bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-17 08:43:33 +00:00
Code Issues Releases Wiki Activity

[EC-850] ProviderUser permissions should prevail over member permissions (#5162)

Browse Source 
* Apply provider permissions even if also member

* Add org.isMember

* Refactor: extract syncProfileOrganizations method

* Change isNotProvider logic to isMember

* Fix cascading org permissions

* Add memberOrganizations$ observable
This commit is contained in:
Thomas Rittson
2023-04-17 13:09:53 +10:00
committed by GitHub
parent fbbaf10488
commit ad0c460687
16 changed files with 99 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
libs/common/src/vault/services/sync/sync.service.ts
View File

@@ -314,24 +314,13 @@ export class SyncService implements SyncServiceAbstraction {
await this.stateService.setForcePasswordReset(response.forcePasswordReset);
await this.keyConnectorService.setUsesKeyConnector(response.usesKeyConnector);
const organizations: { [id: string]: OrganizationData } = {};
response.organizations.forEach((o) => {
organizations[o.id] = new OrganizationData(o);
});
await this.syncProfileOrganizations(response);
const providers: { [id: string]: ProviderData } = {};
response.providers.forEach((p) => {
providers[p.id] = new ProviderData(p);
});
response.providerOrganizations.forEach((o) => {
if (organizations[o.id] == null) {
organizations[o.id] = new OrganizationData(o);
organizations[o.id].isProviderUser = true;
}
});
await this.organizationService.replace(organizations);
await this.providerService.save(providers);
if (await this.keyConnectorService.userNeedsMigration()) {
@@ -342,6 +331,29 @@ export class SyncService implements SyncServiceAbstraction {
}
}
private async syncProfileOrganizations(response: ProfileResponse) {
const organizations: { [id: string]: OrganizationData } = {};
response.organizations.forEach((o) => {
organizations[o.id] = new OrganizationData(o, {
isMember: true,
isProviderUser: false,
});
});
response.providerOrganizations.forEach((o) => {
if (organizations[o.id] == null) {
organizations[o.id] = new OrganizationData(o, {
isMember: false,
isProviderUser: true,
});
} else {
organizations[o.id].isProviderUser = true;
}
});
await this.organizationService.replace(organizations);
}
private async syncFolders(response: FolderResponse[]) {
const folders: { [id: string]: FolderData } = {};
response.forEach((f) => {