[AC-1747] deprecate access control indicator (#6796)
--------- Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
This commit is contained in:
parent
6e2e4d3343
commit
79dbe051c8
|
@ -2,7 +2,9 @@ import { Injectable } from "@angular/core";
|
||||||
|
|
||||||
import { ApiService } from "@bitwarden/common/abstractions/api.service";
|
import { ApiService } from "@bitwarden/common/abstractions/api.service";
|
||||||
import { SelectionReadOnlyRequest } from "@bitwarden/common/admin-console/models/request/selection-read-only.request";
|
import { SelectionReadOnlyRequest } from "@bitwarden/common/admin-console/models/request/selection-read-only.request";
|
||||||
|
import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
|
||||||
import { ListResponse } from "@bitwarden/common/models/response/list.response";
|
import { ListResponse } from "@bitwarden/common/models/response/list.response";
|
||||||
|
import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction";
|
||||||
|
|
||||||
import { CoreOrganizationModule } from "../../core-organization.module";
|
import { CoreOrganizationModule } from "../../core-organization.module";
|
||||||
import { GroupView } from "../../views/group.view";
|
import { GroupView } from "../../views/group.view";
|
||||||
|
@ -15,7 +17,27 @@ import { GroupDetailsResponse, GroupResponse } from "./responses/group.response"
|
||||||
providedIn: "root",
|
providedIn: "root",
|
||||||
})
|
})
|
||||||
export class GroupService {
|
export class GroupService {
|
||||||
constructor(protected apiService: ApiService) {}
|
constructor(
|
||||||
|
protected apiService: ApiService,
|
||||||
|
protected configService: ConfigServiceAbstraction,
|
||||||
|
) {}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* TODO: This should be replaced with `GroupView.fromResponse` when `FeatureFlag.FlexibleCollections` is removed.
|
||||||
|
**/
|
||||||
|
protected async groupViewFromResponse(response: GroupResponse): Promise<GroupView> {
|
||||||
|
const view = GroupView.fromResponse(response);
|
||||||
|
|
||||||
|
const hasFlexibleCollections = await this.configService.getFeatureFlag(
|
||||||
|
FeatureFlag.FlexibleCollections,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
if (hasFlexibleCollections) {
|
||||||
|
view.accessAll = false;
|
||||||
|
}
|
||||||
|
|
||||||
|
return view;
|
||||||
|
}
|
||||||
|
|
||||||
async get(orgId: string, groupId: string): Promise<GroupView> {
|
async get(orgId: string, groupId: string): Promise<GroupView> {
|
||||||
const r = await this.apiService.send(
|
const r = await this.apiService.send(
|
||||||
|
@ -26,7 +48,7 @@ export class GroupService {
|
||||||
true,
|
true,
|
||||||
);
|
);
|
||||||
|
|
||||||
return GroupView.fromResponse(new GroupDetailsResponse(r));
|
return this.groupViewFromResponse(new GroupDetailsResponse(r));
|
||||||
}
|
}
|
||||||
|
|
||||||
async getAll(orgId: string): Promise<GroupView[]> {
|
async getAll(orgId: string): Promise<GroupView[]> {
|
||||||
|
@ -40,14 +62,17 @@ export class GroupService {
|
||||||
|
|
||||||
const listResponse = new ListResponse(r, GroupDetailsResponse);
|
const listResponse = new ListResponse(r, GroupDetailsResponse);
|
||||||
|
|
||||||
return listResponse.data?.map((gr) => GroupView.fromResponse(gr)) ?? [];
|
return Promise.all(listResponse.data?.map((gr) => this.groupViewFromResponse(gr))) ?? [];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Injectable({ providedIn: CoreOrganizationModule })
|
@Injectable({ providedIn: CoreOrganizationModule })
|
||||||
export class InternalGroupService extends GroupService {
|
export class InternalGroupService extends GroupService {
|
||||||
constructor(protected apiService: ApiService) {
|
constructor(
|
||||||
super(apiService);
|
protected apiService: ApiService,
|
||||||
|
protected configService: ConfigServiceAbstraction,
|
||||||
|
) {
|
||||||
|
super(apiService, configService);
|
||||||
}
|
}
|
