Issues in background.js - New Issues - Inspection of "Merge branch 'issue-150'" - nextcloud/passman-webextension - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 892ae5...58fe46 )

by Sander

created 2017-08-13 08:12 UTC

js/background/service/background.js (2 issues)

Labels

Unused Code 2

Severity

Minor 2

/* global API */

var background = (function () {
    var storage = new API.Storage();
    var _self = this;
    var _window = {};


    API.runtime.onConnect.addListener(function (port) {

        port.onMessage.addListener(function (msg) {
            if (msg === 'credential_amount') {
                port.postMessage('credential_amount:' + local_credentials.length);
            }

        });

    });

    var master_password = null;

    function getMasterPasswordSet() {
        return (master_password !== null);
    }

    _self.getMasterPasswordSet = getMasterPasswordSet;

    function setMasterPassword(opts) {
        master_password = opts.password;
        if (opts.hasOwnProperty('savePassword') && opts.savePassword === true) {
            // Save the password in plain text on user request.
            // No secure local storage is available :/
            storage.set('master_password', opts.password);
        } else {
            storage.set('master_password', null);
        }

        if (opts.password) {
            getSettings();
        } else {
            displayLogoutIcons();
        }

    }

    _self.setMasterPassword = setMasterPassword;


    var testMasterPasswordAgainst;

    function isMasterPasswordValid(password) {
        try {
            PAPI.decryptString(testMasterPasswordAgainst, password);
            return true;
        } catch (e) {
            return false;
        }
    }

    _self.isMasterPasswordValid = isMasterPasswordValid;


    var local_credentials = [];
    var local_vault = [];

    var encryptedFieldSettings = ['accounts'];
    _self.settings = {};
    _self.ticker = null;
    _self.running = false;
    function getSettings() {

        storage.get('settings').then(function (_settings) {
            if ((!_settings || Object.keys(_settings).length === 0 || !_settings.hasOwnProperty('accounts')) && !master_password) {
                return;
            }
            if (!master_password && _settings.hasOwnProperty('accounts') && _settings.accounts.length > 0) {
                _self.settings.isInstalled = 1;
                testMasterPasswordAgainst = _settings.accounts;
                return;
            }

            for (var i = 0; i < encryptedFieldSettings.length; i++) {
                var field = encryptedFieldSettings[i];
                _settings[field] = JSON.parse(PAPI.decryptString(_settings[field], master_password));
            }

            _self.settings = _settings;

            if (!_self.settings.hasOwnProperty('ignored_sites')) {
                _self.settings.ignored_sites = [];
            }

            if (!_self.settings.hasOwnProperty('no_results_found_tab')) {
                _self.settings.no_results_found_tab = 'list';
            }

            if (!_self.settings.hasOwnProperty('enablePasswordPicker')) {
                _self.settings.enablePasswordPicker = !_self.settings.disablePasswordPicker;
            }

            if (!_self.settings.hasOwnProperty('enableAutoFill')) {
                _self.settings.enableAutoFill = !_self.settings.disableAutoFill;
            }

            getCredentials();

            if (_self.running) {
                clearInterval(_self.ticker);
            }
            _self.running = true;
            _self.ticker = setInterval(function () {

            }, _self.settings.refreshTime * 1000);

        });
    }

    _self.getSettings = getSettings;

    function getRuntimeSettings() {
        return _self.settings;
    }

    _self.getRuntimeSettings = getRuntimeSettings;

    function getSetting(name) {
        return _self.settings[name];
    }

    _self.getSetting = getSetting;

    function saveSettings(settings, cb) {
        for (var i = 0; i < encryptedFieldSettings.length; i++) {
            var field = encryptedFieldSettings[i];
            settings[field] = PAPI.encryptString(JSON.stringify(settings[field]), master_password);
        }

        if (!settings.hasOwnProperty('ignored_sites')) {
            settings.ignored_sites = [];
        }

        if (!_self.settings.hasOwnProperty('password_picker_first_tab')) {
            _self.settings.disable_browser_autofill = 'list';
        }

        //window.settings contains the run-time settings
        _self.settings = settings;


        storage.set('settings', settings).then(function () {
            getSettings();
        });

    }

    _self.saveSettings = saveSettings;

    function resetSettings() {
        storage.set('settings', {});
        _self.settings = {};
    }

    _self.resetSettings = resetSettings;


    function getCredentials() {
        if (!master_password) {
            return;
        }
        //console.log('Loading vault with the following settings: ', settings);
        var tmpList = [];

        for (var i = 0; i < _self.settings.accounts.length; i++) {
            var account = _self.settings.accounts[i];
            /* jshint ignore:start */
            (function (inner_account) {
                PAPI.getVault(inner_account, function (vault) {
                    if (vault.hasOwnProperty('error')) {
                        return;
                    }
                    var _credentials = vault.credentials;
                    for (var i = 0; i < _credentials.length; i++) {
                        var key = inner_account.vault_password;
                        var credential = _credentials[i];
                        if (credential.hidden === 1) {
                            continue;
                        }
                        var usedKey = key;
                        //Shared credentials are not implemented yet
                        if (credential.hasOwnProperty('shared_key') && credential.shared_key) {
                            usedKey = PAPI.decryptString(credential.shared_key, key);

                        }
                        credential = PAPI.decryptCredential(credential, usedKey);
                        credential.account = inner_account;
                        if (credential.delete_time === 0) {
                            tmpList.push(credential);
                        }

