Skip to content

[PM-35201] Enhance password reset logic in MemberActionsService#20504

Open
JaredScar wants to merge 1 commit intomainfrom
ac/pm-35201-extend-account-recovery-to-accepted-status
Open

[PM-35201] Enhance password reset logic in MemberActionsService#20504
JaredScar wants to merge 1 commit intomainfrom
ac/pm-35201-extend-account-recovery-to-accepted-status

Conversation

@JaredScar
Copy link
Copy Markdown
Contributor

@JaredScar JaredScar commented May 4, 2026

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-35201

📔 Objective

Extends the states for password recovery to support the Accepted status

@JaredScar
Enhance password reset logic in MemberActionsService
eff7223 
* Update allowResetPassword method to permit password resets for users with an Accepted status when AdminResetTwoFactor is enabled.
* Add unit tests to verify behavior for password reset permissions based on user status and AdminResetTwoFactor settings.
@JaredScar JaredScar requested a review from a team as a code owner May 4, 2026 20:05
@JaredScar JaredScar requested a review from r-tome May 4, 2026 20:05
@JaredScar JaredScar added the ai-review Request a Claude code review label May 4, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 4, 2026
edited
Loading

🤖 Bitwarden Claude Code Review

Overall Assessment: APPROVE

Reviewed the change to MemberActionsService.allowResetPassword that extends the allowed-status set to include OrganizationUserStatusType.Accepted when the AdminResetTwoFactor feature flag is enabled. The new branch mirrors the existing Revoked branch pattern, all other guards (role hierarchy, resetPasswordEnrolled, canManageUsersPassword, useResetPassword, hasPublicAndPrivateKeys, resetPasswordEnabled) remain in force, and two new unit tests cover both flag-on and flag-off behavior for the new Accepted case.

Code Review Details

No findings. The change is small, well-scoped, gated behind the existing pm-15489-reset-two-factor-account-recovery feature flag (default FALSE), and ships with parallel test coverage matching the existing Revoked status tests.

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 4, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@codecov
Copy link
Copy Markdown

codecov Bot commented May 4, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 47.11%. Comparing base (639c6aa) to head (eff7223).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main   #20504   +/-   ##
=======================================
  Coverage   47.10%   47.11%           
=======================================
  Files        3951     3951           
  Lines      119732   119732           
  Branches    18349    18349           
=======================================
+ Hits        56401    56410    +9     
+ Misses      59095    59086    -9     
  Partials     4236     4236

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@r-tome r-tome r-tome approved these changes

Assignees

No one assigned

Labels

ai-review Request a Claude code review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@JaredScar @r-tome