sync: upstream #7

shiyunjin · 2023-11-29T16:00:19Z

No description provided.

* Fix protonpass importer when totp field is not a URL * Simplify ProtonPass importer totp handling * Use getValueOrDefault for totp import in ProtonPass importer * Use getValueOrDefault for other ProtonPass importer fields --------- Co-authored-by: ttalty <[email protected]>

* adding the premium badge for the send item file option * Removing the unnecessary margin after seeing design spec

…ility (#5529) * Tweak account switcher button - if it opens a dialog, it should advertise this with `aria-haspopup="dialog"`, not `aria-haspopup="menu"` - if it opens a dialog, the `aria-expanded` is pointless (as the user will never get back out into the underlying page to check if it's expanded or collapsed, since it's for a dialog not a disclosure widget or menu) * Make two variants for button to sort out `aria-label` on logged-in case * Remove `aria-controls` for button as it's a dialog that opens, not a disclosure, this is irrelevant * Fix `overlayPostition` typo * Simplify approach just use existing single button, but add visually hidden extra "Switch account" to accName * Tweak account switch buttons in dialog/dropdown * Take out the confusing "Logged in as..." a11y text * Use visible button text (with a few extra `sr-only` parts, for readability) as the button's accName * Add the "Switch account" context to each of the buttons to make clear what they do

…#6422) * [PM-3722] fix: wrong translation bug * [PM-3722] feat: use user verification component during creation * [PM-3722] feat: use user verification component during deletion * [PM-3722] feat: improve error handling

* [PM-4187] update bwi-font to v1.0.8 * [PM-4187] fix: alphabetic sorting

* [AC-1117] Add manage permission (#5910) * Add 'manage' option to collection access permissions * Add 'manage' to collection permissions * remove service accidentally committed from another branch * Update CLI commands * update message casing to be consistent * access selector model updates * [AC-1374] Limit collection create/delete (#5963) * feat: udate request/response/data/domain models for new column, refs AC-1374 * feat: create collection management ui, refs AC-1374 * fix: remove limitCollectionCdOwnerAdmin boolean from org update request, refs AC-1374 * fix: moved collection management UI, removed comments, refs AC-1374 * fix: observable chaining now properly calls API when local org updated, refs AC-1374 * fix: remove unused form template variables, refs AC-1374 * fix: clean up observable chain, refs AC-1374 * fix: remove parent.parent route, refs AC-1374 * fix: add cd explaination, refs AC-1374 * [AC-1649] Remove organizationId from collection-bulk-delete.request (#6343) * refactor: remove organizationId from collection-bulk-delete-request, refs AC-1649 * refactor: remove request model from dialog component, refs AC-1649 * [AC-1174] Bulk collection management (#6133) * [AC-1174] Add bulk edit collection access event type * [AC-1174] Add bulk edit collection access menu option * [AC-1174] Add initial bulk collections access dialog * [AC-1174] Add logic to open bulk edit collections dialog * [AC-1174] Move AccessItemView helper methods to access selector model to be shared * [AC-1174] Add access selector to bulk collections dialog * [AC-1174] Add bulk assign access method to collection-admin service * [AC-1174] Introduce strongly typed BulkCollectionAccessRequest model * [AC-1174] Update vault item event type name * Update DialogService dependency --------- Co-authored-by: Thomas Rittson <[email protected]> * Rename LimitCollectionCdOwnerAdmin -> LimitCollectionCreationDeletion (#6409) * Add manage property to synced Collection data * Revert "Add manage property to synced Collection data" Pushed to feature branch instead of a new one This reverts commit 65cd395. * Add manage property to synced Collection data * Revert "Add manage property to synced Collection data" This reverts commit f7fa30b. * [AC-1680] Add manage property to collection view and response models (#6417) * Add manage property to synced Collection data * Update tests * feat: add LimitCollectionCreationDeletion conditional to canCreateNewCollections logic, refs AC-1659 (#6429) * [AC-1669] Enforce Can Manage permission on Collection dialog (#6493) * [AC-1669] Cleanup unhandled promise warnings * [AC-1669] Force change detection to ensure AccessSelector has the most recent items * [AC-1669] Initially select acting member when creating a new collection * [AC-1669] Add validator to ensure manage permission is selected * [AC-1669] Update error toast logic to support access tab errors * [AC-1669] Add error icon * [AC-1713] [Flexible collections] Add feature flags to clients (#6486) * Add FlexibleCollections and BulkCollectionAccess flags * Flag Collection Management settings * Flag bulk collection access dialog * Flag collection access modal changes * [AC-1662] Add LimitCollecitonCreationDeletion conditional to CanDelete logic (#6526) * feat: implement limitCollectionCreationDeletion into canDelete logic, refs AC-1662 * feat: make canDelete functions backwards compatible with feature flag, refs AC-1662 * feat: update vault-items.component for async getter, refs AC-1662 * feat: update configService injection, refs AC-1662 * feat: add config service to canDelete reference, refs AC-1662 * fix: remove configservice dependency from views, refs AC-1757 (#6686) * Add missing provider to vault-items.stories (#6690) * Fix imports after update from master --------- Co-authored-by: Robyn MacCallum <[email protected]> Co-authored-by: Vincent Salucci <[email protected]> Co-authored-by: Vincent Salucci <[email protected]> Co-authored-by: Shane Melton <[email protected]>

