[PM-27619] assign tasks component

apps/web/src/locales/en/messages.json

@@ -26,6 +26,9 @@
   "reviewAtRiskPasswords": {
     "message": "Review at-risk passwords (weak, exposed, or reused) across applications. Select your most critical applications to prioritize security actions for your users to address at-risk passwords."
   },
+  "reviewAtRiskLoginsPrompt": {
+    "message": "Review at-risk logins"
+  },
   "dataLastUpdated": {
     "message": "Data last updated: $DATE$",
     "placeholders": {
@@ -127,6 +130,9 @@
       }
     }
   },
+  "criticalApplicationsMarked": {
+    "message": "critical applications marked"
+  },
   "countOfCriticalApplications": {
     "message": "$COUNT$ critical applications",
     "placeholders": {
@@ -233,7 +239,13 @@
     "message": "Unselect application"
   },
   "applicationsMarkedAsCriticalSuccess": {
-    "message": "Applications marked as critical"
+    "message": "$COUNT$ applications marked as critical",
+    "placeholders": {
+      "count": {
+        "content": "$1",
+        "example": "3"
+      }
+    }
   },
   "applicationsMarkedAsCriticalFail": {
     "message": "Failed to mark applications as critical"
@@ -259,6 +271,12 @@
   "membersWithAccessToAtRiskItemsForCriticalApps": {
     "message": "Members with access to at-risk items for critical applications"
   },
+  "membersWithAtRiskPasswords": {
+    "message": "Members with at-risk passwords"
+  },
+  "membersWillReceiveNotification": {
+    "message": "Members will receive a notification to resolve at-risk logins through the browser extension."
+  },
   "membersAtRiskCount": {
     "message": "$COUNT$ members at-risk",
     "placeholders": {
@@ -355,15 +373,6 @@
   "applicationReviewSaved": {
     "message": "Application review saved"
   },
-  "applicationsMarkedAsCritical": {
-    "message": "$COUNT$ applications marked as critical",
-    "placeholders": {
-      "count": {
-        "content": "$1",
-        "example": "3"
-      }
-    }
-  },
   "newApplicationsReviewed": {
     "message": "New applications reviewed"
   },
@@ -835,6 +844,9 @@
   "favorites": {
     "message": "Favorites"
   },
+  "taskSummary": {
+    "message": "Task summary"
+  },
   "types": {
     "message": "Types"
   },
@@ -9765,6 +9777,9 @@
   "assignTasks": {
     "message": "Assign tasks"
   },
+  "assignTasksToMembers": {
+    "message": "Assign tasks to members for guided resolution"
+  },
   "assignToCollections": {
     "message": "Assign to collections"
   },

bitwarden_license/bit-common/src/dirt/reports/risk-insights/services/domain/risk-insights-orchestrator.service.ts

@@ -56,6 +56,7 @@ import {
   OrganizationReportSummary,
   ReportStatus,
   ReportState,
+  ApplicationHealthReportDetail,
 } from "../../models/report-models";
 import { MemberCipherDetailsApiService } from "../api/member-cipher-details-api.service";
 import { RiskInsightsApiService } from "../api/risk-insights-api.service";
@@ -98,14 +99,17 @@ export class RiskInsightsOrchestratorService {
   enrichedReportData$ = this._enrichedReportDataSubject.asObservable();
 
   // New applications that haven't been reviewed (reviewedDate === null)
-  newApplications$: Observable<string[]> = this.rawReportData$.pipe(
+  newApplications$: Observable<ApplicationHealthReportDetail[]> = this.rawReportData$.pipe(
     map((reportState) => {
-      if (!reportState.data?.applicationData) {
-        return [];
-      }
-      return reportState.data.applicationData
-        .filter((app) => app.reviewedDate === null)
-        .map((app) => app.applicationName);
+      const reportApplications = reportState.data?.applicationData || [];
+
+      const newApplications =
+        reportState?.data?.reportData.filter((reportApp) =>
+          reportApplications.some(
+            (app) => app.applicationName == reportApp.applicationName && app.reviewedDate == null,
+          ),
+        ) || [];
+      return newApplications;
     }),
     distinctUntilChanged(
       (prev, curr) => prev.length === curr.length && prev.every((app, i) => app === curr[i]),
@@ -332,9 +336,12 @@ export class RiskInsightsOrchestratorService {
         }
 
         // Create a set for quick lookup of the new critical apps
-        const newCriticalAppNamesSet = new Set(criticalApplications);
+        const newCriticalAppNamesSet = criticalApplications.map((ca) => ({
+          applicationName: ca,
+          isCritical: true,
+        }));
         const existingApplicationData = report!.applicationData || [];
-        const updatedApplicationData = this._mergeApplicationData(
+        const updatedApplicationData = this._updateApplicationData(
           existingApplicationData,
           newCriticalAppNamesSet,
         );
@@ -443,18 +450,18 @@ export class RiskInsightsOrchestratorService {
   }
 
