passbolt-browser-extension 5.3.2 → 5.4.0

package/CHANGELOG.md

@@ -4,6 +4,57 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 
 ## [Unreleased]
 
+## [5.4.0] - 2025-08-13
+### Added
+- PB-44201: E2EE The organisation settings offer now a simplified way to activate metadata encryption and the new resource types
+- PB-42205: E2EE encrypted metadata and new resource types are activated by default after the first administrator setup
+- PB-43255: Add support for multiple uri import export on kdbx files
+- PB-43110: ZK - WP4.2 As a signed-in user I should not be allowed to upgrade resources with missing key situation
+- PB-43712: Translate the application in Czech
+- PB-43939: ZK - WP3.2 Add an app event to get or find the metadata keys settings
+- PB-43980: Add support for custom field import export on kdbx files
+- PB-44080: ZK - WP4.1 Create a dialog explaining the missing key situation
+- PB-44081: ZK - WP4.3 As a signed-in user I should not be allowed to create resources with missing key situation in the resource workspace
+- PB-44090: ZK - WP4.4 As a signed-in user I should not be allowed to edit resources with missing key situation
+- PB-44091: ZK - WP4.5 As a signed-in user I should not be allowed to share resources with missing key situation
+- PB-44094: ZK - WP4.6 As a signed-in user I should not be allowed to import resources with missing key situation
+- PB-44095: ZK - WP4.7 As a signed-in user I should not be allowed to move resources with missing key situation
+- PB-44096: ZK - WP4.8 As a signed-in user I should not be allowed to move folders with missing key situation
+- PB-44097: ZK - WP4.9 Display a page explaining the missing key situation on the quick app
+- PB-44098: ZK - WP4.10 As a signed-in user I should not be allowed to create resources with missing key situation in the quick app
+- PB-44099: ZK - WP4.11 As a signed-in user I should not be allowed to generate password on the inform menu
+- PB-44206: ZK - WP4.14 As administrators I cannot trigger the encrypted metadata migration if I have missing metadata keys
+- PB-44211: ZK - WP3.5 Add MetadataKeysSettingsLocalStorageContextProvider to the App and the quick-app and the inform menu
+- PB-44212: CU - WP5.2 Update ExternalResourceEntity buildDtoFromResourceEntityDto to support custom fields
+- PB-44286: ZK - WP3.6 Add a quick app and inform menu event to get the metadata keys settings
+- PB-44295: ZK - WP4.15 As a signed-in user with missing keys I should not be able to create resource if metadata shared key is enforced on the inform menu
+- PB-44296: ZK - WP4.16 As a signed-in user I should not be allowed to move shared folders into personal folders with missing key situation
+- PB-44327: Display sub-folders in breadcrumbs
+- PB-44374: Extend notes v5 max length to 50_000
+
+### Fixed
+- PB-43296: Displaying resource activities should not crash the application when a resource activity does not have related user or group
+- PB-43652: The sentence to change the passphrase in the user settings workspace should have a space after.
+- PB-43657: Resources loading became noticeably slower after migrating to encrypted
+- PB-43667: Cancelling the user passphrase request should not trigger an error when sharing missing metadata key
+- PB-43676: Cancelling the user passphrase should not freeze the create resource dialog
+- PB-43719: After importing resources from Bitwarden the URIs are not separated correctly
+- PB-43784: Display the progression of the encryption of metadata in the import dialog
+- PB-43906: User should be notified of any errors while loading comments
+- PB-44079: Update/Create a method in resourceLocalStorage.js to bulk delete resources
+- PB-44161: As a user I should not see the resource description and note warning message if only one of them is concerned
+- PB-44273: Activities are not loaded when new resource is clicked after load more activities of a previous resource
+
+### Maintenance
+- PB-43585: Azure SSO login_hint settings can now be configured
+- PB-43908: Move logic of commentModel file to a service and update assertions in controllers
+- PB-44076: Create a Controller to handle Resource Delete
+- PB-44077: Create a dedicated Service to handle resource deletion
+- PB-44396: the endpoint complete/recover.json is now used instead of the legacy endpoint
+
+### Security
+- PB-43730: Upgrade vulnerable library brace-expansion
+
 ## [5.3.2] - 2025-07-17
 ### Added
 - PB-25265 Flush clipboard strategy
@@ -2305,7 +2356,8 @@ self registration settings option in the left-side bar
 - AP: User with plugin installed
 - LU: Logged in user
 
