diff --git a/bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policy.view.ts b/bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policies/access-policy.view.ts similarity index 53% rename from bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policy.view.ts rename to bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policies/access-policy.view.ts index 6c005a1225..76be88b610 100644 --- a/bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policy.view.ts +++ b/bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policies/access-policy.view.ts @@ -42,32 +42,3 @@ export class ServiceAccountProjectAccessPolicyView extends BaseAccessPolicyView grantedProjectId: string; grantedProjectName: string; } - -export class ProjectAccessPoliciesView { - userAccessPolicies: UserProjectAccessPolicyView[]; - groupAccessPolicies: GroupProjectAccessPolicyView[]; - serviceAccountAccessPolicies: ServiceAccountProjectAccessPolicyView[]; -} - -export class ProjectPeopleAccessPoliciesView { - userAccessPolicies: UserProjectAccessPolicyView[]; - groupAccessPolicies: GroupProjectAccessPolicyView[]; -} - -export class ServiceAccountPeopleAccessPoliciesView { - userAccessPolicies: UserServiceAccountAccessPolicyView[]; - groupAccessPolicies: GroupServiceAccountAccessPolicyView[]; -} - -export class ServiceAccountProjectPolicyPermissionDetailsView { - accessPolicy: ServiceAccountProjectAccessPolicyView; - hasPermission: boolean; -} - -export class ServiceAccountGrantedPoliciesView { - grantedProjectPolicies: ServiceAccountProjectPolicyPermissionDetailsView[]; -} - -export class ProjectServiceAccountsAccessPoliciesView { - serviceAccountAccessPolicies: ServiceAccountProjectAccessPolicyView[]; -} diff --git a/bitwarden_license/bit-web/src/app/secrets-manager/models/view/potential-grantee.view.ts b/bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policies/potential-grantee.view.ts similarity index 100% rename from bitwarden_license/bit-web/src/app/secrets-manager/models/view/potential-grantee.view.ts rename to bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policies/potential-grantee.view.ts diff --git a/bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policies/project-people-access-policies.view.ts b/bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policies/project-people-access-policies.view.ts new file mode 100644 index 0000000000..c85b289928 --- /dev/null +++ b/bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policies/project-people-access-policies.view.ts @@ -0,0 +1,6 @@ +import { GroupProjectAccessPolicyView, UserProjectAccessPolicyView } from "./access-policy.view"; + +export class ProjectPeopleAccessPoliciesView { + userAccessPolicies: UserProjectAccessPolicyView[]; + groupAccessPolicies: GroupProjectAccessPolicyView[]; +} diff --git a/bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policies/project-service-accounts-access-policies.view.ts b/bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policies/project-service-accounts-access-policies.view.ts new file mode 100644 index 0000000000..28636c4df1 --- /dev/null +++ b/bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policies/project-service-accounts-access-policies.view.ts @@ -0,0 +1,5 @@ +import { ServiceAccountProjectAccessPolicyView } from "./access-policy.view"; + +export class ProjectServiceAccountsAccessPoliciesView { + serviceAccountAccessPolicies: ServiceAccountProjectAccessPolicyView[]; +} diff --git a/bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policies/service-account-granted-policies.view.ts b/bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policies/service-account-granted-policies.view.ts new file mode 100644 index 0000000000..7d53e38263 --- /dev/null +++ b/bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policies/service-account-granted-policies.view.ts @@ -0,0 +1,10 @@ +import { ServiceAccountProjectAccessPolicyView } from "./access-policy.view"; + +export class ServiceAccountGrantedPoliciesView { + grantedProjectPolicies: ServiceAccountProjectPolicyPermissionDetailsView[]; +} + +export class ServiceAccountProjectPolicyPermissionDetailsView { + accessPolicy: ServiceAccountProjectAccessPolicyView; + hasPermission: boolean; +} diff --git