[SM-1293] Add the ability to fetch a secret's access policies (#9463)

* Update response models * Update view models * Update access policy service * update ap item types to use new models * add convertToSecretAccessPolicies * Add unit tests
bitwarden · Jun 7, 2024 · 7acc13c · 7acc13c
1 parent 769d67a
commit 7acc13c
Show file tree

Hide file tree

Showing 22 changed files with 896 additions and 404 deletions.
diff --git a/...license/bit-web/src/app/secrets-manager/models/view/access-policies/access-policy.view.ts b/...license/bit-web/src/app/secrets-manager/models/view/access-policies/access-policy.view.ts
@@ -1,44 +1,26 @@
-export class BaseAccessPolicyView {
-  id: string;
+class BaseAccessPolicyView {
   read: boolean;
   write: boolean;
-  creationDate: string;
-  revisionDate: string;
 }
 
-export class UserProjectAccessPolicyView extends BaseAccessPolicyView {
+export class UserAccessPolicyView extends BaseAccessPolicyView {
   organizationUserId: string;
   organizationUserName: string;
-  grantedProjectId: string;
-  userId: string;
   currentUser: boolean;
 }
 
-export class UserServiceAccountAccessPolicyView extends BaseAccessPolicyView {
-  organizationUserId: string;
-  organizationUserName: string;
-  grantedServiceAccountId: string;
-  userId: string;
-  currentUser: boolean;
-}
-
-export class GroupProjectAccessPolicyView extends BaseAccessPolicyView {
-  groupId: string;
-  groupName: string;
-  grantedProjectId: string;
-  currentUserInGroup: boolean;
-}
-
-export class GroupServiceAccountAccessPolicyView extends BaseAccessPolicyView {
+export class GroupAccessPolicyView extends BaseAccessPolicyView {
   groupId: string;
   groupName: string;
-  grantedServiceAccountId: string;
   currentUserInGroup: boolean;
 }
 
-export class ServiceAccountProjectAccessPolicyView extends BaseAccessPolicyView {
+export class ServiceAccountAccessPolicyView extends BaseAccessPolicyView {
   serviceAccountId: string;
   serviceAccountName: string;
+}
+
+export class GrantedProjectAccessPolicyView extends BaseAccessPolicyView {
   grantedProjectId: string;
   grantedProjectName: string;
 }
diff --git a/...rc/app/secrets-manager/models/view/access-policies/project-people-access-policies.view.ts b/...rc/app/secrets-manager/models/view/access-policies/project-people-access-policies.view.ts
@@ -1,6 +1,6 @@
-import { GroupProjectAccessPolicyView, UserProjectAccessPolicyView } from "./access-policy.view";
+import { GroupAccessPolicyView, UserAccessPolicyView } from "./access-policy.view";
 
 export class ProjectPeopleAccessPoliciesView {
-  userAccessPolicies: UserProjectAccessPolicyView[];
-  groupAccessPolicies: GroupProjectAccessPolicyView[];
+  userAccessPolicies: UserAccessPolicyView[];
+  groupAccessPolicies: GroupAccessPolicyView[];
 }
diff --git a/...rets-manager/models/view/access-policies/project-service-accounts-access-policies.view.ts b/...rets-manager/models/view/access-policies/project-service-accounts-access-policies.view.ts
@@ -1,5 +1,5 @@
-import { ServiceAccountProjectAccessPolicyView } from "./access-policy.view";
+import { ServiceAccountAccessPolicyView } from "./access-policy.view";
 
 export class ProjectServiceAccountsAccessPoliciesView {
-  serviceAccountAccessPolicies: ServiceAccountProjectAccessPolicyView[];
+  serviceAccountAccessPolicies: ServiceAccountAccessPolicyView[];
 }
diff --git a/...it-web/src/app/secrets-manager/models/view/access-policies/secret-access-policies.view.ts b/...it-web/src/app/secrets-manager/models/view/access-policies/secret-access-policies.view.ts
@@ -0,0 +1,11 @@
+import {
+  GroupAccessPolicyView,
+  UserAccessPolicyView,
+  ServiceAccountAccessPolicyView,
+} from "./access-policy.view";
+
+export class SecretAccessPoliciesView {
+  userAccessPolicies: UserAccessPolicyView[];
+  groupAccessPolicies: GroupAccessPolicyView[];
+  serviceAccountAccessPolicies: ServiceAccountAccessPolicyView[];
+}
diff --git a/.../app/secrets-manager/models/view/access-policies/service-account-granted-policies.view.ts b/.../app/secrets-manager/models/view/access-policies/service-account-granted-policies.view.ts
@@ -1,10 +1,10 @@
-import { ServiceAccountProjectAccessPolicyView } from "./access-policy.view";
+import { GrantedProjectAccessPolicyView } from "./access-policy.view";
 
 export class ServiceAccountGrantedPoliciesView {
-  grantedProjectPolicies: ServiceAccountProjectPolicyPermissionDetailsView[];
+  grantedProjectPolicies: GrantedProjectPolicyPermissionDetailsView[];
 }
 
