Merge branch 'main' of https://github.com/bitwarden/clients into ac/ac-217/migrate-to-cl-banners
This commit is contained in:
commit
7f215207ee
|
@ -1120,9 +1120,6 @@
|
||||||
"commandLockVaultDesc": {
|
"commandLockVaultDesc": {
|
||||||
"message": "Lock the vault"
|
"message": "Lock the vault"
|
||||||
},
|
},
|
||||||
"privateModeWarning": {
|
|
||||||
"message": "Private mode support is experimental and some features are limited."
|
|
||||||
},
|
|
||||||
"customFields": {
|
"customFields": {
|
||||||
"message": "Custom fields"
|
"message": "Custom fields"
|
||||||
},
|
},
|
||||||
|
|
|
@ -89,7 +89,6 @@
|
||||||
<p class="text-center" *ngIf="!fido2Data.isFido2Session">
|
<p class="text-center" *ngIf="!fido2Data.isFido2Session">
|
||||||
<button type="button" appStopClick (click)="logOut()">{{ "logOut" | i18n }}</button>
|
<button type="button" appStopClick (click)="logOut()">{{ "logOut" | i18n }}</button>
|
||||||
</p>
|
</p>
|
||||||
<app-private-mode-warning></app-private-mode-warning>
|
|
||||||
<app-callout *ngIf="biometricError" type="error">{{ biometricError }}</app-callout>
|
<app-callout *ngIf="biometricError" type="error">{{ biometricError }}</app-callout>
|
||||||
<p class="text-center text-muted" *ngIf="pendingBiometric">
|
<p class="text-center text-muted" *ngIf="pendingBiometric">
|
||||||
<i class="bwi bwi-spinner bwi-spin" aria-hidden="true"></i> {{ "awaitDesktop" | i18n }}
|
<i class="bwi bwi-spinner bwi-spin" aria-hidden="true"></i> {{ "awaitDesktop" | i18n }}
|
||||||
|
|
|
@ -57,7 +57,6 @@
|
||||||
</button>
|
</button>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<app-private-mode-warning></app-private-mode-warning>
|
|
||||||
<div class="content login-buttons">
|
<div class="content login-buttons">
|
||||||
<button type="submit" class="btn primary block" [disabled]="form.loading">
|
<button type="submit" class="btn primary block" [disabled]="form.loading">
|
||||||
<span [hidden]="form.loading"
|
<span [hidden]="form.loading"
|
||||||
|
|
|
@ -109,7 +109,6 @@ import { EncryptServiceImplementation } from "@bitwarden/common/platform/service
|
||||||
import { MultithreadEncryptServiceImplementation } from "@bitwarden/common/platform/services/cryptography/multithread-encrypt.service.implementation";
|
import { MultithreadEncryptServiceImplementation } from "@bitwarden/common/platform/services/cryptography/multithread-encrypt.service.implementation";
|
||||||
import { FileUploadService } from "@bitwarden/common/platform/services/file-upload/file-upload.service";
|
import { FileUploadService } from "@bitwarden/common/platform/services/file-upload/file-upload.service";
|
||||||
import { KeyGenerationService } from "@bitwarden/common/platform/services/key-generation.service";
|
import { KeyGenerationService } from "@bitwarden/common/platform/services/key-generation.service";
|
||||||
import { MemoryStorageService } from "@bitwarden/common/platform/services/memory-storage.service";
|
|
||||||
import { MigrationBuilderService } from "@bitwarden/common/platform/services/migration-builder.service";
|
import { MigrationBuilderService } from "@bitwarden/common/platform/services/migration-builder.service";
|
||||||
import { MigrationRunner } from "@bitwarden/common/platform/services/migration-runner";
|
import { MigrationRunner } from "@bitwarden/common/platform/services/migration-runner";
|
||||||
import { SystemService } from "@bitwarden/common/platform/services/system.service";
|
import { SystemService } from "@bitwarden/common/platform/services/system.service";
|
||||||
|
@ -356,10 +355,7 @@ export default class MainBackground {
|
||||||
private isSafari: boolean;
|
private isSafari: boolean;
|
||||||
private nativeMessagingBackground: NativeMessagingBackground;
|
private nativeMessagingBackground: NativeMessagingBackground;
|
||||||
|
|
||||||
constructor(
|
constructor(public popupOnlyContext: boolean = false) {
|
||||||
public isPrivateMode: boolean = false,
|
|
||||||
public popupOnlyContext: boolean = false,
|
|
||||||
) {
|
|
||||||
// Services
|
// Services
|
||||||
const lockedCallback = async (userId?: string) => {
|
const lockedCallback = async (userId?: string) => {
|
||||||
if (this.notificationsService != null) {
|
if (this.notificationsService != null) {
|
||||||
|
@ -443,10 +439,14 @@ export default class MainBackground {
|
||||||
this.secureStorageService = this.storageService; // secure storage is not supported in browsers, so we use local storage and warn users when it is used
|
this.secureStorageService = this.storageService; // secure storage is not supported in browsers, so we use local storage and warn users when it is used
|
||||||
this.memoryStorageForStateProviders = BrowserApi.isManifestVersion(3)
|
this.memoryStorageForStateProviders = BrowserApi.isManifestVersion(3)
|
||||||
? new BrowserMemoryStorageService() // mv3 stores to storage.session
|
? new BrowserMemoryStorageService() // mv3 stores to storage.session
|
||||||
: new BackgroundMemoryStorageService(); // mv2 stores to memory
|
: popupOnlyContext
|
||||||
|
? new ForegroundMemoryStorageService()
|
||||||
|
: new BackgroundMemoryStorageService(); // mv2 stores to memory
|
||||||
this.memoryStorageService = BrowserApi.isManifestVersion(3)
|
this.memoryStorageService = BrowserApi.isManifestVersion(3)
|
||||||
? this.memoryStorageForStateProviders // manifest v3 can reuse the same storage. They are split for v2 due to lacking a good sync mechanism, which isn't true for v3
|
? this.memoryStorageForStateProviders // manifest v3 can reuse the same storage. They are split for v2 due to lacking a good sync mechanism, which isn't true for v3
|
||||||
: new MemoryStorageService();
|
: popupOnlyContext
|
||||||
|
? new ForegroundMemoryStorageService()
|
||||||
|
: new BackgroundMemoryStorageService();
|
||||||
this.largeObjectMemoryStorageForStateProviders = BrowserApi.isManifestVersion(3)
|
this.largeObjectMemoryStorageForStateProviders = BrowserApi.isManifestVersion(3)
|
||||||
? mv3MemoryStorageCreator() // mv3 stores to local-backed session storage
|
? mv3MemoryStorageCreator() // mv3 stores to local-backed session storage
|
||||||
: this.memoryStorageForStateProviders; // mv2 stores to the same location
|
: this.memoryStorageForStateProviders; // mv2 stores to the same location
|
||||||
|
@ -1109,27 +1109,9 @@ export default class MainBackground {
|
||||||
await this.idleBackground.init();
|
await this.idleBackground.init();
|
||||||
this.webRequestBackground?.startListening();
|
this.webRequestBackground?.startListening();
|
||||||
|
|
||||||
if (this.platformUtilsService.isFirefox() && !this.isPrivateMode) {
|
|
||||||
// Set Private Mode windows to the default icon - they do not share state with the background page
|
|
||||||
const privateWindows = await BrowserApi.getPrivateModeWindows();
|
|
||||||
privateWindows.forEach(async (win) => {
|
|
||||||
await new UpdateBadge(self).setBadgeIcon("", win.id);
|
|
||||||
});
|
|
||||||
|
|
||||||
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
|
||||||
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
|
||||||
BrowserApi.onWindowCreated(async (win) => {
|
|
||||||
if (win.incognito) {
|
|
||||||
await new UpdateBadge(self).setBadgeIcon("", win.id);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
return new Promise<void>((resolve) => {
|
return new Promise<void>((resolve) => {
|
||||||
setTimeout(async () => {
|
setTimeout(async () => {
|
||||||
if (!this.isPrivateMode) {
|
await this.refreshBadge();
|
||||||
await this.refreshBadge();
|
|
||||||
}
|
|
||||||
await this.fullSync(true);
|
await this.fullSync(true);
|
||||||
setTimeout(() => this.notificationsService.init(), 2500);
|
setTimeout(() => this.notificationsService.init(), 2500);
|
||||||
resolve();
|
resolve();
|
||||||
|
|
|
@ -204,10 +204,6 @@ export class BrowserApi {
|
||||||
chrome.tabs.sendMessage<TabMessage, T>(tabId, message, options, responseCallback);
|
chrome.tabs.sendMessage<TabMessage, T>(tabId, message, options, responseCallback);
|
||||||
}
|
}
|
||||||
|
|
||||||
static async getPrivateModeWindows(): Promise<browser.windows.Window[]> {
|
|
||||||
return (await browser.windows.getAll()).filter((win) => win.incognito);
|
|
||||||
}
|
|
||||||
|
|
||||||
static async onWindowCreated(callback: (win: chrome.windows.Window) => any) {
|
static async onWindowCreated(callback: (win: chrome.windows.Window) => any) {
|
||||||
// FIXME: Make sure that is does not cause a memory leak in Safari or use BrowserApi.AddListener
|
// FIXME: Make sure that is does not cause a memory leak in Safari or use BrowserApi.AddListener
|
||||||
// and test that it doesn't break.
|
// and test that it doesn't break.
|
||||||
|
|
|
@ -138,28 +138,6 @@ describe("BrowserPopupUtils", () => {
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
describe("inPrivateMode", () => {
|
|
||||||
it("returns false if the background requires initialization", () => {
|
|
||||||
jest.spyOn(BrowserPopupUtils, "backgroundInitializationRequired").mockReturnValue(false);
|
|
||||||
|
|
||||||
expect(BrowserPopupUtils.inPrivateMode()).toBe(false);
|
|
||||||
});
|
|
||||||
|
|
||||||
it("returns false if the manifest version is for version 3", () => {
|
|
||||||
jest.spyOn(BrowserPopupUtils, "backgroundInitializationRequired").mockReturnValue(true);
|
|
||||||
jest.spyOn(BrowserApi, "manifestVersion", "get").mockReturnValue(3);
|
|
||||||
|
|
||||||
expect(BrowserPopupUtils.inPrivateMode()).toBe(false);
|
|
||||||
});
|
|
||||||
|
|
||||||
it("returns true if the background does not require initalization and the manifest version is version 2", () => {
|
|
||||||
jest.spyOn(BrowserPopupUtils, "backgroundInitializationRequired").mockReturnValue(true);
|
|
||||||
jest.spyOn(BrowserApi, "manifestVersion", "get").mockReturnValue(2);
|
|
||||||
|
|
||||||
expect(BrowserPopupUtils.inPrivateMode()).toBe(true);
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
describe("openPopout", () => {
|
describe("openPopout", () => {
|
||||||
beforeEach(() => {
|
beforeEach(() => {
|
||||||
jest.spyOn(BrowserApi, "getWindow").mockResolvedValueOnce({
|
jest.spyOn(BrowserApi, "getWindow").mockResolvedValueOnce({
|
||||||
|
|
|
@ -89,13 +89,6 @@ class BrowserPopupUtils {
|
||||||
return !BrowserApi.getBackgroundPage();
|
return !BrowserApi.getBackgroundPage();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Identifies if the popup is loading in private mode.
|
|
||||||
*/
|
|
||||||
static inPrivateMode() {
|
|
||||||
return BrowserPopupUtils.backgroundInitializationRequired() && !BrowserApi.isManifestVersion(3);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Opens a popout window of any extension page. If the popout window is already open, it will be focused.
|
* Opens a popout window of any extension page. If the popout window is already open, it will be focused.
|
||||||
*
|
*
|
||||||
|
|
|
@ -62,15 +62,6 @@ export class DefaultBrowserStateService
|
||||||
await super.addAccount(account);
|
await super.addAccount(account);
|
||||||
}
|
}
|
||||||
|
|
||||||
async getIsAuthenticated(options?: StorageOptions): Promise<boolean> {
|
|
||||||
// Firefox Private Mode can clash with non-Private Mode because they both read from the same onDiskOptions
|
|
||||||
// Check that there is an account in memory before considering the user authenticated
|
|
||||||
return (
|
|
||||||
(await super.getIsAuthenticated(options)) &&
|
|
||||||
(await this.getAccount(await this.defaultInMemoryOptions())) != null
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
// Overriding the base class to prevent deleting the cache on save. We register a storage listener
|
// Overriding the base class to prevent deleting the cache on save. We register a storage listener
|
||||||
// to delete the cache in the constructor above.
|
// to delete the cache in the constructor above.
|
||||||
protected override async saveAccountToDisk(
|
protected override async saveAccountToDisk(
|
||||||
|
|
|
@ -70,7 +70,6 @@ import { FolderAddEditComponent } from "../vault/popup/settings/folder-add-edit.
|
||||||
import { AppRoutingModule } from "./app-routing.module";
|
import { AppRoutingModule } from "./app-routing.module";
|
||||||
import { AppComponent } from "./app.component";
|
import { AppComponent } from "./app.component";
|
||||||
import { PopOutComponent } from "./components/pop-out.component";
|
import { PopOutComponent } from "./components/pop-out.component";
|
||||||
import { PrivateModeWarningComponent } from "./components/private-mode-warning.component";
|
|
||||||
import { UserVerificationComponent } from "./components/user-verification.component";
|
import { UserVerificationComponent } from "./components/user-verification.component";
|
||||||
import { ServicesModule } from "./services/services.module";
|
import { ServicesModule } from "./services/services.module";
|
||||||
import { ExcludedDomainsComponent } from "./settings/excluded-domains.component";
|
import { ExcludedDomainsComponent } from "./settings/excluded-domains.component";
|
||||||
|
@ -150,7 +149,6 @@ import "../platform/popup/locales";
|
||||||
PasswordHistoryComponent,
|
PasswordHistoryComponent,
|
||||||
PopOutComponent,
|
PopOutComponent,
|
||||||
PremiumComponent,
|
PremiumComponent,
|
||||||
PrivateModeWarningComponent,
|
|
||||||
RegisterComponent,
|
RegisterComponent,
|
||||||
SendAddEditComponent,
|
SendAddEditComponent,
|
||||||
SendGroupingsComponent,
|
SendGroupingsComponent,
|
||||||
|
|
|
@ -1,6 +0,0 @@
|
||||||
<app-callout class="app-private-mode-warning" type="warning" *ngIf="showWarning">
|
|
||||||
{{ "privateModeWarning" | i18n }}
|
|
||||||
<a href="https://bitwarden.com/help/article/private-mode/" target="_blank" rel="noreferrer">{{
|
|
||||||
"learnMore" | i18n
|
|
||||||
}}</a>
|
|
||||||
</app-callout>
|
|
|
@ -1,15 +0,0 @@
|
||||||
import { Component, OnInit } from "@angular/core";
|
|
||||||
|
|
||||||
import BrowserPopupUtils from "../../platform/popup/browser-popup-utils";
|
|
||||||
|
|
||||||
@Component({
|
|
||||||
selector: "app-private-mode-warning",
|
|
||||||
templateUrl: "private-mode-warning.component.html",
|
|
||||||
})
|
|
||||||
export class PrivateModeWarningComponent implements OnInit {
|
|
||||||
showWarning = false;
|
|
||||||
|
|
||||||
ngOnInit() {
|
|
||||||
this.showWarning = BrowserPopupUtils.inPrivateMode();
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -111,11 +111,6 @@ app-home {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
.app-private-mode-warning {
|
|
||||||
display: block;
|
|
||||||
padding-top: 1rem;
|
|
||||||
}
|
|
||||||
|
|
||||||
body.body-sm,
|
body.body-sm,
|
||||||
body.body-xs {
|
body.body-xs {
|
||||||
app-home {
|
app-home {
|
||||||
|
|
|
@ -28,7 +28,9 @@ import { AccountService as AccountServiceAbstraction } from "@bitwarden/common/a
|
||||||
import { AuthService as AuthServiceAbstraction } from "@bitwarden/common/auth/abstractions/auth.service";
|
import { AuthService as AuthServiceAbstraction } from "@bitwarden/common/auth/abstractions/auth.service";
|
||||||
import { DeviceTrustServiceAbstraction } from "@bitwarden/common/auth/abstractions/device-trust.service.abstraction";
|
import { DeviceTrustServiceAbstraction } from "@bitwarden/common/auth/abstractions/device-trust.service.abstraction";
|
||||||
import { DevicesServiceAbstraction } from "@bitwarden/common/auth/abstractions/devices/devices.service.abstraction";
|
import { DevicesServiceAbstraction } from "@bitwarden/common/auth/abstractions/devices/devices.service.abstraction";
|
||||||
|
import { KdfConfigService } from "@bitwarden/common/auth/abstractions/kdf-config.service";
|
||||||
import { KeyConnectorService } from "@bitwarden/common/auth/abstractions/key-connector.service";
|
import { KeyConnectorService } from "@bitwarden/common/auth/abstractions/key-connector.service";
|
||||||
|
import { InternalMasterPasswordServiceAbstraction } from "@bitwarden/common/auth/abstractions/master-password.service.abstraction";
|
||||||
import { SsoLoginServiceAbstraction } from "@bitwarden/common/auth/abstractions/sso-login.service.abstraction";
|
import { SsoLoginServiceAbstraction } from "@bitwarden/common/auth/abstractions/sso-login.service.abstraction";
|
||||||
import { TokenService } from "@bitwarden/common/auth/abstractions/token.service";
|
import { TokenService } from "@bitwarden/common/auth/abstractions/token.service";
|
||||||
import { UserVerificationService } from "@bitwarden/common/auth/abstractions/user-verification/user-verification.service.abstraction";
|
import { UserVerificationService } from "@bitwarden/common/auth/abstractions/user-verification/user-verification.service.abstraction";
|
||||||
|
@ -53,6 +55,7 @@ import { EncryptService } from "@bitwarden/common/platform/abstractions/encrypt.
