passbolt-browser-extension 5.3.2 → 5.4.1

package/src/all/background_page/controller/permission/FindAcoPermissionsForDisplayController.js

@@ -68,6 +68,7 @@ class FindAcoPermissionsForDisplayController {
     } else if (acoType === PermissionEntity.ACO_FOLDER) {
       // TODO: Should be adapted when API V5 can return permissions with folder id to use the same service than resources
       const folderEntity = await this.findFolderService.findByIdWithPermissions(acoId);
+      folderEntity.permissions.sort();
       return folderEntity.permissions;
     }
   }

package/src/all/background_page/controller/quickaccess/consumeInProgressCreationResourceController.js

@@ -0,0 +1,53 @@
+/**
+ * Passbolt ~ Open source password manager for teams
+ * Copyright (c) Passbolt SA (https://www.passbolt.com)
+ *
+ * Licensed under GNU Affero General Public License version 3 of the or any later version.
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
+ * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
+ * @link          https://www.passbolt.com Passbolt(tm)
+ * @since         5.4.0
+ */
+
+import ResourceInProgressCacheService from "../../service/cache/resourceInProgressCache.service";
+
+class ConsumeInProgressCreationResourceController {
+  /**
+   * ConsumeInProgressCreationResourceController constructor
+   * @param {Worker} worker
+   * @param {string} requestId uuid
+   */
+  constructor(worker, requestId) {
+    this.worker = worker;
+    this.requestId = requestId;
+  }
+
+  /**
+   * Controller executor.
+   * @returns {Promise<void>}
+   */
+  async _exec() {
+    try {
+      const result = await this.exec.apply(this, arguments);
+      this.worker.port.emit(this.requestId, 'SUCCESS', result);
+    } catch (error) {
+      console.error(error);
+      this.worker.port.emit(this.requestId, 'ERROR', error);
+    }
+  }
+
+  /**
+   * Consume the resource in progress and handle URIs.
+   *
+   * @returns {Promise<{resourceDto>}}
+   */
+  async exec() {
+    const resourceInProgress = await ResourceInProgressCacheService.consume() || {};
+    return resourceInProgress;
+  }
+}
+
+export default ConsumeInProgressCreationResourceController;

package/src/all/background_page/controller/quickaccess/consumeInProgressCreationResourceController.test.js

@@ -0,0 +1,40 @@
+/**
+ * Passbolt ~ Open source password manager for teams
+ * Copyright (c) Passbolt SA (https://www.passbolt.com)
+ *
+ * Licensed under GNU Affero General Public License version 3 of the or any later version.
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
+ * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
+ * @link          https://www.passbolt.com Passbolt(tm)
+ * @since         5.4.0
+ */
+import ConsumeInProgressCreationResourceController from "./consumeInProgressCreationResourceController";
+import ResourceInProgressCacheService from "../../service/cache/resourceInProgressCache.service";
+import ExternalResourceEntity from "../../model/entity/resource/external/externalResourceEntity";
+import {defaultExternalResourceDto} from "../../model/entity/resource/external/externalResourceEntity.test.data";
+
+describe("ConsumeInProgressCreationResourceController", () => {
+  describe("::exec", () => {
+    it("should return the resource in cache and clear the cache", async() => {
+      expect.assertions(3);
+
+      const fakeResource = new ExternalResourceEntity(defaultExternalResourceDto());
+      jest.spyOn(ResourceInProgressCacheService, "consume");
+
+      const controller = new ConsumeInProgressCreationResourceController();
+
+      let result = await controller.exec();
+
+      expect(result).toEqual({});
+
+      await ResourceInProgressCacheService.set(fakeResource, Number.MAX_SAFE_INTEGER);
+      result = await controller.exec();
+      expect(result).toEqual(fakeResource.toDto());
+
+      expect(ResourceInProgressCacheService.consume).toHaveBeenCalled();
+    });
+  });
+});

package/src/all/background_page/controller/quickaccess/prepareResourceController.js

