passbolt-browser-extension 5.3.2 → 5.4.1

package/src/all/background_page/event/informMenuEvents.js

@@ -14,6 +14,8 @@ import InformMenuController from "../controller/InformMenuController/InformMenuC
 import GetLocaleController from "../controller/locale/getLocaleController";
 import GetOrFindPasswordPoliciesController from "../controller/passwordPolicies/getOrFindPasswordPoliciesController";
 import AutofillController from "../controller/autofill/AutofillController";
+import GetOrFindLoggedInUserController from "../controller/user/getOrFindLoggedInUserController";
+import GetOrFindMetadataKeysSettingsController from "../controller/metadata/getOrFindMetadataKeysSettingsController";
 
 /**
  * Listens the inform menu events
@@ -66,6 +68,18 @@ const listen = function(worker, apiClientOptions, account) {
     await informMenuController.close(requestId);
   });
 
+  /*
+   * Find the logged in user
+   *
+   * @listens passbolt.users.find-logged-in-user
+   * @param requestId {uuid} The request identifier
+   * @param refreshCache {bool} (Optional) Default false. Should request the API and refresh the cache.
+   */
+  worker.port.on('passbolt.users.find-logged-in-user', async(requestId, refreshCache = false) => {
+    const controller = new GetOrFindLoggedInUserController(worker, requestId, apiClientOptions, account);
+    await controller._exec(refreshCache);
+  });
+
   /*
    * Get locale language
    *
@@ -94,6 +108,23 @@ const listen = function(worker, apiClientOptions, account) {
     const controller = new GetOrFindPasswordPoliciesController(worker, requestId, account, apiClientOptions);
     await controller._exec();
   });
+
+  /*
+   * ==================================================================================
+   *  Metadata events.
+   * ==================================================================================
+   */
+
+  /*
+   * Get or find metadata keys settings.
+   *
+   * @listens passbolt.metadata.get-or-find-metadata-keys-settings
+   * @param requestId {uuid} The request identifier
+   */
+  worker.port.on('passbolt.metadata.get-or-find-metadata-keys-settings', async requestId => {
+    const controller = new GetOrFindMetadataKeysSettingsController(worker, requestId, apiClientOptions, account);
+    await controller._exec();
+  });
 };
 
 export const InformMenuEvents = {listen};

package/src/all/background_page/event/quickAccessEvents.js

@@ -5,7 +5,6 @@
  * @licence GNU Affero General Public License http://www.gnu.org/licenses/agpl-3.0.en.html
  */
 import BrowserTabService from "../service/ui/browserTab.service";
-import ResourceInProgressCacheService from "../service/cache/resourceInProgressCache.service";
 import i18n from "../sdk/i18n";
 import FindMeController from "../controller/rbac/findMeController";
 import GetOrFindLoggedInUserController from "../controller/user/getOrFindLoggedInUserController";
@@ -15,6 +14,9 @@ import GetOrFindPasswordExpirySettingsController from "../controller/passwordExp
 import GetOrFindMetadataTypesController from "../controller/metadata/getMetadataTypesSettingsController";
 import CopyToClipboardController from "../controller/clipboard/copyToClipboardController";
 import CopyTemporarilyToClipboardController from "../controller/clipboard/copyTemporarilyToClipboardController";
+import PrepareResourceController from "../controller/quickaccess/prepareResourceController";
+import ConsumeInProgressCreationResourceController from "../controller/quickaccess/consumeInProgressCreationResourceController";
+import GetOrFindMetadataKeysSettingsController from "../controller/metadata/getOrFindMetadataKeysSettingsController";
 