|
||||||
import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service";
|
import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service";
|
||||||
import { FileDownloadService } from "@bitwarden/common/platform/abstractions/file-download/file-download.service";
|
import { FileDownloadService } from "@bitwarden/common/platform/abstractions/file-download/file-download.service";
|
||||||
import { I18nService as I18nServiceAbstraction } from "@bitwarden/common/platform/abstractions/i18n.service";
|
import { I18nService as I18nServiceAbstraction } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||||
|
import { KeyGenerationService } from "@bitwarden/common/platform/abstractions/key-generation.service";
|
||||||
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
||||||
import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
|
import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
|
||||||
import { StateService as BaseStateServiceAbstraction } from "@bitwarden/common/platform/abstractions/state.service";
|
import { StateService as BaseStateServiceAbstraction } from "@bitwarden/common/platform/abstractions/state.service";
|
||||||
|
@ -61,6 +64,7 @@ import {
|
||||||
AbstractStorageService,
|
AbstractStorageService,
|
||||||
ObservableStorageService,
|
ObservableStorageService,
|
||||||
} from "@bitwarden/common/platform/abstractions/storage.service";
|
} from "@bitwarden/common/platform/abstractions/storage.service";
|
||||||
|
import { BiometricStateService } from "@bitwarden/common/platform/biometrics/biometric-state.service";
|
||||||
import { StateFactory } from "@bitwarden/common/platform/factories/state-factory";
|
import { StateFactory } from "@bitwarden/common/platform/factories/state-factory";
|
||||||
import { Message, MessageListener, MessageSender } from "@bitwarden/common/platform/messaging";
|
import { Message, MessageListener, MessageSender } from "@bitwarden/common/platform/messaging";
|
||||||
// eslint-disable-next-line no-restricted-imports -- Used for dependency injection
|
// eslint-disable-next-line no-restricted-imports -- Used for dependency injection
|
||||||
|
@ -100,6 +104,7 @@ import BrowserPopupUtils from "../../platform/popup/browser-popup-utils";
|
||||||
import { BrowserFileDownloadService } from "../../platform/popup/services/browser-file-download.service";
|
import { BrowserFileDownloadService } from "../../platform/popup/services/browser-file-download.service";
|
||||||
import { BrowserStateService as StateServiceAbstraction } from "../../platform/services/abstractions/browser-state.service";
|
import { BrowserStateService as StateServiceAbstraction } from "../../platform/services/abstractions/browser-state.service";
|
||||||
import { ScriptInjectorService } from "../../platform/services/abstractions/script-injector.service";
|
import { ScriptInjectorService } from "../../platform/services/abstractions/script-injector.service";
|
||||||
|
import { BrowserCryptoService } from "../../platform/services/browser-crypto.service";
|
||||||
import { BrowserEnvironmentService } from "../../platform/services/browser-environment.service";
|
import { BrowserEnvironmentService } from "../../platform/services/browser-environment.service";
|
||||||
import BrowserLocalStorageService from "../../platform/services/browser-local-storage.service";
|
import BrowserLocalStorageService from "../../platform/services/browser-local-storage.service";
|
||||||
import { BrowserScriptInjectorService } from "../../platform/services/browser-script-injector.service";
|
import { BrowserScriptInjectorService } from "../../platform/services/browser-script-injector.service";
|
||||||
|
@ -125,13 +130,12 @@ const OBSERVABLE_LARGE_OBJECT_MEMORY_STORAGE = new SafeInjectionToken<
|
||||||
>("OBSERVABLE_LARGE_OBJECT_MEMORY_STORAGE");
|
>("OBSERVABLE_LARGE_OBJECT_MEMORY_STORAGE");
|
||||||
|
|
||||||
const needsBackgroundInit = BrowserPopupUtils.backgroundInitializationRequired();
|
const needsBackgroundInit = BrowserPopupUtils.backgroundInitializationRequired();
|
||||||
const isPrivateMode = BrowserPopupUtils.inPrivateMode();
|
|
||||||
const mainBackground: MainBackground = needsBackgroundInit
|
const mainBackground: MainBackground = needsBackgroundInit
|
||||||
? createLocalBgService()
|
? createLocalBgService()
|
||||||
: BrowserApi.getBackgroundPage().bitwardenMain;
|
: BrowserApi.getBackgroundPage().bitwardenMain;
|
||||||
|
|
||||||
function createLocalBgService() {
|
function createLocalBgService() {
|
||||||
const localBgService = new MainBackground(isPrivateMode, true);
|
const localBgService = new MainBackground(true);
|
||||||
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
||||||
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
||||||
localBgService.bootstrap();
|
localBgService.bootstrap();
|
||||||
|
@ -220,12 +224,48 @@ const safeProviders: SafeProvider[] = [
|
||||||
}),
|
}),
|
||||||
safeProvider({
|
safeProvider({
|
||||||
provide: CryptoService,
|
provide: CryptoService,
|
||||||
useFactory: (encryptService: EncryptService) => {
|
useFactory: (
|
||||||
const cryptoService = getBgService<CryptoService>("cryptoService")();
|
masterPasswordService: InternalMasterPasswordServiceAbstraction,
|
||||||
|
keyGenerationService: KeyGenerationService,
|
||||||
|
cryptoFunctionService: CryptoFunctionService,
|
||||||
|
encryptService: EncryptService,
|
||||||
|
platformUtilsService: PlatformUtilsService,
|
||||||
|
logService: LogService,
|
||||||
|
stateService: StateServiceAbstraction,
|
||||||
|
accountService: AccountServiceAbstraction,
|
||||||
|
stateProvider: StateProvider,
|
||||||
|
biometricStateService: BiometricStateService,
|
||||||
|
kdfConfigService: KdfConfigService,
|
||||||
|
) => {
|
||||||
|
const cryptoService = new BrowserCryptoService(
|
||||||
|
masterPasswordService,
|
||||||
|
keyGenerationService,
|
||||||
|
cryptoFunctionService,
|
||||||
|
encryptService,
|
||||||
|
platformUtilsService,
|
||||||
|
logService,
|
||||||
|
stateService,
|
||||||
|
accountService,
|
||||||
|
stateProvider,
|
||||||
|
biometricStateService,
|
||||||
|
kdfConfigService,
|
||||||
|
);
|
||||||
new ContainerService(cryptoService, encryptService).attachToGlobal(self);
|
new ContainerService(cryptoService, encryptService).attachToGlobal(self);
|
||||||
return cryptoService;
|
return cryptoService;
|
||||||
},
|
},
|
||||||
deps: [EncryptService],
|
deps: [
|
||||||
|
InternalMasterPasswordServiceAbstraction,
|
||||||
|
KeyGenerationService,
|
||||||
|
CryptoFunctionService,
|
||||||
|
EncryptService,
|
||||||
|
PlatformUtilsService,
|
||||||
|
LogService,
|
||||||
|
StateServiceAbstraction,
|
||||||
|
AccountServiceAbstraction,
|
||||||
|
StateProvider,
|
||||||
|
BiometricStateService,
|
||||||
|
KdfConfigService,
|
||||||
|
],
|
||||||
}),
|
}),
|
||||||
safeProvider({
|
safeProvider({
|
||||||
provide: TotpServiceAbstraction,
|
provide: TotpServiceAbstraction,
|
||||||
|
|
|
@ -146,6 +146,8 @@ export class NativeMessagingMain {
|
||||||
allowed_origins: [
|
allowed_origins: [
|
||||||
// Chrome extension
|
// Chrome extension
|
||||||
"chrome-extension://nngceckbapebfimnlniiiahkandclblb/",
|
"chrome-extension://nngceckbapebfimnlniiiahkandclblb/",
|
||||||
|
// Chrome beta extension
|
||||||
|
"chrome-extension://hccnnhgbibccigepcmlgppchkpfdophk/",
|
||||||
// Edge extension
|
// Edge extension
|
||||||
"chrome-extension://jbkfoedolllekgbhcbcoahefnbanhhlh/",
|
"chrome-extension://jbkfoedolllekgbhcbcoahefnbanhhlh/",
|
||||||
// Opera extension
|
// Opera extension
|
||||||
|
|
|
@ -4,6 +4,7 @@ import { ActivatedRoute } from "@angular/router";
|
||||||
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
||||||
import { AuditService } from "@bitwarden/common/abstractions/audit.service";
|
import { AuditService } from "@bitwarden/common/abstractions/audit.service";
|
||||||
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||||
|
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||||
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
||||||
import { Cipher } from "@bitwarden/common/vault/models/domain/cipher";
|
import { Cipher } from "@bitwarden/common/vault/models/domain/cipher";
|
||||||
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
|
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
|
||||||
|
@ -27,11 +28,20 @@ export class ExposedPasswordsReportComponent extends BaseExposedPasswordsReportC
|
||||||
organizationService: OrganizationService,
|
organizationService: OrganizationService,
|
||||||
private route: ActivatedRoute,
|
private route: ActivatedRoute,
|
||||||
passwordRepromptService: PasswordRepromptService,
|
passwordRepromptService: PasswordRepromptService,
|
||||||
|
i18nService: I18nService,
|
||||||
) {
|
) {
|
||||||
super(cipherService, auditService, organizationService, modalService, passwordRepromptService);
|
super(
|
||||||
|
cipherService,
|
||||||
|
auditService,
|
||||||
|
organizationService,
|
||||||
|
modalService,
|
||||||
|
passwordRepromptService,
|
||||||
|
i18nService,
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
async ngOnInit() {
|
async ngOnInit() {
|
||||||
|
this.isAdminConsoleActive = true;
|
||||||
// eslint-disable-next-line rxjs-angular/prefer-takeuntil, rxjs/no-async-subscribe
|
// eslint-disable-next-line rxjs-angular/prefer-takeuntil, rxjs/no-async-subscribe
|
||||||
this.route.parent.parent.params.subscribe(async (params) => {
|
this.route.parent.parent.params.subscribe(async (params) => {
|
||||||
this.organization = await this.organizationService.get(params.organizationId);
|
this.organization = await this.organizationService.get(params.organizationId);
|
||||||
|
|
|
@ -3,6 +3,7 @@ import { ActivatedRoute } from "@angular/router";
|
||||||
|
|
||||||
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
||||||
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||||
|
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||||
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
||||||
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
||||||
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
|
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
|
||||||
|
@ -24,11 +25,20 @@ export class InactiveTwoFactorReportComponent extends BaseInactiveTwoFactorRepor
|
||||||
logService: LogService,
|
logService: LogService,
|
||||||
passwordRepromptService: PasswordRepromptService,
|
passwordRepromptService: PasswordRepromptService,
|
||||||
organizationService: OrganizationService,
|
organizationService: OrganizationService,
|
||||||
|
i18nService: I18nService,
|
||||||
) {
|
) {
|
||||||
super(cipherService, organizationService, modalService, logService, passwordRepromptService);
|
super(
|
||||||
|
cipherService,
|
||||||
|
organizationService,
|
||||||
|
modalService,
|
||||||
|
logService,
|
||||||
|
passwordRepromptService,
|
||||||
|
i18nService,
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
async ngOnInit() {
|
async ngOnInit() {
|
||||||
|
this.isAdminConsoleActive = true;
|
||||||
// eslint-disable-next-line rxjs-angular/prefer-takeuntil, rxjs/no-async-subscribe
|
// eslint-disable-next-line rxjs-angular/prefer-takeuntil, rxjs/no-async-subscribe
|
||||||
this.route.parent.parent.params.subscribe(async (params) => {
|
this.route.parent.parent.params.subscribe(async (params) => {
|
||||||
this.organization = await this.organizationService.get(params.organizationId);
|
this.organization = await this.organizationService.get(params.organizationId);
|
||||||
|
|
|
@ -3,6 +3,7 @@ import { ActivatedRoute } from "@angular/router";
|
||||||
|
|
||||||
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
||||||
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||||
|
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||||
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
||||||
import { Cipher } from "@bitwarden/common/vault/models/domain/cipher";
|
import { Cipher } from "@bitwarden/common/vault/models/domain/cipher";
|
||||||
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
|
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
|
||||||
|
@ -25,11 +26,13 @@ export class ReusedPasswordsReportComponent extends BaseReusedPasswordsReportCom
|
||||||
private route: ActivatedRoute,
|
private route: ActivatedRoute,
|
||||||
organizationService: OrganizationService,
|
organizationService: OrganizationService,
|
||||||
passwordRepromptService: PasswordRepromptService,
|
passwordRepromptService: PasswordRepromptService,
|
||||||
|
i18nService: I18nService,
|
||||||
) {
|
) {
|
||||||
super(cipherService, organizationService, modalService, passwordRepromptService);
|
super(cipherService, organizationService, modalService, passwordRepromptService, i18nService);
|
||||||
}
|
}
|
||||||
|
|
||||||
async ngOnInit() {
|
async ngOnInit() {
|
||||||
|
this.isAdminConsoleActive = true;
|
||||||
// eslint-disable-next-line rxjs-angular/prefer-takeuntil, rxjs/no-async-subscribe
|
// eslint-disable-next-line rxjs-angular/prefer-takeuntil, rxjs/no-async-subscribe
|
||||||
this.route.parent.parent.params.subscribe(async (params) => {
|
this.route.parent.parent.params.subscribe(async (params) => {
|
||||||
this.organization = await this.organizationService.get(params.organizationId);
|
this.organization = await this.organizationService.get(params.organizationId);
|
||||||
|
|
|
@ -3,6 +3,7 @@ import { ActivatedRoute } from "@angular/router";
|
||||||
|
|
||||||
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
||||||
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||||
|
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||||
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
||||||
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
|
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
|
||||||
import { PasswordRepromptService } from "@bitwarden/vault";
|
import { PasswordRepromptService } from "@bitwarden/vault";
|
||||||
|
@ -22,11 +23,13 @@ export class UnsecuredWebsitesReportComponent extends BaseUnsecuredWebsitesRepor
|
||||||
private route: ActivatedRoute,
|
private route: ActivatedRoute,
|
||||||
organizationService: OrganizationService,
|
organizationService: OrganizationService,
|
||||||
passwordRepromptService: PasswordRepromptService,
|
passwordRepromptService: PasswordRepromptService,
|
||||||
|
i18nService: I18nService,
|
||||||
) {
|
) {
|
||||||
super(cipherService, organizationService, modalService, passwordRepromptService);
|
super(cipherService, organizationService, modalService, passwordRepromptService, i18nService);
|
||||||
}
|
}
|
||||||
|
|
||||||
async ngOnInit() {
|
async ngOnInit() {
|
||||||
|
this.isAdminConsoleActive = true;
|
||||||
// eslint-disable-next-line rxjs-angular/prefer-takeuntil, rxjs/no-async-subscribe
|
// eslint-disable-next-line rxjs-angular/prefer-takeuntil, rxjs/no-async-subscribe
|
||||||
this.route.parent.parent.params.subscribe(async (params) => {
|
this.route.parent.parent.params.subscribe(async (params) => {
|
||||||
this.organization = await this.organizationService.get(params.organizationId);
|
this.organization = await this.organizationService.get(params.organizationId);
|
||||||
|
|
|
@ -3,6 +3,7 @@ import { ActivatedRoute } from "@angular/router";
|
||||||
|
|
||||||
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
||||||
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||||
|
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||||
import { PasswordStrengthServiceAbstraction } from "@bitwarden/common/tools/password-strength";
|
import { PasswordStrengthServiceAbstraction } from "@bitwarden/common/tools/password-strength";
|
||||||
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
||||||
import { Cipher } from "@bitwarden/common/vault/models/domain/cipher";
|
import { Cipher } from "@bitwarden/common/vault/models/domain/cipher";
|
||||||
|
@ -27,6 +28,7 @@ export class WeakPasswordsReportComponent extends BaseWeakPasswordsReportCompone
|
||||||
private route: ActivatedRoute,
|
private route: ActivatedRoute,
|
||||||
organizationService: OrganizationService,
|
organizationService: OrganizationService,
|
||||||
passwordRepromptService: PasswordRepromptService,
|
passwordRepromptService: PasswordRepromptService,
|
||||||
|
i18nService: I18nService,
|
||||||
) {
|
) {
|
||||||
super(
|
super(
|
||||||
cipherService,
|
cipherService,
|
||||||
|
@ -34,10 +36,12 @@ export class WeakPasswordsReportComponent extends BaseWeakPasswordsReportCompone
|
||||||
organizationService,
|
organizationService,
|
||||||
modalService,
|
modalService,
|
||||||
passwordRepromptService,
|
passwordRepromptService,
|
||||||
|
i18nService,
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
async ngOnInit() {
|
async ngOnInit() {
|
||||||
|
this.isAdminConsoleActive = true;
|
||||||
// eslint-disable-next-line rxjs-angular/prefer-takeuntil, rxjs/no-async-subscribe
|
// eslint-disable-next-line rxjs-angular/prefer-takeuntil, rxjs/no-async-subscribe
|
||||||
this.route.parent.parent.params.subscribe(async (params) => {
|
this.route.parent.parent.params.subscribe(async (params) => {
|
||||||
this.organization = await this.organizationService.get(params.organizationId);
|
this.organization = await this.organizationService.get(params.organizationId);
|
||||||
|
|
|
@ -1,12 +1,13 @@
|
||||||
import { Component, ViewChild } from "@angular/core";
|
import { Component, ViewChild } from "@angular/core";
|
||||||
import { ActivatedRoute, Router } from "@angular/router";
|
import { ActivatedRoute, ParamMap, Router } from "@angular/router";
|
||||||
import { combineLatest, concatMap } from "rxjs";
|
import { combineLatest, concatMap, map } from "rxjs";
|
||||||
|
|
||||||
import {
|
import {
|
||||||
canAccessOrgAdmin,
|
canAccessOrgAdmin,
|
||||||
OrganizationService,
|
OrganizationService,
|
||||||
} from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
} from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||||
import { ProviderService } from "@bitwarden/common/admin-console/abstractions/provider.service";
|
import { ProviderService } from "@bitwarden/common/admin-console/abstractions/provider.service";
|
||||||
|
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
|
||||||
import { MenuComponent } from "@bitwarden/components";
|
import { MenuComponent } from "@bitwarden/components";
|
||||||
|
|
||||||
type ProductSwitcherItem = {
|
type ProductSwitcherItem = {
|
||||||
|
@ -48,6 +49,13 @@ export class ProductSwitcherContentComponent {
|
||||||
this.organizationService.organizations$,
|
this.organizationService.organizations$,
|
||||||
this.route.paramMap,
|
this.route.paramMap,
|
||||||
]).pipe(
|
]).pipe(
|
||||||
|
map(([orgs, paramMap]): [Organization[], ParamMap] => {
|
||||||
|
return [
|
||||||
|
// Sort orgs by name to match the order within the sidebar
|
||||||
|
orgs.sort((a, b) => a.name.localeCompare(b.name)),
|
||||||
|
paramMap,
|
||||||
|
];
|
||||||
|
}),
|
||||||
concatMap(async ([orgs, paramMap]) => {
|
concatMap(async ([orgs, paramMap]) => {
|
||||||
const routeOrg = orgs.find((o) => o.id === paramMap.get("organizationId"));
|
const routeOrg = orgs.find((o) => o.id === paramMap.get("organizationId"));
|
||||||
// If the active route org doesn't have access to SM, find the first org that does.
|
// If the active route org doesn't have access to SM, find the first org that does.