                    }
                    delete vault.credentials;
                    local_vault = vault;

                    local_credentials = tmpList;

                    getSharedCredentials(inner_account);


                });
            }(account));
            /* jshint ignore:end */
        }
    }

    _self.getCredentials = getCredentials;

    function getSharedCredentials(account) {
        PAPI.getCredendialsSharedWithUs(account, account.vault.guid, function (credentials) {
            for (var i = 0; i < credentials.length; i++) {
                var _shared_credential = credentials[i];
                var _shared_credential_data;
                var sharedKey = PAPI.decryptString(_shared_credential.shared_key, account.vault_password);
                try {
                    _shared_credential_data = PAPI.decryptSharedCredential(_shared_credential.credential_data, sharedKey);
                } catch (e) {

                }
                if (_shared_credential_data) {
                    delete _shared_credential.credential_data;
                    _shared_credential_data.acl = _shared_credential;
                    _shared_credential_data.acl.permissions = new SharingACL(_shared_credential_data.acl.permissions);
                    _shared_credential_data.tags_raw = _shared_credential_data.tags;
                    _shared_credential_data.account = account;
                    local_credentials.push(_shared_credential_data);
                }
            }
            updateTabsIcon();
        });
    }

    function getCredentialsByUrl(_url, sender) {
        if (!master_password) {
            return [];
        }
        if (!_url || _url === '') {
            return [];
        }
        if (Array.isArray(_url)) {
            _url = _url.pop();
        }

        var p = document.createElement('a');
        p.href = _url;
        if (p.pathname) {
            //_url = _url.substring(0, _url.lastIndexOf("/"));
        }

        var url = processURL(_url, _self.settings.ignoreProtocol, _self.settings.ignoreSubdomain, _self.settings.ignorePath, _self.settings.ignorePort);
        var found_list = [];
        for (var i = 0; i < local_credentials.length; i++) {
            var credential_url = local_credentials[i].url;
            if (!/^(ht)tps?:\/\//i.test(credential_url) && credential_url !== '' && _url) {
                try {
                    var protocol = _url.split('://').shift();
                    credential_url = protocol + "://" + credential_url;
                } catch (e) {
                    //ignore
                }
            }
            credential_url = processURL(credential_url, _self.settings.ignoreProtocol, _self.settings.ignoreSubdomain, _self.settings.ignorePath, _self.settings.ignorePort);
            if (credential_url) {
                if (credential_url.indexOf(url) !== -1) {
                    found_list.push(local_credentials[i]);
                }
            }

        }
        return found_list;
    }

    _self.getCredentialsByUrl = getCredentialsByUrl;


    function saveCredential(credential) {
        //@TODO save shared password
        if (!credential.credential_id) {
            PAPI.createCredential(credential.account, credential, credential.account.vault_password, function (createdCredential) {
                local_credentials.push(createdCredential);
            });
        } else {
            var credential_index;
            for (var i = 0; i < local_credentials.length; i++) {
                if (local_credentials[i].guid === credential.guid) {
                    credential_index = i;
                    break;
                }
            }

            if (credential.hasOwnProperty('acl')) {
                var permissons = new SharingACL(credential.acl.permissions.permission);
                if (!permissons.hasPermission(0x02)) {
                    return;
                }
            }

            PAPI.updateCredential(credential.account, credential, credential.account.vault_password, function (updatedCredential) {
                if (credential_index) {
                    local_credentials[credential_index] = updatedCredential;
                }
            });
        }
    }

    _self.saveCredential = saveCredential;

    function getCredentialByGuid(guid) {
        for (var i = 0; i < local_credentials.length; i++) {
            var credential = local_credentials[i];
            if (credential.guid === guid) {
                return credential;
            }
        }
    }

    _self.getCredentialByGuid = getCredentialByGuid;

    function getCredentialForHTTPAuth(req) {
        return getCredentialsByUrl(req.url)[0];
    }

    _window.getCredentialForHTTPAuth = getCredentialForHTTPAuth;

    var mined_data = [];

    function minedForm(data, sender) {
        var url = sender.url;
        var existingLogins = getCredentialsByUrl(sender.url);
        var title = API.i18n.getMessage('detected_new_login') + ':';
        var minedMatchingID = null;
        for (var j = 0; j < existingLogins.length; j++) {
            var login = existingLogins[j];
            if (login.username === data.username) {
                if (login.password !== data.password) {
                    minedMatchingID = login.guid;
                    title = API.i18n.getMessage('detected_changed_login') + ':';
                }
                else {
                    //console.log('No changes detected');
                    delete mined_data[sender.tab.id];
                    return;
                }
            }
        }
        mined_data[sender.tab.id] = {
            title: title,
            url: url,
            username: data.username,
            password: data.password,
            label: sender.title,
            guid: minedMatchingID
        };

        //console.log('Done mining, ', mined_data, sender.tab.id);
    }

    _self.minedForm = minedForm;

    function getMinedData(args, sender) {
        //console.log('Fecthing  mined data for tab id', sender.tab.id)
        var senderUrl = sender.tab.url;
        var site = processURL(senderUrl, _self.settings.ignoreProtocol, _self.settings.ignoreSubdomain, _self.settings.ignorePath, _self.settings.ignorePort);
        if (!_self.settings) {
            return null;
        }
        if (!_self.settings.hasOwnProperty('ignored_sites')) {
            return mined_data[sender.tab.id];
        }
        var matches = _self.settings.ignored_sites.filter(function (item) {
            return typeof item === 'string' && site.indexOf(item) > -1;
        });

        if (matches.length !== 0) {
            return null;
        }
        return mined_data[sender.tab.id];
    }

