Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2025-02-01 23:01:28 +01:00
Code Issues Projects Releases Wiki Activity

[PM-15182] Remove remove-provider-export-permission feature flag (#12878)

Browse Source 
* Remove remove-provider-export feature flag

* Remove ts-strict comment

* Revert changes to tests
This commit is contained in:
Thomas Rittson 2025-01-16 13:12:29 +10:00 committed by GitHub
parent ffa5afb5e8
commit e4e436b768
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
9 changed files with 9 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apps/web/src/app/admin-console/organizations/layouts/organization-layout.component.ts
View File

@ -77,10 +77,7 @@ export class OrganizationLayoutComponent implements OnInit {
filter((org) => org != null), filter((org) => org != null),
); );
this.canAccessExport$ = combineLatest([ this.canAccessExport$ = this.organization$.pipe(map((org) => org.canAccessExport));
this.organization$,
this.configService.getFeatureFlag$(FeatureFlag.PM11360RemoveProviderExportPermission),
]).pipe(map(([org, removeProviderExport]) => org.canAccessExport(removeProviderExport)));
this.showPaymentAndHistory$ = this.organization$.pipe( this.showPaymentAndHistory$ = this.organization$.pipe(
map( map(

33
apps/web/src/app/admin-console/organizations/settings/organization-settings-routing.module.ts
View File

@ -1,13 +1,8 @@
// FIXME: Update this file to be type safe and remove this and next line import { NgModule } from "@angular/core";
// @ts-strict-ignore import { RouterModule, Routes } from "@angular/router";
import { inject, NgModule } from "@angular/core";
import { CanMatchFn, RouterModule, Routes } from "@angular/router";
import { map } from "rxjs";
import { canAccessSettingsTab } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction"; import { canAccessSettingsTab } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
import { Organization } from "@bitwarden/common/admin-console/models/domain/organization"; import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service";
import { organizationPermissionsGuard } from "../../organizations/guards/org-permissions.guard"; import { organizationPermissionsGuard } from "../../organizations/guards/org-permissions.guard";
import { organizationRedirectGuard } from "../../organizations/guards/org-redirect.guard"; import { organizationRedirectGuard } from "../../organizations/guards/org-redirect.guard";
@ -16,11 +11,6 @@ import { PoliciesComponent } from "../../organizations/policies";
import { AccountComponent } from "./account.component"; import { AccountComponent } from "./account.component";
import { TwoFactorSetupComponent } from "./two-factor-setup.component"; import { TwoFactorSetupComponent } from "./two-factor-setup.component";
const removeProviderExportPermission$: CanMatchFn = () =>
inject(ConfigService)
.getFeatureFlag$(FeatureFlag.PM11360RemoveProviderExportPermission)
.pipe(map((removeProviderExport) => removeProviderExport === true));
const routes: Routes = [ const routes: Routes = [
{ {
path: "", path: "",
@ -68,27 +58,13 @@ const routes: Routes = [
titleId: "importData", titleId: "importData",
}, },
}, },
// Export routing is temporarily duplicated to set the flag value passed into org.canAccessExport
{ {
path: "export", path: "export",
loadComponent: () => loadComponent: () =>
import("../tools/vault-export/org-vault-export.component").then( import("../tools/vault-export/org-vault-export.component").then(
(mod) => mod.OrganizationVaultExportComponent, (mod) => mod.OrganizationVaultExportComponent,
), ),
canMatch: [removeProviderExportPermission$], // if this matches, the flag is ON canActivate: [organizationPermissionsGuard((org) => org.canAccessExport)],
canActivate: [organizationPermissionsGuard((org) => org.canAccessExport(true))],
data: {
titleId: "exportVault",
},
},
{
path: "export",
loadComponent: () =>
import("../tools/vault-export/org-vault-export.component").then(
(mod) => mod.OrganizationVaultExportComponent,
),
canActivate: [organizationPermissionsGuard((org) => org.canAccessExport(false))],
data: { data: {
titleId: "exportVault", titleId: "exportVault",
}, },
@ -118,7 +94,8 @@ function getSettingsRoute(organization: Organization) {
if (organization.canManageDeviceApprovals) { if (organization.canManageDeviceApprovals) {
return "device-approvals"; return "device-approvals";
} }
return undefined;
return "/";
} }
@NgModule({ @NgModule({

3
apps/web/src/app/layouts/product-switcher/navigation-switcher/navigation-switcher.stories.ts
View File

@ -157,7 +157,6 @@ export const SMAvailable: Story = {
canManageUsers: false, canManageUsers: false,
canAccessSecretsManager: true, canAccessSecretsManager: true,
enabled: true, enabled: true,
canAccessExport: (_) => false,
}, },
] as Organization[], ] as Organization[],
mockProviders: [], mockProviders: [],
@ -173,7 +172,6 @@ export const SMAndACAvailable: Story = {
canManageUsers: true, canManageUsers: true,
canAccessSecretsManager: true, canAccessSecretsManager: true,
enabled: true, enabled: true,
canAccessExport: (_) => false,
}, },
] as Organization[], ] as Organization[],
mockProviders: [], mockProviders: [],
@ -189,7 +187,6 @@ export const WithAllOptions: Story = {
canManageUsers: true, canManageUsers: true,
canAccessSecretsManager: true, canAccessSecretsManager: true,
enabled: true, enabled: true,
canAccessExport: (_) => false,
}, },
] as Organization[], ] as Organization[],
mockProviders: [{ id: "provider-a" }] as Provider[], mockProviders: [{ id: "provider-a" }] as Provider[],

3
apps/web/src/app/layouts/product-switcher/product-switcher.stories.ts
View File

