[AC-2647] Remove Flexible Collections MVP code (#9518)
* chore: organization.ts, remove refs to flexibleCollections and isManager, refs AC-2647 * chore: clean up callers of removed methods from organization.ts, refs AC-2647 * chore: access-selector, remove fc input and update permissionList param, refs AC-2647 * chore: update permissionList caller, update group-add-edit fc refs, and remove accessAll, refs AC-2647 * chore: update member-dialog fc callers, refs AC-2647 * chore: update bulk-collections-dialog fc callers, refs AC-2647 * chore: update collection-dialog fc callers, refs AC-2647 * chore: update simple fc caller to misc files, refs AC-2647 * chore: update member-dialog fc callers, refs AC-2647 * chore: remove accessAll references and update callers, refs AC-2647 * chore: update comment to specify v1 usage, refs AC-2647 * chore: remove unused message keys and code calls to use those messages, refs AC-2647 * chore: remove readonly false from access-selector model map function, refs AC-2647
This commit is contained in:
parent
19f2d2aefc
commit
b169207b74
|
@ -80,7 +80,6 @@ export class InternalGroupService extends GroupService {
|
|||
async save(group: GroupView): Promise<GroupView> {
|
||||
const request = new GroupRequest();
|
||||
request.name = group.name;
|
||||
request.accessAll = group.accessAll;
|
||||
request.users = group.members;
|
||||
request.collections = group.collections.map(
|
||||
(c) => new SelectionReadOnlyRequest(c.id, c.readOnly, c.hidePasswords, c.manage),
|
||||
|
|
|
@ -2,7 +2,6 @@ import { SelectionReadOnlyRequest } from "@bitwarden/common/admin-console/models
|
|||
|
||||
export class GroupRequest {
|
||||
name: string;
|
||||
accessAll: boolean;
|
||||
collections: SelectionReadOnlyRequest[] = [];
|
||||
users: string[] = [];
|
||||
}
|
||||
|
|
|
@ -5,11 +5,6 @@ export class GroupResponse extends BaseResponse {
|
|||
id: string;
|
||||
organizationId: string;
|
||||
name: string;
|
||||
/**
|
||||
* @deprecated
|
||||
* To be removed after Flexible Collections.
|
||||
**/
|
||||
accessAll: boolean;
|
||||
externalId: string;
|
||||
|
||||
constructor(response: any) {
|
||||
|
@ -17,7 +12,6 @@ export class GroupResponse extends BaseResponse {
|
|||
this.id = this.getResponseProperty("Id");
|
||||
this.organizationId = this.getResponseProperty("OrganizationId");
|
||||
this.name = this.getResponseProperty("Name");
|
||||
this.accessAll = this.getResponseProperty("AccessAll");
|
||||
this.externalId = this.getResponseProperty("ExternalId");
|
||||
}
|
||||
}
|
||||
|
|
|
@ -41,7 +41,6 @@ export class UserAdminService {
|
|||
|
||||
async save(user: OrganizationUserAdminView): Promise<void> {
|
||||
const request = new OrganizationUserUpdateRequest();
|
||||
request.accessAll = user.accessAll;
|
||||
request.permissions = user.permissions;
|
||||
request.type = user.type;
|
||||
request.collections = user.collections;
|
||||
|
@ -54,7 +53,6 @@ export class UserAdminService {
|
|||
async invite(emails: string[], user: OrganizationUserAdminView): Promise<void> {
|
||||
const request = new OrganizationUserInviteRequest();
|
||||
request.emails = emails;
|
||||
request.accessAll = user.accessAll;
|
||||
request.permissions = user.permissions;
|
||||
request.type = user.type;
|
||||
request.collections = user.collections;
|
||||
|
@ -77,7 +75,6 @@ export class UserAdminService {
|
|||
view.type = u.type;
|
||||
view.status = u.status;
|
||||
view.externalId = u.externalId;
|
||||
view.accessAll = u.accessAll;
|
||||
view.permissions = u.permissions;
|
||||
view.resetPasswordEnrolled = u.resetPasswordEnrolled;
|
||||
view.collections = u.collections.map((c) => ({
|
||||
|
|
|
@ -8,12 +8,6 @@ export class GroupView implements View {
|
|||
id: string;
|
||||
organizationId: string;
|
||||
name: string;
|
||||
/**
|
||||
* @deprecated
|
||||
* To be removed after Flexible Collections.
|
||||
* This will always return `false` if Flexible Collections is enabled.
|
||||
**/
|
||||
accessAll: boolean;
|
||||
externalId: string;
|
||||
collections: CollectionAccessSelectionView[] = [];
|
||||
members: string[] = [];
|
||||
|
|
|
@ -13,12 +13,6 @@ export class OrganizationUserAdminView {
|
|||
type: OrganizationUserType;
|
||||
status: OrganizationUserStatusType;
|
||||
externalId: string;
|
||||
/**
|
||||
* @deprecated
|
||||
* To be removed after Flexible Collections.
|
||||
* This will always return `false` if Flexible Collections is enabled.
|
||||
**/
|
||||
accessAll: boolean;
|
||||
permissions: PermissionsApi;
|
||||
resetPasswordEnrolled: boolean;
|
||||
hasMasterPassword: boolean;
|
||||
|
|
|
@ -12,12 +12,6 @@ export class OrganizationUserView {
|
|||
userId: string;
|
||||
type: OrganizationUserType;
|
||||
status: OrganizationUserStatusType;
|
||||
/**
|
||||
* @deprecated
|
||||
* To be removed after Flexible Collections.
|
||||
* This will always return `false` if Flexible Collections is enabled.
