mirror of
https://github.com/bitwarden/browser
synced 2025-12-18 17:23:37 +00:00
[AC-1139] Reverted change that introduced ConfigService as a parameter to canAccessVaultTab
This commit is contained in:
Rui Tome
@@ -1,12 +1,11 @@
|
||||
import { Component, Input, OnInit } from "@angular/core";
|
||||
import { Observable, switchMap } from "rxjs";
|
||||
import { map, Observable } from "rxjs";
|
||||
|
||||
import {
|
||||
canAccessAdmin,
|
||||
OrganizationService,
|
||||
} from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
|
||||
import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction";
|
||||
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||
import { Utils } from "@bitwarden/common/platform/misc/utils";
|
||||
|
||||
@@ -15,11 +14,7 @@ import { Utils } from "@bitwarden/common/platform/misc/utils";
|
||||
templateUrl: "organization-switcher.component.html",
|
||||
})
|
||||
export class OrganizationSwitcherComponent implements OnInit {
|
||||
constructor(
|
||||
private organizationService: OrganizationService,
|
||||
private i18nService: I18nService,
|
||||
private configService: ConfigServiceAbstraction
|
||||
) {}
|
||||
constructor(private organizationService: OrganizationService, private i18nService: I18nService) {}
|
||||
|
||||
@Input() activeOrganization: Organization = null;
|
||||
organizations$: Observable<Organization[]>;
|
||||
@@ -28,10 +23,8 @@ export class OrganizationSwitcherComponent implements OnInit {
|
||||
|
||||
async ngOnInit() {
|
||||
this.organizations$ = this.organizationService.memberOrganizations$.pipe(
|
||||
switchMap(async (orgs) => {
|
||||
const canAccess = await canAccessAdmin(this.i18nService, this.configService);
|
||||
return canAccess ? orgs.sort(Utils.getSortFunction(this.i18nService, "name")) : orgs;
|
||||
})
|
||||
canAccessAdmin(this.i18nService),
|
||||
map((orgs) => orgs.sort(Utils.getSortFunction(this.i18nService, "name")))
|
||||
);
|
||||
|
||||
this.loaded = true;
|
||||
|
||||
@@ -9,7 +9,6 @@ import { mock, MockProxy } from "jest-mock-extended";
|
||||
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||
import { OrganizationUserType } from "@bitwarden/common/admin-console/enums";
|
||||
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
|
||||
import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction";
|
||||
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||
import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
|
||||
import { SyncService } from "@bitwarden/common/vault/abstractions/sync/sync.service.abstraction";
|
||||
@@ -53,8 +52,7 @@ describe("Organization Permissions Guard", () => {
|
||||
organizationService,
|
||||
mock<PlatformUtilsService>(),
|
||||
mock<I18nService>(),
|
||||
mock<SyncService>(),
|
||||
mock<ConfigServiceAbstraction>()
|
||||
mock<SyncService>()
|
||||
);
|
||||
});
|
||||
|
||||
|
||||
@@ -6,7 +6,6 @@ import {
|
||||
OrganizationService,
|
||||
} from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
|
||||
import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction";
|
||||
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||
import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
|
||||
import { SyncService } from "@bitwarden/common/vault/abstractions/sync/sync.service.abstraction";
|
||||
@@ -20,8 +19,7 @@ export class OrganizationPermissionsGuard implements CanActivate {
|
||||
private organizationService: OrganizationService,
|
||||
private platformUtilsService: PlatformUtilsService,
|
||||
private i18nService: I18nService,
|
||||
private syncService: SyncService,
|
||||
private configService: ConfigServiceAbstraction
|
||||
private syncService: SyncService
|
||||
) {}
|
||||
|
||||
async canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot) {
|
||||
@@ -44,12 +42,9 @@ export class OrganizationPermissionsGuard implements CanActivate {
|
||||
return this.router.createUrlTree(["/"]);
|
||||
}
|
||||
|
||||
const permissionsCallback: (
|
||||
organization: Organization,
|
||||
configService: ConfigServiceAbstraction
|
||||
) => Promise<boolean> = route.data?.organizationPermissions;
|
||||
const hasPermissions =
|
||||
permissionsCallback == null || (await permissionsCallback(org, this.configService));
