From 0e2c486a383e632d512e3d87847cc6758b43f85c Mon Sep 17 00:00:00 2001
From: aj-rosado <109146700+aj-rosado@users.noreply.github.com>
Date: Tue, 9 Jul 2024 18:36:18 +0100
Subject: [PATCH] [AC-2509] add member access component (#9411)
* Added new report card and FeatureFlag for MemberAccessReport
* Add new "isEnterpriseOrgGuard"
* Add member access icon
* Show upgrade organization dialog for enterprise on member access report click
* verify member access featureflag on enterprise org guard
* add comment with TODO information for follow up task
* Initial member access report component
* Improved readability, removed path to wrong component and refactored buildReports to use the productType
* finished MemberAccessReport layout and added temporary service to provide mock data
* Moved member-access-report files to bitwarden_license/
Removed unnecessary files
* Added new tools path on bitwarden_license to the CODEOWNERS file
* added member access description to the messages.json
* layout changes to member access report
* Created new reports-routing under bitwarden_license
Moved member-access-report files to corresponding subfolder
* Added search logic
* Removed routing from member-access-report BL component on OSS.
Added member-access-report navigation to organizations-routing on BL
* removed unnecessary ng-container
* Added OrganizationPermissionsGuard and canAccessReports validation to member-access-report navigation
* replaced deprecated search code with searchControl
* Address PR feedback
* removed unnecessary canAccessReports method
---
.github/CODEOWNERS | 1 +
apps/web/src/locales/en/messages.json | 3 ++
.../organizations-routing.module.ts | 18 +++++++
.../member-access-report.component.html | 50 +++++++++++++++++++
.../member-access-report.component.ts | 33 ++++++++++++
.../member-access-report.service.ts | 39 +++++++++++++++
.../view/member-access-report.view.ts | 7 +++
7 files changed, 151 insertions(+)
create mode 100644 bitwarden_license/bit-web/src/app/tools/reports/member-access-report/member-access-report.component.html
create mode 100644 bitwarden_license/bit-web/src/app/tools/reports/member-access-report/member-access-report.component.ts
create mode 100644 bitwarden_license/bit-web/src/app/tools/reports/member-access-report/member-access-report.service.ts
create mode 100644 bitwarden_license/bit-web/src/app/tools/reports/member-access-report/view/member-access-report.view.ts
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 1b1d05ed78..6b6a905bfd 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -29,6 +29,7 @@ libs/common/src/models/export @bitwarden/team-tools-dev
libs/common/src/tools @bitwarden/team-tools-dev
libs/importer @bitwarden/team-tools-dev
libs/tools @bitwarden/team-tools-dev
+bitwarden_license/bit-web/src/app/tools @bitwarden/team-tools-dev
## Localization/Crowdin (Tools team)
apps/browser/src/_locales @bitwarden/team-tools-dev
diff --git a/apps/web/src/locales/en/messages.json b/apps/web/src/locales/en/messages.json
index f61a1396ed..66a768a0fa 100644
--- a/apps/web/src/locales/en/messages.json
+++ b/apps/web/src/locales/en/messages.json
@@ -8445,6 +8445,9 @@
"memberAccessReportDesc": {
"message": "Ensure members have access to the right credentials and their accounts are secure. Use this report to obtain a CSV of member access and account configurations."
},
+ "memberAccessReportPageDesc": {
+ "message": "Audit organization member access across groups, collections, and collection items. The CSV export provides a detailed breakdown per member, including information on collection permissions and account configurations."
+ },
"higherKDFIterations": {
"message": "Higher KDF iterations can help protect your master password from being brute forced by an attacker."
},
diff --git a/bitwarden_license/bit-web/src/app/admin-console/organizations/organizations-routing.module.ts b/bitwarden_license/bit-web/src/app/admin-console/organizations/organizations-routing.module.ts
index acb4fb6ecd..1b31341e0d 100644
--- a/bitwarden_license/bit-web/src/app/admin-console/organizations/organizations-routing.module.ts
+++ b/bitwarden_license/bit-web/src/app/admin-console/organizations/organizations-routing.module.ts
@@ -3,6 +3,7 @@ import { RouterModule, Routes } from "@angular/router";
import { AuthGuard } from "@bitwarden/angular/auth/guards";
import { canAccessSettingsTab } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
+import { IsEnterpriseOrgGuard } from "@bitwarden/web-vault/app/admin-console/organizations/guards/is-enterprise-org.guard";
import { organizationPermissionsGuard } from "@bitwarden/web-vault/app/admin-console/organizations/guards/org-permissions.guard";
import { OrganizationLayoutComponent } from "@bitwarden/web-vault/app/admin-console/organizations/layouts/organization-layout.component";
@@ -58,6 +59,23 @@ const routes: Routes = [
},
],
},
+ {
+ path: "reporting/reports",
+ canActivate: [AuthGuard, organizationPermissionsGuard((org) => org.canAccessReports)],
+ children: [
+ {
+ path: "member-access-report",
+ loadComponent: () =>
+ import(
+ "../../tools/reports/member-access-report/member-access-report.component"
+ ).then((mod) => mod.MemberAccessReportComponent),
+ data: {
+ titleId: "memberAccessReport",
+ },
+ canActivate: [IsEnterpriseOrgGuard],
+ },
+ ],
+ },
],
},
];
diff --git a/bitwarden_license/bit-web/src/app/tools/reports/member-access-report/member-access-report.component.html b/bitwarden_license/bit-web/src/app/tools/reports/member-access-report/member-access-report.component.html
new file mode 100644
index 0000000000..9950bce6ef
--- /dev/null
+++ b/bitwarden_license/bit-web/src/app/tools/reports/member-access-report/member-access-report.component.html
@@ -0,0 +1,50 @@
+
+ {{ "memberAccessReportPageDesc" | i18n }} +
+