Implemented Custom role and permissions (#1189)

* Implemented Custom role and permissions * changed permissions to permissions model * added a semicolon
2024-09-26 03:42:57 +02:00 · 2021-01-13 14:31:27 -05:00 · 2021-01-13 14:31:27 -05:00 · cdc08e7e8a
commit cdc08e7e8a
parent ca7794e6f2
7 changed files with 35 additions and 2 deletions
--- a/src/Android/Autofill/AutofillService.cs
+++ b/src/Android/Autofill/AutofillService.cs
@ -102,7 +102,7 @@ namespace Bit.Droid.Autofill
                    if (policy.Enabled)
                    {
                        var org = await _userService.GetOrganizationAsync(policy.OrganizationId);
-                        if (org != null && org.Enabled && org.UsePolicies && !org.IsAdmin
+                        if (org != null && org.Enabled && org.UsePolicies && !org.canManagePolicies
                           && org.Status == OrganizationUserStatusType.Confirmed)
                        {
                            return;
--- a/src/App/Pages/Vault/AddEditPageViewModel.cs
+++ b/src/App/Pages/Vault/AddEditPageViewModel.cs
@ -298,7 +298,7 @@ namespace Bit.App.Pages
                if (org.Enabled && org.Status == OrganizationUserStatusType.Confirmed)
                {
                    OwnershipOptions.Add(new KeyValuePair<string, string>(org.Name, org.Id));
-                    if (policies != null && org.UsePolicies && !org.IsAdmin && AllowPersonal)
+                    if (policies != null && org.UsePolicies && !org.canManagePolicies && AllowPersonal)
                    {
                        foreach (var policy in policies)
                        {
--- a/src/Core/Enums/OrganizationUserType.cs
+++ b/src/Core/Enums/OrganizationUserType.cs
@ -6,5 +6,6 @@
        Admin = 1,
        User = 2,
        Manager = 3,
+        Custom = 4,
    }
 }
--- a/src/Core/Models/Data/OrganizationData.cs
+++ b/src/Core/Models/Data/OrganizationData.cs
@ -26,6 +26,7 @@ namespace Bit.Core.Models.Data
            Seats = response.Seats;
            MaxCollections = response.MaxCollections;
            MaxStorageGb = response.MaxStorageGb;
+            Permissions = response.Permissions;
        }

        public string Id { get; set; }
@ -45,5 +46,6 @@ namespace Bit.Core.Models.Data
        public int Seats { get; set; }
        public int MaxCollections { get; set; }
        public short? MaxStorageGb { get; set; }
+        public Permissions Permissions { get; set; }
    }
 }
--- a/src/Core/Models/Data/Permissions.cs
+++ b/src/Core/Models/Data/Permissions.cs
@ -0,0 +1,16 @@
+namespace Bit.Core.Models.Data 
+{
+    public class Permissions
+    {
+        public bool AccessBusinessPortal { get; set; }
+        public bool AccessEventLogs { get; set; }
+        public bool AccessImportExport { get; set; }
+        public bool AccessReports { get; set; }
+        public bool ManageAssignedCollections { get; set; }
+        public bool ManageAllCollections { get; set; }
+        public bool ManageGroups { get; set; }
+        public bool ManagePolicies { get; set; }
+        public bool ManageSso { get; set; }
+        public bool ManageUsers { get; set; }
+    }
+}
--- a/src/Core/Models/Domain/Organization.cs
+++ b/src/Core/Models/Domain/Organization.cs
@ -26,6 +26,7 @@ namespace Bit.Core.Models.Domain
            Seats = obj.Seats;
            MaxCollections = obj.MaxCollections;
            MaxStorageGb = obj.MaxStorageGb;
+            Permissions = obj.Permissions;
        }

        public string Id { get; set; }
@ -45,6 +46,7 @@ namespace Bit.Core.Models.Domain
        public int Seats { get; set; }
        public int MaxCollections { get; set; }
        public short? MaxStorageGb { get; set; }
+        public Permissions Permissions { get; set; }

        public bool CanAccess
        {
@ -76,5 +78,15 @@ namespace Bit.Core.Models.Domain

        public bool IsAdmin => Type == OrganizationUserType.Owner || Type == OrganizationUserType.Admin;
        public bool IsOwner => Type == OrganizationUserType.Owner;
+        public bool IsCustom => Type == OrganizationUserType.Custom;
+        public bool canAccessBusinessPortl => IsAdmin || Permissions.AccessBusinessPortal;
+        public bool canAccessEventLogs => IsAdmin || Permissions.AccessEventLogs;
+        public bool canAccessImportExport => IsAdmin || Permissions.AccessImportExport;
+        public bool canAccessReports => IsAdmin || Permissions.AccessReports;
+        public bool canManageAllCollections => IsAdmin || Permissions.ManageAllCollections;
+        public bool canManageAssignedCollections => IsManager || Permissions.ManageAssignedCollections;
+        public bool canManageGroups => IsAdmin || Permissions.ManageGroups;
+        public bool canManagePolicies => IsAdmin || Permissions.ManagePolicies;
+        public bool canManageUser => IsAdmin || Permissions.ManageUsers;
    }
 }
--- a/src/Core/Models/Response/ProfileOrganizationResponse.cs
+++ b/src/Core/Models/Response/ProfileOrganizationResponse.cs
@ -1,4 +1,5 @@
 using Bit.Core.Enums;
+using Bit.Core.Models.Data;

 namespace Bit.Core.Models.Response
 {
@ -22,5 +23,6 @@ namespace Bit.Core.Models.Response
        public OrganizationUserStatusType Status { get; set; }
        public OrganizationUserType Type { get; set; }
        public bool Enabled { get; set; }
+        public Permissions Permissions { get; set; }
    }
 }