From 23c1fd444339ec8f6b391a0ab5a9e0a51e9b0c75 Mon Sep 17 00:00:00 2001
From: Csaky <Tim.Csaky@gov.bc.ca>
Date: Mon, 10 Jun 2024 16:22:03 -0700
Subject: [PATCH 1/4] Minor changes to Invite component

---
 frontend/src/assets/variables.scss             |  2 +-
 frontend/src/components/common/Invite.vue      | 16 ++++++++--------
 frontend/src/components/common/ShareButton.vue |  1 -
 frontend/src/services/inviteService.ts         |  5 ++---
 frontend/src/utils/emailTemplates.ts           |  9 ++++-----
 5 files changed, 15 insertions(+), 18 deletions(-)

diff --git a/frontend/src/assets/variables.scss b/frontend/src/assets/variables.scss
index ce744318..11a25097 100644
--- a/frontend/src/assets/variables.scss
+++ b/frontend/src/assets/variables.scss
@@ -9,7 +9,7 @@
 // buttons, links
 $bcbox-primary: #036;
 $bcbox-link-text: #1a5a96;
-$bcbox-link-text-hover: #00f;
+$bcbox-link-text-hover: #2378c7;
 $bcbox-outline-on-primary: #fff;
 $bcbox-error: #d8292f;
 
diff --git a/frontend/src/components/common/Invite.vue b/frontend/src/components/common/Invite.vue
index 8a687f14..4156f39d 100644
--- a/frontend/src/components/common/Invite.vue
+++ b/frontend/src/components/common/Invite.vue
@@ -17,7 +17,6 @@ import type { Ref } from 'vue';
 
 // Types
 type Props = {
-  label: string;
   resourceType: string;
   resource: any;
 };
@@ -142,7 +141,7 @@ const onSubmit = handleSubmit(async (values: any) => {
 </script>
 
 <template>
-  <h3 class="mt-1 mb-2">{{ props.label }}</h3>
+  <h3 class="mt-1 mb-2">{{ props.resourceType === 'object' ? 'File invite' : 'Folder invite' }}</h3>
   <form @submit="onSubmit">
     <p class="mb-2">Make invite available for</p>
     <div class="flex flex-wrap gap-3 field">
@@ -167,7 +166,7 @@ const onSubmit = handleSubmit(async (values: any) => {
 
     <p class="mb-2">Access options</p>
     <div class="field">
-      <div class="flex flex-wrap gap-3">
+      <div class="flex flex-wrap gap-3 align-items-center">
         <div
           v-for="(name, value) in selectedOptions"
           :key="value"
@@ -237,7 +236,9 @@ const onSubmit = handleSubmit(async (values: any) => {
         name="email"
         type="text"
         placeholder="Enter email"
-        help-text="The Invite will be emailed to this person"
+        :help-text="`Enter an email address of person you are inviting to access this
+          ${props.resourceType === 'bucket' ? 'folder' : 'file'}. <br />
+          The email address must be associated with the account they use to sign in to BCBox.`"
         class="invite-email"
       />
     </div>
@@ -274,7 +275,8 @@ const onSubmit = handleSubmit(async (values: any) => {
           icon="fa fa-envelope"
           class="mr-2"
         />
-        Send invite link
+        <span v-if="values.emailType === 'single'">Send invite link</span>
+        <span v-else>Send invites</span>
       </Button>
       <Spinner
         v-if="inviteLoading"
@@ -285,13 +287,11 @@ const onSubmit = handleSubmit(async (values: any) => {
 </template>
 
 <style scoped lang="scss">
+div:has(.invite-email),
 .invite-email:deep(input) {
   width: 80%;
 }
 .multi-email {
   width: 100%;
 }
-.help {
-  line-height: 1.6rem;
-}
 </style>
diff --git a/frontend/src/components/common/ShareButton.vue b/frontend/src/components/common/ShareButton.vue
index 68b70a77..4005db1f 100644
--- a/frontend/src/components/common/ShareButton.vue
+++ b/frontend/src/components/common/ShareButton.vue
@@ -129,7 +129,6 @@ const displayShareDialog = ref(false);
         :disabled="!hasManagePermission"
       >
         <Invite
-          :label="`${resourceType === 'object' ? 'File' : 'Folder'} invite`"
           :resource-type="resourceType"
           :resource="resource"
         />
diff --git a/frontend/src/services/inviteService.ts b/frontend/src/services/inviteService.ts
index 7bb5bd3c..16f7f9bc 100644
--- a/frontend/src/services/inviteService.ts
+++ b/frontend/src/services/inviteService.ts
@@ -49,8 +49,7 @@ export default {
       })
     );
     // send invite email notifications
-    await this.emailInvites(resourceType, resource, currentUser, invites);
-    return invites;
+    return await this.emailInvites(resourceType, resource, currentUser, invites);
   },
 
