Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2025-02-01 23:01:28 +01:00
Code Issues Projects Releases Wiki Activity

Cleanup org routing and nav permission service

Browse Source
This commit is contained in:
Shane Melton 2022-07-13 15:58:57 -07:00
parent ec77846286
commit 7c98809d1b
3 changed files with 27 additions and 175 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
apps/web/src/app/organizations/layouts/organization-layout.component.ts
View File

@ -50,14 +50,6 @@ export class OrganizationLayoutComponent implements OnInit, OnDestroy {
this.organization = await this.organizationService.get(this.organizationId); this.organization = await this.organizationService.get(this.organizationId);
} }
get showManageTab(): boolean {
return NavigationPermissionsService.canAccessManage(this.organization);
}
get showToolsTab(): boolean {
return NavigationPermissionsService.canAccessTools(this.organization);
}
get showSettingsTab(): boolean { get showSettingsTab(): boolean {
return NavigationPermissionsService.canAccessSettings(this.organization); return NavigationPermissionsService.canAccessSettings(this.organization);
} }
@ -81,35 +73,4 @@ export class OrganizationLayoutComponent implements OnInit, OnDestroy {
get reportTabLabel(): string { get reportTabLabel(): string {
return this.organization.useEvents ? "reporting" : "reports"; return this.organization.useEvents ? "reporting" : "reports";
} }
get toolsRoute(): string {
return this.organization.canAccessImportExport
? "tools/import"
: "tools/exposed-passwords-report";
}
get manageRoute(): string {
let route: string;
switch (true) {
case this.organization.canManageUsers:
route = "manage/people";
break;
case this.organization.canViewAssignedCollections || this.organization.canViewAllCollections:
route = "manage/collections";
break;
case this.organization.canManageGroups:
route = "manage/groups";
break;
case this.organization.canManagePolicies:
route = "manage/policies";
break;
case this.organization.canManageSso:
route = "manage/sso";
break;
case this.organization.canAccessEventLogs:
route = "manage/events";
break;
}
return route;
}
} }

129
apps/web/src/app/organizations/organization-routing.module.ts
View File

@ -13,10 +13,7 @@ import { OrganizationSubscriptionComponent } from "./billing/organization-subscr
import { GroupsComponent } from "./groups/groups.component"; import { GroupsComponent } from "./groups/groups.component";
import { PermissionsGuard } from "./guards/permissions.guard"; import { PermissionsGuard } from "./guards/permissions.guard";
import { OrganizationLayoutComponent } from "./layouts/organization-layout.component"; import { OrganizationLayoutComponent } from "./layouts/organization-layout.component";
import { CollectionsComponent } from "./manage/collections.component";
import { EventsComponent } from "./manage/events.component"; import { EventsComponent } from "./manage/events.component";
import { ManageComponent } from "./manage/manage.component";
import { PoliciesComponent } from "./manage/policies.component";
import { MembersComponent } from "./members/members.component"; import { MembersComponent } from "./members/members.component";
import { ReportListComponent } from "./reporting/report-list.component"; import { ReportListComponent } from "./reporting/report-list.component";
import { ReportingComponent } from "./reporting/reporting.component"; import { ReportingComponent } from "./reporting/reporting.component";
@ -27,7 +24,6 @@ import { TwoFactorSetupComponent } from "./settings/two-factor-setup.component";
import { ExposedPasswordsReportComponent } from "./tools/exposed-passwords-report.component"; import { ExposedPasswordsReportComponent } from "./tools/exposed-passwords-report.component";
import { InactiveTwoFactorReportComponent } from "./tools/inactive-two-factor-report.component"; import { InactiveTwoFactorReportComponent } from "./tools/inactive-two-factor-report.component";
import { ReusedPasswordsReportComponent } from "./tools/reused-passwords-report.component"; import { ReusedPasswordsReportComponent } from "./tools/reused-passwords-report.component";
import { ToolsComponent } from "./tools/tools.component";
import { UnsecuredWebsitesReportComponent } from "./tools/unsecured-websites-report.component"; import { UnsecuredWebsitesReportComponent } from "./tools/unsecured-websites-report.component";
import { WeakPasswordsReportComponent } from "./tools/weak-passwords-report.component"; import { WeakPasswordsReportComponent } from "./tools/weak-passwords-report.component";
@ -45,119 +41,6 @@ const routes: Routes = [
path: "vault", path: "vault",
loadChildren: () => OrganizationVaultModule, loadChildren: () => OrganizationVaultModule,
}, },
{
path: "tools",
component: ToolsComponent,
canActivate: [PermissionsGuard],
data: { permissions: NavigationPermissionsService.getPermissions("tools") },
children: [
{
path: "",
pathMatch: "full",
redirectTo: "import",
},
{
path: "",
loadChildren: () =>
import("./tools/import-export/org-import-export.module").then(
(m) => m.OrganizationImportExportModule
),
},
{
path: "exposed-passwords-report",
component: ExposedPasswordsReportComponent,
canActivate: [PermissionsGuard],
data: {
titleId: "exposedPasswordsReport",
permissions: [Permissions.AccessReports],
},
},
{
path: "inactive-two-factor-report",
component: InactiveTwoFactorReportComponent,
canActivate: [PermissionsGuard],
data: {
titleId: "inactive2faReport",
permissions: [Permissions.AccessReports],
},
},
{
path: "reused-passwords-report",
component: ReusedPasswordsReportComponent,
canActivate: [PermissionsGuard],
data: {
titleId: "reusedPasswordsReport",
permissions: [Permissions.AccessReports],
},
},
{
path: "unsecured-websites-report",
component: UnsecuredWebsitesReportComponent,
canActivate: [PermissionsGuard],
data: {
titleId: "unsecuredWebsitesReport",
permissions: [Permissions.AccessReports],
},
},
{
path: "weak-passwords-report",
component: WeakPasswordsReportComponent,
canActivate: [PermissionsGuard],
data: {
titleId: "weakPasswordsReport",
permissions: [Permissions.AccessReports],
},
},
],
},
{
path: "manage",
component: ManageComponent,
canActivate: [PermissionsGuard],
data: {
permissions: NavigationPermissionsService.getPermissions("manage"),
},
children: [
{
path: "",
pathMatch: "full",
redirectTo: "collections",
},
{
path: "collections",
component: CollectionsComponent,
canActivate: [PermissionsGuard],
data: {
titleId: "collections",
permissions: [
Permissions.CreateNewCollections,
Permissions.EditAnyCollection,
Permissions.DeleteAnyCollection,
Permissions.EditAssignedCollections,
Permissions.DeleteAssignedCollections,
],
},
},
{
path: "events",
component: EventsComponent,
canActivate: [PermissionsGuard],
data: {
titleId: "eventLogs",
permissions: [Permissions.AccessEventLogs],
},
},
{
path: "policies",
component: PoliciesComponent,
canActivate: [PermissionsGuard],
data: {
titleId: "policies",
permissions: [Permissions.ManagePolicies],
},
},
],
},
{ {
path: "settings", path: "settings",
component: SettingsComponent, component: SettingsComponent,
@ -179,7 +62,7 @@ const routes: Routes = [
canActivate: [PermissionsGuard], canActivate: [PermissionsGuard],
data: { data: {
titleId: "members", titleId: "members",
permissions: [Permissions.ManageUsers, Permissions.ManageUsersPassword], permissions: NavigationPermissionsService.getPermissions("members"),
}, },
}, },
{ {
@ -188,16 +71,14 @@ const routes: Routes = [
canActivate: [PermissionsGuard], canActivate: [PermissionsGuard],
data: { data: {
titleId: "groups", titleId: "groups",
permissions: [Permissions.ManageGroups], permissions: NavigationPermissionsService.getPermissions("groups"),
}, },
}, },
{ {
path: "reporting", path: "reporting",
component: ReportingComponent, component: ReportingComponent,
canActivate: [PermissionsGuard], canActivate: [PermissionsGuard],
data: { data: { permissions: NavigationPermissionsService.getPermissions("reporting") },
permissions: [Permissions.AccessReports],
},
children: [ children: [
{ path: "", pathMatch: "full", redirectTo: "reports" }, { path: "", pathMatch: "full", redirectTo: "reports" },
{ {
@ -271,9 +152,7 @@ const routes: Routes = [
path: "billing", path: "billing",
component: OrganizationBillingTabComponent, component: OrganizationBillingTabComponent,
canActivate: [PermissionsGuard], canActivate: [PermissionsGuard],
data: { data: { permissions: NavigationPermissionsService.getPermissions("billing") },
permissions: [Permissions.ManageBilling],
},
children: [ children: [
{ path: "", pathMatch: "full", redirectTo: "subscription" }, { path: "", pathMatch: "full", redirectTo: "subscription" },
{ {

