mirror of
https://github.com/bitwarden/android.git
synced 2024-12-25 18:38:27 +03:00
[EC-1045] add vault timeout action to policy (#2372)
* [EC-1045] lock action if policy and show message * [EC-1045] add text for policy message * [EC-1045] add consts to policy service * [EC-1045] missed a const * [AC-1045] fix build
This commit is contained in:
parent
ad9ca125a0
commit
dcb5854557
6 changed files with 75 additions and 24 deletions
|
@ -120,7 +120,7 @@ namespace Bit.App.Pages
|
||||||
if (await _policyService.PolicyAppliesToUser(PolicyType.MaximumVaultTimeout))
|
if (await _policyService.PolicyAppliesToUser(PolicyType.MaximumVaultTimeout))
|
||||||
{
|
{
|
||||||
_vaultTimeoutPolicy = (await _policyService.GetAll(PolicyType.MaximumVaultTimeout)).First();
|
_vaultTimeoutPolicy = (await _policyService.GetAll(PolicyType.MaximumVaultTimeout)).First();
|
||||||
var minutes = _policyService.GetPolicyInt(_vaultTimeoutPolicy, "minutes").GetValueOrDefault();
|
var minutes = _policyService.GetPolicyInt(_vaultTimeoutPolicy, PolicyService.TIMEOUT_POLICY_MINUTES).GetValueOrDefault();
|
||||||
_vaultTimeouts = _vaultTimeouts.Where(t =>
|
_vaultTimeouts = _vaultTimeouts.Where(t =>
|
||||||
t.Value <= minutes &&
|
t.Value <= minutes &&
|
||||||
(t.Value > 0 || t.Value == CustomVaultTimeoutValue) &&
|
(t.Value > 0 || t.Value == CustomVaultTimeoutValue) &&
|
||||||
|
@ -295,7 +295,7 @@ namespace Bit.App.Pages
|
||||||
|
|
||||||
if (_vaultTimeoutPolicy != null)
|
if (_vaultTimeoutPolicy != null)
|
||||||
{
|
{
|
||||||
var maximumTimeout = _policyService.GetPolicyInt(_vaultTimeoutPolicy, "minutes");
|
var maximumTimeout = _policyService.GetPolicyInt(_vaultTimeoutPolicy, PolicyService.TIMEOUT_POLICY_MINUTES);
|
||||||
|
|
||||||
if (newTimeout > maximumTimeout)
|
if (newTimeout > maximumTimeout)
|
||||||
{
|
{
|
||||||
|
@ -374,6 +374,10 @@ namespace Bit.App.Pages
|
||||||
|
|
||||||
public async Task VaultTimeoutActionAsync()
|
public async Task VaultTimeoutActionAsync()
|
||||||
{
|
{
|
||||||
|
if (!string.IsNullOrEmpty(_policyService.GetPolicyString(_vaultTimeoutPolicy, PolicyService.TIMEOUT_POLICY_ACTION)))
|
||||||
|
{
|
||||||
|
return;
|
||||||
|
}
|
||||||
var options = _vaultTimeoutActions.Select(o =>
|
var options = _vaultTimeoutActions.Select(o =>
|
||||||
o.Key == _vaultTimeoutActionDisplayValue ? $"✓ {o.Key}" : o.Key).ToArray();
|
o.Key == _vaultTimeoutActionDisplayValue ? $"✓ {o.Key}" : o.Key).ToArray();
|
||||||
var selection = await Page.DisplayActionSheet(AppResources.VaultTimeoutAction,
|
var selection = await Page.DisplayActionSheet(AppResources.VaultTimeoutAction,
|
||||||
|
@ -597,14 +601,38 @@ namespace Bit.App.Pages
|
||||||
}
|
}
|
||||||
if (_vaultTimeoutPolicy != null)
|
if (_vaultTimeoutPolicy != null)
|
||||||
{
|
{
|
||||||
var maximumTimeout = _policyService.GetPolicyInt(_vaultTimeoutPolicy, "minutes").GetValueOrDefault();
|
var maximumTimeout = _policyService.GetPolicyInt(_vaultTimeoutPolicy, PolicyService.TIMEOUT_POLICY_MINUTES).GetValueOrDefault();
|
||||||
securityItems.Insert(0, new SettingsPageListItem
|
var timeoutAction = _policyService.GetPolicyString(_vaultTimeoutPolicy, PolicyService.TIMEOUT_POLICY_ACTION);
|
||||||
|
if (maximumTimeout != default && timeoutAction != default)
|
||||||
{
|
{
|
||||||
Name = string.Format(AppResources.VaultTimeoutPolicyInEffect,
|
securityItems.Insert(0, new SettingsPageListItem
|
||||||
Math.Floor((float)maximumTimeout / 60),
|
{
|
||||||
maximumTimeout % 60),
|
Name = string.Format(AppResources.VaultTimeoutPolicyWithActionInEffect,
|
||||||
UseFrame = true,
|
Math.Floor((float)maximumTimeout / 60),
|
