diff --git a/apps/web/src/app/admin-console/components/organization-switcher.component.ts b/apps/web/src/app/admin-console/components/organization-switcher.component.ts index cc7046e3b5f..a1c3cfd51da 100644 --- a/apps/web/src/app/admin-console/components/organization-switcher.component.ts +++ b/apps/web/src/app/admin-console/components/organization-switcher.component.ts @@ -1,12 +1,11 @@ import { Component, Input, OnInit } from "@angular/core"; -import { combineLatest, map, Observable } from "rxjs"; +import { Observable, switchMap } from "rxjs"; import { canAccessAdmin, OrganizationService, } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction"; import { Organization } from "@bitwarden/common/admin-console/models/domain/organization"; -import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction"; import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; import { Utils } from "@bitwarden/common/platform/misc/utils"; @@ -28,13 +27,10 @@ export class OrganizationSwitcherComponent implements OnInit { loaded = false; async ngOnInit() { - this.organizations$ = combineLatest([ - this.organizationService.memberOrganizations$, - this.configService.getFeatureFlag$(FeatureFlag.FlexibleCollections, false), - ]).pipe( - map(([orgs, flexibleCollectionsEnabled]) => { - const canAccess = canAccessAdmin(this.i18nService, flexibleCollectionsEnabled); - return canAccess ? orgs.sort(Utils.getSortFunction(this.i18nService, "name")) : []; + this.organizations$ = this.organizationService.memberOrganizations$.pipe( + switchMap(async (orgs) => { + const canAccess = await canAccessAdmin(this.i18nService, this.configService); + return canAccess ? orgs.sort(Utils.getSortFunction(this.i18nService, "name")) : orgs; }) ); diff --git a/apps/web/src/app/admin-console/organizations/guards/org-permissions.guard.ts b/apps/web/src/app/admin-console/organizations/guards/org-permissions.guard.ts index 8d671ec2d14..509b173c5a4 100644 --- a/apps/web/src/app/admin-console/organizations/guards/org-permissions.guard.ts +++ b/apps/web/src/app/admin-console/organizations/guards/org-permissions.guard.ts @@ -6,7 +6,6 @@ import { OrganizationService, } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction"; import { Organization } from "@bitwarden/common/admin-console/models/domain/organization"; -import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction"; import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service"; import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service"; @@ -45,17 +44,12 @@ export class OrganizationPermissionsGuard implements CanActivate { return this.router.createUrlTree(["/"]); } - const flexibleCollectionsEnabled = await this.configService.getFeatureFlag( - FeatureFlag.FlexibleCollections, - false - ); - const permissionsCallback: ( organization: Organization, - flexibleCollectionsEnabled: boolean - ) => boolean = route.data?.organizationPermissions; + configService: ConfigServiceAbstraction + ) => Promise = route.data?.organizationPermissions; const hasPermissions = - permissionsCallback == null || permissionsCallback(org, flexibleCollectionsEnabled); + permissionsCallback == null || (await permissionsCallback(org, this.configService)); if (!hasPermissions) { // Handle linkable ciphers for organizations the user only has view access to @@ -71,7 +65,7 @@ export class OrganizationPermissionsGuard implements CanActivate { } this.platformUtilsService.showToast("error", null, this.i18nService.t("accessDenied")); - return canAccessOrgAdmin(org, flexibleCollectionsEnabled) + return (await canAccessOrgAdmin(org, this.configService)) ? this.router.createUrlTree(["/organizations", org.id]) : this.router.createUrlTree(["/"]); } diff --git a/apps/web/src/app/admin-console/organizations/guards/org-redirect.guard.ts b/apps/web/src/app/admin-console/organizations/guards/org-redirect.guard.ts index 3c1d14e7c2c..6efe46691c3 100644 --- a/apps/web/src/app/admin-console/organizations/guards/org-redirect.guard.ts +++ b/apps/web/src/app/admin-console/organizations/guards/org-redirect.guard.ts @@ -5,7 +5,6 @@ import { canAccessOrgAdmin, OrganizationService, } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction"; -import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction"; @Injectable({ @@ -20,21 +19,17 @@ export class OrganizationRedirectGuard implements CanActivate { async canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot) { const org = this.organizationService.get(route.params.organizationId); - const flexibleCollectionsEnabled = await this.configService.getFeatureFlag( - FeatureFlag.FlexibleCollections, - false - ); const customRedirect = route.data?.autoRedirectCallback; if (customRedirect) { - let redirectPath = customRedirect(org, flexibleCollectionsEnabled); + let redirectPath = await customRedirect(org, this.configService); if (typeof redirectPath === "string") { redirectPath = [redirectPath]; } return this.router.createUrlTree([state.url, ...redirectPath]); } - if (canAccessOrgAdmin(org, flexibleCollectionsEnabled)) { + if (await canAccessOrgAdmin(org, this.configService)) { return