Skip to content
This repository was archived by the owner on Mar 15, 2024. It is now read-only.

[End User Vault Refresh] Organizations - updated nav and route permissions #1551

Merged
merged 74 commits into from
Mar 24, 2022
Merged

[End User Vault Refresh] Organizations - updated nav and route permissions #1551

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
74 commits
Select commit Hold shift + click to select a range
4a4e60c
Handle navigation to Org layout without org id
eliykat Mar 7, 2022
dd36820
Add top level Organization navigation
eliykat Mar 7, 2022
7311a30
Limit access to admins only
eliykat Mar 8, 2022
0bc8a40
Move org picker to own component
eliykat Mar 8, 2022
f140440
WIP organization picker
eliykat Mar 8, 2022
d1717a1
Undo change to debug setting
eliykat Mar 8, 2022
62581a7
Always show org tabs
eliykat Mar 8, 2022
ac54947
Fix logic for accessing org admin view
eliykat Mar 8, 2022
bb96bdf
Don't change chevron based on menu state
eliykat Mar 8, 2022
c8cbdfd
Update org vault if org changes
eliykat Mar 8, 2022
77d3fde
Reset active filter when org changes
eliykat Mar 8, 2022
0e59aca
Add styling
eliykat Mar 8, 2022
18bd003
Fix styling
eliykat Mar 8, 2022
32c7ba0
Fix flickering when changing org
eliykat Mar 8, 2022
8bfa2b1
Properly reset groupings component
eliykat Mar 8, 2022
6bc1c5a
Move info banner outside of button
eliykat Mar 9, 2022
e41fdaf
Update jslib from feature branch
eliykat Mar 9, 2022
d6ffa41
Merge branch 'Feature/EndUserVaultRefresh' into feat/refresh/orgs
eliykat Mar 9, 2022
19ed413
Merge branch 'Feature/EndUserVaultRefresh' into feat/refresh/orgs
eliykat Mar 9, 2022
1bb97dc
Update jslib from Feature/EndUserVaultRefresh
eliykat Mar 9, 2022
b5a42b8
Use input in picker instead of route params
eliykat Mar 16, 2022
4ebb144
Move default org selection logic from guard to layout component
eliykat Mar 16, 2022
b04b6cd
Merge branch 'Feature/EndUserVaultRefresh' into feat/refresh/orgs
eliykat Mar 16, 2022
1cb4d93
Centralize route permission handling
eliykat Mar 16, 2022
c3b52c8
Simplify logic
eliykat Mar 16, 2022
2faa177
WIP Angular CDK Overlay for picker
eliykat Mar 16, 2022
386d0b9
Remove org picker changes for separate PR
eliykat Mar 16, 2022
3275039
Remove org picker changes for separate PR
eliykat Mar 16, 2022
341bd1f
Move default org selection logic from guard to layout component
eliykat Mar 16, 2022
91dcabc
Fix rebase
eliykat Mar 16, 2022
2342d8b
Fix rebase
eliykat Mar 16, 2022
ee23f10
Simplify logic
eliykat Mar 16, 2022
9e979df
Revert to using route guards, refactor
eliykat Mar 16, 2022
1e13109
Rename route guards
eliykat Mar 16, 2022
ddc9200
Update bitwarden_license routing
eliykat Mar 16, 2022
ef0a887
Removing old changes
eliykat Mar 17, 2022
0a574e1
Restore disabled warning
eliykat Mar 17, 2022
43e31b5
Simplify logic
eliykat Mar 17, 2022
c58a63c
Create separate organization routing module
eliykat Mar 18, 2022
30f5770
Update jslib from feature branch
eliykat Mar 18, 2022
38828a9
Merge branch 'Feature/EndUserVaultRefresh' into feat/refresh/orgs
eliykat Mar 18, 2022
994ca98
Action review feedback
eliykat Mar 20, 2022
8ffdbe8
Remove aliasing
eliykat Mar 20, 2022
93eabe9
Use BaseGuardService
eliykat Mar 20, 2022
4c75fbc
Rename guard and add comment
eliykat Mar 20, 2022
0870b50
Update filename
eliykat Mar 20, 2022
2b4b3a4
Update naming
eliykat Mar 20, 2022
9cd3113
Extract permissions handling to PermissionsService
eliykat Mar 21, 2022
73a5a0b
Update naming
eliykat Mar 21, 2022
85050e1
Update naming
eliykat Mar 21, 2022
cc4de91
Remove unused import
eliykat Mar 21, 2022
23a40d5
Merge branch 'Feature/EndUserVaultRefresh' into feat/refresh/orgs
eliykat Mar 21, 2022
f179896
Update imports for latest jslib
eliykat Mar 21, 2022
338b101
Update routing guard naming convention
eliykat Mar 21, 2022
31b0fb4
Style fixes
eliykat Mar 22, 2022
d6c181c
Define Angular CLI globals to support tree shaking (#1541)
Hinton Mar 22, 2022
62b1713
Fix constructor parameter
eliykat Mar 22, 2022
458097e
Fix constructor parameter
eliykat Mar 22, 2022
3ca046e
Simplify template
eliykat Mar 22, 2022
a1fdd1a
Remove redirect route guard
eliykat Mar 22, 2022
b605e10
Tweak routing config
eliykat Mar 22, 2022
06e8dfa
Revert "Tweak routing config"
eliykat Mar 23, 2022
e21622f
Restore order of ngModule imports
eliykat Mar 23, 2022
0cb61b8
Use new permissions service in bitwarden_license
eliykat Mar 23, 2022
575847f
Update configurations for self-hosted (#1558)
MGibson1 Mar 23, 2022
2c43249
Restore order of ngModule imports (#1560)
eliykat Mar 23, 2022
00975e6
Use the new KDF constants (#1559)
Hinton Mar 24, 2022
0884e2d
Bump node-forge (#1562)
Hinton Mar 24, 2022
7f49c7b
Merge branch 'master' into feat/refresh/orgs
eliykat Mar 24, 2022
d9b1c6b
Revert "Merge branch 'master' into feat/refresh/orgs"
eliykat Mar 24, 2022
877c673
Revert "Revert "Merge branch 'master' into feat/refresh/orgs""
eliykat Mar 24, 2022
5632469
Revert "Merge branch 'master' into feat/refresh/orgs"
eliykat Mar 24, 2022
d21bbba
Merge branch 'Feature/EndUserVaultRefresh' into feat/refresh/orgs
eliykat Mar 24, 2022
00a98f5
Fix order of navbar items
eliykat Mar 24, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 6 additions & 6 deletions bitwarden_license/src/app/app.module.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,17 +19,17 @@ import { MaximumVaultTimeoutPolicyComponent } from "./policies/maximum-vault-tim

