1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-24 12:06:15 +01:00

[PM-11405] Account Management: Prevent a verified user from changing their email address (#11486)

* Update AccountService to include a method for setting the managedByOrganizationId

* Update AccountComponent to conditionally show the purgeVault button based on a feature flag and if the user is managed by an organization

* Add missing method to FakeAccountService

* Remove the setAccountManagedByOrganizationId method from the AccountService abstract class.

* Refactor AccountComponent to use OrganizationService to check for managing organization

* Rename managesActiveUser to userIsManagedByOrganization

* Hide the change email section if the user is managed by an organization

* Refactor userIsManagedByOrganization property to be non-nullable in organization data and response models

* Refactor organization.data.spec.ts to include non-nullable userIsManagedByOrganization property

* Refactor account component initialization logic

* Remove opening modal that was added by mistake
This commit is contained in:
Rui Tomé 2024-10-28 16:12:16 +00:00 committed by GitHub
parent 53f13f4ea5
commit 203a7b0c01
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 33 additions and 18 deletions

View File

@ -3,7 +3,7 @@
<bit-container>
<app-profile></app-profile>
<div *ngIf="showChangeEmail" class="tw-mt-16">
<div *ngIf="showChangeEmail$ | async" class="tw-mt-16">
<h1 bitTypography="h1">{{ "changeEmail" | i18n }}</h1>
<app-change-email></app-change-email>
</div>

View File

@ -1,5 +1,5 @@
import { Component, OnInit, ViewChild, ViewContainerRef } from "@angular/core";
import { lastValueFrom, map, Observable, of, switchMap } from "rxjs";
import { combineLatest, from, lastValueFrom, map, Observable } from "rxjs";
import { ModalService } from "@bitwarden/angular/services/modal.service";
import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
@ -21,7 +21,7 @@ export class AccountComponent implements OnInit {
@ViewChild("deauthorizeSessionsTemplate", { read: ViewContainerRef, static: true })
deauthModalRef: ViewContainerRef;
showChangeEmail = true;
showChangeEmail$: Observable<boolean>;
showPurgeVault$: Observable<boolean>;
constructor(
@ -33,21 +33,36 @@ export class AccountComponent implements OnInit {
) {}
async ngOnInit() {
this.showChangeEmail = await this.userVerificationService.hasMasterPassword();
this.showPurgeVault$ = this.configService
.getFeatureFlag$(FeatureFlag.AccountDeprovisioning)
.pipe(
switchMap((isAccountDeprovisioningEnabled) =>
isAccountDeprovisioningEnabled
? this.organizationService.organizations$.pipe(
map(
(organizations) =>
!organizations.some((o) => o.userIsManagedByOrganization === true),
),
)
: of(true),
),
);
const isAccountDeprovisioningEnabled$ = this.configService.getFeatureFlag$(
FeatureFlag.AccountDeprovisioning,
);
const userIsManagedByOrganization$ = this.organizationService.organizations$.pipe(
map((organizations) => organizations.some((o) => o.userIsManagedByOrganization === true)),
);
const hasMasterPassword$ = from(this.userVerificationService.hasMasterPassword());
this.showChangeEmail$ = combineLatest([
hasMasterPassword$,
isAccountDeprovisioningEnabled$,
userIsManagedByOrganization$,
]).pipe(
map(
([hasMasterPassword, isAccountDeprovisioningEnabled, userIsManagedByOrganization]) =>
hasMasterPassword && (!isAccountDeprovisioningEnabled || !userIsManagedByOrganization),
),
);
this.showPurgeVault$ = combineLatest([
isAccountDeprovisioningEnabled$,
userIsManagedByOrganization$,
]).pipe(
map(
([isAccountDeprovisioningEnabled, userIsManagedByOrganization]) =>
!isAccountDeprovisioningEnabled || !userIsManagedByOrganization,
),
);
}
async deauthorizeSessions() {