* Update toast message for SM addition * Refresh identity token after SM sub * Thomas' feedback

… a user JIT provisions into a MP encryption org - simply add a menu redraw call after succesfully setting the MP and relevant keys. (#6717)

* [PM-3683] Remove ipcRenderer from electron-platform-utils * FIx review comments * Formatting * Use isNullOrWhitespace

Co-authored-by: bitwarden-devops-bot <[email protected]>

* Create libs/tools-folder and README.md * Assign libs/tools to be owned by team-tools-dev * Add exception for the capital README in libs/tools --------- Co-authored-by: Daniel James Smith <[email protected]>

* Get the url field name ignoring the case format * Adding test cases for the SecureSafe importer * Updating test cases and the way the url field is selected * updating the variable name from url to urlField

…6774) * return early from cipher decryption if no key * add comment

* Check size of orgKeys map for nullness * Add null check on orgKeys

Co-authored-by: bitwarden-devops-bot <[email protected]>

…et a Password (#6281) * PM-3275 - Policy.service - Refactor existing mapPoliciesFromToken internal logic to provide public mapPolicyFromResponse method * PM-3275 - Add new PolicyApiService.getMasterPasswordPolicyOptsForOrgUser method for use in the set password comp * PM-3275 - Update set-password.comp to use new policyApiService.getMasterPasswordPoliciesForInvitedUsers method * PM-3275 - (1) Remove post TDE AuthN set password routing logic from SSO/2FA comps as we cannot set an initial user password until after decryption in order to avoid losing the ability to decrypt existing vault items (a new user key would be created if one didn't exist in memory) (2) Add set password routing logic post TDE decryption in LoginWithDevice/Lock components (3) Add new ForceResetPasswordReason to capture this case so that we can guard against users manually navigating away from the set password screen * PM-3275 - SyncSvc - Add logic for setting forcePasswordReset reason if TDE user w/out MP went from not having MP reset permission to having it. * PM-3275 - Rename ForceResetPasswordReason enum to ForceSetPasswordReason + update all references. * PM-3275 - Removing client deprecated calls to getPoliciesByInvitedUser and helper call getMasterPasswordPoliciesForInvitedUsers * PM-3275 - PolicyAPI service - remove no longer necessary getPoliciesByInvitedUser method * PM-3275 - LockComp - TODO cleanup * PM-3275 - SSO & 2FA comp - cleanup of incorrect routing path * PM-3275 - (1) State service refactor - change getForcePasswordResetReason / setForcePasswordResetReason to be getForceSetPasswordReason / setForceSetPasswordReason (2) Sync Service - encapsulate setForceSetPasswordReasonIfNeeded logic into own method * PM-3275 - SetPassword Comp - Rename "identifier" to be "orgSsoIdentifier" for clarity * PM-3275 - SetPasswordComp - Moving routing from SSO / 2FA comps to Lock / LoginWithDevice comps results in a loss of the the OrgSsoId. However, as part of the TDE work, we added the OrgSsoId to state so use that as a fallback so we can accurately evaluate if the user needs to be auto enrolled in admin account recovery. * PM-3275 - SetPasswordComp - add a bit more context to why/when we are reading the user org sso id out of state * PM-3275 - SetPassword Comp - (1) Add forceSetPasswordReason and ForceSetPasswordReason enum as public props on the class so we can change copy text based on which is set + set forceSetPasswordReason on ngOnInit (2) Refactor ngOnInit to use a single RxJs observable chain for primary logic as the auto enroll