@@ -0,0 +1,64 @@
+/**
+ * Passbolt ~ Open source password manager for teams
+ * Copyright (c) Passbolt SA (https://www.passbolt.com)
+ *
+ * Licensed under GNU Affero General Public License version 3 of the or any later version.
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
+ * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
+ * @link          https://www.passbolt.com Passbolt(tm)
+ * @since         5.4.0
+ */
+
+import resourceInProgressCacheService from "../../service/cache/resourceInProgressCache.service";
+import BrowserTabService from "../../service/ui/browserTab.service";
+
+class PrepareResourceController {
+  /**
+   * PrepareResourceController constructor
+   * @param {Worker} worker
+   * @param {string} requestId uuid
+   */
+  constructor(worker, requestId) {
+    this.worker = worker;
+    this.requestId = requestId;
+  }
+
+  /**
+   * Controller executor.
+   * @returns {Promise<void>}
+   */
+  async _exec() {
+    try {
+      const result = await this.exec.apply(this, arguments);
+      this.worker.port.emit(this.requestId, 'SUCCESS', result);
+    } catch (error) {
+      console.error(error);
+      this.worker.port.emit(this.requestId, 'ERROR', error);
+    }
+  }
+
+  /**
+   * Prepare to create a new resource.
+   *
+   * @param {string} tabId The tab id
+   * @returns {Promise<{name: string, uri: sttring} | resourceDto>}
+   */
+  async exec(tabId) {
+    const resourceInProgress = await resourceInProgressCacheService.consume();
+    if (resourceInProgress !== null) {
+      return resourceInProgress;
+    }
+
+    // Retrieve resource name and uri from tab.
+    const tab = tabId
+      ? await BrowserTabService.getById(tabId)
+      : await BrowserTabService.getCurrent();
+
+    return {name: tab.title, uris: [tab.url]};
+  }
+}
+
+export default PrepareResourceController;

package/src/all/background_page/controller/quickaccess/prepareResourceController.test.js

@@ -0,0 +1,73 @@
+/**
+ * Passbolt ~ Open source password manager for teams
+ * Copyright (c) Passbolt SA (https://www.passbolt.com)
+ *
+ * Licensed under GNU Affero General Public License version 3 of the or any later version.
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
+ * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
+ * @link          https://www.passbolt.com Passbolt(tm)
+ * @since         5.4.0
+ */
+import BrowserTabService from "../../service/ui/browserTab.service";
+import PrepareResourceController from "./prepareResourceController";
+import {defaultResourceDto} from "passbolt-styleguide/src/shared/models/entity/resource/resourceEntity.test.data";
+
+describe("PrepareResourceController", () => {
+  describe("::exec", () => {
+    it("should return the resource in cache and clear the cache", async() => {
+      expect.assertions(2);
+
+      const controller = new PrepareResourceController();
+      const expectedResult = defaultResourceDto();
+
+      await browser.storage.session.set({"resourceInProgress": expectedResult});
+
+      const result = await controller.exec();
+
+      expect(result).toStrictEqual(expectedResult);
+
+      const cache = await browser.storage.session.get("resourceInProgress");
+      expect(cache["resourceInProgress"]).toBeFalsy();
+    });
+
+    it("should return the information from the tab if the cache is empty", async() => {
+      expect.assertions(2);
+
+      const controller = new PrepareResourceController();
+      const mockedTabInfo = {
+        title: "page from test",
+        url: 'https://www.passbolt.com',
+      };
+
+      await browser.storage.session.set({"resourceInProgress": null});
+      jest.spyOn(BrowserTabService, "getCurrent").mockImplementation(() => mockedTabInfo);
+
+      const result = await controller.exec();
+
+      expect(result.name).toStrictEqual(mockedTabInfo.title);
+      expect(result.uris).toStrictEqual([mockedTabInfo.url]);
+    });
+
+    it("should return the information from the tab given a tabId if the cache is empty", async() => {
+      expect.assertions(2);
+
+      const controller = new PrepareResourceController();
+      const mockedTabInfo = {
+        title: "page from test",
+        url: 'https://www.passbolt.com',
+      };
+      const tabId = 42;
+
+      await browser.storage.session.set({"resourceInProgress": null});
+      jest.spyOn(BrowserTabService, "getById").mockImplementation(() => mockedTabInfo);
+
+      const result = await controller.exec(tabId);
+
+      expect(result.name).toStrictEqual(mockedTabInfo.title);
+      expect(result.uris).toStrictEqual([mockedTabInfo.url]);
+    });
+  });
+});