|
||||
const permissionsCallback: (organization: Organization) => boolean =
|
||||
route.data?.organizationPermissions;
|
||||
const hasPermissions = permissionsCallback == null || permissionsCallback(org);
|
||||
|
||||
if (!hasPermissions) {
|
||||
// Handle linkable ciphers for organizations the user only has view access to
|
||||
@@ -65,7 +60,7 @@ export class OrganizationPermissionsGuard implements CanActivate {
|
||||
}
|
||||
|
||||
this.platformUtilsService.showToast("error", null, this.i18nService.t("accessDenied"));
|
||||
return (await canAccessOrgAdmin(org, this.configService))
|
||||
return canAccessOrgAdmin(org)
|
||||
? this.router.createUrlTree(["/organizations", org.id])
|
||||
: this.router.createUrlTree(["/"]);
|
||||
}
|
||||
|
||||
@@ -5,31 +5,26 @@ import {
|
||||
canAccessOrgAdmin,
|
||||
OrganizationService,
|
||||
} from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||
import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction";
|
||||
|
||||
@Injectable({
|
||||
providedIn: "root",
|
||||
})
|
||||
export class OrganizationRedirectGuard implements CanActivate {
|
||||
constructor(
|
||||
private router: Router,
|
||||
private organizationService: OrganizationService,
|
||||
private configService: ConfigServiceAbstraction
|
||||
) {}
|
||||
constructor(private router: Router, private organizationService: OrganizationService) {}
|
||||
|
||||
async canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot) {
|
||||
const org = this.organizationService.get(route.params.organizationId);
|
||||
|
||||
const customRedirect = route.data?.autoRedirectCallback;
|
||||
if (customRedirect) {
|
||||
let redirectPath = await customRedirect(org, this.configService);
|
||||
let redirectPath = customRedirect(org);
|
||||
if (typeof redirectPath === "string") {
|
||||
redirectPath = [redirectPath];
|
||||
}
|
||||
return this.router.createUrlTree([state.url, ...redirectPath]);
|
||||
}
|
||||
|
||||
if (await canAccessOrgAdmin(org, this.configService)) {
|
||||
if (canAccessOrgAdmin(org)) {
|
||||
return this.router.createUrlTree(["/organizations", org.id]);
|
||||
}
|
||||
return this.router.createUrlTree(["/"]);
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
[activeOrganization]="organization"
|
||||
></app-organization-switcher>
|
||||
<bit-tab-nav-bar class="-tw-mb-px">
|
||||
<bit-tab-link *ngIf="canShowVaultTab(organization) | async" route="vault">{{
|
||||
<bit-tab-link *ngIf="canShowVaultTab(organization)" route="vault">{{
|
||||
"vault" | i18n
|
||||
}}</bit-tab-link>
|
||||
<bit-tab-link *ngIf="canShowMembersTab(organization)" route="members">{{
|
||||
|
||||
@@ -13,8 +13,6 @@ import {
|
||||
OrganizationService,
|
||||
} from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
|
||||
import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
|
||||
import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction";
|
||||
|
||||
@Component({
|
||||
selector: "app-organization-layout",
|
||||
@@ -24,21 +22,12 @@ export class OrganizationLayoutComponent implements OnInit, OnDestroy {
|
||||
organization$: Observable<Organization>;
|
||||
|
||||
private _destroy = new Subject<void>();
|
||||
private flexibleCollectionsEnabled: boolean;
|
||||
|
||||
constructor(
|
||||
private route: ActivatedRoute,
|
||||
private organizationService: OrganizationService,
|
||||
private configService: ConfigServiceAbstraction
|
||||
) {}
|
||||
constructor(private route: ActivatedRoute, private organizationService: OrganizationService) {}
|
||||
|
||||
async ngOnInit() {
|
||||
ngOnInit() {
|
||||
document.body.classList.remove("layout_frontend");
|
||||
|
||||
this.flexibleCollectionsEnabled = await this.configService.getFeatureFlag(
|
||||
FeatureFlag.FlexibleCollections
|
||||
);
|
||||
|
||||
this.organization$ = this.route.params
|
||||
.pipe(takeUntil(this._destroy))
|
||||
.pipe<string>(map((p) => p.organizationId))
|
||||
@@ -56,8 +45,8 @@ export class OrganizationLayoutComponent implements OnInit, OnDestroy {
|
||||
this._destroy.complete();
|
||||
}
|
||||
|
||||
async canShowVaultTab(organization: Organization): Promise<boolean> {
|
||||
return await canAccessVaultTab(organization, this.configService);
