Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use account service for getting account profile data. #9133

Merged
merged 7 commits into from
May 16, 2024
Merged

Use account service for getting account profile data. #9133

merged 7 commits into from
May 16, 2024

Conversation

MGibson1
Copy link
Member

Type of change

- [x] Bug fix
- [ ] New feature development
- [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
- [ ] Build/deploy pipeline (DevOps)
- [ ] Other

Objective

Resolves TDE issues with firefox private mode by using account service to sync current account email.

There are many changes, but all of them are just replacing await stateService.getEmail with a firstValueFrom for account service's active account

I noticed some outstanding icon issues when locking TDE accounts that have pin's but this should fix the major functionality issues.

Before you submit

  • Please add unit tests where it makes sense to do so (encouraged but not required)
  • If this change requires a documentation update - notify the documentation team
  • If this change has particular deployment requirements - notify the DevOps team
  • Ensure that all UI additions follow WCAG AA requirements

@MGibson1 MGibson1 requested review from a team as code owners May 10, 2024 16:50
@github-actions github-actions bot added the needs-qa Marks a PR as requiring QA approval label May 10, 2024
@codecov Codecov
Copy link

codecov bot commented May 10, 2024
edited

Codecov Report

Attention: Patch coverage is 15.07937% with 107 lines in your changes are missing coverage. Please review.

Project coverage is 28.10%. Comparing base (4afe5de) to head (b284cd8).

Files Patch % Lines
...r/src/auth/components/change-password.component.ts 0.00% 7 Missing ⚠️
...ponents/base-login-decryption-options.component.ts 0.00% 6 Missing ⚠️
...ces/user-verification/user-verification.service.ts 0.00% 6 Missing ⚠️
apps/cli/src/program.ts 0.00% 5 Missing ⚠️
...desktop/src/auth/login/login-approval.component.ts 0.00% 5 Missing ⚠️
...web/src/app/billing/shared/add-credit.component.ts 28.57% 4 Missing and 1 partial ⚠️
...app/tools/reports/pages/breach-report.component.ts 0.00% 5 Missing ⚠️
...r/src/auth/components/remove-password.component.ts 0.00% 5 Missing ⚠️
.../tools/generator/components/generator.component.ts 0.00% 5 Missing ⚠️
...angular/src/vault/components/add-edit.component.ts 0.00% 5 Missing ⚠️
... and 22 more
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #9133      +/-   ##
==========================================
- Coverage   28.10%   28.10%   -0.01%     
==========================================
  Files        2435     2435              
  Lines       70463    70499      +36     
  Branches    13130    13133       +3     
==========================================
+ Hits        19801    19811      +10     
- Misses      49128    49149      +21     
- Partials     1534     1539       +5

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

cyprain-okeke
cyprain-okeke previously approved these changes May 10, 2024
View reviewed changes
Copy link
Contributor

@cyprain-okeke cyprain-okeke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes looks good for billing files

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented May 10, 2024
edited

Logo
Checkmarx One – Scan Summary & Detailse973007c-2cc9-4196-b861-8f49f3891a96

New Issues

Severity Issue Source File / Package Checkmarx Insight
LOW Client_JQuery_Deprecated_Symbols /apps/cli/src/auth/commands/login.command.ts: 575 Attack Vector
LOW Client_JQuery_Deprecated_Symbols /libs/angular/src/auth/components/update-temp-password.component.ts: 132 Attack Vector
LOW Client_JQuery_Deprecated_Symbols /libs/angular/src/auth/components/change-password.component.ts: 91 Attack Vector
LOW Client_JQuery_Deprecated_Symbols /apps/cli/src/program.ts: 615 Attack Vector

