vaultwarden
/
bitwarden-estensione-browser
mirror of https://github.com/bitwarden/browser
1
0
Fork 0
Code Issues 1 Releases Wiki Activity

Feature/split manage collections permission (#504) 

* Split manage collections permissions

* Convert camel to pascal case for element id -> name
This commit is contained in:
Matt Gibson 2021-10-01 07:50:30 -05:00 committed by GitHub
parent ce71c0c0bd
commit 562e1fe459
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 75 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
common/src/enums/permissions.ts
View File

@ -1,14 +1,27 @@
export enum Permissions { export enum Permissions {
AccessBusinessPortal, AccessBusinessPortal = 0,
AccessEventLogs, AccessEventLogs = 1,
AccessImportExport, AccessImportExport = 2,
AccessReports, AccessReports = 3,
ManageAllCollections, /**
ManageAssignedCollections, * @deprecated Sep 29 2021: This permission has been split out to `createNewCollections`, `editAnyCollection`, and
ManageGroups, * `deleteAnyCollection`. It exists here for backwards compatibility with Server versions <= 1.43.0
ManageOrganization, */
ManagePolicies, ManageAllCollections = 4,
ManageProvider, /**
ManageUsers, * @deprecated Sep 29 2021: This permission has been split out to `editAssignedCollections` and
ManageUsersPassword, * `deleteAssignedCollections`. It exists here for backwards compatibility with Server versions <= 1.43.0
*/
ManageAssignedCollections = 5,
ManageGroups = 6,
ManageOrganization = 7,
ManagePolicies = 8,
ManageProvider = 9,
ManageUsers = 10,
ManageUsersPassword = 11,
CreateNewCollections = 12,
EditAnyCollection = 13,
DeleteAnyCollection = 14,
EditAssignedCollections = 15,
DeleteAssignedCollections = 16,
} }

4
common/src/misc/utils.ts
View File

@ -325,6 +325,10 @@ export class Utils {
return url; return url;
} }
static camelToPascalCase(s: string) {
return s.charAt(0).toUpperCase() + s.slice(1);
}
private static validIpAddress(ipString: string): boolean { private static validIpAddress(ipString: string): boolean {
// tslint:disable-next-line // tslint:disable-next-line
const ipRegex = /^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/; const ipRegex = /^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/;

22
common/src/models/api/permissionsApi.ts
View File

@ -5,8 +5,21 @@ export class PermissionsApi extends BaseResponse {
accessEventLogs: boolean; accessEventLogs: boolean;
accessImportExport: boolean; accessImportExport: boolean;
accessReports: boolean; accessReports: boolean;
/**
* @deprecated Sep 29 2021: This permission has been split out to `createNewCollections`, `editAnyCollection`, and
* `deleteAnyCollection`. It exists here for backwards compatibility with Server versions <= 1.43.0
*/
manageAllCollections: boolean; manageAllCollections: boolean;
createNewCollections: boolean;
editAnyCollection: boolean;
deleteAnyCollection: boolean;
/**
* @deprecated Sep 29 2021: This permission has been split out to `editAssignedCollections` and
* `deleteAssignedCollections`. It exists here for backwards compatibility with Server versions <= 1.43.0
*/
manageAssignedCollections: boolean; manageAssignedCollections: boolean;
editAssignedCollections: boolean;
deleteAssignedCollections: boolean;
manageCiphers: boolean; manageCiphers: boolean;
manageGroups: boolean; manageGroups: boolean;
manageSso: boolean; manageSso: boolean;
@ -23,8 +36,17 @@ export class PermissionsApi extends BaseResponse {
this.accessEventLogs = this.getResponseProperty('AccessEventLogs'); this.accessEventLogs = this.getResponseProperty('AccessEventLogs');
this.accessImportExport = this.getResponseProperty('AccessImportExport'); this.accessImportExport = this.getResponseProperty('AccessImportExport');
this.accessReports = this.getResponseProperty('AccessReports'); this.accessReports = this.getResponseProperty('AccessReports');
// For backwards compatibility with Server <= 1.43.0
this.manageAllCollections = this.getResponseProperty('ManageAllCollections'); this.manageAllCollections = this.getResponseProperty('ManageAllCollections');
this.manageAssignedCollections = this.getResponseProperty('ManageAssignedCollections'); this.manageAssignedCollections = this.getResponseProperty('ManageAssignedCollections');
this.createNewCollections = this.getResponseProperty('CreateNewCollections');
this.editAnyCollection = this.getResponseProperty('EditAnyCollection');
this.deleteAnyCollection = this.getResponseProperty('DeleteAnyCollection');
this.editAssignedCollections = this.getResponseProperty('EditAssignedCollections');
this.deleteAssignedCollections = this.getResponseProperty('DeleteAssignedCollections');
this.manageCiphers = this.getResponseProperty('ManageCiphers'); this.manageCiphers = this.getResponseProperty('ManageCiphers');
this.manageGroups = this.getResponseProperty('ManageGroups'); this.manageGroups = this.getResponseProperty('ManageGroups');
this.manageSso = this.getResponseProperty('ManageSso'); this.manageSso = this.getResponseProperty('ManageSso');

28
common/src/models/domain/organization.ts
View File

@ -108,12 +108,32 @@ export class Organization {
return this.isAdmin || this.permissions.accessReports; return this.isAdmin || this.permissions.accessReports;
} }
get canManageAllCollections() { get canCreateNewCollections() {
return this.isAdmin || this.permissions.manageAllCollections; return this.isAdmin || (this.permissions.createNewCollections ?? this.permissions.manageAllCollections);
} }
get canManageAssignedCollections() { get canEditAnyCollection() {
return this.isManager || this.permissions.manageAssignedCollections; return this.isAdmin || (this.permissions.editAnyCollection ?? this.permissions.manageAllCollections);
}
get canDeleteAnyCollection() {
return this.isAdmin || (this.permissions.deleteAnyCollection ?? this.permissions.manageAllCollections);
}
get canViewAllCollections() {
return this.canEditAnyCollection || this.canDeleteAnyCollection;
}
get canEditAssignedCollections() {
return this.isManager || (this.permissions.deleteAssignedCollections ?? this.permissions.manageAssignedCollections);
}
get canDeleteAssignedCollections() {
return this.isManager || (this.permissions.deleteAssignedCollections ?? this.permissions.manageAssignedCollections);
}
get canViewAssignedCollections() {
return this.canDeleteAssignedCollections || this.canEditAssignedCollections;
} }
get canManageGroups() { get canManageGroups() {