|
||||||
|
|
|
@ -1,9 +1,11 @@
|
||||||
import { Directive, ViewChild, ViewContainerRef } from "@angular/core";
|
import { Directive, ViewChild, ViewContainerRef, OnDestroy } from "@angular/core";
|
||||||
import { Observable } from "rxjs";
|
import { BehaviorSubject, Observable, Subject, takeUntil } from "rxjs";
|
||||||
|
|
||||||
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
||||||
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||||
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
|
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
|
||||||
|
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||||
|
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
||||||
import { CipherRepromptType } from "@bitwarden/common/vault/enums/cipher-reprompt-type";
|
import { CipherRepromptType } from "@bitwarden/common/vault/enums/cipher-reprompt-type";
|
||||||
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
|
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
|
||||||
import { PasswordRepromptService } from "@bitwarden/vault";
|
import { PasswordRepromptService } from "@bitwarden/vault";
|
||||||
|
@ -12,27 +14,111 @@ import { AddEditComponent } from "../../../vault/individual-vault/add-edit.compo
|
||||||
import { AddEditComponent as OrgAddEditComponent } from "../../../vault/org-vault/add-edit.component";
|
import { AddEditComponent as OrgAddEditComponent } from "../../../vault/org-vault/add-edit.component";
|
||||||
|
|
||||||
@Directive()
|
@Directive()
|
||||||
export class CipherReportComponent {
|
export class CipherReportComponent implements OnDestroy {
|
||||||
@ViewChild("cipherAddEdit", { read: ViewContainerRef, static: true })
|
@ViewChild("cipherAddEdit", { read: ViewContainerRef, static: true })
|
||||||
cipherAddEditModalRef: ViewContainerRef;
|
cipherAddEditModalRef: ViewContainerRef;
|
||||||
|
isAdminConsoleActive = false;
|
||||||
|
|
||||||
loading = false;
|
loading = false;
|
||||||
hasLoaded = false;
|
hasLoaded = false;
|
||||||
ciphers: CipherView[] = [];
|
ciphers: CipherView[] = [];
|
||||||
|
allCiphers: CipherView[] = [];
|
||||||
organization: Organization;
|
organization: Organization;
|
||||||
|
organizations: Organization[];
|
||||||
organizations$: Observable<Organization[]>;
|
organizations$: Observable<Organization[]>;
|
||||||
|
|
||||||
|
filterStatus: any = [0];
|
||||||
|
showFilterToggle: boolean = false;
|
||||||
|
vaultMsg: string = "vault";
|
||||||
|
currentFilterStatus: number | string;
|
||||||
|
protected filterOrgStatus$ = new BehaviorSubject<number | string>(0);
|
||||||
|
private destroyed$: Subject<void> = new Subject();
|
||||||
|
|
||||||
constructor(
|
constructor(
|
||||||
|
protected cipherService: CipherService,
|
||||||
private modalService: ModalService,
|
private modalService: ModalService,
|
||||||
protected passwordRepromptService: PasswordRepromptService,
|
protected passwordRepromptService: PasswordRepromptService,
|
||||||
protected organizationService: OrganizationService,
|
protected organizationService: OrganizationService,
|
||||||
|
protected i18nService: I18nService,
|
||||||
) {
|
) {
|
||||||
this.organizations$ = this.organizationService.organizations$;
|
this.organizations$ = this.organizationService.organizations$;
|
||||||
|
this.organizations$.pipe(takeUntil(this.destroyed$)).subscribe((orgs) => {
|
||||||
|
this.organizations = orgs;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
ngOnDestroy(): void {
|
||||||
|
this.destroyed$.next();
|
||||||
|
this.destroyed$.complete();
|
||||||
|
}
|
||||||
|
|
||||||
|
getName(filterId: string | number) {
|
||||||
|
let orgName: any;
|
||||||
|
|
||||||
|
if (filterId === 0) {
|
||||||
|
orgName = this.i18nService.t("all");
|
||||||
|
} else if (filterId === 1) {
|
||||||
|
orgName = this.i18nService.t("me");
|
||||||
|
} else {
|
||||||
|
this.organizations.filter((org: Organization) => {
|
||||||
|
if (org.id === filterId) {
|
||||||
|
orgName = org.name;
|
||||||
|
return org;
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
return orgName;
|
||||||
|
}
|
||||||
|
|
||||||
|
getCount(filterId: string | number) {
|
||||||
|
let orgFilterStatus: any;
|
||||||
|
let cipherCount;
|
||||||
|
|
||||||
|
if (filterId === 0) {
|
||||||
|
cipherCount = this.allCiphers.length;
|
||||||
|
} else if (filterId === 1) {
|
||||||
|
cipherCount = this.allCiphers.filter((c: any) => c.orgFilterStatus === null).length;
|
||||||
|
} else {
|
||||||
|
this.organizations.filter((org: Organization) => {
|
||||||
|
if (org.id === filterId) {
|
||||||
|
orgFilterStatus = org.id;
|
||||||
|
return org;
|
||||||
|
}
|
||||||
|
});
|
||||||
|
cipherCount = this.allCiphers.filter(
|
||||||
|
(c: any) => c.orgFilterStatus === orgFilterStatus,
|
||||||
|
).length;
|
||||||
|
}
|
||||||
|
return cipherCount;
|
||||||
|
}
|
||||||
|
|
||||||
|
async filterOrgToggle(status: any) {
|
||||||
|
this.currentFilterStatus = status;
|
||||||
|
await this.setCiphers();
|
||||||
|
if (status === 0) {
|
||||||
|
return;
|
||||||
|
} else if (status === 1) {
|
||||||
|
this.ciphers = this.ciphers.filter((c: any) => c.orgFilterStatus == null);
|
||||||
|
} else {
|
||||||
|
this.ciphers = this.ciphers.filter((c: any) => c.orgFilterStatus === status);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
async load() {
|
async load() {
|
||||||
this.loading = true;
|
this.loading = true;
|
||||||
await this.setCiphers();
|
// when a user fixes an item in a report we want to persist the filter they had
|
||||||
|
// if they fix the last item of that filter we will go back to the "All" filter
|
||||||
|
if (this.currentFilterStatus) {
|
||||||
|
if (this.ciphers.length > 2) {
|
||||||
|
this.filterOrgStatus$.next(this.currentFilterStatus);
|
||||||
|
await this.filterOrgToggle(this.currentFilterStatus);
|
||||||
|
} else {
|
||||||
|
this.filterOrgStatus$.next(0);
|
||||||
|
await this.filterOrgToggle(0);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
await this.setCiphers();
|
||||||
|
}
|
||||||
this.loading = false;
|
this.loading = false;
|
||||||
this.hasLoaded = true;
|
this.hasLoaded = true;
|
||||||
}
|
}
|
||||||
|
@ -76,7 +162,7 @@ export class CipherReportComponent {
|
||||||
}
|
}
|
||||||
|
|
||||||
protected async setCiphers() {
|
protected async setCiphers() {
|
||||||
this.ciphers = [];
|
this.allCiphers = [];
|
||||||
}
|
}
|
||||||
|
|
||||||
protected async repromptCipher(c: CipherView) {
|
protected async repromptCipher(c: CipherView) {
|
||||||
|
@ -85,4 +171,32 @@ export class CipherReportComponent {
|
||||||
(await this.passwordRepromptService.showPasswordPrompt())
|
(await this.passwordRepromptService.showPasswordPrompt())
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected async getAllCiphers(): Promise<CipherView[]> {
|
||||||
|
return await this.cipherService.getAllDecrypted();
|
||||||
|
}
|
||||||
|
|
||||||
|
protected filterCiphersByOrg(ciphersList: CipherView[]) {
|
||||||
|
this.allCiphers = [...ciphersList];
|
||||||
|
|
||||||
|
this.ciphers = ciphersList.map((ciph: any) => {
|
||||||
|
ciph.orgFilterStatus = ciph.organizationId;
|
||||||
|
|
||||||
|
if (this.filterStatus.indexOf(ciph.organizationId) === -1 && ciph.organizationId != null) {
|
||||||
|
this.filterStatus.push(ciph.organizationId);
|
||||||
|
} else if (this.filterStatus.indexOf(1) === -1 && ciph.organizationId == null) {
|
||||||
|
this.filterStatus.splice(1, 0, 1);
|
||||||
|
}
|
||||||
|
return ciph;
|
||||||
|
});
|
||||||
|
|
||||||
|
if (this.filterStatus.length > 2) {
|
||||||
|
this.showFilterToggle = true;
|
||||||
|
this.vaultMsg = "vaults";
|
||||||
|
} else {
|
||||||
|
// If a user fixes an item and there is only one item left remove the filter toggle and change the vault message to singular
|
||||||
|
this.showFilterToggle = false;
|
||||||
|
this.vaultMsg = "vault";
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,9 +11,32 @@
|
||||||
</app-callout>
|
</app-callout>
|
||||||
<ng-container *ngIf="ciphers.length">
|
<ng-container *ngIf="ciphers.length">
|
||||||
<app-callout type="danger" title="{{ 'exposedPasswordsFound' | i18n }}" [useAlertRole]="true">
|
<app-callout type="danger" title="{{ 'exposedPasswordsFound' | i18n }}" [useAlertRole]="true">
|
||||||
{{ "exposedPasswordsFoundDesc" | i18n: (ciphers.length | number) }}
|
{{ "exposedPasswordsFoundReportDesc" | i18n: (ciphers.length | number) : vaultMsg }}
|
||||||
</app-callout>
|
</app-callout>
|
||||||
|
<bit-toggle-group
|
||||||
|
*ngIf="showFilterToggle && !isAdminConsoleActive"
|
||||||
|
[selected]="filterOrgStatus$ | async"
|
||||||
|
(selectedChange)="filterOrgToggle($event)"
|
||||||
|
[attr.aria-label]="'addAccessFilter' | i18n"
|
||||||
|
>
|
||||||
|
<ng-container *ngFor="let status of filterStatus">
|
||||||
|
<bit-toggle [value]="status">
|
||||||
|
{{ getName(status) }}
|
||||||
|
<span bitBadge variant="info"> {{ getCount(status) }} </span>
|
||||||
|
</bit-toggle>
|
||||||
|
</ng-container>
|
||||||
|
</bit-toggle-group>
|
||||||
<table class="table table-hover table-list table-ciphers">
|
<table class="table table-hover table-list table-ciphers">
|
||||||
|
<thead
|
||||||
|
class="tw-border-0 tw-border-b-2 tw-border-solid tw-border-secondary-300 tw-font-bold tw-text-muted"
|
||||||
|
*ngIf="!isAdminConsoleActive"
|
||||||
|
>
|
||||||
|
<tr>
|
||||||
|
<th></th>
|
||||||
|
<th>{{ "name" | i18n }}</th>
|
||||||
|
<th>{{ "owner" | i18n }}</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
<tbody>
|
<tbody>
|
||||||
<tr *ngFor="let c of ciphers">
|
<tr *ngFor="let c of ciphers">
|
||||||
<td class="table-list-icon">
|
<td class="table-list-icon">
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
// eslint-disable-next-line no-restricted-imports
|
// eslint-disable-next-line no-restricted-imports
|
||||||
import { ComponentFixture, TestBed } from "@angular/core/testing";
|
import { ComponentFixture, TestBed } from "@angular/core/testing";
|
||||||
import { mock, MockProxy } from "jest-mock-extended";
|
import { mock, MockProxy } from "jest-mock-extended";
|
||||||
|
import { of } from "rxjs";
|
||||||
|
|
||||||
import { I18nPipe } from "@bitwarden/angular/platform/pipes/i18n.pipe";
|
import { I18nPipe } from "@bitwarden/angular/platform/pipes/i18n.pipe";
|
||||||
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
||||||
|
@ -17,9 +18,12 @@ describe("ExposedPasswordsReportComponent", () => {
|
||||||
let component: ExposedPasswordsReportComponent;
|
let component: ExposedPasswordsReportComponent;
|
||||||
let fixture: ComponentFixture<ExposedPasswordsReportComponent>;
|
let fixture: ComponentFixture<ExposedPasswordsReportComponent>;
|
||||||
let auditService: MockProxy<AuditService>;
|
let auditService: MockProxy<AuditService>;
|
||||||
|
let organizationService: MockProxy<OrganizationService>;
|
||||||
|
|
||||||
beforeEach(() => {
|
beforeEach(() => {
|
||||||
auditService = mock<AuditService>();
|
auditService = mock<AuditService>();
|
||||||
|
organizationService = mock<OrganizationService>();
|
||||||
|
organizationService.organizations$ = of([]);
|
||||||
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
||||||
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
||||||
TestBed.configureTestingModule({
|
TestBed.configureTestingModule({
|
||||||
|
@ -35,7 +39,7 @@ describe("ExposedPasswordsReportComponent", () => {
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
provide: OrganizationService,
|
provide: OrganizationService,
|
||||||
useValue: mock<OrganizationService>(),
|
useValue: organizationService,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
provide: ModalService,
|
provide: ModalService,
|
||||||
|
|
|
@ -3,6 +3,7 @@ import { Component, OnInit } from "@angular/core";
|
||||||
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
||||||
import { AuditService } from "@bitwarden/common/abstractions/audit.service";
|
import { AuditService } from "@bitwarden/common/abstractions/audit.service";
|
||||||
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||||
|
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||||
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
||||||
import { CipherType } from "@bitwarden/common/vault/enums";
|
import { CipherType } from "@bitwarden/common/vault/enums";
|
||||||
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
|
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
|
||||||
|
@ -24,8 +25,9 @@ export class ExposedPasswordsReportComponent extends CipherReportComponent imple
|
||||||
protected organizationService: OrganizationService,
|
protected organizationService: OrganizationService,
|
||||||
modalService: ModalService,
|
modalService: ModalService,
|
||||||
passwordRepromptService: PasswordRepromptService,
|
passwordRepromptService: PasswordRepromptService,
|
||||||
|
i18nService: I18nService,
|
||||||
) {
|
) {
|
||||||
super(modalService, passwordRepromptService, organizationService);
|
super(cipherService, modalService, passwordRepromptService, organizationService, i18nService);
|
||||||
}
|
}
|
||||||
|
|
||||||
async ngOnInit() {
|
async ngOnInit() {
|
||||||
|
@ -36,7 +38,9 @@ export class ExposedPasswordsReportComponent extends CipherReportComponent imple
|
||||||
const allCiphers = await this.getAllCiphers();
|
const allCiphers = await this.getAllCiphers();
|
||||||
const exposedPasswordCiphers: CipherView[] = [];
|
const exposedPasswordCiphers: CipherView[] = [];
|
||||||
const promises: Promise<void>[] = [];
|
const promises: Promise<void>[] = [];
|
||||||
allCiphers.forEach((ciph) => {
|
this.filterStatus = [0];
|
||||||
|
|
||||||
|
allCiphers.forEach((ciph: any) => {
|
||||||
const { type, login, isDeleted, edit, viewPassword, id } = ciph;
|
const { type, login, isDeleted, edit, viewPassword, id } = ciph;
|
||||||
if (
|
if (
|
||||||
type !== CipherType.Login ||
|
type !== CipherType.Login ||
|
||||||
|
@ -48,6 +52,7 @@ export class ExposedPasswordsReportComponent extends CipherReportComponent imple
|
||||||
) {
|
) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
const promise = this.auditService.passwordLeaked(login.password).then((exposedCount) => {
|
const promise = this.auditService.passwordLeaked(login.password).then((exposedCount) => {
|
||||||
if (exposedCount > 0) {
|
if (exposedCount > 0) {
|
||||||
exposedPasswordCiphers.push(ciph);
|
exposedPasswordCiphers.push(ciph);
|
||||||
|
@ -57,11 +62,8 @@ export class ExposedPasswordsReportComponent extends CipherReportComponent imple
|
||||||
promises.push(promise);
|
promises.push(promise);
|
||||||
});
|
});
|
||||||
await Promise.all(promises);
|
await Promise.all(promises);
|
||||||
this.ciphers = [...exposedPasswordCiphers];
|
|
||||||
}
|
|
||||||
|
|
||||||
protected getAllCiphers(): Promise<CipherView[]> {
|
this.filterCiphersByOrg(exposedPasswordCiphers);
|
||||||
return this.cipherService.getAllDecrypted();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
protected canManageCipher(c: CipherView): boolean {
|
protected canManageCipher(c: CipherView): boolean {
|
||||||
|
|
|
@ -16,9 +16,32 @@
|
||||||
</app-callout>
|
</app-callout>
|
||||||
<ng-container *ngIf="ciphers.length">
|
<ng-container *ngIf="ciphers.length">
|
||||||
<app-callout type="danger" title="{{ 'inactive2faFound' | i18n }}">
|
<app-callout type="danger" title="{{ 'inactive2faFound' | i18n }}">
|
||||||
{{ "inactive2faFoundDesc" | i18n: (ciphers.length | number) }}
|
{{ "inactive2faFoundReportDesc" | i18n: (ciphers.length | number) : vaultMsg }}
|
||||||
</app-callout>
|
</app-callout>
|
||||||
|
<bit-toggle-group
|
||||||
|
*ngIf="showFilterToggle && !isAdminConsoleActive"
|
||||||
|
[selected]="filterOrgStatus$ | async"
|
||||||
|
(selectedChange)="filterOrgToggle($event)"
|
||||||
|
[attr.aria-label]="'addAccessFilter' | i18n"
|
||||||
|
>
|
||||||
|
<ng-container *ngFor="let status of filterStatus">
|
||||||
|
<bit-toggle [value]="status">
|
||||||
|
{{ getName(status) }}
|
||||||
|
<span bitBadge variant="info"> {{ getCount(status) }} </span>
|
||||||
|
</bit-toggle>
|
||||||
|
</ng-container>
|
||||||
|
</bit-toggle-group>
|
||||||
<table class="table table-hover table-list table-ciphers">
|
<table class="table table-hover table-list table-ciphers">
|
||||||
|
<thead
|
||||||
|
class="tw-border-0 tw-border-b-2 tw-border-solid tw-border-secondary-300 tw-font-bold tw-text-muted"
|
||||||
|
*ngIf="!isAdminConsoleActive"
|
||||||
|
>
|
||||||
|
<tr>
|
||||||
|
<th></th>
|
||||||
|
<th>{{ "name" | i18n }}</th>
|
||||||
|
<th>{{ "owner" | i18n }}</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
<tbody>
|
<tbody>
|
||||||
<tr *ngFor="let c of ciphers">
|
<tr *ngFor="let c of ciphers">
|
||||||
<td class="table-list-icon">
|
<td class="table-list-icon">
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
// eslint-disable-next-line no-restricted-imports
|
// eslint-disable-next-line no-restricted-imports
|
||||||
import { ComponentFixture, TestBed } from "@angular/core/testing";
|
import { ComponentFixture, TestBed } from "@angular/core/testing";
|
||||||
import { mock } from "jest-mock-extended";
|
import { MockProxy, mock } from "jest-mock-extended";
|
||||||
|