    _self.getMinedData = getMinedData;

    function clearMined(args, sender) {
        delete mined_data[sender.tab.id];
    }

    _self.clearMined = clearMined;

    function saveMinedCallback(args) {
        createIconForTab(args.sender.tab);
        API.tabs.query({active: true, currentWindow: true}).then(function (tabs) {
            API.tabs.sendMessage(args.sender.tab.id, {method: "minedLoginSaved", args: args}).then(function (response) {
            });
        });
    }

    function ignoreSite(_url) {
        if (!_self.settings.hasOwnProperty('ignored_sites')) {
            _self.settings.ignored_sites = [];
        }
        var site = processURL(_url, false, false, true, false);
        if (_self.settings.ignored_sites.indexOf(site) === -1) {
            _self.settings.ignored_sites.push(site);
            saveSettings(_self.settings);
        }
    }

    _self.ignoreSite = ignoreSite;

    function ignoreURL(url) {
        if (!_self.settings.hasOwnProperty('ignored_sites')) {
            _self.settings.ignored_sites = [];
        }
        if (_self.settings.ignored_sites.indexOf(url) === -1) {
            _self.settings.ignored_sites.push(url);
            saveSettings(_self.settings);
        }
    }

    _self.ignoreURL = ignoreURL;

    function passToParent(args, sender) {
        API.tabs.sendMessage(sender.tab.id, {method: args.injectMethod, args: args.args}).then(function (response) {
        });
    }

    _self.passToParent = passToParent;

    function getActiveTab(opt) {
        API.tabs.query({active: true, currentWindow: true}).then(function (tabs) {
            var tab = tabs[0];
            API.tabs.sendMessage(tab.id, {method: opt.returnFn, args: tab}).then(function (response) {
            });
        });
    }

    _self.getActiveTab = getActiveTab;

    function updateCredentialUrlDoorhanger(login) {
        API.tabs.query({active: true, currentWindow: true}).then(function (tabs) {
            var tab = tabs[0];
            var data = login;
            data.url = tab.url;
            data.title = API.i18n.getMessage('detected_changed_url') + ':';
            API.tabs.sendMessage(tab.id, {
                method: 'showUrlUpdateDoorhanger',
                args: {data: data}
            });
        });
    }

    _self.updateCredentialUrlDoorhanger = updateCredentialUrlDoorhanger;

    function updateCredentialUrl(data, sender) {
        mined_data[sender.tab.id] = data;
        saveMined({}, sender);

    }

    _self.updateCredentialUrl = updateCredentialUrl;

    function saveMined(args, sender) {
        var data = mined_data[sender.tab.id];
        var credential = {},
            credential_index;

        if (data.guid === null) {
            credential = PAPI.newCredential();
        } else {
            for (var i = 0; i < local_credentials.length; i++) {
                if (local_credentials[i].guid === data.guid) {
                    credential = local_credentials[i];
                    credential_index = i;
                    break;
                }
            }
        }
        if (!credential.hasOwnProperty('account')) {
            credential.account = args.account;
        }
        credential.username = data.username;
        credential.password = data.password;
        credential.url = sender.tab.url;
        if (credential.guid !== null) {
            PAPI.updateCredential(credential.account, credential, credential.account.vault_password, function (updatedCredential) {
                updatedCredential.account = credential.account;
                if (credential_index) {
                    local_credentials[credential_index] = updatedCredential;
                }
                saveMinedCallback({credential: credential, updated: true, sender: sender});
                delete mined_data[sender.tab.id];
            });
        } else {
            credential.label = sender.tab.title;
            credential.vault_id = credential.account.vault.vault_id;
            PAPI.createCredential(credential.account, credential, credential.account.vault_password, function (createdCredential) {
                createdCredential.account = credential.account;
                saveMinedCallback({credential: credential, updated: false, sender: sender});
                local_credentials.push(createdCredential);
                delete mined_data[sender.tab.id];
            });
        }
    }

    _self.saveMined = saveMined;

    function searchCredential(searchText) {
        searchText = searchText.toLowerCase();
        var searchFields = ['label', 'username', 'email', 'url', 'description'];
        var results = [];
        for (var i = 0; i < local_credentials.length; i++) {
            var credential = local_credentials[i];
            for (var f = 0; f < searchFields.length; f++) {
                var field = searchFields[f];
                if (!credential[field]) {
                    continue;
                }

                var field_value = credential[field].toLowerCase();
                if (field_value.indexOf(searchText) !== -1) {
                    results.push(credential);
                    break;
                }
            }
        }
        return results;
    }

    _self.searchCredential = searchCredential;


    function injectCreateCredential(args, sender) {
        var account = getRuntimeSettings().accounts[args.vaultIndex];
        var credential = PAPI.newCredential();
        credential.label = args.label;
        credential.username = args.username;
        credential.password = args.password;
        credential.vault_id = account.vault_id;
        credential.url = sender.tab.url;
        PAPI.createCredential(account, credential, account.vault_password, function (createdCredential) {
            credential.account = account;
            saveMinedCallback({credential: credential, updated: false, sender: sender, selfAdded: true});
            local_credentials.push(createdCredential);

