Move policy checks within policyService (#466)

* Move policy logic within policyService * Remove unneeded import * Clean up unused code * Fix linting * Enforce policies from accepting org invite * Only exempt owner or admin from policies * Use canManagePolicies as exemption criteria * Make orgUser status check more semantic Co-authored-by: Addison Beck <abeck@bitwarden.com> Co-authored-by: Addison Beck <abeck@bitwarden.com>
2025-12-06 00:03:29 +00:00 · 2021-08-31 06:52:57 +10:00
parent f02720a1c6
commit 30419a625f
6 changed files with 49 additions and 44 deletions
--- a/angular/src/components/add-edit.component.ts
+++ b/angular/src/components/add-edit.component.ts
@@ -164,28 +164,20 @@ export class AddEditComponent implements OnInit {
    }

    async init() {
-        const policies = await this.policyService.getAll(PolicyType.PersonalOwnership);
        const myEmail = await this.userService.getEmail();
        this.ownershipOptions.push({ name: myEmail, value: null });
        const orgs = await this.userService.getAllOrganizations();
        orgs.sort(Utils.getSortFunction(this.i18nService, 'name')).forEach(o => {
            if (o.enabled && o.status === OrganizationUserStatusType.Confirmed) {
                this.ownershipOptions.push({ name: o.name, value: o.id });
-                if (policies != null && o.usePolicies && !o.canManagePolicies && this.allowPersonal) {
-                    for (const policy of policies) {
-                        if (policy.organizationId === o.id && policy.enabled) {
-                            this.allowPersonal = false;
-                            this.ownershipOptions.splice(0, 1);
-                            // Default to the organization who owns this policy for now (if necessary)
-                            if (this.organizationId == null) {
-                                this.organizationId = o.id;
-                            }
-                            break;
-                        }
-                    }
-                }
            }
        });
+
+        if (this.allowPersonal && await this.policyService.policyAppliesToUser(PolicyType.PersonalOwnership)) {
+            this.allowPersonal = false;
+            this.ownershipOptions.splice(0, 1);
+        }
+
        this.writeableCollections = await this.loadCollections();
    }

--- a/angular/src/components/send/add-edit.component.ts
+++ b/angular/src/components/send/add-edit.component.ts
@@ -7,7 +7,6 @@ import {
    Output
 } from '@angular/core';

-import { OrganizationUserStatusType } from 'jslib-common/enums/organizationUserStatusType';
 import { PolicyType } from 'jslib-common/enums/policyType';
 import { SendType } from 'jslib-common/enums/sendType';

@@ -103,24 +102,9 @@ export class AddEditComponent implements OnInit {
    }

    async load() {
-        const disableSendPolicies = await this.policyService.getAll(PolicyType.DisableSend);
-        const organizations = await this.userService.getAllOrganizations();
-        this.disableSend = organizations.some(o => {
-            return o.enabled &&
-                o.status === OrganizationUserStatusType.Confirmed &&
-                o.usePolicies &&
-                !o.canManagePolicies &&
-                disableSendPolicies.some(p => p.organizationId === o.id && p.enabled);
-        });
-
-        const sendOptionsPolicies = await this.policyService.getAll(PolicyType.SendOptions);
-        this.disableHideEmail = await organizations.some(o => {
-            return o.enabled &&
-                o.status === OrganizationUserStatusType.Confirmed &&
-                o.usePolicies &&
-                !o.canManagePolicies &&
-                sendOptionsPolicies.some(p => p.organizationId === o.id && p.enabled && p.data.disableHideEmail);
-        });
+        this.disableSend = await this.policyService.policyAppliesToUser(PolicyType.DisableSend);
+        this.disableHideEmail = await this.policyService.policyAppliesToUser(PolicyType.SendOptions,
+            p => p.data.disableHideEmail);

        this.canAccessPremium = await this.userService.canAccessPremium();
        this.emailVerified = await this.userService.getEmailVerified();
--- a/angular/src/components/send/send.component.ts
+++ b/angular/src/components/send/send.component.ts
@@ -51,15 +51,7 @@ export class SendComponent implements OnInit {
        protected policyService: PolicyService, protected userService: UserService) { }

    async ngOnInit() {
-        const policies = await this.policyService.getAll(PolicyType.DisableSend);
-        const organizations = await this.userService.getAllOrganizations();
-        this.disableSend = organizations.some(o => {
-            return o.enabled &&
-                o.status === OrganizationUserStatusType.Confirmed &&
-                o.usePolicies &&
-                !o.canManagePolicies &&
-                policies.some(p => p.organizationId === o.id && p.enabled);
-        });
+        this.disableSend = await this.policyService.policyAppliesToUser(PolicyType.DisableSend);
    }

    async load(filter: (send: SendView) => boolean = null) {