34
apps/web/src/app/organizations/services/navigation-permissions.service.ts
View File

@ -14,8 +14,11 @@ const permissions = {
Permissions.ManagePolicies, Permissions.ManagePolicies,
Permissions.ManageSso, Permissions.ManageSso,
], ],
tools: [Permissions.AccessImportExport, Permissions.AccessReports], members: [Permissions.ManageUsers, Permissions.ManageUsersPassword],
settings: [Permissions.ManageOrganization], groups: [Permissions.ManageGroups],
reporting: [Permissions.AccessReports, Permissions.AccessEventLogs],
billing: [Permissions.ManageBilling],
settings: [Permissions.ManageOrganization, Permissions.ManagePolicies, Permissions.ManageSso],
}; };
export class NavigationPermissionsService { export class NavigationPermissionsService {
@ -29,21 +32,30 @@ export class NavigationPermissionsService {
static canAccessAdmin(organization: Organization): boolean { static canAccessAdmin(organization: Organization): boolean {
return ( return (
this.canAccessTools(organization) || this.canAccessMembers(organization) ||
this.canAccessSettings(organization) || this.canAccessGroups(organization) ||
this.canAccessManage(organization) this.canAccessReporting(organization) ||
this.canAccessBilling(organization)
); );
} }
static canAccessTools(organization: Organization): boolean { static canAccessMembers(organization: Organization): boolean {
return organization.hasAnyPermission(NavigationPermissionsService.getPermissions("tools")); return organization.hasAnyPermission(NavigationPermissionsService.getPermissions("members"));
}
static canAccessGroups(organization: Organization): boolean {
return organization.hasAnyPermission(NavigationPermissionsService.getPermissions("groups"));
}
static canAccessReporting(organization: Organization): boolean {
return organization.hasAnyPermission(NavigationPermissionsService.getPermissions("reporting"));
}
static canAccessBilling(organization: Organization): boolean {
return organization.hasAnyPermission(NavigationPermissionsService.getPermissions("billing"));
} }
static canAccessSettings(organization: Organization): boolean { static canAccessSettings(organization: Organization): boolean {
return organization.hasAnyPermission(NavigationPermissionsService.getPermissions("settings")); return organization.hasAnyPermission(NavigationPermissionsService.getPermissions("settings"));
} }
static canAccessManage(organization: Organization): boolean {
return organization.hasAnyPermission(NavigationPermissionsService.getPermissions("manage"));
}
} }