        });
    }

    self.injectCreateCredential = injectCreateCredential;

    function isVaultKeySet() {
        return (_self.settings.vault_password !== null);
    }

    _self.isVaultKeySet = isVaultKeySet;

    function isAutoFillEnabled() {
        if (!_self.settings.hasOwnProperty('enableAutoFill')) {
            return true;
        }
        return _self.settings.enableAutoFill;
    }

    _self.isAutoFillEnabled = isAutoFillEnabled;

    function isAutoSubmitEnabled() {
        if (!_self.settings.hasOwnProperty('enableAutoSubmit')) {
            return false;
        }
        return _self.settings.enableAutoSubmit;
    }

    _self.isAutoSubmitEnabled = isAutoSubmitEnabled;

    var doorhangerData = null;

    function setDoorhangerData(data) {
        doorhangerData = data;
    }

    _self.setDoorhangerData = setDoorhangerData;

    function getDoorhangerData() {
        return doorhangerData;
    }

    _self.getDoorhangerData = getDoorhangerData;

    function closeSetupTab() {
        API.tabs.query({url: 'chrome-extension://' + API.runtime.id + '/html/browser_action/browser_action.html'}).then(function (tabs) {
            if (tabs && tabs[0]) {
                API.tabs.remove(tabs[0].id);
            }
        });
    }

    _self.closeSetupTab = closeSetupTab;

    API.runtime.onMessage.addListener(function (msg, sender, sendResponse) {

        if (!msg || !msg.hasOwnProperty('method')) {
            return;
        }
        var result = false;
        if (_self[msg.method]) {
            result = _self[msg.method](msg.args, sender);
        } else {
            console.warn('[NOT FOUND] Method call', msg.method, 'args: ', msg.args);
        }

        sendResponse(result);
    });

    var defaultColor = '#0082c9';

    function createIconForTab(tab) {
        if (!master_password) {
            return;
        }
        var tabUrl = tab.url;
        var logins = getCredentialsByUrl(tabUrl);
        if (tab.active) {
            window.contextMenu.setContextItems(logins);
        }
        var credentialAmount = logins.length;
        API.browserAction.setBadgeText({
            text: credentialAmount.toString(),
            tabId: tab.id
        });
        API.browserAction.setBadgeBackgroundColor({
            color: defaultColor,
            tabId: tab.id
        });

        var plural = (credentialAmount === 1) ? API.i18n.getMessage('credential') : API.i18n.getMessage('credentials');
        API.browserAction.setTitle({
            title: API.i18n.getMessage('browser_action_title_login', [credentialAmount.toString(), plural.toString()]),
            tabId: tab.id
        });
    }

    function displayLogoutIcons() {
        if (_self.settings) {
            API.tabs.query({}).then(function (tabs) {
                for (var t = 0; t < tabs.length; t++) {
                    var tab = tabs[t];
                    API.browserAction.setBadgeText({
                        text: '🔑',
                        tabId: tab.id
                    });
                    API.browserAction.setBadgeBackgroundColor({
                        color: '#ff0000',
                        tabId: tab.id
                    });
                    API.browserAction.setTitle({
                        title: API.i18n.getMessage('browser_action_title_locked'),
                        tabId: tab.id
                    });
                }
            });
        }
    }

    function updateTabsIcon() {
        API.tabs.query({}).then(function (tabs) {
            for (var t = 0; t < tabs.length; t++) {
                var tab = tabs[t];
                createIconForTab(tab);
            }
        });
    }


    API.tabs.onUpdated.addListener(function (tabId, changeInfo, tab) {
        if (master_password) {
            createIconForTab(tab);
        } else {
            displayLogoutIcons();
        }
    });

    API.tabs.onActivated.addListener(function () {
        API.tabs.query({active: true, currentWindow: true}).then(function (tabs) {
            if (master_password) {
                createIconForTab(tabs[0]);
            } else {
                displayLogoutIcons();
            }
        });
    });

    displayLogoutIcons();


    storage.get('master_password').then(function (password) {
        if (password) {
            master_password = password;
            API.api.browserAction.setBadgeBackgroundColor({
                color: defaultColor
            });
        }
        getSettings();
    }).error(function (error) {
        if (error === "Data not found") {
            getSettings();
        }
    });
    return _window;
}());