-export class ServiceAccountProjectPolicyPermissionDetailsView {
-  accessPolicy: ServiceAccountProjectAccessPolicyView;
+export class GrantedProjectPolicyPermissionDetailsView {
+  accessPolicy: GrantedProjectAccessPolicyView;
   hasPermission: boolean;
 }
diff --git a/...ecrets-manager/models/view/access-policies/service-account-people-access-policies.view.ts b/...ecrets-manager/models/view/access-policies/service-account-people-access-policies.view.ts
@@ -1,9 +1,6 @@
-import {
-  GroupServiceAccountAccessPolicyView,
-  UserServiceAccountAccessPolicyView,
-} from "./access-policy.view";
+import { GroupAccessPolicyView, UserAccessPolicyView } from "./access-policy.view";
 
 export class ServiceAccountPeopleAccessPoliciesView {
-  userAccessPolicies: UserServiceAccountAccessPolicyView[];
-  groupAccessPolicies: GroupServiceAccountAccessPolicyView[];
+  userAccessPolicies: UserAccessPolicyView[];
+  groupAccessPolicies: GroupAccessPolicyView[];
 }
diff --git a/...rden_license/bit-web/src/app/secrets-manager/projects/project/project-people.component.ts b/...rden_license/bit-web/src/app/secrets-manager/projects/project/project-people.component.ts
@@ -12,7 +12,7 @@ import { DialogService } from "@bitwarden/components";
 import { AccessPolicySelectorService } from "../../shared/access-policies/access-policy-selector/access-policy-selector.service";
 import {
   ApItemValueType,
-  convertToProjectPeopleAccessPoliciesView,
+  convertToPeopleAccessPoliciesView,
 } from "../../shared/access-policies/access-policy-selector/models/ap-item-value.type";
 import {
   ApItemViewType,
@@ -119,10 +119,7 @@ export class ProjectPeopleComponent implements OnInit, OnDestroy {
     }
 
     try {
-      const projectPeopleView = convertToProjectPeopleAccessPoliciesView(
-        this.projectId,
-        formValues,
-      );
+      const projectPeopleView = convertToPeopleAccessPoliciesView(formValues);
       const peoplePoliciesViews = await this.accessPolicyService.putProjectPeopleAccessPolicies(
         this.projectId,
         projectPeopleView,

diff --git a/...se/bit-web/src/app/secrets-manager/projects/project/project-service-accounts.component.ts b/...se/bit-web/src/app/secrets-manager/projects/project/project-service-accounts.component.ts
@@ -144,7 +144,7 @@ export class ProjectServiceAccountsComponent implements OnInit, OnDestroy {
     projectId: string,
     selectedPolicies: ApItemValueType[],
   ): Promise<ProjectServiceAccountsAccessPoliciesView> {
-    const view = convertToProjectServiceAccountsAccessPoliciesView(projectId, selectedPolicies);
+    const view = convertToProjectServiceAccountsAccessPoliciesView(selectedPolicies);
     return await this.accessPolicyService.putProjectServiceAccountsAccessPolicies(
       organizationId,
       projectId,

diff --git a/...t-web/src/app/secrets-manager/service-accounts/people/service-account-people.component.ts b/...t-web/src/app/secrets-manager/service-accounts/people/service-account-people.component.ts
@@ -11,7 +11,7 @@ import { DialogService } from "@bitwarden/components";
 import { AccessPolicySelectorService } from "../../shared/access-policies/access-policy-selector/access-policy-selector.service";
 import {
   ApItemValueType,
-  convertToServiceAccountPeopleAccessPoliciesView,
+  convertToPeopleAccessPoliciesView,
 } from "../../shared/access-policies/access-policy-selector/models/ap-item-value.type";
 import {
   ApItemViewType,
@@ -180,10 +180,7 @@ export class ServiceAccountPeopleComponent implements OnInit, OnDestroy {
     serviceAccountId: string,
     selectedPolicies: ApItemValueType[],
   ) {
-    const serviceAccountPeopleView = convertToServiceAccountPeopleAccessPoliciesView(
-      serviceAccountId,
-      selectedPolicies,
-    );
+    const serviceAccountPeopleView = convertToPeopleAccessPoliciesView(selectedPolicies);
     return await this.accessPolicyService.putServiceAccountPeopleAccessPolicies(
       serviceAccountId,
       serviceAccountPeopleView,

diff --git a/...b/src/app/secrets-manager/service-accounts/projects/service-account-projects.component.ts b/...b/src/app/secrets-manager/service-accounts/projects/service-account-projects.component.ts
@@ -144,10 +144,7 @@ export class ServiceAccountProjectsComponent implements OnInit, OnDestroy {
     serviceAccountId: string,
     selectedPolicies: ApItemValueType[],
   ): Promise<ServiceAccountGrantedPoliciesView> {
-    const grantedViews = convertToServiceAccountGrantedPoliciesView(
-      serviceAccountId,
-      selectedPolicies,
-    );
+    const grantedViews = convertToServiceAccountGrantedPoliciesView(selectedPolicies);
     return await this.accessPolicyService.putServiceAccountGrantedPolicies(
       organizationId,
       serviceAccountId,