Restructure the org-permissions guard to be Angular 17+ compliant (#9631)

* Document the `org-permissions` guard in code * Restructure the `org-permissions` guard to be Angular 17+ compliant * Update the `org-permissions` guard to use `ToastService` * Simplify callback function sigantures * Remove unused test object * Fix updated route from merge
2025-12-23 11:43:46 +00:00 · 2024-07-02 10:53:06 -04:00
parent 804cbe6da1
commit b7e3f5bc68
10 changed files with 129 additions and 123 deletions
--- a/bitwarden_license/bit-web/src/app/admin-console/organizations/organizations-routing.module.ts
+++ b/bitwarden_license/bit-web/src/app/admin-console/organizations/organizations-routing.module.ts
@@ -3,8 +3,7 @@ import { RouterModule, Routes } from "@angular/router";

 import { AuthGuard } from "@bitwarden/angular/auth/guards";
 import { canAccessSettingsTab } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
-import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
-import { OrganizationPermissionsGuard } from "@bitwarden/web-vault/app/admin-console/organizations/guards/org-permissions.guard";
+import { organizationPermissionsGuard } from "@bitwarden/web-vault/app/admin-console/organizations/guards/org-permissions.guard";
 import { OrganizationLayoutComponent } from "@bitwarden/web-vault/app/admin-console/organizations/layouts/organization-layout.component";

 import { SsoComponent } from "../../auth/sso/sso.component";
@@ -16,40 +15,34 @@ const routes: Routes = [
  {
    path: "organizations/:organizationId",
    component: OrganizationLayoutComponent,
-    canActivate: [AuthGuard, OrganizationPermissionsGuard],
+    canActivate: [AuthGuard, organizationPermissionsGuard()],
    children: [
      {
        path: "settings",
-        canActivate: [OrganizationPermissionsGuard],
-        data: {
-          organizationPermissions: canAccessSettingsTab,
-        },
+        canActivate: [organizationPermissionsGuard(canAccessSettingsTab)],
        children: [
          {
            path: "domain-verification",
            component: DomainVerificationComponent,
-            canActivate: [OrganizationPermissionsGuard],
+            canActivate: [organizationPermissionsGuard((org) => org.canManageDomainVerification)],
            data: {
              titleId: "domainVerification",
-              organizationPermissions: (org: Organization) => org.canManageDomainVerification,
            },
          },
          {
            path: "sso",
            component: SsoComponent,
-            canActivate: [OrganizationPermissionsGuard],
+            canActivate: [organizationPermissionsGuard((org) => org.canManageSso)],
            data: {
              titleId: "singleSignOn",
-              organizationPermissions: (org: Organization) => org.canManageSso,
            },
          },
          {
            path: "scim",
            component: ScimComponent,
-            canActivate: [OrganizationPermissionsGuard],
+            canActivate: [organizationPermissionsGuard((org) => org.canManageScim)],
            data: {
              titleId: "scim",
-              organizationPermissions: (org: Organization) => org.canManageScim,
            },
          },
          {
@@ -58,9 +51,8 @@ const routes: Routes = [
              import("./manage/device-approvals/device-approvals.component").then(
                (mod) => mod.DeviceApprovalsComponent,
              ),
-            canActivate: [OrganizationPermissionsGuard],
+            canActivate: [organizationPermissionsGuard((org) => org.canManageDeviceApprovals)],
            data: {
-              organizationPermissions: (org: Organization) => org.canManageDeviceApprovals,
              titleId: "deviceApprovals",
            },
          },
--- a/bitwarden_license/bit-web/src/app/secrets-manager/settings/settings-routing.module.ts
+++ b/bitwarden_license/bit-web/src/app/secrets-manager/settings/settings-routing.module.ts
@@ -1,8 +1,7 @@
 import { NgModule } from "@angular/core";
 import { RouterModule, Routes } from "@angular/router";

-import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
-import { OrganizationPermissionsGuard } from "@bitwarden/web-vault/app/admin-console/organizations/guards/org-permissions.guard";
+import { organizationPermissionsGuard } from "@bitwarden/web-vault/app/admin-console/organizations/guards/org-permissions.guard";

 import { SecretsManagerExportComponent } from "./porting/sm-export.component";
 import { SecretsManagerImportComponent } from "./porting/sm-import.component";
@@ -11,19 +10,17 @@ const routes: Routes = [
  {
    path: "import",
    component: SecretsManagerImportComponent,
-    canActivate: [OrganizationPermissionsGuard],
+    canActivate: [organizationPermissionsGuard((org) => org.isAdmin)],
    data: {
      titleId: "importData",
-      organizationPermissions: (org: Organization) => org.isAdmin,
    },
  },
  {
    path: "export",
    component: SecretsManagerExportComponent,
-    canActivate: [OrganizationPermissionsGuard],
+    canActivate: [organizationPermissionsGuard((org) => org.isAdmin)],
    data: {
      titleId: "exportData",
-      organizationPermissions: (org: Organization) => org.isAdmin,
    },
  },
 ];