a/bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policies/service-account-people-access-policies.view.ts b/bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policies/service-account-people-access-policies.view.ts new file mode 100644 index 0000000000..58dcf6d470 --- /dev/null +++ b/bitwarden_license/bit-web/src/app/secrets-manager/models/view/access-policies/service-account-people-access-policies.view.ts @@ -0,0 +1,9 @@ +import { + GroupServiceAccountAccessPolicyView, + UserServiceAccountAccessPolicyView, +} from "./access-policy.view"; + +export class ServiceAccountPeopleAccessPoliciesView { + userAccessPolicies: UserServiceAccountAccessPolicyView[]; + groupAccessPolicies: GroupServiceAccountAccessPolicyView[]; +} diff --git a/bitwarden_license/bit-web/src/app/secrets-manager/projects/project/project-service-accounts.component.ts b/bitwarden_license/bit-web/src/app/secrets-manager/projects/project/project-service-accounts.component.ts index 668bdbae43..7ac111ef62 100644 --- a/bitwarden_license/bit-web/src/app/secrets-manager/projects/project/project-service-accounts.component.ts +++ b/bitwarden_license/bit-web/src/app/secrets-manager/projects/project/project-service-accounts.component.ts @@ -7,7 +7,7 @@ import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.servic import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service"; import { ValidationService } from "@bitwarden/common/platform/abstractions/validation.service"; -import { ProjectServiceAccountsAccessPoliciesView } from "../../models/view/access-policy.view"; +import { ProjectServiceAccountsAccessPoliciesView } from "../../models/view/access-policies/project-service-accounts-access-policies.view"; import { ApItemValueType, convertToProjectServiceAccountsAccessPoliciesView, diff --git a/bitwarden_license/bit-web/src/app/secrets-manager/projects/projects/projects.component.ts b/bitwarden_license/bit-web/src/app/secrets-manager/projects/projects/projects.component.ts index 831ee4df9b..fd59014642 100644 --- a/bitwarden_license/bit-web/src/app/secrets-manager/projects/projects/projects.component.ts +++ b/bitwarden_license/bit-web/src/app/secrets-manager/projects/projects/projects.component.ts @@ -6,7 +6,6 @@ import { OrganizationService } from "@bitwarden/common/admin-console/abstraction import { DialogService } from "@bitwarden/components"; import { ProjectListView } from "../../models/view/project-list.view"; -import { AccessPolicyService } from "../../shared/access-policies/access-policy.service"; import { BulkConfirmationDetails, BulkConfirmationDialogComponent, @@ -38,7 +37,6 @@ export class ProjectsComponent implements OnInit { constructor( private route: ActivatedRoute, private projectService: ProjectService, - private accessPolicyService: AccessPolicyService, private dialogService: DialogService, private organizationService: OrganizationService, ) {} @@ -47,7 +45,6 @@ export class ProjectsComponent implements OnInit { this.projects$ = combineLatest([ this.route.params, this.projectService.project$.pipe(startWith(null)), - this.accessPolicyService.projectAccessPolicyChanges$.pipe(startWith(null)), ]).pipe( switchMap(async ([params]) => { this.organizationId = params.organizationId; diff --git a/bitwarden_license/bit-web/src/app/secrets-manager/service-accounts/projects/service-account-projects.component.ts b/bitwarden_license/bit-web/src/app/secrets-manager/service-accounts/projects/service-account-projects.component.ts index a6f3d720b7..49ddfe331f 100644 --- a/bitwarden_license/bit-web/src/app/secrets-manager/service-accounts/projects/service-account-projects.component.ts +++ b/bitwarden_license/bit-web/src/app/secrets-manager/service-accounts/projects/service-account-projects.component.ts @@ -7,7 +7,7 @@ import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.servic import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service"; import { ValidationService } from "@bitwarden/common/platform/abstractions/validation.service"; -import { ServiceAccountGrantedPoliciesView } from "../../models/view/access-policy.view"; +import { ServiceAccountGrantedPoliciesView } from "../../models/view/access-policies/service-account-granted-policies.view"; import { ApItemValueType, convertToServiceAccountGrantedPoliciesView, diff --git