   /**
@@ -94,7 +93,7 @@ export default {
       };
       return appAxios().post('email', emailData);
     } catch (err) {
-      return 'Failed to send Invite notification';
+      return Promise.reject(err);
     }
   },
 
diff --git a/frontend/src/utils/emailTemplates.ts b/frontend/src/utils/emailTemplates.ts
index 4dcfcf04..a515f494 100644
--- a/frontend/src/utils/emailTemplates.ts
+++ b/frontend/src/utils/emailTemplates.ts
@@ -5,7 +5,7 @@
  * @param {User | null} currentUser current user sending the invite
  * @returns {string} the template html
  */
-export function invite(resourceType: string, resourceName: string, currentUser: any): string{
+export function invite(resourceType: string, resourceName: string, currentUser: any): string {
   let html = '';
   // eslint-disable-next-line max-len
   const currentUserEmail = `<a href="mailto:${currentUser.email}" style="color: #1a5a96 !important">${currentUser.email}</a>`;
@@ -15,16 +15,15 @@ export function invite(resourceType: string, resourceName: string, currentUser:
     html += `<h2 style="color: #495057 !important;">${currentUserEmail} invited you to access a file on BCBox</h2>`;
     html += '<p style="color: #495057 !important;">';
     html += `Here's a link to access the file that ${currentUserEmail} shared with you:</p>`;
-  }
-  else if (resourceType === 'bucket') {
+  } else if (resourceType === 'bucket') {
     html += '<html"><br>';
     html += `<h2 style="color: #495057 !important;">${currentUserEmail} invited you to access a folder on BCBox</h2>\n`;
     html += '<p style="color: #495057 !important;">';
     html += `Here's a link to access the folder that ${currentUserEmail} shared with you:</p>`;
   }
-  html += '<p style="max-width: 400px !important; text-align: center !important;">';
+  html += '<p>';
   html += `<strong><a style="font-size: large; color: #1a5a96" href="${window.location.origin}/invite/{{token}}">`;
-  html += `${resourceName }</a></strong></p><br>`;
+  html += `${resourceName}</a></strong></p><br>`;
   html += `<small style="color: #495057 !important;">
             This invite will only work for you and people with existing access.
             If you do not recognize the sender, do not click on the link above.<br>

From 93afe87bb517de97e80018fa35690fda12f7cbfd Mon Sep 17 00:00:00 2001
From: Csaky <Tim.Csaky@gov.bc.ca>
Date: Mon, 10 Jun 2024 16:41:27 -0700
Subject: [PATCH 2/4] Bulk Invite: Add perms to existing users and build
 results

---
 frontend/src/components/common/Invite.vue | 95 ++++++++++++++++++-----
 frontend/src/utils/constants.ts           |  8 ++
 frontend/src/utils/formatters.ts          | 30 +++++++
 3 files changed, 112 insertions(+), 21 deletions(-)

diff --git a/frontend/src/components/common/Invite.vue b/frontend/src/components/common/Invite.vue
index 4156f39d..557aaf61 100644
--- a/frontend/src/components/common/Invite.vue
+++ b/frontend/src/components/common/Invite.vue
@@ -9,8 +9,9 @@ import TextInput from '@/components/form/TextInput.vue';
 import { Spinner } from '@/components/layout';
 
 import { Regex } from '@/utils/constants';
+import { toBulkResult } from '@/utils/formatters';
 
-import { inviteService } from '@/services';
+import { inviteService, permissionService, userService } from '@/services';
 import { useAuthStore } from '@/store';
 
 import type { Ref } from 'vue';
@@ -20,7 +21,6 @@ type Props = {
   resourceType: string;
   resource: any;
 };
-
 // Props
 const props = withDefaults(defineProps<Props>(), {});
 
@@ -29,12 +29,22 @@ const { getUser } = storeToRefs(useAuthStore());
 const toast = useToast();
 
