[PM-10996] Remove restrict-provider-access feature flag (#10977)

2025-12-15 15:53:27 +00:00 · 2024-09-11 10:45:23 -07:00
parent db9003458b
commit 8e4dab5eba
23 changed files with 53 additions and 206 deletions
--- a/libs/common/src/admin-console/models/domain/organization.ts
+++ b/libs/common/src/admin-console/models/domain/organization.ts
@@ -183,14 +183,7 @@ export class Organization {
    return this.isAdmin || this.permissions.editAnyCollection;
  }

-  canEditUnassignedCiphers(restrictProviderAccessFlagEnabled: boolean) {
-    // Providers can access items until the restrictProviderAccess flag is enabled
-    // After the flag is enabled and removed, this block will be deleted
-    // so that they permanently lose access to items
-    if (this.isProviderUser && !restrictProviderAccessFlagEnabled) {
-      return true;
-    }
-
+  get canEditUnassignedCiphers() {
    return (
      this.type === OrganizationUserType.Admin ||
      this.type === OrganizationUserType.Owner ||
@@ -198,14 +191,7 @@ export class Organization {
    );
  }

-  canEditAllCiphers(restrictProviderAccessFlagEnabled: boolean) {
-    // Providers can access items until the restrictProviderAccess flag is enabled
-    // After the flag is enabled and removed, this block will be deleted
-    // so that they permanently lose access to items
-    if (this.isProviderUser && !restrictProviderAccessFlagEnabled) {
-      return true;
-    }
-
+  get canEditAllCiphers() {
    // The allowAdminAccessToAllCollectionItems flag can restrict admins
    // Custom users with canEditAnyCollection are not affected by allowAdminAccessToAllCollectionItems flag
    return (
--- a/libs/common/src/enums/feature-flag.enum.ts
+++ b/libs/common/src/enums/feature-flag.enum.ts
@@ -12,7 +12,6 @@ export enum FeatureFlag {
  EnableDeleteProvider = "AC-1218-delete-provider",
  ExtensionRefresh = "extension-refresh",
  PersistPopupView = "persist-popup-view",
-  RestrictProviderAccess = "restrict-provider-access",
  PM4154_BulkEncryptionService = "PM-4154-bulk-encryption-service",
  UseTreeWalkerApiForPageDetailsCollection = "use-tree-walker-api-for-page-details-collection",
  EmailVerification = "email-verification",
@@ -59,7 +58,6 @@ export const DefaultFeatureFlagValue = {
  [FeatureFlag.EnableDeleteProvider]: FALSE,
  [FeatureFlag.ExtensionRefresh]: FALSE,
  [FeatureFlag.PersistPopupView]: FALSE,
-  [FeatureFlag.RestrictProviderAccess]: FALSE,
  [FeatureFlag.PM4154_BulkEncryptionService]: FALSE,
  [FeatureFlag.UseTreeWalkerApiForPageDetailsCollection]: FALSE,
  [FeatureFlag.EmailVerification]: FALSE,
--- a/libs/common/src/vault/models/view/collection.view.ts
+++ b/libs/common/src/vault/models/view/collection.view.ts
@@ -38,18 +38,14 @@ export class CollectionView implements View, ITreeNodeObject {
    }
  }

-  canEditItems(org: Organization, restrictProviderAccess: boolean): boolean {
+  canEditItems(org: Organization): boolean {
    if (org != null && org.id !== this.organizationId) {
      throw new Error(
        "Id of the organization provided does not match the org id of the collection.",
      );
    }

-    return (
-      org?.canEditAllCiphers(restrictProviderAccess) ||
-      this.manage ||
-      (this.assigned && !this.readOnly)
-    );
+    return org?.canEditAllCiphers || this.manage || (this.assigned && !this.readOnly);
  }

  /**