package/src/all/background_page/controller/resource/resourceDeleteController.js

@@ -0,0 +1,67 @@
+/**
+ * Passbolt ~ Open source password manager for teams
+ * Copyright (c) Passbolt SA (https://www.passbolt.com)
+ *
+ * Licensed under GNU Affero General Public License version 3 of the or any later version.
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
+ * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
+ * @link          https://www.passbolt.com Passbolt(tm)
+ * @since         5.4.0
+ */
+import DeleteResourceService from "../../service/resource/delete/deleteResourceService";
+import ProgressService from "../../service/progress/progressService";
+import i18n from "../../sdk/i18n";
+
+class ResourceDeleteController {
+  /**
+   * ResourceDeleteController constructor
+   * @param {Worker} worker
+   * @param {string} requestId
+   * @param {ApiClientOptions} apiClientOptions the api client options
+   * @param {AccountEntity} account The account associated to the worker.clientOptions
+   */
+  constructor(worker, requestId, apiClientOptions, account) {
+    this.worker = worker;
+    this.requestId = requestId;
+    this.progressService = new ProgressService(this.worker, i18n.t("Delete Resources"));
+    this.resourceDeleteService = new DeleteResourceService(account, apiClientOptions, this.progressService);
+  }
+
+  /**
+   * Controller executor.
+   * @param {Array<string>} resourceIds The resourceIds to delete
+   * @returns {Promise<void>}
+   */
+  async _exec(resourceIds) {
+    try {
+      await this.exec(resourceIds);
+      this.worker.port.emit(this.requestId, 'SUCCESS');
+    } catch (error) {
+      console.error(error);
+      this.worker.port.emit(this.requestId, 'ERROR', error);
+    }
+  }
+
+  /**
+   * Delete resources.
+   * @param {Array<string>} resourceIds The resourceIds
+   * @returns {Promise<void>}
+   */
+  async exec(resourceIds) {
+    const steps = 2;
+    this.progressService.start(steps, i18n.t('Deleting Resource(s)'));
+    this.progressService.title = i18n.t("Delete {{count}} resource(s)", {count: resourceIds.length});
+
+    try {
+      await this.resourceDeleteService.deleteResources(resourceIds);
+      this.progressService.finishStep(i18n.t('Done!'), true);
+    } finally {
+      this.progressService.close();
+    }
+  }
+}
+
+export default ResourceDeleteController;

package/src/all/background_page/controller/resource/resourceDeleteController.test.js