1			/* global API */
2
3			var background = (function () {
4			var storage = new API.Storage();
5			var _self = this;
6			var _window = {};
7
8
9			API.runtime.onConnect.addListener(function (port) {
10
11			port.onMessage.addListener(function (msg) {
12			if (msg === 'credential_amount') {
13			port.postMessage('credential_amount:' + local_credentials.length);
14			}
15
16			});
17
18			});
19
20			var master_password = null;
21
22			function getMasterPasswordSet() {
23			return (master_password !== null);
24			}
25
26			_self.getMasterPasswordSet = getMasterPasswordSet;
27
28			function setMasterPassword(opts) {
29			master_password = opts.password;
30			if (opts.hasOwnProperty('savePassword') && opts.savePassword === true) {
31			// Save the password in plain text on user request.
32			// No secure local storage is available :/
33			storage.set('master_password', opts.password);
34			} else {
35			storage.set('master_password', null);
36			}
37
38			if (opts.password) {
39			getSettings();
40			} else {
41			displayLogoutIcons();
42			}
43
44			}
45
46			_self.setMasterPassword = setMasterPassword;
47
48
49			var testMasterPasswordAgainst;
50
51			function isMasterPasswordValid(password) {
52			try {
53			PAPI.decryptString(testMasterPasswordAgainst, password);
54			return true;
55			} catch (e) {
56			return false;
57			}
58			}
59
60			_self.isMasterPasswordValid = isMasterPasswordValid;
61
62
63			var local_credentials = [];
64			var local_vault = [];
			0 ignored issues – show Unused Code introduced 2017-08-12 12:49 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `local_vault` seems to be never used. Consider removing it. Loading history...
65			var encryptedFieldSettings = ['accounts'];
66			_self.settings = {};
67			_self.ticker = null;
68			_self.running = false;
69			function getSettings() {
70
71			storage.get('settings').then(function (_settings) {
72			if ((!_settings \|\| Object.keys(_settings).length === 0 \|\| !_settings.hasOwnProperty('accounts')) && !master_password) {
73			return;
74			}
75			if (!master_password && _settings.hasOwnProperty('accounts') && _settings.accounts.length > 0) {
76			_self.settings.isInstalled = 1;
77			testMasterPasswordAgainst = _settings.accounts;
78			return;
79			}
80
81			for (var i = 0; i < encryptedFieldSettings.length; i++) {
82			var field = encryptedFieldSettings[i];
83			_settings[field] = JSON.parse(PAPI.decryptString(_settings[field], master_password));
84			}
85
86			_self.settings = _settings;
87
88			if (!_self.settings.hasOwnProperty('ignored_sites')) {
89			_self.settings.ignored_sites = [];
90			}
91
92			if (!_self.settings.hasOwnProperty('no_results_found_tab')) {
93			_self.settings.no_results_found_tab = 'list';
94			}
95
96			if (!_self.settings.hasOwnProperty('enablePasswordPicker')) {
97			_self.settings.enablePasswordPicker = !_self.settings.disablePasswordPicker;
98			}
99
100			if (!_self.settings.hasOwnProperty('enableAutoFill')) {
101			_self.settings.enableAutoFill = !_self.settings.disableAutoFill;
102			}
103
104			getCredentials();
105
106			if (_self.running) {
107			clearInterval(_self.ticker);
108			}
109			_self.running = true;
110			_self.ticker = setInterval(function () {
111
112			}, _self.settings.refreshTime * 1000);
113
114			});
115			}
116
117			_self.getSettings = getSettings;
118
119			function getRuntimeSettings() {
120			return _self.settings;
121			}
122
123			_self.getRuntimeSettings = getRuntimeSettings;
124
125			function getSetting(name) {
126			return _self.settings[name];
127			}
128
129			_self.getSetting = getSetting;
130
131			function saveSettings(settings, cb) {
132			for (var i = 0; i < encryptedFieldSettings.length; i++) {
133			var field = encryptedFieldSettings[i];
134			settings[field] = PAPI.encryptString(JSON.stringify(settings[field]), master_password);
135			}
136
137			if (!settings.hasOwnProperty('ignored_sites')) {
138			settings.ignored_sites = [];
139			}
140
141			if (!_self.settings.hasOwnProperty('password_picker_first_tab')) {
142			_self.settings.disable_browser_autofill = 'list';
143			}
144
145			//window.settings contains the run-time settings
146			_self.settings = settings;
147
148
149			storage.set('settings', settings).then(function () {
150			getSettings();
151			});
152
153			}
154
155			_self.saveSettings = saveSettings;
156
157			function resetSettings() {
158			storage.set('settings', {});
159			_self.settings = {};
160			}
161
162			_self.resetSettings = resetSettings;
163
164
165			function getCredentials() {
166			if (!master_password) {
167			return;
168			}
169			//console.log('Loading vault with the following settings: ', settings);
170			var tmpList = [];
171
172			for (var i = 0; i < _self.settings.accounts.length; i++) {
173			var account = _self.settings.accounts[i];
174			/* jshint ignore:start */
175			(function (inner_account) {
176			PAPI.getVault(inner_account, function (vault) {
177			if (vault.hasOwnProperty('error')) {
178			return;
179			}
180			var _credentials = vault.credentials;
181			for (var i = 0; i < _credentials.length; i++) {
182			var key = inner_account.vault_password;
183			var credential = _credentials[i];
184			if (credential.hidden === 1) {
185			continue;
186			}
187			var usedKey = key;
188			//Shared credentials are not implemented yet
189			if (credential.hasOwnProperty('shared_key') && credential.shared_key) {
190			usedKey = PAPI.decryptString(credential.shared_key, key);
