bitwarden-estensione-browser/libs/angular/src/guards/lock.guard.ts

import { Injectable } from "@angular/core";
import { CanActivate, Router } from "@angular/router";

import { AuthService } from "@bitwarden/common/abstractions/auth.service";
import { AuthenticationStatus } from "@bitwarden/common/enums/authenticationStatus";

@Injectable()
export class LockGuard implements CanActivate {
  protected homepage = "vault";
  protected loginpage = "login";
  constructor(private authService: AuthService, private router: Router) {}

  async canActivate() {
    const authStatus = await this.authService.getAuthStatus();

    if (authStatus === AuthenticationStatus.Locked) {
      return true;
    }

    const redirectUrl =
      authStatus === AuthenticationStatus.LoggedOut ? this.loginpage : this.homepage;

    return this.router.createUrlTree([redirectUrl]);
  }
}
Add unauthGuard and lockGuard to prevent unintended navigation (#351) * Lift web repo unauthGuardService up to jslib * Add lockGuard (requires vault to be locked) * Fix linting 2021-04-21 23:52:48 +02:00			`import { Injectable } from "@angular/core";`
			`import { CanActivate, Router } from "@angular/router";`

Use NPM workspace (#2874) 2022-06-14 17:10:53 +02:00			`import { AuthService } from "@bitwarden/common/abstractions/auth.service";`
			`import { AuthenticationStatus } from "@bitwarden/common/enums/authenticationStatus";`
Add unauthGuard and lockGuard to prevent unintended navigation (#351) * Lift web repo unauthGuardService up to jslib * Add lockGuard (requires vault to be locked) * Fix linting 2021-04-21 23:52:48 +02:00
			`@Injectable()`
[feat] End User Vault Refresh (#790) * Move access logic to org model (#713) * [feature] Allow for top level groupings to be collapsed (#712) * [End User Vault Refresh] Refactor route permission checking (#727) * Update admin access logic * Centralize route permission handling * Add permission check for disabled orgs * [EndUserVaultRefresh] Add base routing guard (#732) * Add a base class for Angular routing guards * Update Guard naming convention * Bump node-forge to 1.2.1 (#722) * Remove Internet Explorer logic (#723) * Username generator (#734) * add support for username generation * remove unused Router * pr feedback * Bump electron and related dependencies (#736) * PS-91 make isMacAppStore return true/false (#735) * return false if undefined from isMacAppStore * PS-91 use strict equality instead of null coalescing Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com> Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com> * [bug] Fix Safari CSV importer for URL and Notes (#730) * Fix import path for safari importer (#740) * Force updates to be silent (#739) * support for username gen website setting (#738) * Fix jslibModule forms (#742) * Add DatePipe provider to JslibModule (#741) * Feature/move to jest (#744) * Switch to jest * Fix jslib-angular package name * Make angular test project * Split up tests by jslib project * Remove obsolete node test script * Use legacy deps with jest-preset-angular * Move web tests to common * Remove build from pipeline This was only being used because we were not using ts runners. We are now, so build is unnecessary * Remove the VerifyMasterPasswordComponent from jslib module (#747) * Add ellipsis pipe to jslib module (#746) * add ellipsis pipe to jslib module * Add ellipsis pipe to exports * Add ColorPasswordCountPipe to JslibModule (#751) * Generator cleanup (#753) * type is null by default * rename generator component * remove showWebsiteOption * shorthand if check * EC-134 Fix api token refresh (#749) * Fix apikey token refresh * Refactor: use class for TokenRequestTwoFactor * Remove keytar and biometric logic (#706) * [bug] CL - fix default button display and callout header class (#756) * [EC-142] Fix error during import of 1pux containing new email field format (#758) * Add support for complex email field type * Ensure complex email field type gets imported on identities * [euvr] Separate Billing Payment/History APIs (#750) * [euvr] Separate Billing Payment/History APIs * Updated to new accounts billing API * Removed getUserBilling as it will become obsolete once merged * [end user vault refresh] Base Changes For Vault Filters (#737) * [dependency] Update icons * Avoid duplicate fullSync api calls (#716) * Tweak component library