From aacabf5bdf5b1ffc26c97713e803f83d6a378bc5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rui=20Tom=C3=A9?=
 <108268980+r-tome@users.noreply.github.com>
Date: Thu, 20 Apr 2023 16:33:29 +0100
Subject: [PATCH] [AC-1340] [Defect] Provider users unable to delete vault
 items for client organizations (#5242)

* [AC-1340] Calling Cipher DeleteAdmin endpoints when user has canEditAnyCollection permission

* [AC-1340] Fixed CLI and Desktop builds

* [AC-1340] Changed CipherService delete methods parameter 'orgAdmin' to 'asAdmin' and to nullable

* [AC-1340] Changed variable names from 'orgAdmin' to 'asAdmin'

* [AC-1340] Reverted change on DeleteCommand
---
 .../bulk-delete-dialog.component.ts           |  5 +--
 .../app/vault/org-vault/vault.component.ts    |  5 +--
 .../vault/components/add-edit.component.ts    |  5 +--
 .../src/vault/abstractions/cipher.service.ts  |  8 ++---
 .../src/vault/services/cipher.service.ts      | 35 ++++++++++++++-----
 5 files changed, 40 insertions(+), 18 deletions(-)

diff --git a/apps/web/src/app/vault/individual-vault/bulk-action-dialogs/bulk-delete-dialog/bulk-delete-dialog.component.ts b/apps/web/src/app/vault/individual-vault/bulk-action-dialogs/bulk-delete-dialog/bulk-delete-dialog.component.ts
index af8bfc142bb..549af2fc50a 100644
--- a/apps/web/src/app/vault/individual-vault/bulk-action-dialogs/bulk-delete-dialog/bulk-delete-dialog.component.ts
+++ b/apps/web/src/app/vault/individual-vault/bulk-action-dialogs/bulk-delete-dialog/bulk-delete-dialog.component.ts
@@ -99,10 +99,11 @@ export class BulkDeleteDialogComponent {
   };
 
   private async deleteCiphers(): Promise<any> {
+    const asAdmin = this.organization?.canEditAnyCollection;
     if (this.permanent) {
-      await this.cipherService.deleteManyWithServer(this.cipherIds);
+      await this.cipherService.deleteManyWithServer(this.cipherIds, asAdmin);
     } else {
-      await this.cipherService.softDeleteManyWithServer(this.cipherIds);
+      await this.cipherService.softDeleteManyWithServer(this.cipherIds, asAdmin);
     }
   }
 
diff --git a/apps/web/src/app/vault/org-vault/vault.component.ts b/apps/web/src/app/vault/org-vault/vault.component.ts
index 32f22ed409e..3e922267985 100644
--- a/apps/web/src/app/vault/org-vault/vault.component.ts
+++ b/apps/web/src/app/vault/org-vault/vault.component.ts
@@ -900,9 +900,10 @@ export class VaultComponent implements OnInit, OnDestroy {
   }
 
   protected deleteCipherWithServer(id: string, permanent: boolean) {
+    const asAdmin = this.organization?.canEditAnyCollection;
     return permanent
-      ? this.cipherService.deleteWithServer(id)
-      : this.cipherService.softDeleteWithServer(id);
+      ? this.cipherService.deleteWithServer(id, asAdmin)
+      : this.cipherService.softDeleteWithServer(id, asAdmin);
   }
 
   protected async repromptCipher(ciphers: CipherView[]) {
diff --git a/libs/angular/src/vault/components/add-edit.component.ts b/libs/angular/src/vault/components/add-edit.component.ts
index 98cc02de1de..ae6e95f12a5 100644
--- a/libs/angular/src/vault/components/add-edit.component.ts
+++ b/libs/angular/src/vault/components/add-edit.component.ts
@@ -603,9 +603,10 @@ export class AddEditComponent implements OnInit, OnDestroy {
   }
 
   protected deleteCipher() {
+    const asAdmin = this.organization?.canEditAnyCollection;
     return this.cipher.isDeleted
-      ? this.cipherService.deleteWithServer(this.cipher.id)
-      : this.cipherService.softDeleteWithServer(this.cipher.id);
+      ? this.cipherService.deleteWithServer(this.cipher.id, asAdmin)
+      : this.cipherService.softDeleteWithServer(this.cipher.id, asAdmin);
   }
 