191
192			}
193			credential = PAPI.decryptCredential(credential, usedKey);
194			credential.account = inner_account;
195			if (credential.delete_time === 0) {
196			tmpList.push(credential);
197			}
198
199			}
200			delete vault.credentials;
201			local_vault = vault;
			0 ignored issues – show Unused Code introduced 2017-08-12 12:49 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `local_vault` seems to be never used. Consider removing it. Loading history...
202			local_credentials = tmpList;
203
204			getSharedCredentials(inner_account);
205
206
207			});
208			}(account));
209			/* jshint ignore:end */
210			}
211			}
212
213			_self.getCredentials = getCredentials;
214
215			function getSharedCredentials(account) {
216			PAPI.getCredendialsSharedWithUs(account, account.vault.guid, function (credentials) {
217			for (var i = 0; i < credentials.length; i++) {
218			var _shared_credential = credentials[i];
219			var _shared_credential_data;
220			var sharedKey = PAPI.decryptString(_shared_credential.shared_key, account.vault_password);
221			try {
222			_shared_credential_data = PAPI.decryptSharedCredential(_shared_credential.credential_data, sharedKey);
223			} catch (e) {
224
225			}
226			if (_shared_credential_data) {
227			delete _shared_credential.credential_data;
228			_shared_credential_data.acl = _shared_credential;
229			_shared_credential_data.acl.permissions = new SharingACL(_shared_credential_data.acl.permissions);
230			_shared_credential_data.tags_raw = _shared_credential_data.tags;
231			_shared_credential_data.account = account;
232			local_credentials.push(_shared_credential_data);
233			}
234			}
235			updateTabsIcon();
236			});
237			}
238
239			function getCredentialsByUrl(_url, sender) {
240			if (!master_password) {
241			return [];
242			}
243			if (!_url \|\| _url === '') {
244			return [];
245			}
246			if (Array.isArray(_url)) {
247			_url = _url.pop();
248			}
249
250			var p = document.createElement('a');
251			p.href = _url;
252			if (p.pathname) {
253			//_url = _url.substring(0, _url.lastIndexOf("/"));
254			}
255
256			var url = processURL(_url, _self.settings.ignoreProtocol, _self.settings.ignoreSubdomain, _self.settings.ignorePath, _self.settings.ignorePort);
257			var found_list = [];
258			for (var i = 0; i < local_credentials.length; i++) {
259			var credential_url = local_credentials[i].url;
260			if (!/^(ht)tps?:\/\//i.test(credential_url) && credential_url !== '' && _url) {
261			try {
262			var protocol = _url.split('://').shift();
263			credential_url = protocol + "://" + credential_url;
264			} catch (e) {
265			//ignore
266			}
267			}
268			credential_url = processURL(credential_url, _self.settings.ignoreProtocol, _self.settings.ignoreSubdomain, _self.settings.ignorePath, _self.settings.ignorePort);
269			if (credential_url) {
270			if (credential_url.indexOf(url) !== -1) {
271			found_list.push(local_credentials[i]);
272			}
273			}
274
275			}
276			return found_list;
277			}
278
279			_self.getCredentialsByUrl = getCredentialsByUrl;
280
281
282			function saveCredential(credential) {
283			//@TODO save shared password
284			if (!credential.credential_id) {
285			PAPI.createCredential(credential.account, credential, credential.account.vault_password, function (createdCredential) {
286			local_credentials.push(createdCredential);
287			});
288			} else {
289			var credential_index;
290			for (var i = 0; i < local_credentials.length; i++) {
291			if (local_credentials[i].guid === credential.guid) {
292			credential_index = i;
293			break;
294			}
295			}
296
297			if (credential.hasOwnProperty('acl')) {
298			var permissons = new SharingACL(credential.acl.permissions.permission);
299			if (!permissons.hasPermission(0x02)) {
300			return;
301			}
302			}
303
304			PAPI.updateCredential(credential.account, credential, credential.account.vault_password, function (updatedCredential) {
305			if (credential_index) {
306			local_credentials[credential_index] = updatedCredential;
307			}
308			});
309			}
310			}
311
312			_self.saveCredential = saveCredential;
313
314			function getCredentialByGuid(guid) {
315			for (var i = 0; i < local_credentials.length; i++) {
316			var credential = local_credentials[i];
317			if (credential.guid === guid) {
318			return credential;
319			}
320			}
321			}
322
323			_self.getCredentialByGuid = getCredentialByGuid;
324
325			function getCredentialForHTTPAuth(req) {
326			return getCredentialsByUrl(req.url)[0];
327			}
328
329			_window.getCredentialForHTTPAuth = getCredentialForHTTPAuth;
330
331			var mined_data = [];
332
333			function minedForm(data, sender) {
334			var url = sender.url;
335			var existingLogins = getCredentialsByUrl(sender.url);
336			var title = API.i18n.getMessage('detected_new_login') + ':';
337			var minedMatchingID = null;
338			for (var j = 0; j < existingLogins.length; j++) {
339			var login = existingLogins[j];
340			if (login.username === data.username) {
341			if (login.password !== data.password) {
342			minedMatchingID = login.guid;
343			title = API.i18n.getMessage('detected_changed_login') + ':';
344			}
345			else {
346			//console.log('No changes detected');
347			delete mined_data[sender.tab.id];
348			return;
349			}
350			}
351			}
352			mined_data[sender.tab.id] = {
353			title: title,
354			url: url,
355			username: data.username,
356			password: data.password,
357			label: sender.title,