 /**
  * Listens to the quickaccess application events
@@ -57,21 +59,8 @@ const listen = function(worker, apiClientOptions, account) {
    * @param tabId {string} The tab id
    */
   worker.port.on('passbolt.quickaccess.prepare-resource', async(requestId, tabId) => {
-    try {
-      const resourceInProgress = await ResourceInProgressCacheService.consume();
-      if (resourceInProgress === null) {
-        // Retrieve resource name and uri from tab.
-        const tab = tabId ? await BrowserTabService.getById(tabId) : await BrowserTabService.getCurrent();
-        const name = tab.title;
-        const uri = tab.url;
-        worker.port.emit(requestId, 'SUCCESS', {name: name, uri: uri});
-      } else {
-        worker.port.emit(requestId, 'SUCCESS', resourceInProgress);
-      }
-    } catch (error) {
-      console.error(error);
-      worker.port.emit(requestId, 'ERROR', error);
-    }
+    const controller = new PrepareResourceController(worker, requestId);
+    await controller._exec(tabId);
   });
 
   /*
@@ -81,13 +70,8 @@ const listen = function(worker, apiClientOptions, account) {
    * @param requestId {uuid} The request identifier
    */
   worker.port.on('passbolt.quickaccess.prepare-autosave', async requestId => {
-    try {
-      const resourceInProgress = await ResourceInProgressCacheService.consume() || {};
-      worker.port.emit(requestId, 'SUCCESS', resourceInProgress);
-    } catch (error) {
-      console.error(error);
-      worker.port.emit(requestId, 'ERROR', error);
-    }
+    const controller = new ConsumeInProgressCreationResourceController(worker, requestId);
+    await controller._exec();
   });
 
   /*
@@ -161,6 +145,17 @@ const listen = function(worker, apiClientOptions, account) {
     await controller._exec();
   });
 
+  /*
+   * Get or find metadata keys settings.
+   *
+   * @listens passbolt.metadata.get-or-find-metadata-keys-settings
+   * @param requestId {uuid} The request identifier
+   */
+  worker.port.on('passbolt.metadata.get-or-find-metadata-keys-settings', async requestId => {
+    const controller = new GetOrFindMetadataKeysSettingsController(worker, requestId, apiClientOptions, account);
+    await controller._exec();
+  });
+
   /*
    * ==================================================================================
    *  Clipboard events.

package/src/all/background_page/event/recoverEvents.js

@@ -31,6 +31,7 @@ import SetSetupSecurityTokenController from "../controller/setup/setSetupSecurit
 import HasRecoverUserEnabledAccountRecoveryController from "../controller/recover/hasRecoverUserEnabledAccountRecoveryController";
 import GetUserPassphrasePoliciesController from "../controller/setup/getUserPassphrasePoliciesController";
 import ReloadTabController from "../controller/tab/reloadTabController";
+import RedirectPostLoginController from "../controller/auth/redirectPostLoginController";
 
 
 const listen = (worker, apiClientOptions, account) => {
@@ -128,5 +129,16 @@ const listen = (worker, apiClientOptions, account) => {
     const controller = new ReloadTabController(worker, requestId);
     await controller._exec();
   });
+
+  /*
+   * Redirect the user post login.
+   *
+   * @listens passbolt.auth.post-login-redirect
+   * @param requestId {uuid} The request identifier
+   */
+  worker.port.on('passbolt.auth.post-login-redirect', async requestId => {
+    const controller = new RedirectPostLoginController(worker, requestId, account);
+    await controller._exec();
+  });
 };
 export const RecoverEvents = {listen};

package/src/all/background_page/event/resourceEvents.js

@@ -4,7 +4,6 @@
  * @copyright (c) 2019 Passbolt SA
  * @licence GNU Affero General Public License http://www.gnu.org/licenses/agpl-3.0.en.html
  */
-import ResourceModel from "../model/resource/resourceModel";
 import ResourceCreateController from "../controller/resource/resourceCreateController";
 import ResourceUpdateController from "../controller/resource/resourceUpdateController";
 import Log from "../model/log";
@@ -23,6 +22,7 @@ import MoveResourcesController from "../controller/move/moveResourcesController"
 import ResetResourceGridUserSettingController
   from "../controller/resourceGridSetting/resetResourceGridUserSettingController";
 import UpdateResourceLocalStorageByFolderParentIdController from "../controller/resource/updateResourceLocalStorageByFolderParentIdController";
+import ResourceDeleteController from "../controller/resource/resourceDeleteController";
 
