[EC-850] ProviderUser permissions should prevail over member permissions (#5162)

* Apply provider permissions even if also member * Add org.isMember * Refactor: extract syncProfileOrganizations method * Change isNotProvider logic to isMember * Fix cascading org permissions * Add memberOrganizations$ observable
2025-12-21 18:53:29 +00:00 · 2023-04-17 13:09:53 +10:00
parent fbbaf10488
commit ad0c460687
16 changed files with 99 additions and 59 deletions
--- a/libs/common/src/admin-console/services/policy/policy.service.ts
+++ b/libs/common/src/admin-console/services/policy/policy.service.ts
@@ -260,7 +260,7 @@ export class PolicyService implements InternalPolicyServiceAbstraction {
    await this.stateService.setEncryptedPolicies(null, { userId: userId });
  }

-  private isExcemptFromPolicies(organization: Organization, policyType: PolicyType) {
+  private isExemptFromPolicies(organization: Organization, policyType: PolicyType) {
    if (policyType === PolicyType.MaximumVaultTimeout) {
      return organization.type === OrganizationUserType.Owner;
    }
@@ -291,7 +291,7 @@ export class PolicyService implements InternalPolicyServiceAbstraction {
        o.status >= OrganizationUserStatusType.Accepted &&
        o.usePolicies &&
        policySet.has(o.id) &&
-        !this.isExcemptFromPolicies(o, policyType)
+        !this.isExemptFromPolicies(o, policyType)
    );
  }
 }