358			guid: minedMatchingID
359			};
360
361			//console.log('Done mining, ', mined_data, sender.tab.id);
362			}
363
364			_self.minedForm = minedForm;
365
366			function getMinedData(args, sender) {
367			//console.log('Fecthing mined data for tab id', sender.tab.id)
368			var senderUrl = sender.tab.url;
369			var site = processURL(senderUrl, _self.settings.ignoreProtocol, _self.settings.ignoreSubdomain, _self.settings.ignorePath, _self.settings.ignorePort);
370			if (!_self.settings) {
371			return null;
372			}
373			if (!_self.settings.hasOwnProperty('ignored_sites')) {
374			return mined_data[sender.tab.id];
375			}
376			var matches = _self.settings.ignored_sites.filter(function (item) {
377			return typeof item === 'string' && site.indexOf(item) > -1;
378			});
379
380			if (matches.length !== 0) {
381			return null;
382			}
383			return mined_data[sender.tab.id];
384			}
385
386			_self.getMinedData = getMinedData;
387
388			function clearMined(args, sender) {
389			delete mined_data[sender.tab.id];
390			}
391
392			_self.clearMined = clearMined;
393
394			function saveMinedCallback(args) {
395			createIconForTab(args.sender.tab);
396			API.tabs.query({active: true, currentWindow: true}).then(function (tabs) {
397			API.tabs.sendMessage(args.sender.tab.id, {method: "minedLoginSaved", args: args}).then(function (response) {
398			});
399			});
400			}
401
402			function ignoreSite(_url) {
403			if (!_self.settings.hasOwnProperty('ignored_sites')) {
404			_self.settings.ignored_sites = [];
405			}
406			var site = processURL(_url, false, false, true, false);
407			if (_self.settings.ignored_sites.indexOf(site) === -1) {
408			_self.settings.ignored_sites.push(site);
409			saveSettings(_self.settings);
410			}
411			}
412
413			_self.ignoreSite = ignoreSite;
414
415			function ignoreURL(url) {
416			if (!_self.settings.hasOwnProperty('ignored_sites')) {
417			_self.settings.ignored_sites = [];
418			}
419			if (_self.settings.ignored_sites.indexOf(url) === -1) {
420			_self.settings.ignored_sites.push(url);
421			saveSettings(_self.settings);
422			}
423			}
424
425			_self.ignoreURL = ignoreURL;
426
427			function passToParent(args, sender) {
428			API.tabs.sendMessage(sender.tab.id, {method: args.injectMethod, args: args.args}).then(function (response) {
429			});
430			}
431
432			_self.passToParent = passToParent;
433
434			function getActiveTab(opt) {
435			API.tabs.query({active: true, currentWindow: true}).then(function (tabs) {
436			var tab = tabs[0];
437			API.tabs.sendMessage(tab.id, {method: opt.returnFn, args: tab}).then(function (response) {
438			});
439			});
440			}
441
442			_self.getActiveTab = getActiveTab;
443
444			function updateCredentialUrlDoorhanger(login) {
445			API.tabs.query({active: true, currentWindow: true}).then(function (tabs) {
446			var tab = tabs[0];
447			var data = login;
448			data.url = tab.url;
449			data.title = API.i18n.getMessage('detected_changed_url') + ':';
450			API.tabs.sendMessage(tab.id, {
451			method: 'showUrlUpdateDoorhanger',
452			args: {data: data}
453			});
454			});
455			}
456
457			_self.updateCredentialUrlDoorhanger = updateCredentialUrlDoorhanger;
458
459			function updateCredentialUrl(data, sender) {
460			mined_data[sender.tab.id] = data;
461			saveMined({}, sender);
462
463			}
464
465			_self.updateCredentialUrl = updateCredentialUrl;
466
467			function saveMined(args, sender) {
468			var data = mined_data[sender.tab.id];
469			var credential = {},
470			credential_index;
471
472			if (data.guid === null) {
473			credential = PAPI.newCredential();
474			} else {
475			for (var i = 0; i < local_credentials.length; i++) {
476			if (local_credentials[i].guid === data.guid) {
477			credential = local_credentials[i];
478			credential_index = i;
479			break;
480			}
481			}
482			}
483			if (!credential.hasOwnProperty('account')) {
484			credential.account = args.account;
485			}
486			credential.username = data.username;
487			credential.password = data.password;
488			credential.url = sender.tab.url;
489			if (credential.guid !== null) {
490			PAPI.updateCredential(credential.account, credential, credential.account.vault_password, function (updatedCredential) {
491			updatedCredential.account = credential.account;
492			if (credential_index) {
493			local_credentials[credential_index] = updatedCredential;
494			}
495			saveMinedCallback({credential: credential, updated: true, sender: sender});
496			delete mined_data[sender.tab.id];
497			});
498			} else {
499			credential.label = sender.tab.title;
500			credential.vault_id = credential.account.vault.vault_id;
501			PAPI.createCredential(credential.account, credential, credential.account.vault_password, function (createdCredential) {
502			createdCredential.account = credential.account;
503			saveMinedCallback({credential: credential, updated: false, sender: sender});
504			local_credentials.push(createdCredential);
505			delete mined_data[sender.tab.id];
506			});
507			}
508			}
509
510			_self.saveMined = saveMined;
511
512			function searchCredential(searchText) {
513			searchText = searchText.toLowerCase();
514			var searchFields = ['label', 'username', 'email', 'url', 'description'];
515			var results = [];
516			for (var i = 0; i < local_credentials.length; i++) {
517			var credential = local_credentials[i];
518			for (var f = 0; f < searchFields.length; f++) {
519			var field = searchFields[f];