 const listen = function(worker, apiClientOptions, account) {
   /*
@@ -79,18 +79,11 @@ const listen = function(worker, apiClientOptions, account) {
    *
    * @listens passbolt.resources.delete-all
    * @param requestId {uuid} The request identifier
-   * @param resourcesIds {array} The resources ids to delete
+   * @param resourcesIds {array} The resources ids to del ete
    */
   worker.port.on('passbolt.resources.delete-all', async(requestId, resourcesIds) => {
-    try {
-      // TODO DeleteResourcesController with progress dialog if resourceIds > 1
-      const resourceModel = new ResourceModel(apiClientOptions, account);
-      await resourceModel.bulkDelete(resourcesIds);
-      worker.port.emit(requestId, 'SUCCESS');
-    } catch (error) {
-      console.error(error);
-      worker.port.emit(requestId, 'ERROR', error);
-    }
+    const controller = new ResourceDeleteController(worker, requestId, apiClientOptions, account);
+    await controller._exec(resourcesIds);
   });
 
   /*

package/src/all/background_page/event/setupEvents.js

@@ -30,6 +30,12 @@ import SetSetupSecurityTokenController from "../controller/setup/setSetupSecurit
 import GetAccountRecoveryOrganizationPolicyController from "../controller/setup/getAccountRecoveryOrganizationPolicyController";
 import GetUserPassphrasePoliciesController from "../controller/setup/getUserPassphrasePoliciesController";
 import ReloadTabController from "../controller/tab/reloadTabController";
+import FindMetadataSetupSettingsController from "../controller/metadata/findMetadataSetupSettingsController";
+import EnableMetadataSetupSettingsController from "../controller/metadata/enableMetadataSetupSettingsController";
+import RedirectPostLoginController from "../controller/auth/redirectPostLoginController";
+import GetActiveAccountService from "../service/account/getActiveAccountService";
+import RedirectToAdminWorkspaceController from "../controller/auth/redirectToAdminWorkspaceController";
+import GetOrFindLoggedInUserController from "../controller/user/getOrFindLoggedInUserController";
 
 const listen = function(worker, apiClientOptions, account) {
   worker.port.on('passbolt.setup.is-first-install', async requestId => {
@@ -121,5 +127,54 @@ const listen = function(worker, apiClientOptions, account) {
     const controller = new ReloadTabController(worker, requestId);
     await controller._exec();
   });
+
+  worker.port.on('passbolt.metadata.find-setup-settings', async requestId => {
+    const controller = new FindMetadataSetupSettingsController(worker, requestId, apiClientOptions);
+    await controller._exec();
+  });
+
+  worker.port.on('passbolt.metadata.enable', async requestId => {
+    /*
+     * The global account at this stage is an `AccountSetupEntity` that is tempered as this process is run after the sign-in
+     * So, to addresse the enablement of the metadata in the Setup app, we need to get a `AccountEntity` instead.
+     * That's why, we use `GetActiveAccountService.get()` to find an account.
+     */
+    const account = await GetActiveAccountService.get();
+    const controller = new EnableMetadataSetupSettingsController(worker, requestId, apiClientOptions, account);
+    await controller._exec();
+  });
+
+  /*
+   * Redirect the user post login.
+   *
+   * @listens passbolt.auth.post-login-redirect
+   * @param requestId {uuid} The request identifier
+   */
+  worker.port.on('passbolt.auth.post-login-redirect', async requestId => {
+    const controller = new RedirectPostLoginController(worker, requestId, account);
+    await controller._exec();
+  });
+
+  /*
+   * Redirect the user to the administration workspace.
+   *
+   * @listens passbolt.auth.post-login-redirect-to-admin-workspace
+   * @param requestId {uuid} The request identifier
+   */
+  worker.port.on("passbolt.auth.post-login-redirect-to-admin-workspace", async requestId => {
+    const controller = new RedirectToAdminWorkspaceController(worker, requestId, account);
+    await controller._exec();
+  });
+
+  /*
+   * Find the logged in user
+   *
+   * @listens passbolt.users.find-logged-in-user
+   * @param requestId {uuid} The request identifier
+   */
+  worker.port.on('passbolt.users.find-logged-in-user', async requestId => {
+    const controller = new GetOrFindLoggedInUserController(worker, requestId, apiClientOptions, account);
+    await controller._exec();
+  });
 };
 export const SetupEvents = {listen};