@@ -0,0 +1,114 @@
+/**
+ * Passbolt ~ Open source password manager for teams
+ * Copyright (c) Passbolt SA (https://www.passbolt.com)
+ *
+ * Licensed under GNU Affero General Public License version 3 of the or any later version.
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
+ * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
+ * @link          https://www.passbolt.com Passbolt(tm)
+ * @since         5.4.0
+ */
+import {defaultApiClientOptions} from "passbolt-styleguide/src/shared/lib/apiClient/apiClientOptions.test.data";
+import AccountEntity from "../../model/entity/account/accountEntity";
+import {defaultAccountDto} from "../../model/entity/account/accountEntity.test.data";
+import ResourceDeleteController from "./resourceDeleteController";
+import {enableFetchMocks} from "jest-fetch-mock";
+import {v4 as uuidv4} from "uuid";
+
+jest.mock("../../service/progress/progressService");
+
+beforeEach(() => {
+  enableFetchMocks();
+  fetch.resetMocks();
+});
+
+describe("ResourceDeleteController", () => {
+  let controller, worker;
+
+  beforeEach(() => {
+    worker = {
+      port: {
+        emit: jest.fn()
+      }
+    };
+  });
+
+  describe("::exec", () => {
+    it("should call deletion of IDs for the requested ids", async() => {
+      expect.assertions(6);
+      const account = new AccountEntity(defaultAccountDto());
+      const apiClientOptions = defaultApiClientOptions();
+      controller = new ResourceDeleteController(worker, null, apiClientOptions, account);
+
+      const resourceId1 = uuidv4();
+      const resourceId2 = uuidv4();
+      const resourceId3 = uuidv4();
+
+      jest.spyOn(controller.resourceDeleteService, "deleteResources").mockImplementation(() => {});
+
+      await controller.exec([resourceId1, resourceId2, resourceId3]);
+
+      expect(controller.progressService.start).toHaveBeenCalledTimes(1);
+      expect(controller.progressService.start).toHaveBeenCalledWith(2, "Deleting Resource(s)");
+      expect(controller.progressService.close).toHaveBeenCalledTimes(1);
+      expect(controller.progressService.finishStep).toHaveBeenCalledTimes(1);
+
+      expect(controller.resourceDeleteService.deleteResources).toHaveBeenCalledTimes(1);
+      expect(controller.resourceDeleteService.deleteResources).toHaveBeenCalledWith([resourceId1, resourceId2, resourceId3]);
+    });
+
+    it("Should close progressService when delete succeeds", async() => {
+      expect.assertions(1);
+
+      const account = new AccountEntity(defaultAccountDto());
+      const apiClientOptions = defaultApiClientOptions();
+      controller = new ResourceDeleteController(worker, null, apiClientOptions, account);
+
+      const resourceId1 = uuidv4();
+      const resourceId2 = uuidv4();
+      const resourceId3 = uuidv4();
+
+      jest.spyOn(controller.resourceDeleteService, "deleteResources").mockImplementation(() => {});
+
+      await controller.exec([resourceId1, resourceId2, resourceId3]);
+      expect(controller.progressService.close).toHaveBeenCalledTimes(1);
+    });
+
+    it("Should close progressService when deletion fails", async() => {
+      expect.assertions(1);
+      const account = new AccountEntity(defaultAccountDto());
+      const apiClientOptions = defaultApiClientOptions();
+      controller = new ResourceDeleteController(worker, null, apiClientOptions, account);
+
+      const resourceId1 = uuidv4();
+      const resourceId2 = uuidv4();
+      const resourceId3 = uuidv4();
+
+      jest.spyOn(controller.resourceDeleteService, "deleteResources").mockImplementation(() => { throw new Error(); });
+
+      try {
+        await controller.exec([resourceId1, resourceId2, resourceId3]);
+      } catch {
+        expect(controller.progressService.close).toHaveBeenCalledTimes(1);
+      }
+    });
+
+    it("Should throw an error if the resource IDs are not valid UUID array", async() => {
+      expect.assertions(1);
+
+      const account = new AccountEntity(defaultAccountDto());
+      const apiClientOptions = defaultApiClientOptions();
+      const controller = new ResourceDeleteController(null, null, apiClientOptions, account);
+
+      const expectedError = new TypeError("The given parameter is not a valid array of uuid");
+      try {
+        await controller.exec("42");
+      } catch (e) {
+        expect(e).toStrictEqual(expectedError);
+      }
+    });
+  });
+});

package/src/all/background_page/controller/resourceLocalStorage/resourceUpdateLocalStorageController.js

@@ -68,7 +68,7 @@ class ResourceUpdateLocalStorageController {
       }
       const passphrase =  await this.getPassphraseService.getPassphrase(this.worker);
       await PassphraseStorageService.set(passphrase, 60);
-      await this.findAndUpdateResourcesLocalStorage.findAndUpdateAll();
+      await this.findAndUpdateResourcesLocalStorage.findAndUpdateAll({}, passphrase);
     }
   }
 }

package/src/all/background_page/controller/resourceLocalStorage/resourceUpdateLocalStorageController.test.js

