[PM-26110] Add verify password screen for item export

[SaintPatrck]

🎟️ Tracking

PM-26110

📔 Objective

This commit introduces the verify password screen as part of the item export flow.

After selecting an account, the user is prompted to verify their password before any items can be exported.

It includes:

• VerifyPasswordNavigation.kt: Navigation logic for the verify password screen.
• VerifyPasswordViewModel.kt: ViewModel for the verify password screen, handling password validation and account switching if necessary.
• VerifyPasswordScreen.kt: Composable UI for the verify password screen.
• VerifyPasswordHandler.kt: Handler for user interactions on the verify password screen.
• Updates to ExportItemsNavigation.kt to integrate the verify password screen into the export flow.
• Updates to RootNavScreen.kt to pass the navController to exportItemsGraph.

📸 Screenshots

Coming soon!

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[github-actions]

Checkmarx One – Scan Summary & Details – 01b16e87-9bfc-4f14-b499-d5eb28f49bba

New Issues (1)

Checkmarx found the following issues in this Pull Request

Severity	Issue	Source File / Package	Checkmarx Insight
	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/ui/vault/feature/exportitems/verifypassword/VerifyPasswordViewModelTest.kt: 303	details Method Lambda at line 303 of /app/src/test/kotlin/com/x8bit/bitwarden/ui/vault/feature/exportitems/verifypassword/VerifyPasswordViewModelTest.kt s... ID: fSHcFYNud42z3vTjxhb6kyIeAtk%3D Attack Vector

[codecov]

Codecov Report

❌ Patch coverage is 94.18605% with 15 lines in your changes missing coverage. Please review.
✅ Project coverage is 84.36%. Comparing base (3edd5bd) to head (51db52c).
⚠️ Report is 3 commits behind head on main.

Files with missing lines	Patch %	Lines
...ortitems/verifypassword/VerifyPasswordViewModel.kt	94.80%	5 Missing and 3 partials ⚠️
...exportitems/verifypassword/VerifyPasswordScreen.kt	92.94%	4 Missing and 2 partials ⚠️
.../verifypassword/handlers/VerifyPasswordHandlers.kt	93.75%	0 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #5935      +/-   ##
==========================================
+ Coverage   84.30%   84.36%   +0.05%     
==========================================
  Files         721      725       +4     
  Lines       54077    54432     +355     
  Branches     7436     7478      +42     
==========================================
+ Hits        45591    45920     +329     
- Misses       5877     5895      +18     
- Partials     2609     2617       +8     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[david-livefront]

Can this just be:

 onDone = onUnlockClick,

[david-livefront]

Actually, we need to verify that this is an action they are allowed to take. Something like this:

onDone = {
    if (isUnlockButtonEnabled) {
        onUnlockClick()
    } else {
        defaultKeyboardAction(ImeAction.Done)
    }
}

[SaintPatrck]

No, because onDone isn't a parameterless lambda.

val onDone: (KeyboardActionScope.() -> Unit)? = null,

[david-livefront]

So this screen can be displayed for the non-active user?

[SaintPatrck]

Yes

[david-livefront]

Can you explain this a bit more? I would expect the screen to be displayed for the active user and switch the user if needed. Specifying the userId could lead to a misconfiguration that the repositories are not equipped to deal with since they assume the active user when doing most operations.

[SaintPatrck]

This informs the screen which account's password needs to be verified. Account switching does take place prior to performing password validation, if it's needed.

[david-livefront]

If the account switching already happened, do we need this value?

Can we just use the activeAccount?

[SaintPatrck]

Discussed offline and improved documentation.

Since account switching can be a costly operation when the vault is already unlocked, switching is deferred until absolutely necessary to perform password verification. This eliminates unnecessary account switching when the user navigates between Select Account and Verify Password screens.

[david-livefront]

👍