[PM-32717] Individual Vault - Edit Cipher permissions (#19228)

* bypass cipher edit permissions for individual vault * replace bypassCipherEditPermission with form configuration mode * allow partial edit to view cipher form * remove old comment
2026-02-26 09:33:22 +00:00 · 2026-02-25 13:26:56 -06:00
parent 727bc02a63
commit e422dc7f29
3 changed files with 26 additions and 3 deletions
--- a/apps/web/src/app/vault/components/vault-item-dialog/vault-item-dialog.component.spec.ts
+++ b/apps/web/src/app/vault/components/vault-item-dialog/vault-item-dialog.component.spec.ts
@@ -374,6 +374,29 @@ describe("VaultItemDialogComponent", () => {
    });
  });

+  describe("disableEdit", () => {
+    it("returns false when formConfig mode is partial-edit even if canEdit is false", () => {
+      component["canEdit"] = false;
+      component.setTestFormConfig({ ...baseFormConfig, mode: "partial-edit" });
+
+      expect(component["disableEdit"]).toBe(false);
+    });
+
+    it("returns true when canEdit is false and formConfig mode is not partial-edit", () => {
+      component["canEdit"] = false;
+      component.setTestFormConfig({ ...baseFormConfig, mode: "edit" });
+
+      expect(component["disableEdit"]).toBe(true);
+    });
+
+    it("returns false when canEdit is true regardless of formConfig mode", () => {
+      component["canEdit"] = true;
+      component.setTestFormConfig({ ...baseFormConfig, mode: "edit" });
+
+      expect(component["disableEdit"]).toBe(false);
+    });
+  });
+
  describe("changeMode", () => {
    beforeEach(() => {
      component.setTestCipher({ type: CipherType.Login, id: "cipher-id" });
--- a/apps/web/src/app/vault/components/vault-item-dialog/vault-item-dialog.component.ts
+++ b/apps/web/src/app/vault/components/vault-item-dialog/vault-item-dialog.component.ts
@@ -273,7 +273,7 @@ export class VaultItemDialogComponent implements OnInit, OnDestroy {
  }

  protected get disableEdit() {
-    return !this.canEdit;
+    return !this.canEdit && this.formConfig.mode !== "partial-edit";
  }

  protected get showEdit() {
@@ -396,7 +396,7 @@ export class VaultItemDialogComponent implements OnInit, OnDestroy {
      );

      // If user cannot edit and dialog opened in form mode, force to view mode
-      if (!this.canEdit && this.params.mode === "form") {
+      if (!this.canEdit && this.formConfig.mode !== "partial-edit" && this.params.mode === "form") {
        this.params.mode = "view";
        this.loadForm = false;
        this.updateTitle();
--- a/libs/common/src/vault/services/cipher-authorization.service.ts
+++ b/libs/common/src/vault/services/cipher-authorization.service.ts
@@ -135,7 +135,7 @@ export class DefaultCipherAuthorizationService implements CipherAuthorizationSer
   *
   * {@link CipherAuthorizationService.canEditCipher$}
   */
-  canEditCipher$(cipher: CipherLike, isAdminConsoleAction?: boolean): Observable<boolean> {
+  canEditCipher$(cipher: CipherLike, isAdminConsoleAction: boolean = false): Observable<boolean> {
    return this.organization$(cipher).pipe(
      map((organization) => {
        if (isAdminConsoleAction) {