Closed Bug 1641777 Opened 2 months ago Closed 1 month ago

Import logins from Firefox login export CSV files

Categories

(Toolkit :: Password Manager, enhancement, P2)

Desktop
All
enhancement

Tracking

()

VERIFIED FIXED
mozilla80
Tracking Status
firefox80 --- disabled

People

(Reporter: MattN, Assigned: petcuandrei)

References

(Depends on 2 open bugs, Blocks 1 open bug)

Details

User Story

Disabled in Fx80 outside Nightly via `signon.management.page.fileImport.enabled`

Attachments

(1 file)

Before supporting import from other password managers, let's get the basic of importing our own export files working.

Flags: qe-verify+

What icon should I use for the import? Same as the other import or the other import icon?
https://design.firefox.com/icons/viewer/#import

Flags: needinfo?(MattN+bmo)
Flags: needinfo?(MattN+bmo)

How should the UI look? Should we ask for confirmation? master password? success message?

(In reply to petcuandrei from comment #4)

How should the UI look?

I think the minimum would be the new menu item opens a Open File picker which immediately imports using LoginHelper.maybeImport… and then tells you how many logins were import and how many were updated.

Alternatively we could re-add a browse button to the Import from Another Browser wizard (like we used to have for bookmarks.html). It already has a confirmation screen (that currently lies to you but I would love to fix that for all imports).

Should we ask for confirmation?

IMO this would only be useful if we gave the the user enough context to make an informed decision… that might even require show the exact logins that will be changed and how they will be changed but that sounds like too much…

master password?

This part I can answer: We don't need this since we only use MP to protect reading the plaintext password (not deleting/overwriting) and import isn't reading. The user will automatically get a MP prompt upon import if the MP happens to be locked.

success message?

See above. Ideally we would indicate how many were updated and how many were added but idk what UI we would use for that if we don't do it in the wizard dialog. I don't recall having any kind of "toast" UI in about:logins atm. I'm not sure when Katie will be able to help with this. For now I think do my minimal suggestion without the confirmation and we can add that in a separate bug if Katie doesn't have time to design it yet.

Flags: needinfo?(kcaldwell)

I'm getting mixed messages here.

  1. use the success UI from the wizard (which for some reason is disabled on my machine, maybe due to the OS)
  2. not add a success message since there is no toast and Katie does not have time for this

What am I missing? :)
Also, if we do show some success message, the skipped rows would also be useful since there might be issues with the CSV or with the import system.

Hi Andrei - thanks for all your time and thought on this. I really appreciate your patience as my ux time is limited (at the moment!) for logins and passwords. The ideal situation is UX creates a user flow diagram with the team, then creates wireframes for all surfaces the user will interact with - then you'd be able to reference those docs and have answers and content for these questions... but here we are.

Small update so you're in loop, Matt and I will chat this week to discuss timeline and ux issues.
Again, thanks for raising some of those ux issues here and for your patience!

Flags: needinfo?(kcaldwell)

We can export items without a httpRealm and a formActionOrigin but we get an error when creating a new item. "Can't add a login without a httpRealm or formActionOrigin.". What should I do?

Flags: needinfo?(MattN+bmo)

I suspect you can just use null. That is what the ChromeProfileMigrator does: https://searchfox.org/mozilla-central/source/browser/components/migration/ChromeProfileMigrator.jsm#544-545

My CSV parser was way off :) The JSON password messed up the parser and ended up setting both httpRealm and formActionOrigin.
I fixed it now and it has a simpler implementation, easier to read.

I also noticed a problem in the export: I always quote all the values. That's not a big deal, it's still valid CSV. The problem is that if I edit the CSV with LibreOffice, it will change ALL THE LINES and remove the quotes where they are not needed. Now I changed the export to only add quotes when needed.

Depends on: 1648336
Attachment #9152997 - Attachment description: Bug 1641777 Import logins from Firefox login export CSV files → Bug 1641777 Import logins from Firefox CSV file
Attachment #9152997 - Attachment description: Bug 1641777 Import logins from Firefox CSV file → Bug 1641777 Import logins from Firefox,Bitwarde,Chrome CSV file
Depends on: 1649940
Attachment #9152997 - Attachment description: Bug 1641777 Import logins from Firefox,Bitwarde,Chrome CSV file → Bug 1641777 - Import logins from Firefox, Bitwarden, & Chrome CSV files
Pushed by mozilla@noorenberghe.ca:
https://hg.mozilla.org/integration/autoland/rev/10c9e57fb4f8
Import logins from Firefox, Bitwarden, & Chrome CSV files r=MattN,flod

d3 path changed. will update soon.

Flags: needinfo?(petcuandrei)

$hg update central --clean
15858 files updated, 0 files merged, 12238 files removed, 0 files unresolved

$moz-phab patch D77603 --no-bookmark
Patching revisions: D75716 D77324 D77593 D77603
Checked out 9dae371f2b33
D75716 applied
patching file browser/components/aboutlogins/tests/browser/browser_openExport.js
Hunk #3 FAILED at 69
1 out of 4 hunks FAILED -- saving rejects to file browser/components/aboutlogins/tests/browser/browser_openExport.js.rej
patching file browser/components/aboutlogins/content/aboutLogins.js
Hunk #1 FAILED at 123
1 out of 1 hunks FAILED -- saving rejects to file browser/components/aboutlogins/content/aboutLogins.js.rej
abort: patch failed to apply
CommandError: command 'hg' failed to complete successfully
Run moz-phab again with '--trace' to show debugging output
Sentry is attempting to send 0 pending error messages
Waiting up to 2 seconds
Press Ctrl-C to quit

I ran this command and the tests pass locally
moz-phab patch D77603 --apply-to . --skip-dependencies

I'm on Fedora.

Flags: needinfo?(MattN+bmo)
Pushed by mozilla@noorenberghe.ca:
https://hg.mozilla.org/integration/autoland/rev/80886c7f83dd
Import logins from Firefox, Bitwarden, & Chrome CSV files r=MattN,flod
Status: ASSIGNED → RESOLVED
Closed: 1 month ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla80
Depends on: 1650675

I have verified this issue using the latest Firefox Nightly 80.0a1 (Build ID: 20200707213111) on Windows 10 x64, Ubuntu 18.04, Mac 10.15.

  • The “Import from a file…” option is displayed in the Ellipsis menu and has the correct icon.
  • After clicking the “Import from a file…” option the “Import Logins File” picker is shown.
  • The logins are correctly imported from the CSV file after clicking on the “Open” button from the “Import Logins File” picker.
Status: RESOLVED → VERIFIED
Flags: qe-verify+

The feature is now disabled in Fx80 outside Nightly via signon.management.page.fileImport.enabled

User Story: (updated)

The import from CSV doesn't seem to discard/override duplicates between the CSV import and the passwords already stored in lockwise. Is this intended behavior and/or something that the community would be interested in having? If so, if someone could point me towards which file the actual importing takes place in I could work on that.

Flags: needinfo?(petcuandrei)

what are the steps to reproduce?

Flags: needinfo?(petcuandrei)

On windows 10:

Install firefox nightly, log into my firefox account (which already has some passwords for accounts.google.com)

Import CSV from bitwarden

After the importing has completed, I see two entries for accounts.google.com for the same email and same password.

You need to log in before you can comment on or make changes to this bug.