   /**
-   * Saves review status for new applications and optionally marks selected ones as critical.
-   * This method:
-   * 1. Sets reviewedDate to current date for all applications where reviewedDate === null
-   * 2. Sets isCritical = true for applications in the selectedCriticalApps array
+   * Saves review status for new applications and optionally marks
+   * selected ones as critical
    *
-   * @param selectedCriticalApps Array of application names to mark as critical (can be empty)
+   * @param reviewedApplications Array of application names to mark as reviewed
    * @returns Observable of updated ReportState
    */
-  saveApplicationReviewStatus$(selectedCriticalApps: string[]): Observable<ReportState> {
-    this.logService.info("[RiskInsightsOrchestratorService] Saving application review status", {
-      criticalAppsCount: selectedCriticalApps.length,
-    });
+  saveApplicationReviewStatus$(
+    reviewedApplications: OrganizationReportApplication[],
+  ): Observable<ReportState> {
+    this.logService.info(
+      `[RiskInsightsOrchestratorService] Saving application review status for ${reviewedApplications.length} applications`,
+    );
 
     return this.rawReportData$.pipe(
       take(1),
@@ -464,16 +471,43 @@ export class RiskInsightsOrchestratorService {
         this._userId$.pipe(filter((userId) => !!userId)),
       ),
       map(([reportState, organizationDetails, userId]) => {
+        const report = reportState?.data;
+        if (!report) {
+          throwError(() => Error("Tried save reviewed applications without a report"));
+        }
+
         const existingApplicationData = reportState?.data?.applicationData || [];
-        const updatedApplicationData = this._updateReviewStatusAndCriticalFlags(
+        const updatedApplicationData = this._updateApplicationData(
           existingApplicationData,
-          selectedCriticalApps,
+          reviewedApplications,
         );
 
+        // Updated summary data after changing critical apps
+        const updatedSummaryData = this.reportService.getApplicationsSummary(
+          report!.reportData,
+          updatedApplicationData,
+        );
+        // Used for creating metrics with updated application data
+        const manualEnrichedApplications = report!.reportData.map(
+          (application): ApplicationHealthReportDetailEnriched => ({
+            ...application,
+            isMarkedAsCritical: this.reportService.isCriticalApplication(
+              application,
+              updatedApplicationData,
+            ),
+          }),
+        );
+        // For now, merge the report with the critical marking flag to make the enriched type
+        // We don't care about the individual ciphers in this instance
+        // After the report and enriched report types are consolidated, this mapping can be removed
+        // and the class will expose getCriticalApplications
+        const metrics = this._getReportMetrics(manualEnrichedApplications, updatedSummaryData);
+
         const updatedState = {
           ...reportState,
           data: {
             ...reportState.data,
+            summaryData: updatedSummaryData,
             applicationData: updatedApplicationData,
           },
         } as ReportState;
@@ -484,9 +518,9 @@ export class RiskInsightsOrchestratorService {
           criticalApps: updatedApplicationData.filter((app) => app.isCritical).length,
         });
 
-        return { reportState, organizationDetails, updatedState, userId };
+        return { reportState, organizationDetails, updatedState, userId, metrics };
       }),
-      switchMap(({ reportState, organizationDetails, updatedState, userId }) => {
+      switchMap(({ reportState, organizationDetails, updatedState, userId, metrics }) => {
         return from(
           this.riskInsightsEncryptionService.encryptRiskInsightsReport(
             {
@@ -506,10 +540,11 @@ export class RiskInsightsOrchestratorService {
             organizationDetails,
             updatedState,
             encryptedData,
+            metrics,
           })),
         );
       }),
-      switchMap(({ reportState, organizationDetails, updatedState, encryptedData }) => {
+      switchMap(({ reportState, organizationDetails, updatedState, encryptedData, metrics }) => {
         this.logService.debug(
           `[RiskInsightsOrchestratorService] Persisting review status - report id: ${reportState?.data?.id}`,
         );
@@ -521,26 +556,44 @@ export class RiskInsightsOrchestratorService {
           return of({ ...reportState });
         }
 
