From 615248e04f012973c9f34b96953bb66faa8bc533 Mon Sep 17 00:00:00 2001
From: Shane Melton <smelton@bitwarden.com>
Date: Thu, 7 Sep 2023 08:06:22 -0700
Subject: [PATCH] [AC-1012] Hide link to 2FA policy for Teams orgs (#6154)

- Also cleanup eslint warnings
---
 .../settings/two-factor-setup.component.ts    | 24 ++++++++++++-------
 .../settings/two-factor-setup.component.html  | 23 ++++++++++++------
 .../settings/two-factor-setup.component.ts    | 11 +++++++--
 apps/web/src/locales/en/messages.json         | 11 +++++----
 4 files changed, 48 insertions(+), 21 deletions(-)

diff --git a/apps/web/src/app/admin-console/organizations/settings/two-factor-setup.component.ts b/apps/web/src/app/admin-console/organizations/settings/two-factor-setup.component.ts
index f94ad05100..1a456e3f54 100644
--- a/apps/web/src/app/admin-console/organizations/settings/two-factor-setup.component.ts
+++ b/apps/web/src/app/admin-console/organizations/settings/two-factor-setup.component.ts
@@ -1,8 +1,11 @@
 import { Component } from "@angular/core";
 import { ActivatedRoute } from "@angular/router";
+import { concatMap, takeUntil } from "rxjs";
+import { tap } from "rxjs/operators";
 
 import { ModalService } from "@bitwarden/angular/services/modal.service";
 import { ApiService } from "@bitwarden/common/abstractions/api.service";
+import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
 import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
 import { TwoFactorProviderType } from "@bitwarden/common/auth/enums/two-factor-provider-type";
 import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service";
@@ -24,17 +27,23 @@ export class TwoFactorSetupComponent extends BaseTwoFactorSetupComponent {
     messagingService: MessagingService,
     policyService: PolicyService,
     private route: ActivatedRoute,
-    stateService: StateService
+    stateService: StateService,
+    private organizationService: OrganizationService
   ) {
     super(apiService, modalService, messagingService, policyService, stateService);
   }
 
   async ngOnInit() {
-    // eslint-disable-next-line rxjs-angular/prefer-takeuntil, rxjs/no-async-subscribe
-    this.route.parent.parent.params.subscribe(async (params) => {
-      this.organizationId = params.organizationId;
-      await super.ngOnInit();
-    });
+    this.route.params
+      .pipe(
+        tap((params) => {
+          this.organizationId = params.organizationId;
+          this.organization = this.organizationService.get(this.organizationId);
+        }),
+        concatMap(async () => await super.ngOnInit()),
+        takeUntil(this.destroy$)
+      )
+      .subscribe();
   }
 
