diff --git a/apps/browser/src/dirt/phishing-detection/services/phishing-detection.service.ts b/apps/browser/src/dirt/phishing-detection/services/phishing-detection.service.ts index f4866a68299..7dee018c991 100644 --- a/apps/browser/src/dirt/phishing-detection/services/phishing-detection.service.ts +++ b/apps/browser/src/dirt/phishing-detection/services/phishing-detection.service.ts @@ -122,9 +122,12 @@ export class PhishingDetectionService { .pipe(switchMap((message) => BrowserApi.closeTab(message.tabId))); // The active account only has access if phishing detection is enabled in feature flags - // The active account has access to the phishing detection through one of the following sources + // The active account has access to the phishing detection through one of the following sources: // 1. Personal Premium subscription - // 2. An organization is a Family plan with usePhishingBlocker AND usersGetPremium enabled + // 2. Member of a Family organization (ProductTierType.Families) with BOTH: + // - usePhishingBlocker permission enabled + // - usersGetPremium permission enabled + // Note: Teams and Enterprise organizations are excluded per PM-29021 requirements const activeAccountHasAccess$ = combineLatest([ accountService.activeAccount$, configService.getFeatureFlag$(FeatureFlag.PhishingDetection), @@ -141,16 +144,16 @@ export class PhishingDetectionService { ]).pipe( map(([hasPremium, organizations]) => { // Check if any organization for the user passes requirements for phishing detection - let hasPhishingDetectionInOrg = false; - if (organizations && organizations.length > 0) { - hasPhishingDetectionInOrg = organizations.some( + const hasAccessThroughFamilyOrg = + organizations?.some( (org) => + org.canAccess && org.usePhishingBlocker && org.usersGetPremium && org.productTierType === ProductTierType.Families, - ); - } - return featureEnabled && (hasPremium || hasPhishingDetectionInOrg); + ) ?? false; + + return featureEnabled && (hasPremium || hasAccessThroughFamilyOrg); }), ); }),