[PM-1214] device management screen

[alec-livefront]

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-1214?atlOrigin=eyJpIjoiOGUyMGIwODJmODQwNDlkMjlhZmFhZDYxNmVjN2EyZGEiLCJwIjoiaiJ9

📔 Objective

Adds a device management tab under settings -> security. Allows a user to manage the devices of their account by approving them, logging them out or deleting them.

📸 Screenshots

GMT20241220-201106_Clip_Alec.Rippberger.s.Clip.12_20_2024.mp4

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[github-actions]

Checkmarx One – Scan Summary & Details – 3c99af49-adde-40a5-b4aa-c7ca7da94252

New Issues

Severity	Issue	Source File / Package	Checkmarx Insight
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1166	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 130	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 86	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 38	Attack Vector
	Client_Privacy_Violation	/apps/web/src/app/auth/lock.component.ts: 20	Attack Vector
	Client_Privacy_Violation	/apps/web/src/app/auth/lock.component.ts: 20	Attack Vector
	Client_Privacy_Violation	/apps/desktop/src/auth/lock.component.html: 32	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/tools/popup/generator/password-generator-history.component.html: 26	Attack Vector
	Client_DOM_Open_Redirect	/apps/browser/src/tools/popup/generator/password-generator-history.component.ts: 19	Attack Vector

Fixed Issues

Severity	Issue	Source File / Package
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 130
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 86
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 38
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1253
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1166
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1166

[codecov]

Codecov Report

Attention: Patch coverage is 4.22535% with 68 lines in your changes missing coverage. Please review.

Project coverage is 33.78%. Comparing base (b27a1a5) to head (3934101).
Report is 8 commits behind head on main.

✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
...h/settings/security/device-management.component.ts	0.00%	59 Missing ⚠️
...services/devices/devices.service.implementation.ts	0.00%	6 Missing ⚠️
apps/browser/src/background/main.background.ts	0.00%	1 Missing ⚠️
.../auth/settings/security/security-routing.module.ts	0.00%	1 Missing ⚠️
...uth/services/devices-api.service.implementation.ts	0.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #12455      +/-   ##
==========================================
+ Coverage   33.61%   33.78%   +0.16%     
==========================================
  Files        2925     2913      -12     
  Lines       91433    90760     -673     
  Branches    17376    17165     -211     
==========================================
- Hits        30734    30661      -73     
+ Misses      58283    57713     -570     
+ Partials     2416     2386      -30     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[alec-livefront]

I could use help on a few things I'm unsure of on this PR:

1. The ticket calls for virtual scroll on the table. However, when I try to implement bit-table-scroll I get Unhandled error in angular TypeError: Cannot read properties of undefined (reading 'template'). I looked at the vnext-clients component to see if I could spot what might be different here but came up empty.
2. I'm not sure how to implement the removeDevice, approveDevice or logOutDevice functions (or if it is currently possible with the backend). I tried to flush out removeDevice using the devices/{id}/deactivate endpoint but I don't believe it is working. I could use some direction on what to do here.
3. The Figma designs seem to show relative times for the last login (like "This week", "Last month". I'm wondering if there is existing logic to convert a date to a human readable time exists elsewhere in the app? I couldn't find anything. It shouldn't be hard to write but I wanted to be consistent. Another issue is I'm wondering how to get the last login date - it doesn't seem to be included in the device info from the backend.

[JaredSnider-Bitwarden]

⚠️ : I believe this new method better belongs on the DevicesService vs this service. This also allows you to undo the strict typing updates here so we don't have to re-test the device trust implementation for this change.

[JaredSnider-Bitwarden]

This is looking great! I've got a few UI suggestions and some minor clean up items below:

[JaredSnider-Bitwarden]

💡 : upon watching the video, I think we should implement a loading state for the table which doesn't show the table until the data is loaded.

[alec-livefront]

I've added a loading state for when the table is loading, and added the spinner for when async actions are waiting to complete: 0932e18

[JaredSnider-Bitwarden]

The figma calls for a loading icon here when async actions like remove device or log out are being taken

[alec-livefront]

0932e18

[JaredSnider-Bitwarden]

❓ : Nice job building out this metadata out. Do you think we should translate "Unknown" as a platform?

[alec-livefront]

Can you elaborate on that? Are you talking about the DeviceType.UnknownBrowser having a platform of "Unknown"?

[JaredSnider-Bitwarden]

Yes, I'm sorry that comment was not as clear as I meant for it to be. "Unknown" is the only non proper noun so we could translate it.

[JaredSnider-Bitwarden]

❓ : can we change this to be a call to this.validationService.showError(error); instead? As far as I know, that's the general recommendation for non-specific error handling.

[alec-livefront]

3934101

[JaredSnider-Bitwarden]

⚠️ : I believe this should be gated behind the feature flag guard for web app approvals, right?

[JaredSnider-Bitwarden]

🏅 Thank you for refactoring this to use abstract and actual methods instead of arrow functions.

[JaredSnider-Bitwarden]

Excellent docs throughout. Thank you!

[JaredSnider-Bitwarden]

Same comment as here: https://github.com/bitwarden/clients/pull/12455/files#r1894224023

[JaredSnider-Bitwarden]

🏅 Thank you for adding this missing test suite!