slightly (#715) * Check runtime name vs mangled name (#724) * Add Chromatic (#719) * Update SECURITY.md (#725) * Update SECURITY.md Add link to our HackerOne program for submitting potential security issues. * Revise language on SECURITY.md * Remove error Response type check (#731) * Remove error Response type check Minimization is impacting type checking in a non-consistent way. The previous type check works locally, but not from build artifacts :shrug:. We only set `captchaRequired` on our errors when we want a resubmit with captcha included, so we're safe keying off that * linter * [JslibModule] Add JslibModule (#733) * Add ellipsis pipe (#728) * add ellipsis pipe * run prettier * Account for ellipsis length in returned string * Fix complete words case * Fix another complete words issue * fix for if there are not spaces in long value * extract length check to beginning of method * condense if statements * remove log * [refactor] Add optional folders param to folderService.getAllNested() This will be used later for use cases where the vault filters service needs to build a list of nested folders that have been filtered by organization * [feature] Add organization filters This is an MVP implementation of the changes needed for the vault refresh. This includes collapsable top level groupings, and organization based filters that dynamically adjust folders and collections. * [refactor] Break down vault filter into several components These changes rename and rewrite the GroupingsComponent into a VaultFiltersModule. The module follows typical angular patterns for structure and purpose, and contain components for each filter type. The mostly communicate via Input and Output, and depend on a VaultFilterService for sending and recieving data from other parts of the product. * [bug] Add missing events for folder add/edit * [refactor] Dont directly change activeFilter in VaultFilterComponent * [refactor] Move DisplayMode to a dedicated file Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> Co-authored-by: Oscar Hinton <oscar@oscarhinton.com> Co-authored-by: Matt Gibson <mgibson@bitwarden.com> Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com> Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com> * [CL-16 Component Library] Menu Dropdown (#761) * [bug] Add missing null check in vault filters (#769) * [bug] Add @Injectable to VaultFilterService (#781) * [fix] Ran prettier * [fix] Fix merge issue I used createUrlTree when merging guards because I knew that was the angular standard, didn't notice that redirect was a helper method from us * Remove BaseGuard (#791) Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> Co-authored-by: Thomas Rittson <trittson@bitwarden.com> Co-authored-by: Oscar Hinton <oscar@oscarhinton.com> Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com> Co-authored-by: Jake Fink <jfink@bitwarden.com> Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com> Co-authored-by: David Frankel <42774874+frankeld@users.noreply.github.com> Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com> Co-authored-by: Matt Gibson <mgibson@bitwarden.com> Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com> Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com> Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com> 2022-05-09 14:09:46 +02:00			`export class LockGuard implements CanActivate {`
Refactor canactivate guards (#401) * Refactor route guards to allow for subclassing * fix linting 2021-06-08 23:35:03 +02:00			`protected homepage = "vault";`
[bug] Use the correct login url in lock guard (#606) 2022-01-12 16:15:39 +01:00			`protected loginpage = "login";`
[PS-74] Fix user authentication state checks (#721) * Create authService.authStatus, refactor isLocked checks * Rename authStatus -> getAuthStatus 2022-04-29 13:33:38 +02:00			`constructor(private authService: AuthService, private router: Router) {}`
Add unauthGuard and lockGuard to prevent unintended navigation (#351) * Lift web repo unauthGuardService up to jslib * Add lockGuard (requires vault to be locked) * Fix linting 2021-04-21 23:52:48 +02:00
			`async canActivate() {`
[PS-74] Fix user authentication state checks (#721) * Create authService.authStatus, refactor isLocked checks * Rename authStatus -> getAuthStatus 2022-04-29 13:33:38 +02:00			`const authStatus = await this.authService.getAuthStatus();`