@@ -65,7 +65,7 @@ describe("ResourceUpdateLocalStorageController", () => {
     });
 
     it("requests the user passphrase whenever the decryption of the metadata requires it and try to load the data again", async() => {
-      expect.assertions(1);
+      expect.assertions(4);
 
       jest.spyOn(ResourceService.prototype, "findAll").mockImplementation(() => [defaultResourceDto(
         {
@@ -79,10 +79,14 @@ describe("ResourceUpdateLocalStorageController", () => {
       jest.spyOn(ResourceTypeService.prototype, "findAll").mockImplementation(() => resourceTypesCollectionDto());
       jest.spyOn(GetPassphraseService.prototype, "requestPassphrase").mockImplementation(() => pgpKeys.ada.passphrase);
       jest.spyOn(PassphraseStorageService, "set").mockImplementation(() => {});
+      jest.spyOn(controller.findAndUpdateResourcesLocalStorage, "findAndUpdateAll");
 
       await controller._exec();
 
       expect(PassphraseStorageService.set).toHaveBeenCalledWith(pgpKeys.ada.passphrase, 60);
+      expect(controller.findAndUpdateResourcesLocalStorage.findAndUpdateAll).toHaveBeenCalledTimes(2);
+      expect(controller.findAndUpdateResourcesLocalStorage.findAndUpdateAll).toHaveBeenNthCalledWith(1, {"updatePeriodThreshold": 10000});
+      expect(controller.findAndUpdateResourcesLocalStorage.findAndUpdateAll).toHaveBeenNthCalledWith(2, {}, pgpKeys.ada.passphrase);
     });
   });
 });

package/src/all/background_page/controller/setup/signInSetupController.js

@@ -80,19 +80,9 @@ class SignInSetupController {
       await PassphraseStorageService.set(temporaryAccount.passphrase, 60);
     }
     await PostLoginService.exec();
-    await this.redirectToApp(temporaryAccount.account.domain);
     // Clear all data in the temporary account session storage
     await AccountTemporarySessionStorageService.remove();
   }
-
-  /**
-   * Redirect the user to the application
-   * @param {string} url The url
-   * @returns {Promise<void>}
-   */
-  async redirectToApp(url) {
-    browser.tabs.update(this.worker.tab.id, {url});
-  }
 }
 
 export default SignInSetupController;

package/src/all/background_page/controller/setup/signInSetupController.test.js

@@ -37,10 +37,6 @@ beforeEach(() => {
 
 describe("SignInSetupController", () => {
   describe("SignInSetupController::exec", () => {
-    it.todo("Should sign-in the user.");
-
-    it.todo("Should redirect the user to the application.");
-
     it("Should throw an exception if the passphrase is not a valid.", async() => {
       const account = new AccountEntity(defaultAccountDto());
       const controller = new SignInSetupController({port: {_port: {name: "test"}}}, null, defaultApiClientOptions());
@@ -80,6 +76,7 @@ describe("SignInSetupController", () => {
     }, 10000);
 
     it("Should ask for SSO kits generation.", async() => {
+      expect.assertions(6);
       const organizationSettings = anonymousOrganizationSettings();
       organizationSettings.passbolt.plugins.sso = {
         enabled: true
@@ -89,7 +86,6 @@ describe("SignInSetupController", () => {
       jest.spyOn(browser.cookies, "get").mockImplementationOnce(() => ({value: "csrf-token"}));
       jest.spyOn(PassphraseStorageService, "set").mockImplementation(async() => {});
       jest.spyOn(PostLoginService, "exec").mockImplementation(async() => {});
-      jest.spyOn(browser.tabs, "update");
       jest.spyOn(KeepSessionAliveService, "start").mockImplementation(async() => {});
 
       SsoDataStorage.setMockedData(null);
@@ -104,14 +100,12 @@ describe("SignInSetupController", () => {
       jest.spyOn(controller.authVerifyLoginChallengeService, "verifyAndValidateLoginChallenge").mockImplementationOnce(jest.fn());
       jest.spyOn(AccountTemporarySessionStorageService, "remove");
 