@ -176,7 +176,6 @@ export const WithSM: Story = {
canManageUsers: false, canManageUsers: false,
canAccessSecretsManager: true, canAccessSecretsManager: true,
enabled: true, enabled: true,
canAccessExport: (_) => false,
}, },
] as Organization[], ] as Organization[],
mockProviders: [], mockProviders: [],
@ -192,7 +191,6 @@ export const WithSMAndAC: Story = {
canManageUsers: true, canManageUsers: true,
canAccessSecretsManager: true, canAccessSecretsManager: true,
enabled: true, enabled: true,
canAccessExport: (_) => false,
}, },
] as Organization[], ] as Organization[],
mockProviders: [], mockProviders: [],
@ -208,7 +206,6 @@ export const WithAllOptions: Story = {
canManageUsers: true, canManageUsers: true,
canAccessSecretsManager: true, canAccessSecretsManager: true,
enabled: true, enabled: true,
canAccessExport: (_) => false,
}, },
] as Organization[], ] as Organization[],
mockProviders: [{ id: "provider-a" }] as Provider[], mockProviders: [{ id: "provider-a" }] as Provider[],

3
apps/web/src/app/layouts/product-switcher/shared/product-switcher.service.spec.ts
View File

@ -116,7 +116,6 @@ describe("ProductSwitcherService", () => {
id: "1234", id: "1234",
canAccessSecretsManager: true, canAccessSecretsManager: true,
enabled: true, enabled: true,
canAccessExport: (_) => true,
}, },
] as Organization[]); ] as Organization[]);
@ -232,14 +231,12 @@ describe("ProductSwitcherService", () => {
canAccessSecretsManager: true, canAccessSecretsManager: true,
enabled: true, enabled: true,
name: "Org 2", name: "Org 2",
canAccessExport: (_) => true,
}, },
{ {
id: "4243", id: "4243",
canAccessSecretsManager: true, canAccessSecretsManager: true,
enabled: true, enabled: true,
name: "Org 32", name: "Org 32",
canAccessExport: (_) => true,
}, },
] as Organization[]); ] as Organization[]);

2
libs/common/src/admin-console/abstractions/organization/organization.service.abstraction.ts
View File

@ -17,7 +17,7 @@ export function canAccessSettingsTab(org: Organization): boolean {
org.canManageSso || org.canManageSso ||
org.canManageScim || org.canManageScim ||
org.canAccessImport || org.canAccessImport ||
org.canAccessExport(false) || // Feature flag value doesn't matter here, providers will have access to this group anyway org.canAccessExport ||
org.canManageDeviceApprovals org.canManageDeviceApprovals
); );
} }

2
libs/common/src/admin-console/abstractions/organization/vnext.organization.service.ts
View File

@ -17,7 +17,7 @@ export function canAccessSettingsTab(org: Organization): boolean {
org.canManageSso || org.canManageSso ||
org.canManageScim || org.canManageScim ||
org.canAccessImport || org.canAccessImport ||
org.canAccessExport(false) || // Feature flag value doesn't matter here, providers will have access to this group anyway org.canAccessExport ||
org.canManageDeviceApprovals org.canManageDeviceApprovals
); );
} }

6
libs/common/src/admin-console/models/domain/organization.ts
View File

@ -182,11 +182,7 @@ export class Organization {
); );
} }
canAccessExport(removeProviderExport: boolean) { get canAccessExport() {
if (!removeProviderExport && this.isProviderUser) {
return true;
}
return ( return (
this.isMember && this.isMember &&
(this.type === OrganizationUserType.Owner || (this.type === OrganizationUserType.Owner ||

2
libs/common/src/enums/feature-flag.enum.ts
View File

@ -44,7 +44,6 @@ export enum FeatureFlag {
NewDeviceVerificationPermanentDismiss = "new-device-permanent-dismiss", NewDeviceVerificationPermanentDismiss = "new-device-permanent-dismiss",
DisableFreeFamiliesSponsorship = "PM-12274-disable-free-families-sponsorship", DisableFreeFamiliesSponsorship = "PM-12274-disable-free-families-sponsorship",
MacOsNativeCredentialSync = "macos-native-credential-sync", MacOsNativeCredentialSync = "macos-native-credential-sync",
PM11360RemoveProviderExportPermission = "pm-11360-remove-provider-export-permission",
PM12443RemovePagingLogic = "pm-12443-remove-paging-logic", PM12443RemovePagingLogic = "pm-12443-remove-paging-logic",
PrivateKeyRegeneration = "pm-12241-private-key-regeneration", PrivateKeyRegeneration = "pm-12241-private-key-regeneration",
ResellerManagedOrgAlert = "PM-15814-alert-owners-of-reseller-managed-orgs", ResellerManagedOrgAlert = "PM-15814-alert-owners-of-reseller-managed-orgs",
@ -102,7 +101,6 @@ export const DefaultFeatureFlagValue = {
[FeatureFlag.NewDeviceVerificationPermanentDismiss]: FALSE, [FeatureFlag.NewDeviceVerificationPermanentDismiss]: FALSE,
[FeatureFlag.DisableFreeFamiliesSponsorship]: FALSE, [FeatureFlag.DisableFreeFamiliesSponsorship]: FALSE,
[FeatureFlag.MacOsNativeCredentialSync]: FALSE, [FeatureFlag.MacOsNativeCredentialSync]: FALSE,
[FeatureFlag.PM11360RemoveProviderExportPermission]: FALSE,
[FeatureFlag.PM12443RemovePagingLogic]: FALSE, [FeatureFlag.PM12443RemovePagingLogic]: FALSE,
[FeatureFlag.PrivateKeyRegeneration]: FALSE, [FeatureFlag.PrivateKeyRegeneration]: FALSE,
[FeatureFlag.ResellerManagedOrgAlert]: FALSE, [FeatureFlag.ResellerManagedOrgAlert]: FALSE,