a/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/access-policy-selector/models/ap-item-value.type.ts b/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/access-policy-selector/models/ap-item-value.type.ts index 237fa2f323..935c77f1b3 100644 --- a/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/access-policy-selector/models/ap-item-value.type.ts +++ b/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/access-policy-selector/models/ap-item-value.type.ts @@ -1,15 +1,17 @@ import { - ProjectPeopleAccessPoliciesView, UserProjectAccessPolicyView, GroupProjectAccessPolicyView, - ServiceAccountPeopleAccessPoliciesView, UserServiceAccountAccessPolicyView, GroupServiceAccountAccessPolicyView, + ServiceAccountProjectAccessPolicyView, +} from "../../../../models/view/access-policies/access-policy.view"; +import { ProjectPeopleAccessPoliciesView } from "../../../../models/view/access-policies/project-people-access-policies.view"; +import { ProjectServiceAccountsAccessPoliciesView } from "../../../../models/view/access-policies/project-service-accounts-access-policies.view"; +import { ServiceAccountGrantedPoliciesView, ServiceAccountProjectPolicyPermissionDetailsView, - ServiceAccountProjectAccessPolicyView, - ProjectServiceAccountsAccessPoliciesView, -} from "../../../../models/view/access-policy.view"; +} from "../../../../models/view/access-policies/service-account-granted-policies.view"; +import { ServiceAccountPeopleAccessPoliciesView } from "../../../../models/view/access-policies/service-account-people-access-policies.view"; import { ApItemEnum } from "./enums/ap-item.enum"; import { ApPermissionEnum, ApPermissionEnumUtil } from "./enums/ap-permission.enum"; diff --git a/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/access-policy-selector/models/ap-item-view.type.ts b/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/access-policy-selector/models/ap-item-view.type.ts index 07e08afcf9..1a023659c1 100644 --- a/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/access-policy-selector/models/ap-item-view.type.ts +++ b/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/access-policy-selector/models/ap-item-view.type.ts @@ -1,13 +1,11 @@ import { Utils } from "@bitwarden/common/platform/misc/utils"; import { SelectItemView } from "@bitwarden/components"; -import { - ProjectPeopleAccessPoliciesView, - ServiceAccountGrantedPoliciesView, - ProjectServiceAccountsAccessPoliciesView, - ServiceAccountPeopleAccessPoliciesView, -} from "../../../../models/view/access-policy.view"; -import { PotentialGranteeView } from "../../../../models/view/potential-grantee.view"; +import { PotentialGranteeView } from "../../../../models/view/access-policies/potential-grantee.view"; +import { ProjectPeopleAccessPoliciesView } from "../../../../models/view/access-policies/project-people-access-policies.view"; +import { ProjectServiceAccountsAccessPoliciesView } from "../../../../models/view/access-policies/project-service-accounts-access-policies.view"; +import { ServiceAccountGrantedPoliciesView } from "../../../../models/view/access-policies/service-account-granted-policies.view"; +import { ServiceAccountPeopleAccessPoliciesView } from "../../../../models/view/access-policies/service-account-people-access-policies.view"; import { ApItemEnum, ApItemEnumUtil } from "./enums/ap-item.enum"; import { ApPermissionEnum, ApPermissionEnumUtil } from "./enums/ap-permission.enum"; diff --git a/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/access-policy.service.ts b/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/access-policy.service.ts index 98684e3a60..32c130647a 100644 --- a/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/access-policy.service.ts +++ b/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/access-policy.service.ts @@ -1,5 +1,4 @@ import { Injectable } from "@angular/core"; -import { Subject } from "rxjs"; import { ApiService } from "@bitwarden/common/abstractions/api.service"; import { ListResponse } from "@bitwarden/common/models/response/list.response"; @@ -9,26 +8,23 @@ import { EncString } from "@bitwarden/common/platform/models/domain/enc-string"; import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key"; import { - BaseAccessPolicyView, - GroupProjectAccessPolicyView, - GroupServiceAccountAccessPolicyView, - ProjectAccessPoliciesView, - ProjectPeopleAccessPoliciesView, - ServiceAccountProjectAccessPolicyView, UserProjectAccessPolicyView, + GroupProjectAccessPolicyView, UserServiceAccountAccessPolicyView, - ServiceAccountPeopleAccessPoliciesView, + GroupServiceAccountAccessPolicyView, + ServiceAccountProjectAccessPolicyView, +} from "../../models/view/access-policies/access-policy.view"; +import { PotentialGranteeView } from "../../models/view/access-policies/potential-grantee.view"; +import { ProjectPeopleAccessPoliciesView } from "../../models/view/access-policies/project-people-access-policies.view"; +import { ProjectServiceAccountsAccessPoliciesView } from "../../models/view/access-policies/project-service-accounts-access-policies.view"; +import { ServiceAccountGrantedPoliciesView, - ProjectServiceAccountsAccessPoliciesView, ServiceAccountProjectPolicyPermissionDetailsView, -} from "../../models/view/access-policy.view"; -import { PotentialGranteeView } from "../../models/view/potential-grantee.view"; -import { AccessPoliciesCreateRequest } from "../../shared/access-policies/models/requests/access-policies-create.request"; +} from "../../models/view/access-policies/service-account-granted-policies.view"; +import { ServiceAccountPeopleAccessPoliciesView } from "../../models/view/access-policies/service-account-people-access-policies.view"; import { PeopleAccessPoliciesRequest } from "../../shared/access-policies/models/requests/people-access-policies.request"; -import { ProjectAccessPoliciesResponse } from "../../shared/access-policies/models/responses/project-access-policies.response"; import { ServiceAccountGrantedPoliciesRequest } from "../access-policies/models/requests/service-account-granted-policies.request"; -import { AccessPolicyUpdateRequest } from "./models/requests/access-policy-update.request"; import { AccessPolicyRequest } from "./models/requests/access-policy.request"; import { ProjectServiceAccountsAccessPoliciesRequest } from "./models/requests/project-service-accounts-access-policies.request"; import { @@ -49,39 +45,12 @@ import { ServiceAccountProjectPolicyPermissionDetailsResponse } from "./models/r providedIn: "root", }) export class AccessPolicyService { - private _projectAccessPolicyChanges$ = new Subject(); - - /** - * Emits when a project access policy is created or deleted. - */ - readonly projectAccessPolicyChanges$ = this._projectAccessPolicyChanges$.asObservable(); - constructor( private cryptoService: CryptoService, protected apiService: ApiService, protected encryptService: EncryptService, ) {} - refreshProjectAccessPolicyChanges() { - this._projectAccessPolicyChanges$.next(null); - } - - async getProjectAccessPolicies( - organizationId: string, - projectId: string, - ): Promise { - const r = await this.apiService.send( - "GET", - "/projects/" + projectId + "/access-policies", - null, - true, - true, - ); - - const results = new ProjectAccessPoliciesResponse(r); - return await this.createProjectAccessPoliciesView(organizationId, results); - } - async getProjectPeopleAccessPolicies( projectId: string, ): Promise { @@ -212,43 +181,6 @@ export class AccessPolicyService { return await this.createProjectServiceAccountsAccessPoliciesView(result, organizationId); } - async createProjectAccessPolicies( - organizationId: string, - projectId: string, - projectAccessPoliciesView: ProjectAccessPoliciesView, - ): Promise { - const request = this.getAccessPoliciesCreateRequest(projectAccessPoliciesView); - const r = await this.apiService.send( - "POST", - "/projects/" + projectId + "/access-policies", - request, - true, - true, - ); - const results = new ProjectAccessPoliciesResponse(r); - const view = await this.createProjectAccessPoliciesView(organizationId, results); - this._projectAccessPolicyChanges$.next(view); - return view; - } - - async deleteAccessPolicy(accessPolicyId: string): Promise { - await this.apiService.send("DELETE", "/access-policies/" + accessPolicyId, null, true, false); - this._projectAccessPolicyChanges$.next(null); - } - - async updateAccessPolicy(baseAccessPolicyView: BaseAccessPolicyView): Promise { - const payload = new AccessPolicyUpdateRequest(); - payload.read = baseAccessPolicyView.read; - payload.write = baseAccessPolicyView.write; - await this.apiService.send( - "PUT", - "/access-policies/" + baseAccessPolicyView.id, - payload, - true, - true, - ); - } - async getPeoplePotentialGrantees(organizationId: string) { const r = await this.apiService.send( "GET", @@ -285,11 +217,11 @@ export class AccessPolicyService { return await this.createPotentialGranteeViews(organizationId, results.data); } - protected async getOrganizationKey(organizationId: string): Promise { + private async getOrganizationKey(organizationId: string): Promise { return await this.cryptoService.getOrgKey(organizationId); } - protected getAccessPolicyRequest( + private getAccessPolicyRequest( granteeId: string, view: | UserProjectAccessPolicyView @@ -305,7 +237,53 @@ export class AccessPolicyService { return request; } - protected createBaseAccessPolicyView( + private getServiceAccountGrantedPoliciesRequest( + policies: ServiceAccountGrantedPoliciesView, + ): ServiceAccountGrantedPoliciesRequest { + const request = new ServiceAccountGrantedPoliciesRequest(); + + request.projectGrantedPolicyRequests = policies.grantedProjectPolicies.map((detailView) => ({ + grantedId: detailView.accessPolicy.grantedProjectId, + read: detailView.accessPolicy.read, + write: detailView.accessPolicy.write, + })); + + return request; + } + + private getProjectServiceAccountsAccessPoliciesRequest( + policies: ProjectServiceAccountsAccessPoliciesView, + ): ProjectServiceAccountsAccessPoliciesRequest { + const request = new ProjectServiceAccountsAccessPoliciesRequest(); + + request.serviceAccountAccessPolicyRequests = policies.serviceAccountAccessPolicies.map((ap) => { + return this.getAccessPolicyRequest(ap.serviceAccountId, ap); + }); + + return request; + } + + private getPeopleAccessPoliciesRequest( + view: ProjectPeopleAccessPoliciesView | ServiceAccountPeopleAccessPoliciesView, + ): PeopleAccessPoliciesRequest { + const request = new PeopleAccessPoliciesRequest(); + + if (view.userAccessPolicies?.length > 0) { + request.userAccessPolicyRequests = view.userAccessPolicies.map((ap) => { + return this.getAccessPolicyRequest(ap.organizationUserId, ap); + }); + } + + if (view.groupAccessPolicies?.length > 0) { + request.groupAccessPolicyRequests = view.groupAccessPolicies.map((ap) => { + return this.getAccessPolicyRequest(ap.groupId, ap); + }); + } + + return request; + } + + private createBaseAccessPolicyView( response: | UserProjectAccessPolicyResponse | UserServiceAccountAccessPolicyResponse @@ -348,32 +326,6 @@ export class AccessPolicyService { ); } - private getServiceAccountGrantedPoliciesRequest( - policies: ServiceAccountGrantedPoliciesView, - ): ServiceAccountGrantedPoliciesRequest { - const request = new ServiceAccountGrantedPoliciesRequest(); - - request.projectGrantedPolicyRequests = policies.grantedProjectPolicies.map((detailView) => ({ - grantedId: detailView.accessPolicy.grantedProjectId, - read: detailView.accessPolicy.read, - write: detailView.accessPolicy.write, - })); - - return request; - } - - private getProjectServiceAccountsAccessPoliciesRequest( - policies: ProjectServiceAccountsAccessPoliciesView, - ): ProjectServiceAccountsAccessPoliciesRequest { - const request = new ProjectServiceAccountsAccessPoliciesRequest(); - - request.serviceAccountAccessPolicyRequests = policies.serviceAccountAccessPolicies.map((ap) => { - return this.getAccessPolicyRequest(ap.serviceAccountId, ap); - }); - - return request; - } - private async createServiceAccountGrantedPoliciesView( response: ServiceAccountGrantedPoliciesPermissionDetailsResponse, organizationId: string, @@ -413,27 +365,6 @@ export class AccessPolicyService { return view; } - private async createProjectAccessPoliciesView( - organizationId: string, - projectAccessPoliciesResponse: ProjectAccessPoliciesResponse, - ): Promise { - const orgKey = await this.getOrganizationKey(organizationId); - const view = new ProjectAccessPoliciesView(); - - view.userAccessPolicies = projectAccessPoliciesResponse.userAccessPolicies.map((ap) => { - return this.createUserProjectAccessPolicyView(ap); - }); - view.groupAccessPolicies = projectAccessPoliciesResponse.groupAccessPolicies.map((ap) => { - return this.createGroupProjectAccessPolicyView(ap); - }); - view.serviceAccountAccessPolicies = await Promise.all( - projectAccessPoliciesResponse.serviceAccountAccessPolicies.map(async (ap) => { - return await this.createServiceAccountProjectAccessPolicyView(orgKey, ap); - }), - ); - return view; - } - private createProjectPeopleAccessPoliciesView( peopleAccessPoliciesResponse: ProjectPeopleAccessPoliciesResponse, ): ProjectPeopleAccessPoliciesView { @@ -462,56 +393,6 @@ export class AccessPolicyService { return view; } - private getAccessPoliciesCreateRequest( - projectAccessPoliciesView: ProjectAccessPoliciesView, - ): AccessPoliciesCreateRequest { - const createRequest = new AccessPoliciesCreateRequest(); - - if (projectAccessPoliciesView.userAccessPolicies?.length > 0) { - createRequest.userAccessPolicyRequests = projectAccessPoliciesView.userAccessPolicies.map( - (ap) => { - return this.getAccessPolicyRequest(ap.organizationUserId, ap); - }, - ); - } - - if (projectAccessPoliciesView.groupAccessPolicies?.length > 0) { - createRequest.groupAccessPolicyRequests = projectAccessPoliciesView.groupAccessPolicies.map( - (ap) => { - return this.getAccessPolicyRequest(ap.groupId, ap); - }, - ); - } - - if (projectAccessPoliciesView.serviceAccountAccessPolicies?.length > 0) { - createRequest.serviceAccountAccessPolicyRequests = - projectAccessPoliciesView.serviceAccountAccessPolicies.map((ap) => { - return this.getAccessPolicyRequest(ap.serviceAccountId, ap); - }); - } - return createRequest; - } - - private getPeopleAccessPoliciesRequest( - view: ProjectPeopleAccessPoliciesView | ServiceAccountPeopleAccessPoliciesView, - ): PeopleAccessPoliciesRequest { - const request = new PeopleAccessPoliciesRequest(); - - if (view.userAccessPolicies?.length > 0) { - request.userAccessPolicyRequests = view.userAccessPolicies.map((ap) => { - return this.getAccessPolicyRequest(ap.organizationUserId, ap); - }); - } - - if (view.groupAccessPolicies?.length > 0) { - request.groupAccessPolicyRequests = view.groupAccessPolicies.map((ap) => { - return this.getAccessPolicyRequest(ap.groupId, ap); - }); - } - - return request; - } - private createUserProjectAccessPolicyView( response: UserProjectAccessPolicyResponse, ): UserProjectAccessPolicyView { diff --git a/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/access-selector.component.html b/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/access-selector.component.html deleted file mode 100644 index 9da038a2d8..0000000000 --- a/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/access-selector.component.html +++ /dev/null @@ -1,80 +0,0 @@ -
- - {{ label }} - - {{ hint }} - - -
- - - - - - {{ columnTitle }} - {{ "permissions" | i18n }} - - - - - - - - - - {{ row.name }} - - - - - - {{ "canRead" | i18n }} - {{ "canWrite" | i18n }} - {{ "canReadWrite" | i18n }} - - - - - - - - - - - - -
- {{ emptyMessage }} -
- - - -
- -
- diff --git a/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/access-selector.component.ts b/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/access-selector.component.ts deleted file mode 100644 index 8deed43cd3..0000000000 --- a/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/access-selector.component.ts +++ /dev/null @@ -1,194 +0,0 @@ -import { Component, EventEmitter, Input, OnInit, Output } from "@angular/core"; -import { FormControl, FormGroup, Validators } from "@angular/forms"; -import { ActivatedRoute } from "@angular/router"; -import { - combineLatest, - firstValueFrom, - map, - Observable, - share, - Subject, - switchMap, - tap, -} from "rxjs"; - -import { Utils } from "@bitwarden/common/platform/misc/utils"; -import { SelectItemView } from "@bitwarden/components/src/multi-select/models/select-item-view"; - -import { BaseAccessPolicyView } from "../../models/view/access-policy.view"; - -import { AccessPolicyService } from "./access-policy.service"; - -export type AccessSelectorRowView = { - type: "user" | "group" | "serviceAccount" | "project"; - name: string; - id: string; - accessPolicyId: string; - read: boolean; - write: boolean; - icon: string; - userId?: string; - currentUserInGroup?: boolean; - static?: boolean; -}; - -@Component({ - selector: "sm-access-selector", - templateUrl: "./access-selector.component.html", -}) -export class AccessSelectorComponent implements OnInit { - static