|
||||
**/
|
||||
accessAll: boolean;
|
||||
permissions: PermissionsApi;
|
||||
resetPasswordEnrolled: boolean;
|
||||
name: string;
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
|
||||
<bit-nav-item
|
||||
icon="bwi-collection"
|
||||
[text]="(organization.flexibleCollections ? 'collections' : 'vault') | i18n"
|
||||
[text]="'collections' | i18n"
|
||||
route="vault"
|
||||
*ngIf="canShowVaultTab(organization)"
|
||||
>
|
||||
|
|
|
@ -45,7 +45,6 @@
|
|||
[columnHeader]="'member' | i18n"
|
||||
[selectorLabelText]="'selectMembers' | i18n"
|
||||
[emptySelectionText]="'noMembersAdded' | i18n"
|
||||
[flexibleCollectionsEnabled]="flexibleCollectionsEnabled$ | async"
|
||||
></bit-access-selector>
|
||||
</bit-tab>
|
||||
|
||||
|
@ -56,24 +55,14 @@
|
|||
{{ "restrictedCollectionAssignmentDesc" | i18n }}
|
||||
</span>
|
||||
</p>
|
||||
<div *ngIf="!(flexibleCollectionsEnabled$ | async)" class="tw-my-3">
|
||||
<input type="checkbox" formControlName="accessAll" id="accessAll" />
|
||||
<label class="tw-mb-0 tw-text-lg" for="accessAll">{{
|
||||
"accessAllCollectionsDesc" | i18n
|
||||
}}</label>
|
||||
<p class="tw-my-0 tw-text-muted">{{ "accessAllCollectionsHelp" | i18n }}</p>
|
||||
</div>
|
||||
<ng-container *ngIf="!groupForm.value.accessAll">
|
||||
<bit-access-selector
|
||||
formControlName="collections"
|
||||
[items]="collections"
|
||||
[permissionMode]="PermissionMode.Edit"
|
||||
[columnHeader]="'collection' | i18n"
|
||||
[selectorLabelText]="'selectCollections' | i18n"
|
||||
[emptySelectionText]="'noCollectionsAdded' | i18n"
|
||||
[flexibleCollectionsEnabled]="flexibleCollectionsEnabled$ | async"
|
||||
></bit-access-selector>
|
||||
</ng-container>
|
||||
<bit-access-selector
|
||||
formControlName="collections"
|
||||
[items]="collections"
|
||||
[permissionMode]="PermissionMode.Edit"
|
||||
[columnHeader]="'collection' | i18n"
|
||||
[selectorLabelText]="'selectCollections' | i18n"
|
||||
[emptySelectionText]="'noCollectionsAdded' | i18n"
|
||||
></bit-access-selector>
|
||||
</bit-tab>
|
||||
</bit-tab-group>
|
||||
</div>
|
||||
|
|
|
@ -96,9 +96,6 @@ export class GroupAddEditComponent implements OnInit, OnDestroy {
|
|||
private organization$ = this.organizationService
|
||||
.get$(this.organizationId)
|
||||
.pipe(shareReplay({ refCount: true }));
|
||||
protected flexibleCollectionsEnabled$ = this.organization$.pipe(
|
||||
map((o) => o?.flexibleCollections),
|
||||
);
|
||||
private flexibleCollectionsV1Enabled$ = this.configService.getFeatureFlag$(
|
||||
FeatureFlag.FlexibleCollectionsV1,
|
||||
);
|
||||
|
@ -114,7 +111,6 @@ export class GroupAddEditComponent implements OnInit, OnDestroy {
|
|||
group: GroupView;
|
||||
|
||||
groupForm = this.formBuilder.group({
|
||||
accessAll: [false],
|
||||
name: ["", [Validators.required, Validators.maxLength(100)]],
|
||||
externalId: this.formBuilder.control({ value: "", disabled: true }),
|
||||
members: [[] as AccessItemValue[]],
|
||||
|
@ -188,7 +184,7 @@ export class GroupAddEditComponent implements OnInit, OnDestroy {
|
|||
this.flexibleCollectionsV1Enabled$,
|
||||
]).pipe(
|
||||
map(([organization, flexibleCollectionsV1Enabled]) => {
|
||||
if (!flexibleCollectionsV1Enabled || !organization.flexibleCollections) {
|
||||
if (!flexibleCollectionsV1Enabled) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
@ -276,7 +272,6 @@ export class GroupAddEditComponent implements OnInit, OnDestroy {
|
|||
this.groupForm.patchValue({
|
||||
name: this.group.name,
|
||||
externalId: this.group.externalId,
|
||||
accessAll: this.group.accessAll,
|
||||
members: this.group.members.map((m) => ({
|
||||
id: m,
|
||||
type: AccessItemType.Member,
|
||||
|
@ -328,12 +323,8 @@ export class GroupAddEditComponent implements OnInit, OnDestroy {
|
|||
|
||||
const formValue = this.groupForm.value;
|
||||
groupView.name = formValue.name;
|
||||
groupView.accessAll = formValue.accessAll;
|
||||
groupView.members = formValue.members?.map((m) => m.id) ?? [];
|
||||
|
||||
if (!groupView.accessAll) {
|
||||
groupView.collections = formValue.collections.map((c) => convertToSelectionView(c));
|
||||
}
|
||||
groupView.collections = formValue.collections.map((c) => convertToSelectionView(c));
|
||||
|
||||
await this.groupService.save(groupView);
|
||||
|
||||
|
|
|
@ -74,12 +74,10 @@
|
|||
</td>
|
||||
<td bitCell (click)="edit(g, ModalTabType.Collections)" class="tw-cursor-pointer">
|
||||
<bit-badge-list
|
||||
*ngIf="!g.details.accessAll"
|
||||
[items]="g.collectionNames"
|
||||
[maxItems]="3"
|
||||
variant="secondary"
|
||||
></bit-badge-list>
|
||||
<span *ngIf="g.details.accessAll">{{ "all" | i18n }}</span>
|
||||
</td>
|
||||
<td bitCell>
|
||||
<button
|
||||
|
|
|
@ -49,14 +49,6 @@
|
|||
<bit-label>{{ "user" | i18n }}</bit-label>
|
||||
<bit-hint>{{ "userDesc" | i18n }}</bit-hint>
|
||||
</bit-radio-button>
|
||||
<bit-radio-button
|
||||
*ngIf="!organization.flexibleCollections"
|
||||
id="userTypeManager"
|
||||
[value]="organizationUserType.Manager"
|
||||
>
|
||||
<bit-label>{{ "manager" | i18n }}</bit-label>
|
||||
<bit-hint>{{ "managerDesc" | i18n }}</bit-hint>
|
||||
</bit-radio-button>
|
||||
<bit-radio-button id="userTypeAdmin" [value]="organizationUserType.Admin">
|
||||
<bit-label>{{ "admin" | i18n }}</bit-label>
|
||||
<bit-hint>{{ "adminDesc" | i18n }}</bit-hint>
|
||||
|
@ -91,140 +83,64 @@
|
|||
</bit-radio-button>
|
||||
</bit-radio-group>
|
||||
<ng-container *ngIf="customUserTypeSelected">
|
||||
<ng-container *ngIf="!organization.flexibleCollections; else customPermissionsFC">
|
||||
<h3 bitTypography="h3">
|
||||
{{ "permissions" | i18n }}
|
||||
</h3>
|
||||
<div class="tw-grid tw-grid-cols-12 tw-gap-4" [formGroup]="permissionsGroup">
|
||||
<div class="tw-col-span-6">
|
||||
<div class="tw-mb-3">
|
||||
<bit-label class="tw-font-semibold">{{
|
||||
"managerPermissions" | i18n
|
||||
}}</bit-label>
|
||||
<hr class="tw-mb-2 tw-mr-2 tw-mt-0" />
|
||||
<app-nested-checkbox
|
||||
parentId="manageAssignedCollections"
|
||||
[checkboxes]="permissionsGroup.controls.manageAssignedCollectionsGroup"
|
||||
>
|
||||
</app-nested-checkbox>
|
||||
</div>
|
||||
</div>
|
||||
<div class="tw-col-span-6">
|
||||
<div class="tw-mb-3">
|
||||
<bit-label class="tw-font-semibold">{{ "adminPermissions" | i18n }}</bit-label>
|
||||
<hr class="tw-mb-2 tw-mr-2 tw-mt-0" />