this.router.createUrlTree(["/organizations", org.id]); } return this.router.createUrlTree(["/"]); diff --git a/apps/web/src/app/admin-console/organizations/layouts/organization-layout.component.html b/apps/web/src/app/admin-console/organizations/layouts/organization-layout.component.html index 0d537a4b2a3..e75da035787 100644 --- a/apps/web/src/app/admin-console/organizations/layouts/organization-layout.component.html +++ b/apps/web/src/app/admin-console/organizations/layouts/organization-layout.component.html @@ -7,7 +7,7 @@ [activeOrganization]="organization" > - {{ + {{ "vault" | i18n }} {{ diff --git a/apps/web/src/app/admin-console/organizations/layouts/organization-layout.component.ts b/apps/web/src/app/admin-console/organizations/layouts/organization-layout.component.ts index 47d9df042da..1f59e8bd9a8 100644 --- a/apps/web/src/app/admin-console/organizations/layouts/organization-layout.component.ts +++ b/apps/web/src/app/admin-console/organizations/layouts/organization-layout.component.ts @@ -56,8 +56,8 @@ export class OrganizationLayoutComponent implements OnInit, OnDestroy { this._destroy.complete(); } - canShowVaultTab(organization: Organization): boolean { - return canAccessVaultTab(organization, this.flexibleCollectionsEnabled); + async canShowVaultTab(organization: Organization): Promise { + return await canAccessVaultTab(organization, this.configService); } canShowSettingsTab(organization: Organization): boolean { diff --git a/apps/web/src/app/admin-console/organizations/organization-routing.module.ts b/apps/web/src/app/admin-console/organizations/organization-routing.module.ts index 7e59cc9c7fe..1538be8db44 100644 --- a/apps/web/src/app/admin-console/organizations/organization-routing.module.ts +++ b/apps/web/src/app/admin-console/organizations/organization-routing.module.ts @@ -11,6 +11,7 @@ import { canAccessSettingsTab, } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction"; import { Organization } from "@bitwarden/common/admin-console/models/domain/organization"; +import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction"; import { OrganizationPermissionsGuard } from "../../admin-console/organizations/guards/org-permissions.guard"; import { OrganizationRedirectGuard } from "../../admin-console/organizations/guards/org-redirect.guard"; @@ -78,11 +79,11 @@ const routes: Routes = [ }, ]; -function getOrganizationRoute( +async function getOrganizationRoute( organization: Organization, - flexibleCollectionsEnabled: boolean -): string { - if (canAccessVaultTab(organization, flexibleCollectionsEnabled)) { + configService: ConfigServiceAbstraction +): Promise { + if (await canAccessVaultTab(organization, configService)) { return "vault"; } if (canAccessMembersTab(organization)) { diff --git a/apps/web/src/app/layouts/navbar.component.html b/apps/web/src/app/layouts/navbar.component.html index cecd5599abd..b1202199fac 100644 --- a/apps/web/src/app/layouts/navbar.component.html +++ b/apps/web/src/app/layouts/navbar.component.html @@ -22,9 +22,15 @@ class="nav-item" routerLinkActive="active" > - {{ - "organizations" | i18n - }} + + + {{ "organizations" | i18n }} + +
  • diff --git a/apps/web/src/app/layouts/navbar.component.ts b/apps/web/src/app/layouts/navbar.component.ts index e1aa93b501a..dd70bdb0690 100644 --- a/apps/web/src/app/layouts/navbar.component.ts +++ b/apps/web/src/app/layouts/navbar.component.ts @@ -1,5 +1,5 @@ import { Component, OnInit } from "@angular/core"; -import { combineLatest, map, Observable } from "rxjs"; +import { map, Observable, switchMap } from "rxjs"; import { VaultTimeoutSettingsService } from "@bitwarden/common/abstractions/vault-timeout/vault-timeout-settings.service"; import { @@ -9,7 +9,6 @@ import { import { ProviderService } from "@bitwarden/common/admin-console/abstractions/provider.service"; import { Organization } from "@bitwarden/common/admin-console/models/domain/organization"; import { TokenService } from "@bitwarden/common/auth/abstractions/token.service"; -import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; import { VaultTimeoutAction } from "@bitwarden/common/enums/vault-timeout-action.enum"; import { Provider } from "@bitwarden/common/models/domain/provider"; import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction"; @@ -60,13 +59,10 @@ export class NavbarComponent implements OnInit { } this.providers = await this.providerService.getAll(); - this.organizations$ = combineLatest([ - this.organizationService.memberOrganizations$, - this.configService.getFeatureFlag$(FeatureFlag.FlexibleCollections, false), - ]).pipe( - map(([organizations, featureFlag]) => { - const canAccess = canAccessAdmin(this.i18nService, featureFlag); - return canAccess ? organizations : []; + this.organizations$ = this.organizationService.memberOrganizations$.pipe( + switchMap(async (orgs) => { + const isAdmin = await canAccessAdmin(this.i18nService, this.configService); + return isAdmin ? orgs : []; }) ); this.canLock$ = this.vaultTimeoutSettingsService diff --git a/apps/web/src/app/tools/import/import-web.component.ts