[PM-17745] Wrap new device guard applicability check in try/catch to …

…prevent crashes from network errors
bitwarden · Jan 30, 2025 · 233433f · 233433f
1 parent cbba1a6
commit 233433f
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 12 deletions.
diff --git a/libs/angular/src/vault/guards/new-device-verification-notice.guard.spec.ts b/libs/angular/src/vault/guards/new-device-verification-notice.guard.spec.ts
@@ -139,6 +139,12 @@ describe("NewDeviceVerificationNoticeGuard", () => {
     expect(await newDeviceGuard()).toBe(true);
   });
 
+  it("returns `true` when the profile service throws an error", async () => {
+    getProfileCreationDate.mockRejectedValueOnce(new Error("test"));
+
+    expect(await newDeviceGuard()).toBe(true);
+  });
+
   describe("temp flag", () => {
     beforeEach(() => {
       getFeatureFlag.mockImplementation((key) => {

diff --git a/libs/angular/src/vault/guards/new-device-verification-notice.guard.ts b/libs/angular/src/vault/guards/new-device-verification-notice.guard.ts
@@ -1,6 +1,6 @@
 import { inject } from "@angular/core";
 import { ActivatedRouteSnapshot, CanActivateFn, Router } from "@angular/router";
-import { Observable, firstValueFrom } from "rxjs";
+import { firstValueFrom, Observable } from "rxjs";
 
 import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
 import { PolicyType } from "@bitwarden/common/admin-console/enums";
@@ -47,17 +47,23 @@ export const NewDeviceVerificationNoticeGuard: CanActivateFn = async (
     return router.createUrlTree(["/login"]);
   }
 
-  const has2FAEnabled = await hasATwoFactorProviderEnabled(vaultProfileService, currentAcct.id);
-  const isSelfHosted = await platformUtilsService.isSelfHost();
-  const requiresSSO = await isSSORequired(policyService);
-  const isProfileLessThanWeekOld = await profileIsLessThanWeekOld(
-    vaultProfileService,
-    currentAcct.id,
-  );
-
-  // When any of the following are true, the device verification notice is
-  // not applicable for the user.
-  if (has2FAEnabled || isSelfHosted || requiresSSO || isProfileLessThanWeekOld) {
+  try {
+    const isSelfHosted = platformUtilsService.isSelfHost();
+    const requiresSSO = await isSSORequired(policyService);
+    const has2FAEnabled = await hasATwoFactorProviderEnabled(vaultProfileService, currentAcct.id);
+    const isProfileLessThanWeekOld = await profileIsLessThanWeekOld(
+      vaultProfileService,
+      currentAcct.id,
+    );
+
+    // When any of the following are true, the device verification notice is
+    // not applicable for the user.
+    if (has2FAEnabled || isSelfHosted || requiresSSO || isProfileLessThanWeekOld) {
+      return true;
+    }
+  } catch {
+    // Skip showing the notice if there was a problem determining applicability
+    // The most likely problem to occur is the user not having a network connection
     return true;
   }