|
||||
canShowVaultTab(organization: Organization): boolean {
|
||||
return canAccessVaultTab(organization);
|
||||
}
|
||||
|
||||
canShowSettingsTab(organization: Organization): boolean {
|
||||
|
||||
@@ -11,7 +11,6 @@ import {
|
||||
canAccessSettingsTab,
|
||||
} from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
|
||||
import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction";
|
||||
|
||||
import { OrganizationPermissionsGuard } from "../../admin-console/organizations/guards/org-permissions.guard";
|
||||
import { OrganizationRedirectGuard } from "../../admin-console/organizations/guards/org-redirect.guard";
|
||||
@@ -80,11 +79,8 @@ const routes: Routes = [
|
||||
},
|
||||
];
|
||||
|
||||
async function getOrganizationRoute(
|
||||
organization: Organization,
|
||||
configService: ConfigServiceAbstraction
|
||||
): Promise<string> {
|
||||
if (await canAccessVaultTab(organization, configService)) {
|
||||
function getOrganizationRoute(organization: Organization): string {
|
||||
if (canAccessVaultTab(organization)) {
|
||||
return "vault";
|
||||
}
|
||||
if (canAccessMembersTab(organization)) {
|
||||
|
||||
@@ -22,15 +22,9 @@
|
||||
class="nav-item"
|
||||
routerLinkActive="active"
|
||||
>
|
||||
<ng-container *ngIf="{ orgs: organizations$ | async } as data">
|
||||
<a
|
||||
*ngIf="data.orgs?.length > 0"
|
||||
class="nav-link"
|
||||
[routerLink]="['/organizations', data.orgs[0].id]"
|
||||
>
|
||||
{{ "organizations" | i18n }}
|
||||
</a>
|
||||
</ng-container>
|
||||
<a class="nav-link" [routerLink]="['/organizations', (organizations$ | async)[0].id]">{{
|
||||
"organizations" | i18n
|
||||
}}</a>
|
||||
</li>
|
||||
<ng-container *ngIf="providers.length >= 1">
|
||||
<li class="nav-item" routerLinkActive="active" *ngIf="providers.length == 1">
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
import { Component, OnInit } from "@angular/core";
|
||||
import { map, Observable, switchMap } from "rxjs";
|
||||
import { map, Observable } from "rxjs";
|
||||
|
||||
import { VaultTimeoutSettingsService } from "@bitwarden/common/abstractions/vault-timeout/vault-timeout-settings.service";
|
||||
import {
|
||||
@@ -11,7 +11,6 @@ import { Organization } from "@bitwarden/common/admin-console/models/domain/orga
|
||||
import { TokenService } from "@bitwarden/common/auth/abstractions/token.service";
|
||||
import { VaultTimeoutAction } from "@bitwarden/common/enums/vault-timeout-action.enum";
|
||||
import { Provider } from "@bitwarden/common/models/domain/provider";
|
||||
import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction";
|
||||
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||
import { MessagingService } from "@bitwarden/common/platform/abstractions/messaging.service";
|
||||
import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
|
||||
@@ -39,8 +38,7 @@ export class NavbarComponent implements OnInit {
|
||||
private syncService: SyncService,
|
||||
private organizationService: OrganizationService,
|
||||
private vaultTimeoutSettingsService: VaultTimeoutSettingsService,
|
||||
private i18nService: I18nService,
|
||||
private configService: ConfigServiceAbstraction
|
||||
private i18nService: I18nService
|
||||
) {
|
||||
this.selfHosted = this.platformUtilsService.isSelfHost();
|
||||
}
|
||||
@@ -60,10 +58,7 @@ export class NavbarComponent implements OnInit {
|
||||
this.providers = await this.providerService.getAll();
|
||||
|
||||
this.organizations$ = this.organizationService.memberOrganizations$.pipe(
|
||||
switchMap(async (orgs) => {
|
||||
const isAdmin = await canAccessAdmin(this.i18nService, this.configService);
|
||||
return isAdmin ? orgs : [];
|
||||
})
|
||||
canAccessAdmin(this.i18nService)
|
||||
);
|
||||
this.canLock$ = this.vaultTimeoutSettingsService
|
||||
.availableVaultTimeoutActions$()
|
||||
|
||||
@@ -6,7 +6,6 @@ import {
|
||||
OrganizationService,
|
||||
canAccessVaultTab,
|
||||
} from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||
import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction";
|
||||
import { ImportComponent } from "@bitwarden/importer/ui";
|
||||
|
||||
import { SharedModule } from "../../shared";