||||||
});
|
maximumTimeout % 60,
|
||||||
|
timeoutAction == PolicyService.TIMEOUT_POLICY_ACTION_LOCK ? AppResources.Lock : AppResources.LogOut),
|
||||||
|
UseFrame = true,
|
||||||
|
});
|
||||||
|
}
|
||||||
|
else if (maximumTimeout != default && timeoutAction == default)
|
||||||
|
{
|
||||||
|
securityItems.Insert(0, new SettingsPageListItem
|
||||||
|
{
|
||||||
|
Name = string.Format(AppResources.VaultTimeoutPolicyInEffect,
|
||||||
|
Math.Floor((float)maximumTimeout / 60),
|
||||||
|
maximumTimeout % 60),
|
||||||
|
UseFrame = true,
|
||||||
|
});
|
||||||
|
}
|
||||||
|
else if (maximumTimeout == default && timeoutAction != default)
|
||||||
|
{
|
||||||
|
securityItems.Insert(0, new SettingsPageListItem
|
||||||
|
{
|
||||||
|
Name = string.Format(AppResources.VaultTimeoutActionPolicyInEffect,
|
||||||
|
timeoutAction == PolicyService.TIMEOUT_POLICY_ACTION_LOCK ? AppResources.Lock : AppResources.LogOut),
|
||||||
|
UseFrame = true,
|
||||||
|
});
|
||||||
|
}
|
||||||
}
|
}
|
||||||
if (Device.RuntimePlatform == Device.Android)
|
if (Device.RuntimePlatform == Device.Android)
|
||||||
{
|
{
|
||||||
|
|
20
src/App/Resources/AppResources.Designer.cs
generated
20
src/App/Resources/AppResources.Designer.cs
generated
|
@ -6677,6 +6677,15 @@ namespace Bit.App.Resources {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// <summary>
|
||||||
|
/// Looks up a localized string similar to Your organization policies have set your vault timeout action to {0}..
|
||||||
|
/// </summary>
|
||||||
|
public static string VaultTimeoutActionPolicyInEffect {
|
||||||
|
get {
|
||||||
|
return ResourceManager.GetString("VaultTimeoutActionPolicyInEffect", resourceCulture);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Looks up a localized string similar to Logging out will remove all access to your vault and requires online authentication after the timeout period. Are you sure you want to use this setting?.
|
/// Looks up a localized string similar to Logging out will remove all access to your vault and requires online authentication after the timeout period. Are you sure you want to use this setting?.
|
||||||
/// </summary>
|
/// </summary>
|
||||||
|
@ -6687,7 +6696,7 @@ namespace Bit.App.Resources {
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Looks up a localized string similar to Your organization policies are affecting your vault timeout. Maximum allowed vault timeout is {0} hour(s) and {1} minute(s).
|
/// Looks up a localized string similar to Your organization policies have set your maximum allowed vault timeout to {0} hour(s) and {1} minute(s)..
|
||||||
/// </summary>
|
/// </summary>
|
||||||
public static string VaultTimeoutPolicyInEffect {
|
public static string VaultTimeoutPolicyInEffect {
|
||||||
get {
|
get {
|
||||||
|
@ -6695,6 +6704,15 @@ namespace Bit.App.Resources {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// <summary>
|
||||||
|
/// Looks up a localized string similar to Your organization policies are affecting your vault timeout. Maximum allowed vault timeout is {0} hour(s) and {1} minute(s). Your vault timeout action is set to {2}..
|
||||||
|
/// </summary>
|
||||||
|
public static string VaultTimeoutPolicyWithActionInEffect {
|
||||||
|
get {
|
||||||
|
return ResourceManager.GetString("VaultTimeoutPolicyWithActionInEffect", resourceCulture);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Looks up a localized string similar to Your vault timeout exceeds the restrictions set by your organization..
|
/// Looks up a localized string similar to Your vault timeout exceeds the restrictions set by your organization..