			`if (authStatus === AuthenticationStatus.Locked) {`
Misc Account Switching Fixes & Refactors (#600) * [refactor] Restructure EnvironmentUrls in state * Patch up (add missing fields) and more extensivly use the EnvironmentUrls class instead of passing around an any * Add environmentUrls to the AccountSettings model in addition to GlobalState for use in both scopes * Move EnvironmentUrls initialization to the model level and out of StateSerice * Adjust the StateMigrationService to account for these changes * [refactor] Improve order of operations for LockGuardService We currently jump through a bunch of hoops to verify users can access the Lock page, like checking authentication first. If a user is not authenticated, they are not locked, so we can improve performance for the happy path of this serivice by checking isLocked first and using isAuthenticated to deviate from the normal flow if needed. * [bug] Subscribe to State.accounts in EnvironmentService and set urls accordingly The EnvironmentService has no context for account changes currently and does not update actively used urls based on active account. This commit addresses this issue by subscribing to State.accounts and resetting the service's urls on account change. * [bug] Clear AccessToken from State on clean In order for logout flows to function as expected we need to deauthenticate users when cleaning up state before checking for the next active user Otherwise the service will continue to think the user being logged out is active * [refactor] Stop pushing accounts when modifying disk state There is no reason to push new accounts to subscribers when updating disk state. Subscribers recieve a copy of in memory state, so changes to disk will not be refelected and have to be fetched seperatly from the service. Pushing when saving disk state is just creating an unecassary performance burden. * [refactor] Default to in memory active user if availible, even when accessing disk state Sometimes we need to pull activeUserId from storage to access a bit of data, like on initial boot, but most of the time this isn't necassary. Since we pull this userId a lot, checking disk each time is a performance burden. Defaulting to the in memory user ID if avaible helps alleviate this. * [style] Ran prettier * [style] Change a let to a const 2022-01-07 15:30:54 +01:00			`return true;`
Add unauthGuard and lockGuard to prevent unintended navigation (#351) * Lift web repo unauthGuardService up to jslib * Add lockGuard (requires vault to be locked) * Fix linting 2021-04-21 23:52:48 +02:00			`}`