   protected restoreCipher() {
diff --git a/libs/common/src/vault/abstractions/cipher.service.ts b/libs/common/src/vault/abstractions/cipher.service.ts
index b92ce7c29a8..60c0366f613 100644
--- a/libs/common/src/vault/abstractions/cipher.service.ts
+++ b/libs/common/src/vault/abstractions/cipher.service.ts
@@ -62,16 +62,16 @@ export abstract class CipherService {
   clear: (userId: string) => Promise<any>;
   moveManyWithServer: (ids: string[], folderId: string) => Promise<any>;
   delete: (id: string | string[]) => Promise<any>;
-  deleteWithServer: (id: string) => Promise<any>;
-  deleteManyWithServer: (ids: string[]) => Promise<any>;
+  deleteWithServer: (id: string, asAdmin?: boolean) => Promise<any>;
+  deleteManyWithServer: (ids: string[], asAdmin?: boolean) => Promise<any>;
   deleteAttachment: (id: string, attachmentId: string) => Promise<void>;
   deleteAttachmentWithServer: (id: string, attachmentId: string) => Promise<void>;
   sortCiphersByLastUsed: (a: CipherView, b: CipherView) => number;
   sortCiphersByLastUsedThenName: (a: CipherView, b: CipherView) => number;
   getLocaleSortingFunction: () => (a: CipherView, b: CipherView) => number;
   softDelete: (id: string | string[]) => Promise<any>;
-  softDeleteWithServer: (id: string) => Promise<any>;
-  softDeleteManyWithServer: (ids: string[]) => Promise<any>;
+  softDeleteWithServer: (id: string, asAdmin?: boolean) => Promise<any>;
+  softDeleteManyWithServer: (ids: string[], asAdmin?: boolean) => Promise<any>;
   restore: (
     cipher: { id: string; revisionDate: string } | { id: string; revisionDate: string }[]
   ) => Promise<any>;
diff --git a/libs/common/src/vault/services/cipher.service.ts b/libs/common/src/vault/services/cipher.service.ts
index 9d475976718..3a3a9aa634d 100644
--- a/libs/common/src/vault/services/cipher.service.ts
+++ b/libs/common/src/vault/services/cipher.service.ts
@@ -729,13 +729,22 @@ export class CipherService implements CipherServiceAbstraction {
     await this.stateService.setEncryptedCiphers(ciphers);
   }
 
-  async deleteWithServer(id: string): Promise<any> {
-    await this.apiService.deleteCipher(id);
+  async deleteWithServer(id: string, asAdmin = false): Promise<any> {
+    if (asAdmin) {
+      await this.apiService.deleteCipherAdmin(id);
+    } else {
+      await this.apiService.deleteCipher(id);
+    }
+
     await this.delete(id);
   }
 
-  async deleteManyWithServer(ids: string[]): Promise<any> {
-    await this.apiService.deleteManyCiphers(new CipherBulkDeleteRequest(ids));
+  async deleteManyWithServer(ids: string[], asAdmin = false): Promise<any> {
+    if (asAdmin) {
+      await this.apiService.deleteManyCiphersAdmin(new CipherBulkDeleteRequest(ids));
+    } else {
+      await this.apiService.deleteManyCiphers(new CipherBulkDeleteRequest(ids));
+    }
     await this.delete(ids);
   }
 
@@ -859,13 +868,23 @@ export class CipherService implements CipherServiceAbstraction {
     await this.stateService.setEncryptedCiphers(ciphers);
   }
 
-  async softDeleteWithServer(id: string): Promise<any> {
-    await this.apiService.putDeleteCipher(id);
+  async softDeleteWithServer(id: string, asAdmin = false): Promise<any> {
+    if (asAdmin) {
+      await this.apiService.putDeleteCipherAdmin(id);
+    } else {
+      await this.apiService.putDeleteCipher(id);
+    }
+
     await this.softDelete(id);
   }
 
-  async softDeleteManyWithServer(ids: string[]): Promise<any> {
-    await this.apiService.putDeleteManyCiphers(new CipherBulkDeleteRequest(ids));
+  async softDeleteManyWithServer(ids: string[], asAdmin = false): Promise<any> {
+    if (asAdmin) {
+      await this.apiService.putDeleteManyCiphersAdmin(new CipherBulkDeleteRequest(ids));
+    } else {
+      await this.apiService.putDeleteManyCiphers(new CipherBulkDeleteRequest(ids));
+    }
+
     await this.softDelete(ids);
   }