import { of } from "rxjs";
|
||||||
|
|
||||||
import { I18nPipe } from "@bitwarden/angular/platform/pipes/i18n.pipe";
|
import { I18nPipe } from "@bitwarden/angular/platform/pipes/i18n.pipe";
|
||||||
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
||||||
|
@ -16,8 +17,11 @@ import { cipherData } from "./reports-ciphers.mock";
|
||||||
describe("InactiveTwoFactorReportComponent", () => {
|
describe("InactiveTwoFactorReportComponent", () => {
|
||||||
let component: InactiveTwoFactorReportComponent;
|
let component: InactiveTwoFactorReportComponent;
|
||||||
let fixture: ComponentFixture<InactiveTwoFactorReportComponent>;
|
let fixture: ComponentFixture<InactiveTwoFactorReportComponent>;
|
||||||
|
let organizationService: MockProxy<OrganizationService>;
|
||||||
|
|
||||||
beforeEach(() => {
|
beforeEach(() => {
|
||||||
|
organizationService = mock<OrganizationService>();
|
||||||
|
organizationService.organizations$ = of([]);
|
||||||
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
||||||
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
||||||
TestBed.configureTestingModule({
|
TestBed.configureTestingModule({
|
||||||
|
@ -29,7 +33,7 @@ describe("InactiveTwoFactorReportComponent", () => {
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
provide: OrganizationService,
|
provide: OrganizationService,
|
||||||
useValue: mock<OrganizationService>(),
|
useValue: organizationService,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
provide: ModalService,
|
provide: ModalService,
|
||||||
|
|
|
@ -2,6 +2,7 @@ import { Component, OnInit } from "@angular/core";
|
||||||
|
|
||||||
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
||||||
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||||
|
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||||
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
||||||
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
||||||
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
||||||
|
@ -26,8 +27,9 @@ export class InactiveTwoFactorReportComponent extends CipherReportComponent impl
|
||||||
modalService: ModalService,
|
modalService: ModalService,
|
||||||
private logService: LogService,
|
private logService: LogService,
|
||||||
passwordRepromptService: PasswordRepromptService,
|
passwordRepromptService: PasswordRepromptService,
|
||||||
|
i18nService: I18nService,
|
||||||
) {
|
) {
|
||||||
super(modalService, passwordRepromptService, organizationService);
|
super(cipherService, modalService, passwordRepromptService, organizationService, i18nService);
|
||||||
}
|
}
|
||||||
|
|
||||||
async ngOnInit() {
|
async ngOnInit() {
|
||||||
|
@ -45,6 +47,7 @@ export class InactiveTwoFactorReportComponent extends CipherReportComponent impl
|
||||||
const allCiphers = await this.getAllCiphers();
|
const allCiphers = await this.getAllCiphers();
|
||||||
const inactive2faCiphers: CipherView[] = [];
|
const inactive2faCiphers: CipherView[] = [];
|
||||||
const docs = new Map<string, string>();
|
const docs = new Map<string, string>();
|
||||||
|
this.filterStatus = [0];
|
||||||
|
|
||||||
allCiphers.forEach((ciph) => {
|
allCiphers.forEach((ciph) => {
|
||||||
const { type, login, isDeleted, edit, id, viewPassword } = ciph;
|
const { type, login, isDeleted, edit, id, viewPassword } = ciph;
|
||||||
|
@ -58,6 +61,7 @@ export class InactiveTwoFactorReportComponent extends CipherReportComponent impl
|
||||||
) {
|
) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
for (let i = 0; i < login.uris.length; i++) {
|
for (let i = 0; i < login.uris.length; i++) {
|
||||||
const u = login.uris[i];
|
const u = login.uris[i];
|
||||||
if (u.uri != null && u.uri !== "") {
|
if (u.uri != null && u.uri !== "") {
|
||||||
|
@ -75,15 +79,12 @@ export class InactiveTwoFactorReportComponent extends CipherReportComponent impl
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
this.ciphers = [...inactive2faCiphers];
|
|
||||||
|
this.filterCiphersByOrg(inactive2faCiphers);
|
||||||
this.cipherDocs = docs;
|
this.cipherDocs = docs;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
protected getAllCiphers(): Promise<CipherView[]> {
|
|
||||||
return this.cipherService.getAllDecrypted();
|
|
||||||
}
|
|
||||||
|
|
||||||
private async load2fa() {
|
private async load2fa() {
|
||||||
if (this.services.size > 0) {
|
if (this.services.size > 0) {
|
||||||
return;
|
return;
|
||||||
|
|
|
@ -16,9 +16,34 @@
|
||||||
</app-callout>
|
</app-callout>
|
||||||
<ng-container *ngIf="ciphers.length">
|
<ng-container *ngIf="ciphers.length">
|
||||||
<app-callout type="danger" title="{{ 'reusedPasswordsFound' | i18n }}">
|
<app-callout type="danger" title="{{ 'reusedPasswordsFound' | i18n }}">
|
||||||
{{ "reusedPasswordsFoundDesc" | i18n: (ciphers.length | number) }}
|
{{ "reusedPasswordsFoundReportDesc" | i18n: (ciphers.length | number) : vaultMsg }}
|
||||||
</app-callout>
|
</app-callout>
|
||||||
|
|
||||||
|
<bit-toggle-group
|
||||||
|
*ngIf="showFilterToggle && !isAdminConsoleActive"
|
||||||
|
[selected]="filterOrgStatus$ | async"
|
||||||
|
(selectedChange)="filterOrgToggle($event)"
|
||||||
|
[attr.aria-label]="'addAccessFilter' | i18n"
|
||||||
|
>
|
||||||
|
<ng-container *ngFor="let status of filterStatus">
|
||||||
|
<bit-toggle [value]="status">
|
||||||
|
{{ getName(status) }}
|
||||||
|
<span bitBadge variant="info"> {{ getCount(status) }} </span>
|
||||||
|
</bit-toggle>
|
||||||
|
</ng-container>
|
||||||
|
</bit-toggle-group>
|
||||||
|
|
||||||
<table class="table table-hover table-list table-ciphers">
|
<table class="table table-hover table-list table-ciphers">
|
||||||
|
<thead
|
||||||
|
class="tw-border-0 tw-border-b-2 tw-border-solid tw-border-secondary-300 tw-font-bold tw-text-muted"
|
||||||
|
*ngIf="!isAdminConsoleActive"
|
||||||
|
>
|
||||||
|
<tr>
|
||||||
|
<th></th>
|
||||||
|
<th>{{ "name" | i18n }}</th>
|
||||||
|
<th>{{ "owner" | i18n }}</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
<tbody>
|
<tbody>
|
||||||
<tr *ngFor="let c of ciphers">
|
<tr *ngFor="let c of ciphers">
|
||||||
<td class="table-list-icon">
|
<td class="table-list-icon">
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
// eslint-disable-next-line no-restricted-imports
|
// eslint-disable-next-line no-restricted-imports
|
||||||
import { ComponentFixture, TestBed } from "@angular/core/testing";
|
import { ComponentFixture, TestBed } from "@angular/core/testing";
|
||||||
import { mock } from "jest-mock-extended";
|
import { MockProxy, mock } from "jest-mock-extended";
|
||||||
|
import { of } from "rxjs";
|
||||||
|
|
||||||
import { I18nPipe } from "@bitwarden/angular/platform/pipes/i18n.pipe";
|
import { I18nPipe } from "@bitwarden/angular/platform/pipes/i18n.pipe";
|
||||||
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
||||||
|
@ -15,8 +16,11 @@ import { ReusedPasswordsReportComponent } from "./reused-passwords-report.compon
|
||||||
describe("ReusedPasswordsReportComponent", () => {
|
describe("ReusedPasswordsReportComponent", () => {
|
||||||
let component: ReusedPasswordsReportComponent;
|
let component: ReusedPasswordsReportComponent;
|
||||||
let fixture: ComponentFixture<ReusedPasswordsReportComponent>;
|
let fixture: ComponentFixture<ReusedPasswordsReportComponent>;
|
||||||
|
let organizationService: MockProxy<OrganizationService>;
|
||||||
|
|
||||||
beforeEach(() => {
|
beforeEach(() => {
|
||||||
|
organizationService = mock<OrganizationService>();
|
||||||
|
organizationService.organizations$ = of([]);
|
||||||
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
||||||
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
||||||
TestBed.configureTestingModule({
|
TestBed.configureTestingModule({
|
||||||
|
@ -28,7 +32,7 @@ describe("ReusedPasswordsReportComponent", () => {
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
provide: OrganizationService,
|
provide: OrganizationService,
|
||||||
useValue: mock<OrganizationService>(),
|
useValue: organizationService,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
provide: ModalService,
|
provide: ModalService,
|
||||||
|
|
|
@ -2,6 +2,7 @@ import { Component, OnInit } from "@angular/core";
|
||||||
|
|
||||||
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
||||||
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||||
|
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||||
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
||||||
import { CipherType } from "@bitwarden/common/vault/enums";
|
import { CipherType } from "@bitwarden/common/vault/enums";
|
||||||
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
|
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
|
||||||
|
@ -22,8 +23,9 @@ export class ReusedPasswordsReportComponent extends CipherReportComponent implem
|
||||||
protected organizationService: OrganizationService,
|
protected organizationService: OrganizationService,
|
||||||
modalService: ModalService,
|
modalService: ModalService,
|
||||||
passwordRepromptService: PasswordRepromptService,
|
passwordRepromptService: PasswordRepromptService,
|
||||||
|
i18nService: I18nService,
|
||||||
) {
|
) {
|
||||||
super(modalService, passwordRepromptService, organizationService);
|
super(cipherService, modalService, passwordRepromptService, organizationService, i18nService);
|
||||||
}
|
}
|
||||||
|
|
||||||
async ngOnInit() {
|
async ngOnInit() {
|
||||||
|
@ -34,6 +36,8 @@ export class ReusedPasswordsReportComponent extends CipherReportComponent implem
|
||||||
const allCiphers = await this.getAllCiphers();
|
const allCiphers = await this.getAllCiphers();
|
||||||
const ciphersWithPasswords: CipherView[] = [];
|
const ciphersWithPasswords: CipherView[] = [];
|
||||||
this.passwordUseMap = new Map<string, number>();
|
this.passwordUseMap = new Map<string, number>();
|
||||||
|
this.filterStatus = [0];
|
||||||
|
|
||||||
allCiphers.forEach((ciph) => {
|
allCiphers.forEach((ciph) => {
|
||||||
const { type, login, isDeleted, edit, viewPassword } = ciph;
|
const { type, login, isDeleted, edit, viewPassword } = ciph;
|
||||||
if (
|
if (
|
||||||
|
@ -46,6 +50,7 @@ export class ReusedPasswordsReportComponent extends CipherReportComponent implem
|
||||||
) {
|
) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
ciphersWithPasswords.push(ciph);
|
ciphersWithPasswords.push(ciph);
|
||||||
if (this.passwordUseMap.has(login.password)) {
|
if (this.passwordUseMap.has(login.password)) {
|
||||||
this.passwordUseMap.set(login.password, this.passwordUseMap.get(login.password) + 1);
|
this.passwordUseMap.set(login.password, this.passwordUseMap.get(login.password) + 1);
|
||||||
|
@ -57,11 +62,8 @@ export class ReusedPasswordsReportComponent extends CipherReportComponent implem
|
||||||
(c) =>
|
(c) =>
|
||||||
this.passwordUseMap.has(c.login.password) && this.passwordUseMap.get(c.login.password) > 1,
|
this.passwordUseMap.has(c.login.password) && this.passwordUseMap.get(c.login.password) > 1,
|
||||||
);
|
);
|
||||||
this.ciphers = reusedPasswordCiphers;
|
|
||||||
}
|
|
||||||
|
|
||||||
protected getAllCiphers(): Promise<CipherView[]> {
|
this.filterCiphersByOrg(reusedPasswordCiphers);
|
||||||
return this.cipherService.getAllDecrypted();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
protected canManageCipher(c: CipherView): boolean {
|
protected canManageCipher(c: CipherView): boolean {
|
||||||
|
|
|
@ -16,9 +16,33 @@
|
||||||
</app-callout>
|
</app-callout>
|
||||||
<ng-container *ngIf="ciphers.length">
|
<ng-container *ngIf="ciphers.length">
|
||||||
<app-callout type="danger" title="{{ 'unsecuredWebsitesFound' | i18n }}">
|
<app-callout type="danger" title="{{ 'unsecuredWebsitesFound' | i18n }}">
|
||||||
{{ "unsecuredWebsitesFoundDesc" | i18n: (ciphers.length | number) }}
|
{{ "unsecuredWebsitesFoundReportDesc" | i18n: (ciphers.length | number) : vaultMsg }}
|
||||||
</app-callout>
|
</app-callout>
|
||||||
|
|
||||||
|
<bit-toggle-group
|
||||||
|
*ngIf="showFilterToggle && !isAdminConsoleActive"
|
||||||
|
[selected]="filterOrgStatus$ | async"
|
||||||
|
(selectedChange)="filterOrgToggle($event)"
|
||||||
|
[attr.aria-label]="'addAccessFilter' | i18n"
|
||||||
|
>
|
||||||
|
<ng-container *ngFor="let status of filterStatus">
|
||||||
|
<bit-toggle [value]="status">
|
||||||
|
{{ getName(status) }}
|
||||||
|
<span bitBadge variant="info"> {{ getCount(status) }} </span>
|
||||||
|
</bit-toggle>
|
||||||
|
</ng-container>
|
||||||
|
</bit-toggle-group>
|
||||||
<table class="table table-hover table-list table-ciphers">
|
<table class="table table-hover table-list table-ciphers">
|
||||||
|
<thead
|
||||||
|
class="tw-border-0 tw-border-b-2 tw-border-solid tw-border-secondary-300 tw-font-bold tw-text-muted"
|
||||||
|
*ngIf="!isAdminConsoleActive"
|
||||||
|
>
|
||||||
|
<tr>
|
||||||
|
<th></th>
|
||||||
|
<th>{{ "name" | i18n }}</th>
|
||||||
|
<th>{{ "owner" | i18n }}</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
<tbody>
|
<tbody>
|
||||||
<tr *ngFor="let c of ciphers">
|
<tr *ngFor="let c of ciphers">
|
||||||
<td class="table-list-icon">
|
<td class="table-list-icon">
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
// eslint-disable-next-line no-restricted-imports
|
// eslint-disable-next-line no-restricted-imports
|
||||||
import { ComponentFixture, TestBed } from "@angular/core/testing";
|
import { ComponentFixture, TestBed } from "@angular/core/testing";
|
||||||
import { mock } from "jest-mock-extended";
|
import { MockProxy, mock } from "jest-mock-extended";
|
||||||
|
import { of } from "rxjs";
|
||||||
|
|
||||||
import { I18nPipe } from "@bitwarden/angular/platform/pipes/i18n.pipe";
|
import { I18nPipe } from "@bitwarden/angular/platform/pipes/i18n.pipe";
|
||||||
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
||||||
|
@ -15,8 +16,11 @@ import { UnsecuredWebsitesReportComponent } from "./unsecured-websites-report.co
|
||||||
describe("UnsecuredWebsitesReportComponent", () => {
|
describe("UnsecuredWebsitesReportComponent", () => {
|
||||||
let component: UnsecuredWebsitesReportComponent;
|
let component: UnsecuredWebsitesReportComponent;
|
||||||
let fixture: ComponentFixture<UnsecuredWebsitesReportComponent>;
|
let fixture: ComponentFixture<UnsecuredWebsitesReportComponent>;
|
||||||
|
let organizationService: MockProxy<OrganizationService>;
|
||||||
|
|
||||||
beforeEach(() => {
|
beforeEach(() => {
|
||||||
|
organizationService = mock<OrganizationService>();
|
||||||
|
organizationService.organizations$ = of([]);
|
||||||
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
||||||
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
||||||
TestBed.configureTestingModule({
|
TestBed.configureTestingModule({
|
||||||
|
@ -28,7 +32,7 @@ describe("UnsecuredWebsitesReportComponent", () => {
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
provide: OrganizationService,
|
provide: OrganizationService,
|
||||||
useValue: mock<OrganizationService>(),
|
useValue: organizationService,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
provide: ModalService,
|
provide: ModalService,
|
||||||
|
|
|
@ -2,9 +2,9 @@ import { Component, OnInit } from "@angular/core";
|
||||||
|
|
||||||
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
||||||
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||||
|
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||||
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
||||||
import { CipherType } from "@bitwarden/common/vault/enums";
|
import { CipherType } from "@bitwarden/common/vault/enums";
|
||||||
import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
|
|
||||||
import { PasswordRepromptService } from "@bitwarden/vault";
|
import { PasswordRepromptService } from "@bitwarden/vault";
|
||||||
|
|
||||||
import { CipherReportComponent } from "./cipher-report.component";
|
import { CipherReportComponent } from "./cipher-report.component";
|
||||||
|
@ -21,8 +21,9 @@ export class UnsecuredWebsitesReportComponent extends CipherReportComponent impl
|
||||||
protected organizationService: OrganizationService,
|
protected organizationService: OrganizationService,
|
||||||
modalService: ModalService,
|
modalService: ModalService,
|
||||||
passwordRepromptService: PasswordRepromptService,
|
passwordRepromptService: PasswordRepromptService,
|
||||||
|
i18nService: I18nService,
|
||||||
) {
|
) {
|
||||||
super(modalService, passwordRepromptService, organizationService);
|
super(cipherService, modalService, passwordRepromptService, organizationService, i18nService);
|
||||||
}
|
}
|
||||||
|
|
||||||
async ngOnInit() {
|
async ngOnInit() {
|
||||||
|
@ -31,18 +32,15 @@ export class UnsecuredWebsitesReportComponent extends CipherReportComponent impl
|
||||||
|
|
||||||
async setCiphers() {
|
async setCiphers() {
|
||||||
const allCiphers = await this.getAllCiphers();
|
const allCiphers = await this.getAllCiphers();
|
||||||
|
this.filterStatus = [0];
|
||||||
const unsecuredCiphers = allCiphers.filter((c) => {
|
const unsecuredCiphers = allCiphers.filter((c) => {
|
||||||
if (c.type !== CipherType.Login || !c.login.hasUris || c.isDeleted) {
|