520			if (!credential[field]) {
521			continue;
522			}
523
524			var field_value = credential[field].toLowerCase();
525			if (field_value.indexOf(searchText) !== -1) {
526			results.push(credential);
527			break;
528			}
529			}
530			}
531			return results;
532			}
533
534			_self.searchCredential = searchCredential;
535
536
537			function injectCreateCredential(args, sender) {
538			var account = getRuntimeSettings().accounts[args.vaultIndex];
539			var credential = PAPI.newCredential();
540			credential.label = args.label;
541			credential.username = args.username;
542			credential.password = args.password;
543			credential.vault_id = account.vault_id;
544			credential.url = sender.tab.url;
545			PAPI.createCredential(account, credential, account.vault_password, function (createdCredential) {
546			credential.account = account;
547			saveMinedCallback({credential: credential, updated: false, sender: sender, selfAdded: true});
548			local_credentials.push(createdCredential);
549
550			});
551			}
552
553			self.injectCreateCredential = injectCreateCredential;
554
555			function isVaultKeySet() {
556			return (_self.settings.vault_password !== null);
557			}
558
559			_self.isVaultKeySet = isVaultKeySet;
560
561			function isAutoFillEnabled() {
562			if (!_self.settings.hasOwnProperty('enableAutoFill')) {
563			return true;
564			}
565			return _self.settings.enableAutoFill;
566			}
567
568			_self.isAutoFillEnabled = isAutoFillEnabled;
569
570			function isAutoSubmitEnabled() {
571			if (!_self.settings.hasOwnProperty('enableAutoSubmit')) {
572			return false;
573			}
574			return _self.settings.enableAutoSubmit;
575			}
576
577			_self.isAutoSubmitEnabled = isAutoSubmitEnabled;
578
579			var doorhangerData = null;
580
581			function setDoorhangerData(data) {
582			doorhangerData = data;
583			}
584
585			_self.setDoorhangerData = setDoorhangerData;
586
587			function getDoorhangerData() {
588			return doorhangerData;
589			}
590
591			_self.getDoorhangerData = getDoorhangerData;
592
593			function closeSetupTab() {
594			API.tabs.query({url: 'chrome-extension://' + API.runtime.id + '/html/browser_action/browser_action.html'}).then(function (tabs) {
595			if (tabs && tabs[0]) {
596			API.tabs.remove(tabs[0].id);
597			}
598			});
599			}
600
601			_self.closeSetupTab = closeSetupTab;
602
603			API.runtime.onMessage.addListener(function (msg, sender, sendResponse) {
604
605			if (!msg \|\| !msg.hasOwnProperty('method')) {
606			return;
607			}
608			var result = false;
609			if (_self[msg.method]) {
610			result = _self[msg.method](msg.args, sender);
611			} else {
612			console.warn('[NOT FOUND] Method call', msg.method, 'args: ', msg.args);
613			}
614
615			sendResponse(result);
616			});
617
618			var defaultColor = '#0082c9';
619
620			function createIconForTab(tab) {
621			if (!master_password) {
622			return;
623			}
624			var tabUrl = tab.url;
625			var logins = getCredentialsByUrl(tabUrl);
626			if (tab.active) {
627			window.contextMenu.setContextItems(logins);
628			}
629			var credentialAmount = logins.length;
630			API.browserAction.setBadgeText({
631			text: credentialAmount.toString(),
632			tabId: tab.id
633			});
634			API.browserAction.setBadgeBackgroundColor({
635			color: defaultColor,
636			tabId: tab.id
637			});
638
639			var plural = (credentialAmount === 1) ? API.i18n.getMessage('credential') : API.i18n.getMessage('credentials');
640			API.browserAction.setTitle({
641			title: API.i18n.getMessage('browser_action_title_login', [credentialAmount.toString(), plural.toString()]),
642			tabId: tab.id
643			});
644			}
645
646			function displayLogoutIcons() {
647			if (_self.settings) {
648			API.tabs.query({}).then(function (tabs) {
649			for (var t = 0; t < tabs.length; t++) {
650			var tab = tabs[t];
651			API.browserAction.setBadgeText({
652			text: '🔑',
653			tabId: tab.id
654			});
655			API.browserAction.setBadgeBackgroundColor({
656			color: '#ff0000',
657			tabId: tab.id
658			});
659			API.browserAction.setTitle({
660			title: API.i18n.getMessage('browser_action_title_locked'),
661			tabId: tab.id
662			});
663			}
664			});
665			}
666			}
667
668			function updateTabsIcon() {
669			API.tabs.query({}).then(function (tabs) {
670			for (var t = 0; t < tabs.length; t++) {
671			var tab = tabs[t];
672			createIconForTab(tab);
673			}
674			});
675			}
676
677
678			API.tabs.onUpdated.addListener(function (tabId, changeInfo, tab) {
679			if (master_password) {
680			createIconForTab(tab);
681			} else {
682			displayLogoutIcons();
683			}
684			});
685
686			API.tabs.onActivated.addListener(function () {
687			API.tabs.query({active: true, currentWindow: true}).then(function (tabs) {
688			if (master_password) {
689			createIconForTab(tabs[0]);
690			} else {
691			displayLogoutIcons();
692			}
693			});
694			});
695
696			displayLogoutIcons();
697
698
699			storage.get('master_password').then(function (password) {
700			if (password) {
701			master_password = password;
702			API.api.browserAction.setBadgeBackgroundColor({
703			color: defaultColor
704			});
705			}
706			getSettings();
707			}).error(function (error) {
708			if (error === "Data not found") {
709			getSettings();
710			}
711			});
712			return _window;
713			}());
714
715

nextcloud / passman-webextension

Push — master ( 892ae5...58fe46 )

js/background/service/background.js (2 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like