check was occurring before the async getUserSsoOrganizationIdentifier could finish. * PM-3275 - Desktop - App comp - missed replacing getForcePasswordResetReason with getForceSetPasswordReason * PM-3275 - TDE Decryption Option Comps - must set ForceSetPasswordReason so that we can properly enforce keeping the user on the component + display the correct copy explaining the scenario to the user. * PM-3275 - All Clients - SetPasswordComp html - Update page description per product + remove no longer used ssoCompleteRegistration translation. * PM-3275 - SetPasswordComp - hopefully the final puzzle piece - must clear ForceSetPasswordReason in order to let user navigate back to vault. * PM-3275 - SyncService - Remove check for previous value of account decryption options hasManageResetPasswordPermission as when a user logged in on a trusted device after having their permissions updated, the initial setting would be true and it would cause the flag to NOT be set when it should have. * PM-3275 - TDE User Context - (1) Remove explicit navigation to set password screen from post decryption success scenarios on lock & login w/ device comps (2) Move TdeUserWithoutPasswordHasPasswordResetPermission flag setting to SSO / 2FA components to support both trusted and untrusted device scenarios (both of which are now caught by the auth guard). * PM-3275 - (1) SetPassword comp - adjust set password logic for TDE users to avoid creating a new user asymmetric key pair and setting a new private key in memory. (2) Adjust SetPasswordRequest to allow null keys * PM-3275 - Remove unused route from login with device comp * PM-3275 - Sso & 2FA comp tests - Update tests to reflect new routing logic when TDE user needs to set a password * PM-3275 - Lock comp - per PR feedback, remove unused setPasswordRoute property. * PM-3275 - SetPasswordComp - Per PR feedback, use explicit null check * PM-3275 - Per PR Feedback, rename missed forcePasswordResetReason to be forceSetPasswordReason on account model * PM-3275 - Auth guard - rename forcePasswordResetReason to forceSetPasswordReason * PM-3275 - SSO / 2FA comps - Per PR feedback, refactor Admin Force Password reset handling to be in one place above the TDE user flows and standard user flows as it applies to both. * PM-3275 - Per PR feedback, clarify 2FA routing comment * PM-3275 - Per PR feedback, update set-password comp ngOnInit switchMaps to just return promises as switchMap converts promises to observables internally. * PM-3275 - Per PR feedback, refactor set password ngOnInit observable chain to avoid using async subscribe and instead simply sequence the calls via switchMap and tap for side effects. * PM-3275 - Per PR feedback, move tap after filter so we can remove if check * PM-3275 - Per PR feedback, update policy service mapping methods to use shorthand null checking. * PM-3275 - SetPassword comp - (1) Move force set password reason logic into onSetPasswordSuccess(...) (2) On onSetPasswordSuccess, must set hasMasterPassword to true for user verification scenarios. * PM-3275 - Per PR feedback, remove new hasManageResetPasswordPermission flag from profile response and instead simply read the information off the existing profile.organizations data as the information I needed was already present. * PM-4633 - PolicyService - mapPolicyFromResponse(...) - remove incorrect null check for data. Policies with internal null data property should still be evaluated and turned into Policy objects or the policy array ends up having null values in it and it causes errors down the line on login after acct creation.