-[Unreleased]: https://github.com/passbolt/passbolt_browser_extension/compare/v5.3.2...HEAD
+[Unreleased]: https://github.com/passbolt/passbolt_browser_extension/compare/v5.4.0...HEAD
+[5.4.0]: https://github.com/passbolt/passbolt_browser_extension/compare/v5.3.3...v5.4.0
 [5.3.2]: https://github.com/passbolt/passbolt_browser_extension/compare/v5.3.0...v5.3.2
 [5.3.0]: https://github.com/passbolt/passbolt_browser_extension/compare/v5.2.0...v5.3.0
 [5.2.0]: https://github.com/passbolt/passbolt_browser_extension/compare/v5.1.1...v5.2.0

package/RELEASE_NOTES.md

@@ -1,37 +1,67 @@
-Release song: https://www.youtube.com/watch?v=-GxmblM_jss
+Release song: https://www.youtube.com/watch?v=kymdKYtkJbQ
 
-Passbolt v5.3.2 is a security release designed to strengthen the security posture of your organization. It introduces a clipboard flushing feature, adds safeguards around SSO settings, and addresses issues related to encrypted metadata.
+Passbolt v5.4.0 ships with encrypted metadata and the accompanying new resource types promoted to stable. These capabilities have been battle-tested for months, and the last remaining edge cases have been smoothed out so they can now be enabled for everyone.
 
-The new clipboard flush timer lets you copy secrets just long enough to use them; clipboard data is automatically cleared when the countdown (30s) expires, significantly reducing the risk of accidental exposure or leaks from forgotten clipboard content.
+Removing the beta label means that every new instance starts with encrypted metadata activated by default. As a result, features introduced in previous releases, such as icons, multiple URIs and custom fields, are available from day one without any action from end-users.
 
-Additionally, SSO admin-settings edit endpoints of self-hosted instances can now be locked, reducing potential exposure to scans if an administrator account is compromised. You can verify if this protection is active, and get instructions on how to set it up, by running the health check via the server command line.
+For existing instances, the activation process has been simplified: administrators can decide with a single click whether their organisation is ready or would prefer to postpone the launch. Once enabled, the instance immediately supports the new resource types and their extended capabilities. Because the change may disrupt external integrations, existing content is not migrated automatically; migration remains the responsibility of content owners or administrators. It can be performed item-by-item in the resource workspace or organisation-wide with the resource-metadata administration migration tool.
 
-This update also resolves several encrypted metadata issues, moving the feature closer to general availability. Organizations can now enable encrypted metadata even if users have imported their own more complex keys (e.g. keys that were set to expire at some point), streamlining adoption for advanced users. Admin changes are smoother too: if the original metadata-enabling administrator leaves, newly invited users will still receive the metadata key automatically, removing the need for manual distribution. Lastly, users who owned shared resources using the new encrypted metadata format can now be deleted without issue, as ownership transfer is now handled correctly during the deletion process.
+Revisiting resource capabilities was also an opportunity to increase the maximum size of secret notes to 50 000 characters, leaving ample room for full certificate chains, keys of any flavour or any long text you need to keep encrypted.
 
-A big thank you to all testers who helped refine these features. If you’re new to any of them, we welcome your feedback on the community forum or through your usual support channels!
+This release further improves cryptographic performance by introducing elliptic-curve keys (Curve25519/Ed25519) for new users. These keys provide security comparable to RSA-3072 while significantly reducing processing time and payload size.
 