readonly userIcon = "bwi-user"; - static readonly groupIcon = "bwi-family"; - static readonly serviceAccountIcon = "bwi-wrench"; - static readonly projectIcon = "bwi-collection"; - - /** - * Emits the selected items on submit. - */ - @Output() onCreateAccessPolicies = new EventEmitter(); - @Output() onDeleteAccessPolicy = new EventEmitter(); - @Output() onUpdateAccessPolicy = new EventEmitter(); - - @Input() label: string; - @Input() hint: string; - @Input() columnTitle: string; - @Input() emptyMessage: string; - @Input() granteeType: "people" | "serviceAccounts" | "projects"; - - protected rows$ = new Subject(); - @Input() private set rows(value: AccessSelectorRowView[]) { - const sorted = value.sort((a, b) => { - if (a.icon == b.icon) { - return a.name.localeCompare(b.name); - } - if (a.icon == AccessSelectorComponent.userIcon) { - return -1; - } - return 1; - }); - this.rows$.next(sorted); - } - - private maxLength = 15; - protected formGroup = new FormGroup({ - multiSelect: new FormControl([], [Validators.required, Validators.maxLength(this.maxLength)]), - }); - protected loading = true; - - protected selectItems$: Observable = combineLatest([ - this.rows$, - this.route.params, - ]).pipe( - switchMap(([rows, params]) => - this.getPotentialGrantees(params.organizationId).then((grantees) => - grantees - .filter((g) => !rows.some((row) => row.id === g.id)) - .map((granteeView) => { - let icon: string; - let listName = granteeView.name; - let labelName = granteeView.name; - if (granteeView.type === "user") { - icon = AccessSelectorComponent.userIcon; - if (Utils.isNullOrWhitespace(granteeView.name)) { - listName = granteeView.email; - labelName = granteeView.email; - } else { - listName = `${granteeView.name} (${granteeView.email})`; - } - } else if (granteeView.type === "group") { - icon = AccessSelectorComponent.groupIcon; - } else if (granteeView.type === "serviceAccount") { - icon = AccessSelectorComponent.serviceAccountIcon; - } else if (granteeView.type === "project") { - icon = AccessSelectorComponent.projectIcon; - } - return { - icon: icon, - id: granteeView.id, - labelName: labelName, - listName: listName, - }; - }), - ), - ), - map((selectItems) => selectItems.sort((a, b) => a.listName.localeCompare(b.listName))), - tap(() => { - this.loading = false; - this.formGroup.reset(); - this.formGroup.enable(); - }), - share(), - ); - - constructor( - private accessPolicyService: AccessPolicyService, - private route: ActivatedRoute, - ) {} - - ngOnInit(): void { - this.formGroup.disable(); - } - - submit = async () => { - this.formGroup.markAllAsTouched(); - if (this.formGroup.invalid) { - return; - } - this.formGroup.disable(); - this.loading = true; - - this.onCreateAccessPolicies.emit(this.formGroup.value.multiSelect); - - return firstValueFrom(this.selectItems$); - }; - - async update(target: any, row: AccessSelectorRowView): Promise { - if (target.value === "canRead") { - row.read = true; - row.write = false; - } else if (target.value === "canReadWrite") { - row.read = true; - row.write = true; - } - this.onUpdateAccessPolicy.emit(row); - } - - delete = (row: AccessSelectorRowView) => async () => { - this.loading = true; - this.formGroup.disable(); - this.onDeleteAccessPolicy.emit(row); - return firstValueFrom(this.selectItems$); - }; - - private getPotentialGrantees(organizationId: string) { - switch (this.granteeType) { - case "people": - return this.accessPolicyService.getPeoplePotentialGrantees(organizationId); - case "serviceAccounts": - return this.accessPolicyService.getServiceAccountsPotentialGrantees(organizationId); - case "projects": - return this.accessPolicyService.getProjectsPotentialGrantees(organizationId); - } - } - - static getAccessItemType(item: SelectItemView) { - switch (item.icon) { - case AccessSelectorComponent.userIcon: - return "user"; - case AccessSelectorComponent.groupIcon: - return "group"; - case AccessSelectorComponent.serviceAccountIcon: - return "serviceAccount"; - case AccessSelectorComponent.projectIcon: - return "project"; - } - } - - static getBaseAccessPolicyView(row: AccessSelectorRowView) { - const view = new BaseAccessPolicyView(); - view.id = row.accessPolicyId; - view.read = row.read; - view.write = row.write; - return view; - } -} diff --git