|
||||
@@ -24,8 +23,7 @@ export class ImportWebComponent implements OnInit {
|
||||
constructor(
|
||||
private route: ActivatedRoute,
|
||||
private organizationService: OrganizationService,
|
||||
private router: Router,
|
||||
private configService: ConfigServiceAbstraction
|
||||
private router: Router
|
||||
) {}
|
||||
|
||||
ngOnInit(): void {
|
||||
@@ -46,7 +44,7 @@ export class ImportWebComponent implements OnInit {
|
||||
return;
|
||||
}
|
||||
|
||||
if (await canAccessVaultTab(organization, this.configService)) {
|
||||
if (canAccessVaultTab(organization)) {
|
||||
await this.router.navigate(["organizations", organizationId, "vault"]);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -33,7 +33,7 @@ export class CollectionAdminView extends CollectionView {
|
||||
|
||||
override canEdit(org: Organization, flexibleCollectionsEnabled: boolean): boolean {
|
||||
if (flexibleCollectionsEnabled) {
|
||||
return org?.canEditAnyCollection || this.assigned;
|
||||
return org?.canEditAnyCollection;
|
||||
} else {
|
||||
return org?.canEditAnyCollection || (org?.canEditAssignedCollections && this.assigned);
|
||||
}
|
||||
|
||||
@@ -1,26 +1,12 @@
|
||||
import { map, Observable } from "rxjs";
|
||||
|
||||
import { FeatureFlag } from "../../../enums/feature-flag.enum";
|
||||
import { ConfigServiceAbstraction } from "../../../platform/abstractions/config/config.service.abstraction";
|
||||
import { I18nService } from "../../../platform/abstractions/i18n.service";
|
||||
import { Utils } from "../../../platform/misc/utils";
|
||||
import { OrganizationData } from "../../models/data/organization.data";
|
||||
import { Organization } from "../../models/domain/organization";
|
||||
|
||||
export async function canAccessVaultTab(
|
||||
org: Organization,
|
||||
configService: ConfigServiceAbstraction
|
||||
): Promise<boolean> {
|
||||
const flexibleCollectionsEnabled = await configService.getFeatureFlag(
|
||||
FeatureFlag.FlexibleCollections,
|
||||
false
|
||||
);
|
||||
|
||||
if (flexibleCollectionsEnabled) {
|
||||
return org.canViewAllCollections;
|
||||
} else {
|
||||
return org.canViewAssignedCollections || org.canViewAllCollections;
|
||||
}
|
||||
export function canAccessVaultTab(org: Organization): boolean {
|
||||
return org.canViewAssignedCollections || org.canViewAllCollections;
|
||||
}
|
||||
|
||||
export function canAccessSettingsTab(org: Organization): boolean {
|
||||
@@ -50,17 +36,14 @@ export function canAccessBillingTab(org: Organization): boolean {
|
||||
return org.isOwner;
|
||||
}
|
||||
|
||||
export async function canAccessOrgAdmin(
|
||||
org: Organization,
|
||||
configService: ConfigServiceAbstraction
|
||||
): Promise<boolean> {
|
||||
export function canAccessOrgAdmin(org: Organization): boolean {
|
||||
return (
|
||||
canAccessMembersTab(org) ||
|
||||
canAccessGroupsTab(org) ||
|
||||
canAccessReportingTab(org) ||
|
||||
canAccessBillingTab(org) ||
|
||||
canAccessSettingsTab(org) ||
|
||||
(await canAccessVaultTab(org, configService))
|
||||
canAccessVaultTab(org)
|
||||
);
|
||||
}
|
||||
|
||||
@@ -68,18 +51,10 @@ export function getOrganizationById(id: string) {
|
||||
return map<Organization[], Organization | undefined>((orgs) => orgs.find((o) => o.id === id));
|
||||
}
|
||||
|
||||
export async function canAccessAdmin(
|
||||
i18nService: I18nService,
|
||||
configService: ConfigServiceAbstraction
|
||||
) {
|
||||
return async (orgs: Organization[]): Promise<Organization[]> => {
|
||||
const orgsPromises = orgs.map(async (org) => {
|
||||
const canAccess = await canAccessOrgAdmin(org, configService);
|
||||
return canAccess ? org : null;
|
||||
});
|
||||
const results = (await Promise.all(orgsPromises)).filter((org) => org !== null);
|
||||
return results.sort(Utils.getSortFunction(i18nService, "name"));
|
||||
};
|
||||
export function canAccessAdmin(i18nService: I18nService) {
|
||||
return map<Organization[], Organization[]>((orgs) =>
|
||||
orgs.filter(canAccessOrgAdmin).sort(Utils.getSortFunction(i18nService, "name"))
|
||||
);
|
||||
}
|
||||
|
||||
export function canAccessImportExport(i18nService: I18nService) {
|
||||
|
||||
Reference in New Issue
Block a user