-### Added
-- PB-25265 Flush clipboard strategy
-- PB-43095 Display the metadata issue in the HealthCheck served by the UI
-- PB-43403 Search resources should take into account available custom fields information in the web application
+Performance has been tuned for large organisations that manage substantial numbers of users or resources. Among other improvements: Users' workspace now opens more quickly, and deleting multiple resources generates fewer I/O operations.
+
+Czech joins the list of supported languages, allowing native speakers to use Passbolt entirely in their own words, vítejte!
 
-### Improved
-- PB-43474 As LU I should be able to clear the search field with a button
+Many thanks to everyone who reported issues and tested encrypted metadata over the past months. Your feedback made this release possible and brings these new features to all users today.
+
+### Added
+- PB-44201: E2EE The organisation settings offer now a simplified way to activate metadata encryption and the new resource types
+- PB-42205: E2EE encrypted metadata and new resource types are activated by default after the first administrator setup
+- PB-43255: Add support for multiple uri import export on kdbx files
+- PB-43110: ZK - WP4.2 As a signed-in user I should not be allowed to upgrade resources with missing key situation
+- PB-43712: Translate the application in Czech
+- PB-43939: ZK - WP3.2 Add an app event to get or find the metadata keys settings
+- PB-43980: Add support for custom field import export on kdbx files
+- PB-44080: ZK - WP4.1 Create a dialog explaining the missing key situation
+- PB-44081: ZK - WP4.3 As a signed-in user I should not be allowed to create resources with missing key situation in the resource workspace
+- PB-44090: ZK - WP4.4 As a signed-in user I should not be allowed to edit resources with missing key situation
+- PB-44091: ZK - WP4.5 As a signed-in user I should not be allowed to share resources with missing key situation
+- PB-44094: ZK - WP4.6 As a signed-in user I should not be allowed to import resources with missing key situation
+- PB-44095: ZK - WP4.7 As a signed-in user I should not be allowed to move resources with missing key situation
+- PB-44096: ZK - WP4.8 As a signed-in user I should not be allowed to move folders with missing key situation
+- PB-44097: ZK - WP4.9 Display a page explaining the missing key situation on the quick app
+- PB-44098: ZK - WP4.10 As a signed-in user I should not be allowed to create resources with missing key situation in the quick app
+- PB-44099: ZK - WP4.11 As a signed-in user I should not be allowed to generate password on the inform menu
+- PB-44206: ZK - WP4.14 As administrators I cannot trigger the encrypted metadata migration if I have missing metadata keys
+- PB-44211: ZK - WP3.5 Add MetadataKeysSettingsLocalStorageContextProvider to the App and the quick-app and the inform menu
+- PB-44212: CU - WP5.2 Update ExternalResourceEntity buildDtoFromResourceEntityDto to support custom fields
+- PB-44286: ZK - WP3.6 Add a quick app and inform menu event to get the metadata keys settings
+- PB-44295: ZK - WP4.15 As a signed-in user with missing keys I should not be able to create resource if metadata shared key is enforced on the inform menu
+- PB-44296: ZK - WP4.16 As a signed-in user I should not be allowed to move shared folders into personal folders with missing key situation
+- PB-44327: Display sub-folders in breadcrumbs
+- PB-44374: Extend notes v5 max length to 50_000
 
 ### Fixed
-- PB-43916 Fix hitting the key enter on the search fields
-- PB-43996 Users should access encrypted metadata section of the administration guide on the help site when clicking on the documentation CTA from the sidebar
+- PB-43296: Displaying resource activities should not crash the application when a resource activity does not have related user or group
+- PB-43652: The sentence to change the passphrase in the user settings workspace should have a space after.
+- PB-43657: Resources loading became noticeably slower after migrating to encrypted
+- PB-43667: Cancelling the user passphrase request should not trigger an error when sharing missing metadata key
+- PB-43676: Cancelling the user passphrase should not freeze the create resource dialog
+- PB-43719: After importing resources from Bitwarden the URIs are not separated correctly
+- PB-43784: Display the progression of the encryption of metadata in the import dialog
+- PB-43906: User should be notified of any errors while loading comments
+- PB-44079: Update/Create a method in resourceLocalStorage.js to bulk delete resources
+- PB-44161: As a user I should not see the resource description and note warning message if only one of them is concerned
+- PB-44273: Activities are not loaded when new resource is clicked after load more activities of a previous resource
 