-      expect.assertions(7);
       await controller.exec(true);
       expect(controller.authVerifyLoginChallengeService.verifyAndValidateLoginChallenge).toHaveBeenCalledWith(account.userKeyFingerprint, account.userPrivateArmoredKey, "ada@passbolt.com");
       expect(PassphraseStorageService.set).toHaveBeenCalledWith("ada@passbolt.com", -1);
       expect(PostLoginService.exec).toHaveBeenCalled();
       expect(GenerateSsoKitService.generate).toHaveBeenCalledWith("ada@passbolt.com", "azure");
       expect(GenerateSsoKitService.generate).toHaveBeenCalledTimes(1);
-      expect(browser.tabs.update).toHaveBeenCalledWith(1, {url: account.domain});
       expect(AccountTemporarySessionStorageService.remove).toHaveBeenCalledTimes(1);
     }, 10000);
 
@@ -141,18 +135,23 @@ describe("SignInSetupController", () => {
     });
 
     it("Should remember the passphrase during 1 minutes if not requested by the user.", async() => {
-      jest.spyOn(browser.cookies, "get").mockImplementationOnce(() => ({value: "csrf-token"}));
-      jest.spyOn(PassphraseStorageService, "set");
-      await MockExtension.withConfiguredAccount();
+      expect.assertions(3);
+
+      const userKeyInfo = pgpKeys.ada;
+      const passphrase = userKeyInfo.passphrase;
+      await MockExtension.withConfiguredAccount(userKeyInfo);
       const account = new AccountEntity(defaultAccountDto());
       const controller = new SignInSetupController({tab: {id: 1}, port: {_port: {name: "test"}}}, null, defaultApiClientOptions());
-
-      jest.spyOn(AccountTemporarySessionStorageService, "get").mockImplementationOnce(() => ({account: account, passphrase: "ada@passbolt.com"}));
+      jest.spyOn(browser.cookies, "get").mockImplementationOnce(() => ({value: "csrf-token"}));
+      jest.spyOn(PassphraseStorageService, "set");
+      jest.spyOn(AccountTemporarySessionStorageService, "get").mockImplementationOnce(() => ({account, passphrase}));
       jest.spyOn(controller.authVerifyLoginChallengeService, "verifyAndValidateLoginChallenge").mockImplementationOnce(jest.fn());
 
       await controller.exec();
 
       expect(PassphraseStorageService.set).toHaveBeenCalledWith("ada@passbolt.com", 60);
+      expect(controller.authVerifyLoginChallengeService.verifyAndValidateLoginChallenge).toHaveBeenCalledTimes(1);
+      expect(controller.authVerifyLoginChallengeService.verifyAndValidateLoginChallenge).toHaveBeenCalledWith(userKeyInfo.fingerprint, userKeyInfo.private, passphrase);
     });
   });
 });

package/src/all/background_page/controller/sso/saveSsoSettingsAsDraftController.test.data.js

@@ -25,6 +25,7 @@ export function withAzureSsoSettings(data = {}) {
       client_secret_expiry: "2022-11-02 00:00:00",
       email_claim: "email",
       prompt: "login",
+      login_hint: true,
     },
   };
 

package/src/all/background_page/controller/webIntegration/webIntegrationController.js

@@ -40,7 +40,7 @@ class WebIntegrationController {
     const url = new URL(resourceToSave.url);
     const resourceDto = {
       name: resourceToSave.name,
-      uri: `${url.protocol}//${url.host}${url.pathname}`,
+      uris: [`${url.protocol}//${url.host}${url.pathname}`],
       username: resourceToSave.username,
       secret_clear: resourceToSave.password
     };

package/src/all/background_page/event/appEvents.js

@@ -67,8 +67,12 @@ import FindMetadataMigrateResourcesController from "../controller/migrateMetadat
 import MigrateMetadataResourcesController from "../controller/migrateMetadata/migrateMetadataResourcesController";
 import DownloadOrganizationGeneratedKey from "../controller/accountRecovery/downloadOrganizationGenerateKeyController";
 import ShareMetadataKeyPrivateController from "../controller/metadata/shareMetadataKeyPrivateController";
+import GetOrFindMetadataKeysSettingsController from "../controller/metadata/getOrFindMetadataKeysSettingsController";
 import CopyToClipboardController from "../controller/clipboard/copyToClipboardController";
 import CopyTemporarilyToClipboardController from "../controller/clipboard/copyTemporarilyToClipboardController";
+import FindMetadataGettingStartedSettingsController from "../controller/metadata/findMetadataGettingStartedSettingsController";
+import EnableEncryptedMetadataForExistingInstanceController from "../controller/metadata/enableEncryptedMetadataForExistingInstanceController";
+import KeepCleartextMetadataForExistingInstanceController from "../controller/metadata/keepCleartextMetadataForExistingInstanceController";
 