|
||||
<bit-form-control>
|
||||
<input type="checkbox" bitCheckbox formControlName="accessEventLogs" />
|
||||
<bit-label>{{ "accessEventLogs" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
<bit-form-control>
|
||||
<input type="checkbox" bitCheckbox formControlName="accessImportExport" />
|
||||
<bit-label>{{ "accessImportExport" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
<bit-form-control>
|
||||
<input type="checkbox" bitCheckbox formControlName="accessReports" />
|
||||
<bit-label>{{ "accessReports" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
<app-nested-checkbox
|
||||
parentId="manageAllCollections"
|
||||
[checkboxes]="permissionsGroup.controls.manageAllCollectionsGroup"
|
||||
>
|
||||
</app-nested-checkbox>
|
||||
<bit-form-control>
|
||||
<input type="checkbox" bitCheckbox formControlName="manageGroups" />
|
||||
<bit-label>{{ "manageGroups" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
<bit-form-control>
|
||||
<input type="checkbox" bitCheckbox formControlName="manageSso" />
|
||||
<bit-label>{{ "manageSso" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
<bit-form-control>
|
||||
<input type="checkbox" bitCheckbox formControlName="managePolicies" />
|
||||
<bit-label>{{ "managePolicies" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
<bit-form-control>
|
||||
<input
|
||||
id="manageUsers"
|
||||
type="checkbox"
|
||||
bitCheckbox
|
||||
formControlName="manageUsers"
|
||||
(change)="handleDependentPermissions()"
|
||||
/>
|
||||
<bit-label>{{ "manageUsers" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
<bit-form-control>
|
||||
<input
|
||||
type="checkbox"
|
||||
bitCheckbox
|
||||
formControlName="manageResetPassword"
|
||||
(change)="handleDependentPermissions()"
|
||||
/>
|
||||
<bit-label>{{ "manageAccountRecovery" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
</div>
|
||||
<div class="tw-grid tw-grid-cols-12 tw-gap-4" [formGroup]="permissionsGroup">
|
||||
<div class="tw-col-span-4">
|
||||
<bit-form-control>
|
||||
<input type="checkbox" bitCheckbox formControlName="accessEventLogs" />
|
||||
<bit-label>{{ "accessEventLogs" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
<bit-form-control>
|
||||
<input type="checkbox" bitCheckbox formControlName="accessImportExport" />
|
||||
<bit-label>{{ "accessImportExport" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
<bit-form-control>
|
||||
<input type="checkbox" bitCheckbox formControlName="accessReports" />
|
||||
<bit-label>{{ "accessReports" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
</div>
|
||||
<div class="tw-col-span-4">
|
||||
<app-nested-checkbox
|
||||
parentId="manageAllCollections"
|
||||
[checkboxes]="permissionsGroup.controls.manageAllCollectionsGroup"
|
||||
>
|
||||
</app-nested-checkbox>
|
||||
</div>
|
||||
<div class="tw-col-span-4">
|
||||
<div class="tw-mb-3">
|
||||
<bit-form-control>
|
||||
<input type="checkbox" bitCheckbox formControlName="manageGroups" />
|
||||
<bit-label>{{ "manageGroups" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
<bit-form-control>
|
||||
<input type="checkbox" bitCheckbox formControlName="manageSso" />
|
||||
<bit-label>{{ "manageSso" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
<bit-form-control>
|
||||
<input type="checkbox" bitCheckbox formControlName="managePolicies" />
|
||||
<bit-label>{{ "managePolicies" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
<bit-form-control>
|
||||
<input
|
||||
id="manageUsers"
|
||||
type="checkbox"
|
||||
bitCheckbox
|
||||
formControlName="manageUsers"
|
||||
(change)="handleDependentPermissions()"
|
||||
/>
|
||||
<bit-label>{{ "manageUsers" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
<bit-form-control>
|
||||
<input
|
||||
type="checkbox"
|
||||
bitCheckbox
|
||||
formControlName="manageResetPassword"
|
||||
(change)="handleDependentPermissions()"
|
||||
/>
|
||||
<bit-label>{{ "manageAccountRecovery" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
</div>
|
||||
</div>
|
||||
</ng-container>
|
||||
<ng-template #customPermissionsFC>
|
||||
<div class="tw-grid tw-grid-cols-12 tw-gap-4" [formGroup]="permissionsGroup">
|
||||
<div class="tw-col-span-4">
|
||||
<bit-form-control>
|
||||
<input type="checkbox" bitCheckbox formControlName="accessEventLogs" />
|
||||
<bit-label>{{ "accessEventLogs" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
<bit-form-control>
|
||||
<input type="checkbox" bitCheckbox formControlName="accessImportExport" />
|
||||
<bit-label>{{ "accessImportExport" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
<bit-form-control>
|
||||
<input type="checkbox" bitCheckbox formControlName="accessReports" />
|
||||
<bit-label>{{ "accessReports" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
</div>
|
||||
<div class="tw-col-span-4">
|
||||
<app-nested-checkbox
|
||||
parentId="manageAllCollections"
|
||||
[checkboxes]="permissionsGroup.controls.manageAllCollectionsGroup"
|
||||
>
|
||||
</app-nested-checkbox>
|
||||
</div>
|
||||
<div class="tw-col-span-4">
|
||||
<div class="tw-mb-3">
|
||||
<bit-form-control>
|
||||
<input type="checkbox" bitCheckbox formControlName="manageGroups" />
|
||||
<bit-label>{{ "manageGroups" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
<bit-form-control>
|
||||
<input type="checkbox" bitCheckbox formControlName="manageSso" />
|
||||
<bit-label>{{ "manageSso" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
<bit-form-control>
|
||||
<input type="checkbox" bitCheckbox formControlName="managePolicies" />
|
||||
<bit-label>{{ "managePolicies" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
<bit-form-control>
|
||||
<input
|
||||
id="manageUsers"
|
||||
type="checkbox"
|
||||
bitCheckbox
|
||||
formControlName="manageUsers"
|
||||
(change)="handleDependentPermissions()"
|
||||
/>
|
||||
<bit-label>{{ "manageUsers" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
<bit-form-control>
|
||||
<input
|
||||
type="checkbox"
|
||||
bitCheckbox
|
||||
formControlName="manageResetPassword"
|
||||
(change)="handleDependentPermissions()"
|
||||
/>
|
||||
<bit-label>{{ "manageAccountRecovery" | i18n }}</bit-label>
|
||||
</bit-form-control>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</ng-template>
|
||||
</div>
|
||||
</ng-container>
|
||||
<ng-container *ngIf="organization.useSecretsManager">
|