@NgModule({
imports: [
AppRoutingModule,
JslibModule,
BrowserAnimationsModule,
DragDropModule,
FormsModule,
ReactiveFormsModule,
ServicesModule,
InfiniteScrollModule,
JslibModule,
OrganizationsModule,
DragDropModule,
AppRoutingModule,
OssRoutingModule,
ReactiveFormsModule,
OrganizationsModule, // Must be after OssRoutingModule for competing routes to resolve properly
RouterModule,
ServicesModule,
WildcardRoutingModule, // Needs to be last to catch all non-existing routes
],
declarations: [
Expand Down
21 changes: 6 additions & 15 deletions bitwarden_license/src/app/organizations/organizations-routing.module.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,35 +4,26 @@ import { RouterModule, Routes } from "@angular/router";
import { AuthGuard } from "jslib-angular/guards/auth.guard";
import { Permissions } from "jslib-common/enums/permissions";

import { OrganizationLayoutComponent } from "src/app/layouts/organization-layout.component";
import { PermissionsGuard } from "src/app/organizations/guards/permissions.guard";
import { OrganizationLayoutComponent } from "src/app/organizations/layouts/organization-layout.component";
import { ManageComponent } from "src/app/organizations/manage/manage.component";
import { OrganizationGuardService } from "src/app/services/organization-guard.service";
import { OrganizationTypeGuardService } from "src/app/services/organization-type-guard.service";
import { NavigationPermissionsService } from "src/app/organizations/services/navigation-permissions.service";

import { SsoComponent } from "./manage/sso.component";

const routes: Routes = [
{
path: "organizations/:organizationId",
component: OrganizationLayoutComponent,
canActivate: [AuthGuard, OrganizationGuardService],
canActivate: [AuthGuard, PermissionsGuard],
children: [
{
path: "manage",
component: ManageComponent,
canActivate: [OrganizationTypeGuardService],
canActivate: [PermissionsGuard],
data: {
permissions: [
Permissions.CreateNewCollections,
Permissions.EditAnyCollection,
Permissions.DeleteAnyCollection,
Permissions.EditAssignedCollections,
Permissions.DeleteAssignedCollections,
Permissions.AccessEventLogs,
Permissions.ManageGroups,
Permissions.ManageUsers,
Permissions.ManagePolicies,
Permissions.ManageSso,
NavigationPermissionsService.getPermissions("manage").concat(Permissions.ManageSso),
],
},
children: [
Expand Down
2 changes: 1 addition & 1 deletion ...s/services/provider-type-guard.service.ts → ...p/providers/guards/provider-type.guard.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ import { ProviderService } from "jslib-common/abstractions/provider.service";
import { Permissions } from "jslib-common/enums/permissions";

