From c9ce7256e589328c0af7d36775ff1846a3e3362a Mon Sep 17 00:00:00 2001 From: Oscar Hinton Date: Tue, 12 Oct 2021 15:35:01 +0200 Subject: [PATCH] MaximumVaultTimeout policy fixes (#1573) --- .../SettingsPage/SettingsPageViewModel.cs | 38 +++++++++---------- src/Core/Services/PolicyService.cs | 12 +++++- 2 files changed, 30 insertions(+), 20 deletions(-) diff --git a/src/App/Pages/Settings/SettingsPage/SettingsPageViewModel.cs b/src/App/Pages/Settings/SettingsPage/SettingsPageViewModel.cs index 6621fb814..36d603d28 100644 --- a/src/App/Pages/Settings/SettingsPage/SettingsPageViewModel.cs +++ b/src/App/Pages/Settings/SettingsPage/SettingsPageViewModel.cs @@ -418,25 +418,6 @@ namespace Bit.App.Pages new SettingsPageListItem { Name = AppResources.LockNow }, new SettingsPageListItem { Name = AppResources.TwoStepLogin } }; - if (_vaultTimeoutDisplayValue == AppResources.Custom) - { - securityItems.Insert(1, new SettingsPageListItem - { - Name = AppResources.Custom, - Time = TimeSpan.FromMinutes(Math.Abs((double) _vaultTimeout)), - }); - } - if (_vaultTimeoutPolicy != null) - { - var maximumTimeout = _policyService.GetPolicyInt(_vaultTimeoutPolicy, "minutes").GetValueOrDefault(); - securityItems.Insert(0, new SettingsPageListItem - { - Name = string.Format(AppResources.VaultTimeoutPolicyInEffect, - Math.Floor((float) maximumTimeout / 60), - maximumTimeout % 60), - UseFrame = true, - }); - } if (_supportsBiometric || _biometric) { var biometricName = AppResources.Biometrics; @@ -452,6 +433,25 @@ namespace Bit.App.Pages }; securityItems.Insert(2, item); } + if (_vaultTimeoutDisplayValue == AppResources.Custom) + { + securityItems.Insert(1, new SettingsPageListItem + { + Name = AppResources.Custom, + Time = TimeSpan.FromMinutes(Math.Abs((double)_vaultTimeout)), + }); + } + if (_vaultTimeoutPolicy != null) + { + var maximumTimeout = _policyService.GetPolicyInt(_vaultTimeoutPolicy, "minutes").GetValueOrDefault(); + securityItems.Insert(0, new SettingsPageListItem + { + Name = string.Format(AppResources.VaultTimeoutPolicyInEffect, + Math.Floor((float)maximumTimeout / 60), + maximumTimeout % 60), + UseFrame = true, + }); + } var accountItems = new List { new SettingsPageListItem { Name = AppResources.FingerprintPhrase }, diff --git a/src/Core/Services/PolicyService.cs b/src/Core/Services/PolicyService.cs index f76afa667..5214e6637 100644 --- a/src/Core/Services/PolicyService.cs +++ b/src/Core/Services/PolicyService.cs @@ -220,10 +220,20 @@ namespace Bit.Core.Services o.Enabled && o.Status >= OrganizationUserStatusType.Accepted && o.UsePolicies && - !o.isExemptFromPolicies && + !isExcemptFromPolicies(o, policyType) && policySet.Contains(o.Id)); } + private bool isExcemptFromPolicies(Organization organization, PolicyType policyType) + { + if (policyType == PolicyType.MaximumVaultTimeout) + { + return organization.Type == OrganizationUserType.Owner; + } + + return organization.isExemptFromPolicies; + } + public int? GetPolicyInt(Policy policy, string key) { if (policy.Data.ContainsKey(key))