package/src/all/background_page/model/comment/{commentModel.js → commentService.js}

@@ -14,8 +14,9 @@
 import CommentEntity from "../entity/comment/commentEntity";
 import CommentsCollection from "../entity/comment/commentsCollection";
 import CommentApiService from "../../service/api/comment/commentApiService";
+import {assertType, assertUuid} from "../../utils/assertions";
 
-class CommentModel {
+class CommentService {
   /**
    * Constructor
    *
@@ -34,6 +35,7 @@ class CommentModel {
    * @return {CommentsCollection}
    */
   async findAllByResourceId(resourceId) {
+    assertUuid(resourceId);
     const foreignKey = 'Resource';
     const commentsDtos = await this.commentApiService.findAll(foreignKey, resourceId, {creator: true, modifier: false});
     return new CommentsCollection(commentsDtos);
@@ -46,6 +48,7 @@ class CommentModel {
    * @returns {Promise<CommentEntity>}
    */
   async create(commentEntity) {
+    assertType(commentEntity, CommentEntity, "The parameter 'commentEntity' should be a CommentEntity");
     const commentDto = await this.commentApiService.create(commentEntity.toDto({creator: false, modifier: false}));
     return new CommentEntity(commentDto);
   }
@@ -57,8 +60,9 @@ class CommentModel {
    * @returns {Promise<void>}
    */
   async delete(commentId) {
+    assertUuid(commentId);
     await this.commentApiService.delete(commentId);
   }
 }
 
-export default CommentModel;
+export default CommentService;