@Injectable()
export class ProviderTypeGuardService implements CanActivate {
export class PermissionsGuard implements CanActivate {
constructor(private providerService: ProviderService, private router: Router) {}

async canActivate(route: ActivatedRouteSnapshot) {
Expand Down
2 changes: 1 addition & 1 deletion ...viders/services/provider-guard.service.ts → ...rc/app/providers/guards/provider.guard.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ import { PlatformUtilsService } from "jslib-common/abstractions/platformUtils.se
import { ProviderService } from "jslib-common/abstractions/provider.service";

@Injectable()
export class ProviderGuardService implements CanActivate {
export class ProviderGuard implements CanActivate {
constructor(
private router: Router,
private platformUtilsService: PlatformUtilsService,
Expand Down
12 changes: 6 additions & 6 deletions bitwarden_license/src/app/providers/providers-routing.module.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,13 @@ import { ProvidersComponent } from "src/app/providers/providers.component";

import { ClientsComponent } from "./clients/clients.component";
import { CreateOrganizationComponent } from "./clients/create-organization.component";
import { PermissionsGuard } from "./guards/provider-type.guard";
import { ProviderGuard } from "./guards/provider.guard";
import { AcceptProviderComponent } from "./manage/accept-provider.component";
import { EventsComponent } from "./manage/events.component";
import { ManageComponent } from "./manage/manage.component";
import { PeopleComponent } from "./manage/people.component";
import { ProvidersLayoutComponent } from "./providers-layout.component";
import { ProviderGuardService } from "./services/provider-guard.service";
import { ProviderTypeGuardService } from "./services/provider-type-guard.service";
import { AccountComponent } from "./settings/account.component";
import { SettingsComponent } from "./settings/settings.component";
import { SetupProviderComponent } from "./setup/setup-provider.component";
Expand Down Expand Up @@ -54,7 +54,7 @@ const routes: Routes = [
{
path: ":providerId",
component: ProvidersLayoutComponent,
canActivate: [ProviderGuardService],
canActivate: [ProviderGuard],
children: [
{ path: "", pathMatch: "full", redirectTo: "clients" },
{ path: "clients/create", component: CreateOrganizationComponent },
Expand All @@ -71,7 +71,7 @@ const routes: Routes = [
{
path: "people",
component: PeopleComponent,
canActivate: [ProviderTypeGuardService],
canActivate: [PermissionsGuard],
data: {
titleId: "people",
permissions: [Permissions.ManageUsers],
Expand All @@ -80,7 +80,7 @@ const routes: Routes = [
{
path: "events",
component: EventsComponent,
canActivate: [ProviderTypeGuardService],
canActivate: [PermissionsGuard],
data: {
titleId: "eventLogs",
permissions: [Permissions.AccessEventLogs],
Expand All @@ -100,7 +100,7 @@ const routes: Routes = [
{
path: "account",
component: AccountComponent,
canActivate: [ProviderTypeGuardService],
canActivate: [PermissionsGuard],
data: {
titleId: "myProvider",
permissions: [Permissions.ManageProvider],
Expand Down
6 changes: 3 additions & 3 deletions bitwarden_license/src/app/providers/providers.module.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ import { OssModule } from "src/app/oss.module";
import { AddOrganizationComponent } from "./clients/add-organization.component";
import { ClientsComponent } from "./clients/clients.component";
import { CreateOrganizationComponent } from "./clients/create-organization.component";
import { PermissionsGuard } from "./guards/provider-type.guard";
import { ProviderGuard } from "./guards/provider.guard";
import { AcceptProviderComponent } from "./manage/accept-provider.component";
import { BulkConfirmComponent } from "./manage/bulk/bulk-confirm.component";
import { BulkRemoveComponent } from "./manage/bulk/bulk-remove.component";
Expand All @@ -19,8 +21,6 @@ import { PeopleComponent } from "./manage/people.component";
import { UserAddEditComponent } from "./manage/user-add-edit.component";
import { ProvidersLayoutComponent } from "./providers-layout.component";
import { ProvidersRoutingModule } from "./providers-routing.module";
import { ProviderGuardService } from "./services/provider-guard.service";
import { ProviderTypeGuardService } from "./services/provider-type-guard.service";
import { WebProviderService } from "./services/webProvider.service";
import { AccountComponent } from "./settings/account.component";
import { SettingsComponent } from "./settings/settings.component";
Expand All @@ -46,7 +46,7 @@ import { SetupComponent } from "./setup/setup.component";
SetupProviderComponent,
UserAddEditComponent,
],
providers: [WebProviderService, ProviderGuardService, ProviderTypeGuardService],
providers: [WebProviderService, ProviderGuard, PermissionsGuard],
})
export class ProvidersModule {
constructor(modalService: ModalService, componentFactoryResolver: ComponentFactoryResolver) {
Expand Down
5 changes: 5 additions & 0 deletions src/app/layouts/navbar.component.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,11 @@
<li class="nav-item" routerLinkActive="active">
<a class="nav-link" routerLink="/reports">{{ "reports" | i18n }}</a>
</li>
<li *ngIf="organizations.length >= 1" class="nav-item" routerLinkActive="active">
<a class="nav-link" [routerLink]="['/organizations', organizations[0].id]">{{
"organizations" | i18n
}}</a>
Comment on lines +31 to +33
Copy link
Member

