[PM-12281] [PM-12301] [PM-12306] [PM-12334] Move delete item permission to Can Manage (#11289)

* Added inputs to the view and edit component to disable or remove the delete button when a user does not have manage rights * Refactored editByCipherId to receive cipherview object * Fixed issue where adding an item on the individual vault throws a null reference * Fixed issue where adding an item on the AC vault throws a null reference * Allow delete in unassigned collection * created reusable service to check if a user has delete permission on an item * Registered service * Used authorizationservice on the browser and desktop Only display the delete button when a user has delete permission * Added comments to the service * Passed active collectionId to add edit component renamed constructor parameter * restored input property used by the web * Fixed dependency issue * Fixed dependency issue * Fixed dependency issue * Modified service to cater for org vault * Updated to include new dependency * Updated components to use the observable * Added check on the cli to know if user has rights to delete an item * Renamed abstraction and renamed implementation to include Default Fixed permission issues * Fixed test to reflect changes in implementation * Modified base classes to use new naming Passed new parameters for the canDeleteCipher * Modified base classes to use new naming Made changes from base class * Desktop changes Updated reference naming * cli changes Updated reference naming Passed new parameters for the canDeleteCipher$ * Updated references * browser changes Updated reference naming Passed new parameters for the canDeleteCipher$ * Modified cipher form dialog to take in active collection id used canDeleteCipher$ on the vault item dialog to disable the delete button when user does not have the required permissions * Fix number of arguments issue * Added active collection id * Updated canDeleteCipher$ arguments * Updated to pass the cipher object * Fixed up refrences and comments * Updated dependency * updated check to canEditUnassignedCiphers * Fixed unit tests * Removed activeCollectionId from cipher form * Fixed issue where bulk delete option shows for can edit users * Fix null reference when checking if a cipher belongs to the unassigned collection * Fixed bug where allowedCollection passed is undefined * Modified cipher by adding a isAdminConsoleAction argument to tell when a reuqest comes from the admin console * Passed isAdminConsoleAction as true when request is from the admin console
2025-12-20 18:23:31 +00:00 · 2024-10-22 15:15:15 +02:00
parent 470ddf79ab
commit 4a30782939
39 changed files with 551 additions and 58 deletions
--- a/apps/desktop/src/vault/app/vault/add-edit.component.html
+++ b/apps/desktop/src/vault/app/vault/add-edit.component.html
@@ -710,7 +710,7 @@
        (click)="delete()"
        class="danger"
        appA11yTitle="{{ 'delete' | i18n }}"
-        *ngIf="editMode && !cloneMode"
+        *ngIf="editMode && !cloneMode && (canDeleteCipher$ | async)"
        [disabled]="$any(deleteBtn).loading"
        [appApiAction]="deletePromise"
      >
--- a/apps/desktop/src/vault/app/vault/add-edit.component.ts
+++ b/apps/desktop/src/vault/app/vault/add-edit.component.ts
@@ -18,6 +18,7 @@ import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/pl
 import { SendApiService } from "@bitwarden/common/tools/send/services/send-api.service.abstraction";
 import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.service";
 import { FolderService } from "@bitwarden/common/vault/abstractions/folder/folder.service.abstraction";
+import { CipherAuthorizationService } from "@bitwarden/common/vault/services/cipher-authorization.service";
 import { DialogService } from "@bitwarden/components";
 import { PasswordRepromptService } from "@bitwarden/vault";

@@ -50,6 +51,7 @@ export class AddEditComponent extends BaseAddEditComponent implements OnInit, On
    dialogService: DialogService,
    datePipe: DatePipe,
    configService: ConfigService,
+    cipherAuthorizationService: CipherAuthorizationService,
  ) {
    super(
      cipherService,
@@ -70,6 +72,7 @@ export class AddEditComponent extends BaseAddEditComponent implements OnInit, On
      window,
      datePipe,
      configService,
+      cipherAuthorizationService,
    );
  }

--- a/apps/desktop/src/vault/app/vault/vault.component.html
+++ b/apps/desktop/src/vault/app/vault/vault.component.html
@@ -14,6 +14,7 @@
    class="details"
    *ngIf="cipherId && action === 'view'"
    [cipherId]="cipherId"
+    [collectionId]="activeFilter?.selectedCollectionId"
    (onCloneCipher)="cloneCipherWithoutPasswordPrompt($event)"
    (onEditCipher)="editCipherWithoutPasswordPrompt($event)"
    (onViewCipherPasswordHistory)="viewCipherPasswordHistory($event)"
@@ -29,6 +30,7 @@
    [folderId]="action === 'add' && folderId !== 'none' ? folderId : null"
    [organizationId]="action === 'add' ? addOrganizationId : null"
    [collectionIds]="action === 'add' ? addCollectionIds : null"
+    [collectionId]="activeFilter?.selectedCollectionId"
    [type]="action === 'add' ? (addType ? addType : type) : null"
    [cipherId]="action === 'edit' || action === 'clone' ? cipherId : null"
    (onSavedCipher)="savedCipher($event)"
--- a/apps/desktop/src/vault/app/vault/view.component.html
+++ b/apps/desktop/src/vault/app/vault/view.component.html
@@ -566,7 +566,7 @@
  >
    <i class="bwi bwi-files bwi-fw bwi-lg" aria-hidden="true"></i>
  </button>
-  <div class="right" *ngIf="cipher.edit">
+  <div class="right" *ngIf="canDeleteCipher$ | async">
    <button
      type="button"
      (click)="delete()"
--- a/apps/desktop/src/vault/app/vault/view.component.ts
+++ b/apps/desktop/src/vault/app/vault/view.component.ts
@@ -30,6 +30,7 @@ import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.servi
 import { FolderService } from "@bitwarden/common/vault/abstractions/folder/folder.service.abstraction";
 import { TotpService } from "@bitwarden/common/vault/abstractions/totp.service";
 import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
+import { CipherAuthorizationService } from "@bitwarden/common/vault/services/cipher-authorization.service";
 import { DialogService } from "@bitwarden/components";
 import { PasswordRepromptService } from "@bitwarden/vault";

@@ -66,6 +67,7 @@ export class ViewComponent extends BaseViewComponent implements OnInit, OnDestro
    datePipe: DatePipe,
    billingAccountProfileStateService: BillingAccountProfileStateService,
    accountService: AccountService,
+    cipherAuthorizationService: CipherAuthorizationService,
  ) {
    super(
      cipherService,
@@ -91,6 +93,7 @@ export class ViewComponent extends BaseViewComponent implements OnInit, OnDestro
      datePipe,
      accountService,
      billingAccountProfileStateService,
+      cipherAuthorizationService,
    );
  }
  ngOnInit() {