From bf67493663e34682ef48024e0827cbd5ba664e2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rui=20Tom=C3=A9?= <108268980+r-tome@users.noreply.github.com> Date: Thu, 29 Dec 2022 16:20:19 +0000 Subject: [PATCH] [EC-781] User can bypass master password requirements policy by canceling password reset and pasting invite link (#4218) * [EC-781] Forcing the user to login to evaluate if the user's password meets the Organization password policy requirements * [EC-781] Fix bug preventing from submitting update password form * Revert "[EC-781] Forcing the user to login to evaluate if the user's password meets the Organization password policy requirements" This reverts commit f09d74b4fcc78e71e1c7191a01918ba49e79479e. * [EC-781] Get email value from query parameters also for authenticated requests * [EC-781] Forcing the user to login to evaluate if the user's current password meets the Organization password policy requirements * [EC-781] Logging out the user using messagingService on accept-organization component * [EC-781] Refactored accept-organization component to be simpler to read --- .../accept-organization.component.html | 2 +- .../accounts/accept-organization.component.ts | 33 +++++++++++++------ .../accounts/update-password.component.html | 1 + apps/web/src/app/app.component.ts | 8 +++-- .../src/app/common/base.accept.component.ts | 2 +- 5 files changed, 31 insertions(+), 15 deletions(-) diff --git a/apps/web/src/app/accounts/accept-organization.component.html b/apps/web/src/app/accounts/accept-organization.component.html index 25d90d93e0..3aef47df22 100644 --- a/apps/web/src/app/accounts/accept-organization.component.html +++ b/apps/web/src/app/accounts/accept-organization.component.html @@ -11,7 +11,7 @@
-{{ "joinOrganization" | i18n }}
diff --git a/apps/web/src/app/accounts/accept-organization.component.ts b/apps/web/src/app/accounts/accept-organization.component.ts index ab6157a32f..4153c9c516 100644 --- a/apps/web/src/app/accounts/accept-organization.component.ts +++ b/apps/web/src/app/accounts/accept-organization.component.ts @@ -1,10 +1,10 @@ import { Component } from "@angular/core"; import { ActivatedRoute, Params, Router } from "@angular/router"; -import { ApiService } from "@bitwarden/common/abstractions/api.service"; import { CryptoService } from "@bitwarden/common/abstractions/crypto.service"; import { I18nService } from "@bitwarden/common/abstractions/i18n.service"; import { LogService } from "@bitwarden/common/abstractions/log.service"; +import { MessagingService } from "@bitwarden/common/abstractions/messaging.service"; import { OrganizationUserService } from "@bitwarden/common/abstractions/organization-user/organization-user.service"; import { OrganizationUserAcceptRequest } from "@bitwarden/common/abstractions/organization-user/requests"; import { OrganizationApiServiceAbstraction } from "@bitwarden/common/abstractions/organization/organization-api.service.abstraction"; @@ -31,19 +31,28 @@ export class AcceptOrganizationComponent extends BaseAcceptComponent { platformUtilsService: PlatformUtilsService, i18nService: I18nService, route: ActivatedRoute, - private apiService: ApiService, stateService: StateService, private cryptoService: CryptoService, private policyApiService: PolicyApiServiceAbstraction, private policyService: PolicyService, private logService: LogService, private organizationApiService: OrganizationApiServiceAbstraction, - private organizationUserService: OrganizationUserService + private organizationUserService: OrganizationUserService, + private messagingService: MessagingService ) { super(router, platformUtilsService, i18nService, route, stateService); } async authedHandler(qParams: Params): Promise