if (c.type !== CipherType.Login || !c.login.hasUris || c.isDeleted) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
return c.login.uris.some((u) => u.uri != null && u.uri.indexOf("http://") === 0);
|
|
||||||
});
|
|
||||||
this.ciphers = unsecuredCiphers.filter(
|
|
||||||
(c) => (!this.organization && c.edit) || (this.organization && !c.edit),
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
protected getAllCiphers(): Promise<CipherView[]> {
|
return c.login.uris.some((u: any) => u.uri != null && u.uri.indexOf("http://") === 0);
|
||||||
return this.cipherService.getAllDecrypted();
|
});
|
||||||
|
|
||||||
|
this.filterCiphersByOrg(unsecuredCiphers);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -16,9 +16,32 @@
|
||||||
</app-callout>
|
</app-callout>
|
||||||
<ng-container *ngIf="ciphers.length">
|
<ng-container *ngIf="ciphers.length">
|
||||||
<app-callout type="danger" title="{{ 'weakPasswordsFound' | i18n }}">
|
<app-callout type="danger" title="{{ 'weakPasswordsFound' | i18n }}">
|
||||||
{{ "weakPasswordsFoundDesc" | i18n: (ciphers.length | number) }}
|
{{ "weakPasswordsFoundReportDesc" | i18n: (ciphers.length | number) : vaultMsg }}
|
||||||
</app-callout>
|
</app-callout>
|
||||||
|
<bit-toggle-group
|
||||||
|
*ngIf="showFilterToggle && !isAdminConsoleActive"
|
||||||
|
[selected]="filterOrgStatus$ | async"
|
||||||
|
(selectedChange)="filterOrgToggle($event)"
|
||||||
|
[attr.aria-label]="'addAccessFilter' | i18n"
|
||||||
|
>
|
||||||
|
<ng-container *ngFor="let status of filterStatus">
|
||||||
|
<bit-toggle [value]="status">
|
||||||
|
{{ getName(status) }}
|
||||||
|
<span bitBadge variant="info"> {{ getCount(status) }} </span>
|
||||||
|
</bit-toggle>
|
||||||
|
</ng-container>
|
||||||
|
</bit-toggle-group>
|
||||||
<table class="table table-hover table-list table-ciphers">
|
<table class="table table-hover table-list table-ciphers">
|
||||||
|
<thead
|
||||||
|
class="tw-border-0 tw-border-b-2 tw-border-solid tw-border-secondary-300 tw-font-bold tw-text-muted"
|
||||||
|
*ngIf="!isAdminConsoleActive"
|
||||||
|
>
|
||||||
|
<tr>
|
||||||
|
<th></th>
|
||||||
|
<th>{{ "name" | i18n }}</th>
|
||||||
|
<th>{{ "owner" | i18n }}</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
<tbody>
|
<tbody>
|
||||||
<tr *ngFor="let c of ciphers">
|
<tr *ngFor="let c of ciphers">
|
||||||
<td class="table-list-icon">
|
<td class="table-list-icon">
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
// eslint-disable-next-line no-restricted-imports
|
// eslint-disable-next-line no-restricted-imports
|
||||||
import { ComponentFixture, TestBed } from "@angular/core/testing";
|
import { ComponentFixture, TestBed } from "@angular/core/testing";
|
||||||
import { mock, MockProxy } from "jest-mock-extended";
|
import { mock, MockProxy } from "jest-mock-extended";
|
||||||
|
import { of } from "rxjs";
|
||||||
|
|
||||||
import { I18nPipe } from "@bitwarden/angular/platform/pipes/i18n.pipe";
|
import { I18nPipe } from "@bitwarden/angular/platform/pipes/i18n.pipe";
|
||||||
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
||||||
|
@ -17,9 +18,12 @@ describe("WeakPasswordsReportComponent", () => {
|
||||||
let component: WeakPasswordsReportComponent;
|
let component: WeakPasswordsReportComponent;
|
||||||
let fixture: ComponentFixture<WeakPasswordsReportComponent>;
|
let fixture: ComponentFixture<WeakPasswordsReportComponent>;
|
||||||
let passwordStrengthService: MockProxy<PasswordStrengthServiceAbstraction>;
|
let passwordStrengthService: MockProxy<PasswordStrengthServiceAbstraction>;
|
||||||
|
let organizationService: MockProxy<OrganizationService>;
|
||||||
|
|
||||||
beforeEach(() => {
|
beforeEach(() => {
|
||||||
passwordStrengthService = mock<PasswordStrengthServiceAbstraction>();
|
passwordStrengthService = mock<PasswordStrengthServiceAbstraction>();
|
||||||
|
organizationService = mock<OrganizationService>();
|
||||||
|
organizationService.organizations$ = of([]);
|
||||||
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
||||||
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
||||||
TestBed.configureTestingModule({
|
TestBed.configureTestingModule({
|
||||||
|
@ -35,7 +39,7 @@ describe("WeakPasswordsReportComponent", () => {
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
provide: OrganizationService,
|
provide: OrganizationService,
|
||||||
useValue: mock<OrganizationService>(),
|
useValue: organizationService,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
provide: ModalService,
|
provide: ModalService,
|
||||||
|
|
|
@ -2,6 +2,7 @@ import { Component, OnInit } from "@angular/core";
|
||||||
|
|
||||||
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
import { ModalService } from "@bitwarden/angular/services/modal.service";
|
||||||
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||||
|
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||||
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
||||||
import { PasswordStrengthServiceAbstraction } from "@bitwarden/common/tools/password-strength";
|
import { PasswordStrengthServiceAbstraction } from "@bitwarden/common/tools/password-strength";
|
||||||
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
|
||||||
|
@ -29,8 +30,9 @@ export class WeakPasswordsReportComponent extends CipherReportComponent implemen
|
||||||
protected organizationService: OrganizationService,
|
protected organizationService: OrganizationService,
|
||||||
modalService: ModalService,
|
modalService: ModalService,
|
||||||
passwordRepromptService: PasswordRepromptService,
|
passwordRepromptService: PasswordRepromptService,
|
||||||
|
i18nService: I18nService,
|
||||||
) {
|
) {
|
||||||
super(modalService, passwordRepromptService, organizationService);
|
super(cipherService, modalService, passwordRepromptService, organizationService, i18nService);
|
||||||
}
|
}
|
||||||
|
|
||||||
async ngOnInit() {
|
async ngOnInit() {
|
||||||
|
@ -38,7 +40,10 @@ export class WeakPasswordsReportComponent extends CipherReportComponent implemen
|
||||||
}
|
}
|
||||||
|
|
||||||
async setCiphers() {
|
async setCiphers() {
|
||||||
const allCiphers = await this.getAllCiphers();
|
const allCiphers: any = await this.getAllCiphers();
|
||||||
|
this.passwordStrengthCache = new Map<string, number>();
|
||||||
|
this.weakPasswordCiphers = [];
|
||||||
|
this.filterStatus = [0];
|
||||||
this.findWeakPasswords(allCiphers);
|
this.findWeakPasswords(allCiphers);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -55,6 +60,7 @@ export class WeakPasswordsReportComponent extends CipherReportComponent implemen
|
||||||
) {
|
) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
const hasUserName = this.isUserNameNotEmpty(ciph);
|
const hasUserName = this.isUserNameNotEmpty(ciph);
|
||||||
const cacheKey = this.getCacheKey(ciph);
|
const cacheKey = this.getCacheKey(ciph);
|
||||||
if (!this.passwordStrengthCache.has(cacheKey)) {
|
if (!this.passwordStrengthCache.has(cacheKey)) {
|
||||||
|
@ -87,6 +93,7 @@ export class WeakPasswordsReportComponent extends CipherReportComponent implemen
|
||||||
this.passwordStrengthCache.set(cacheKey, result.score);
|
this.passwordStrengthCache.set(cacheKey, result.score);
|
||||||
}
|
}
|
||||||
const score = this.passwordStrengthCache.get(cacheKey);
|
const score = this.passwordStrengthCache.get(cacheKey);
|
||||||
|
|
||||||
if (score != null && score <= 2) {
|
if (score != null && score <= 2) {
|
||||||
this.passwordStrengthMap.set(id, this.scoreKey(score));
|
this.passwordStrengthMap.set(id, this.scoreKey(score));
|
||||||
this.weakPasswordCiphers.push(ciph);
|
this.weakPasswordCiphers.push(ciph);
|
||||||
|
@ -98,11 +105,8 @@ export class WeakPasswordsReportComponent extends CipherReportComponent implemen
|
||||||
this.passwordStrengthCache.get(this.getCacheKey(b))
|
this.passwordStrengthCache.get(this.getCacheKey(b))
|
||||||
);
|
);
|
||||||
});
|
});
|
||||||
this.ciphers = [...this.weakPasswordCiphers];
|
|
||||||
}
|
|
||||||
|
|
||||||
protected getAllCiphers(): Promise<CipherView[]> {
|
this.filterCiphersByOrg(this.weakPasswordCiphers);
|
||||||
return this.cipherService.getAllDecrypted();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
protected canManageCipher(c: CipherView): boolean {
|
protected canManageCipher(c: CipherView): boolean {
|
||||||
|
|
|
@ -32,7 +32,6 @@ export class VaultItemsComponent {
|
||||||
@Input() showCollections: boolean;
|
@Input() showCollections: boolean;
|
||||||
@Input() showGroups: boolean;
|
@Input() showGroups: boolean;
|
||||||
@Input() useEvents: boolean;
|
@Input() useEvents: boolean;
|
||||||
@Input() cloneableOrganizationCiphers: boolean;
|
|
||||||
@Input() showPremiumFeatures: boolean;
|
@Input() showPremiumFeatures: boolean;
|
||||||
@Input() showBulkMove: boolean;
|
@Input() showBulkMove: boolean;
|
||||||
@Input() showBulkTrashOptions: boolean;
|
@Input() showBulkTrashOptions: boolean;
|
||||||
|
@ -160,10 +159,27 @@ export class VaultItemsComponent {
|
||||||
}
|
}
|
||||||
|
|
||||||
protected canClone(vaultItem: VaultItem) {
|
protected canClone(vaultItem: VaultItem) {
|
||||||
return (
|
if (vaultItem.cipher.organizationId == null) {
|
||||||
(vaultItem.cipher.organizationId && this.cloneableOrganizationCiphers) ||
|
return true;
|
||||||
vaultItem.cipher.organizationId == null
|
}
|
||||||
);
|
|
||||||
|
const org = this.allOrganizations.find((o) => o.id === vaultItem.cipher.organizationId);
|
||||||
|
|
||||||
|
// Admins and custom users can always clone in the Org Vault
|
||||||
|
if (this.viewingOrgVault && (org.isAdmin || org.permissions.editAnyCollection)) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check if the cipher belongs to a collection with canManage permission
|
||||||
|
const orgCollections = this.allCollections.filter((c) => c.organizationId === org.id);
|
||||||
|
|
||||||
|
for (const collection of orgCollections) {
|
||||||
|
if (vaultItem.cipher.collectionIds.includes(collection.id) && collection.manage) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
private refreshItems() {
|
private refreshItems() {
|
||||||
|
|
|
@ -49,7 +49,6 @@
|
||||||
[showBulkMove]="showBulkMove"
|
[showBulkMove]="showBulkMove"
|
||||||
[showBulkTrashOptions]="filter.type === 'trash'"
|
[showBulkTrashOptions]="filter.type === 'trash'"
|
||||||
[useEvents]="false"
|
[useEvents]="false"
|
||||||
[cloneableOrganizationCiphers]="false"
|
|
||||||
[showAdminActions]="false"
|
[showAdminActions]="false"
|
||||||
(onEvent)="onVaultItemsEvent($event)"
|
(onEvent)="onVaultItemsEvent($event)"
|
||||||
[flexibleCollectionsV1Enabled]="flexibleCollectionsV1Enabled$ | async"
|
[flexibleCollectionsV1Enabled]="flexibleCollectionsV1Enabled$ | async"
|
||||||
|
|
|
@ -81,22 +81,6 @@ export class AddEditComponent extends BaseAddEditComponent {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
protected allowOwnershipAssignment() {
|
|
||||||
if (
|
|
||||||
this.ownershipOptions != null &&
|
|
||||||
(this.ownershipOptions.length > 1 || !this.allowPersonal)
|
|
||||||
) {
|
|
||||||
if (this.organization != null) {
|
|
||||||
return (
|
|
||||||
this.cloneMode && this.organization.canEditAllCiphers(this.flexibleCollectionsV1Enabled)
|
|
||||||
);
|
|
||||||
} else {
|
|
||||||
return !this.editMode || this.cloneMode;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
protected loadCollections() {
|
protected loadCollections() {
|
||||||
if (!this.organization.canEditAllCiphers(this.flexibleCollectionsV1Enabled)) {
|
if (!this.organization.canEditAllCiphers(this.flexibleCollectionsV1Enabled)) {
|
||||||
return super.loadCollections();
|
return super.loadCollections();
|
||||||
|
|
|
@ -48,7 +48,6 @@
|
||||||
[showBulkMove]="false"
|
[showBulkMove]="false"
|
||||||
[showBulkTrashOptions]="filter.type === 'trash'"
|
[showBulkTrashOptions]="filter.type === 'trash'"
|
||||||
[useEvents]="organization?.useEvents"
|
[useEvents]="organization?.useEvents"
|
||||||
[cloneableOrganizationCiphers]="true"
|
|
||||||
[showAdminActions]="true"
|
[showAdminActions]="true"
|
||||||
(onEvent)="onVaultItemsEvent($event)"
|
(onEvent)="onVaultItemsEvent($event)"
|
||||||
[showBulkEditCollectionAccess]="organization?.flexibleCollections"
|
[showBulkEditCollectionAccess]="organization?.flexibleCollections"
|
||||||
|
|
|
@ -1809,12 +1809,16 @@
|
||||||
"unsecuredWebsitesFound": {
|
"unsecuredWebsitesFound": {
|
||||||
"message": "Unsecured websites found"
|
"message": "Unsecured websites found"
|
||||||
},
|
},
|
||||||
"unsecuredWebsitesFoundDesc": {
|
"unsecuredWebsitesFoundReportDesc": {
|
||||||
"message": "We found $COUNT$ items in your vault with unsecured URIs. You should change their URI scheme to https:// if the website allows it.",
|
"message": "We found $COUNT$ items in your $VAULT$ with unsecured URIs. You should change their URI scheme to https:// if the website allows it.",
|
||||||
"placeholders": {
|
"placeholders": {
|
||||||
"count": {
|
"count": {
|
||||||
"content": "$1",
|
"content": "$1",
|
||||||
"example": "8"
|
"example": "8"
|
||||||
|
},
|
||||||
|
"vault": {
|
||||||
|
"content": "$2",
|
||||||
|
"example": "this will be 'vault' or 'vaults'"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
@ -1830,12 +1834,16 @@
|
||||||
"inactive2faFound": {
|
"inactive2faFound": {
|
||||||
"message": "Logins without two-step login found"
|
"message": "Logins without two-step login found"
|
||||||
},
|
},
|
||||||
"inactive2faFoundDesc": {
|
"inactive2faFoundReportDesc": {
|
||||||
"message": "We found $COUNT$ website(s) in your vault that may not be configured with two-step login (according to 2fa.directory). To further protect these accounts, you should set up two-step login.",
|
"message": "We found $COUNT$ website(s) in your $VAULT$ that may not be configured with two-step login (according to 2fa.directory). To further protect these accounts, you should set up two-step login.",
|
||||||
"placeholders": {
|
"placeholders": {
|
||||||
"count": {
|
"count": {
|
||||||
"content": "$1",
|
"content": "$1",
|
||||||
"example": "8"
|
"example": "8"
|
||||||
|
},
|
||||||
|
"vault": {
|
||||||
|
"content": "$2",
|
||||||
|
"example": "this will be 'vault' or 'vaults'"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
@ -1854,12 +1862,16 @@
|
||||||
"exposedPasswordsFound": {
|
"exposedPasswordsFound": {
|
||||||
"message": "Exposed passwords found"
|
"message": "Exposed passwords found"
|
||||||
},
|
},
|
||||||
"exposedPasswordsFoundDesc": {
|
"exposedPasswordsFoundReportDesc": {
|
||||||
"message": "We found $COUNT$ items in your vault that have passwords that were exposed in known data breaches. You should change them to use a new password.",
|
"message": "We found $COUNT$ items in your $VAULT$ that have passwords that were exposed in known data breaches. You should change them to use a new password.",
|
||||||
"placeholders": {
|
"placeholders": {
|
||||||
"count": {
|
"count": {
|
||||||
"content": "$1",
|
"content": "$1",
|
||||||
"example": "8"
|
"example": "8"
|
||||||
|
},
|
||||||
|
"vault": {
|
||||||
|
"content": "$2",
|
||||||
|
"example": "this will be 'vault' or 'vaults'"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
@ -1887,12 +1899,16 @@
|
||||||
"weakPasswordsFound": {
|
"weakPasswordsFound": {
|
||||||
"message": "Weak passwords found"
|
"message": "Weak passwords found"
|
||||||
},
|
},
|
||||||
"weakPasswordsFoundDesc": {
|
"weakPasswordsFoundReportDesc": {
|
||||||
"message": "We found $COUNT$ items in your vault with passwords that are not strong. You should update them to use stronger passwords.",
|
"message": "We found $COUNT$ items in your $VAULT$ with passwords that are not strong. You should update them to use stronger passwords.",
|
||||||
"placeholders": {
|
"placeholders": {
|
||||||
"count": {
|
"count": {
|
||||||
"content": "$1",
|
"content": "$1",
|
||||||
"example": "8"
|
"example": "8"
|
||||||
|
},
|
||||||
|
"vault": {
|
||||||
|
"content": "$2",
|
||||||
|
"example": "this will be 'vault' or 'vaults'"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
@ -1908,12 +1924,16 @@
|
||||||
"reusedPasswordsFound": {
|
"reusedPasswordsFound": {
|
||||||
"message": "Reused passwords found"
|
"message": "Reused passwords found"
|
||||||
},
|
},
|
||||||
"reusedPasswordsFoundDesc": {
|
"reusedPasswordsFoundReportDesc": {
|
||||||
"message": "We found $COUNT$ passwords that are being reused in your vault. You should change them to a unique value.",
|
"message": "We found $COUNT$ passwords that are being reused in your $VAULT$. You should change them to a unique value.",
|
||||||
"placeholders": {
|
"placeholders": {
|
||||||
"count": {
|
"count": {
|
||||||
"content": "$1",
|
"content": "$1",
|
||||||
"example": "8"
|
"example": "8"
|
||||||
|
},
|
||||||
|
"vault": {
|
||||||
|
"content": "$2",
|
||||||
|
"example": "this will be 'vault' or 'vaults'"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|
|
@ -58,3 +58,12 @@ export class ServiceAccountPeopleAccessPoliciesView {
|
||||||
userAccessPolicies: UserServiceAccountAccessPolicyView[];
|
userAccessPolicies: UserServiceAccountAccessPolicyView[];
|
||||||
groupAccessPolicies: GroupServiceAccountAccessPolicyView[];
