From ecbab67b8bb9033ca01ee90714e44bec3e069507 Mon Sep 17 00:00:00 2001 From: Jared Date: Mon, 9 Mar 2026 11:52:23 -0400 Subject: [PATCH] Enhance MasterPassword policy handling in tests and service (#19350) * Add tests to verify behavior when organizations do not use policies and when users are exempt as owners. * Update service logic to correctly handle policy retrieval based on user type and organization settings. --- .../policy/default-policy.service.spec.ts | 26 +++++++++++++++++++ .../services/policy/default-policy.service.ts | 4 ++- 2 files changed, 29 insertions(+), 1 deletion(-) diff --git a/libs/common/src/admin-console/services/policy/default-policy.service.spec.ts b/libs/common/src/admin-console/services/policy/default-policy.service.spec.ts index 2ff649e6533..6a2267f078b 100644 --- a/libs/common/src/admin-console/services/policy/default-policy.service.spec.ts +++ b/libs/common/src/admin-console/services/policy/default-policy.service.spec.ts @@ -188,6 +188,32 @@ describe("PolicyService", () => { enforceOnLogin: false, }); }); + + it("returns undefined when org does not use policies", async () => { + // org3 has usePolicies=false (simulates a Teams org that was downgraded from Enterprise) + singleUserState.nextState( + arrayToRecord([ + policyData("1", "org3", PolicyType.MasterPassword, true, { minLength: 10 }), + ]), + ); + + const result = await firstValueFrom(policyService.masterPasswordPolicyOptions$(userId)); + + expect(result).toBeUndefined(); + }); + + it("returns undefined when user is an owner (exempt from policy)", async () => { + // org2 has OrganizationUserType.Owner; owners are exempt from MasterPassword policy + singleUserState.nextState( + arrayToRecord([ + policyData("1", "org2", PolicyType.MasterPassword, true, { minLength: 10 }), + ]), + ); + + const result = await firstValueFrom(policyService.masterPasswordPolicyOptions$(userId)); + + expect(result).toBeUndefined(); + }); }); describe("evaluateMasterPassword", () => { diff --git a/libs/common/src/admin-console/services/policy/default-policy.service.ts b/libs/common/src/admin-console/services/policy/default-policy.service.ts index ac3ccbc8ca0..49b8eb3ace7 100644 --- a/libs/common/src/admin-console/services/policy/default-policy.service.ts +++ b/libs/common/src/admin-console/services/policy/default-policy.service.ts @@ -88,7 +88,9 @@ export class DefaultPolicyService implements PolicyService { userId: UserId, policies?: Policy[], ): Observable { - const policies$ = policies ? of(policies) : this.policies$(userId); + const policies$ = policies + ? of(policies) + : this.policiesByType$(PolicyType.MasterPassword, userId); return policies$.pipe( map((obsPolicies) => { // TODO ([PM-23777]): replace with this.combinePoliciesIntoMasterPasswordPolicyOptions(obsPolicies))