||||||
|
|
||||||
async delete(orgId: string, groupId: string): Promise<void> {
|
async delete(orgId: string, groupId: string): Promise<void> {
|
||||||
|
@ -94,7 +119,7 @@ export class InternalGroupService extends GroupService {
|
||||||
true,
|
true,
|
||||||
true,
|
true,
|
||||||
);
|
);
|
||||||
return GroupView.fromResponse(new GroupResponse(r));
|
return this.groupViewFromResponse(new GroupResponse(r));
|
||||||
}
|
}
|
||||||
|
|
||||||
private async putGroup(
|
private async putGroup(
|
||||||
|
@ -109,6 +134,6 @@ export class InternalGroupService extends GroupService {
|
||||||
true,
|
true,
|
||||||
true,
|
true,
|
||||||
);
|
);
|
||||||
return GroupView.fromResponse(new GroupResponse(r));
|
return this.groupViewFromResponse(new GroupResponse(r));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,6 +5,10 @@ export class GroupResponse extends BaseResponse {
|
||||||
id: string;
|
id: string;
|
||||||
organizationId: string;
|
organizationId: string;
|
||||||
name: string;
|
name: string;
|
||||||
|
/**
|
||||||
|
* @deprecated
|
||||||
|
* To be removed alongside `FeatureFlag.FlexibleCollections`.
|
||||||
|
**/
|
||||||
accessAll: boolean;
|
accessAll: boolean;
|
||||||
externalId: string;
|
externalId: string;
|
||||||
|
|
||||||
|
|
|
@ -6,13 +6,18 @@ import {
|
||||||
OrganizationUserUpdateRequest,
|
OrganizationUserUpdateRequest,
|
||||||
} from "@bitwarden/common/admin-console/abstractions/organization-user/requests";
|
} from "@bitwarden/common/admin-console/abstractions/organization-user/requests";
|
||||||
import { OrganizationUserDetailsResponse } from "@bitwarden/common/admin-console/abstractions/organization-user/responses";
|
import { OrganizationUserDetailsResponse } from "@bitwarden/common/admin-console/abstractions/organization-user/responses";
|
||||||
|
import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
|
||||||
|
import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction";
|
||||||
|
|
||||||
import { CoreOrganizationModule } from "../core-organization.module";
|
import { CoreOrganizationModule } from "../core-organization.module";
|
||||||
import { OrganizationUserAdminView } from "../views/organization-user-admin-view";
|
import { OrganizationUserAdminView } from "../views/organization-user-admin-view";
|
||||||
|
|
||||||
@Injectable({ providedIn: CoreOrganizationModule })
|
@Injectable({ providedIn: CoreOrganizationModule })
|
||||||
export class UserAdminService {
|
export class UserAdminService {
|
||||||
constructor(private organizationUserService: OrganizationUserService) {}
|
constructor(
|
||||||
|
private configService: ConfigServiceAbstraction,
|
||||||
|
private organizationUserService: OrganizationUserService,
|
||||||
|
) {}
|
||||||
|
|
||||||
async get(
|
async get(
|
||||||
organizationId: string,
|
organizationId: string,
|
||||||
|
@ -73,7 +78,12 @@ export class UserAdminService {
|
||||||
view.type = u.type;
|
view.type = u.type;
|
||||||
view.status = u.status;
|
view.status = u.status;
|
||||||
view.externalId = u.externalId;
|
view.externalId = u.externalId;
|
||||||
view.accessAll = u.accessAll;
|
view.accessAll = (await this.configService.getFeatureFlag(
|
||||||
|
FeatureFlag.FlexibleCollections,
|
||||||
|
false,
|
||||||
|
))
|
||||||
|
? false
|
||||||
|
: u.accessAll;
|
||||||
view.permissions = u.permissions;
|
view.permissions = u.permissions;
|
||||||
view.resetPasswordEnrolled = u.resetPasswordEnrolled;
|
view.resetPasswordEnrolled = u.resetPasswordEnrolled;
|
||||||
view.collections = u.collections.map((c) => ({
|
view.collections = u.collections.map((c) => ({
|
||||||
|
|
|
@ -8,6 +8,11 @@ export class GroupView implements View {
|
||||||
id: string;
|
id: string;
|
||||||
organizationId: string;
|
organizationId: string;
|
||||||
name: string;
|
name: string;
|
||||||
|
/**
|
||||||
|
* @deprecated
|
||||||
|
* To be removed alongside `FeatureFlag.FlexibleCollections`.