||||
<h3 class="tw-mt-4">
|
||||
|
@ -272,7 +188,6 @@
|
|||
[columnHeader]="'groups' | i18n"
|
||||
[selectorLabelText]="'selectGroups' | i18n"
|
||||
[emptySelectionText]="'noGroupsAdded' | i18n"
|
||||
[flexibleCollectionsEnabled]="organization.flexibleCollections"
|
||||
[hideMultiSelect]="restrictEditingSelf$ | async"
|
||||
></bit-access-selector>
|
||||
</bit-tab>
|
||||
|
@ -294,26 +209,7 @@
|
|||
{{ "restrictedCollectionAssignmentDesc" | i18n }}
|
||||
</span>
|
||||
</div>
|
||||
<div *ngIf="!organization.flexibleCollections" class="tw-mb-6">
|
||||
<bit-form-control>
|
||||
<input type="checkbox" bitCheckbox formControlName="accessAllCollections" />
|
||||
<bit-label>
|
||||
{{ "accessAllCollectionsDesc" | i18n }}
|
||||
<a
|
||||
bitLink
|
||||
target="_blank"
|
||||
rel="noreferrer"
|
||||
appA11yTitle="{{ 'learnMore' | i18n }}"
|
||||
href="https://bitwarden.com/help/user-types-access-control/#access-control"
|
||||
>
|
||||
<i class="bwi bwi-question-circle" aria-hidden="true"></i>
|
||||
</a>
|
||||
</bit-label>
|
||||
<bit-hint>{{ "accessAllCollectionsHelp" | i18n }}</bit-hint>
|
||||
</bit-form-control>
|
||||
</div>
|
||||
<bit-access-selector
|
||||
*ngIf="!accessAllCollections"
|
||||
[permissionMode]="PermissionMode.Edit"
|
||||
formControlName="access"
|
||||
[showGroupColumn]="organization.useGroups"
|
||||
|
@ -321,7 +217,6 @@
|
|||
[columnHeader]="'collection' | i18n"
|
||||
[selectorLabelText]="'selectCollections' | i18n"
|
||||
[emptySelectionText]="'noCollectionsAdded' | i18n"
|
||||
[flexibleCollectionsEnabled]="organization.flexibleCollections"
|
||||
[hideMultiSelect]="restrictEditingSelf$ | async"
|
||||
></bit-access-selector
|
||||
></bit-tab>
|
||||
|
|
|
@ -99,7 +99,6 @@ export class MemberDialogComponent implements OnDestroy {
|
|||
emails: [""],
|
||||
type: OrganizationUserType.User,
|
||||
externalId: this.formBuilder.control({ value: "", disabled: true }),
|
||||
accessAllCollections: false,
|
||||
accessSecretsManager: false,
|
||||
access: [[] as AccessItemValue[]],
|
||||
groups: [[] as AccessItemValue[]],
|
||||
|
@ -110,11 +109,6 @@ export class MemberDialogComponent implements OnDestroy {
|
|||
protected canAssignAccessToAnyCollection$: Observable<boolean>;
|
||||
|
||||
protected permissionsGroup = this.formBuilder.group({
|
||||
manageAssignedCollectionsGroup: this.formBuilder.group<Record<string, boolean>>({
|
||||
manageAssignedCollections: false,
|
||||
editAssignedCollections: false,
|
||||
deleteAssignedCollections: false,
|
||||
}),
|
||||
manageAllCollectionsGroup: this.formBuilder.group<Record<string, boolean>>({
|
||||
manageAllCollections: false,
|
||||
createNewCollections: false,
|
||||
|
@ -137,10 +131,6 @@ export class MemberDialogComponent implements OnDestroy {
|
|||
return this.formGroup.value.type === OrganizationUserType.Custom;
|
||||
}
|
||||
|
||||
get accessAllCollections(): boolean {
|
||||
return this.formGroup.value.accessAllCollections;
|
||||
}
|
||||
|
||||
constructor(
|
||||
@Inject(DIALOG_DATA) protected params: MemberDialogParams,
|
||||
private dialogRef: DialogRef<MemberDialogResult>,
|
||||
|
@ -189,7 +179,7 @@ export class MemberDialogComponent implements OnDestroy {
|
|||
this.configService.getFeatureFlag$(FeatureFlag.FlexibleCollectionsV1),
|
||||
]).pipe(
|
||||
map(([organization, flexibleCollectionsV1Enabled]) => {
|
||||
if (!flexibleCollectionsV1Enabled || !organization.flexibleCollections) {
|
||||
if (!flexibleCollectionsV1Enabled) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
@ -316,13 +306,6 @@ export class MemberDialogComponent implements OnDestroy {
|
|||
this.showNoMasterPasswordWarning =
|
||||
userDetails.status > OrganizationUserStatusType.Invited &&
|
||||
userDetails.hasMasterPassword === false;
|
||||
const assignedCollectionsPermissions = {
|
||||
editAssignedCollections: userDetails.permissions.editAssignedCollections,
|
||||
deleteAssignedCollections: userDetails.permissions.deleteAssignedCollections,
|
||||
manageAssignedCollections:
|
||||
userDetails.permissions.editAssignedCollections &&
|
||||
userDetails.permissions.deleteAssignedCollections,
|
||||
};
|
||||
const allCollectionsPermissions = {
|
||||
createNewCollections: userDetails.permissions.createNewCollections,
|
||||
editAnyCollection: userDetails.permissions.editAnyCollection,
|
||||
|
@ -342,7 +325,6 @@ export class MemberDialogComponent implements OnDestroy {
|
|||
managePolicies: userDetails.permissions.managePolicies,
|
||||
manageUsers: userDetails.permissions.manageUsers,
|
||||
manageResetPassword: userDetails.permissions.manageResetPassword,
|
||||
manageAssignedCollectionsGroup: assignedCollectionsPermissions,
|
||||
manageAllCollectionsGroup: allCollectionsPermissions,
|
||||
});
|
||||
}
|
||||
|
@ -378,7 +360,6 @@ export class MemberDialogComponent implements OnDestroy {
|
|||
this.formGroup.patchValue({
|
||||
type: userDetails.type,
|
||||
externalId: userDetails.externalId,
|
||||
accessAllCollections: userDetails.accessAll,
|
||||
access: accessSelections,
|
||||
accessSecretsManager: userDetails.accessSecretsManager,
|
||||
groups: groupAccessSelections,
|
||||
|
@ -414,10 +395,6 @@ export class MemberDialogComponent implements OnDestroy {
|
|||
editAnyCollection: this.permissionsGroup.value.manageAllCollectionsGroup.editAnyCollection,
|
||||
deleteAnyCollection:
|
||||
this.permissionsGroup.value.manageAllCollectionsGroup.deleteAnyCollection,
|
||||
editAssignedCollections:
|
||||
this.permissionsGroup.value.manageAssignedCollectionsGroup.editAssignedCollections,
|
||||
deleteAssignedCollections:
|
||||
this.permissionsGroup.value.manageAssignedCollectionsGroup.deleteAssignedCollections,
|
||||
};
|
||||
|
||||
return Object.assign(p, partialPermissions);
|
||||
|
@ -467,7 +444,6 @@ export class MemberDialogComponent implements OnDestroy {
|
|||
const userView = new OrganizationUserAdminView();
|
||||
userView.id = this.params.organizationUserId;
|
||||
userView.organizationId = this.params.organizationId;
|
||||
userView.accessAll = this.accessAllCollections;
|
||||
userView.type = this.formGroup.value.type;
|
||||
userView.permissions = this.setRequestPermissions(
|
||||
userView.permissions ?? new PermissionsApi(),
|
||||
|
|
|
@ -190,12 +190,10 @@
|
|||
class="tw-cursor-pointer"
|
||||
>
|
||||
<bit-badge-list
|
||||