 ### Maintenance
-- PB-43491 The resource activities should use a service worker service to request the service worker
-- PB-43496 The user should be notified if an error occurs while displaying additional resource activities
-- PB-43501 Cover ActionLogService API service and rename class as per naming convention
-- PB-43502 Move logic of ActionLogModel into FindActionLogService
-- PB-43506 Move logic of event passbolt.actionlogs.find-all-for into its dedicated Controller
-- PB-43738 Create DeleteUserService to call the userService deleteDryRun
-- PB-43739 Create DeleteDryRunUserController to call the DeleteUserService
-- PB-43750 An unexpected error should be displayed on delete user
-- PB-43904 Add a service to request or send data CommentsServiceWorkerService
-- PB-43907 Add tests for commentService API service and rename the service class as per naming convention
-- PB-43938 Create a GetOrFindMetadataKeysSettingsController to retrieve the metadata keys settings
-- PB-43940 Create a MetadataKeysSettingsLocalStorageContextProvider to retrieve the metadata keys settings
+- PB-43585: Azure SSO login_hint settings can now be configured
+- PB-43908: Move logic of commentModel file to a service and update assertions in controllers
+- PB-44076: Create a Controller to handle Resource Delete
+- PB-44077: Create a dedicated Service to handle resource deletion
+- PB-44396: the endpoint complete/recover.json is now used instead of the legacy endpoint
+
+### Security
+- PB-43730: Upgrade vulnerable library brace-expansion

package/crowdin.yml

@@ -20,4 +20,5 @@ export_languages:
   - sl
   - sv
   - uk
+  - cs
 commit_message: '[skip-ci]'

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "passbolt-browser-extension",
-  "version": "5.3.2",
+  "version": "5.4.0",
   "license": "AGPL-3.0",
   "copyright": "Copyright 2025 Passbolt SA",
   "description": "Passbolt web extension for the open source password manager for teams",
@@ -22,7 +22,7 @@
     "locutus": "~2.0.9",
     "openpgp": "^6.1.1",
     "papaparse": "^5.5.2",
-    "passbolt-styleguide": "^5.3.2",
+    "passbolt-styleguide": "^5.4.3",
     "react": "17.0.2",
     "react-dom": "17.0.2",
     "secrets-passbolt": "github:passbolt/secrets.js#v2.0.1",
@@ -75,7 +75,8 @@
       "cheerio": {
         "undici": "6.21.2"
       }
-    }
+    },
+    "brace-expansion": "^1.1.12"
   },
   "scripts": {
     "build": "npx grunt build",

package/src/all/_locales/cs/messages.json

@@ -0,0 +1,10 @@
+{
+  "appName": {
+    "message": "Passbolt - Open source správce hesel",
+    "description": "The application name of the extension, displayed in the web store. 45 characters max."
+  },
+  "appDescription": {
+    "message": "Rozšíření Passbolt pro open source správce hesel pro týmy.",
+    "description": "The description of the extension, displayed in the web store. 85 characters max."
+  }
+}

package/src/all/background_page/controller/InformMenuController/InformMenuController.js

@@ -88,13 +88,13 @@ class InformMenuController {
     const webIntegrationWorker = await WorkerService.get('WebIntegration', this.worker.tab.id);
     const {username, password: secret_clear} = await webIntegrationWorker.port.request('passbolt.web-integration.get-credentials');
 
-    // Retrieve resource name and uri from tab.
+    // Retrieve resource name and uris from tab.
     const tab = await BrowserTabService.getCurrent();
     const name = tab.title;
-    const uri = tab.url.substr(0, ResourceMetadataEntity.URI_MAX_LENGTH);
+    const uris = [tab.url.substr(0, ResourceMetadataEntity.URI_MAX_LENGTH)];
 