-        return this.reportApiService
-          .updateRiskInsightsApplicationData$(
-            reportState.data.id,
-            organizationDetails.organizationId,
-            {
-              data: {
-                applicationData: encryptedData.encryptedApplicationData.toSdk(),
-              },
+        // Update applications data with critical marking
+        const updateApplicationsCall = this.reportApiService.updateRiskInsightsApplicationData$(
+          reportState.data.id,
+          organizationDetails.organizationId,
+          {
+            data: {
+              applicationData: encryptedData.encryptedApplicationData.toSdk(),
             },
-          )
-          .pipe(
-            map(() => updatedState),
-            catchError((error: unknown) => {
-              this.logService.error(
-                "[RiskInsightsOrchestratorService] Failed to save review status",
-                error,
-              );
-              return of({ ...reportState, error: "Failed to save application review status" });
-            }),
-          );
+          },
+        );
+
+        // Update summary after recomputing
+        const updateSummaryCall = this.reportApiService.updateRiskInsightsSummary$(
+          reportState.data.id,
+          organizationDetails.organizationId,
+          {
+            data: {
+              summaryData: encryptedData.encryptedSummaryData.toSdk(),
+              metrics: metrics.toRiskInsightsMetricsData(),
+            },
+          },
+        );
+
+        return forkJoin([updateApplicationsCall, updateSummaryCall]).pipe(
+          map(() => updatedState),
+          tap((finalState) => {
+            this._flagForUpdatesSubject.next({
+              ...finalState,
+            });
+          }),
+          catchError((error: unknown) => {
+            this.logService.error(
+              "[RiskInsightsOrchestratorService] Failed to save review status",
+              error,
+            );
+            return of({ ...reportState, error: "Failed to save application review status" });
+          }),
+        );
       }),
     );
   }
@@ -752,67 +805,40 @@ export class RiskInsightsOrchestratorService {
 
   // Updates the existing application data to include critical applications
   // Does not remove critical applications not in the set
-  private _mergeApplicationData(
+  private _updateApplicationData(
     existingApplications: OrganizationReportApplication[],
-    criticalApplications: Set<string>,
+    updatedApplications: (Partial<OrganizationReportApplication> & { applicationName: string })[],
   ): OrganizationReportApplication[] {
-    const setToMerge = new Set(criticalApplications);
+    const arrayToMerge = [...updatedApplications];
 
     const updatedApps = existingApplications.map((app) => {
-      const foundCritical = setToMerge.has(app.applicationName);
-
-      if (foundCritical) {
-        setToMerge.delete(app.applicationName);
+      // Check if there is an updated app
+      const foundUpdatedIndex = arrayToMerge.findIndex(
+        (ua) => ua.applicationName == app.applicationName,
+      );
+
+      let foundApp: Partial<OrganizationReportApplication> | null = null;
+      // Remove the updated app from the list
+      if (foundUpdatedIndex >= 0) {
+        foundApp = arrayToMerge[foundUpdatedIndex];
+        arrayToMerge.splice(foundUpdatedIndex, 1);
       }
-
       return {
-        ...app,
-        isCritical: foundCritical || app.isCritical,
+        applicationName: app.applicationName,
+        isCritical: foundApp?.isCritical || app.isCritical,
+        reviewedDate: foundApp?.reviewedDate || app.reviewedDate,
       };
     });
 
-    setToMerge.forEach((applicationName) => {
-      updatedApps.push({
-        applicationName,
-        isCritical: true,
+    const newElements: OrganizationReportApplication[] = arrayToMerge.map(
+      (newApp): OrganizationReportApplication => ({
+        applicationName: newApp.applicationName,
+        isCritical: newApp.isCritical ?? false,
         reviewedDate: null,
-      });
-    });
-
-    return updatedApps;
-  }
-
-  /**
-   * Updates review status and critical flags for applications.
-   * Sets reviewedDate for all apps with null reviewedDate.
-   * Sets isCritical flag for apps in the criticalApplications array.
-   *
-   * @param existingApplications Current application data
-   * @param criticalApplications Array of application names to mark as critical
-   * @returns Updated application data with review dates and critical flags
-   */
-  private _updateReviewStatusAndCriticalFlags(
-    existingApplications: OrganizationReportApplication[],
-    criticalApplications: string[],
-  ): OrganizationReportApplication[] {
-    const criticalSet = new Set(criticalApplications);
-    const currentDate = new Date();
-
-    return existingApplications.map((app) => {
-      const shouldMarkCritical = criticalSet.has(app.applicationName);
-      const needsReviewDate = app.reviewedDate === null;
-
-      // Only create new object if changes are needed
-      if (needsReviewDate || shouldMarkCritical) {
-        return {
-          ...app,
-          reviewedDate: needsReviewDate ? currentDate : app.reviewedDate,
-          isCritical: shouldMarkCritical || app.isCritical,
-        };
-      }
+      }),
+    );
 
-      return app;
-    });
+    return updatedApps.concat(newElements);
   }
 
   // Toggles the isCritical flag on applications via criticalApplicationName