From 7c98809d1b2c8c8d252bf98a8b1013e6172d194b Mon Sep 17 00:00:00 2001 From: Shane Melton Date: Wed, 13 Jul 2022 15:58:57 -0700 Subject: [PATCH] Cleanup org routing and nav permission service --- .../layouts/organization-layout.component.ts | 39 ------ .../organization-routing.module.ts | 129 +----------------- .../navigation-permissions.service.ts | 34 +++-- 3 files changed, 27 insertions(+), 175 deletions(-) diff --git a/apps/web/src/app/organizations/layouts/organization-layout.component.ts b/apps/web/src/app/organizations/layouts/organization-layout.component.ts index 04d9f36f0e..a6fcd21811 100644 --- a/apps/web/src/app/organizations/layouts/organization-layout.component.ts +++ b/apps/web/src/app/organizations/layouts/organization-layout.component.ts @@ -50,14 +50,6 @@ export class OrganizationLayoutComponent implements OnInit, OnDestroy { this.organization = await this.organizationService.get(this.organizationId); } - get showManageTab(): boolean { - return NavigationPermissionsService.canAccessManage(this.organization); - } - - get showToolsTab(): boolean { - return NavigationPermissionsService.canAccessTools(this.organization); - } - get showSettingsTab(): boolean { return NavigationPermissionsService.canAccessSettings(this.organization); } @@ -81,35 +73,4 @@ export class OrganizationLayoutComponent implements OnInit, OnDestroy { get reportTabLabel(): string { return this.organization.useEvents ? "reporting" : "reports"; } - - get toolsRoute(): string { - return this.organization.canAccessImportExport - ? "tools/import" - : "tools/exposed-passwords-report"; - } - - get manageRoute(): string { - let route: string; - switch (true) { - case this.organization.canManageUsers: - route = "manage/people"; - break; - case this.organization.canViewAssignedCollections || this.organization.canViewAllCollections: - route = "manage/collections"; - break; - case this.organization.canManageGroups: - route = "manage/groups"; - break; - case this.organization.canManagePolicies: - route = "manage/policies"; - break; - case this.organization.canManageSso: - route = "manage/sso"; - break; - case this.organization.canAccessEventLogs: - route = "manage/events"; - break; - } - return route; - } } diff --git a/apps/web/src/app/organizations/organization-routing.module.ts b/apps/web/src/app/organizations/organization-routing.module.ts index 6fb602b2e2..102d552dfb 100644 --- a/apps/web/src/app/organizations/organization-routing.module.ts +++ b/apps/web/src/app/organizations/organization-routing.module.ts @@ -13,10 +13,7 @@ import { OrganizationSubscriptionComponent } from "./billing/organization-subscr import { GroupsComponent } from "./groups/groups.component"; import { PermissionsGuard } from "./guards/permissions.guard"; import { OrganizationLayoutComponent } from "./layouts/organization-layout.component"; -import { CollectionsComponent } from "./manage/collections.component"; import { EventsComponent } from "./manage/events.component"; -import { ManageComponent } from "./manage/manage.component"; -import { PoliciesComponent } from "./manage/policies.component"; import { MembersComponent } from "./members/members.component"; import { ReportListComponent } from "./reporting/report-list.component"; import { ReportingComponent } from "./reporting/reporting.component"; @@ -27,7 +24,6 @@ import { TwoFactorSetupComponent } from "./settings/two-factor-setup.component"; import { ExposedPasswordsReportComponent } from "./tools/exposed-passwords-report.component"; import { InactiveTwoFactorReportComponent } from "./tools/inactive-two-factor-report.component"; import { ReusedPasswordsReportComponent } from "./tools/reused-passwords-report.component"; -import { ToolsComponent } from "./tools/tools.component"; import { UnsecuredWebsitesReportComponent } from "./tools/unsecured-websites-report.component"; import { WeakPasswordsReportComponent } from "./tools/weak-passwords-report.component"; @@ -45,119 +41,6 @@ const routes: Routes = [ path: "vault", loadChildren: () => OrganizationVaultModule, }, - { - path: "tools", - component: ToolsComponent, - canActivate: [PermissionsGuard], - data: { permissions: NavigationPermissionsService.getPermissions("tools") }, - children: [ - { - path: "", - pathMatch: "full", - redirectTo: "import", - }, - { - path: "", - loadChildren: () => - import("./tools/import-export/org-import-export.module").then( - (m) => m.OrganizationImportExportModule - ), - }, - { - path: "exposed-passwords-report", - component: ExposedPasswordsReportComponent, - canActivate: [PermissionsGuard], - data: { - titleId: "exposedPasswordsReport", - permissions: [Permissions.AccessReports], - }, - }, - { - path: "inactive-two-factor-report", - component: InactiveTwoFactorReportComponent, - canActivate: [PermissionsGuard], - data: { - titleId: "inactive2faReport", - permissions: [Permissions.AccessReports], - }, - }, - { - path: "reused-passwords-report", - component: ReusedPasswordsReportComponent, - canActivate: [PermissionsGuard], - data: { - titleId: "reusedPasswordsReport", - permissions: [Permissions.AccessReports], - }, - }, - { - path: "unsecured-websites-report", - component: UnsecuredWebsitesReportComponent, - canActivate: [PermissionsGuard], - data: { - titleId: "unsecuredWebsitesReport", - permissions: [Permissions.AccessReports], - }, - }, - { - path: "weak-passwords-report", - component: WeakPasswordsReportComponent, - canActivate: [PermissionsGuard], - data: { - titleId: "weakPasswordsReport", - permissions: [Permissions.AccessReports], - }, - }, - ], - }, - { - path: "manage", - component: ManageComponent, - canActivate: [PermissionsGuard], - data: { - permissions: NavigationPermissionsService.getPermissions("manage"), - }, - children: [ - { - path: "", - pathMatch: "full", - redirectTo: "collections", - }, - { - path: "collections", - component: CollectionsComponent, - canActivate: [PermissionsGuard], - data: { - titleId: "collections", - permissions: [ - Permissions.CreateNewCollections, - Permissions.EditAnyCollection, - Permissions.DeleteAnyCollection, - Permissions.EditAssignedCollections, - Permissions.DeleteAssignedCollections, - ], - }, - }, - { - path: "events", - component: EventsComponent, - canActivate: [PermissionsGuard], - data: { - titleId: "eventLogs", - permissions: [Permissions.AccessEventLogs], - }, - }, - { - path: "policies", - component: PoliciesComponent, - canActivate: [PermissionsGuard], - data: { - titleId: "policies", - permissions: [Permissions.ManagePolicies], - }, - }, - ], - }, { path: "settings", component: SettingsComponent, @@ -179,7 +62,7 @@ const routes: Routes = [ canActivate: [PermissionsGuard], data: { titleId: "members", - permissions: [Permissions.ManageUsers, Permissions.ManageUsersPassword], + permissions: NavigationPermissionsService.getPermissions("members"), }, }, { @@ -188,16 +71,14 @@ const routes: Routes = [ canActivate: [PermissionsGuard], data: { titleId: "groups", - permissions: [Permissions.ManageGroups], + permissions: NavigationPermissionsService.getPermissions("groups"), }, }, { path: "reporting", component: ReportingComponent, canActivate: [PermissionsGuard], - data: { - permissions: [Permissions.AccessReports], - }, + data: { permissions: NavigationPermissionsService.getPermissions("reporting") }, children: [ { path: "", pathMatch: "full", redirectTo: "reports" }, { @@ -271,9 +152,7 @@ const routes: Routes = [ path: "billing", component: OrganizationBillingTabComponent, canActivate: [PermissionsGuard], - data: { - permissions: [Permissions.ManageBilling], - }, + data: { permissions: NavigationPermissionsService.getPermissions("billing") }, children: [ { path: "", pathMatch: "full", redirectTo: "subscription" }, { diff --git a/apps/web/src/app/organizations/services/navigation-permissions.service.ts b/apps/web/src/app/organizations/services/navigation-permissions.service.ts index e85d30096f..2a51db47a6 100644 --- a/apps/web/src/app/organizations/services/navigation-permissions.service.ts +++ b/apps/web/src/app/organizations/services/navigation-permissions.service.ts @@ -14,8 +14,11 @@ const permissions = { Permissions.ManagePolicies, Permissions.ManageSso, ], - tools: [Permissions.AccessImportExport, Permissions.AccessReports], - settings: [Permissions.ManageOrganization], + members: [Permissions.ManageUsers, Permissions.ManageUsersPassword], + groups: [Permissions.ManageGroups], + reporting: [Permissions.AccessReports, Permissions.AccessEventLogs], + billing: [Permissions.ManageBilling], + settings: [Permissions.ManageOrganization, Permissions.ManagePolicies, Permissions.ManageSso], }; export class NavigationPermissionsService { @@ -29,21 +32,30 @@ export class NavigationPermissionsService { static canAccessAdmin(organization: Organization): boolean { return ( - this.canAccessTools(organization) || - this.canAccessSettings(organization) || - this.canAccessManage(organization) + this.canAccessMembers(organization) || + this.canAccessGroups(organization) || + this.canAccessReporting(organization) || + this.canAccessBilling(organization) ); } - static canAccessTools(organization: Organization): boolean { - return organization.hasAnyPermission(NavigationPermissionsService.getPermissions("tools")); + static canAccessMembers(organization: Organization): boolean { + return organization.hasAnyPermission(NavigationPermissionsService.getPermissions("members")); + } + + static canAccessGroups(organization: Organization): boolean { + return organization.hasAnyPermission(NavigationPermissionsService.getPermissions("groups")); + } + + static canAccessReporting(organization: Organization): boolean { + return organization.hasAnyPermission(NavigationPermissionsService.getPermissions("reporting")); + } + + static canAccessBilling(organization: Organization): boolean { + return organization.hasAnyPermission(NavigationPermissionsService.getPermissions("billing")); } static canAccessSettings(organization: Organization): boolean { return organization.hasAnyPermission(NavigationPermissionsService.getPermissions("settings")); } - - static canAccessManage(organization: Organization): boolean { - return organization.hasAnyPermission(NavigationPermissionsService.getPermissions("manage")); - } }