[PM-15182] Remove remove-provider-export-permission feature flag (#12878)

* Remove remove-provider-export feature flag * Remove ts-strict comment * Revert changes to tests
2025-02-01 23:01:28 +01:00 · 2025-01-16 13:12:29 +10:00 · 2025-01-16 13:12:29 +10:00 · e4e436b768
commit e4e436b768
parent ffa5afb5e8
9 changed files with 9 additions and 50 deletions
--- a/apps/web/src/app/admin-console/organizations/layouts/organization-layout.component.ts
+++ b/apps/web/src/app/admin-console/organizations/layouts/organization-layout.component.ts
@ -77,10 +77,7 @@ export class OrganizationLayoutComponent implements OnInit {
      filter((org) => org != null),
    );

-    this.canAccessExport$ = combineLatest([
-      this.organization$,
-      this.configService.getFeatureFlag$(FeatureFlag.PM11360RemoveProviderExportPermission),
-    ]).pipe(map(([org, removeProviderExport]) => org.canAccessExport(removeProviderExport)));
+    this.canAccessExport$ = this.organization$.pipe(map((org) => org.canAccessExport));

    this.showPaymentAndHistory$ = this.organization$.pipe(
      map(
--- a/apps/web/src/app/admin-console/organizations/settings/organization-settings-routing.module.ts
+++ b/apps/web/src/app/admin-console/organizations/settings/organization-settings-routing.module.ts
@ -1,13 +1,8 @@
-// FIXME: Update this file to be type safe and remove this and next line
-// @ts-strict-ignore
-import { inject, NgModule } from "@angular/core";
-import { CanMatchFn, RouterModule, Routes } from "@angular/router";
-import { map } from "rxjs";
+import { NgModule } from "@angular/core";
+import { RouterModule, Routes } from "@angular/router";

 import { canAccessSettingsTab } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
 import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
-import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
-import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service";

 import { organizationPermissionsGuard } from "../../organizations/guards/org-permissions.guard";
 import { organizationRedirectGuard } from "../../organizations/guards/org-redirect.guard";
@ -16,11 +11,6 @@ import { PoliciesComponent } from "../../organizations/policies";
 import { AccountComponent } from "./account.component";
 import { TwoFactorSetupComponent } from "./two-factor-setup.component";

-const removeProviderExportPermission$: CanMatchFn = () =>
-  inject(ConfigService)
-    .getFeatureFlag$(FeatureFlag.PM11360RemoveProviderExportPermission)
-    .pipe(map((removeProviderExport) => removeProviderExport === true));
-
 const routes: Routes = [
  {
    path: "",
@ -68,27 +58,13 @@ const routes: Routes = [
              titleId: "importData",
            },
          },
-
-          // Export routing is temporarily duplicated to set the flag value passed into org.canAccessExport
          {
            path: "export",
            loadComponent: () =>
              import("../tools/vault-export/org-vault-export.component").then(
                (mod) => mod.OrganizationVaultExportComponent,
              ),
-            canMatch: [removeProviderExportPermission$], // if this matches, the flag is ON
-            canActivate: [organizationPermissionsGuard((org) => org.canAccessExport(true))],
-            data: {
-              titleId: "exportVault",
-            },
-          },
-          {
-            path: "export",
-            loadComponent: () =>
-              import("../tools/vault-export/org-vault-export.component").then(
-                (mod) => mod.OrganizationVaultExportComponent,
-              ),
-            canActivate: [organizationPermissionsGuard((org) => org.canAccessExport(false))],
+            canActivate: [organizationPermissionsGuard((org) => org.canAccessExport)],
            data: {
              titleId: "exportVault",
            },
@ -118,7 +94,8 @@ function getSettingsRoute(organization: Organization) {
  if (organization.canManageDeviceApprovals) {
    return "device-approvals";
  }
-  return undefined;
+
+  return "/";
 }

