[AC-1529] Update settings tab visibility to include device approvals (#5855)

* fix: update show org settings function, add explicit canManageDeviceApprovals helper, refs AC-1529 * fix: add device approval in org-redirect guard and update passed permission, refs AC-1529
2024-11-21 11:35:34 +01:00 · 2023-08-04 09:18:48 -05:00 · 2023-08-04 09:18:48 -05:00 · 15597fb4e9
commit 15597fb4e9
parent 7f4741f464
5 changed files with 11 additions and 3 deletions
--- a/apps/web/src/app/admin-console/organizations/settings/organization-settings-routing.module.ts
+++ b/apps/web/src/app/admin-console/organizations/settings/organization-settings-routing.module.ts
@ -70,6 +70,9 @@ function getSettingsRoute(organization: Organization) {
  if (organization.canManageScim) {
    return "scim";
  }
+  if (organization.canManageDeviceApprovals) {
+    return "device-approvals";
+  }
  return undefined;
 }

--- a/apps/web/src/app/admin-console/organizations/settings/settings.component.html
+++ b/apps/web/src/app/admin-console/organizations/settings/settings.component.html
@ -65,7 +65,7 @@
              routerLink="device-approvals"
              class="list-group-item"
              routerLinkActive="active"
-              *ngIf="org.canManageUsersPassword"
+              *ngIf="org.canManageDeviceApprovals"
            >
              {{ "deviceApprovals" | i18n }}
            </a>
--- a/bitwarden_license/bit-web/src/app/admin-console/organizations/organizations-routing.module.ts
+++ b/bitwarden_license/bit-web/src/app/admin-console/organizations/organizations-routing.module.ts
@ -62,7 +62,7 @@ const routes: Routes = [
              canAccessFeature(FeatureFlag.TrustedDeviceEncryption),
            ],
            data: {
-              organizationPermissions: (org: Organization) => org.canManageUsersPassword,
+              organizationPermissions: (org: Organization) => org.canManageDeviceApprovals,
              titleId: "deviceApprovals",
            },
          },
--- a/libs/common/src/admin-console/abstractions/organization/organization.service.abstraction.ts
+++ b/libs/common/src/admin-console/abstractions/organization/organization.service.abstraction.ts
@ -15,7 +15,8 @@ export function canAccessSettingsTab(org: Organization): boolean {
    org.canManagePolicies ||
    org.canManageSso ||
    org.canManageScim ||
-    org.canAccessImportExport
+    org.canAccessImportExport ||
+    org.canManageDeviceApprovals
  );
 }

--- a/libs/common/src/admin-console/models/domain/organization.ts
+++ b/libs/common/src/admin-console/models/domain/organization.ts
@ -217,6 +217,10 @@ export class Organization {
    return this.isAdmin || this.permissions.manageResetPassword;
  }

+  get canManageDeviceApprovals() {
+    return (this.isAdmin || this.permissions.manageResetPassword) && this.useSso;
+  }
+
  get isExemptFromPolicies() {
    return this.canManagePolicies;
  }