Fixed Issues

Severity Issue Source File / Package
HIGH Client_DOM_Code_Injection /apps/web/src/connectors/common.ts: 2
HIGH Client_DOM_Code_Injection /apps/browser/src/autofill/services/collect-autofill-content.service.ts: 1054
HIGH Client_DOM_Stored_XSS /apps/web/src/connectors/sso.ts: 33
HIGH Client_DOM_XSS /apps/browser/src/auth/scripts/duo.js: 285
HIGH Client_DOM_XSS /apps/browser/src/auth/scripts/duo.js: 285
HIGH Client_DOM_XSS /apps/desktop/src/auth/scripts/duo.js: 285
HIGH Client_DOM_XSS /apps/desktop/src/auth/scripts/duo.js: 285
HIGH Client_DOM_XSS /apps/web/src/connectors/common.ts: 2
HIGH Client_DOM_XSS /apps/web/src/connectors/common.ts: 2
HIGH Client_DOM_XSS /apps/web/src/connectors/common.ts: 2
HIGH Client_DOM_XSS /apps/web/src/connectors/common.ts: 2
HIGH Client_DOM_XSS /apps/web/src/connectors/sso.ts: 21
HIGH Client_DOM_XSS /apps/web/src/connectors/sso.ts: 19
HIGH Client_DOM_XSS /apps/web/src/connectors/sso.ts: 15
MEDIUM Absolute_Path_Traversal /apps/cli/src/commands/serve.command.ts: 315
MEDIUM Absolute_Path_Traversal /apps/cli/src/commands/serve.command.ts: 347
MEDIUM Absolute_Path_Traversal /apps/cli/src/commands/serve.command.ts: 315
MEDIUM Absolute_Path_Traversal /apps/cli/src/commands/serve.command.ts: 347
MEDIUM Angular_Improper_Type_Pipe_Usage /apps/browser/src/vault/popup/components/fido2/fido2-use-browser-link.component.html: 1
MEDIUM Client_Privacy_Violation /apps/browser/src/background/runtime.background.ts: 308
MEDIUM Client_Privacy_Violation /apps/web/src/app/tools/reports/pages/breach-report.component.html: 14
MEDIUM Client_Privacy_Violation /apps/browser/src/auth/popup/account-switching/account.component.ts: 12
MEDIUM Client_Privacy_Violation /apps/browser/src/auth/popup/account-switching/account.component.ts: 12
MEDIUM Client_Privacy_Violation /apps/browser/src/auth/popup/account-switching/account.component.ts: 12
MEDIUM Client_Privacy_Violation /libs/components/src/color-password/color-password.component.ts: 25
MEDIUM Client_Privacy_Violation /libs/components/src/color-password/color-password.component.ts: 26
MEDIUM Client_Privacy_Violation /apps/desktop/src/auth/lock.component.html: 32
MEDIUM Client_Privacy_Violation /apps/web/src/app/auth/lock.component.html: 18
MEDIUM Client_Privacy_Violation /apps/web/src/app/billing/shared/add-credit.component.ts: 80
MEDIUM Client_Privacy_Violation /apps/web/src/app/billing/shared/add-credit.component.ts: 30
MEDIUM Client_Privacy_Violation /apps/web/src/app/billing/shared/add-credit.component.ts: 70
MEDIUM Client_Privacy_Violation /apps/web/src/app/billing/shared/add-credit.component.ts: 146
MEDIUM Client_Privacy_Violation /apps/web/src/app/billing/shared/add-credit.component.ts: 135
MEDIUM Client_Privacy_Violation /bitwarden_license/bit-web/src/app/auth/sso/sso.component.ts: 161
MEDIUM Client_Privacy_Violation /bitwarden_license/bit-web/src/app/auth/sso/sso.component.ts: 161
MEDIUM Client_Privacy_Violation /apps/desktop/src/vault/app/vault/view.component.html: 534
MEDIUM Client_Privacy_Violation /apps/web/src/app/billing/shared/add-credit.component.html: 46
MEDIUM Client_Privacy_Violation /apps/web/src/app/auth/recover-two-factor.component.html: 37
MEDIUM Client_Privacy_Violation /apps/desktop/src/auth/lock.component.html: 32
MEDIUM Client_Privacy_Violation /apps/web/src/connectors/webauthn-fallback.ts: 116
MEDIUM Client_Privacy_Violation /apps/web/src/app/auth/lock.component.html: 18
MEDIUM Client_Privacy_Violation /libs/components/src/color-password/color-password.component.ts: 14
MEDIUM Client_Privacy_Violation /apps/desktop/src/vault/app/vault/view.component.html: 60
MEDIUM Client_Privacy_Violation /apps/desktop/src/vault/app/vault/view.component.html: 56
MEDIUM Client_Privacy_Violation /apps/browser/src/tools/popup/generator/password-generator-history.component.html: 26
MEDIUM Client_Privacy_Violation /apps/browser/src/vault/popup/components/vault/password-history.component.html: 18
