-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update decryptUserKeyWithMasterKey to requireUserId #11560
base: main
Are you sure you want to change the base?
Conversation
No New Or Fixed Issues Found |
@@ -28,6 +28,7 @@ export const authGuard: CanActivateFn = async ( | |||
const masterPasswordService = inject(MasterPasswordServiceAbstraction); | |||
|
|||
const authStatus = await authService.getAuthStatus(); | |||
x; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Leftover x
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you! I missed that. I've removed it.
Codecov ReportAttention: Patch coverage is
✅ All tests successful. No failed tests found. Additional details and impacted files@@ Coverage Diff @@
## main #11560 +/- ##
==========================================
- Coverage 33.15% 33.15% -0.01%
==========================================
Files 2779 2779
Lines 86297 86311 +14
Branches 16441 16444 +3
==========================================
+ Hits 28610 28614 +4
- Misses 55417 55423 +6
- Partials 2270 2274 +4 ☔ View full report in Codecov by Sentry. |
🎟️ Tracking
https://bitwarden.atlassian.net/browse/PM-13686
📔 Objective
We should require a
userId
ondecryptUserKeyWithMasterKey
in order to ensure that we are retrieving themasterKey
anduserKey
for the correct user from state.Previously, we were relying on the
ActiveUserState
, which we are actively trying to remove.We have had reports of intermittent vault decryption issues, and so we are attempting to eliminate any potential method by which the incorrect
userKey
is being retrieved.⏰ Reminders before review
🦮 Reviewer guidelines
:+1:
) or similar for great changes:memo:
) or ℹ️ (:information_source:
) for notes or general info:question:
) for questions:thinking:
) or 💭 (:thought_balloon:
) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion:art:
) for suggestions / improvements:x:
) or:warning:
) for more significant problems or concerns needing attention:seedling:
) or ♻️ (:recycle:
) for future improvements or indications of technical debt:pick:
) for minor or nitpick changes