bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-19 01:33:33 +00:00
Code Issues Releases Wiki Activity

Implemented Custom role and permissions (#237)

Browse Source 
* Implemented Custom role and permissions

* converted Permissions interface into a class

* formatting fix
This commit is contained in:
Addison Beck
2021-01-11 17:01:39 -05:00
committed by GitHub
parent 8d161d9245
commit 6ac6df75d7
10 changed files with 112 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
src/models/api/permissionsApi.ts Normal file
View File

@@ -0,0 +1,33 @@
import { BaseResponse } from '../response/baseResponse';
export class PermissionsApi extends BaseResponse {
accessBusinessPortal: boolean;
accessEventLogs: boolean;
accessImportExport: boolean;
accessReports: boolean;
manageAllCollections: boolean;
manageAssignedCollections: boolean;
manageCiphers: boolean;
manageGroups: boolean;
manageSso: boolean;
managePolicies: boolean;
manageUsers: boolean;
constructor(data: any = null) {
super(data);
if (data == null) {
return this;
}
this.accessBusinessPortal = this.getResponseProperty('AccessBusinessPortal');
this.accessEventLogs = this.getResponseProperty('AccessEventLogs');
this.accessImportExport = this.getResponseProperty('AccessImportExport');
this.accessReports = this.getResponseProperty('AccessReports');
this.manageAllCollections = this.getResponseProperty('ManageAllCollections');
this.manageAssignedCollections = this.getResponseProperty('ManageAssignedCollections');
this.manageCiphers = this.getResponseProperty('ManageCiphers');
this.manageGroups = this.getResponseProperty('ManageGroups');
this.manageSso = this.getResponseProperty('ManageSso');
this.managePolicies = this.getResponseProperty('ManagePolicies');
this.manageUsers = this.getResponseProperty('ManageUsers');
}
}

3
src/models/data/organizationData.ts
View File

@@ -2,6 +2,7 @@ import { ProfileOrganizationResponse } from '../response/profileOrganizationResp
import { OrganizationUserStatusType } from '../../enums/organizationUserStatusType';
import { OrganizationUserType } from '../../enums/organizationUserType';
import { PermissionsApi } from '../api/permissionsApi';
export class OrganizationData {
id: string;
@@ -25,6 +26,7 @@ export class OrganizationData {
maxStorageGb?: number;
ssoBound: boolean;
identifier: string;
permissions: PermissionsApi;
constructor(response: ProfileOrganizationResponse) {
this.id = response.id;
@@ -48,5 +50,6 @@ export class OrganizationData {
this.maxStorageGb = response.maxStorageGb;
this.ssoBound = response.ssoBound;
this.identifier = response.identifier;
this.permissions = response.permissions;
}
}

44
src/models/domain/organization.ts
View File

@@ -2,6 +2,8 @@ import { OrganizationData } from '../data/organizationData';
import { OrganizationUserStatusType } from '../../enums/organizationUserStatusType';
import { OrganizationUserType } from '../../enums/organizationUserType';
import { PermissionsApi } from '../api/permissionsApi';
export class Organization {
id: string;
@@ -25,6 +27,7 @@ export class Organization {
maxStorageGb?: number;
ssoBound: boolean;
identifier: string;
permissions: PermissionsApi;
constructor(obj?: OrganizationData) {
if (obj == null) {
@@ -52,6 +55,7 @@ export class Organization {
this.maxStorageGb = obj.maxStorageGb;
this.ssoBound = obj.ssoBound;
this.identifier = obj.identifier;
this.permissions = obj.permissions;
}
get canAccess() {
@@ -73,4 +77,44 @@ export class Organization {
get isOwner() {
return this.type === OrganizationUserType.Owner;
}
get canAccessBusinessPortal() {
return this.isAdmin || this.permissions.accessBusinessPortal;
}
get canAccessEventLogs() {
return this.isAdmin || this.permissions.accessEventLogs;
}
get canAccessImportExport() {
return this.isAdmin || this.permissions.accessImportExport;
}
get canAccessReports() {
return this.isAdmin || this.permissions.accessReports;
}
get canManageAllCollections() {
return this.isAdmin || this.permissions.manageAllCollections;
}
get canManageAssignedCollections() {
return this.isManager || this.permissions.manageAssignedCollections;
}
get canManageGroups() {
return this.isAdmin || this.permissions.manageGroups;
}
get canManageSso() {
return this.isAdmin || this.permissions.manageSso;
}
get canManagePolicies() {
return this.isAdmin || this.permissions.managePolicies;
}
get canManageUsers() {
return this.isAdmin || this.permissions.manageUsers;
}
}