MEDIUM Client_Privacy_Violation /apps/desktop/src/app/tools/password-generator-history.component.html: 15
MEDIUM Client_Privacy_Violation /apps/desktop/src/vault/app/vault/password-history.component.html: 12
MEDIUM Client_Privacy_Violation /apps/desktop/src/vault/app/vault/view.component.html: 50
MEDIUM Client_Privacy_Violation /libs/components/src/color-password/color-password.component.ts: 14
MEDIUM Client_Privacy_Violation /apps/browser/src/tools/popup/generator/password-generator-history.component.html: 26
MEDIUM Client_Privacy_Violation /apps/browser/src/vault/popup/components/vault/password-history.component.html: 18
MEDIUM Client_Privacy_Violation /apps/desktop/src/app/tools/password-generator-history.component.html: 15
MEDIUM Client_Privacy_Violation /apps/desktop/src/vault/app/vault/password-history.component.html: 12
MEDIUM Missing_HSTS_Header /apps/cli/src/auth/commands/login.command.ts: 705
MEDIUM SSRF /libs/importer/src/importers/lastpass/access/services/rest-client.ts: 69
MEDIUM SSRF /libs/importer/src/importers/lastpass/access/services/rest-client.ts: 69
LOW Angular_Usage_of_Unsafe_DOM_Sanitizer /libs/components/src/avatar/avatar.component.ts: 80
LOW Angular_Usage_of_Unsafe_DOM_Sanitizer /apps/desktop/src/app/components/avatar.component.ts: 75
LOW Angular_Usage_of_Unsafe_DOM_Sanitizer /libs/components/src/icon/icon.component.ts: 18
LOW Angular_Usage_of_Unsafe_DOM_Sanitizer /libs/components/src/icon/icon.component.ts: 18
LOW Client_DOM_Open_Redirect /apps/browser/src/platform/popup/layout/popup-header.component.ts: 29
LOW Client_DOM_Open_Redirect /apps/desktop/src/auth/accessibility-cookie.component.html: 18
LOW Client_DOM_Open_Redirect /apps/web/src/connectors/common.ts: 2
LOW Client_DOM_Open_Redirect /apps/web/src/connectors/common.ts: 2
LOW Client_DOM_Open_Redirect /apps/web/src/connectors/common.ts: 2
LOW Client_DOM_Open_Redirect /apps/web/src/connectors/sso.ts: 21
LOW Client_DOM_Open_Redirect /apps/web/src/connectors/common.ts: 2
LOW Client_DOM_Open_Redirect /apps/web/src/connectors/sso.ts: 19
LOW Client_DOM_Open_Redirect /apps/web/src/connectors/common.ts: 2
LOW Client_DOM_Open_Redirect /apps/web/src/connectors/sso.ts: 15
LOW Client_DOM_Open_Redirect /apps/browser/src/tools/popup/generator/password-generator-history.component.ts: 18
LOW Client_DOM_Open_Redirect /apps/browser/src/auth/popup/account-switching/current-account.component.ts: 31
LOW Client_DOM_Open_Redirect /apps/browser/src/auth/popup/login-via-auth-request.component.ts: 54
LOW Client_DOM_Open_Redirect /apps/browser/src/auth/popup/login-via-auth-request.component.ts: 54
LOW Client_DOM_Open_Redirect /apps/desktop/src/auth/login/login-via-auth-request.component.ts: 62
LOW Client_DOM_Open_Redirect /apps/desktop/src/auth/login/login-via-auth-request.component.ts: 62
LOW Client_DOM_Open_Redirect /apps/browser/src/auth/popup/login-via-auth-request.component.ts: 54
LOW Client_DOM_Open_Redirect /apps/browser/src/auth/popup/login-via-auth-request.component.ts: 54
LOW Client_DOM_Open_Redirect /apps/desktop/src/auth/login/login-via-auth-request.component.ts: 62
LOW Client_DOM_Open_Redirect /apps/desktop/src/auth/login/login-via-auth-request.component.ts: 62
LOW Client_DOM_Open_Redirect /apps/browser/src/auth/popup/account-switching/account.component.ts: 24
LOW Client_DOM_Open_Redirect /apps/browser/src/vault/popup/components/vault/password-history.component.ts: 21
LOW Client_DOM_Open_Redirect /apps/browser/src/billing/popup/settings/premium.component.ts: 27
LOW Client_DOM_Open_Redirect /apps/browser/src/vault/popup/components/vault/attachments.component.ts: 32
LOW Client_DOM_Open_Redirect /libs/common/src/auth/iframe-component.ts: 49
LOW Client_DOM_Open_Redirect /apps/browser/src/auth/scripts/duo.js: 277
LOW Client_DOM_Open_Redirect /apps/browser/src/auth/scripts/duo.js: 277
LOW Client_DOM_Open_Redirect /apps/desktop/src/auth/scripts/duo.js: 277
LOW Client_DOM_Open_Redirect /apps/desktop/src/auth/scripts/duo.js: 277