a/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/models/requests/access-policies-create.request.ts b/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/models/requests/access-policies-create.request.ts deleted file mode 100644 index ff391ecacd..0000000000 --- a/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/models/requests/access-policies-create.request.ts +++ /dev/null @@ -1,7 +0,0 @@ -import { AccessPolicyRequest } from "./access-policy.request"; - -export class AccessPoliciesCreateRequest { - userAccessPolicyRequests?: AccessPolicyRequest[]; - groupAccessPolicyRequests?: AccessPolicyRequest[]; - serviceAccountAccessPolicyRequests?: AccessPolicyRequest[]; -} diff --git a/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/models/requests/access-policy-update.request.ts b/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/models/requests/access-policy-update.request.ts deleted file mode 100644 index 5aff186e12..0000000000 --- a/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/models/requests/access-policy-update.request.ts +++ /dev/null @@ -1,4 +0,0 @@ -export class AccessPolicyUpdateRequest { - read: boolean; - write: boolean; -} diff --git a/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/models/responses/project-access-policies.response.ts b/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/models/responses/project-access-policies.response.ts deleted file mode 100644 index 66d76c1493..0000000000 --- a/bitwarden_license/bit-web/src/app/secrets-manager/shared/access-policies/models/responses/project-access-policies.response.ts +++ /dev/null @@ -1,29 +0,0 @@ -import { BaseResponse } from "@bitwarden/common/models/response/base.response"; - -import { - GroupProjectAccessPolicyResponse, - ServiceAccountProjectAccessPolicyResponse, - UserProjectAccessPolicyResponse, -} from "./access-policy.response"; - -export class ProjectAccessPoliciesResponse extends BaseResponse { - userAccessPolicies: UserProjectAccessPolicyResponse[]; - groupAccessPolicies: GroupProjectAccessPolicyResponse[]; - serviceAccountAccessPolicies: ServiceAccountProjectAccessPolicyResponse[]; - - constructor(response: any) { - super(response); - const userAccessPolicies = this.getResponseProperty("UserAccessPolicies"); - this.userAccessPolicies = userAccessPolicies.map( - (k: any) => new UserProjectAccessPolicyResponse(k), - ); - const groupAccessPolicies = this.getResponseProperty("GroupAccessPolicies"); - this.groupAccessPolicies = groupAccessPolicies.map( - (k: any) => new GroupProjectAccessPolicyResponse(k), - ); - const serviceAccountAccessPolicies = this.getResponseProperty("ServiceAccountAccessPolicies"); - this.serviceAccountAccessPolicies = serviceAccountAccessPolicies.map( - (k: any) => new ServiceAccountProjectAccessPolicyResponse(k), - ); - } -} diff --git a/bitwarden_license/bit-web/src/app/secrets-manager/shared/sm-shared.module.ts b/bitwarden_license/bit-web/src/app/secrets-manager/shared/sm-shared.module.ts index cb302fb7db..cb723af6d7 100644 --- a/bitwarden_license/bit-web/src/app/secrets-manager/shared/sm-shared.module.ts +++ b/bitwarden_license/bit-web/src/app/secrets-manager/shared/sm-shared.module.ts @@ -13,7 +13,6 @@ import { ProductSwitcherModule } from "@bitwarden/web-vault/app/layouts/product- import { SharedModule } from "@bitwarden/web-vault/app/shared"; import { AccessPolicySelectorComponent } from "./access-policies/access-policy-selector/access-policy-selector.component"; -import { AccessSelectorComponent } from "./access-policies/access-selector.component"; import { BulkConfirmationDialogComponent } from "./dialogs/bulk-confirmation-dialog.component"; import { BulkStatusDialogComponent } from "./dialogs/bulk-status-dialog.component"; import { NewMenuComponent } from "./new-menu.component"; @@ -35,7 +34,6 @@ import { SecretsListComponent } from "./secrets-list.component"; ], exports: [ AccessPolicySelectorComponent, - AccessSelectorComponent, BulkConfirmationDialogComponent, BulkStatusDialogComponent, HeaderModule, @@ -49,7 +47,6 @@ import { SecretsListComponent } from "./secrets-list.component"; ], declarations: [ AccessPolicySelectorComponent, - AccessSelectorComponent, BulkConfirmationDialogComponent, BulkStatusDialogComponent, BulkStatusDialogComponent,