[PM-11199] added permission labels to ciphers in AC (#11210)

* added permission labels to ciphers in AC
bitwarden · Oct 22, 2024 · 023abe2 · 023abe2
1 parent 4a30782
commit 023abe2
Show file tree

Hide file tree

Showing 3 changed files with 57 additions and 2 deletions.
diff --git a/apps/web/src/app/vault/components/vault-items/vault-cipher-row.component.html b/apps/web/src/app/vault/components/vault-items/vault-cipher-row.component.html
@@ -69,7 +69,11 @@
   ></app-collection-badge>
 </td>
 <td bitCell [ngClass]="RowHeightClass" *ngIf="showGroups"></td>
-<td bitCell [ngClass]="RowHeightClass" *ngIf="viewingOrgVault"></td>
+<td bitCell [ngClass]="RowHeightClass" *ngIf="viewingOrgVault">
+  <p class="tw-mb-0 tw-text-muted">
+    {{ permissionText }}
+  </p>
+</td>
 <td bitCell [ngClass]="RowHeightClass" class="tw-text-right">
   <button
     [disabled]="disabled || disableMenu"

diff --git a/apps/web/src/app/vault/components/vault-items/vault-cipher-row.component.ts b/apps/web/src/app/vault/components/vault-items/vault-cipher-row.component.ts
@@ -5,9 +5,14 @@ import { CollectionView } from "@bitwarden/admin-console/common";
 import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
 import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
 import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service";
+import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
 import { CipherType } from "@bitwarden/common/vault/enums";
 import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
 
+import {
+  convertToPermission,
+  getPermissionList,
+} from "./../../../admin-console/organizations/shared/components/access-selector/access-selector.models";
 import { VaultItemEvent } from "./vault-item-event";
 import { RowHeightClass } from "./vault-items.component";
 
@@ -43,9 +48,20 @@ export class VaultCipherRowComponent implements OnInit {
   @Output() checkedToggled = new EventEmitter<void>();
 
   protected CipherType = CipherType;
+  private permissionList = getPermissionList();
+  private permissionPriority = [
+    "canManage",
+    "canEdit",
+    "canEditExceptPass",
+    "canView",
+    "canViewExceptPass",
+  ];
   protected organization?: Organization;
 
-  constructor(private configService: ConfigService) {}
+  constructor(
+    private configService: ConfigService,
+    private i18nService: I18nService,
+  ) {}
 
   /**
    * Lifecycle hook for component initialization.
@@ -91,6 +107,40 @@ export class VaultCipherRowComponent implements OnInit {
     return this.cipher.type === this.CipherType.Login && !this.cipher.isDeleted;
   }
 
+  protected get permissionText() {
+    if (!this.cipher.organizationId || this.cipher.collectionIds.length === 0) {
+      return this.i18nService.t("canManage");
+    }
+
+    const filteredCollections = this.collections.filter((collection) => {
+      if (collection.assigned) {
+        return this.cipher.collectionIds.find((id) => {
+          if (collection.id === id) {
+            return collection;
+          }
+        });
+      }
+    });
+
+    if (filteredCollections?.length === 1) {
+      return this.i18nService.t(
+        this.permissionList.find((p) => p.perm === convertToPermission(filteredCollections[0]))
+          ?.labelId,
+      );
+    }
+
+    if (filteredCollections?.length > 1) {
+      const labels = filteredCollections.map((collection) => {
+        return this.permissionList.find((p) => p.perm === convertToPermission(collection))?.labelId;
+      });
+
+      const highestPerm = this.permissionPriority.find((perm) => labels.includes(perm));
+      return this.i18nService.t(highestPerm);
+    }
+
+    return this.i18nService.t("noAccess");
+  }
+
   protected get showCopyPassword(): boolean {
     return this.isNotDeletedLoginCipher && this.cipher.viewPassword;
   }

diff --git a/apps/web/src/app/vault/org-vault/vault.component.ts b/apps/web/src/app/vault/org-vault/vault.component.ts
@@ -347,6 +347,7 @@ export class VaultComponent implements OnInit, OnDestroy {
         // If the user can edit all ciphers for the organization then fetch them ALL.
         if (organization.canEditAllCiphers) {
           ciphers = await this.cipherService.getAllFromApiForOrganization(organization.id);
+          ciphers?.forEach((c) => (c.edit = true));
         } else {
           // Otherwise, only fetch ciphers they have access to (includes unassigned for admins).
           ciphers = await this.cipherService.getManyFromApiForOrganization(organization.id);