|
||||||
/// </summary>
|
/// </summary>
|
||||||
|
|
|
@ -2141,7 +2141,13 @@ Scanning will happen automatically.</value>
|
||||||
<value>This organization has an enterprise policy that will automatically enroll you in password reset. Enrollment will allow organization administrators to change your master password.</value>
|
<value>This organization has an enterprise policy that will automatically enroll you in password reset. Enrollment will allow organization administrators to change your master password.</value>
|
||||||
</data>
|
</data>
|
||||||
<data name="VaultTimeoutPolicyInEffect" xml:space="preserve">
|
<data name="VaultTimeoutPolicyInEffect" xml:space="preserve">
|
||||||
<value>Your organization policies are affecting your vault timeout. Maximum allowed vault timeout is {0} hour(s) and {1} minute(s)</value>
|
<value>Your organization policies have set your maximum allowed vault timeout to {0} hour(s) and {1} minute(s).</value>
|
||||||
|
</data>
|
||||||
|
<data name="VaultTimeoutPolicyWithActionInEffect" xml:space="preserve">
|
||||||
|
<value>Your organization policies are affecting your vault timeout. Maximum allowed vault timeout is {0} hour(s) and {1} minute(s). Your vault timeout action is set to {2}.</value>
|
||||||
|
</data>
|
||||||
|
<data name="VaultTimeoutActionPolicyInEffect" xml:space="preserve">
|
||||||
|
<value>Your organization policies have set your vault timeout action to {0}.</value>
|
||||||
</data>
|
</data>
|
||||||
<data name="VaultTimeoutToLarge" xml:space="preserve">
|
<data name="VaultTimeoutToLarge" xml:space="preserve">
|
||||||
<value>Your vault timeout exceeds the restrictions set by your organization.</value>
|
<value>Your vault timeout exceeds the restrictions set by your organization.</value>
|
||||||
|
|
|
@ -20,6 +20,7 @@ namespace Bit.Core.Abstractions
|
||||||
string orgId);
|
string orgId);
|
||||||
Task<bool> PolicyAppliesToUser(PolicyType policyType, Func<Policy, bool> policyFilter = null, string userId = null);
|
Task<bool> PolicyAppliesToUser(PolicyType policyType, Func<Policy, bool> policyFilter = null, string userId = null);
|
||||||
int? GetPolicyInt(Policy policy, string key);
|
int? GetPolicyInt(Policy policy, string key);
|
||||||
|
string GetPolicyString(Policy policy, string key);
|
||||||
Task<bool> ShouldShowVaultFilterAsync();
|
Task<bool> ShouldShowVaultFilterAsync();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -17,6 +17,11 @@ namespace Bit.Core.Services
|
||||||
|
|
||||||
private IEnumerable<Policy> _policyCache;
|
private IEnumerable<Policy> _policyCache;
|
||||||
|
|
||||||
|
public const string TIMEOUT_POLICY_MINUTES = "minutes";
|
||||||
|
public const string TIMEOUT_POLICY_ACTION = "action";
|
||||||
|
public const string TIMEOUT_POLICY_ACTION_LOCK = "lock";
|
||||||
|
public const string TIMEOUT_POLICY_ACTION_LOGOUT = "logOut";
|
||||||
|
|
||||||
public PolicyService(
|
public PolicyService(
|
||||||
IStateService stateService,
|
IStateService stateService,
|
||||||
IOrganizationService organizationService)
|
IOrganizationService organizationService)
|
||||||
|
@ -247,6 +252,10 @@ namespace Bit.Core.Services
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public string GetPolicyString(Policy policy, string key) =>
|
||||||
|
policy.Data.TryGetValue(key, out var val) ? val as string : null;
|
||||||
|
|
||||||
|
|
||||||
public async Task<bool> ShouldShowVaultFilterAsync()
|
public async Task<bool> ShouldShowVaultFilterAsync()
|
||||||
{
|
{
|
||||||
var personalOwnershipPolicyApplies = await PolicyAppliesToUser(PolicyType.PersonalOwnership);
|
var personalOwnershipPolicyApplies = await PolicyAppliesToUser(PolicyType.PersonalOwnership);
|
||||||
|
@ -272,17 +281,6 @@ namespace Bit.Core.Services
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
private string GetPolicyString(Policy policy, string key)
|
|
||||||
{
|
|
||||||
if (policy.Data.ContainsKey(key))
|
|
||||||
{
|
|
||||||
var value = policy.Data[key];
|
|
||||||
if (value != null)
|
|
||||||
{
|
|
||||||
return (string)value;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -247,7 +247,7 @@ namespace Bit.Core.Services
|
||||||
{
|
{
|
||||||
var policy = (await _policyService.GetAll(PolicyType.MaximumVaultTimeout, userId)).First();
|
var policy = (await _policyService.GetAll(PolicyType.MaximumVaultTimeout, userId)).First();
|
||||||
// Remove negative values, and ensure it's smaller than maximum allowed value according to policy
|
// Remove negative values, and ensure it's smaller than maximum allowed value according to policy
|
||||||
var policyTimeout = _policyService.GetPolicyInt(policy, "minutes");
|
var policyTimeout = _policyService.GetPolicyInt(policy, PolicyService.TIMEOUT_POLICY_MINUTES);
|
||||||
if (!policyTimeout.HasValue)
|
if (!policyTimeout.HasValue)
|
||||||
{
|
{
|
||||||
return vaultTimeout;
|
return vaultTimeout;
|
||||||
|
|
Loading…
Reference in a new issue