[PM-7292] Fix viewing/editing unassigned ciphers for admins (#8627)
* [PM-7292] Introduce canEditUnassignedCiphers helper * [PM-7292] Use new canEditUnassignedCiphers helper * [PM-7292] Remove duplicate canUseAdminCollections helper
This commit is contained in:
parent
09169cac71
commit
cbf48decec
|
@ -213,7 +213,7 @@ export class VaultComponent implements OnInit, OnDestroy {
|
||||||
switchMap(async ([organization]) => {
|
switchMap(async ([organization]) => {
|
||||||
this.organization = organization;
|
this.organization = organization;
|
||||||
|
|
||||||
if (!organization.canUseAdminCollections(this.flexibleCollectionsV1Enabled)) {
|
if (!organization.canEditAnyCollection(this.flexibleCollectionsV1Enabled)) {
|
||||||
await this.syncService.fullSync(false);
|
await this.syncService.fullSync(false);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -407,8 +407,7 @@ export class VaultComponent implements OnInit, OnDestroy {
|
||||||
]).pipe(
|
]).pipe(
|
||||||
map(([filter, collection, organization]) => {
|
map(([filter, collection, organization]) => {
|
||||||
return (
|
return (
|
||||||
(filter.collectionId === Unassigned &&
|
(filter.collectionId === Unassigned && !organization.canEditUnassignedCiphers()) ||
|
||||||
!organization.canUseAdminCollections(this.flexibleCollectionsV1Enabled)) ||
|
|
||||||
(!organization.canEditAllCiphers(this.flexibleCollectionsV1Enabled) &&
|
(!organization.canEditAllCiphers(this.flexibleCollectionsV1Enabled) &&
|
||||||
collection != undefined &&
|
collection != undefined &&
|
||||||
!collection.node.assigned)
|
!collection.node.assigned)
|
||||||
|
@ -454,12 +453,11 @@ export class VaultComponent implements OnInit, OnDestroy {
|
||||||
map(([filter, collection, organization]) => {
|
map(([filter, collection, organization]) => {
|
||||||
return (
|
return (
|
||||||
// Filtering by unassigned, show message if not admin
|
// Filtering by unassigned, show message if not admin
|
||||||
(filter.collectionId === Unassigned &&
|
(filter.collectionId === Unassigned && !organization.canEditUnassignedCiphers()) ||
|
||||||
!organization.canUseAdminCollections(this.flexibleCollectionsV1Enabled)) ||
|
|
||||||
// Filtering by a collection, so show message if user is not assigned
|
// Filtering by a collection, so show message if user is not assigned
|
||||||
(collection != undefined &&
|
(collection != undefined &&
|
||||||
!collection.node.assigned &&
|
!collection.node.assigned &&
|
||||||
!organization.canUseAdminCollections(this.flexibleCollectionsV1Enabled))
|
!organization.canEditAnyCollection(this.flexibleCollectionsV1Enabled))
|
||||||
);
|
);
|
||||||
}),
|
}),
|
||||||
shareReplay({ refCount: true, bufferSize: 1 }),
|
shareReplay({ refCount: true, bufferSize: 1 }),
|
||||||
|
@ -482,7 +480,7 @@ export class VaultComponent implements OnInit, OnDestroy {
|
||||||
(await firstValueFrom(allCipherMap$))[cipherId] != undefined;
|
(await firstValueFrom(allCipherMap$))[cipherId] != undefined;
|
||||||
} else {
|
} else {
|
||||||
canEditCipher =
|
canEditCipher =
|
||||||
organization.canUseAdminCollections(this.flexibleCollectionsV1Enabled) ||
|
organization.canEditAnyCollection(this.flexibleCollectionsV1Enabled) ||
|
||||||
(await this.cipherService.get(cipherId)) != null;
|
(await this.cipherService.get(cipherId)) != null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -662,7 +662,7 @@ export class AddEditComponent implements OnInit, OnDestroy {
|
||||||
|
|
||||||
// if a cipher is unassigned we want to check if they are an admin or have permission to edit any collection
|
// if a cipher is unassigned we want to check if they are an admin or have permission to edit any collection
|
||||||
if (!cipher.collectionIds) {
|
if (!cipher.collectionIds) {
|
||||||
orgAdmin = this.organization?.canEditAllCiphers(this.flexibleCollectionsV1Enabled);
|
orgAdmin = this.organization?.canEditUnassignedCiphers();
|
||||||
}
|
}
|
||||||
|
|
||||||
return this.cipher.id == null
|
return this.cipher.id == null
|
||||||
|
|
|
@ -203,8 +203,9 @@ export class Organization {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
canUseAdminCollections(flexibleCollectionsV1Enabled: boolean) {
|
canEditUnassignedCiphers() {
|
||||||
return this.canEditAnyCollection(flexibleCollectionsV1Enabled);
|
// TODO: Update this to exclude Providers if provider access is restricted in AC-1707
|
||||||
|
return this.isAdmin || this.permissions.editAnyCollection;
|
||||||
}
|
}
|
||||||
|
|
||||||
canEditAllCiphers(flexibleCollectionsV1Enabled: boolean) {
|
canEditAllCiphers(flexibleCollectionsV1Enabled: boolean) {
|
||||||
|
|
Loading…
Reference in New Issue