   async manage(type: TwoFactorProviderType) {
@@ -43,8 +52,7 @@ export class TwoFactorSetupComponent extends BaseTwoFactorSetupComponent {
         const duoComp = await this.openModal(this.duoModalRef, TwoFactorDuoComponent);
         duoComp.type = TwoFactorProviderType.OrganizationDuo;
         duoComp.organizationId = this.organizationId;
-        // eslint-disable-next-line rxjs-angular/prefer-takeuntil
-        duoComp.onUpdated.subscribe((enabled: boolean) => {
+        duoComp.onUpdated.pipe(takeUntil(this.destroy$)).subscribe((enabled: boolean) => {
           this.updateStatus(enabled, TwoFactorProviderType.OrganizationDuo);
         });
         break;
diff --git a/apps/web/src/app/auth/settings/two-factor-setup.component.html b/apps/web/src/app/auth/settings/two-factor-setup.component.html
index 7e60a4ecaa..b7d002c082 100644
--- a/apps/web/src/app/auth/settings/two-factor-setup.component.html
+++ b/apps/web/src/app/auth/settings/two-factor-setup.component.html
@@ -1,16 +1,25 @@
 <div [ngClass]="tabbedHeader ? 'tabbed-header' : 'page-header'">
-  <h1 *ngIf="!organizationId">{{ "twoStepLogin" | i18n }}</h1>
-  <h1 *ngIf="organizationId">{{ "twoStepLoginEnforcement" | i18n }}</h1>
+  <h1 *ngIf="!organizationId || !isEnterpriseOrg">{{ "twoStepLogin" | i18n }}</h1>
+  <h1 *ngIf="organizationId && isEnterpriseOrg">{{ "twoStepLoginEnforcement" | i18n }}</h1>
 </div>
 <p *ngIf="!organizationId">{{ "twoStepLoginDesc" | i18n }}</p>
 <ng-container *ngIf="organizationId">
   <p>
-    {{ "twoStepLoginOrganizationDescStart" | i18n }}
-    <a routerLink="../policies">{{ "twoStepLoginPolicy" | i18n }}.</a>
-    <br />
-    {{ "twoStepLoginOrganizationDuoDesc" | i18n }}
+    <ng-container *ngIf="isEnterpriseOrg; else teamsDescription">
+      {{ "twoStepLoginEnterpriseDescStart" | i18n }}
+      <a routerLink="../policies">{{ "twoStepLoginPolicy" | i18n }}.</a>
+      <br />
+      {{ "twoStepLoginOrganizationDuoDesc" | i18n }}
+      <br />
+      <br />
+      <p>{{ "twoStepLoginOrganizationSsoDesc" | i18n }}</p>
+    </ng-container>
+    <ng-template #teamsDescription>
+      {{ "twoStepLoginTeamsDesc" | i18n }}
+      <br />
+      {{ "twoStepLoginOrganizationDuoDesc" | i18n }}
+    </ng-template>
   </p>
-  <p>{{ "twoStepLoginOrganizationSsoDesc" | i18n }}</p>
 </ng-container>
 <bit-callout type="warning" *ngIf="!organizationId">
   <p>{{ "twoStepLoginRecoveryWarning" | i18n }}</p>
diff --git a/apps/web/src/app/auth/settings/two-factor-setup.component.ts b/apps/web/src/app/auth/settings/two-factor-setup.component.ts
index 856801a176..44955347b5 100644
--- a/apps/web/src/app/auth/settings/two-factor-setup.component.ts
+++ b/apps/web/src/app/auth/settings/two-factor-setup.component.ts
@@ -6,8 +6,10 @@ import { ModalService } from "@bitwarden/angular/services/modal.service";
 import { ApiService } from "@bitwarden/common/abstractions/api.service";
 import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
 import { PolicyType } from "@bitwarden/common/admin-console/enums";
+import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
 import { TwoFactorProviderType } from "@bitwarden/common/auth/enums/two-factor-provider-type";
 import { TwoFactorProviders } from "@bitwarden/common/auth/services/two-factor.service";
+import { ProductType } from "@bitwarden/common/enums";
 import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service";
 import { StateService } from "@bitwarden/common/platform/abstractions/state.service";
 
@@ -36,6 +38,7 @@ export class TwoFactorSetupComponent implements OnInit, OnDestroy {
   webAuthnModalRef: ViewContainerRef;
 
   organizationId: string;
+  organization: Organization;
   providers: any[] = [];
   canAccessPremium: boolean;
   showPolicyWarning = false;
@@ -45,7 +48,7 @@ export class TwoFactorSetupComponent implements OnInit, OnDestroy {
 
   tabbedHeader = true;
 
-  private destroy$ = new Subject<void>();
+  protected destroy$ = new Subject<void>();
   private twoFactorAuthPolicyAppliesToActiveUser: boolean;
 
   constructor(
@@ -202,11 +205,15 @@ export class TwoFactorSetupComponent implements OnInit, OnDestroy {
     this.evaluatePolicies();
   }
 
-  private async evaluatePolicies() {
+  private evaluatePolicies() {
     if (this.organizationId == null && this.providers.filter((p) => p.enabled).length === 1) {
       this.showPolicyWarning = this.twoFactorAuthPolicyAppliesToActiveUser;
     } else {
       this.showPolicyWarning = false;
     }
   }
+
+  get isEnterpriseOrg() {
+    return this.organization?.planProductType === ProductType.Enterprise;
+  }
 }
diff --git a/apps/web/src/locales/en/messages.json b/apps/web/src/locales/en/messages.json
index 2e747f3cef..dee5121acd 100644
--- a/apps/web/src/locales/en/messages.json
+++ b/apps/web/src/locales/en/messages.json
@@ -1301,7 +1301,7 @@
   },
   "selectImportFolder": {
     "message": "Select a folder"
-  },  
+  },
   "selectImportCollection": {
     "message": "Select a collection"
   },
@@ -1317,7 +1317,7 @@
   },
   "importUnassignedItemsError": {
     "message": "File contains unassigned items."
-  },  
+  },
   "selectFormat": {
     "message": "Select the format of the import file"
   },
@@ -1425,7 +1425,10 @@
   "twoStepLoginDesc": {
     "message": "Secure your account by requiring an additional step when logging in."
   },
-  "twoStepLoginOrganizationDescStart": {
+  "twoStepLoginTeamsDesc": {
+    "message": "Enable two-step login for your organization."
+  },
+  "twoStepLoginEnterpriseDescStart": {
     "message": "Enforce Bitwarden Two-step Login options for members by using the ",
     "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Enforce Bitwarden Two-step Login options for members by using the Two-step Login Policy.'"
   },
@@ -7045,7 +7048,7 @@
   },
   "userEmailMissing": {
     "message": "User email missing"
-  }, 
+  },
   "deviceTrusted": {
     "message": "Device trusted"
   },