*ngIf="organization.useGroups || !u.accessAll"
|
||||
[items]="organization.useGroups ? u.groupNames : u.collectionNames"
|
||||
[maxItems]="3"
|
||||
variant="secondary"
|
||||
></bit-badge-list>
|
||||
<span *ngIf="!organization.useGroups && u.accessAll">{{ "all" | i18n }}</span>
|
||||
</td>
|
||||
|
||||
<td
|
||||
|
|
|
@ -51,7 +51,7 @@
|
|||
</button>
|
||||
</ng-container>
|
||||
<form
|
||||
*ngIf="org && !loading && org.flexibleCollections"
|
||||
*ngIf="org && !loading"
|
||||
[bitSubmit]="submitCollectionManagement"
|
||||
[formGroup]="collectionManagementFormGroup"
|
||||
>
|
||||
|
|
|
@ -110,15 +110,6 @@
|
|||
</ng-container>
|
||||
|
||||
<ng-template #readOnlyPerm>
|
||||
<div
|
||||
*ngIf="item.accessAllItems"
|
||||
class="tw-max-w-40 tw-overflow-hidden tw-overflow-ellipsis tw-whitespace-nowrap tw-border tw-border-solid tw-border-transparent tw-font-bold tw-text-muted"
|
||||
[appA11yTitle]="accessAllLabelId(item) | i18n"
|
||||
>
|
||||
{{ "canEdit" | i18n }}
|
||||
<i class="bwi bwi-filter tw-ml-1" aria-hidden="true"></i>
|
||||
</div>
|
||||
|
||||
<div
|
||||
*ngIf="item.readonly || disabled"
|
||||
class="tw-max-w-40 tw-overflow-hidden tw-overflow-ellipsis tw-whitespace-nowrap tw-font-bold tw-text-muted"
|
||||
|
|
|
@ -75,7 +75,7 @@ export class AccessSelectorComponent implements ControlValueAccessor, OnInit, On
|
|||
|
||||
// The enable() above also enables the permission control, so we need to disable it again
|
||||
// Disable permission control if accessAllItems is enabled or not in Edit mode
|
||||
if (item.accessAllItems || this.permissionMode != PermissionMode.Edit) {
|
||||
if (this.permissionMode != PermissionMode.Edit) {
|
||||
controlRow.controls.permission.disable();
|
||||
}
|
||||
}
|
||||
|
@ -196,21 +196,11 @@ export class AccessSelectorComponent implements ControlValueAccessor, OnInit, On
|
|||
*/
|
||||
@Input() showGroupColumn: boolean;
|
||||
|
||||
/**
|
||||
* Enable Flexible Collections changes (feature flag)
|
||||
*/
|
||||
@Input() set flexibleCollectionsEnabled(value: boolean) {
|
||||
this._flexibleCollectionsEnabled = value;
|
||||
this.permissionList = getPermissionList(value);
|
||||
}
|
||||
|
||||
/**
|
||||
* Hide the multi-select so that new items cannot be added
|
||||
*/
|
||||
@Input() hideMultiSelect = false;
|
||||
|
||||
private _flexibleCollectionsEnabled: boolean;
|
||||
|
||||
constructor(
|
||||
private readonly formBuilder: FormBuilder,
|
||||
private readonly i18nService: I18nService,
|
||||
|
@ -275,7 +265,7 @@ export class AccessSelectorComponent implements ControlValueAccessor, OnInit, On
|
|||
}
|
||||
|
||||
async ngOnInit() {
|
||||
this.permissionList = getPermissionList(this._flexibleCollectionsEnabled);
|
||||
this.permissionList = getPermissionList();
|
||||
// Watch the internal formArray for changes and propagate them
|
||||
this.selectionList.formArray.valueChanges.pipe(takeUntil(this.destroy$)).subscribe((v) => {
|
||||
if (!this.notifyOnChange || this.pauseChangeNotification) {
|
||||
|
@ -328,12 +318,8 @@ export class AccessSelectorComponent implements ControlValueAccessor, OnInit, On
|
|||
return this.permissionList.find((p) => p.perm == perm)?.labelId;
|
||||
}
|
||||
|
||||
protected accessAllLabelId(item: AccessItemView) {
|
||||
return item.type == AccessItemType.Group ? "groupAccessAll" : "memberAccessAll";
|
||||
}
|
||||
|
||||
protected canEditItemPermission(item: AccessItemView) {
|
||||
return this.permissionMode == PermissionMode.Edit && !item.readonly && !item.accessAllItems;
|
||||
return this.permissionMode == PermissionMode.Edit && !item.readonly;
|
||||
}
|
||||
|
||||
private _itemComparator(a: AccessItemView, b: AccessItemView) {
|
||||
|
|
|
@ -34,12 +34,6 @@ export enum AccessItemType {
|
|||
*
|
||||
*/
|
||||
export type AccessItemView = SelectItemView & {
|
||||
/**
|
||||
* Flag that this group/member can access all items.
|
||||
* This will disable the permission editor for this item.
|
||||
*/
|
||||
accessAllItems?: boolean;
|
||||
|
||||
/**
|
||||
* Flag that this item cannot be modified.
|
||||
* This will disable the permission editor and will keep
|
||||
|
@ -82,16 +76,14 @@ export type Permission = {
|
|||
labelId: string;
|
||||
};
|
||||
|
||||
export const getPermissionList = (flexibleCollectionsEnabled: boolean): Permission[] => {
|
||||
export const getPermissionList = (): Permission[] => {
|
||||
const permissions = [
|
||||
{ perm: CollectionPermission.View, labelId: "canView" },
|
||||
{ perm: CollectionPermission.ViewExceptPass, labelId: "canViewExceptPass" },
|
||||
{ perm: CollectionPermission.Edit, labelId: "canEdit" },
|
||||
{ perm: CollectionPermission.EditExceptPass, labelId: "canEditExceptPass" },
|
||||
{ perm: CollectionPermission.Manage, labelId: "canManage" },
|
||||
];
|
||||
if (flexibleCollectionsEnabled) {
|
||||
permissions.push({ perm: CollectionPermission.Manage, labelId: "canManage" });
|
||||
}
|
||||
|
||||
return permissions;
|
||||
};
|
||||
|
@ -142,8 +134,6 @@ export function mapGroupToAccessItemView(group: GroupView): AccessItemView {
|
|||
type: AccessItemType.Group,
|
||||
listName: group.name,
|
||||
labelName: group.name,
|
||||
accessAllItems: group.accessAll,
|
||||
readonly: group.accessAll,
|
||||
};
|
||||
}
|
||||
|
||||
|
@ -157,7 +147,5 @@ export function mapUserToAccessItemView(user: OrganizationUserUserDetailsRespons
|
|||
listName: user.name?.length > 0 ? `${user.name} (${user.email})` : user.email,
|
||||
labelName: user.name ?? user.email,
|
||||
status: user.status,
|
||||
accessAllItems: user.accessAll,
|
||||
readonly: user.accessAll,
|
||||
};
|
||||
}
|
||||
|
|
|
@ -253,7 +253,6 @@ MemberGroupAccess.args = {
|
|||
type: AccessItemType.Group,
|
||||
listName: "Admin Group",
|
||||
labelName: "Admin Group",
|
||||
accessAllItems: true,
|
||||
},
|
||||
]),
|
||||
};
|
||||
|
@ -309,7 +308,6 @@ CollectionAccess.args = {
|
|||
type: AccessItemType.Group,
|
||||
listName: "Admin Group",
|
||||
labelName: "Admin Group",
|
||||
accessAllItems: true,
|
||||
readonly: true,
|
||||
},
|
||||
{
|
||||
|
@ -320,7 +318,6 @@ CollectionAccess.args = {
|
|||
status: OrganizationUserStatusType.Confirmed,
|
||||
role: OrganizationUserType.Admin,
|
||||
email: "admin@email.com",
|
||||
accessAllItems: true,
|
||||
readonly: true,
|
||||
},
|
||||
]),
|
||||
|
|
|
