mirror of
https://github.com/bitwarden/browser
synced 2025-12-13 14:53:33 +00:00
Move policy checks within policyService (#466)
* Move policy logic within policyService * Remove unneeded import * Clean up unused code * Fix linting * Enforce policies from accepting org invite * Only exempt owner or admin from policies * Use canManagePolicies as exemption criteria * Make orgUser status check more semantic Co-authored-by: Addison Beck <abeck@bitwarden.com> Co-authored-by: Addison Beck <abeck@bitwarden.com>
This commit is contained in:
Thomas Rittson
GitHub
@@ -164,28 +164,20 @@ export class AddEditComponent implements OnInit {
|
||||
}
|
||||
|
||||
async init() {
|
||||
const policies = await this.policyService.getAll(PolicyType.PersonalOwnership);
|
||||
const myEmail = await this.userService.getEmail();
|
||||
this.ownershipOptions.push({ name: myEmail, value: null });
|
||||
const orgs = await this.userService.getAllOrganizations();
|
||||
orgs.sort(Utils.getSortFunction(this.i18nService, 'name')).forEach(o => {
|
||||
if (o.enabled && o.status === OrganizationUserStatusType.Confirmed) {
|
||||
this.ownershipOptions.push({ name: o.name, value: o.id });
|
||||
if (policies != null && o.usePolicies && !o.canManagePolicies && this.allowPersonal) {
|
||||
for (const policy of policies) {
|
||||
if (policy.organizationId === o.id && policy.enabled) {
|
||||
this.allowPersonal = false;
|
||||
this.ownershipOptions.splice(0, 1);
|
||||
// Default to the organization who owns this policy for now (if necessary)
|
||||
if (this.organizationId == null) {
|
||||
this.organizationId = o.id;
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
if (this.allowPersonal && await this.policyService.policyAppliesToUser(PolicyType.PersonalOwnership)) {
|
||||
this.allowPersonal = false;
|
||||
this.ownershipOptions.splice(0, 1);
|
||||
}
|
||||
|
||||
this.writeableCollections = await this.loadCollections();
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user