From d804a78bfbf5a6b92756cf0fd5db2deaa1bc968b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rui=20Tom=C3=A9?=
 <108268980+r-tome@users.noreply.github.com>
Date: Mon, 4 Nov 2024 16:37:24 +0000
Subject: [PATCH] [PM-11406] Account Management: Prevent a verified user from
 deleting their account (#11505)

* Update AccountService to include a method for setting the managedByOrganizationId

* Update AccountComponent to conditionally show the purgeVault button based on a feature flag and if the user is managed by an organization

* Add missing method to FakeAccountService

* Remove the setAccountManagedByOrganizationId method from the AccountService abstract class.

* Refactor AccountComponent to use OrganizationService to check for managing organization

* Rename managesActiveUser to userIsManagedByOrganization

* Hide the change email section if the user is managed by an organization

* Refactor userIsManagedByOrganization property to be non-nullable in organization data and response models

* Refactor organization.data.spec.ts to include non-nullable userIsManagedByOrganization property

* Refactor account component to conditionally show delete account button based on user's organization management status

* Add showDeleteAccount$ observable to AccountComponent
---
 .../app/auth/settings/account/account.component.html  |  8 +++++++-
 .../app/auth/settings/account/account.component.ts    | 11 +++++++++++
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/apps/web/src/app/auth/settings/account/account.component.html b/apps/web/src/app/auth/settings/account/account.component.html
index a5e5329fce7..4055f14219c 100644
--- a/apps/web/src/app/auth/settings/account/account.component.html
+++ b/apps/web/src/app/auth/settings/account/account.component.html
@@ -21,7 +21,13 @@
     >
       {{ "purgeVault" | i18n }}
     </button>
-    <button type="button" bitButton buttonType="danger" [bitAction]="deleteAccount">
+    <button
+      *ngIf="showDeleteAccount$ | async"
+      type="button"
+      bitButton
+      buttonType="danger"
+      [bitAction]="deleteAccount"
+    >
       {{ "deleteAccount" | i18n }}
     </button>
   </app-danger-zone>
diff --git a/apps/web/src/app/auth/settings/account/account.component.ts b/apps/web/src/app/auth/settings/account/account.component.ts
index 51bf4276960..eed88476e27 100644
--- a/apps/web/src/app/auth/settings/account/account.component.ts
+++ b/apps/web/src/app/auth/settings/account/account.component.ts
@@ -23,6 +23,7 @@ export class AccountComponent implements OnInit {
 
   showChangeEmail$: Observable<boolean>;
   showPurgeVault$: Observable<boolean>;
+  showDeleteAccount$: Observable<boolean>;
 
   constructor(
     private modalService: ModalService,
@@ -63,6 +64,16 @@ export class AccountComponent implements OnInit {
           !isAccountDeprovisioningEnabled || !userIsManagedByOrganization,
       ),
     );
+
+    this.showDeleteAccount$ = combineLatest([
+      isAccountDeprovisioningEnabled$,
+      userIsManagedByOrganization$,
+    ]).pipe(
+      map(
+        ([isAccountDeprovisioningEnabled, userIsManagedByOrganization]) =>
+          !isAccountDeprovisioningEnabled || !userIsManagedByOrganization,
+      ),
+    );
   }
 
   async deauthorizeSessions() {