     // Store the resource to save in cache.
-    const resourceDto = {name: name, username: username, uri: uri, secret_clear: secret_clear};
+    const resourceDto = {name: name, username: username, uris: uris, secret_clear: secret_clear};
     const resource = new ExternalResourceEntity(resourceDto);
     await ResourceInProgressCacheService.set(resource);
 

package/src/all/background_page/controller/auth/redirectPostLoginController.js

@@ -0,0 +1,57 @@
+/**
+ * Passbolt ~ Open source password manager for teams
+ * Copyright (c) Passbolt SA (https://www.passbolt.com)
+ *
+ * Licensed under GNU Affero General Public License version 3 of the or any later version.
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
+ * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
+ * @link          https://www.passbolt.com Passbolt(tm)
+ * @since         5.4.0
+ */
+
+export default class RedirectPostLoginController {
+  /**
+   * @constructor
+   * @param {Worker} worker
+   * @param {string} requestId
+   * @param {AbstractAccountEntity} apiClientOptions the api client options
+   */
+  constructor(worker, requestId, account) {
+    this.worker = worker;
+    this.requestId = requestId;
+    this.account = account;
+  }
+
+  /**
+   * Controller executor.
+   * @returns {Promise<void>}
+   */
+  async _exec() {
+    try {
+      await this.exec();
+      this.worker.port.emit(this.requestId, 'SUCCESS');
+    } catch (error) {
+      console.error(error);
+      this.worker.port.emit(this.requestId, 'ERROR', error);
+    }
+  }
+
+  /**
+   * Redirects the user to the app main page
+   * or to the redirect url if a `redirect` parameter is given in the worker URL.
+   * @returns {Promise<void>}
+   */
+  async exec() {
+    const workerUrl = new URL(this.worker.tab.url);
+    const redirectTo = workerUrl.searchParams.get("redirect");
+
+    const url = /^\/[A-Za-z0-9\-\/]*$/.test(redirectTo)
+      ? `${this.account.domain}${redirectTo}`
+      : this.account.domain;
+
+    chrome.tabs.update(this.worker.tab.id, {url});
+  }
+}

package/src/all/background_page/controller/auth/redirectPostLoginController.test.js

@@ -0,0 +1,82 @@
+/**
+ * Passbolt ~ Open source password manager for teams
+ * Copyright (c) Passbolt SA (https://www.passbolt.com)
+ *
+ * Licensed under GNU Affero General Public License version 3 of the or any later version.
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
+ * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
+ * @link          https://www.passbolt.com Passbolt(tm)
+ * @since         5.4.0
+ */
+
+import AccountEntity from "../../model/entity/account/accountEntity";
+import {defaultAccountDto} from "../../model/entity/account/accountEntity.test.data";
+import RedirectPostLoginController from "./redirectPostLoginController";
+
+beforeEach(() => {
+  jest.resetAllMocks();
+});
+
+describe("RedirectPostLoginController", () => {
+  describe("::exec", () => {
+    it("should redirect to the main entry point if no redirect is set", async() => {
+      expect.assertions(2);
+
+      const worker = {
+        tab: {
+          id: 42,
+          url: "https://www.passbolt.com/test",
+        },
+      };
+      const account = new AccountEntity(defaultAccountDto());
+      const controller = new RedirectPostLoginController(worker, null, account);
+      jest.spyOn(chrome.tabs, "update").mockImplementation(() => {});
+
+      await controller.exec();
+
+      expect(chrome.tabs.update).toHaveBeenCalledTimes(1);
+      expect(chrome.tabs.update).toHaveBeenCalledWith(worker.tab.id, {url: account.domain});
+    });
+
+    it("should redirect to the given URL if a redirect is set", async() => {
+      expect.assertions(2);
+
+      const worker = {
+        tab: {
+          id: 42,
+          url: "https://www.passbolt.com/test?redirect=/app/administration",
+        },
+      };
+      const account = new AccountEntity(defaultAccountDto());
+      const controller = new RedirectPostLoginController(worker, null, account);
+      jest.spyOn(chrome.tabs, "update").mockImplementation(() => {});
+
+      await controller.exec();
+
+      expect(chrome.tabs.update).toHaveBeenCalledTimes(1);
+      expect(chrome.tabs.update).toHaveBeenCalledWith(worker.tab.id, {url: `${account.domain}/app/administration`});
+    });
+
+    it("should not redirect to the given URL if it is not valid", async() => {
+      expect.assertions(2);
+
+      const worker = {
+        tab: {
+          id: 42,
+          url: "https://www.passbolt.com/test?redirect=https://localhost",
+        },
+      };
+      const account = new AccountEntity(defaultAccountDto());
+      const controller = new RedirectPostLoginController(worker, null, account);
+      jest.spyOn(chrome.tabs, "update").mockImplementation(() => {});
+
+      await controller.exec();
+
+      expect(chrome.tabs.update).toHaveBeenCalledTimes(1);
+      expect(chrome.tabs.update).toHaveBeenCalledWith(worker.tab.id, {url: account.domain});
+    });
+  });
+});