package/src/all/background_page/model/comment/commentService.test.js

@@ -0,0 +1,98 @@
+/**
+ * Passbolt ~ Open source password manager for teams
+ * Copyright (c) Passbolt SA (https://www.passbolt.com)
+ *
+ * Licensed under GNU Affero General Public License version 3 of the or any later version.
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
+ * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
+ * @link          https://www.passbolt.com Passbolt(tm)
+ * @since         5.4.0
+ */
+import BuildApiClientOptionsService from "../../service/account/buildApiClientOptionsService";
+import AccountEntity from "../../model/entity/account/accountEntity";
+import {defaultAccountDto} from "../../model/entity/account/accountEntity.test.data";
+import {v4 as uuidv4} from "uuid";
+import {enableFetchMocks} from "jest-fetch-mock";
+import CommentApiService from "../../service/api/comment/commentApiService";
+import CommentService from "./commentService";
+import {defaultCommentCollectionDto} from "passbolt-styleguide/src/shared/models/entity/comment/commentEntityCollection.test.data";
+import CommentsCollection from "../entity/comment/commentsCollection";
+import {defaultCommentDto} from "passbolt-styleguide/src/shared/models/entity/comment/commentEntity.test.data";
+import CommentEntity from "../entity/comment/commentEntity";
+
+describe("CommentService", () => {
+  let apiClientOptions, account,
+    service;
+
+  beforeEach(async() => {
+    enableFetchMocks();
+    jest.clearAllMocks();
+    fetch.resetMocks();
+    account = new AccountEntity(defaultAccountDto());
+    apiClientOptions = BuildApiClientOptionsService.buildFromAccount(account);
+    service = new CommentService(apiClientOptions, account);
+  });
+
+  describe('::findAllByResourceId', () => {
+    it("Should call the comments service API to get the comments collection", async() => {
+      expect.assertions(2);
+      const resourceId = uuidv4();
+      const commentsDto = defaultCommentCollectionDto();
+
+      jest.spyOn(CommentApiService.prototype, "findAll").mockImplementation(() => commentsDto);
+
+      const resultsDto = await service.findAllByResourceId(resourceId);
+      expect(resultsDto).toHaveLength(commentsDto.length);
+      expect(resultsDto).toBeInstanceOf(CommentsCollection);
+    });
+
+    it("should throw an error if id is not defined", async() => {
+      expect.assertions(1);
+      const promise = service.findAllByResourceId();
+      await expect(promise).rejects.toThrowError("The given parameter is not a valid UUID");
+    });
+  });
+
+  describe('::create', () => {
+    it("Should call the comments service API to create a new comment", async() => {
+      expect.assertions(2);
+      const commentDto = new CommentEntity(defaultCommentDto());
+
+      jest.spyOn(CommentApiService.prototype, "create").mockImplementation(() => commentDto);
+
+      const resultsDto = await service.create(commentDto);
+      expect(resultsDto).toBeInstanceOf(CommentEntity);
+      expect(resultsDto).toStrictEqual(commentDto);
+    });
+
+    it("should throw an error if comment is not defined", async() => {
+      expect.assertions(1);
+      const commentDto = new CommentEntity(defaultCommentDto());
+      jest.spyOn(CommentApiService.prototype, "create").mockImplementation(() => null);
+      const promise = service.create(commentDto);
+      await expect(promise).rejects.toThrowError("Could not validate entity CommentEntity. No data provided.");
+    });
+  });
+
+  describe('::delete', () => {
+    it("Should call the comments service API to delete a new comment", async() => {
+      expect.assertions(1);
+      const resourceId = uuidv4();
+
+      jest.spyOn(CommentApiService.prototype, "delete").mockImplementation(() => {});
+
+      await service.delete(resourceId);
+      await expect(service.delete(resourceId)).resolves.not.toThrow();
+    });
+
+    it("should throw an error if comment id is not defined", async() => {
+      expect.assertions(1);
+
+      const expectedError = new Error("The given parameter is not a valid UUID");
+      expect(() => service.delete("test")).rejects.toThrow(expectedError);
+    });
+  });
+});

package/src/all/background_page/model/entity/actionLog/actionLogsCollection.js

@@ -12,7 +12,7 @@
  */
 import AbstractActionLogEntity from "./abstractActionLogEntity";
 import DefaultActionLogEntity from "./defaultActionLogEntity";
-import PermissionsUpdatedActionLog from "./permissionsUpdatedActionLogEntity";
+import PermissionsUpdatedActionLogEntity from "./permissionsUpdatedActionLogEntity";
 import EntityCollection from "passbolt-styleguide/src/shared/models/entity/abstract/entityCollection";
 import EntitySchema from "passbolt-styleguide/src/shared/models/entity/abstract/entitySchema";
 import EntityCollectionError from "passbolt-styleguide/src/shared/models/entity/abstract/entityCollectionError";
@@ -65,8 +65,8 @@ class ActionLogsCollection extends EntityCollection {
    * @returns {AbstractActionLogEntity|null}
    */
   constructActionLogEntityFromDto(actionLogDto, options = {}) {
-    if (PermissionsUpdatedActionLog.ALLOWED_TYPES.includes(actionLogDto.type)) {
-      return new PermissionsUpdatedActionLog(actionLogDto, options);
+    if (PermissionsUpdatedActionLogEntity.ALLOWED_TYPES.includes(actionLogDto.type)) {
+      return new PermissionsUpdatedActionLogEntity(actionLogDto, options);
     } else {
       return new DefaultActionLogEntity(actionLogDto, options);
     }

package/src/all/background_page/model/entity/actionLog/permissionsUpdatedActionLogEntity.js