LOW Client_DOM_Open_Redirect /libs/common/src/auth/webauthn-iframe.ts: 25
LOW Client_DOM_Open_Redirect /apps/desktop/src/auth/scripts/duo.js: 277
LOW Client_DOM_Open_Redirect /apps/desktop/src/auth/scripts/duo.js: 277
LOW Client_DOM_Open_Redirect /apps/browser/src/auth/scripts/duo.js: 277
LOW Client_DOM_Open_Redirect /apps/browser/src/auth/scripts/duo.js: 277
LOW Client_DOM_Open_Redirect /apps/desktop/src/auth/scripts/duo.js: 277
LOW Client_DOM_Open_Redirect /apps/desktop/src/auth/scripts/duo.js: 277
LOW Client_DOM_Open_Redirect /apps/browser/src/auth/scripts/duo.js: 277
LOW Client_DOM_Open_Redirect /apps/browser/src/auth/scripts/duo.js: 277
LOW Client_DOM_Open_Redirect /libs/common/src/auth/webauthn-iframe.ts: 25
LOW Client_DOM_Open_Redirect /apps/desktop/src/auth/scripts/duo.js: 277
LOW Client_DOM_Open_Redirect /apps/desktop/src/auth/scripts/duo.js: 277
LOW Client_DOM_Open_Redirect /apps/browser/src/auth/scripts/duo.js: 277
LOW Client_DOM_Open_Redirect /apps/browser/src/auth/scripts/duo.js: 277
LOW Client_Hardcoded_Domain /apps/web/src/app/billing/shared/payment.component.ts: 56
LOW Client_Hardcoded_Domain /apps/web/src/app/billing/shared/payment.component.ts: 56
LOW Client_Hardcoded_Domain /apps/web/src/connectors/captcha.ts: 57
LOW Client_Use_Of_Iframe_Without_Sandbox /apps/browser/src/autofill/content/notification-bar.ts: 868
LOW Client_Use_Of_Iframe_Without_Sandbox /apps/browser/src/autofill/overlay/iframe-content/autofill-overlay-iframe.service.ts: 90
LOW Client_Use_Of_Iframe_Without_Sandbox /apps/web/src/connectors/duo.ts: 8
LOW Client_Use_Of_Iframe_Without_Sandbox /apps/web/src/connectors/duo.ts: 8
LOW Client_Weak_Cryptographic_Hash /libs/common/src/platform/services/web-crypto-function.service.ts: 142
LOW Client_Weak_Cryptographic_Hash /apps/desktop/src/proxy/ipc.ts: 24
LOW Missing_CSP_Header /apps/cli/src/auth/commands/login.command.ts: 705
LOW Unprotected_Cookie /apps/web/src/app/auth/two-factor.component.ts: 143
LOW Unprotected_Cookie /apps/web/src/connectors/duo-redirect.ts: 57
LOW Unprotected_Cookie /apps/web/src/connectors/duo-redirect.ts: 112
LOW Unprotected_Cookie /apps/web/src/connectors/sso.ts: 33
LOW Unprotected_Cookie /apps/web/src/app/auth/sso.component.ts: 137
LOW Unsafe_Use_Of_Target_blank /apps/web/src/app/auth/settings/two-factor-recovery.component.ts: 25
LOW Use_of_Broken_or_Risky_Cryptographic_Algorithm /apps/browser/src/auth/background/service-factories/pin-service.factory.ts: 64
LOW Use_of_Broken_or_Risky_Cryptographic_Algorithm /apps/browser/src/auth/background/service-factories/device-trust-service.factory.ts: 83
LOW Use_of_Broken_or_Risky_Cryptographic_Algorithm /apps/browser/src/auth/background/service-factories/device-trust-service.factory.ts: 82
LOW Use_of_Broken_or_Risky_Cryptographic_Algorithm /apps/browser/src/auth/background/service-factories/auth-request-service.factory.ts: 54
LOW Use_of_Broken_or_Risky_Cryptographic_Algorithm /apps/browser/src/auth/background/service-factories/login-strategy-service.factory.ts: 130
LOW Use_of_Broken_or_Risky_Cryptographic_Algorithm /apps/browser/src/platform/background/service-factories/key-generation-service.factory.ts: 23
LOW Use_of_Broken_or_Risky_Cryptographic_Algorithm /apps/browser/src/tools/background/service_factories/import-service.factory.ts: 63
LOW Use_of_Broken_or_Risky_Cryptographic_Algorithm /apps/browser/src/auth/background/service-factories/user-verification-service.factory.ts: 77
LOW Use_of_Broken_or_Risky_Cryptographic_Algorithm /apps/cli/src/vault/create.command.ts: 68
LOW Use_of_Broken_or_Risky_Cryptographic_Algorithm /apps/browser/src/auth/background/service-factories/auth-service.factory.ts: 51
LOW Use_of_Broken_or_Risky_Cryptographic_Algorithm /apps/browser/src/auth/background/service-factories/key-connector-service.factory.ts: 70
LOW Use_of_Broken_or_Risky_Cryptographic_Algorithm /apps/browser/src/background/service-factories/send-service.factory.ts: 50
LOW Use_of_Broken_or_Risky_Cryptographic_Algorithm