b/apps/web/src/app/tools/import/import-web.component.ts index 84ac3b0332b..a78951ea736 100644 --- a/apps/web/src/app/tools/import/import-web.component.ts +++ b/apps/web/src/app/tools/import/import-web.component.ts @@ -6,7 +6,6 @@ import { OrganizationService, canAccessVaultTab, } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction"; -import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum"; import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction"; import { ImportComponent } from "@bitwarden/importer/ui"; @@ -22,8 +21,6 @@ export class ImportWebComponent implements OnInit { protected loading = false; protected disabled = false; - private flexibleCollectionsEnabled: boolean; - constructor( private route: ActivatedRoute, private organizationService: OrganizationService, @@ -31,11 +28,8 @@ export class ImportWebComponent implements OnInit { private configService: ConfigServiceAbstraction ) {} - async ngOnInit() { + ngOnInit(): void { this.routeOrgId = this.route.snapshot.paramMap.get("organizationId"); - this.flexibleCollectionsEnabled = await this.configService.getFeatureFlag( - FeatureFlag.FlexibleCollections - ); } /** @@ -52,7 +46,7 @@ export class ImportWebComponent implements OnInit { return; } - if (canAccessVaultTab(organization, this.flexibleCollectionsEnabled)) { + if (await canAccessVaultTab(organization, this.configService)) { await this.router.navigate(["organizations", organizationId, "vault"]); } } diff --git a/apps/web/src/app/vault/components/collection-dialog/collection-dialog.component.ts b/apps/web/src/app/vault/components/collection-dialog/collection-dialog.component.ts index cb70913ac7d..6e36fc975e5 100644 --- a/apps/web/src/app/vault/components/collection-dialog/collection-dialog.component.ts +++ b/apps/web/src/app/vault/components/collection-dialog/collection-dialog.component.ts @@ -319,7 +319,7 @@ export class CollectionDialogComponent implements OnInit, OnDestroy { protected canDelete$ = this.flexibleCollectionsEnabled$.pipe( switchMap(async (flexibleCollectionsEnabled) => { return ( - this.editMode && this.collection?.canDelete(this.organization!, flexibleCollectionsEnabled) + this.editMode && this.collection.canDelete(this.organization, flexibleCollectionsEnabled) ); }) ); diff --git a/libs/common/src/admin-console/abstractions/organization/organization.service.abstraction.ts b/libs/common/src/admin-console/abstractions/organization/organization.service.abstraction.ts index d722adbbadb..6bb9acf9611 100644 --- a/libs/common/src/admin-console/abstractions/organization/organization.service.abstraction.ts +++ b/libs/common/src/admin-console/abstractions/organization/organization.service.abstraction.ts @@ -1,11 +1,21 @@ import { map, Observable } from "rxjs"; +import { FeatureFlag } from "../../../enums/feature-flag.enum"; +import { ConfigServiceAbstraction } from "../../../platform/abstractions/config/config.service.abstraction"; import { I18nService } from "../../../platform/abstractions/i18n.service"; import { Utils } from "../../../platform/misc/utils"; import { OrganizationData } from "../../models/data/organization.data"; import { Organization } from "../../models/domain/organization"; -export function canAccessVaultTab(org: Organization, flexibleCollectionsEnabled: boolean): boolean { +export async function canAccessVaultTab( + org: Organization, + configService: ConfigServiceAbstraction +): Promise { + const flexibleCollectionsEnabled = await configService.getFeatureFlag( + FeatureFlag.FlexibleCollections, + false + ); + if (flexibleCollectionsEnabled) { return org.canViewAllCollections; } else { @@ -40,14 +50,17 @@ export function canAccessBillingTab(org: Organization): boolean { return org.isOwner; } -export function canAccessOrgAdmin(org: Organization, flexibleCollectionsEnabled: boolean): boolean { +export async function canAccessOrgAdmin( + org: Organization, + configService: ConfigServiceAbstraction +): Promise { return ( canAccessMembersTab(org) || canAccessGroupsTab(org) || canAccessReportingTab(org) || canAccessBillingTab(org) || canAccessSettingsTab(org) || - canAccessVaultTab(org, flexibleCollectionsEnabled) + (await canAccessVaultTab(org, configService)) ); } @@ -55,12 +68,18 @@ export function getOrganizationById(id: string) { return map((orgs) => orgs.find((o) => o.id === id)); } -export function canAccessAdmin(i18nService: I18nService, flexibleCollectionsEnabled: boolean) { - return map((orgs) => - orgs - .filter((org) => canAccessOrgAdmin(org, flexibleCollectionsEnabled)) - .sort(Utils.getSortFunction(i18nService, "name")) - ); +export async function canAccessAdmin( + i18nService: I18nService, + configService: ConfigServiceAbstraction +) { + return async (orgs: Organization[]): Promise => { + const orgsPromises = orgs.map(async (org) => { + const canAccess = await canAccessOrgAdmin(org, configService); + return canAccess ? org : null; + }); + const results = (await Promise.all(orgsPromises)).filter((org) => org !== null); + return results.sort(Utils.getSortFunction(i18nService, "name")); + }; } export function canAccessImportExport(i18nService: I18nService) {