package/src/all/background_page/controller/auth/redirectToAdminWorkspaceController.js

@@ -0,0 +1,50 @@
+/**
+ * Passbolt ~ Open source password manager for teams
+ * Copyright (c) Passbolt SA (https://www.passbolt.com)
+ *
+ * Licensed under GNU Affero General Public License version 3 of the or any later version.
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
+ * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
+ * @link          https://www.passbolt.com Passbolt(tm)
+ * @since         5.4.0
+ */
+
+export default class RedirectToAdminWorkspaceController {
+  /**
+   * @constructor
+   * @param {Worker} worker
+   * @param {string} requestId
+   * @param {AbstractAccountEntity} apiClientOptions the api client options
+   */
+  constructor(worker, requestId, account) {
+    this.worker = worker;
+    this.requestId = requestId;
+    this.account = account;
+  }
+
+  /**
+   * Controller executor.
+   * @returns {Promise<void>}
+   */
+  async _exec() {
+    try {
+      await this.exec();
+      this.worker.port.emit(this.requestId, 'SUCCESS');
+    } catch (error) {
+      console.error(error);
+      this.worker.port.emit(this.requestId, 'ERROR', error);
+    }
+  }
+
+  /**
+   * Redirects the user to the admin workspace
+   * @returns {Promise<void>}
+   */
+  async exec() {
+    const url = `${this.account.domain}/app/administration`;
+    chrome.tabs.update(this.worker.tab.id, {url});
+  }
+}

package/src/all/background_page/controller/auth/redirectToAdminWorkspaceController.test.js

@@ -0,0 +1,45 @@
+/**
+ * Passbolt ~ Open source password manager for teams
+ * Copyright (c) Passbolt SA (https://www.passbolt.com)
+ *
+ * Licensed under GNU Affero General Public License version 3 of the or any later version.
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
+ * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
+ * @link          https://www.passbolt.com Passbolt(tm)
+ * @since         5.4.0
+ */
+
+import AccountEntity from "../../model/entity/account/accountEntity";
+import {defaultAccountDto} from "../../model/entity/account/accountEntity.test.data";
+import RedirectToAdminWorkspaceController from "./redirectToAdminWorkspaceController";
+
+beforeEach(() => {
+  jest.resetAllMocks();
+});
+
+describe("RedirectToAdminWorkspaceController", () => {
+  describe("::exec", () => {
+    it("should redirect to the administration workspace", async() => {
+      expect.assertions(2);
+
+      const worker = {
+        tab: {
+          id: 42,
+        },
+      };
+      const account = new AccountEntity(defaultAccountDto());
+      const expectedUrl = `${account.domain}/app/administration`;
+      console.log(expectedUrl);
+      const controller = new RedirectToAdminWorkspaceController(worker, null, account);
+      jest.spyOn(chrome.tabs, "update").mockImplementation(() => {});
+
+      await controller.exec();
+
+      expect(chrome.tabs.update).toHaveBeenCalledTimes(1);
+      expect(chrome.tabs.update).toHaveBeenCalledWith(worker.tab.id, {url: expectedUrl});
+    });
+  });
+});