 const listen = function(worker, apiClientOptions, account) {
   /*
@@ -316,6 +320,17 @@ const listen = function(worker, apiClientOptions, account) {
     await controller._exec();
   });
 
+  /*
+   * Get or find metadata keys settings.
+   *
+   * @listens passbolt.metadata.get-or-find-metadata-keys-settings
+   * @param requestId {uuid} The request identifier
+   */
+  worker.port.on('passbolt.metadata.get-or-find-metadata-keys-settings', async requestId => {
+    const controller = new GetOrFindMetadataKeysSettingsController(worker, requestId, apiClientOptions, account);
+    await controller._exec();
+  });
+
   /*
    * Generate metadata key.
    *
@@ -436,6 +451,38 @@ const listen = function(worker, apiClientOptions, account) {
     await controller._exec(userId);
   });
 
+  /*
+   * Find metadata getting started settings.
+   *
+   * @listens passbolt.metadata.find-getting-started-settings
+   * @param requestId {uuid} The request identifier
+   */
+  worker.port.on('passbolt.metadata.find-getting-started-settings', async requestId => {
+    const controller = new FindMetadataGettingStartedSettingsController(worker, requestId, apiClientOptions);
+    await controller._exec();
+  });
+
+  /*
+   * Configure metadata to enable encrypted metadata for existing instances.
+   *
+   * @listens passbolt.metadata.enable-encrypted-metadata-for-existing-instance
+   * @param requestId {uuid} The request identifier
+   */
+  worker.port.on('passbolt.metadata.enable-encrypted-metadata-for-existing-instance', async requestId => {
+    const controller = new EnableEncryptedMetadataForExistingInstanceController(worker, requestId, apiClientOptions, account);
+    await controller._exec();
+  });
+
+  /*
+   * Configure metadata to keep legacy cleartext metadata for existing instances
+   *
+   * @listens passbolt.metadata.keep-cleartext-metadata-for-existing-instance
+   * @param requestId {uuid} The request identifier
+   */
+  worker.port.on('passbolt.metadata.keep-cleartext-metadata-for-existing-instance', async requestId => {
+    const controller = new KeepCleartextMetadataForExistingInstanceController(worker, requestId, apiClientOptions, account);
+    await controller._exec();
+  });
 
   /*
    * ==================================================================================

package/src/all/background_page/event/authEvents.js

@@ -22,6 +22,7 @@ import AuthLogoutController from "../controller/auth/authLogoutController";
 import GetServerKeyController from "../controller/auth/getServerKeyController";
 import ReplaceServerKeyController from "../controller/auth/replaceServerKeyController";
 import ReloadTabController from "../controller/tab/reloadTabController";
+import RedirectPostLoginController from "../controller/auth/redirectPostLoginController";
 
 /**
  * Listens to the authentication events
@@ -129,14 +130,9 @@ const listen = function(worker, apiClientOptions, account) {
    * @listens passbolt.auth.post-login-redirect
    * @param requestId {uuid} The request identifier
    */
-  worker.port.on('passbolt.auth.post-login-redirect', requestId => {
-    let url = account.domain;
-    const redirectTo = (new URL(worker.tab.url)).searchParams.get('redirect');
-    if (/^\/[A-Za-z0-9\-\/]*$/.test(redirectTo)) {
-      url = `${url}${redirectTo}`;
-    }
-    chrome.tabs.update(worker.tab.id, {url: url});
-    worker.port.emit(requestId, 'SUCCESS');
+  worker.port.on('passbolt.auth.post-login-redirect', async requestId => {
+    const controller = new RedirectPostLoginController(worker, requestId, account);
+    await controller._exec();
   });
 
   /*