6
src/models/request/organizationUserInviteRequest.ts
View File

@@ -1,10 +1,12 @@
import { OrganizationUserType } from '../../enums/organizationUserType';
import { SelectionReadOnlyRequest } from './selectionReadOnlyRequest';
import { OrganizationUserType } from '../../enums/organizationUserType';
import { PermissionsApi } from '../api/permissionsApi';
export class OrganizationUserInviteRequest {
emails: string[] = [];
type: OrganizationUserType;
accessAll: boolean;
collections: SelectionReadOnlyRequest[] = [];
permissions: PermissionsApi;
}

6
src/models/request/organizationUserUpdateRequest.ts
View File

@@ -1,9 +1,11 @@
import { OrganizationUserType } from '../../enums/organizationUserType';
import { SelectionReadOnlyRequest } from './selectionReadOnlyRequest';
import { OrganizationUserType } from '../../enums/organizationUserType';
import { PermissionsApi } from '../api/permissionsApi';
export class OrganizationUserUpdateRequest {
type: OrganizationUserType;
accessAll: boolean;
collections: SelectionReadOnlyRequest[] = [];
permissions: PermissionsApi;
}

10
src/models/response/organizationUserResponse.ts
View File

@@ -1,15 +1,18 @@
import { OrganizationUserStatusType } from '../../enums/organizationUserStatusType';
import { OrganizationUserType } from '../../enums/organizationUserType';
import { BaseResponse } from './baseResponse';
import { SelectionReadOnlyResponse } from './selectionReadOnlyResponse';
import { PermissionsApi } from '../api/permissionsApi';
import { OrganizationUserStatusType } from '../../enums/organizationUserStatusType';
import { OrganizationUserType } from '../../enums/organizationUserType';
export class OrganizationUserResponse extends BaseResponse {
id: string;
userId: string;
type: OrganizationUserType;
status: OrganizationUserStatusType;
accessAll: boolean;
permissions: PermissionsApi;
constructor(response: any) {
super(response);
@@ -17,6 +20,7 @@ export class OrganizationUserResponse extends BaseResponse {
this.userId = this.getResponseProperty('UserId');
this.type = this.getResponseProperty('Type');
this.status = this.getResponseProperty('Status');
this.permissions = new PermissionsApi(this.getResponseProperty('Permissions'));
this.accessAll = this.getResponseProperty('AccessAll');
}
}

3
src/models/response/profileOrganizationResponse.ts
View File

@@ -2,6 +2,7 @@ import { BaseResponse } from './baseResponse';
import { OrganizationUserStatusType } from '../../enums/organizationUserStatusType';
import { OrganizationUserType } from '../../enums/organizationUserType';
import { PermissionsApi } from '../api/permissionsApi';
export class ProfileOrganizationResponse extends BaseResponse {
id: string;
@@ -26,6 +27,7 @@ export class ProfileOrganizationResponse extends BaseResponse {
enabled: boolean;
ssoBound: boolean;
identifier: string;
permissions: PermissionsApi;
constructor(response: any) {
super(response);
@@ -51,5 +53,6 @@ export class ProfileOrganizationResponse extends BaseResponse {
this.enabled = this.getResponseProperty('Enabled');
this.ssoBound = this.getResponseProperty('SsoBound');
this.identifier = this.getResponseProperty('Identifier');
this.permissions = new PermissionsApi(this.getResponseProperty('permissions'));
}
}