From 1a38bec901fdf0695259b08364f4d05f2e21be56 Mon Sep 17 00:00:00 2001
From: Will Martin <contact@willmartian.com>
Date: Thu, 4 Jan 2024 22:26:23 -0500
Subject: [PATCH] [AC-1389] update collection dialog copy based on admin access
 setting (#7137)

* update collection dialog access copy based on allowAdminAccessToAllCollectionItems setting

* remove requirement to have a Can Manage user if v1 flag is off or admins have access to all collections

---------

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
---
 .../collection-dialog.component.html          |  6 ++++
 .../collection-dialog.component.ts            | 28 +++++++++++++++----
 apps/web/src/locales/en/messages.json         |  6 ++++
 3 files changed, 34 insertions(+), 6 deletions(-)

diff --git a/apps/web/src/app/vault/components/collection-dialog/collection-dialog.component.html b/apps/web/src/app/vault/components/collection-dialog/collection-dialog.component.html
index 462a82e012..88f22c892e 100644
--- a/apps/web/src/app/vault/components/collection-dialog/collection-dialog.component.html
+++ b/apps/web/src/app/vault/components/collection-dialog/collection-dialog.component.html
@@ -64,6 +64,12 @@
           </bit-form-field>
         </bit-tab>
         <bit-tab label="{{ 'access' | i18n }}">
+          <div class="tw-mb-3" *ngIf="flexibleCollectionsV1Enabled$ | async">
+            {{ "grantCollectionAccess" | i18n }}
+            <span *ngIf="organization.allowAdminAccessToAllCollectionItems">{{
+              " " + ("adminCollectionAccess" | i18n)
+            }}</span>
+          </div>
           <div
             class="tw-mb-3 tw-text-danger"
             *ngIf="formGroup.controls.access.hasError('managePermissionRequired')"
diff --git a/apps/web/src/app/vault/components/collection-dialog/collection-dialog.component.ts b/apps/web/src/app/vault/components/collection-dialog/collection-dialog.component.ts
index a244f29804..4f026d2abc 100644
--- a/apps/web/src/app/vault/components/collection-dialog/collection-dialog.component.ts
+++ b/apps/web/src/app/vault/components/collection-dialog/collection-dialog.component.ts
@@ -3,7 +3,6 @@ import { ChangeDetectorRef, Component, Inject, OnDestroy, OnInit } from "@angula
 import { AbstractControl, FormBuilder, Validators } from "@angular/forms";
 import {
   combineLatest,
-  firstValueFrom,
   from,
   map,
   Observable,
@@ -75,6 +74,11 @@ export class CollectionDialogComponent implements OnInit, OnDestroy {
     false,
   );
 
+  protected flexibleCollectionsV1Enabled$ = this.configService.getFeatureFlag$(
+    FeatureFlag.FlexibleCollectionsV1,
+    false,
+  );
+
   private destroy$ = new Subject<void>();
   protected organizations$: Observable<Organization[]>;
 
@@ -134,10 +138,6 @@ export class CollectionDialogComponent implements OnInit, OnDestroy {
       this.formGroup.patchValue({ selectedOrg: this.params.organizationId });
       await this.loadOrg(this.params.organizationId, this.params.collectionIds);
     }
-
-    if (await firstValueFrom(this.flexibleCollectionsEnabled$)) {
-      this.formGroup.controls.access.addValidators(validateCanManagePermission);
-    }
   }
 
   async loadOrg(orgId: string, collectionIds: string[]) {
@@ -162,10 +162,19 @@ export class CollectionDialogComponent implements OnInit, OnDestroy {
       groups: groups$,
       users: this.organizationUserService.getAllUsers(orgId),
       flexibleCollections: this.flexibleCollectionsEnabled$,
+      flexibleCollectionsV1: this.flexibleCollectionsV1Enabled$,
     })
       .pipe(takeUntil(this.formGroup.controls.selectedOrg.valueChanges), takeUntil(this.destroy$))
       .subscribe(
-        ({ organization, collections, collectionDetails, groups, users, flexibleCollections }) => {
+        ({
+          organization,
+          collections,
+          collectionDetails,
+          groups,
+          users,
+          flexibleCollections,
+          flexibleCollectionsV1,
+        }) => {
           this.organization = organization;
           this.accessItems = [].concat(
             groups.map(mapGroupToAccessItemView),
@@ -223,6 +232,13 @@ export class CollectionDialogComponent implements OnInit, OnDestroy {
             });
           }
 
+          if (flexibleCollectionsV1 && !organization.allowAdminAccessToAllCollectionItems) {
+            this.formGroup.controls.access.addValidators(validateCanManagePermission);
+          } else {
+            this.formGroup.controls.access.removeValidators(validateCanManagePermission);
+          }
+          this.formGroup.controls.access.updateValueAndValidity();
+
           this.loading = false;
         },
       );
diff --git a/apps/web/src/locales/en/messages.json b/apps/web/src/locales/en/messages.json
index 5d7d4a3539..35420dd498 100644
--- a/apps/web/src/locales/en/messages.json
+++ b/apps/web/src/locales/en/messages.json
@@ -7447,6 +7447,12 @@
   "collectionAccessRestricted": {
     "message": "Collection access is restricted"
   },
+  "grantCollectionAccess": {
+    "message": "Grant groups or members access to this collection."
+  },
+  "adminCollectionAccess": {
+    "message": "Administrators can access and manage collections."
+  },
   "serviceAccountAccessUpdated": {
     "message": "Service account access updated"
   }