[PS-74] Fix user authentication state checks (#721) * Create authService.authStatus, refactor isLocked checks * Rename authStatus -> getAuthStatus 2022-04-29 13:33:38 +02:00			`const redirectUrl =`
Fix lockGuard redirect (#819) 2022-05-27 00:31:54 +02:00			`authStatus === AuthenticationStatus.LoggedOut ? this.loginpage : this.homepage;`
Apply Prettier (#581) 2021-12-16 13:36:21 +01:00
[feat] End User Vault Refresh (#790) * Move access logic to org model (#713) * [feature] Allow for top level groupings to be collapsed (#712) * [End User Vault Refresh] Refactor route permission checking (#727) * Update admin access logic * Centralize route permission handling * Add permission check for disabled orgs * [EndUserVaultRefresh] Add base routing guard (#732) * Add a base class for Angular routing guards * Update Guard naming convention * Bump node-forge to 1.2.1 (#722) * Remove Internet Explorer logic (#723) * Username generator (#734) * add support for username generation * remove unused Router * pr feedback * Bump electron and related dependencies (#736) * PS-91 make isMacAppStore return true/false (#735) * return false if undefined from isMacAppStore * PS-91 use strict equality instead of null coalescing Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com> Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com> * [bug] Fix Safari CSV importer for URL and Notes (#730) * Fix import path for safari importer (#740) * Force updates to be silent (#739) * support for username gen website setting (#738) * Fix jslibModule forms (#742) * Add DatePipe provider to JslibModule (#741) * Feature/move to jest (#744) * Switch to jest * Fix jslib-angular package name * Make angular test project * Split up tests by jslib project * Remove obsolete node test script * Use legacy deps with jest-preset-angular * Move web tests to common * Remove build from pipeline This was only being used because we were not using ts runners. We are now, so build is unnecessary * Remove the VerifyMasterPasswordComponent from jslib module (#747) * Add ellipsis pipe to jslib module (#746) * add ellipsis pipe to jslib module * Add ellipsis pipe to exports * Add ColorPasswordCountPipe to JslibModule (#751) * Generator cleanup (#753) * type is null by default * rename generator component * remove showWebsiteOption * shorthand if check * EC-134 Fix api token refresh (#749) * Fix apikey token refresh * Refactor: use class for TokenRequestTwoFactor * Remove keytar and biometric logic (#706) * [bug] CL - fix default button display and callout header class (#756) * [EC-142] Fix error during import of 1pux containing new email field format (#758) * Add support for complex email field type * Ensure complex email field type gets imported on identities * [euvr] Separate Billing Payment/History APIs (#750) * [euvr] Separate Billing Payment/History APIs * Updated to new accounts billing API * Removed getUserBilling as it will become obsolete once merged * [end user vault refresh] Base Changes For Vault Filters (#737) * [dependency] Update icons * Avoid duplicate fullSync api calls (#716) * Tweak component library slightly (#715) * Check runtime name vs mangled name (#724) * Add Chromatic (#719) * Update SECURITY.md (#725) * Update SECURITY.md Add link to our HackerOne program for submitting potential security issues. * Revise language on SECURITY.md * Remove error Response type check (#731) * Remove error Response type check Minimization is impacting type checking in a non-consistent way. The previous type check works locally, but not from build artifacts :shrug:. We only set `captchaRequired` on our errors when we want a resubmit with captcha included, so we're safe keying off that * linter * [JslibModule] Add JslibModule (#733) * Add ellipsis pipe (#728) * add ellipsis pipe * run prettier * Account for ellipsis length in returned string * Fix complete words case * Fix another complete words issue * fix for if there are not spaces in long value * extract length check to beginning of method * condense if statements * remove log * [refactor] Add optional folders param to folderService.getAllNested() This will be used later for use cases where the vault filters service needs to build a list of nested folders that have been filtered by organization * [feature] Add organization filters This is an MVP implementation of the changes needed for the vault refresh. This includes collapsable top level groupings, and organization based filters that dynamically adjust folders and collections. * [refactor] Break down vault filter into several components These changes rename and rewrite the GroupingsComponent into a VaultFiltersModule. The module follows typical angular patterns for structure and purpose, and contain components for each filter type. The mostly communicate via Input and Output, and depend on a VaultFilterService for sending and recieving data from other parts of the product. * [bug] Add missing events for folder add/edit * [refactor] Dont directly change activeFilter in VaultFilterComponent * [refactor] Move DisplayMode to a dedicated file Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> Co-authored-by: Oscar Hinton <oscar@oscarhinton.com> Co-authored-by: Matt Gibson <mgibson@bitwarden.com> Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com> Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com> * [CL-16 Component Library] Menu Dropdown (#761) * [bug] Add missing null check in vault filters (#769) * [bug] Add @Injectable to VaultFilterService (#781) * [fix] Ran prettier * [fix] Fix merge issue I used createUrlTree when merging guards because I knew that was the angular standard, didn't notice that redirect was a helper method from us * Remove BaseGuard (#791) Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> Co-authored-by: Thomas Rittson <trittson@bitwarden.com> Co-authored-by: Oscar Hinton <oscar@oscarhinton.com> Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com> Co-authored-by: Jake Fink <jfink@bitwarden.com> Co-authored-by: Chad Scharf <3904944+cscharf@users.noreply.github.com> Co-authored-by: David Frankel <42774874+frankeld@users.noreply.github.com> Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com> Co-authored-by: Matt Gibson <mgibson@bitwarden.com> Co-authored-by: Robyn MacCallum <robyntmaccallum@gmail.com> Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com> Co-authored-by: Vincent Salucci <vincesalucci21@gmail.com> 2022-05-09 14:09:46 +02:00			`return this.router.createUrlTree([redirectUrl]);`
Apply Prettier (#581) 2021-12-16 13:36:21 +01:00			`}`
Add unauthGuard and lockGuard to prevent unintended navigation (#351) * Lift web repo unauthGuardService up to jslib * Add lockGuard (requires vault to be locked) * Fix linting 2021-04-21 23:52:48 +02:00			`}`