[AC-2771] [AC-2772] Provider Restriction Fixes (#9635)

* [AC-2771] Do not make API request when restricted provider is not a member of the org * [AC-2771] Fix console errors when switching organizations * [AC-2772] Fix org vault for providers who are members - Show vault filters - Hide header search bar - Show create new item button
2024-12-19 15:57:42 +01:00 · 2024-06-13 13:18:49 -07:00 · 2024-06-13 13:18:49 -07:00 · 2ff9c3bb76
commit 2ff9c3bb76
parent 2d43a12ce9
4 changed files with 24 additions and 6 deletions
--- a/apps/web/src/app/vault/components/vault-items/vault-collection-row.component.ts
+++ b/apps/web/src/app/vault/components/vault-items/vault-collection-row.component.ts
@ -69,9 +69,9 @@ export class VaultCollectionRowComponent {
    if (this.collection instanceof CollectionAdminView) {
      // Only show AddAccess if unmanaged and allowAdminAccessToAllCollectionItems is disabled
      return (
-        !this.organization.allowAdminAccessToAllCollectionItems &&
+        !this.organization?.allowAdminAccessToAllCollectionItems &&
        this.collection.unmanaged &&
-        this.organization.canEditUnmanagedCollections()
+        this.organization?.canEditUnmanagedCollections()
      );
    }

--- a/apps/web/src/app/vault/org-vault/vault-header/vault-header.component.html
+++ b/apps/web/src/app/vault/org-vault/vault-header/vault-header.component.html
@ -93,7 +93,7 @@
  </ng-container>

  <bit-search
-    *ngIf="organization?.isProviderUser"
+    *ngIf="restrictProviderAccessFlag && organization?.isProviderUser && !organization?.isMember"
    class="tw-grow"
    [ngModel]="searchText"
    (ngModelChange)="onSearchTextChanged($event)"
--- a/apps/web/src/app/vault/org-vault/vault-header/vault-header.component.ts
+++ b/apps/web/src/app/vault/org-vault/vault-header/vault-header.component.ts
@ -68,7 +68,7 @@ export class VaultHeaderComponent implements OnInit {
  protected organizations$ = this.organizationService.organizations$;

  protected flexibleCollectionsV1Enabled = false;
-  private restrictProviderAccessFlag = false;
+  protected restrictProviderAccessFlag = false;

  constructor(
    private organizationService: OrganizationService,
@ -220,7 +220,11 @@ export class VaultHeaderComponent implements OnInit {
  }

  get canCreateCipher(): boolean {
-    if (this.organization?.isProviderUser && this.restrictProviderAccessFlag) {
+    if (
+      this.organization?.isProviderUser &&
+      this.restrictProviderAccessFlag &&
+      !this.organization?.isMember
+    ) {
      return false;
    }
    return true;
--- a/apps/web/src/app/vault/org-vault/vault.component.ts
+++ b/apps/web/src/app/vault/org-vault/vault.component.ts
@ -166,7 +166,11 @@ export class VaultComponent implements OnInit, OnDestroy {
  }

  protected get hideVaultFilters(): boolean {
-    return this.restrictProviderAccessEnabled && this.organization?.isProviderUser;
+    return (
+      this.restrictProviderAccessEnabled &&
+      this.organization?.isProviderUser &&
+      !this.organization?.isMember
+    );
  }

  private searchText$ = new Subject<string>();
@ -352,6 +356,16 @@ export class VaultComponent implements OnInit, OnDestroy {
        }
        let ciphers;

+        // Restricted providers (who are not members) do not have access org cipher endpoint below
+        // Return early to avoid 404 response
+        if (
+          this.restrictProviderAccessEnabled &&
+          !organization.isMember &&
+          organization.isProviderUser
+        ) {
+          return [];
+        }
+
        if (this.flexibleCollectionsV1Enabled) {
          // Flexible collections V1 logic.
          // If the user can edit all ciphers for the organization then fetch them ALL.