|
groupAccessPolicies: GroupServiceAccountAccessPolicyView[];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export class ServiceAccountProjectPolicyPermissionDetailsView {
|
||||||
|
accessPolicy: ServiceAccountProjectAccessPolicyView;
|
||||||
|
hasPermission: boolean;
|
||||||
|
}
|
||||||
|
|
||||||
|
export class ServiceAccountGrantedPoliciesView {
|
||||||
|
grantedProjectPolicies: ServiceAccountProjectPolicyPermissionDetailsView[];
|
||||||
|
}
|
||||||
|
|
|
@ -1,17 +1,27 @@
|
||||||
<div class="tw-mt-4 tw-w-2/5">
|
<form [formGroup]="formGroup" [bitSubmit]="submit" *ngIf="!loading; else spinner">
|
||||||
<p class="tw-mt-6">
|
<div class="tw-w-2/5">
|
||||||
{{ "machineAccountProjectsDescription" | i18n }}
|
<p class="tw-mt-8" *ngIf="!loading">
|
||||||
</p>
|
{{ "machineAccountProjectsDescription" | i18n }}
|
||||||
<sm-access-selector
|
</p>
|
||||||
[rows]="rows$ | async"
|
<sm-access-policy-selector
|
||||||
granteeType="projects"
|
[loading]="loading"
|
||||||
[label]="'projects' | i18n"
|
formControlName="accessPolicies"
|
||||||
[hint]="'newSaSelectAccess' | i18n"
|
[addButtonMode]="true"
|
||||||
[columnTitle]="'projects' | i18n"
|
[items]="potentialGrantees"
|
||||||
[emptyMessage]="'serviceAccountEmptyProjectAccesspolicies' | i18n"
|
[label]="'projects' | i18n"
|
||||||
(onCreateAccessPolicies)="handleCreateAccessPolicies($event)"
|
[hint]="'newSaSelectAccess' | i18n"
|
||||||
(onDeleteAccessPolicy)="handleDeleteAccessPolicy($event)"
|
[columnTitle]="'projects' | i18n"
|
||||||
(onUpdateAccessPolicy)="handleUpdateAccessPolicy($event)"
|
[emptyMessage]="'serviceAccountEmptyProjectAccesspolicies' | i18n"
|
||||||
>
|
>
|
||||||
</sm-access-selector>
|
</sm-access-policy-selector>
|
||||||
</div>
|
<button bitButton buttonType="primary" bitFormButton type="submit" class="tw-mt-7">
|
||||||
|
{{ "save" | i18n }}
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
|
||||||
|
<ng-template #spinner>
|
||||||
|
<div class="tw-items-center tw-justify-center tw-pt-64 tw-text-center">
|
||||||
|
<i class="bwi bwi-spinner bwi-spin bwi-3x"></i>
|
||||||
|
</div>
|
||||||
|
</ng-template>
|
||||||
|
|
|
@ -1,90 +1,68 @@
|
||||||
import { Component, OnDestroy, OnInit } from "@angular/core";
|
import { ChangeDetectorRef, Component, OnDestroy, OnInit } from "@angular/core";
|
||||||
|
import { FormControl, FormGroup } from "@angular/forms";
|
||||||
import { ActivatedRoute } from "@angular/router";
|
import { ActivatedRoute } from "@angular/router";
|
||||||
import { combineLatestWith, map, Observable, startWith, Subject, switchMap, takeUntil } from "rxjs";
|
import { combineLatest, Subject, switchMap, takeUntil } from "rxjs";
|
||||||
|
|
||||||
|
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||||
|
import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
|
||||||
import { ValidationService } from "@bitwarden/common/platform/abstractions/validation.service";
|
import { ValidationService } from "@bitwarden/common/platform/abstractions/validation.service";
|
||||||
import { SelectItemView } from "@bitwarden/components/src/multi-select/models/select-item-view";
|
|
||||||
|
|
||||||
import { ServiceAccountProjectAccessPolicyView } from "../../models/view/access-policy.view";
|
import { ServiceAccountGrantedPoliciesView } from "../../models/view/access-policy.view";
|
||||||
import { AccessPolicyService } from "../../shared/access-policies/access-policy.service";
|
|
||||||
import {
|
import {
|
||||||
AccessSelectorComponent,
|
ApItemValueType,
|
||||||
AccessSelectorRowView,
|
convertToServiceAccountGrantedPoliciesView,
|
||||||
} from "../../shared/access-policies/access-selector.component";
|
} from "../../shared/access-policies/access-policy-selector/models/ap-item-value.type";
|
||||||
|
import {
|
||||||
|
ApItemViewType,
|
||||||
|
convertPotentialGranteesToApItemViewType,
|
||||||
|
convertGrantedPoliciesToAccessPolicyItemViews,
|
||||||
|
} from "../../shared/access-policies/access-policy-selector/models/ap-item-view.type";
|
||||||
|
import { AccessPolicyService } from "../../shared/access-policies/access-policy.service";
|
||||||
|
|
||||||
@Component({
|
@Component({
|
||||||
selector: "sm-service-account-projects",
|
selector: "sm-service-account-projects",
|
||||||
templateUrl: "./service-account-projects.component.html",
|
templateUrl: "./service-account-projects.component.html",
|
||||||
})
|
})
|
||||||
export class ServiceAccountProjectsComponent implements OnInit, OnDestroy {
|
export class ServiceAccountProjectsComponent implements OnInit, OnDestroy {
|
||||||
|
private currentAccessPolicies: ApItemViewType[];
|
||||||
private destroy$ = new Subject<void>();
|
private destroy$ = new Subject<void>();
|
||||||
private serviceAccountId: string;
|
|
||||||
private organizationId: string;
|
private organizationId: string;
|
||||||
|
private serviceAccountId: string;
|
||||||
|
|
||||||
protected rows$: Observable<AccessSelectorRowView[]> =
|
private currentAccessPolicies$ = combineLatest([this.route.params]).pipe(
|
||||||
this.accessPolicyService.serviceAccountGrantedPolicyChanges$.pipe(
|
switchMap(([params]) =>
|
||||||
startWith(null),
|
this.accessPolicyService
|
||||||
combineLatestWith(this.route.params),
|
.getServiceAccountGrantedPolicies(params.organizationId, params.serviceAccountId)
|
||||||
switchMap(([_, params]) =>
|
.then((policies) => {
|
||||||
this.accessPolicyService.getGrantedPolicies(params.serviceAccountId, params.organizationId),
|
return convertGrantedPoliciesToAccessPolicyItemViews(policies);
|
||||||
),
|
}),
|
||||||
map((policies) => {
|
),
|
||||||
return policies.map((policy) => {
|
);
|
||||||
return {
|
|
||||||
type: "project",
|
|
||||||
name: policy.grantedProjectName,
|
|
||||||
id: policy.grantedProjectId,
|
|
||||||
accessPolicyId: policy.id,
|
|
||||||
read: policy.read,
|
|
||||||
write: policy.write,
|
|
||||||
icon: AccessSelectorComponent.projectIcon,
|
|
||||||
static: false,
|
|
||||||
} as AccessSelectorRowView;
|
|
||||||
});
|
|
||||||
}),
|
|
||||||
);
|
|
||||||
|
|
||||||
protected handleCreateAccessPolicies(selected: SelectItemView[]) {
|
private potentialGrantees$ = combineLatest([this.route.params]).pipe(
|
||||||
const serviceAccountProjectAccessPolicyView = selected
|
switchMap(([params]) =>
|
||||||
.filter((selection) => AccessSelectorComponent.getAccessItemType(selection) === "project")
|
this.accessPolicyService
|
||||||
.map((filtered) => {
|
.getProjectsPotentialGrantees(params.organizationId)
|
||||||
const view = new ServiceAccountProjectAccessPolicyView();
|
.then((grantees) => {
|
||||||
view.serviceAccountId = this.serviceAccountId;
|
return convertPotentialGranteesToApItemViewType(grantees);
|
||||||
view.grantedProjectId = filtered.id;
|
}),
|
||||||
view.read = true;
|
),
|
||||||
view.write = false;
|
);
|
||||||
return view;
|
|
||||||
});
|
|
||||||
|
|
||||||
return this.accessPolicyService.createGrantedPolicies(
|
protected formGroup = new FormGroup({
|
||||||
this.organizationId,
|
accessPolicies: new FormControl([] as ApItemValueType[]),
|
||||||
this.serviceAccountId,
|
});
|
||||||
serviceAccountProjectAccessPolicyView,
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
protected async handleUpdateAccessPolicy(policy: AccessSelectorRowView) {
|
protected loading = true;
|
||||||
try {
|
protected potentialGrantees: ApItemViewType[];
|
||||||
return await this.accessPolicyService.updateAccessPolicy(
|
|
||||||
AccessSelectorComponent.getBaseAccessPolicyView(policy),
|
|
||||||
);
|
|
||||||
} catch (e) {
|
|
||||||
this.validationService.showError(e);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
protected async handleDeleteAccessPolicy(policy: AccessSelectorRowView) {
|
|
||||||
try {
|
|
||||||
await this.accessPolicyService.deleteAccessPolicy(policy.accessPolicyId);
|
|
||||||
} catch (e) {
|
|
||||||
this.validationService.showError(e);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
constructor(
|
constructor(
|
||||||
private route: ActivatedRoute,
|
private route: ActivatedRoute,
|
||||||
|
private changeDetectorRef: ChangeDetectorRef,
|
||||||
private validationService: ValidationService,
|
private validationService: ValidationService,
|
||||||
private accessPolicyService: AccessPolicyService,
|
private accessPolicyService: AccessPolicyService,
|
||||||
|
private platformUtilsService: PlatformUtilsService,
|
||||||
|
private i18nService: I18nService,
|
||||||
) {}
|
) {}
|
||||||
|
|
||||||
ngOnInit(): void {
|
ngOnInit(): void {
|
||||||
|
@ -92,10 +70,119 @@ export class ServiceAccountProjectsComponent implements OnInit, OnDestroy {
|
||||||
this.organizationId = params.organizationId;
|
this.organizationId = params.organizationId;
|
||||||
this.serviceAccountId = params.serviceAccountId;
|
this.serviceAccountId = params.serviceAccountId;
|
||||||
});
|
});
|
||||||
|
|
||||||
|
combineLatest([this.potentialGrantees$, this.currentAccessPolicies$])
|
||||||
|
.pipe(takeUntil(this.destroy$))
|
||||||
|
.subscribe(([potentialGrantees, currentAccessPolicies]) => {
|
||||||
|
this.potentialGrantees = this.getPotentialGrantees(
|
||||||
|
potentialGrantees,
|
||||||
|
currentAccessPolicies,
|
||||||
|
);
|
||||||
|
this.setSelected(currentAccessPolicies);
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
ngOnDestroy(): void {
|
ngOnDestroy(): void {
|
||||||
this.destroy$.next();
|
this.destroy$.next();
|
||||||
this.destroy$.complete();
|
this.destroy$.complete();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
submit = async () => {
|
||||||
|
if (this.isFormInvalid()) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
const formValues = this.getFormValues();
|
||||||
|
this.formGroup.disable();
|
||||||
|
|
||||||
|
try {
|
||||||
|
const grantedViews = await this.updateServiceAccountGrantedPolicies(
|
||||||
|
this.organizationId,
|
||||||
|
this.serviceAccountId,
|
||||||
|
formValues,
|
||||||
|
);
|
||||||
|
|
||||||
|
this.currentAccessPolicies = convertGrantedPoliciesToAccessPolicyItemViews(grantedViews);
|
||||||
|
|
||||||
|
this.platformUtilsService.showToast(
|
||||||
|
"success",
|
||||||
|
null,
|
||||||
|
this.i18nService.t("serviceAccountAccessUpdated"),
|
||||||
|
);
|
||||||
|
} catch (e) {
|
||||||
|
this.validationService.showError(e);
|
||||||
|
this.setSelected(this.currentAccessPolicies);
|
||||||
|
}
|
||||||
|
this.formGroup.enable();
|
||||||
|
};
|
||||||
|
|
||||||
|
private setSelected(policiesToSelect: ApItemViewType[]) {
|
||||||
|
this.loading = true;
|
||||||
|
this.currentAccessPolicies = policiesToSelect;
|
||||||
|
if (policiesToSelect != undefined) {
|
||||||
|
// Must detect changes so that AccessSelector @Inputs() are aware of the latest
|
||||||
|
// potentialGrantees, otherwise no selected values will be patched below
|
||||||
|
this.changeDetectorRef.detectChanges();
|
||||||
|
this.formGroup.patchValue({
|
||||||
|
accessPolicies: policiesToSelect.map((m) => ({
|
||||||
|
type: m.type,
|
||||||
|
id: m.id,
|
||||||
|
permission: m.permission,
|
||||||
|
readOnly: m.readOnly,
|
||||||
|
})),
|
||||||
|
});
|
||||||
|
}
|
||||||
|
this.loading = false;
|
||||||
|
}
|
||||||
|
|
||||||
|
private isFormInvalid(): boolean {
|
||||||
|
this.formGroup.markAllAsTouched();
|
||||||
|
return this.formGroup.invalid;
|
||||||
|
}
|
||||||
|
|
||||||
|
private async updateServiceAccountGrantedPolicies(
|
||||||
|
organizationId: string,
|
||||||
|
serviceAccountId: string,
|
||||||
|
selectedPolicies: ApItemValueType[],
|
||||||
|
): Promise<ServiceAccountGrantedPoliciesView> {
|
||||||
|
const grantedViews = convertToServiceAccountGrantedPoliciesView(
|
||||||
|
serviceAccountId,
|
||||||
|
selectedPolicies,
|
||||||
|
);
|
||||||
|
return await this.accessPolicyService.putServiceAccountGrantedPolicies(
|
||||||
|
organizationId,
|
||||||
|
serviceAccountId,
|
||||||
|
grantedViews,
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
private getPotentialGrantees(
|
||||||
|
potentialGrantees: ApItemViewType[],
|
||||||
|
currentAccessPolicies: ApItemViewType[],
|
||||||
|
) {
|
||||||
|
// If the user doesn't have access to the project, they won't be in the potentialGrantees list.
|
||||||
|
// Add them to the potentialGrantees list so they can be selected as read-only.
|
||||||
|
for (const policy of currentAccessPolicies) {
|
||||||
|
const exists = potentialGrantees.some((grantee) => grantee.id === policy.id);
|
||||||
|
if (!exists) {
|
||||||
|
potentialGrantees.push(policy);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return potentialGrantees;
|
||||||
|
}
|
||||||
|
|
||||||
|
private getFormValues(): ApItemValueType[] {
|
||||||
|
// The read-only disabled form values are not included in the formGroup value.
|
||||||
|
// Manually add them to the returned result to ensure they are included in the form submission.
|
||||||
|
let formValues = this.formGroup.value.accessPolicies;
|
||||||
|
formValues = formValues.concat(
|
||||||
|
this.currentAccessPolicies
|
||||||
|
.filter((m) => m.readOnly)
|
||||||
|
.map((m) => ({
|
||||||
|
id: m.id,
|
||||||
|
type: m.type,
|
||||||
|
permission: m.permission,
|
||||||
|
})),
|
||||||
|
);
|
||||||
|
return formValues;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -29,14 +29,17 @@
|
||||||
bitRow
|
bitRow
|
||||||
*ngFor="let item of selectionList.selectedItems; let i = index"
|
*ngFor="let item of selectionList.selectedItems; let i = index"
|
||||||
[formGroupName]="i"
|
[formGroupName]="i"
|
||||||
|
[ngClass]="{ 'tw-text-muted': item.readOnly }"
|
||||||
>
|
>
|
||||||
<td bitCell class="tw-w-0 tw-pr-0">
|
<td bitCell class="tw-w-0 tw-pr-0">
|
||||||
<i class="bwi {{ item.icon }} tw-text-muted" aria-hidden="true"></i>
|
<i class="bwi {{ item.icon }}" aria-hidden="true"></i>
|
||||||
|
</td>
|
||||||
|
<td bitCell class="tw-max-w-sm tw-truncate">
|
||||||
|
{{ item.labelName }}
|
||||||
</td>
|
</td>
|
||||||
<td bitCell class="tw-max-w-sm tw-truncate">{{ item.labelName }}</td>
|
|
||||||
<td bitCell class="tw-mb-auto tw-inline-block tw-w-auto">
|
<td bitCell class="tw-mb-auto tw-inline-block tw-w-auto">
|
||||||
<select
|
<select
|
||||||
*ngIf="!staticPermission; else static"
|
*ngIf="!staticPermission && !item.readOnly; else readOnly"
|
||||||
bitInput
|
bitInput
|
||||||
formControlName="permission"
|
formControlName="permission"
|
||||||
(blur)="handleBlur()"
|
(blur)="handleBlur()"
|
||||||
|
@ -45,12 +48,20 @@
|
||||||
{{ p.labelId | i18n }}
|
{{ p.labelId | i18n }}
|
||||||
</option>
|
</option>
|
||||||
</select>
|
</select>
|
||||||
|
<ng-template #readOnly>
|
||||||
|
<ng-container *ngIf="item.readOnly; else static">
|
||||||
|
<div class="tw-overflow-hidden tw-overflow-ellipsis tw-whitespace-nowrap">
|
||||||
|
{{ item.permission | i18n }}
|
||||||
|
</div>
|
||||||
|
</ng-container>
|
||||||
|
</ng-template>
|
||||||
<ng-template #static>
|
<ng-template #static>
|
||||||
<span>{{ staticPermission | i18n }}</span>
|
<span>{{ staticPermission | i18n }}</span>
|
||||||
</ng-template>
|
</ng-template>
|
||||||
</td>
|
</td>
|
||||||
<td bitCell class="tw-w-0">
|
<td bitCell class="tw-w-0">
|
||||||
<button
|
<button
|
||||||
|
*ngIf="!item.readOnly"
|
||||||
type="button"
|
type="button"
|
||||||
bitIconButton="bwi-close"
|
bitIconButton="bwi-close"
|
||||||
buttonType="main"
|
buttonType="main"
|
||||||
|
|
|
@ -35,6 +35,34 @@ export class AccessPolicySelectorComponent implements ControlValueAccessor, OnIn
|
||||||
private notifyOnTouch: () => void;
|
private notifyOnTouch: () => void;
|
||||||
private pauseChangeNotification: boolean;
|
private pauseChangeNotification: boolean;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Updates the enabled/disabled state of provided row form group based on the item's readonly state.
|
||||||
|
* If a row is enabled, it also updates the enabled/disabled state of the permission control
|
||||||
|
* based on the item's accessAllItems state and the current value of `permissionMode`.
|
||||||
|
* @param controlRow - The form group for the row to update
|
||||||
|
* @param item - The access item that is represented by the row
|
||||||
|
*/
|
||||||
|
private updateRowControlDisableState = (
|
||||||
|
controlRow: FormGroup<ControlsOf<ApItemValueType>>,
|
||||||
|
item: ApItemViewType,
|
||||||
|
) => {
|
||||||
|
// Disable entire row form group if readOnly
|
||||||
|
if (item.readOnly || this.disabled) {
|
||||||
|
controlRow.disable();
|
||||||
|
} else {
|
||||||
|
controlRow.enable();
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Updates the enabled/disabled state of ALL row form groups based on each item's readonly state.
|
||||||
|
*/
|
||||||
|
private updateAllRowControlDisableStates = () => {
|
||||||
|
this.selectionList.forEachControlItem((controlRow, item) => {
|
||||||
|
this.updateRowControlDisableState(controlRow as FormGroup<ControlsOf<ApItemValueType>>, item);
|
||||||
|
});
|
||||||
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The internal selection list that tracks the value of this form control / component.
|
* The internal selection list that tracks the value of this form control / component.