|
||||||
|
* This will always return `false` if Flexible Collections is enabled.
|
||||||
|
**/
|
||||||
accessAll: boolean;
|
accessAll: boolean;
|
||||||
externalId: string;
|
externalId: string;
|
||||||
collections: CollectionAccessSelectionView[] = [];
|
collections: CollectionAccessSelectionView[] = [];
|
||||||
|
|
|
@ -13,6 +13,11 @@ export class OrganizationUserAdminView {
|
||||||
type: OrganizationUserType;
|
type: OrganizationUserType;
|
||||||
status: OrganizationUserStatusType;
|
status: OrganizationUserStatusType;
|
||||||
externalId: string;
|
externalId: string;
|
||||||
|
/**
|
||||||
|
* @deprecated
|
||||||
|
* To be removed alongside `FeatureFlag.FlexibleCollections`.
|
||||||
|
* This will always return `false` if Flexible Collections is enabled.
|
||||||
|
**/
|
||||||
accessAll: boolean;
|
accessAll: boolean;
|
||||||
permissions: PermissionsApi;
|
permissions: PermissionsApi;
|
||||||
resetPasswordEnrolled: boolean;
|
resetPasswordEnrolled: boolean;
|
||||||
|
|
|
@ -12,6 +12,12 @@ export class OrganizationUserView {
|
||||||
userId: string;
|
userId: string;
|
||||||
type: OrganizationUserType;
|
type: OrganizationUserType;
|
||||||
status: OrganizationUserStatusType;
|
status: OrganizationUserStatusType;
|
||||||
|
/**
|
||||||
|
* @deprecated
|
||||||
|
* To be removed alongside `FeatureFlag.FlexibleCollections`.
|
||||||
|
*
|
||||||
|
* This will always return `false` if Flexible Collections is enabled.
|
||||||
|
**/
|
||||||
accessAll: boolean;
|
accessAll: boolean;
|
||||||
permissions: PermissionsApi;
|
permissions: PermissionsApi;
|
||||||
resetPasswordEnrolled: boolean;
|
resetPasswordEnrolled: boolean;
|
||||||
|
|
|
@ -46,7 +46,7 @@
|
||||||
|
|
||||||
<bit-tab label="{{ 'collections' | i18n }}">
|
<bit-tab label="{{ 'collections' | i18n }}">
|
||||||
<p>{{ "editGroupCollectionsDesc" | i18n }}</p>
|
<p>{{ "editGroupCollectionsDesc" | i18n }}</p>
|
||||||
<div class="tw-my-3">
|
<div *ngIf="!(flexibleCollectionsEnabled$ | async)" class="tw-my-3">
|
||||||
<input type="checkbox" formControlName="accessAll" id="accessAll" />
|
<input type="checkbox" formControlName="accessAll" id="accessAll" />
|
||||||
<label class="tw-mb-0 tw-text-lg" for="accessAll">{{
|
<label class="tw-mb-0 tw-text-lg" for="accessAll">{{
|
||||||
"accessAllCollectionsDesc" | i18n
|
"accessAllCollectionsDesc" | i18n
|
||||||
|
|
|
@ -408,7 +408,7 @@
|
||||||
<div *ngIf="organization.useGroups" class="tw-mb-6">
|
<div *ngIf="organization.useGroups" class="tw-mb-6">
|
||||||
{{ "userPermissionOverrideHelper" | i18n }}
|
{{ "userPermissionOverrideHelper" | i18n }}
|
||||||
</div>
|
</div>
|
||||||
<div class="tw-mb-6">
|
<div *ngIf="!(flexibleCollectionsEnabled$ | async)" class="tw-mb-6">
|
||||||
<bit-form-control>
|
<bit-form-control>
|
||||||
<input type="checkbox" bitCheckbox formControlName="accessAllCollections" />
|
<input type="checkbox" bitCheckbox formControlName="accessAllCollections" />
|
||||||
<bit-label>
|
<bit-label>
|
||||||
|
|
|
@ -37,7 +37,9 @@ import {
|
||||||
