mirror of
https://github.com/bitwarden/browser
synced 2025-12-13 06:43:35 +00:00
[PM-24689] Handle possible null active account (#16006)
This commit is contained in:
Shane Melton
GitHub
@@ -67,6 +67,13 @@ describe("RestrictedItemTypesService", () => {
|
|||||||
expect(result).toEqual([]);
|
expect(result).toEqual([]);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it("emits empty array if no account is active", async () => {
|
||||||
|
accountService.activeAccount$ = of(null);
|
||||||
|
|
||||||
|
const result = await firstValueFrom(service.restricted$);
|
||||||
|
expect(result).toEqual([]);
|
||||||
|
});
|
||||||
|
|
||||||
it("emits empty array if no organizations exist", async () => {
|
it("emits empty array if no organizations exist", async () => {
|
||||||
organizationService.organizations$.mockReturnValue(of([]));
|
organizationService.organizations$.mockReturnValue(of([]));
|
||||||
policyService.policiesByType$.mockReturnValue(of([]));
|
policyService.policiesByType$.mockReturnValue(of([]));
|
||||||
|
|||||||
@@ -5,7 +5,7 @@ import { OrganizationService } from "@bitwarden/common/admin-console/abstraction
|
|||||||
import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
|
import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
|
||||||
import { PolicyType } from "@bitwarden/common/admin-console/enums";
|
import { PolicyType } from "@bitwarden/common/admin-console/enums";
|
||||||
import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
|
import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
|
||||||
import { getUserId } from "@bitwarden/common/auth/services/account.service";
|
import { getOptionalUserId } from "@bitwarden/common/auth/services/account.service";
|
||||||
import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
|
import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
|
||||||
import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service";
|
import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service";
|
||||||
import { CipherType } from "@bitwarden/common/vault/enums";
|
import { CipherType } from "@bitwarden/common/vault/enums";
|
||||||
@@ -32,39 +32,43 @@ export class RestrictedItemTypesService {
|
|||||||
return of([]);
|
return of([]);
|
||||||
}
|
}
|
||||||
return this.accountService.activeAccount$.pipe(
|
return this.accountService.activeAccount$.pipe(
|
||||||
getUserId,
|
getOptionalUserId,
|
||||||
switchMap((userId) =>
|
switchMap((userId) => {
|
||||||
combineLatest([
|
if (userId == null) {
|
||||||
|
return of([]); // No user logged in, no restrictions
|
||||||
|
}
|
||||||
|
return combineLatest([
|
||||||
this.organizationService.organizations$(userId),
|
this.organizationService.organizations$(userId),
|
||||||
this.policyService.policiesByType$(PolicyType.RestrictedItemTypes, userId),
|
this.policyService.policiesByType$(PolicyType.RestrictedItemTypes, userId),
|
||||||
]),
|
]).pipe(
|
||||||
),
|
map(([orgs, enabledPolicies]) => {
|
||||||
map(([orgs, enabledPolicies]) => {
|
// Helper to extract restricted types, defaulting to [Card]
|
||||||
// Helper to extract restricted types, defaulting to [Card]
|
const restrictedTypes = (p: (typeof enabledPolicies)[number]) =>
|
||||||
const restrictedTypes = (p: (typeof enabledPolicies)[number]) =>
|
(p.data as CipherType[]) ?? [CipherType.Card];
|
||||||
(p.data as CipherType[]) ?? [CipherType.Card];
|
|
||||||
|
|
||||||
// Union across all enabled policies
|
// Union across all enabled policies
|
||||||
const allRestrictedTypes = Array.from(
|
const allRestrictedTypes = Array.from(
|
||||||
new Set(enabledPolicies.flatMap(restrictedTypes)),
|
new Set(enabledPolicies.flatMap(restrictedTypes)),
|
||||||
|
);
|
||||||
|
|
||||||
|
return allRestrictedTypes.map((cipherType) => {
|
||||||
|
// Determine which orgs allow viewing this type
|
||||||
|
const allowViewOrgIds = orgs
|
||||||
|
.filter((org) => {
|
||||||
|
const orgPolicy = enabledPolicies.find((p) => p.organizationId === org.id);
|
||||||
|
// no policy for this org => allows everything
|
||||||
|
if (!orgPolicy) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
// if this type not in their restricted list => they allow it
|
||||||
|
return !restrictedTypes(orgPolicy).includes(cipherType);
|
||||||
|
})
|
||||||
|
.map((org) => org.id);
|
||||||
|
|
||||||
|
return { cipherType, allowViewOrgIds };
|
||||||
|
});
|
||||||
|
}),
|
||||||
);
|
);
|
||||||
|
|
||||||
return allRestrictedTypes.map((cipherType) => {
|
|
||||||
// Determine which orgs allow viewing this type
|
|
||||||
const allowViewOrgIds = orgs
|
|
||||||
.filter((org) => {
|
|
||||||
const orgPolicy = enabledPolicies.find((p) => p.organizationId === org.id);
|
|
||||||
// no policy for this org => allows everything
|
|
||||||
if (!orgPolicy) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
// if this type not in their restricted list => they allow it
|
|
||||||
return !restrictedTypes(orgPolicy).includes(cipherType);
|
|
||||||
})
|
|
||||||
.map((org) => org.id);
|
|
||||||
|
|
||||||
return { cipherType, allowViewOrgIds };
|
|
||||||
});
|
|
||||||
}),
|
}),
|
||||||
);
|
);
|
||||||
}),
|
}),
|
||||||
|
|||||||
Reference in New Issue
Block a user