…nerated on desktop (an undefined public key was being converted into "" which then was being considered a valid, in memory public key for the handling in the getPublicKey method on the crypto service). Persisting undefined helps the crypto service properly identify that there is not a public key and it will instead derive it properly from the private key. (#6715)

* [PM-4531] feat: bypass fido2 if origin present in neverDomains * [PM-4531] feat: bypass fido2 during asserts as well * [PM-4531] fix: crashes when using `localhost` * [PM-4531] fix: add missing check * [PM-4531] fix: broken TLD logic * [PM-4531] feat: only allow localhost

…are found (#6787) * [PM-4688] feat: auto-fallback when credential not found * [PM-4688] fix: don't show popup unless needed

* Added support for the teams starter plan * Plans now respect display sort order. Updated teams starter to be in its own product * Remove upgrade button and show new copy instead -- wip copy * Added upgrade dialog for teams starter plan when adding an 11th user * Updated the add user validator to check if plan is teams starter. Updated to not count duplicated emails in the overall count * Renamed validator to be more descriptive and added additional unit tests * Added validator for org types that require customer support to upgrade * Updated small localization for teams plan to account for new starter plan * Removed invalid tests * Resolved issues around free trial flow for teams starter * Added new layout for teams starter free trial flow * Updated copy following demo. Resolved display issues discovered during demo * Removed temporary copy for testing * Updated the second step of free trial flow to use org display name * Updated invite user modal to display 10 instead of 20 as the invite limit for Teams Starter --------- Co-authored-by: cyprain-okeke <[email protected]>

…6805) This reverts commit a931f5b.

Co-authored-by: bitwarden-devops-bot <[email protected]>

Co-authored-by: Daniel James Smith <[email protected]>

Co-authored-by: bitwarden-devops-bot <[email protected]>

… Collections custom permissions (#6906) * [AC-1139] Add new layout for MemberDialogComponent when FC feature flag is enabled * [AC-1139] Deprecated Organization canEditAssignedCollections, canDeleteAssignedCollections, canViewAssignedCollections * [AC-1139] Checking if FC feature flag is enabled when using canDeleteAssignedCollections or canViewAssignedCollections * [AC-1139] Added missing parameter to customRedirect * [AC-1139] Fixed canEdit permission * [AC-1139] Fixed CanDelete logic * [AC-1139] Changed canAccessVaultTab function to receive configService * Override deprecated values on sync * [AC-1139] Reverted change that introduced ConfigService as a parameter to canAccessVaultTab * [AC-1139] Fixed circular dependency * [AC-1139] Moved overriding of deprecated values to syncService * Revert "[AC-1139] Fixed circular dependency" This reverts commit 6484420. * Revert "Override deprecated values on sync" This reverts commit f0c25a6. * [AC-1139] Added back the deprecation of methods canEditAssignedCollections, canDeleteAssignedCollections, canViewAssignedCollections * [AC-1139] Reverted change on syncService * [AC-1139] Override deprecated values on sync * [AC-1139] Fix canDelete logic in collection-dialog.component.ts and bulk-delete-dialog.component.ts * [AC-1139] Moved override logic from syncService to organizationService * [AC-1139] Add ability to have titlecase titles on nested-checkbox.component checkboxes; use on member-dialog.component * Revert "[AC-1139] Add ability to have titlecase titles on nested-checkbox.component checkboxes; use on member-dialog.component" This reverts commit 9ede0fc. * [AC-1139] Fix bulk delete functionality * [AC-1139] Refactor canEdit and canDelete to use ternary operator * [AC-1139] Fix canDelete condition in VaultComponent --------- Co-authored-by: Thomas Rittson <[email protected]> Co-authored-by: Thomas Rittson <[email protected]>

…7019) * [PM-5048] Query params are not persisting in extension popout window * [PM-5048] Reverting how we identify whether the user is popping out the current tab; * [PM-5048] Adding jest test to validate skipping parsing of the extension path * [PM-5048] Adding jest test to validate skipping parsing of the extension path * [PM-5048] Reworking implementation to ensure that popout window query params remain persistent * [PM-5048] Reworking implementation to ensure that appended query params do not remain persistent, but popout window query params do remain persistent. Fixing issues within vault item popouts and adding jest tests to verify those fixes * [PM-5048] Modifying how query params are set within vault popout windows * [PM-5048] Running prettier

…6591) Class based router guards are deprecated as of Angular 15.2, per angular.io/guide/deprecations#router-class-and-injection-token-guards. To simplify future angular upgrades we need to resolve these deprecations. This PR migrates the HasPremium and DebounceNavigationService guards to use the new functional pattern.

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Hinton <[email protected]>

…7042) * Prevent billing email/business name updates for reseller * Enable business name based on CS feedback * Fixed prettier issue