From dd936d95ef7e5be8f895afb9935c1ac4669e541c Mon Sep 17 00:00:00 2001
From: Leslie Tilton <23057410+Banrion@users.noreply.github.com>
Date: Thu, 4 Dec 2025 11:53:21 -0600
Subject: [PATCH] Minor changes in response to claude comments

---
 .../services/phishing-detection.service.ts    | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/apps/browser/src/dirt/phishing-detection/services/phishing-detection.service.ts b/apps/browser/src/dirt/phishing-detection/services/phishing-detection.service.ts
index f4866a68299..7dee018c991 100644
--- a/apps/browser/src/dirt/phishing-detection/services/phishing-detection.service.ts
+++ b/apps/browser/src/dirt/phishing-detection/services/phishing-detection.service.ts
@@ -122,9 +122,12 @@ export class PhishingDetectionService {
       .pipe(switchMap((message) => BrowserApi.closeTab(message.tabId)));
 
     // The active account only has access if phishing detection is enabled in feature flags
-    // The active account has access to the phishing detection through one of the following sources
+    // The active account has access to the phishing detection through one of the following sources:
     // 1. Personal Premium subscription
-    // 2. An organization is a Family plan with usePhishingBlocker AND usersGetPremium enabled
+    // 2. Member of a Family organization (ProductTierType.Families) with BOTH:
+    //    - usePhishingBlocker permission enabled
+    //    - usersGetPremium permission enabled
+    // Note: Teams and Enterprise organizations are excluded per PM-29021 requirements
     const activeAccountHasAccess$ = combineLatest([
       accountService.activeAccount$,
       configService.getFeatureFlag$(FeatureFlag.PhishingDetection),
@@ -141,16 +144,16 @@ export class PhishingDetectionService {
         ]).pipe(
           map(([hasPremium, organizations]) => {
             // Check if any organization for the user passes requirements for phishing detection
-            let hasPhishingDetectionInOrg = false;
-            if (organizations && organizations.length > 0) {
-              hasPhishingDetectionInOrg = organizations.some(
+            const hasAccessThroughFamilyOrg =
+              organizations?.some(
                 (org) =>
+                  org.canAccess &&
                   org.usePhishingBlocker &&
                   org.usersGetPremium &&
                   org.productTierType === ProductTierType.Families,
-              );
-            }
-            return featureEnabled && (hasPremium || hasPhishingDetectionInOrg);
+              ) ?? false;
+
+            return featureEnabled && (hasPremium || hasAccessThroughFamilyOrg);
           }),
         );
       }),