From cdc08e7e8a07835075a62317b7d8a54f078eb13e Mon Sep 17 00:00:00 2001 From: Addison Beck Date: Wed, 13 Jan 2021 14:31:27 -0500 Subject: [PATCH] Implemented Custom role and permissions (#1189) * Implemented Custom role and permissions * changed permissions to permissions model * added a semicolon --- src/Android/Autofill/AutofillService.cs | 2 +- src/App/Pages/Vault/AddEditPageViewModel.cs | 2 +- src/Core/Enums/OrganizationUserType.cs | 1 + src/Core/Models/Data/OrganizationData.cs | 2 ++ src/Core/Models/Data/Permissions.cs | 16 ++++++++++++++++ src/Core/Models/Domain/Organization.cs | 12 ++++++++++++ .../Response/ProfileOrganizationResponse.cs | 2 ++ 7 files changed, 35 insertions(+), 2 deletions(-) create mode 100644 src/Core/Models/Data/Permissions.cs diff --git a/src/Android/Autofill/AutofillService.cs b/src/Android/Autofill/AutofillService.cs index 294714826..7ac0c67b7 100644 --- a/src/Android/Autofill/AutofillService.cs +++ b/src/Android/Autofill/AutofillService.cs @@ -102,7 +102,7 @@ namespace Bit.Droid.Autofill if (policy.Enabled) { var org = await _userService.GetOrganizationAsync(policy.OrganizationId); - if (org != null && org.Enabled && org.UsePolicies && !org.IsAdmin + if (org != null && org.Enabled && org.UsePolicies && !org.canManagePolicies && org.Status == OrganizationUserStatusType.Confirmed) { return; diff --git a/src/App/Pages/Vault/AddEditPageViewModel.cs b/src/App/Pages/Vault/AddEditPageViewModel.cs index 7d9aad247..e56e98bfc 100644 --- a/src/App/Pages/Vault/AddEditPageViewModel.cs +++ b/src/App/Pages/Vault/AddEditPageViewModel.cs @@ -298,7 +298,7 @@ namespace Bit.App.Pages if (org.Enabled && org.Status == OrganizationUserStatusType.Confirmed) { OwnershipOptions.Add(new KeyValuePair(org.Name, org.Id)); - if (policies != null && org.UsePolicies && !org.IsAdmin && AllowPersonal) + if (policies != null && org.UsePolicies && !org.canManagePolicies && AllowPersonal) { foreach (var policy in policies) { diff --git a/src/Core/Enums/OrganizationUserType.cs b/src/Core/Enums/OrganizationUserType.cs index 7021952ef..738c80657 100644 --- a/src/Core/Enums/OrganizationUserType.cs +++ b/src/Core/Enums/OrganizationUserType.cs @@ -6,5 +6,6 @@ Admin = 1, User = 2, Manager = 3, + Custom = 4, } } diff --git a/src/Core/Models/Data/OrganizationData.cs b/src/Core/Models/Data/OrganizationData.cs index 65140e6d1..e08e6fd16 100644 --- a/src/Core/Models/Data/OrganizationData.cs +++ b/src/Core/Models/Data/OrganizationData.cs @@ -26,6 +26,7 @@ namespace Bit.Core.Models.Data Seats = response.Seats; MaxCollections = response.MaxCollections; MaxStorageGb = response.MaxStorageGb; + Permissions = response.Permissions; } public string Id { get; set; } @@ -45,5 +46,6 @@ namespace Bit.Core.Models.Data public int Seats { get; set; } public int MaxCollections { get; set; } public short? MaxStorageGb { get; set; } + public Permissions Permissions { get; set; } } } diff --git a/src/Core/Models/Data/Permissions.cs b/src/Core/Models/Data/Permissions.cs new file mode 100644 index 000000000..91e0ffae5 --- /dev/null +++ b/src/Core/Models/Data/Permissions.cs @@ -0,0 +1,16 @@ +namespace Bit.Core.Models.Data +{ + public class Permissions + { + public bool AccessBusinessPortal { get; set; } + public bool AccessEventLogs { get; set; } + public bool AccessImportExport { get; set; } + public bool AccessReports { get; set; } + public bool ManageAssignedCollections { get; set; } + public bool ManageAllCollections { get; set; } + public bool ManageGroups { get; set; } + public bool ManagePolicies { get; set; } + public bool ManageSso { get; set; } + public bool ManageUsers { get; set; } + } +} diff --git a/src/Core/Models/Domain/Organization.cs b/src/Core/Models/Domain/Organization.cs index aef97622e..11c398552 100644 --- a/src/Core/Models/Domain/Organization.cs +++ b/src/Core/Models/Domain/Organization.cs @@ -26,6 +26,7 @@ namespace Bit.Core.Models.Domain Seats = obj.Seats; MaxCollections = obj.MaxCollections; MaxStorageGb = obj.MaxStorageGb; + Permissions = obj.Permissions; } public string Id { get; set; } @@ -45,6 +46,7 @@ namespace Bit.Core.Models.Domain public int Seats { get; set; } public int MaxCollections { get; set; } public short? MaxStorageGb { get; set; } + public Permissions Permissions { get; set; } public bool CanAccess { @@ -76,5 +78,15 @@ namespace Bit.Core.Models.Domain public bool IsAdmin => Type == OrganizationUserType.Owner || Type == OrganizationUserType.Admin; public bool IsOwner => Type == OrganizationUserType.Owner; + public bool IsCustom => Type == OrganizationUserType.Custom; + public bool canAccessBusinessPortl => IsAdmin || Permissions.AccessBusinessPortal; + public bool canAccessEventLogs => IsAdmin || Permissions.AccessEventLogs; + public bool canAccessImportExport => IsAdmin || Permissions.AccessImportExport; + public bool canAccessReports => IsAdmin || Permissions.AccessReports; + public bool canManageAllCollections => IsAdmin || Permissions.ManageAllCollections; + public bool canManageAssignedCollections => IsManager || Permissions.ManageAssignedCollections; + public bool canManageGroups => IsAdmin || Permissions.ManageGroups; + public bool canManagePolicies => IsAdmin || Permissions.ManagePolicies; + public bool canManageUser => IsAdmin || Permissions.ManageUsers; } } diff --git a/src/Core/Models/Response/ProfileOrganizationResponse.cs b/src/Core/Models/Response/ProfileOrganizationResponse.cs index d6ca8dcef..567562432 100644 --- a/src/Core/Models/Response/ProfileOrganizationResponse.cs +++ b/src/Core/Models/Response/ProfileOrganizationResponse.cs @@ -1,4 +1,5 @@ using Bit.Core.Enums; +using Bit.Core.Models.Data; namespace Bit.Core.Models.Response { @@ -22,5 +23,6 @@ namespace Bit.Core.Models.Response public OrganizationUserStatusType Status { get; set; } public OrganizationUserType Type { get; set; } public bool Enabled { get; set; } + public Permissions Permissions { get; set; } } }