[PM-13455] Risk insights aggregation in a new service.

[ttalty]

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-13455

📔 Objective

Data aggregation service for the all applications health report for risk insights.

The service contains three generate methods.

1. generateRawDataReport Members, password health, and uris are associated at the cipher level. Returns the raw data containing the weak password, reused password, and exposed password. The trimmed uris and assigned members. Used for the first diagnostic tab for raw data just not displaying the members info/uris. Also used for the raw data + members diagnostic tab by displaying the member information and excluding the uris.
2. generateRawDataUriReport Calls the generateRawDataReport for the base data. Flattens out the base data. A record for each uri is created with it's parent cipher health information.
3. generateApplicationsReport Calls the generateRawDataUriReport for the flattened base data. The uris need to be grouped together and the report data aggregated. Returns the uri, member information, total password count, at risk member information, and at risk member counts.

Important methods to note:

• getTrimmedCipherUris Uses Utils.getHostname to trim to the hostname. For each cipher we want to return only distinct trimmed uris. A cipher can have two uris: 'https://google.com' and 'google.com/login' assigned to the cipher. Both trimmed uris are 'google.com' when flattened this would duplicate the uri detail causing incorrect totals in the final report. Only return distinct trimmed uris for each cipher.
• getApplicationHealthReport Where the final health report object is aggregated. The record is at risk if their is a weak password, exposed, or reused password. If there is an existing record in the array with the current items uri. The password count value is incremented. The members are updated to include any members not already in the existing item. If the new record is at risk. At risk members are updated with any new entries and the at risk password count is incremented. If there is not an existing record. The new application health report record is created instead of updated. This method uses the getApplicationReportDetail private method to create the object for update/create.

ℹ️ This is a work in progress meant to start the review process. Future development will include test cases and implementation.

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[codecov]

Codecov Report

Attention: Patch coverage is 83.59375% with 21 lines in your changes missing coverage. Please review.

Project coverage is 33.45%. Comparing base (1b6b5d3) to head (3638684).
Report is 1 commits behind head on main.

✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
...-insights/services/risk-insights-report.service.ts	83.60%	12 Missing and 8 partials ⚠️
.../src/tools/reports/risk-insights/services/index.ts	0.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #12071      +/-   ##
==========================================
+ Coverage   33.42%   33.45%   +0.03%     
==========================================
  Files        2901     2902       +1     
  Lines       90564    90692     +128     
  Branches    17212    17238      +26     
==========================================
+ Hits        30271    30341      +70     
- Misses      57899    57953      +54     
- Partials     2394     2398       +4     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[audreyality]

👍🏻 Thanks for resolving all of my feedback!

📝 There's new feedback based on the strict null checking ADR. 😖

[audreyality]

⚠️ You should prefer undefined to null per ADR-14. In this case, you could implement it by marking the provided properties as optional (?).

♻️ The other option is to rework your PR so that it never partially defines an object. This solution should be preferred, all else being equal.

📝 I imagine time will be an issue so if you go with the ? option, then it should have a FIXME attached noting the above debt.