From 787ad64b737a8c9f77cade966369d1d38e75987b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E2=9C=A8=20Audrey=20=E2=9C=A8?= <ajensen@bitwarden.com>
Date: Thu, 11 Apr 2024 13:32:50 -0400
Subject: [PATCH] apply password generator policy to all users (#8641)

---
 .../services/policy/policy.service.spec.ts     | 18 ++++++++++++++++++
 .../services/policy/policy.service.ts          |  3 +++
 2 files changed, 21 insertions(+)

diff --git a/libs/common/src/admin-console/services/policy/policy.service.spec.ts b/libs/common/src/admin-console/services/policy/policy.service.spec.ts
index a1633d29ff..b67ef4619f 100644
--- a/libs/common/src/admin-console/services/policy/policy.service.spec.ts
+++ b/libs/common/src/admin-console/services/policy/policy.service.spec.ts
@@ -50,6 +50,8 @@ describe("PolicyService", () => {
       organization("org4", true, true, OrganizationUserStatusType.Confirmed, false),
       // Another User
       organization("org5", true, true, OrganizationUserStatusType.Confirmed, false),
+      // Can manage policies
+      organization("org6", true, true, OrganizationUserStatusType.Confirmed, true),
     ]);
 
     policyService = new PolicyService(stateProvider, organizationService);
@@ -254,6 +256,22 @@ describe("PolicyService", () => {
       expect(result).toBeNull();
     });
 
+    it.each([
+      ["owners", "org2"],
+      ["administrators", "org6"],
+    ])("returns the password generator policy for %s", async (_, organization) => {
+      activeUserState.nextState(
+        arrayToRecord([
+          policyData("policy1", "org1", PolicyType.ActivateAutofill, false),
+          policyData("policy2", organization, PolicyType.PasswordGenerator, true),
+        ]),
+      );
+
+      const result = await firstValueFrom(policyService.get$(PolicyType.PasswordGenerator));
+
+      expect(result).toBeTruthy();
+    });
+
     it("does not return policies for organizations that do not use policies", async () => {
       activeUserState.nextState(
         arrayToRecord([
diff --git a/libs/common/src/admin-console/services/policy/policy.service.ts b/libs/common/src/admin-console/services/policy/policy.service.ts
index 0cbc7204de..a093dad61a 100644
--- a/libs/common/src/admin-console/services/policy/policy.service.ts
+++ b/libs/common/src/admin-console/services/policy/policy.service.ts
@@ -232,6 +232,9 @@ export class PolicyService implements InternalPolicyServiceAbstraction {
       case PolicyType.MaximumVaultTimeout:
         // Max Vault Timeout applies to everyone except owners
         return organization.isOwner;
+      case PolicyType.PasswordGenerator:
+        // password generation policy applies to everyone
+        return false;
       default:
         return organization.canManagePolicies;
     }