@ -20,8 +20,6 @@ export class UserTypePipe implements PipeTransform {
|
|||
return this.i18nService.t("admin");
|
||||
case OrganizationUserType.User:
|
||||
return this.i18nService.t("user");
|
||||
case OrganizationUserType.Manager:
|
||||
return this.i18nService.t("manager");
|
||||
case OrganizationUserType.Custom:
|
||||
return this.i18nService.t("custom");
|
||||
}
|
||||
|
|
|
@ -64,7 +64,7 @@
|
|||
</bit-form-field>
|
||||
</bit-tab>
|
||||
<bit-tab label="{{ 'access' | i18n }}">
|
||||
<div class="tw-mb-3" *ngIf="organization.flexibleCollections">
|
||||
<div class="tw-mb-3">
|
||||
<ng-container *ngIf="dialogReadonly">
|
||||
<span>{{ "readOnlyCollectionAccess" | i18n }}</span>
|
||||
</ng-container>
|
||||
|
@ -107,7 +107,6 @@
|
|||
[selectorLabelText]="'selectGroupsAndMembers' | i18n"
|
||||
[selectorHelpText]="'userPermissionOverrideHelperDesc' | i18n"
|
||||
[emptySelectionText]="'noMembersOrGroupsAdded' | i18n"
|
||||
[flexibleCollectionsEnabled]="organization.flexibleCollections"
|
||||
></bit-access-selector>
|
||||
<bit-access-selector
|
||||
*ngIf="!organization.useGroups"
|
||||
|
@ -117,7 +116,6 @@
|
|||
[columnHeader]="'memberColumnHeader' | i18n"
|
||||
[selectorLabelText]="'selectMembers' | i18n"
|
||||
[emptySelectionText]="'noMembersAdded' | i18n"
|
||||
[flexibleCollectionsEnabled]="organization.flexibleCollections"
|
||||
></bit-access-selector>
|
||||
</bit-tab>
|
||||
</bit-tab-group>
|
||||
|
|
|
@ -223,7 +223,7 @@ export class CollectionDialogComponent implements OnInit, OnDestroy {
|
|||
(u) => u.userId === this.organization?.userId,
|
||||
)?.id;
|
||||
const initialSelection: AccessItemValue[] =
|
||||
currentOrgUserId !== undefined && organization.flexibleCollections
|
||||
currentOrgUserId !== undefined
|
||||
? [
|
||||
{
|
||||
id: currentOrgUserId,
|
||||
|
@ -239,11 +239,7 @@ export class CollectionDialogComponent implements OnInit, OnDestroy {
|
|||
});
|
||||
}
|
||||
|
||||
if (
|
||||
organization.flexibleCollections &&
|
||||
flexibleCollectionsV1 &&
|
||||
!organization.allowAdminAccessToAllCollectionItems
|
||||
) {
|
||||
if (flexibleCollectionsV1 && !organization.allowAdminAccessToAllCollectionItems) {
|
||||
this.formGroup.controls.access.addValidators(validateCanManagePermission);
|
||||
} else {
|
||||
this.formGroup.controls.access.removeValidators(validateCanManagePermission);
|
||||
|
@ -444,8 +440,7 @@ function mapGroupToAccessItemView(group: GroupView, collectionId: string): Acces
|
|||
type: AccessItemType.Group,
|
||||
listName: group.name,
|
||||
labelName: group.name,
|
||||
accessAllItems: group.accessAll,
|
||||
readonly: group.accessAll,
|
||||
readonly: false,
|
||||
readonlyPermission:
|
||||
collectionId != null
|
||||
? convertToPermission(group.collections.find((gc) => gc.id == collectionId))
|
||||
|
@ -471,8 +466,7 @@ function mapUserToAccessItemView(
|
|||
listName: user.name?.length > 0 ? `${user.name} (${user.email})` : user.email,
|
||||
labelName: user.name ?? user.email,
|
||||
status: user.status,
|
||||
accessAllItems: user.accessAll,
|
||||
readonly: user.accessAll,
|
||||
readonly: false,
|
||||
readonlyPermission:
|
||||
collectionId != null
|
||||
? convertToPermission(
|
||||
|
|
|
@ -86,7 +86,7 @@ export class VaultCollectionRowComponent {
|
|||
return this.i18nService.t("canEdit");
|
||||
}
|
||||
if ((this.collection as CollectionAdminView).assigned) {
|
||||
const permissionList = getPermissionList(this.organization?.flexibleCollections);
|
||||
const permissionList = getPermissionList();
|
||||
return this.i18nService.t(
|
||||
permissionList.find((p) => p.perm === convertToPermission(this.collection))?.labelId,
|
||||
);
|
||||
|
|
|
@ -15,7 +15,6 @@ import { VaultFilter } from "../models/vault-filter.model";
|
|||
})
|
||||
export class VaultFilterSectionComponent implements OnInit, OnDestroy {
|
||||
private destroy$ = new Subject<void>();
|
||||
protected flexibleCollectionsEnabled: boolean;
|
||||
|
||||
@Input() activeFilter: VaultFilter;
|
||||
@Input() section: VaultFilterSection;
|
||||
|
@ -40,12 +39,6 @@ export class VaultFilterSectionComponent implements OnInit, OnDestroy {
|
|||
this.section?.data$?.pipe(takeUntil(this.destroy$)).subscribe((data) => {
|
||||
this.data = data;
|
||||
});
|
||||
this.vaultFilterService
|
||||
.getOrganizationFilter()
|
||||
.pipe(takeUntil(this.destroy$))
|
||||
.subscribe((org) => {
|
||||
this.flexibleCollectionsEnabled = org != null ? org.flexibleCollections : false;
|
||||
});
|
||||
}
|
||||
|
||||
ngOnDestroy() {
|
||||
|
@ -77,10 +70,9 @@ export class VaultFilterSectionComponent implements OnInit, OnDestroy {
|
|||
const { organizationId, cipherTypeId, folderId, collectionId, isCollectionSelected } =
|
||||
this.activeFilter;
|
||||
|
||||
const collectionStatus = this.flexibleCollectionsEnabled
|
||||
? filterNode?.node.id === "AllCollections" &&
|
||||
(isCollectionSelected || collectionId === "AllCollections")
|
||||
: collectionId === filterNode?.node.id;
|
||||
const collectionStatus =
|
||||
filterNode?.node.id === "AllCollections" &&
|
||||
(isCollectionSelected || collectionId === "AllCollections");
|
||||
|
||||
return (
|
||||
organizationId === filterNode?.node.id ||
|
||||
|
|
|
@ -17,7 +17,6 @@
|
|||
[selectorLabelText]="'selectGroupsAndMembers' | i18n"
|
||||
[selectorHelpText]="'userPermissionOverrideHelperDesc' | i18n"
|
||||
[emptySelectionText]="'noMembersOrGroupsAdded' | i18n"
|
||||
[flexibleCollectionsEnabled]="flexibleCollectionsEnabled$ | async"
|
||||
></bit-access-selector>
|
||||
<bit-access-selector
|
||||
*ngIf="!organization?.useGroups"
|
||||
|
@ -27,7 +26,6 @@
|
|||
[columnHeader]="'memberColumnHeader' | i18n"
|
||||
[selectorLabelText]="'selectMembers' | i18n"
|
||||
[emptySelectionText]="'noMembersAdded' | i18n"
|
||||
[flexibleCollectionsEnabled]="flexibleCollectionsEnabled$ | async"
|
||||
></bit-access-selector>
|
||||
</div>
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
import { DIALOG_DATA, DialogConfig, DialogRef } from "@angular/cdk/dialog";
|
||||
import { Component, Inject, OnDestroy } from "@angular/core";
|
||||
import { FormBuilder } from "@angular/forms";
|
||||
import { combineLatest, map, of, Subject, switchMap, takeUntil } from "rxjs";
|
||||
import { combineLatest, of, Subject, switchMap, takeUntil } from "rxjs";
|
||||
|
||||
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