package/src/all/background_page/controller/comment/createCommentController.js

@@ -12,7 +12,7 @@
  * @since         3.8.0
  */
 
-import CommentModel from "../../model/comment/commentModel";
+import CommentService from "../../model/comment/commentService";
 import CommentEntity from "../../model/entity/comment/commentEntity";
 
 class CreateCommentController {
@@ -25,7 +25,7 @@ class CreateCommentController {
   constructor(worker, requestId, apiClientOptions) {
     this.worker = worker;
     this.requestId = requestId;
-    this.commentModel = new CommentModel(apiClientOptions);
+    this.commentService = new CommentService(apiClientOptions);
   }
 
   /**
@@ -50,7 +50,7 @@ class CreateCommentController {
    * @return {Promise<CommentEntity>} The created comment.
    */
   async exec(commentDto) {
-    return this.commentModel.create(new CommentEntity(commentDto));
+    return this.commentService.create(new CommentEntity(commentDto));
   }
 }
 

package/src/all/background_page/controller/comment/createCommentController.test.js

@@ -19,7 +19,7 @@ import {mockApiResponse} from "../../../../../test/mocks/mockApiResponse";
 import CreateCommentController from "./createCommentController";
 import {v4 as uuidv4} from "uuid";
 import EntityValidationError from "passbolt-styleguide/src/shared/models/entity/abstract/entityValidationError";
-import CommentModel from "../../model/comment/commentModel";
+import CommentService from "../../model/comment/commentService";
 import {defaultCommentDto} from "passbolt-styleguide/src/shared/models/entity/comment/commentEntity.test.data";
 
 beforeEach(async() =>  {
@@ -52,14 +52,14 @@ describe("CreateCommentController", () => {
 
       expect(controller.worker).toBe(mockedWorker);
       expect(controller.requestId).toBe(requestId);
-      expect(controller.commentModel).toEqual(expect.objectContaining(new CommentModel(apiClientOption)));
+      expect(controller.commentService).toEqual(expect.objectContaining(new CommentService(apiClientOption)));
     });
   });
   describe("CreateCommentController::exec", () => {
     it("Should create the comment and send the result back.", async() => {
       fetchCommentsMock();
       const controller = new CreateCommentController(null, null, defaultApiClientOptions());
-      const spy = jest.spyOn(controller.commentModel, "create");
+      const spy = jest.spyOn(controller.commentService, "create");
       const createdComment = await controller.exec(mockApiCreation);
 
       expect.assertions(2);
@@ -72,7 +72,7 @@ describe("CreateCommentController", () => {
       const mockedError = new TypeError("Unable to reach the server, an unexpected error occurred");
       fetch.doMock(() => { throw mockedError; });
       const controller = new CreateCommentController(mockedWorker, null, defaultApiClientOptions());
-      const spy = jest.spyOn(controller.commentModel, "create");
+      const spy = jest.spyOn(controller.commentService, "create");
 
       expect.assertions(2);
 
@@ -93,7 +93,7 @@ describe("CreateCommentController", () => {
       const mockedError = new TypeError("Unable to reach the server, you are not connected to the network");
       fetch.doMock(() => { throw mockedError; });
       const controller = new CreateCommentController(mockedWorker, null, defaultApiClientOptions());
-      const spy = jest.spyOn(controller.commentModel, "create");
+      const spy = jest.spyOn(controller.commentService, "create");
 
       expect.assertions(2);
 

package/src/all/background_page/controller/comment/deleteCommentController.js

@@ -12,7 +12,7 @@
  * @since         3.8.0
  */
 
-import CommentModel from "../../model/comment/commentModel";
+import CommentService from "../../model/comment/commentService";
 import Validator from "validator";
 
 class DeleteCommentController {
@@ -25,7 +25,7 @@ class DeleteCommentController {
   constructor(worker, requestId, apiClientOptions) {
     this.worker = worker;
     this.requestId = requestId;
-    this.commentModel = new CommentModel(apiClientOptions);
+    this.commentService = new CommentService(apiClientOptions);
   }
 