@NgModule({
--- a/apps/web/src/app/layouts/product-switcher/navigation-switcher/navigation-switcher.stories.ts
+++ b/apps/web/src/app/layouts/product-switcher/navigation-switcher/navigation-switcher.stories.ts
@ -157,7 +157,6 @@ export const SMAvailable: Story = {
        canManageUsers: false,
        canAccessSecretsManager: true,
        enabled: true,
-        canAccessExport: (_) => false,
      },
    ] as Organization[],
    mockProviders: [],
@ -173,7 +172,6 @@ export const SMAndACAvailable: Story = {
        canManageUsers: true,
        canAccessSecretsManager: true,
        enabled: true,
-        canAccessExport: (_) => false,
      },
    ] as Organization[],
    mockProviders: [],
@ -189,7 +187,6 @@ export const WithAllOptions: Story = {
        canManageUsers: true,
        canAccessSecretsManager: true,
        enabled: true,
-        canAccessExport: (_) => false,
      },
    ] as Organization[],
    mockProviders: [{ id: "provider-a" }] as Provider[],
--- a/apps/web/src/app/layouts/product-switcher/product-switcher.stories.ts
+++ b/apps/web/src/app/layouts/product-switcher/product-switcher.stories.ts
@ -176,7 +176,6 @@ export const WithSM: Story = {
        canManageUsers: false,
        canAccessSecretsManager: true,
        enabled: true,
-        canAccessExport: (_) => false,
      },
    ] as Organization[],
    mockProviders: [],
@ -192,7 +191,6 @@ export const WithSMAndAC: Story = {
        canManageUsers: true,
        canAccessSecretsManager: true,
        enabled: true,
-        canAccessExport: (_) => false,
      },
    ] as Organization[],
    mockProviders: [],
@ -208,7 +206,6 @@ export const WithAllOptions: Story = {
        canManageUsers: true,
        canAccessSecretsManager: true,
        enabled: true,
-        canAccessExport: (_) => false,
      },
    ] as Organization[],
    mockProviders: [{ id: "provider-a" }] as Provider[],
--- a/apps/web/src/app/layouts/product-switcher/shared/product-switcher.service.spec.ts
+++ b/apps/web/src/app/layouts/product-switcher/shared/product-switcher.service.spec.ts
@ -116,7 +116,6 @@ describe("ProductSwitcherService", () => {
            id: "1234",
            canAccessSecretsManager: true,
            enabled: true,
-            canAccessExport: (_) => true,
          },
        ] as Organization[]);

@ -232,14 +231,12 @@ describe("ProductSwitcherService", () => {
          canAccessSecretsManager: true,
          enabled: true,
          name: "Org 2",
-          canAccessExport: (_) => true,
        },
        {
          id: "4243",
          canAccessSecretsManager: true,
          enabled: true,
          name: "Org 32",
-          canAccessExport: (_) => true,
        },
      ] as Organization[]);

--- a/libs/common/src/admin-console/abstractions/organization/organization.service.abstraction.ts
+++ b/libs/common/src/admin-console/abstractions/organization/organization.service.abstraction.ts
@ -17,7 +17,7 @@ export function canAccessSettingsTab(org: Organization): boolean {
    org.canManageSso ||
    org.canManageScim ||
    org.canAccessImport ||
-    org.canAccessExport(false) || // Feature flag value doesn't matter here, providers will have access to this group anyway
+    org.canAccessExport ||
    org.canManageDeviceApprovals
  );
 }
--- a/libs/common/src/admin-console/abstractions/organization/vnext.organization.service.ts
+++ b/libs/common/src/admin-console/abstractions/organization/vnext.organization.service.ts
@ -17,7 +17,7 @@ export function canAccessSettingsTab(org: Organization): boolean {
    org.canManageSso ||
    org.canManageScim ||
    org.canAccessImport ||
-    org.canAccessExport(false) || // Feature flag value doesn't matter here, providers will have access to this group anyway
+    org.canAccessExport ||
    org.canManageDeviceApprovals
  );
 }
--- a/libs/common/src/admin-console/models/domain/organization.ts
+++ b/libs/common/src/admin-console/models/domain/organization.ts
@ -182,11 +182,7 @@ export class Organization {
    );
  }

-  canAccessExport(removeProviderExport: boolean) {
-    if (!removeProviderExport && this.isProviderUser) {
-      return true;
-    }
-
+  get canAccessExport() {
    return (
      this.isMember &&
      (this.type === OrganizationUserType.Owner ||
--- a/libs/common/src/enums/feature-flag.enum.ts
+++ b/libs/common/src/enums/feature-flag.enum.ts
@ -44,7 +44,6 @@ export enum FeatureFlag {
  NewDeviceVerificationPermanentDismiss = "new-device-permanent-dismiss",
  DisableFreeFamiliesSponsorship = "PM-12274-disable-free-families-sponsorship",
  MacOsNativeCredentialSync = "macos-native-credential-sync",
-  PM11360RemoveProviderExportPermission = "pm-11360-remove-provider-export-permission",
  PM12443RemovePagingLogic = "pm-12443-remove-paging-logic",
  PrivateKeyRegeneration = "pm-12241-private-key-regeneration",
  ResellerManagedOrgAlert = "PM-15814-alert-owners-of-reseller-managed-orgs",
@ -102,7 +101,6 @@ export const DefaultFeatureFlagValue = {
  [FeatureFlag.NewDeviceVerificationPermanentDismiss]: FALSE,
  [FeatureFlag.DisableFreeFamiliesSponsorship]: FALSE,
  [FeatureFlag.MacOsNativeCredentialSync]: FALSE,
-  [FeatureFlag.PM11360RemoveProviderExportPermission]: FALSE,
  [FeatureFlag.PM12443RemovePagingLogic]: FALSE,
  [FeatureFlag.PrivateKeyRegeneration]: FALSE,
  [FeatureFlag.ResellerManagedOrgAlert]: FALSE,