|
||||||
* It's responsible for keeping items sorted and synced with the rendered form controls
|
* It's responsible for keeping items sorted and synced with the rendered form controls
|
||||||
|
@ -59,6 +87,9 @@ export class AccessPolicySelectorComponent implements ControlValueAccessor, OnIn
|
||||||
currentUserInGroup: new FormControl(currentUserInGroup),
|
currentUserInGroup: new FormControl(currentUserInGroup),
|
||||||
currentUser: new FormControl(currentUser),
|
currentUser: new FormControl(currentUser),
|
||||||
});
|
});
|
||||||
|
|
||||||
|
this.updateRowControlDisableState(fg, item);
|
||||||
|
|
||||||
return fg;
|
return fg;
|
||||||
}, this._itemComparator.bind(this));
|
}, this._itemComparator.bind(this));
|
||||||
|
|
||||||
|
@ -100,7 +131,13 @@ export class AccessPolicySelectorComponent implements ControlValueAccessor, OnIn
|
||||||
|
|
||||||
set items(val: ApItemViewType[]) {
|
set items(val: ApItemViewType[]) {
|
||||||
if (val != null) {
|
if (val != null) {
|
||||||
const selected = this.selectionList.formArray.getRawValue() ?? [];
|
let selected = this.selectionList.formArray.getRawValue() ?? [];
|
||||||
|
selected = selected.concat(
|
||||||
|
val
|
||||||
|
.filter((m) => m.readOnly)
|
||||||
|
.map((m) => ({ id: m.id, type: m.type, permission: m.permission })),
|
||||||
|
);
|
||||||
|
|
||||||
this.selectionList.populateItems(
|
this.selectionList.populateItems(
|
||||||
val.map((m) => {
|
val.map((m) => {
|
||||||
m.icon = m.icon ?? ApItemEnumUtil.itemIcon(m.type);
|
m.icon = m.icon ?? ApItemEnumUtil.itemIcon(m.type);
|
||||||
|
@ -137,6 +174,9 @@ export class AccessPolicySelectorComponent implements ControlValueAccessor, OnIn
|
||||||
} else {
|
} else {
|
||||||
this.formGroup.enable();
|
this.formGroup.enable();
|
||||||
this.multiSelectFormGroup.enable();
|
this.multiSelectFormGroup.enable();
|
||||||
|
// The enable() above automatically enables all the row controls,
|
||||||
|
// so we need to disable the readonly ones again
|
||||||
|
this.updateAllRowControlDisableStates();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -149,6 +189,9 @@ export class AccessPolicySelectorComponent implements ControlValueAccessor, OnIn
|
||||||
// Always clear the internal selection list on a new value
|
// Always clear the internal selection list on a new value
|
||||||
this.selectionList.deselectAll();
|
this.selectionList.deselectAll();
|
||||||
|
|
||||||
|
// We need to also select any read only items to appear in the table
|
||||||
|
this.selectionList.selectItems(this.items.filter((m) => m.readOnly).map((m) => m.id));
|
||||||
|
|
||||||
// If the new value is null, then we're done
|
// If the new value is null, then we're done
|
||||||
if (selectedItems == null) {
|
if (selectedItems == null) {
|
||||||
this.pauseChangeNotification = false;
|
this.pauseChangeNotification = false;
|
||||||
|
|
|
@ -347,6 +347,7 @@ function createApItemViewType(options: Partial<ApItemViewType> = {}) {
|
||||||
labelName: options?.labelName ?? "test",
|
labelName: options?.labelName ?? "test",
|
||||||
type: options?.type ?? ApItemEnum.User,
|
type: options?.type ?? ApItemEnum.User,
|
||||||
permission: options?.permission ?? ApPermissionEnum.CanRead,
|
permission: options?.permission ?? ApPermissionEnum.CanRead,
|
||||||
|
readOnly: options?.readOnly ?? false,
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -5,6 +5,9 @@ import {
|
||||||
ServiceAccountPeopleAccessPoliciesView,
|
ServiceAccountPeopleAccessPoliciesView,
|
||||||
UserServiceAccountAccessPolicyView,
|
UserServiceAccountAccessPolicyView,
|
||||||
GroupServiceAccountAccessPolicyView,
|
GroupServiceAccountAccessPolicyView,
|
||||||
|
ServiceAccountGrantedPoliciesView,
|
||||||
|
ServiceAccountProjectPolicyPermissionDetailsView,
|
||||||
|
ServiceAccountProjectAccessPolicyView,
|
||||||
} from "../../../../models/view/access-policy.view";
|
} from "../../../../models/view/access-policy.view";
|
||||||
|
|
||||||
import { ApItemEnum } from "./enums/ap-item.enum";
|
import { ApItemEnum } from "./enums/ap-item.enum";
|
||||||
|
@ -76,3 +79,26 @@ export function convertToServiceAccountPeopleAccessPoliciesView(
|
||||||
});
|
});
|
||||||
return view;
|
return view;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export function convertToServiceAccountGrantedPoliciesView(
|
||||||
|
serviceAccountId: string,
|
||||||
|
selectedPolicyValues: ApItemValueType[],
|
||||||
|
): ServiceAccountGrantedPoliciesView {
|
||||||
|
const view = new ServiceAccountGrantedPoliciesView();
|
||||||
|
|
||||||
|
view.grantedProjectPolicies = selectedPolicyValues
|
||||||
|
.filter((x) => x.type == ApItemEnum.Project)
|
||||||
|
.map((filtered) => {
|
||||||
|
const detailView = new ServiceAccountProjectPolicyPermissionDetailsView();
|
||||||
|
const policyView = new ServiceAccountProjectAccessPolicyView();
|
||||||
|
policyView.serviceAccountId = serviceAccountId;
|
||||||
|
policyView.grantedProjectId = filtered.id;
|
||||||
|
policyView.read = ApPermissionEnumUtil.toRead(filtered.permission);
|
||||||
|
policyView.write = ApPermissionEnumUtil.toWrite(filtered.permission);
|
||||||
|
|
||||||
|
detailView.accessPolicy = policyView;
|
||||||
|
return detailView;
|
||||||
|
});
|
||||||
|
|
||||||
|
return view;
|
||||||
|
}
|
||||||
|
|
|
@ -3,6 +3,7 @@ import { SelectItemView } from "@bitwarden/components";
|
||||||
|
|
||||||
import {
|
import {
|
||||||
ProjectPeopleAccessPoliciesView,
|
ProjectPeopleAccessPoliciesView,
|
||||||
|
ServiceAccountGrantedPoliciesView,
|
||||||
ServiceAccountPeopleAccessPoliciesView,
|
ServiceAccountPeopleAccessPoliciesView,
|
||||||
} from "../../../../models/view/access-policy.view";
|
} from "../../../../models/view/access-policy.view";
|
||||||
import { PotentialGranteeView } from "../../../../models/view/potential-grantee.view";
|
import { PotentialGranteeView } from "../../../../models/view/potential-grantee.view";
|
||||||
|
@ -13,6 +14,12 @@ import { ApPermissionEnum, ApPermissionEnumUtil } from "./enums/ap-permission.en
|
||||||
export type ApItemViewType = SelectItemView & {
|
export type ApItemViewType = SelectItemView & {
|
||||||
accessPolicyId?: string;
|
accessPolicyId?: string;
|
||||||
permission?: ApPermissionEnum;
|
permission?: ApPermissionEnum;
|
||||||
|
/**
|
||||||
|
* Flag that this item cannot be modified.
|
||||||
|
* This will disable the permission editor and will keep
|
||||||
|
* the item always selected.
|
||||||
|
*/
|
||||||
|
readOnly: boolean;
|
||||||
} & (
|
} & (
|
||||||
| {
|
| {
|
||||||
type: ApItemEnum.User;
|
type: ApItemEnum.User;
|
||||||
|
@ -47,6 +54,7 @@ export function convertToAccessPolicyItemViews(
|
||||||
permission: ApPermissionEnumUtil.toApPermissionEnum(policy.read, policy.write),
|
permission: ApPermissionEnumUtil.toApPermissionEnum(policy.read, policy.write),
|
||||||
userId: policy.userId,
|
userId: policy.userId,
|
||||||
currentUser: policy.currentUser,
|
currentUser: policy.currentUser,
|
||||||
|
readOnly: false,
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -60,12 +68,36 @@ export function convertToAccessPolicyItemViews(
|
||||||
listName: policy.groupName,
|
listName: policy.groupName,
|
||||||
permission: ApPermissionEnumUtil.toApPermissionEnum(policy.read, policy.write),
|
permission: ApPermissionEnumUtil.toApPermissionEnum(policy.read, policy.write),
|
||||||
currentUserInGroup: policy.currentUserInGroup,
|
currentUserInGroup: policy.currentUserInGroup,
|
||||||
|
readOnly: false,
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
return accessPolicies;
|
return accessPolicies;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export function convertGrantedPoliciesToAccessPolicyItemViews(
|
||||||
|
value: ServiceAccountGrantedPoliciesView,
|
||||||
|
): ApItemViewType[] {
|
||||||
|
const accessPolicies: ApItemViewType[] = [];
|
||||||
|
|
||||||
|
value.grantedProjectPolicies.forEach((detailView) => {
|
||||||
|
accessPolicies.push({
|
||||||
|
type: ApItemEnum.Project,
|
||||||
|
icon: ApItemEnumUtil.itemIcon(ApItemEnum.Project),
|
||||||
|
id: detailView.accessPolicy.grantedProjectId,
|
||||||
|
accessPolicyId: detailView.accessPolicy.id,
|
||||||
|
labelName: detailView.accessPolicy.grantedProjectName,
|
||||||
|
listName: detailView.accessPolicy.grantedProjectName,
|
||||||
|
permission: ApPermissionEnumUtil.toApPermissionEnum(
|
||||||
|
detailView.accessPolicy.read,
|
||||||
|
detailView.accessPolicy.write,
|
||||||
|
),
|
||||||
|
readOnly: !detailView.hasPermission,
|
||||||
|
});
|
||||||
|
});
|
||||||
|
return accessPolicies;
|
||||||
|
}
|
||||||
|
|
||||||
export function convertPotentialGranteesToApItemViewType(
|
export function convertPotentialGranteesToApItemViewType(
|
||||||
grantees: PotentialGranteeView[],
|
grantees: PotentialGranteeView[],
|
||||||
): ApItemViewType[] {
|
): ApItemViewType[] {
|
||||||
|
@ -108,6 +140,7 @@ export function convertPotentialGranteesToApItemViewType(
|
||||||
listName: listName,
|
listName: listName,
|
||||||
currentUserInGroup: granteeView.currentUserInGroup,
|
currentUserInGroup: granteeView.currentUserInGroup,
|
||||||
currentUser: granteeView.currentUser,
|
currentUser: granteeView.currentUser,
|
||||||
|
readOnly: false,
|
||||||
};
|
};
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
|
@ -18,15 +18,17 @@ import {
|
||||||
UserProjectAccessPolicyView,
|
UserProjectAccessPolicyView,
|
||||||
UserServiceAccountAccessPolicyView,
|
UserServiceAccountAccessPolicyView,
|
||||||
ServiceAccountPeopleAccessPoliciesView,
|
ServiceAccountPeopleAccessPoliciesView,
|
||||||
|
ServiceAccountGrantedPoliciesView,
|
||||||
|
ServiceAccountProjectPolicyPermissionDetailsView,
|
||||||
} from "../../models/view/access-policy.view";
|
} from "../../models/view/access-policy.view";
|
||||||
import { PotentialGranteeView } from "../../models/view/potential-grantee.view";
|
import { PotentialGranteeView } from "../../models/view/potential-grantee.view";
|
||||||
import { AccessPoliciesCreateRequest } from "../../shared/access-policies/models/requests/access-policies-create.request";
|
import { AccessPoliciesCreateRequest } from "../../shared/access-policies/models/requests/access-policies-create.request";
|
||||||
import { PeopleAccessPoliciesRequest } from "../../shared/access-policies/models/requests/people-access-policies.request";
|
import { PeopleAccessPoliciesRequest } from "../../shared/access-policies/models/requests/people-access-policies.request";
|
||||||
import { ProjectAccessPoliciesResponse } from "../../shared/access-policies/models/responses/project-access-policies.response";
|
import { ProjectAccessPoliciesResponse } from "../../shared/access-policies/models/responses/project-access-policies.response";
|
||||||
|
import { ServiceAccountGrantedPoliciesRequest } from "../access-policies/models/requests/service-account-granted-policies.request";
|
||||||
|
|
||||||
import { AccessPolicyUpdateRequest } from "./models/requests/access-policy-update.request";
|
import { AccessPolicyUpdateRequest } from "./models/requests/access-policy-update.request";
|
||||||
import { AccessPolicyRequest } from "./models/requests/access-policy.request";
|
import { AccessPolicyRequest } from "./models/requests/access-policy.request";
|
||||||
import { GrantedPolicyRequest } from "./models/requests/granted-policy.request";
|
|
||||||
import {
|
import {
|
||||||
GroupServiceAccountAccessPolicyResponse,
|
GroupServiceAccountAccessPolicyResponse,
|
||||||
UserServiceAccountAccessPolicyResponse,
|
UserServiceAccountAccessPolicyResponse,
|
||||||
|
@ -36,28 +38,21 @@ import {
|
||||||
} from "./models/responses/access-policy.response";
|
} from "./models/responses/access-policy.response";
|
||||||
import { PotentialGranteeResponse } from "./models/responses/potential-grantee.response";
|
import { PotentialGranteeResponse } from "./models/responses/potential-grantee.response";
|
||||||
import { ProjectPeopleAccessPoliciesResponse } from "./models/responses/project-people-access-policies.response";
|
import { ProjectPeopleAccessPoliciesResponse } from "./models/responses/project-people-access-policies.response";
|
||||||
|
import { ServiceAccountGrantedPoliciesPermissionDetailsResponse } from "./models/responses/service-account-granted-policies-permission-details.response";
|
||||||
import { ServiceAccountPeopleAccessPoliciesResponse } from "./models/responses/service-account-people-access-policies.response";
|
import { ServiceAccountPeopleAccessPoliciesResponse } from "./models/responses/service-account-people-access-policies.response";
|
||||||
|
import { ServiceAccountProjectPolicyPermissionDetailsResponse } from "./models/responses/service-account-project-policy-permission-details.response";
|
||||||
|
|
||||||
@Injectable({
|
@Injectable({
|
||||||
providedIn: "root",
|
providedIn: "root",
|
||||||
})
|
})
|
||||||
export class AccessPolicyService {
|
export class AccessPolicyService {
|
||||||
private _projectAccessPolicyChanges$ = new Subject<ProjectAccessPoliciesView>();
|
private _projectAccessPolicyChanges$ = new Subject<ProjectAccessPoliciesView>();
|
||||||
private _serviceAccountGrantedPolicyChanges$ = new Subject<
|
|
||||||
ServiceAccountProjectAccessPolicyView[]
|
|
||||||
>();
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Emits when a project access policy is created or deleted.
|
* Emits when a project access policy is created or deleted.
|
||||||
*/
|
*/
|
||||||
readonly projectAccessPolicyChanges$ = this._projectAccessPolicyChanges$.asObservable();
|
readonly projectAccessPolicyChanges$ = this._projectAccessPolicyChanges$.asObservable();
|
||||||
|
|
||||||
/**
|
|
||||||
* Emits when a service account granted policy is created or deleted.