@@ -53,6 +53,10 @@ class PermissionsUpdatedActionLogEntity extends AbstractActionLogEntity {
     this._permissionsAdded = new UpdatedPermissionsCollection(permissionsAddedDto, {clone: false});
     this._permissionsUpdated = new UpdatedPermissionsCollection(permissionsUpdatedDto, {clone: false});
     this._permissionsRemoved = new UpdatedPermissionsCollection(permissionsRemovedDto, {clone: false});
+
+    this._permissionsAdded.sort();
+    this._permissionsUpdated.sort();
+    this._permissionsRemoved.sort();
   }
 
   /**

package/src/all/background_page/model/entity/import/importResourcesFileEntity.test.data.js

@@ -28,7 +28,7 @@ export const defaultKDBXCSVData = (lineCount = 1) => {
   const lines = [];
 
   for (let i = 1; i <= lineCount; i++) {
-    const line = `Password ${i},Username ${i},https://url${i}.com,Secret ${i},Description ${i},Folder ${i},otpauth://totp/Password%20${i}%3AUsername%20${i}?secret=THISISASECRET&issuer=https%253A%252F%252Furl${i}.com&algorithm=SHA1&digits=6&period=30`;
+    const line = `Password ${i},Username ${i},https://url${i}.com,Password ${i},Description ${i},Folder ${i},otpauth://totp/Password%20${i}%3AUsername%20${i}?secret=THISISASECRET&issuer=https%253A%252F%252Furl${i}.com&algorithm=SHA1&digits=6&period=30`;
     lines.push(line);
   }
 
@@ -114,8 +114,8 @@ export const onePasswordCsvFile = [
 ].join("\r\n");
 
 export const bitwardenCsvFile = [
-  '"name","login_username","login_uri","login_password","notes","folder"',
-  '"Password 1","Username 1","https://url1.com","Password 1","Description 1","Folder 1"',
+  '"name","login_username","login_uri","login_password","notes","folder","login_totp"',
+  '"Password 1","Username 1","https://url1.com","Password 1","Description 1","Folder 1","otpauth://totp/Password%201%3AUsername%201?secret=THISISASECRET&issuer=https%253A%252F%252Furl1.com&algorithm=SHA1&digits=6&period=30"',
 ].join("\r\n");
 
 export const lastpassCsvFile = [

package/src/all/background_page/model/entity/organizationSettings/organizationSettingsEntity.test.data.js

@@ -108,6 +108,10 @@ export const anonymousOrganizationSettings = (data = {}) => {
             }, {
               "locale": "uk-UA",
               "label": "Українська (beta)"
+            },
+            {
+              "locale": "cs-CZ",
+              "label": "Čeština (beta)"
             }
           ]
         },

package/src/all/background_page/model/entity/permission/actionLog/updatedPermissionEntity.test.data.js

@@ -0,0 +1,23 @@
+/**
+ * Passbolt ~ Open source password manager for teams
+ * Copyright (c) Passbolt SA (https://www.passbolt.com)
+ *
+ * Licensed under GNU Affero General Public License version 3 of the or any later version.
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
+ * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
+ * @link          https://www.passbolt.com Passbolt(tm)
+ * @since         5.4.0
+ */
+import {defaultUserDto} from "passbolt-styleguide/src/shared/models/entity/user/userEntity.test.data";
+import PermissionEntity from "../permissionEntity";
+import {v4 as uuidv4} from "uuid";
+
+export const defaultUpdatePermissionDto = data => ({
+  id: uuidv4(),
+  type: PermissionEntity.PERMISSION_OWNER,
+  user: defaultUserDto(),
+  ...data
+});

package/src/all/background_page/model/entity/permission/actionLog/updatedPermissionEntity.test.js

