[PM-31614] feat: Added new UI for the Email verification on sends

[aj-rosado]

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-31614

📔 Objective

Initial PR to add the layout changes for the Email Verification option on Sends.
The changes are behind a feature flag and should not have any impact when it is turned off.

This does not add the changes to the server and misses validations that will be added on subsequent PRs.

📸 Screenshots

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[github-actions]

Checkmarx One – Scan Summary & Details – c849059b-d981-4868-9867-2b11d1c38f54

Great job! No new security vulnerabilities introduced in this pull request

[codecov]

Codecov Report

❌ Patch coverage is 93.19372% with 13 lines in your changes missing coverage. Please review.
✅ Project coverage is 86.33%. Comparing base (e5875cd) to head (8917a9f).
⚠️ Report is 2 commits behind head on main.

Files with missing lines	Patch %	Lines
...tools/feature/send/addedit/AddEditSendViewModel.kt	86.00%	5 Missing and 2 partials ⚠️
...d/addedit/components/AddEditSendAuthTypeChooser.kt	95.23%	0 Missing and 3 partials ⚠️
...ls/feature/send/addedit/util/SendViewExtensions.kt	50.00%	2 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #6488      +/-   ##
==========================================
+ Coverage   86.32%   86.33%   +0.01%     
==========================================
  Files         783      784       +1     
  Lines       56439    56598     +159     
  Branches     8162     8184      +22     
==========================================
+ Hits        48719    48865     +146     
- Misses       4880     4887       +7     
- Partials     2840     2846       +6     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[claude]

Claude finished @aj-rosado's task in 3m 2s —— View job

---

Code Review Summary

PR: PM-31614 feat: Added new UI for the Email verification on sends

Reviewed Commits: 8917a9f22 (latest) through b6b70024c (initial)

---

Status: Approved

All previous review comments have been addressed. The PR is ready for merge.

---

Summary of Changes

This PR adds a new authentication type chooser UI for Sends, allowing users to select between:

• Anyone with the link (NONE)
• Specific people with email verification (EMAIL)
• Anyone with password (PASSWORD)

Key additions:

• SendAuthType enum with Text-based display properties
• AddEditSendAuthTypeChooser composable component
• ViewModel actions and state management for auth type selection
• Email list management (add/remove/edit)
• Feature flag protection (SendEmailVerification)

---

Addressed Items (Latest Commits)

Reviewer Comment	Status
Make supportingTextRes a Text type (david-livefront)	Addressed in 8917a9f22
Pass selectedAuthType from ViewModel	Addressed
Use ImmutableList for emails parameter	Addressed
Use ImmutableList for authEmails in ViewModel state	Addressed
Add ColumnScope. extension to SpecificPeopleEmailContent	Addressed
Capitalize function name SpecificPeopleEmailContent	Addressed
Simplify onClick = onAddNewEmailClick	Addressed
Chain format for .takeIf { }.orNullIfBlank()	Addressed
Format AuthTypeSelect on single line	Addressed
Fix card style for NONE auth type (CardStyle.Full)	Addressed

---

Code Quality Assessment

Category	Assessment
Security	No concerns - UI changes behind feature flag
Correctness	Logic correctly handles auth type transitions
Architecture	Follows MVVM + UDF pattern appropriately
Test Coverage	Comprehensive tests for ViewModel, Screen, and Extensions

---

Non-blocking Note

The SendViewExtensionsTest.kt currently only covers the PASSWORD auth type case (via createMockSendView which has hasPassword = true). Consider adding tests for EMAIL and NONE cases in a follow-up to ensure all toViewState branches are covered.

---

Reviewed with Claude Code

[claude]

🎨 SUGGESTED: The selectedOption is managed locally with rememberSaveable and computed from hasPassword and emails props. This works correctly in most scenarios, but creates a potential state desync if the ViewModel's authType changes from an external action (e.g., if "Remove password" functionality were to reset the auth type).

Consider passing the current authType from the ViewModel as a parameter to ensure single source of truth:

fun AddEditSendAuthTypeChooser(
    selectedAuthType: SendAuthType, // Add this parameter
    onAuthTypeSelect: (SendAuthType) -> Unit,
    // ... other params
)

This is a minor suggestion - the current implementation works correctly for the current use cases since the auth type changes only occur through user interaction with this component.

[david-livefront]

I agree with Claude here, Maybe we can just pass in the SendAuthType

[andrebispo5]

Feature label is missing.

[andrebispo5]

⛏️ Typo in the PR description

The chagnes are behind a feature flag and should not have any impact when it is turned off.

[claude]

🎨 SUGGESTED: Missing test coverage for authType branches

The toViewState extension function has conditional logic for determining authType based on hasPassword and emails.isNotEmpty() (lines 39-43 in SendViewExtensions.kt):

authType = when {
    hasPassword -> SendAuthType.PASSWORD
    emails.isNotEmpty() -> SendAuthType.EMAIL
    else -> SendAuthType.NONE
}

The current tests only cover the PASSWORD case (via createMockSendView which has hasPassword = true). Consider adding tests for:

1. EMAIL case: A SendView with hasPassword = false and non-empty emails list
2. NONE case: A SendView with hasPassword = false and empty emails list

This would ensure all branches are covered and the authType mapping logic is correctly tested.

[david-livefront]

Can we make this an immutable list

[david-livefront]

Immutable list here too

[david-livefront]

Can you use chain format here:

   .passwordInput
   .takeIf { common.authType == SendAuthType.PASSWORD }
   .orNullIfBlank(),

[david-livefront]

This should start with a capital S

Can we also add the ColumnScope. extension. I know the IDE will say it's not needed but this composable does not make sense outside of a ColumnScope and we should enforce that it is always applied there.

[david-livefront]

Can we simplify this:

onClick = onAddNewEmailClick,

[david-livefront]

One of your screenshots show that part of the card has the incorrect style

[david-livefront]

Can we make this an ImmutableList

[david-livefront]

Can we format this a bit nicer:

    data class AuthTypeSelect(val authType: SendAuthType) : AddEditSendAction()

[david-livefront]

Can we make this a Text as well?

[david-livefront]

Can this be simplified:

authEmails = commonContent.authEmails.ifEmpty { persistentListOf("") },

[david-livefront]

Instead of the index, can we [ass back the actual email to remove?

[david-livefront]

Using the index is unsafe and can lead to errors.

Can we wrap the emails in a data class and create ids to track them. That will make this all much safer