 // State
-const inviteLoading: Ref<boolean> = ref(false);
+const loading: Ref<boolean> = ref(false);
 const permHelpLink: Ref<string> = computed(() => {
   return props.resourceType === 'bucket'
     ? 'https://github.com/bcgov/bcbox/wiki/My-Files#folder-permissions'
     : 'https://github.com/bcgov/bcbox/wiki/Files#file-permissions';
 });
+const resourceId: Ref<string> = computed(() =>
+  props.resourceType === 'object' ? props.resource.id : props.resource.bucketId
+);
+const results: Ref<Array<any>> = ref([
+  {
+    resourceType: props.resourceType,
+    resourceId: resourceId.value,
+    results: []
+  }
+]);
 
 const timeFrames: Record<string, number> = {
   '1 Hour': 3600,
@@ -111,32 +121,75 @@ const isDisabled = (optionValue: string) => {
 };
 // Invite form is submitted
 const onSubmit = handleSubmit(async (values: any) => {
-  inviteLoading.value = true;
+  loading.value = true;
   try {
-    // set expiry date
-    const expiresAt = Math.floor(Date.now() / 1000) + values.expiresAt;
-    // put email(s) into an array
+    // put email(s) into an array, delimit, de-dupe and remove empty
     let emailArray;
     if (values.emailType === 'single') emailArray = [values.email];
-    // for list of emails, delimit, de-dupe and remove empty
     else emailArray = [...new Set(values.multiEmail.split(/[\r\n ,;]+/).filter((item: string) => item))];
 
-    // TODO: add perms to users already in the system
-    // generate invites (for emails not already in the system)
-    await inviteService.createInvites(
-      props.resourceType,
-      props.resource,
-      getUser.value?.profile,
-      emailArray,
-      expiresAt,
-      values.permCodes
+    // for each email, if user exists in db then give permissions, otherwise send invite
+    let permData: Array<{ userId: string; permCode: string }> = [];
+    let newUsers: Array<string> = [];
+    const result = await Promise.all(
+      emailArray.map(async (email) => {
+        const user = (await userService.searchForUsers({ email: email })).data;
+        // if an exact match on one account
+        if (user.length > 0 && user[0].email === email) {
+          values.permCodes.forEach((pc: string) => {
+            permData.push({ userId: user[0].userId, permCode: pc });
+          });
+          return {
+            email: email,
+            userId: user[0].userId,
+            permissions: []
+          };
+        } else {
+          newUsers.push(email);
+          return {
+            email: email
+          };
+        }
+      })
     );
-    // TODO: output report (list of invites sent, CHES trx ID (?))
+    // add to results array
+    results.value[0].result = result;
+
+    // give permissions to users already in the system
+    if (permData.length > 0) {
+      const permResponse = await permissionService.bucketAddPermissions(props.resource.bucketId, permData);
+      permResponse.data.forEach((p: any) => {
+        const el = results.value[0].result.find((r: any) => r.userId === p.userId);
+        el.permissions.push({
+          createdAt: p.createdAt,
+          permCode: p.permCode
+        });
+      });
+    }
+
+    // generate invites (for emails not already in the system)
+    if (newUsers.length > 0) {
+      const expiresAt = Math.floor(Date.now() / 1000) + values.expiresAt;
+      const emailResponse = await inviteService.createInvites(
+        props.resourceType,
+        props.resource,
+        getUser.value?.profile,
+        newUsers,
+        expiresAt,
+        values.permCodes
+      );
+      // add to results
+      emailResponse.data.messages.forEach((msg: { msgId: string; to: Array<string> }) => {
+        results.value[0].result.find((r: any) => r.email === msg.to[0]).chesMsgId = msg.msgId;
+      });
+    }
+    results.value[0].result = toBulkResult(results.value[0].result);
+    // console.log('results', JSON.stringify(results.value));
     toast.success('', 'Invite notifications sent.', { life: 5000 });
   } catch (error: any) {
     toast.error('Creating Invite', error.response?.data.detail, { life: 0 });
   }
-  inviteLoading.value = false;
+  loading.value = false;
 });
 </script>
 
@@ -268,7 +321,7 @@ const onSubmit = handleSubmit(async (values: any) => {
     <div class="my-4 inline-flex">
       <Button
         class="p-button p-button-primary mr-3"
-        :disabled="inviteLoading"
+        :disabled="loading"
         type="submit"
       >
         <font-awesome-icon
@@ -279,7 +332,7 @@ const onSubmit = handleSubmit(async (values: any) => {
         <span v-else>Send invites</span>
       </Button>
       <Spinner
-        v-if="inviteLoading"
+        v-if="loading"
         class="h-2rem w-2rem"
       />
     </div>
diff --git a/frontend/src/utils/constants.ts b/frontend/src/utils/constants.ts
index dffd1b13..8d1ab0ad 100644
--- a/frontend/src/utils/constants.ts
+++ b/frontend/src/utils/constants.ts
@@ -22,6 +22,14 @@ export const Permissions = Object.freeze({
   MANAGE: 'MANAGE'
 });
 