@@ -13,6 +13,7 @@
 import EntitySchema from "passbolt-styleguide/src/shared/models/entity/abstract/entitySchema";
 import EntityValidationError from "passbolt-styleguide/src/shared/models/entity/abstract/entityValidationError";
 import UpdatedPermissionEntity from "./updatedPermissionEntity";
+import {defaultUpdatePermissionDto} from "./updatedPermissionEntity.test.data";
 
 describe("Updated permission entity", () => {
   it("schema must validate", () => {
@@ -20,43 +21,27 @@ describe("Updated permission entity", () => {
   });
 
   it("constructor works if valid minimal DTO is provided", () => {
-    const dto = {
-      "id": "fa5f5d7a-32cc-4c5b-9478-f58584ca4222",
-      "type": 15,
-      "user": {
-        "id": "f848277c-5398-58f8-a82a-72397af2d450",
-        "username": "ada@passbolt.com",
-        "profile": {
-          "first_name": "Ada",
-          "last_name": "Lovelace",
-          "avatar": {
-            "url": {
-              "medium": "img\/public\/Avatar\/22\/47\/85\/50adf80e3534413abdd8e34c9be6d1b6\/50adf80e3534413abdd8e34c9be6d1b6.a99472d5.png",
-              "small": "img\/public\/Avatar\/22\/47\/85\/50adf80e3534413abdd8e34c9be6d1b6\/50adf80e3534413abdd8e34c9be6d1b6.65a0ba70.png"
-            }
-          }
-        },
-      }
-    };
+    expect.assertions(9);
+
+    const dto = defaultUpdatePermissionDto();
     const entity = new UpdatedPermissionEntity(dto);
+
     expect(entity.toDto(UpdatedPermissionEntity.ALL_CONTAIN_OPTIONS)).toEqual(dto);
-    expect(entity.id).toEqual("fa5f5d7a-32cc-4c5b-9478-f58584ca4222");
-    expect(entity.type).toEqual(15);
-    expect(entity.user.id).toEqual('f848277c-5398-58f8-a82a-72397af2d450');
-    expect(entity.user.username).toEqual('ada@passbolt.com');
-    expect(entity.user.profile.firstName).toBe('Ada');
-    expect(entity.user.profile.lastName).toBe('Lovelace');
-    expect(entity.user.profile.avatar.urlMedium).toBe("img\/public\/Avatar\/22\/47\/85\/50adf80e3534413abdd8e34c9be6d1b6\/50adf80e3534413abdd8e34c9be6d1b6.a99472d5.png");
-    expect(entity.user.profile.avatar.urlSmall).toBe("img\/public\/Avatar\/22\/47\/85\/50adf80e3534413abdd8e34c9be6d1b6\/50adf80e3534413abdd8e34c9be6d1b6.65a0ba70.png");
+    expect(entity.id).toStrictEqual(dto.id);
+    expect(entity.type).toStrictEqual(dto.type);
+    expect(entity.user.id).toStrictEqual(dto.user.id);
+    expect(entity.user.username).toStrictEqual(dto.user.username);
+    expect(entity.user.profile.firstName).toStrictEqual(dto.user.profile.first_name);
+    expect(entity.user.profile.lastName).toStrictEqual(dto.user.profile.last_name);
+    expect(entity.user.profile.avatar.urlMedium).toStrictEqual(dto.user.profile.avatar.url.medium);
+    expect(entity.user.profile.avatar.urlSmall).toStrictEqual(dto.user.profile.avatar.url.small);
   });
 
   it("constructor works fails if not enough data is provided", () => {
-    let t;
-    t = () => { new UpdatedPermissionEntity({}); };
-    expect(t).toThrow(EntityValidationError);
-    t = () => { new UpdatedPermissionEntity({id: "fa5f5d7a-32cc-4c5b-9478-f58584ca4222"}); };
-    expect(t).toThrow(EntityValidationError);
-    t = () => { new UpdatedPermissionEntity({"type": 15}); };
-    expect(t).toThrow(EntityValidationError);
+    expect.assertions(3);
+
+    expect(() => new UpdatedPermissionEntity({})).toThrow(EntityValidationError);
+    expect(() => new UpdatedPermissionEntity({id: "fa5f5d7a-32cc-4c5b-9478-f58584ca4222"})).toThrow(EntityValidationError);
+    expect(() => new UpdatedPermissionEntity({"type": 15})).toThrow(EntityValidationError);
   });
 });

package/src/all/background_page/model/entity/permission/actionLog/updatedPermissionsCollection.js