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
|
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
|
||||||
import { OrganizationKeysRequest } from "@bitwarden/common/admin-console/models/request/organization-keys.request";
|
import { OrganizationKeysRequest } from "@bitwarden/common/admin-console/models/request/organization-keys.request";
|
||||||
import { ProductType } from "@bitwarden/common/enums";
|
import { ProductType } from "@bitwarden/common/enums";
|
||||||
|
import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
|
||||||
import { ListResponse } from "@bitwarden/common/models/response/list.response";
|
import { ListResponse } from "@bitwarden/common/models/response/list.response";
|
||||||
|
import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction";
|
||||||
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
|
||||||
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
||||||
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
||||||
|
@ -124,6 +126,7 @@ export class PeopleComponent
|
||||||
private router: Router,
|
private router: Router,
|
||||||
private groupService: GroupService,
|
private groupService: GroupService,
|
||||||
private collectionService: CollectionService,
|
private collectionService: CollectionService,
|
||||||
|
private configService: ConfigServiceAbstraction,
|
||||||
) {
|
) {
|
||||||
super(
|
super(
|
||||||
apiService,
|
apiService,
|
||||||
|
@ -241,9 +244,18 @@ export class PeopleComponent
|
||||||
collectionsPromise,
|
collectionsPromise,
|
||||||
]);
|
]);
|
||||||
|
|
||||||
|
const flexibleCollectionsEnabled = await this.configService.getFeatureFlag(
|
||||||
|
FeatureFlag.FlexibleCollections,
|
||||||
|
false,
|
||||||
|
);
|
||||||
|
|
||||||
return usersResponse.data?.map<OrganizationUserView>((r) => {
|
return usersResponse.data?.map<OrganizationUserView>((r) => {
|
||||||
const userView = OrganizationUserView.fromResponse(r);
|
const userView = OrganizationUserView.fromResponse(r);
|
||||||
|
|
||||||
|
if (flexibleCollectionsEnabled) {
|
||||||
|
userView.accessAll = false;
|
||||||
|
}
|
||||||
|
|
||||||
userView.groupNames = userView.groups
|
userView.groupNames = userView.groups
|
||||||
.map((g) => groupNamesMap.get(g))
|
.map((g) => groupNamesMap.get(g))
|
||||||
.sort(this.i18nService.collator?.compare);
|
.sort(this.i18nService.collator?.compare);
|
||||||
|
|
|
@ -10,6 +10,10 @@ export class OrganizationUserResponse extends BaseResponse {
|
||||||
type: OrganizationUserType;
|
type: OrganizationUserType;
|
||||||
status: OrganizationUserStatusType;
|
status: OrganizationUserStatusType;
|
||||||
externalId: string;
|
externalId: string;
|
||||||
|
/**
|
||||||
|
* @deprecated
|
||||||
|
* To be removed alongside `FeatureFlag.FlexibleCollections`.
|
||||||
|
**/
|
||||||
accessAll: boolean;
|
accessAll: boolean;
|
||||||
accessSecretsManager: boolean;
|
accessSecretsManager: boolean;
|
||||||
permissions: PermissionsApi;
|
permissions: PermissionsApi;
|
||||||
|
|
Loading…
Reference in New Issue