|
||||
import { OrganizationUserService } from "@bitwarden/common/admin-console/abstractions/organization-user/organization-user.service";
|
||||
|
@ -42,10 +42,6 @@ export enum BulkCollectionsDialogResult {
|
|||
standalone: true,
|
||||
})
|
||||
export class BulkCollectionsDialogComponent implements OnDestroy {
|
||||
protected flexibleCollectionsEnabled$ = this.organizationService
|
||||
.get$(this.params.organizationId)
|
||||
.pipe(map((o) => o?.flexibleCollections));
|
||||
|
||||
protected readonly PermissionMode = PermissionMode;
|
||||
|
||||
protected formGroup = this.formBuilder.group({
|
||||
|
|
|
@ -103,11 +103,7 @@ export class VaultFilterComponent extends BaseVaultFilterComponent implements On
|
|||
async buildAllFilters(): Promise<VaultFilterList> {
|
||||
const builderFilter = {} as VaultFilterList;
|
||||
builderFilter.typeFilter = await this.addTypeFilter(["favorites"]);
|
||||
if (this._organization?.flexibleCollections) {
|
||||
builderFilter.collectionFilter = await this.addCollectionFilter();
|
||||
} else {
|
||||
builderFilter.collectionFilter = await super.addCollectionFilter();
|
||||
}
|
||||
builderFilter.collectionFilter = await this.addCollectionFilter();
|
||||
builderFilter.trashFilter = await this.addTrashFilter();
|
||||
return builderFilter;
|
||||
}
|
||||
|
|
|
@ -6,10 +6,7 @@
|
|||
queryParamsHandling="merge"
|
||||
>
|
||||
{{ organization.name }}
|
||||
<span *ngIf="!organization.flexibleCollections">
|
||||
{{ "vault" | i18n | lowercase }}
|
||||
</span>
|
||||
<span *ngIf="organization.flexibleCollections">
|
||||
<span>
|
||||
{{ "collections" | i18n | lowercase }}
|
||||
</span>
|
||||
</bit-breadcrumb>
|
||||
|
|
|
@ -89,9 +89,7 @@ export class VaultHeaderComponent implements OnInit {
|
|||
}
|
||||
|
||||
get title() {
|
||||
const headerType = this.organization?.flexibleCollections
|
||||
? this.i18nService.t("collections").toLowerCase()
|
||||
: this.i18nService.t("vault").toLowerCase();
|
||||
const headerType = this.i18nService.t("collections").toLowerCase();
|
||||
|
||||
if (this.collection != null) {
|
||||
return this.collection.node.name;
|
||||
|
|
|
@ -65,8 +65,8 @@
|
|||
[useEvents]="organization?.canAccessEventLogs"
|
||||
[showAdminActions]="true"
|
||||
(onEvent)="onVaultItemsEvent($event)"
|
||||
[showBulkEditCollectionAccess]="organization?.flexibleCollections"
|
||||
[showBulkAddToCollections]="organization?.flexibleCollections"
|
||||
[showBulkEditCollectionAccess]="true"
|
||||
[showBulkAddToCollections]="true"
|
||||
[viewingOrgVault]="true"
|
||||
[flexibleCollectionsV1Enabled]="flexibleCollectionsV1Enabled"
|
||||
[addAccessStatus]="addAccessStatus$ | async"
|
||||
|
|
|
@ -156,7 +156,7 @@ export class VaultComponent implements OnInit, OnDestroy {
|
|||
private _flexibleCollectionsV1FlagEnabled: boolean;
|
||||
|
||||
protected get flexibleCollectionsV1Enabled(): boolean {
|
||||
return this._flexibleCollectionsV1FlagEnabled && this.organization?.flexibleCollections;
|
||||
return this._flexibleCollectionsV1FlagEnabled;
|
||||
}
|
||||
protected orgRevokedUsers: OrganizationUserUserDetailsResponse[];
|
||||
|
||||
|
|
|
@ -2794,12 +2794,6 @@
|
|||
"userDesc": {
|
||||
"message": "Access and add items to assigned collections"
|
||||
},
|
||||
"manager": {
|
||||
"message": "Manager"
|
||||
},
|
||||
"managerDesc": {
|
||||
"message": "Create, delete, and manage access in assigned collections"
|
||||
},
|
||||
"all": {
|
||||
"message": "All"
|
||||
},
|
||||
|
@ -4576,12 +4570,6 @@
|
|||
"permission": {
|
||||
"message": "Permission"
|
||||
},
|
||||
"managerPermissions": {
|
||||
"message": "Manager Permissions"
|
||||
},
|
||||
"adminPermissions": {
|
||||
"message": "Admin Permissions"
|
||||
},
|
||||
"accessEventLogs": {
|
||||
"message": "Access event logs"
|
||||
},
|
||||
|
@ -4606,9 +4594,6 @@
|
|||
"deleteAnyCollection": {
|
||||
"message": "Delete any collection"
|
||||
},
|
||||
"manageAssignedCollections": {
|
||||
"message": "Manage assigned collections"
|
||||
},
|
||||
"editAssignedCollections": {
|
||||
"message": "Edit assigned collections"
|
||||
},
|
||||
|
@ -6669,12 +6654,6 @@
|
|||
"restrictedCollectionAssignmentDesc": {
|
||||
"message": "You can only assign collections you manage."
|
||||
},
|
||||
"accessAllCollectionsDesc": {
|
||||
"message": "Grant access to all current and future collections."
|
||||
},
|
||||
"accessAllCollectionsHelp": {
|
||||
"message": "If checked, this will replace all other collection permissions."
|
||||
},
|
||||
"selectMembers": {
|
||||
"message": "Select members"
|
||||
},
|
||||
|
@ -6717,12 +6696,6 @@
|
|||
"group": {
|
||||
"message": "Group"
|
||||
},
|
||||
"groupAccessAll": {
|
||||
"message": "This group can access and modify all items."
|
||||
},
|
||||
"memberAccessAll": {
|
||||
"message": "This member can access and modify all items."
|
||||
},
|
||||
"domainVerification": {
|
||||
"message": "Domain verification"
|
||||
},
|
||||
|
|
|
@ -20,8 +20,6 @@ export class UserTypePipe implements PipeTransform {
|
|||
return this.i18nService.t("admin");
|
||||
case OrganizationUserType.User:
|
||||
return this.i18nService.t("user");
|
||||
case OrganizationUserType.Manager:
|
||||
return this.i18nService.t("manager");
|
||||
case OrganizationUserType.Custom:
|
||||
return this.i18nService.t("custom");
|
||||
}
|
||||
|
|
|
@ -5,7 +5,6 @@ import { SelectionReadOnlyRequest } from "../../../models/request/selection-read
|
|||
export class OrganizationUserInviteRequest {
|
||||
emails: string[] = [];
|
||||
type: OrganizationUserType;
|
||||
accessAll: boolean;
|
||||
accessSecretsManager: boolean;
|
||||
collections: SelectionReadOnlyRequest[] = [];
|
||||
groups: string[];
|
||||
|
|
|
@ -4,7 +4,6 @@ import { SelectionReadOnlyRequest } from "../../../models/request/selection-read
|
|||
|
||||
export class OrganizationUserUpdateRequest {
|
||||
type: OrganizationUserType;
|
||||
accessAll: boolean;
|
||||
accessSecretsManager: boolean;
|
||||
collections: SelectionReadOnlyRequest[] = [];
|
||||
groups: string[] = [];
|
||||
|
|
|
@ -10,11 +10,6 @@ export class OrganizationUserResponse extends BaseResponse {
|
|||
type: OrganizationUserType;
|
||||
status: OrganizationUserStatusType;
|
||||
externalId: string;
|
||||
/**
|
||||
* @deprecated
|
||||
* To be removed after Flexible Collections.
