[AC-1340] [Defect] Provider users unable to delete vault items for client organizations (#5242)

* [AC-1340] Calling Cipher DeleteAdmin endpoints when user has canEditAnyCollection permission * [AC-1340] Fixed CLI and Desktop builds * [AC-1340] Changed CipherService delete methods parameter 'orgAdmin' to 'asAdmin' and to nullable * [AC-1340] Changed variable names from 'orgAdmin' to 'asAdmin' * [AC-1340] Reverted change on DeleteCommand
2023-04-20 16:33:29 +01:00 · 2023-04-20 16:33:29 +01:00 · aacabf5bdf
parent 8c22fd74fc
commit aacabf5bdf
5 changed files with 40 additions and 18 deletions
--- a/apps/web/src/app/vault/individual-vault/bulk-action-dialogs/bulk-delete-dialog/bulk-delete-dialog.component.ts
+++ b/apps/web/src/app/vault/individual-vault/bulk-action-dialogs/bulk-delete-dialog/bulk-delete-dialog.component.ts
@ -99,10 +99,11 @@ export class BulkDeleteDialogComponent {
  };
  private async deleteCiphers(): Promise<any> {
    const asAdmin = this.organization?.canEditAnyCollection;
    if (this.permanent) {
-      await this.cipherService.deleteManyWithServer(this.cipherIds);
+      await this.cipherService.deleteManyWithServer(this.cipherIds, asAdmin);
    } else {
-      await this.cipherService.softDeleteManyWithServer(this.cipherIds);
+      await this.cipherService.softDeleteManyWithServer(this.cipherIds, asAdmin);
    }
  }
--- a/apps/web/src/app/vault/org-vault/vault.component.ts
+++ b/apps/web/src/app/vault/org-vault/vault.component.ts
@ -900,9 +900,10 @@ export class VaultComponent implements OnInit, OnDestroy {
  }
  protected deleteCipherWithServer(id: string, permanent: boolean) {
    const asAdmin = this.organization?.canEditAnyCollection;
    return permanent
-      ? this.cipherService.deleteWithServer(id)
+      ? this.cipherService.deleteWithServer(id, asAdmin)
-      : this.cipherService.softDeleteWithServer(id);
+      : this.cipherService.softDeleteWithServer(id, asAdmin);
  }
  protected async repromptCipher(ciphers: CipherView[]) {
--- a/libs/angular/src/vault/components/add-edit.component.ts
+++ b/libs/angular/src/vault/components/add-edit.component.ts
@ -603,9 +603,10 @@ export class AddEditComponent implements OnInit, OnDestroy {
  }
  protected deleteCipher() {
    const asAdmin = this.organization?.canEditAnyCollection;
    return this.cipher.isDeleted
-      ? this.cipherService.deleteWithServer(this.cipher.id)
+      ? this.cipherService.deleteWithServer(this.cipher.id, asAdmin)
-      : this.cipherService.softDeleteWithServer(this.cipher.id);
+      : this.cipherService.softDeleteWithServer(this.cipher.id, asAdmin);
  }
  protected restoreCipher() {
--- a/libs/common/src/vault/abstractions/cipher.service.ts
+++ b/libs/common/src/vault/abstractions/cipher.service.ts
@ -62,16 +62,16 @@ export abstract class CipherService {
  clear: (userId: string) => Promise<any>;
  moveManyWithServer: (ids: string[], folderId: string) => Promise<any>;
  delete: (id: string | string[]) => Promise<any>;
-  deleteWithServer: (id: string) => Promise<any>;
+  deleteWithServer: (id: string, asAdmin?: boolean) => Promise<any>;
-  deleteManyWithServer: (ids: string[]) => Promise<any>;
+  deleteManyWithServer: (ids: string[], asAdmin?: boolean) => Promise<any>;
  deleteAttachment: (id: string, attachmentId: string) => Promise<void>;
  deleteAttachmentWithServer: (id: string, attachmentId: string) => Promise<void>;
  sortCiphersByLastUsed: (a: CipherView, b: CipherView) => number;
  sortCiphersByLastUsedThenName: (a: CipherView, b: CipherView) => number;
  getLocaleSortingFunction: () => (a: CipherView, b: CipherView) => number;
  softDelete: (id: string | string[]) => Promise<any>;
-  softDeleteWithServer: (id: string) => Promise<any>;
+  softDeleteWithServer: (id: string, asAdmin?: boolean) => Promise<any>;
-  softDeleteManyWithServer: (ids: string[]) => Promise<any>;
+  softDeleteManyWithServer: (ids: string[], asAdmin?: boolean) => Promise<any>;
  restore: (
    cipher: { id: string; revisionDate: string } | { id: string; revisionDate: string }[]
  ) => Promise<any>;
--- a/libs/common/src/vault/services/cipher.service.ts
+++ b/libs/common/src/vault/services/cipher.service.ts
@ -729,13 +729,22 @@ export class CipherService implements CipherServiceAbstraction {
    await this.stateService.setEncryptedCiphers(ciphers);
  }
-  async deleteWithServer(id: string): Promise<any> {
+  async deleteWithServer(id: string, asAdmin = false): Promise<any> {
-    await this.apiService.deleteCipher(id);
+    if (asAdmin) {
      await this.apiService.deleteCipherAdmin(id);
    } else {
      await this.apiService.deleteCipher(id);
    }
    await this.delete(id);
  }
-  async deleteManyWithServer(ids: string[]): Promise<any> {
+  async deleteManyWithServer(ids: string[], asAdmin = false): Promise<any> {
-    await this.apiService.deleteManyCiphers(new CipherBulkDeleteRequest(ids));
+    if (asAdmin) {
      await this.apiService.deleteManyCiphersAdmin(new CipherBulkDeleteRequest(ids));
    } else {
      await this.apiService.deleteManyCiphers(new CipherBulkDeleteRequest(ids));
    }
    await this.delete(ids);
  }
@ -859,13 +868,23 @@ export class CipherService implements CipherServiceAbstraction {
    await this.stateService.setEncryptedCiphers(ciphers);
  }
-  async softDeleteWithServer(id: string): Promise<any> {
+  async softDeleteWithServer(id: string, asAdmin = false): Promise<any> {
-    await this.apiService.putDeleteCipher(id);
+    if (asAdmin) {
      await this.apiService.putDeleteCipherAdmin(id);
    } else {
      await this.apiService.putDeleteCipher(id);
    }
    await this.softDelete(id);
  }
-  async softDeleteManyWithServer(ids: string[]): Promise<any> {
+  async softDeleteManyWithServer(ids: string[], asAdmin = false): Promise<any> {
-    await this.apiService.putDeleteManyCiphers(new CipherBulkDeleteRequest(ids));
+    if (asAdmin) {
      await this.apiService.putDeleteManyCiphersAdmin(new CipherBulkDeleteRequest(ids));
    } else {
      await this.apiService.putDeleteManyCiphers(new CipherBulkDeleteRequest(ids));
    }
    await this.softDelete(ids);
  }