+export const Permissionlabels = Object.freeze({
+  CREATE: 'Upload',
+  READ: 'Read',
+  UPDATE: 'Update',
+  DELETE: 'Delete',
+  MANAGE: 'manage'
+});
+
 export const Regex = Object.freeze({
   // https://emailregex.com/
   // HTML5 - Modified to require domain of at least 2 characters
diff --git a/frontend/src/utils/formatters.ts b/frontend/src/utils/formatters.ts
index ad06587a..157af3ec 100644
--- a/frontend/src/utils/formatters.ts
+++ b/frontend/src/utils/formatters.ts
@@ -1,4 +1,5 @@
 import { format, parseJSON } from 'date-fns';
+import { Permissionlabels } from '@/utils/constants';
 
 function _dateFnsFormat(value: string, formatter: string) {
   const formatted = '';
@@ -37,3 +38,32 @@ export function toKebabCase(str: string | null) {
   const strs = str && str.match(/[A-Z]{2,}(?=[A-Z][a-z]+[0-9]*|\b)|[A-Z]?[a-z]+[0-9]*|[A-Z]|[0-9]+/g);
   return strs ? strs.join('-').toLocaleLowerCase() : '';
 }
+
+/**
+ * @function toBulkResult
+ * transforms an array of invite/add/remove data into an array of human-readable descriptions
+ * @param {object[]} data results invite/add/remove
+ * @returns {object[]} an array of human-readable descriptions
+ */
+export function toBulkResult(
+  data: Array<{ email: string; chesMsgId: string; permissions: Array<{ permCode: string }> | undefined }>
+) {
+  const result = data.map((r) => {
+    let description = '';
+
+    if (r.chesMsgId) description = 'Success: Invite emailed';
+    else if (r.permissions && r.permissions.length > 0) {
+      const perms = r.permissions.map((p) => {
+        return Permissionlabels[p.permCode as keyof typeof Permissionlabels];
+      });
+      description = `Success: Permissions applied ( ${perms.join(' and ')})`;
+    } else if (r.permissions && r.permissions.length == 0) {
+      description = 'Success: Permissions already existed';
+    }
+    return new Object({
+      email: r.email,
+      description: description
+    });
+  });
+  return result;
+}

From 6a2da140a386c48d00b2dbadb44e76c7a1bab66a Mon Sep 17 00:00:00 2001
From: Csaky <Tim.Csaky@gov.bc.ca>
Date: Tue, 11 Jun 2024 16:19:51 -0700
Subject: [PATCH 3/4] Bulk add/remove permissions

---
 .../components/bucket/BucketPermission.vue    | 287 +++++++------
 .../src/components/common/BulkPermission.vue  | 396 ++++++++++++++++++
 frontend/src/components/common/Invite.vue     |  62 ++-
 frontend/src/components/common/index.ts       |   1 +
 .../components/object/ObjectPermission.vue    | 302 ++++++-------
 .../options/BucketDeletePermissionsOptions.ts |   2 +-
 frontend/src/utils/formatters.ts              |  23 +-
 frontend/src/views/HomeView.vue               |  14 +-
 .../bucket/BucketPermission.spec.ts           |   2 +-
 9 files changed, 761 insertions(+), 328 deletions(-)
 create mode 100644 frontend/src/components/common/BulkPermission.vue

diff --git a/frontend/src/components/bucket/BucketPermission.vue b/frontend/src/components/bucket/BucketPermission.vue
index 903cf100..da760e70 100644
--- a/frontend/src/components/bucket/BucketPermission.vue
+++ b/frontend/src/components/bucket/BucketPermission.vue
@@ -1,16 +1,18 @@
 <script setup lang="ts">
 import { storeToRefs } from 'pinia';
-import { onBeforeMount, ref } from 'vue';
+import { computed, onBeforeMount, ref } from 'vue';
 import { FontAwesomeIcon } from '@fortawesome/vue-fontawesome';
 
 import BucketPermissionAddUser from '@/components/bucket/BucketPermissionAddUser.vue';
+import { BulkPermission } from '@/components/common';
 import { useAlert } from '@/composables/useAlert';
-import { Button, Checkbox, Column, DataTable } from '@/lib/primevue';
-import { usePermissionStore } from '@/store';
+import { Button, Checkbox, Column, DataTable, TabPanel, TabView } from '@/lib/primevue';
+
+import { useBucketStore, usePermissionStore } from '@/store';
 import { Permissions } from '@/utils/constants';
 
 import type { Ref } from 'vue';
-import type { UserPermissions } from '@/types';
+import type { Bucket, UserPermissions } from '@/types';
 
 // Props
 type Props = {
@@ -21,10 +23,14 @@ const props = withDefaults(defineProps<Props>(), {});
 
