bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-11 22:03:36 +00:00
Code Issues Releases Wiki Activity

[AC-2086] Update CanDelete with v1 flag logic (#9100)

Browse Source 
* feat: update org domain object deleteAnyCollection with v1 flag logic, refs AC-2086

* feat: update canDelete method to handle v1 flag logic, refs AC-2086

* feat: update canDelete references to pass v1 flag, refs AC-2086

* feat: add provider check and modify owner/admin type checks, refs AC-2086

* fix: add permission to org instantiation for vault item stories, refs AC-2086
This commit is contained in:
Vincent Salucci
2024-05-13 16:13:27 -05:00
committed by GitHub
parent 66f5d90803
commit 3900924250
11 changed files with 42 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
libs/common/src/admin-console/models/domain/organization.ts
View File

@@ -232,8 +232,23 @@ export class Organization {
);
}
get canDeleteAnyCollection() {
return this.isAdmin || this.permissions.deleteAnyCollection;
/**
* @param flexibleCollectionsV1Enabled - Whether or not the V1 Flexible Collection feature flag is enabled
* @returns True if the user can delete any collection
*/
canDeleteAnyCollection(flexibleCollectionsV1Enabled: boolean) {
// Providers and Users with DeleteAnyCollection permission can always delete collections
if (this.isProviderUser || this.permissions.deleteAnyCollection) {
return true;
}
// If AllowAdminAccessToAllCollectionItems is true, Owners and Admins can delete any collection, regardless of LimitCollectionCreationDeletion setting
// Using explicit type checks because provider users are handled above and this mimics the server's permission checks closely
if (!flexibleCollectionsV1Enabled || this.allowAdminAccessToAllCollectionItems) {
return this.type == OrganizationUserType.Owner || this.type == OrganizationUserType.Admin;
}
return false;
}
/**
@@ -242,7 +257,9 @@ export class Organization {
*/
get canViewAllCollections() {
// Admins can always see all collections even if collection management settings prevent them from editing them or seeing items
return this.isAdmin || this.permissions.editAnyCollection || this.canDeleteAnyCollection;
return (
this.isAdmin || this.permissions.editAnyCollection || this.permissions.deleteAnyCollection
);
}
/**