|
|
||||||
*/
|
|
||||||
readonly serviceAccountGrantedPolicyChanges$ =
|
|
||||||
this._serviceAccountGrantedPolicyChanges$.asObservable();
|
|
||||||
|
|
||||||
constructor(
|
constructor(
|
||||||
private cryptoService: CryptoService,
|
private cryptoService: CryptoService,
|
||||||
protected apiService: ApiService,
|
protected apiService: ApiService,
|
||||||
|
@ -68,44 +63,6 @@ export class AccessPolicyService {
|
||||||
this._projectAccessPolicyChanges$.next(null);
|
this._projectAccessPolicyChanges$.next(null);
|
||||||
}
|
}
|
||||||
|
|
||||||
async getGrantedPolicies(
|
|
||||||
serviceAccountId: string,
|
|
||||||
organizationId: string,
|
|
||||||
): Promise<ServiceAccountProjectAccessPolicyView[]> {
|
|
||||||
const r = await this.apiService.send(
|
|
||||||
"GET",
|
|
||||||
"/service-accounts/" + serviceAccountId + "/granted-policies",
|
|
||||||
null,
|
|
||||||
true,
|
|
||||||
true,
|
|
||||||
);
|
|
||||||
|
|
||||||
const results = new ListResponse(r, ServiceAccountProjectAccessPolicyResponse);
|
|
||||||
return await this.createServiceAccountProjectAccessPolicyViews(results.data, organizationId);
|
|
||||||
}
|
|
||||||
|
|
||||||
async createGrantedPolicies(
|
|
||||||
organizationId: string,
|
|
||||||
serviceAccountId: string,
|
|
||||||
policies: ServiceAccountProjectAccessPolicyView[],
|
|
||||||
): Promise<ServiceAccountProjectAccessPolicyView[]> {
|
|
||||||
const request = this.getGrantedPoliciesCreateRequest(policies);
|
|
||||||
const r = await this.apiService.send(
|
|
||||||
"POST",
|
|
||||||
"/service-accounts/" + serviceAccountId + "/granted-policies",
|
|
||||||
request,
|
|
||||||
true,
|
|
||||||
true,
|
|
||||||
);
|
|
||||||
const results = new ListResponse(r, ServiceAccountProjectAccessPolicyResponse);
|
|
||||||
const views = await this.createServiceAccountProjectAccessPolicyViews(
|
|
||||||
results.data,
|
|
||||||
organizationId,
|
|
||||||
);
|
|
||||||
this._serviceAccountGrantedPolicyChanges$.next(views);
|
|
||||||
return views;
|
|
||||||
}
|
|
||||||
|
|
||||||
async getProjectAccessPolicies(
|
async getProjectAccessPolicies(
|
||||||
organizationId: string,
|
organizationId: string,
|
||||||
projectId: string,
|
projectId: string,
|
||||||
|
@ -184,6 +141,40 @@ export class AccessPolicyService {
|
||||||
return this.createServiceAccountPeopleAccessPoliciesView(results);
|
return this.createServiceAccountPeopleAccessPoliciesView(results);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
async getServiceAccountGrantedPolicies(
|
||||||
|
organizationId: string,
|
||||||
|
serviceAccountId: string,
|
||||||
|
): Promise<ServiceAccountGrantedPoliciesView> {
|
||||||
|
const r = await this.apiService.send(
|
||||||
|
"GET",
|
||||||
|
"/service-accounts/" + serviceAccountId + "/granted-policies",
|
||||||
|
null,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
);
|
||||||
|
|
||||||
|
const result = new ServiceAccountGrantedPoliciesPermissionDetailsResponse(r);
|
||||||
|
return await this.createServiceAccountGrantedPoliciesView(result, organizationId);
|
||||||
|
}
|
||||||
|
|
||||||
|
async putServiceAccountGrantedPolicies(
|
||||||
|
organizationId: string,
|
||||||
|
serviceAccountId: string,
|
||||||
|
policies: ServiceAccountGrantedPoliciesView,
|
||||||
|
): Promise<ServiceAccountGrantedPoliciesView> {
|
||||||
|
const request = this.getServiceAccountGrantedPoliciesRequest(policies);
|
||||||
|
const r = await this.apiService.send(
|
||||||
|
"PUT",
|
||||||
|
"/service-accounts/" + serviceAccountId + "/granted-policies",
|
||||||
|
request,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
);
|
||||||
|
|
||||||
|
const result = new ServiceAccountGrantedPoliciesPermissionDetailsResponse(r);
|
||||||
|
return await this.createServiceAccountGrantedPoliciesView(result, organizationId);
|
||||||
|
}
|
||||||
|
|
||||||
async createProjectAccessPolicies(
|
async createProjectAccessPolicies(
|
||||||
organizationId: string,
|
organizationId: string,
|
||||||
projectId: string,
|
projectId: string,
|
||||||
|
@ -206,7 +197,6 @@ export class AccessPolicyService {
|
||||||
async deleteAccessPolicy(accessPolicyId: string): Promise<void> {
|
async deleteAccessPolicy(accessPolicyId: string): Promise<void> {
|
||||||
await this.apiService.send("DELETE", "/access-policies/" + accessPolicyId, null, true, false);
|
await this.apiService.send("DELETE", "/access-policies/" + accessPolicyId, null, true, false);
|
||||||
this._projectAccessPolicyChanges$.next(null);
|
this._projectAccessPolicyChanges$.next(null);
|
||||||
this._serviceAccountGrantedPolicyChanges$.next(null);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
async updateAccessPolicy(baseAccessPolicyView: BaseAccessPolicyView): Promise<void> {
|
async updateAccessPolicy(baseAccessPolicyView: BaseAccessPolicyView): Promise<void> {
|
||||||
|
@ -222,6 +212,158 @@ export class AccessPolicyService {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
async getPeoplePotentialGrantees(organizationId: string) {
|
||||||
|
const r = await this.apiService.send(
|
||||||
|
"GET",
|
||||||
|
"/organizations/" + organizationId + "/access-policies/people/potential-grantees",
|
||||||
|
null,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
);
|
||||||
|
const results = new ListResponse(r, PotentialGranteeResponse);
|
||||||
|
return await this.createPotentialGranteeViews(organizationId, results.data);
|
||||||
|
}
|
||||||
|
|
||||||
|
async getServiceAccountsPotentialGrantees(organizationId: string) {
|
||||||
|
const r = await this.apiService.send(
|
||||||
|
"GET",
|
||||||
|
"/organizations/" + organizationId + "/access-policies/service-accounts/potential-grantees",
|
||||||
|
null,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
);
|
||||||
|
const results = new ListResponse(r, PotentialGranteeResponse);
|
||||||
|
return await this.createPotentialGranteeViews(organizationId, results.data);
|
||||||
|
}
|
||||||
|
|
||||||
|
async getProjectsPotentialGrantees(organizationId: string) {
|
||||||
|
const r = await this.apiService.send(
|
||||||
|
"GET",
|
||||||
|
"/organizations/" + organizationId + "/access-policies/projects/potential-grantees",
|
||||||
|
null,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
);
|
||||||
|
const results = new ListResponse(r, PotentialGranteeResponse);
|
||||||
|
return await this.createPotentialGranteeViews(organizationId, results.data);
|
||||||
|
}
|
||||||
|
|
||||||
|
protected async getOrganizationKey(organizationId: string): Promise<SymmetricCryptoKey> {
|
||||||
|
return await this.cryptoService.getOrgKey(organizationId);
|
||||||
|
}
|
||||||
|
|
||||||
|
protected getAccessPolicyRequest(
|
||||||
|
granteeId: string,
|
||||||
|
view:
|
||||||
|
| UserProjectAccessPolicyView
|
||||||
|
| UserServiceAccountAccessPolicyView
|
||||||
|
| GroupProjectAccessPolicyView
|
||||||
|
| GroupServiceAccountAccessPolicyView
|
||||||
|
| ServiceAccountProjectAccessPolicyView,
|
||||||
|
) {
|
||||||
|
const request = new AccessPolicyRequest();
|
||||||
|
request.granteeId = granteeId;
|
||||||
|
request.read = view.read;
|
||||||
|
request.write = view.write;
|
||||||
|
return request;
|
||||||
|
}
|
||||||
|
|
||||||
|
protected createBaseAccessPolicyView(
|
||||||
|
response:
|
||||||
|
| UserProjectAccessPolicyResponse
|
||||||
|
| UserServiceAccountAccessPolicyResponse
|
||||||
|
| GroupProjectAccessPolicyResponse
|
||||||
|
| GroupServiceAccountAccessPolicyResponse
|
||||||
|
| ServiceAccountProjectAccessPolicyResponse,
|
||||||
|
) {
|
||||||
|
return {
|
||||||
|
id: response.id,
|
||||||
|
read: response.read,
|
||||||
|
write: response.write,
|
||||||
|
creationDate: response.creationDate,
|
||||||
|
revisionDate: response.revisionDate,
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
private async createPotentialGranteeViews(
|
||||||
|
organizationId: string,
|
||||||
|
results: PotentialGranteeResponse[],
|
||||||
|
): Promise<PotentialGranteeView[]> {
|
||||||
|
const orgKey = await this.getOrganizationKey(organizationId);
|
||||||
|
return await Promise.all(
|
||||||
|
results.map(async (r) => {
|
||||||
|
const view = new PotentialGranteeView();
|
||||||
|
view.id = r.id;
|
||||||
|
view.type = r.type;
|
||||||
|
view.email = r.email;
|
||||||
|
view.currentUser = r.currentUser;
|
||||||
|
view.currentUserInGroup = r.currentUserInGroup;
|
||||||
|
|
||||||
|
if (r.type === "serviceAccount" || r.type === "project") {
|
||||||
|
view.name = r.name
|
||||||
|
? await this.encryptService.decryptToUtf8(new EncString(r.name), orgKey)
|
||||||
|
: null;
|
||||||
|
} else {
|
||||||
|
view.name = r.name;
|
||||||
|
}
|
||||||
|
return view;
|
||||||
|
}),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
private getServiceAccountGrantedPoliciesRequest(
|
||||||
|
policies: ServiceAccountGrantedPoliciesView,
|
||||||
|
): ServiceAccountGrantedPoliciesRequest {
|
||||||
|
const request = new ServiceAccountGrantedPoliciesRequest();
|
||||||
|
|
||||||
|
request.projectGrantedPolicyRequests = policies.grantedProjectPolicies.map((detailView) => ({
|
||||||
|
grantedId: detailView.accessPolicy.grantedProjectId,
|
||||||
|
read: detailView.accessPolicy.read,
|
||||||
|
write: detailView.accessPolicy.write,
|
||||||
|
}));
|
||||||
|
|
||||||
|
return request;
|
||||||
|
}
|
||||||
|
|
||||||
|
private async createServiceAccountGrantedPoliciesView(
|
||||||
|
response: ServiceAccountGrantedPoliciesPermissionDetailsResponse,
|
||||||
|
organizationId: string,
|
||||||
|
): Promise<ServiceAccountGrantedPoliciesView> {
|
||||||
|
const orgKey = await this.getOrganizationKey(organizationId);
|
||||||
|
|
||||||
|
const view = new ServiceAccountGrantedPoliciesView();
|
||||||
|
view.grantedProjectPolicies =
|
||||||
|
await this.createServiceAccountProjectPolicyPermissionDetailsViews(
|
||||||
|
orgKey,
|
||||||
|
response.grantedProjectPolicies,
|
||||||
|
);
|
||||||
|
return view;
|
||||||
|
}
|
||||||
|
|
||||||
|
private async createServiceAccountProjectPolicyPermissionDetailsViews(
|
||||||
|
orgKey: SymmetricCryptoKey,
|
||||||
|
responses: ServiceAccountProjectPolicyPermissionDetailsResponse[],
|
||||||
|
): Promise<ServiceAccountProjectPolicyPermissionDetailsView[]> {
|
||||||
|
return await Promise.all(
|
||||||
|
responses.map(async (response) => {
|
||||||
|
return await this.createServiceAccountProjectPolicyPermissionDetailsView(orgKey, response);
|
||||||
|
}),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
private async createServiceAccountProjectPolicyPermissionDetailsView(
|
||||||
|
orgKey: SymmetricCryptoKey,
|
||||||
|
response: ServiceAccountProjectPolicyPermissionDetailsResponse,
|
||||||
|
): Promise<ServiceAccountProjectPolicyPermissionDetailsView> {
|
||||||
|
const view = new ServiceAccountProjectPolicyPermissionDetailsView();
|
||||||
|
view.hasPermission = response.hasPermission;
|
||||||
|
view.accessPolicy = await this.createServiceAccountProjectAccessPolicyView(
|
||||||
|
orgKey,
|
||||||
|
response.accessPolicy,
|
||||||
|
);
|
||||||
|
return view;
|
||||||
|
}
|
||||||
|
|
||||||
private async createProjectAccessPoliciesView(
|
private async createProjectAccessPoliciesView(
|
||||||
organizationId: string,
|
organizationId: string,
|
||||||
projectAccessPoliciesResponse: ProjectAccessPoliciesResponse,
|
projectAccessPoliciesResponse: ProjectAccessPoliciesResponse,
|
||||||
|
@ -393,147 +535,4 @@ export class AccessPolicyService {
|
||||||
currentUserInGroup: response.currentUserInGroup,
|
currentUserInGroup: response.currentUserInGroup,
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
async getPeoplePotentialGrantees(organizationId: string) {
|
|
||||||
const r = await this.apiService.send(
|
|
||||||
"GET",
|
|
||||||
"/organizations/" + organizationId + "/access-policies/people/potential-grantees",
|
|
||||||
null,
|
|
||||||
true,
|
|
||||||
true,
|
|
||||||
);
|
|
||||||
const results = new ListResponse(r, PotentialGranteeResponse);
|
|
||||||
return await this.createPotentialGranteeViews(organizationId, results.data);
|
|
||||||
}
|
|
||||||
|
|
||||||
async getServiceAccountsPotentialGrantees(organizationId: string) {
|
|
||||||
const r = await this.apiService.send(
|
|
||||||
"GET",
|
|
||||||
"/organizations/" + organizationId + "/access-policies/service-accounts/potential-grantees",
|
|
||||||
null,
|
|
||||||
true,
|
|
||||||
true,
|
|
||||||
);
|
|
||||||
const results = new ListResponse(r, PotentialGranteeResponse);
|
|
||||||
return await this.createPotentialGranteeViews(organizationId, results.data);
|
|
||||||
}
|
|
||||||
|
|
||||||
async getProjectsPotentialGrantees(organizationId: string) {
|
|
||||||
const r = await this.apiService.send(
|
|
||||||
"GET",
|
|
||||||
"/organizations/" + organizationId + "/access-policies/projects/potential-grantees",
|
|
||||||
null,
|
|
||||||
true,
|
|
||||||
true,
|
|
||||||
);
|
|
||||||
const results = new ListResponse(r, PotentialGranteeResponse);
|
|
||||||
return await this.createPotentialGranteeViews(organizationId, results.data);
|
|
||||||
}
|
|
||||||
|
|
||||||
protected async getOrganizationKey(organizationId: string): Promise<SymmetricCryptoKey> {
|
|
||||||
return await this.cryptoService.getOrgKey(organizationId);
|
|
||||||
}
|
|
||||||
|
|
||||||
protected getAccessPolicyRequest(
|
|
||||||
granteeId: string,
|
|
||||||
view:
|
|
||||||
| UserProjectAccessPolicyView
|
|
||||||
| UserServiceAccountAccessPolicyView
|
|
||||||
| GroupProjectAccessPolicyView
|
|
||||||
| GroupServiceAccountAccessPolicyView
|
|
||||||
| ServiceAccountProjectAccessPolicyView,
|
|
||||||
) {
|
|
||||||
const request = new AccessPolicyRequest();
|
|
||||||
request.granteeId = granteeId;
|
|
||||||
request.read = view.read;
|
|
||||||
request.write = view.write;
|
|
||||||
return request;
|
|
||||||
}
|
|
||||||
|
|
||||||
protected createBaseAccessPolicyView(
|
|
||||||
response:
|
|
||||||
| UserProjectAccessPolicyResponse
|
|
||||||
| UserServiceAccountAccessPolicyResponse
|
|
||||||
| GroupProjectAccessPolicyResponse
|
|
||||||
| GroupServiceAccountAccessPolicyResponse
|
|
||||||
| ServiceAccountProjectAccessPolicyResponse,
|
|
||||||
) {
|
|
||||||
return {
|
|
||||||
id: response.id,
|
|
||||||
read: response.read,
|
|
||||||
write: response.write,
|
|
||||||
creationDate: response.creationDate,
|
|
||||||
revisionDate: response.revisionDate,
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
private async createPotentialGranteeViews(
|
|
||||||
organizationId: string,
|
|
||||||
results: PotentialGranteeResponse[],
|
|
||||||
): Promise<PotentialGranteeView[]> {
|
|
||||||
const orgKey = await this.getOrganizationKey(organizationId);
|
|
||||||
return await Promise.all(
|
|
||||||
results.map(async (r) => {
|
|
||||||
const view = new PotentialGranteeView();
|
|
||||||
view.id = r.id;
|
|
||||||
view.type = r.type;
|
|
||||||
view.email = r.email;
|
|
||||||
view.currentUser = r.currentUser;
|
|
||||||
view.currentUserInGroup = r.currentUserInGroup;
|
|
||||||
|
|
||||||
if (r.type === "serviceAccount" || r.type === "project") {
|
|
||||||
view.name = r.name
|
|
||||||
? await this.encryptService.decryptToUtf8(new EncString(r.name), orgKey)
|
|
||||||
: null;
|
|
||||||
} else {
|
|
||||||
view.name = r.name;
|
|
||||||
}
|
|
||||||
return view;
|
|
||||||
}),
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
private getGrantedPoliciesCreateRequest(
|
|
||||||
policies: ServiceAccountProjectAccessPolicyView[],
|
|
||||||
): GrantedPolicyRequest[] {
|
|
||||||
return policies.map((ap) => {
|
|
||||||
const request = new GrantedPolicyRequest();
|
|
||||||
request.grantedId = ap.grantedProjectId;
|
|
||||||
request.read = ap.read;
|
|
||||||
request.write = ap.write;
|
|
||||||
return request;
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
private async createServiceAccountProjectAccessPolicyViews(
|
|
||||||
responses: ServiceAccountProjectAccessPolicyResponse[],
|
|
||||||
organizationId: string,
|
|
||||||
): Promise<ServiceAccountProjectAccessPolicyView[]> {
|
|
||||||
const orgKey = await this.getOrganizationKey(organizationId);
|
|
||||||
return await Promise.all(
|
|
||||||
responses.map(async (response: ServiceAccountProjectAccessPolicyResponse) => {
|
|
||||||
const view = new ServiceAccountProjectAccessPolicyView();
|
|
||||||
view.id = response.id;
|
|
||||||
view.read = response.read;
|
|
||||||
view.write = response.write;
|
|
||||||
view.creationDate = response.creationDate;
|
|
||||||
view.revisionDate = response.revisionDate;
|
|
||||||
view.serviceAccountId = response.serviceAccountId;
|
|
||||||
view.grantedProjectId = response.grantedProjectId;
|
|
||||||
view.serviceAccountName = response.serviceAccountName
|
|
||||||
? await this.encryptService.decryptToUtf8(
|
|
||||||
new EncString(response.serviceAccountName),
|
|
||||||
orgKey,
|
|
||||||
)
|
|
||||||
: null;
|
|
||||||
view.grantedProjectName = response.grantedProjectName
|
|
||||||
? await this.encryptService.decryptToUtf8(
|
|
||||||
new EncString(response.grantedProjectName),
|
|
||||||
orgKey,
|
|
||||||
)
|
|
||||||
: null;
|
|
||||||
return view;
|
|
||||||
}),
|
|
||||||
);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
import { GrantedPolicyRequest } from "./granted-policy.request";
|
||||||
|
|
||||||
|
export class ServiceAccountGrantedPoliciesRequest {
|
||||||
|
projectGrantedPolicyRequests?: GrantedPolicyRequest[];
|
||||||
|
}
|
|
@ -0,0 +1,15 @@
|
||||||
|
import { BaseResponse } from "@bitwarden/common/models/response/base.response";
|
||||||
|
|
||||||
|
import { ServiceAccountProjectPolicyPermissionDetailsResponse } from "./service-account-project-policy-permission-details.response";
|
||||||
|
|
||||||
|
export class ServiceAccountGrantedPoliciesPermissionDetailsResponse extends BaseResponse {
|
||||||
|
grantedProjectPolicies: ServiceAccountProjectPolicyPermissionDetailsResponse[];
|
||||||
|
|
||||||
|
constructor(response: any) {
|
||||||
|
super(response);
|
||||||
|
const grantedProjectPolicies = this.getResponseProperty("GrantedProjectPolicies");
|
||||||
|
this.grantedProjectPolicies = grantedProjectPolicies.map(
|
||||||
|
(k: any) => new ServiceAccountProjectPolicyPermissionDetailsResponse(k),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,14 @@
|
||||||
|
import { BaseResponse } from "@bitwarden/common/models/response/base.response";
|
||||||
|
|
||||||
|
import { ServiceAccountProjectAccessPolicyResponse } from "./access-policy.response";
|
||||||
|
|
||||||
|
export class ServiceAccountProjectPolicyPermissionDetailsResponse extends BaseResponse {
|
||||||
|
accessPolicy: ServiceAccountProjectAccessPolicyResponse;
|
||||||
|
hasPermission: boolean;
|
||||||
|
|
||||||
|
constructor(response: any) {
|
||||||
|
super(response);
|
||||||
|
this.accessPolicy = this.getResponseProperty("AccessPolicy");
|
||||||
|
this.hasPermission = this.getResponseProperty("HasPermission");
|
||||||
|
}
|
||||||
|
}
|
|
@ -289,6 +289,16 @@ export class AddEditComponent implements OnInit, OnDestroy {
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
// Only Admins can clone a cipher to different owner
|
||||||
|
if (this.cloneMode && this.cipher.organizationId != null) {
|
||||||
|
const cipherOrg = (await firstValueFrom(this.organizationService.memberOrganizations$)).find(
|
||||||
|
(o) => o.id === this.cipher.organizationId,
|
||||||
|
);
|
||||||
|
|
||||||
|
if (cipherOrg != null && !cipherOrg.isAdmin && !cipherOrg.permissions.editAnyCollection) {
|
||||||
|
this.ownershipOptions = [{ name: cipherOrg.name, value: cipherOrg.id }];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// We don't want to copy passkeys when we clone a cipher
|
// We don't want to copy passkeys when we clone a cipher
|
||||||
if (this.cloneMode && this.cipher?.login?.hasFido2Credentials) {
|
if (this.cloneMode && this.cipher?.login?.hasFido2Credentials) {
|
||||||
|
|
Loading…
Reference in New Issue