[PM-33861] Display organization notification banner on vault list

[matt-livefront]

🎟️ Tracking

PM-33861

📔 Objective

Add support for the organizationUserNotification organization policy and surface it as a dismissible banner (action card) on the vault list.

Changes:

• Add the pm-31948-org-user-notification-banner feature flag.
• Add the organizationUserNotification PolicyType and its associated PolicyOptionType keys (header, description, buttonText, showAfterEveryLogin).
• Add OrganizationUserNotificationBannerData and PolicyService.getOrganizationUserNotificationBannerData(), which (behind the feature flag) returns the banner data for the earliest-revision policy applying to the user, or nil when no policy applies or the policy has no description.
• Render the banner as an ActionCard on the vault list (empty and populated states). When the policy supplies both a header and button text, an acknowledgement button is shown; otherwise a standard X dismiss button is shown. Dismissing clears the banner.
• Extract the vault-list action cards into a dedicated extension and share apolicyWithEarliestRevisionDate helper in PolicyService.

Currently this just dismisses the banner in memory. There's additional logic for persisting the dismissal of the banner coming in a future PR.

📸 Screenshots

Description Only	Header + Description	Header, Description, Custom Button

[github-actions]

🤖 Bitwarden Claude Code Review

Overall Assessment: APPROVE

Reviewed the addition of the organizationUserNotification policy and its dismissible vault-list banner. The feature is cleanly gated behind the pm-31948-org-user-notification-banner flag, the action-card extraction preserves existing behavior, and the new PolicyService logic, processor wiring, and view rendering are well covered by unit and ViewInspector tests. The shared policyWithEarliestRevisionDate helper is a faithful refactor of the prior inline min logic.

Code Review Details

• ❓ : SDK nil mapping silently disables the banner when policiesInAcceptedState is enabled; the new banner tests only cover the legacy native-filter path
  • BitwardenShared/Core/Vault/Services/PolicyService+SdkMapping.swift:92

[codecov]

Codecov Report

❌ Patch coverage is 70.53571% with 33 lines in your changes missing coverage. Please review.
✅ Project coverage is 80.85%. Comparing base (68caf09) to head (1190195).

Files with missing lines	Patch %	Lines
...hared/UI/Vault/Vault/VaultList/VaultListView.swift	58.97%	32 Missing ⚠️
...Shared/Core/Platform/Models/Enum/FeatureFlag.swift	0.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2798      +/-   ##
==========================================
+ Coverage   80.82%   80.85%   +0.02%     
==========================================
  Files        1018     1018              
  Lines       64941    64996      +55     
==========================================
+ Hits        52490    52551      +61     
+ Misses      12451    12445       -6     

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[fedemkr]

❓ I know this comes from the organization logic, but I'm a bit hesitant as this is getting the policy that has been updated least recently, i.e. the oldest one. Maybe it's correct as is, but I would think the most recently updated policy should prevail instead as it would have the latest changes.
Would this be to display the cards ordered from earliest to latest? Would the shown card policy be removed in a future PR?

[matt-livefront]

In practice, there can only be a single notification banner. This policy requires the "Single organization" policy, so you can't be a member of multiple organizations and you can only specify a single banner policy. Also, once the dismissal logic is implemented, which is based on on revision date, if there were multiple, dismissing an older one would then cause the newer one to be shown.

[fedemkr]

⛏️ This is referencing the same ticket as this PR. Will this be added as part of this PR?

[matt-livefront]

I'll have a follow-up PR for this work, as there was already a lot here. The dismissal logic was easy to break off from this work.

[claude]

❓ QUESTION: This nil mapping silently disables the new banner when the policiesInAcceptedState flag is enabled.

Details

getOrganizationUserNotificationBannerData() calls policiesApplyingToUser(.organizationUserNotification). When policiesInAcceptedState is enabled, that routes through sdkFilterPolicies, which returns [] early because BitwardenSdk.PolicyType(.organizationUserNotification) is nil here. The result is that the banner never appears for any user once policiesInAcceptedState rolls out, even though organizationUserNotificationBanner is on.

The getOrganizationUserNotificationBannerData tests only exercise the legacy native-filter path (the policiesInAcceptedState flag defaults to false in the mock), so this interaction isn't covered.

Is the intent that the banner only ships after PM-39144 adds the SDK mapping, or should this be handled before enabling the banner flag? A note tying PM-39144 to the banner rollout (or test coverage for the SDK path) would make the dependency explicit.