {`
			`switch (score) {`
			`case 4:`
			`return ['strong', 'success'];`
			`case 3:`
			`return ['good', 'primary'];`
			`case 2:`
			`return ['weak', 'warning'];`
			`default:`
			`return ['veryWeak', 'danger'];`
			`}`
			`}`
			`}`