@Hinton Hinton Mar 24, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't we need a link to organizations as well if they have more than 1?

Copy link
Member Author

@eliykat eliykat Mar 24, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's what the organization picker is for (still WIP). This link only needs to send them to the first org in their list, then they user the picker from that page to change orgs if they need to.

</li>
</ul>
</div>
<ul class="navbar-nav flex-row ml-md-auto d-none d-md-flex">
Expand Down
18 changes: 16 additions & 2 deletions src/app/layouts/navbar.component.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,18 @@
import { Component, OnInit } from "@angular/core";

import { I18nService } from "jslib-common/abstractions/i18n.service";
import { MessagingService } from "jslib-common/abstractions/messaging.service";
import { OrganizationService } from "jslib-common/abstractions/organization.service";
import { PlatformUtilsService } from "jslib-common/abstractions/platformUtils.service";
import { ProviderService } from "jslib-common/abstractions/provider.service";
import { SyncService } from "jslib-common/abstractions/sync.service";
import { TokenService } from "jslib-common/abstractions/token.service";
import { Utils } from "jslib-common/misc/utils";
import { Organization } from "jslib-common/models/domain/organization";
import { Provider } from "jslib-common/models/domain/provider";

import { NavigationPermissionsService as OrgNavigationPermissionsService } from "../organizations/services/navigation-permissions.service";

@Component({
selector: "app-navbar",
templateUrl: "navbar.component.html",
Expand All @@ -16,13 +22,16 @@ export class NavbarComponent implements OnInit {
name: string;
email: string;
providers: Provider[] = [];
organizations: Organization[] = [];

constructor(
private messagingService: MessagingService,
private platformUtilsService: PlatformUtilsService,
private tokenService: TokenService,
private providerService: ProviderService,
private syncService: SyncService
private syncService: SyncService,
private organizationService: OrganizationService,
private i18nService: I18nService
) {
this.selfHosted = this.platformUtilsService.isSelfHost();
}
Expand All @@ -34,11 +43,16 @@ export class NavbarComponent implements OnInit {
this.name = this.email;
}

// Ensure provides are loaded
// Ensure providers and organizations are loaded
if ((await this.syncService.getLastSync()) == null) {
await this.syncService.fullSync(false);
}
this.providers = await this.providerService.getAll();

const allOrgs = await this.organizationService.getAll();
this.organizations = allOrgs
.filter((org) => OrgNavigationPermissionsService.canAccessAdmin(org))
.sort(Utils.getSortFunction(this.i18nService, "name"));
}

lock() {
Expand Down
27 changes: 18 additions & 9 deletions ...pp/services/organization-guard.service.ts → ...organizations/guards/permissions.guard.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,33 +1,42 @@
import { Injectable } from "@angular/core";
import { ActivatedRouteSnapshot, CanActivate, Router } from "@angular/router";

import { BaseGuard } from "jslib-angular/guards/base.guard";
import { I18nService } from "jslib-common/abstractions/i18n.service";
import { OrganizationService } from "jslib-common/abstractions/organization.service";
import { PlatformUtilsService } from "jslib-common/abstractions/platformUtils.service";
import { Permissions } from "jslib-common/enums/permissions";