More results are available on AST platform

addisonbeck
addisonbeck previously approved these changes May 10, 2024
View reviewed changes
dani-garcia
dani-garcia previously approved these changes May 13, 2024
View reviewed changes
Copy link
Member

@dani-garcia dani-garcia left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

LRNcardozoWDF
LRNcardozoWDF previously approved these changes May 13, 2024
View reviewed changes
jlf0dev
jlf0dev previously approved these changes May 13, 2024
View reviewed changes
djsmith85
djsmith85 previously approved these changes May 13, 2024
View reviewed changes
Copy link
Contributor

@djsmith85 djsmith85 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

djsmith85
djsmith85 previously approved these changes May 14, 2024
View reviewed changes
LRNcardozoWDF
LRNcardozoWDF previously approved these changes May 14, 2024
View reviewed changes
dani-garcia
dani-garcia previously approved these changes May 14, 2024
View reviewed changes
@MGibson1 MGibson1 removed the needs-qa Marks a PR as requiring QA approval label May 15, 2024
@MGibson1 MGibson1 enabled auto-merge (squash) May 15, 2024 19:44
LRNcardozoWDF
LRNcardozoWDF previously approved these changes May 15, 2024
View reviewed changes
djsmith85
djsmith85 previously approved these changes May 15, 2024
View reviewed changes
@MGibson1 MGibson1 dismissed stale reviews from LRNcardozoWDF and djsmith85 via b284cd8 May 16, 2024 20:07
@MGibson1 MGibson1 merged commit ee690cd into main May 16, 2024
61 of 62 checks passed
@MGibson1 MGibson1 deleted the ps/pm-7807/use-account-service-for-account-profile-data branch May 16, 2024 22:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dani-garcia dani-garcia dani-garcia approved these changes

@djsmith85 djsmith85 djsmith85 approved these changes

@LRNcardozoWDF LRNcardozoWDF LRNcardozoWDF approved these changes

@addisonbeck addisonbeck addisonbeck approved these changes

@jlf0dev jlf0dev jlf0dev approved these changes

@cyprain-okeke cyprain-okeke cyprain-okeke approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@MGibson1 @dani-garcia @djsmith85 @LRNcardozoWDF @addisonbeck @jlf0dev @cyprain-okeke