@@ -90,8 +90,7 @@ class UpdatedPermissionsCollection extends EntityCollection {
       return;
     }
     const length = this.updatedPermissions.length;
-    let i = 0;
-    for (; i < length; i++) {
+    for (let i = 0; i < length; i++) {
       const existingUpdatedPermission = this.updatedPermissions[i];
       if (existingUpdatedPermission.id && existingUpdatedPermission.id === updatedPermission.id) {
         throw new EntityCollectionError(i, UpdatedPermissionsCollection.RULE_UNIQUE_ID, `Updated permission id ${updatedPermission.id} already exists.`);
@@ -124,6 +123,76 @@ class UpdatedPermissionsCollection extends EntityCollection {
     super.push(updatedPermissionEntity);
   }
 
+  /**
+   * Sort the current collection by grantee type and their names.
+   * This method is mutatative
+   */
+  sort() {
+    this._items.sort(UpdatedPermissionsCollection.sortPermissionsByGranteeTypeAndName);
+  }
+
+  /**
+   * Delegate function to use as a callback to sort permissions.
+   * Permissions are sorted this way:
+   * - Defined users first
+   * - Defined groups second
+   * - Unknown users third
+   * - Unknown groups fourth
+   * - Unknown grantee type fifth
+   * Users are sorted by their `${user.first_name} ${user.last_name}`
+   * Groups are sorted by their `${group.name}`
+   *
+   * @param {PermissionEntity} permissionA
+   * @param {PermissionEntity} permissionB
+   * @returns {number} -1 if permissionA comes first, 1 if permissionB comes first, 0 it they are "equals"
+   * @static
+   * @private
+   */
+  static sortPermissionsByGranteeTypeAndName(permissionA, permissionB) {
+    //compare AROs, if they are different, aro User is coming first in the list
+    const isADefinedUserPermission = Boolean(permissionA.user);
+    const isBDefinedUserPermission = Boolean(permissionB.user);
+
+    if (isADefinedUserPermission && isBDefinedUserPermission) {
+      //both users are defined, we need to order by their full name.
+      const userAName = permissionA.user.profile.name;
+      const userBName = permissionB.user.profile.name;
+
+      return userAName.localeCompare(userBName);
+    }
+
+    if (isADefinedUserPermission) {
+      // permissionA is a user, permissionB is either an undefined user, a group, an undefined group. So permissionA comes first.
+      return -1;
+    } else if (isBDefinedUserPermission) {
+      // permissionB is a user, permissionA is either an undefined user, a group, an undefined group. So permissionB comes first.
+      return 1;
+    }
+
+    //here both permissionA and permissionB are for group permission. But their group could be undefined though
+    const isADefinedGroupPermission = Boolean(permissionA.group);
+    const isBDefinedGroupPermission = Boolean(permissionB.group);
+
+    if (isADefinedGroupPermission && isBDefinedGroupPermission) {
+      // both permission are for defined group, we need to order them by their group name
+      const groupAName = permissionA.group.name;
+      const groupBName = permissionB.group.name;
+
+      return groupAName.localeCompare(groupBName);
+    }
+
+    if (isADefinedGroupPermission) {
+      // permissionA is for a defined group and permissionB is for an undefined group. permissionA comes first
+      return -1;
+    } else if (isBDefinedGroupPermission) {
+      // permissionB is for a defined group and permissionA is for an undefined group. permissionB comes first
+      return 1;
+    }
+
+    // both permissions are for unknown grantee type. They are considered "equals"
+    return 0;
+  }
+
   /*
    * ==================================================
    * Static getters