@Injectable()
export class OrganizationGuardService implements CanActivate {
export class PermissionsGuard extends BaseGuard implements CanActivate {
constructor(
private router: Router,
router: Router,
private organizationService: OrganizationService,
private platformUtilsService: PlatformUtilsService,
private i18nService: I18nService,
private organizationService: OrganizationService
) {}
private i18nService: I18nService
) {
super(router);
}

async canActivate(route: ActivatedRouteSnapshot) {
const org = await this.organizationService.get(route.params.organizationId);
if (org == null) {
this.router.navigate(["/"]);
return false;
return this.redirect();
}

if (!org.isOwner && !org.enabled) {
this.platformUtilsService.showToast(
"error",
null,
this.i18nService.t("organizationIsDisabled")
);
this.router.navigate(["/"]);
return false;
return this.redirect();
}

const permissions = route.data == null ? [] : (route.data.permissions as Permissions[]);
if (permissions != null && !org.hasAnyPermission(permissions)) {
this.platformUtilsService.showToast("error", null, this.i18nService.t("accessDenied"));
return this.redirect();
}

return true;
Expand Down
6 changes: 2 additions & 4 deletions ...ayouts/organization-layout.component.html → ...ayouts/organization-layout.component.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
<app-navbar></app-navbar>
<div class="org-nav" *ngIf="organization">
<div class="container d-flex">
<div class="d-flex flex-column">
Expand Down Expand Up @@ -27,7 +26,7 @@
</div>
</div>
</div>
<ul class="nav nav-tabs" *ngIf="showMenuBar">
<ul class="nav nav-tabs">
<li class="nav-item">
<a class="nav-link" routerLink="vault" routerLinkActive="active">
<i class="bwi bwi-lock" aria-hidden="true"></i>
Expand All @@ -46,7 +45,7 @@
{{ "tools" | i18n }}
</a>
</li>
<li class="nav-item" *ngIf="organization.isOwner">
<li class="nav-item" *ngIf="showSettingsTab">
<a class="nav-link" routerLink="settings" routerLinkActive="active">
<i class="bwi bwi-cogs" aria-hidden="true"></i>
{{ "settings" | i18n }}
Expand All @@ -57,4 +56,3 @@
</div>
</div>
<router-outlet></router-outlet>
<app-footer></app-footer>
23 changes: 9 additions & 14 deletions .../layouts/organization-layout.component.ts → .../layouts/organization-layout.component.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@ import { BroadcasterService } from "jslib-common/abstractions/broadcaster.servic
import { OrganizationService } from "jslib-common/abstractions/organization.service";
import { Organization } from "jslib-common/models/domain/organization";

import { NavigationPermissionsService } from "../services/navigation-permissions.service";

const BroadcasterSubscriptionId = "OrganizationLayoutComponent";

@Component({
Expand All @@ -25,7 +27,7 @@ export class OrganizationLayoutComponent implements OnInit, OnDestroy {

ngOnInit() {
document.body.classList.remove("layout_frontend");
this.route.params.subscribe(async (params) => {
this.route.params.subscribe(async (params: any) => {
this.organizationId = params.organizationId;
await this.load();
});
Expand All @@ -48,23 +50,16 @@ export class OrganizationLayoutComponent implements OnInit, OnDestroy {
this.organization = await this.organizationService.get(this.organizationId);
}

get showMenuBar() {
return this.showManageTab || this.showToolsTab || this.organization.isOwner;
}

get showManageTab(): boolean {
return (
this.organization.canManageUsers ||
this.organization.canViewAllCollections ||
this.organization.canViewAssignedCollections ||
this.organization.canManageGroups ||
this.organization.canManagePolicies ||
this.organization.canAccessEventLogs
);
return NavigationPermissionsService.canAccessManage(this.organization);
}

get showToolsTab(): boolean {
return this.organization.canAccessImportExport || this.organization.canAccessReports;
return NavigationPermissionsService.canAccessTools(this.organization);
}

get showSettingsTab(): boolean {
return NavigationPermissionsService.canAccessSettings(this.organization);
}

get toolsRoute(): string {
Expand Down
Loading