   /**
@@ -59,7 +59,7 @@ class DeleteCommentController {
       throw new Error("The comment id should be a valid uuid.");
     }
 
-    await this.commentModel.delete(commentId);
+    await this.commentService.delete(commentId);
   }
 }
 

package/src/all/background_page/controller/comment/deleteCommentController.test.js

@@ -17,7 +17,7 @@ import DeleteCommentController from "./deleteCommentController";
 import {defaultApiClientOptions} from "passbolt-styleguide/src/shared/lib/apiClient/apiClientOptions.test.data";
 import {mockApiResponse} from "../../../../../test/mocks/mockApiResponse";
 import {enableFetchMocks} from "jest-fetch-mock";
-import CommentModel from "../../model/comment/commentModel";
+import CommentService from "../../model/comment/commentService";
 import MockExtension from "../../../../../test/mocks/mockExtension";
 
 const mockedWorker = {
@@ -47,7 +47,7 @@ describe("DeleteCommentController", () => {
 
       expect(controller.worker).toBe(mockedWorker);
       expect(controller.requestId).toBe(requestId);
-      expect(controller.commentModel).toEqual(expect.objectContaining(new CommentModel(apiClientOption)));
+      expect(controller.commentService).toEqual(expect.objectContaining(new CommentService(apiClientOption)));
     });
   });
   describe("DeleteCommentController::exec", () => {
@@ -55,7 +55,7 @@ describe("DeleteCommentController", () => {
       fetchCommentsMock();
 
       const controller = new DeleteCommentController(mockedWorker, null, defaultApiClientOptions());
-      const spy = jest.spyOn(controller.commentModel, "delete");
+      const spy = jest.spyOn(controller.commentService, "delete");
       await controller.exec(id);
 
       expect.assertions(2);

package/src/all/background_page/controller/comment/getCommentsByRessourceIdController.js

@@ -12,7 +12,7 @@
  * @since         3.8.0
  */
 
-import CommentModel from "../../model/comment/commentModel";
+import CommentService from "../../model/comment/commentService";
 import Validator from "validator";
 
 class GetCommentsByRessourceController {
@@ -25,7 +25,7 @@ class GetCommentsByRessourceController {
   constructor(worker, requestId, apiClientOptions) {
     this.worker = worker;
     this.requestId = requestId;
-    this.commentModel =  new CommentModel(apiClientOptions);
+    this.commentService =  new CommentService(apiClientOptions);
   }
 
   /**
@@ -60,7 +60,7 @@ class GetCommentsByRessourceController {
       throw new TypeError("The resource id should be a valid uuid.");
     }
 
-    return this.commentModel.findAllByResourceId(resourceId);
+    return this.commentService.findAllByResourceId(resourceId);
   }
 }
 

package/src/all/background_page/controller/comment/getCommentsByRessourceidController.test.js

@@ -48,7 +48,7 @@ describe("GetCommentsByRessourceController", () => {
 
       expect(controller.worker).toBe(mockedWorker);
       expect(controller.requestId).toBe(requestId);
-      expect(controller.commentModel).toBeDefined();
+      expect(controller.commentService).toBeDefined();
     });
   });
   describe("GetCommentsByRessourceController::exec", () => {
@@ -58,7 +58,7 @@ describe("GetCommentsByRessourceController", () => {
       fetchCommentsMock();
       const resourceId = uuidv4();
       const controller = new GetCommentsByRessourceController(null, null, defaultApiClientOptions());
-      const spy = jest.spyOn(controller.commentModel, "findAllByResourceId");
+      const spy = jest.spyOn(controller.commentService, "findAllByResourceId");
       const commentsCollectionDto = await controller.exec(resourceId);
 
       expect(commentsCollectionDto.items.length).toBe(4);