Merge branch 'main' into autofill/pm-8027-inline-menu-appears-within-input-fields-that-do-not-relate-to-user-login
This commit is contained in:
commit
90098168b6
|
@ -311,10 +311,6 @@ export class VaultComponent implements OnInit, OnDestroy {
|
|||
|
||||
this.editableCollections$ = this.allCollectionsWithoutUnassigned$.pipe(
|
||||
map((collections) => {
|
||||
// If restricted, providers can not add items to any collections or edit those items
|
||||
if (this.organization.isProviderUser && this.restrictProviderAccessEnabled) {
|
||||
return [];
|
||||
}
|
||||
// Users that can edit all ciphers can implicitly add to / edit within any collection
|
||||
if (
|
||||
this.organization.canEditAllCiphers(
|
||||
|
@ -356,10 +352,6 @@ export class VaultComponent implements OnInit, OnDestroy {
|
|||
}
|
||||
let ciphers;
|
||||
|
||||
if (organization.isProviderUser && this.restrictProviderAccessEnabled) {
|
||||
return [];
|
||||
}
|
||||
|
||||
if (this.flexibleCollectionsV1Enabled) {
|
||||
// Flexible collections V1 logic.
|
||||
// If the user can edit all ciphers for the organization then fetch them ALL.
|
||||
|
@ -488,10 +480,6 @@ export class VaultComponent implements OnInit, OnDestroy {
|
|||
organization$,
|
||||
]).pipe(
|
||||
map(([filter, collection, organization]) => {
|
||||
if (organization.isProviderUser && this.restrictProviderAccessEnabled) {
|
||||
return collection != undefined || filter.collectionId === Unassigned;
|
||||
}
|
||||
|
||||
return (
|
||||
(filter.collectionId === Unassigned &&
|
||||
!organization.canEditUnassignedCiphers(this.restrictProviderAccessEnabled)) ||
|
||||
|
|
|
@ -195,10 +195,18 @@ export class Organization {
|
|||
}
|
||||
|
||||
canEditUnassignedCiphers(restrictProviderAccessFlagEnabled: boolean) {
|
||||
if (this.isProviderUser) {
|
||||
return !restrictProviderAccessFlagEnabled;
|
||||
// Providers can access items until the restrictProviderAccess flag is enabled
|
||||
// After the flag is enabled and removed, this block will be deleted
|
||||
// so that they permanently lose access to items
|
||||
if (this.isProviderUser && !restrictProviderAccessFlagEnabled) {
|
||||
return true;
|
||||
}
|
||||
return this.isAdmin || this.permissions.editAnyCollection;
|
||||
|
||||
return (
|
||||
this.type === OrganizationUserType.Admin ||
|
||||
this.type === OrganizationUserType.Owner ||
|
||||
this.permissions.editAnyCollection
|
||||
);
|
||||
}
|
||||
|
||||
canEditAllCiphers(
|
||||
|
@ -210,8 +218,11 @@ export class Organization {
|
|||
return this.isAdmin || this.permissions.editAnyCollection;
|
||||
}
|
||||
|
||||
if (this.isProviderUser) {
|
||||
return !restrictProviderAccessFlagEnabled;
|
||||
// Providers can access items until the restrictProviderAccess flag is enabled
|
||||
// After the flag is enabled and removed, this block will be deleted
|
||||
// so that they permanently lose access to items
|
||||
if (this.isProviderUser && !restrictProviderAccessFlagEnabled) {
|
||||
return true;
|
||||
}
|
||||
|
||||
// Post Flexible Collections V1, the allowAdminAccessToAllCollectionItems flag can restrict admins
|
||||
|
|
Loading…
Reference in New Issue