|
||||
**/
|
||||
accessAll: boolean;
|
||||
accessSecretsManager: boolean;
|
||||
permissions: PermissionsApi;
|
||||
resetPasswordEnrolled: boolean;
|
||||
|
@ -30,7 +25,6 @@ export class OrganizationUserResponse extends BaseResponse {
|
|||
this.status = this.getResponseProperty("Status");
|
||||
this.permissions = new PermissionsApi(this.getResponseProperty("Permissions"));
|
||||
this.externalId = this.getResponseProperty("ExternalId");
|
||||
this.accessAll = this.getResponseProperty("AccessAll");
|
||||
this.accessSecretsManager = this.getResponseProperty("AccessSecretsManager");
|
||||
this.resetPasswordEnrolled = this.getResponseProperty("ResetPasswordEnrolled");
|
||||
this.hasMasterPassword = this.getResponseProperty("HasMasterPassword");
|
||||
|
|
|
@ -7,7 +7,7 @@ import { OrganizationData } from "../../models/data/organization.data";
|
|||
import { Organization } from "../../models/domain/organization";
|
||||
|
||||
export function canAccessVaultTab(org: Organization): boolean {
|
||||
return org.canViewAssignedCollections || org.canViewAllCollections;
|
||||
return org.canViewAllCollections;
|
||||
}
|
||||
|
||||
export function canAccessSettingsTab(org: Organization): boolean {
|
||||
|
@ -77,10 +77,7 @@ export function canAccessImportExport(i18nService: I18nService) {
|
|||
export function canAccessImport(i18nService: I18nService) {
|
||||
return map<Organization[], Organization[]>((orgs) =>
|
||||
orgs
|
||||
.filter(
|
||||
(org) =>
|
||||
org.canAccessImportExport || (org.canCreateNewCollections && org.flexibleCollections),
|
||||
)
|
||||
.filter((org) => org.canAccessImportExport || org.canCreateNewCollections)
|
||||
.sort(Utils.getSortFunction(i18nService, "name")),
|
||||
);
|
||||
}
|
||||
|
|
|
@ -142,16 +142,6 @@ export class Organization {
|
|||
return this.enabled && this.status === OrganizationUserStatusType.Confirmed;
|
||||
}
|
||||
|
||||
/**
|
||||
* Whether a user has Manager permissions or greater
|
||||
*
|
||||
* @deprecated
|
||||
* This is deprecated with the introduction of Flexible Collections.
|
||||
*/
|
||||
get isManager() {
|
||||
return this.type === OrganizationUserType.Manager || this.isAdmin;
|
||||
}
|
||||
|
||||
/**
|
||||
* Whether a user has Admin permissions or greater
|
||||
*/
|
||||
|
@ -179,19 +169,13 @@ export class Organization {
|
|||
}
|
||||
|
||||
get canCreateNewCollections() {
|
||||
if (this.flexibleCollections) {
|
||||
return (
|
||||
!this.limitCollectionCreationDeletion ||
|
||||
this.isAdmin ||
|
||||
this.permissions.createNewCollections
|
||||
);
|
||||
}
|
||||
|
||||
return this.isManager || this.permissions.createNewCollections;
|
||||
return (
|
||||
!this.limitCollectionCreationDeletion || this.isAdmin || this.permissions.createNewCollections
|
||||
);
|
||||
}
|
||||
|
||||
canEditAnyCollection(flexibleCollectionsV1Enabled: boolean) {
|
||||
if (!this.flexibleCollections || !flexibleCollectionsV1Enabled) {
|
||||
if (!flexibleCollectionsV1Enabled) {
|
||||
// Pre-Flexible Collections v1 logic
|
||||
return this.isAdmin || this.permissions.editAnyCollection;
|
||||
}
|
||||
|
@ -221,8 +205,8 @@ export class Organization {
|
|||
flexibleCollectionsV1Enabled: boolean,
|
||||
restrictProviderAccessFlagEnabled: boolean,
|
||||
) {
|
||||
// Before Flexible Collections, any admin or anyone with editAnyCollection permission could edit all ciphers
|
||||
if (!this.flexibleCollections || !flexibleCollectionsV1Enabled || !this.flexibleCollections) {
|
||||
// Before Flexible Collections V1, any admin or anyone with editAnyCollection permission could edit all ciphers
|
||||
if (!flexibleCollectionsV1Enabled) {
|
||||
return this.isAdmin || this.permissions.editAnyCollection;
|
||||
}
|
||||
|
||||
|
@ -269,33 +253,6 @@ export class Organization {
|
|||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* @deprecated
|
||||
* This is deprecated with the introduction of Flexible Collections.
|
||||
* This will always return false if FlexibleCollections flag is on.
|
||||
*/
|
||||
get canEditAssignedCollections() {
|
||||
return this.isManager || this.permissions.editAssignedCollections;
|
||||
}
|
||||
|
||||
/**
|
||||
* @deprecated
|
||||
* This is deprecated with the introduction of Flexible Collections.
|
||||
* This will always return false if FlexibleCollections flag is on.
|
||||
*/
|
||||
get canDeleteAssignedCollections() {
|
||||
return this.isManager || this.permissions.deleteAssignedCollections;
|
||||
}
|
||||
|
||||
/**
|
||||
* @deprecated
|
||||
* This is deprecated with the introduction of Flexible Collections.
|
||||
* This will always return false if FlexibleCollections flag is on.
|
||||
*/
|
||||
get canViewAssignedCollections() {
|
||||
return this.canDeleteAssignedCollections || this.canEditAssignedCollections;
|
||||
}
|
||||
|
||||
get canManageGroups() {
|
||||
return (this.isAdmin || this.permissions.manageGroups) && this.useGroups;
|
||||
}
|
||||
|
|
|
@ -49,15 +49,11 @@ export class CollectionView implements View, ITreeNodeObject {
|
|||
);
|
||||
}
|
||||
|
||||
if (org?.flexibleCollections) {
|
||||
return (
|
||||
org?.canEditAllCiphers(v1FlexibleCollections, restrictProviderAccess) ||
|
||||
this.manage ||
|
||||
(this.assigned && !this.readOnly)
|
||||
);
|
||||
}
|
||||
|
||||
return org?.canEditAnyCollection(false) || (org?.canEditAssignedCollections && this.assigned);
|
||||
return (
|
||||
org?.canEditAllCiphers(v1FlexibleCollections, restrictProviderAccess) ||
|
||||
this.manage ||
|
||||
(this.assigned && !this.readOnly)
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -256,17 +256,14 @@ export class ImportComponent implements OnInit, OnDestroy {
|
|||
if (!this._importBlockedByPolicy) {
|
||||
this.formGroup.controls.targetSelector.enable();
|
||||
}
|
||||
const flexCollectionEnabled =
|
||||
organizations.find((x) => x.id == this.organizationId)?.flexibleCollections ?? false;
|
||||
|
||||
if (value) {
|
||||
this.collections$ = Utils.asyncToObservable(() =>
|
||||
this.collectionService
|
||||
.getAllDecrypted()
|
||||
.then((decryptedCollections) =>
|
||||
decryptedCollections
|
||||
.filter(
|
||||
(c2) => c2.organizationId === value && (!flexCollectionEnabled || c2.manage),
|
||||
)
|
||||
.filter((c2) => c2.organizationId === value && c2.manage)
|
||||
.sort(Utils.getSortFunction(this.i18nService, "name")),
|
||||
),
|
||||
);
|
||||
|
|
|
@ -167,11 +167,7 @@ export class ExportComponent implements OnInit, OnDestroy {
|
|||
}
|
||||
|
||||
this.organizations$ = this.organizationService.memberOrganizations$.pipe(
|
||||
map((orgs) =>
|
||||
orgs
|
||||
.filter((org) => org.flexibleCollections)
|
||||
.sort(Utils.getSortFunction(this.i18nService, "name")),
|
||||
),
|
||||
map((orgs) => orgs.sort(Utils.getSortFunction(this.i18nService, "name"))),
|
||||
);
|
||||
|
||||
this.exportForm.controls.vaultSelector.valueChanges
|
||||
|
|
Loading…
Reference in New Issue