 // Store
 const permissionStore = usePermissionStore();
+const bucketStore = useBucketStore();
 const { getMappedBucketToUserPermissions } = storeToRefs(permissionStore);
 
 // State
 const showSearchUsers: Ref<boolean> = ref(false);
+const bucket: Ref<Bucket | undefined> = computed(() => {
+  return bucketStore.getBucket(props.bucketId);
+});
 
 // Actions
 const removeManageAlert = useAlert('Warning', 'Cannot remove last user with MANAGE permission.');
@@ -70,141 +76,150 @@ onBeforeMount(async () => {
 </script>
 
 <template>
-  <div>
-    <div v-if="!showSearchUsers">
-      <Button
-        class="mt-1 mb-4"
-        @click="showSearchUsers = true"
-        @keyup.enter="showSearchUsers = true"
-      >
-        <font-awesome-icon
-          icon="fa-solid fa-user-plus"
-          class="mr-1"
-        />
-        Add user
-      </Button>
-    </div>
-    <div v-else>
-      <BucketPermissionAddUser @cancel-search-users="cancelSearchUsers" />
-    </div>
-
-    <DataTable
-      :value="getMappedBucketToUserPermissions"
-      data-key="bucketId"
-      class="p-datatable-sm"
-      responsive-layout="scroll"
-      :paginator="true"
-      :rows="10"
-      paginator-template="RowsPerPageDropdown CurrentPageReport PrevPageLink NextPageLink "
-      current-page-report-template="{first}-{last} of {totalRecords}"
-      :rows-per-page-options="[10, 20, 50]"
-      sort-field="fullName"
-      :sort-order="1"
-      aria-label="Bucket Permissions"
-    >
-      <template #empty>
-        <div class="flex justify-content-center">
-          <h3>There are no users associated with this bucket.</h3>
-        </div>
-      </template>
-      <Column
-        field="fullName"
-        header="Name"
-        aria-labelledby="upload_checkbox"
-      />
-      <Column
-        field="idpName"
-        header="Provider"
-      />
-      <Column
-        header="Upload"
-        header-class="header-center"
-        body-class="content-center"
-      >
-        <template #body="{ data }">
-          <Checkbox
-            v-model="data.create"
-            input-id="create"
-            aria-label="upload"
-            :binary="true"
-            @update:model-value="(value: boolean) => updateBucketPermission(value, data.userId, Permissions.CREATE)"
-          />
-        </template>
-      </Column>
-      <Column
-        header="Read"
-        header-class="header-center"
-        body-class="content-center"
-      >
-        <template #body="{ data }">
-          <Checkbox
-            v-model="data.read"
-            input-id="read"
-            aria-label="Read"
-            :binary="true"
-            @update:model-value="(value: boolean) => updateBucketPermission(value, data.userId, Permissions.READ)"
-          />
-        </template>
-      </Column>
-      <Column
-        header="Update"
-        header-class="header-center"
-        body-class="content-center"
-      >
-        <template #body="{ data }">
-          <Checkbox
-            v-model="data.update"
-            input-id="update"
-            aria-label="Update"
-            :binary="true"
-            @update:model-value="(value: boolean) => updateBucketPermission(value, data.userId, Permissions.UPDATE)"
+  <TabView>
+    <TabPanel header="Manage permissions">
+      <div v-if="!showSearchUsers">
+        <Button
+          class="mt-1 mb-4"
+          @click="showSearchUsers = true"
+          @keyup.enter="showSearchUsers = true"
+        >
+          <font-awesome-icon
+            icon="fa-solid fa-user-plus"
+            class="mr-1"
           />
-        </template>
-      </Column>
-      <Column
-        header="Delete"
-        header-class="header-center"
-        body-class="content-center"
+          Add user
+        </Button>
+      </div>
+      <div v-else>
+        <BucketPermissionAddUser @cancel-search-users="cancelSearchUsers" />
+      </div>
+
+      <DataTable
+        :value="getMappedBucketToUserPermissions"
+        data-key="bucketId"
+        class="p-datatable-sm"
+        responsive-layout="scroll"
+        :paginator="true"
+        :rows="10"
+        paginator-template="RowsPerPageDropdown CurrentPageReport PrevPageLink NextPageLink "
+        current-page-report-template="{first}-{last} of {totalRecords}"
+        :rows-per-page-options="[10, 20, 50]"
+        sort-field="fullName"
+        :sort-order="1"
+        aria-label="Bucket Permissions"
       >
-        <template #body="{ data }">
-          <Checkbox
-            v-model="data.delete"
-            input-id="delete"
-            aria-label="delete"
-            :binary="true"
-            @update:model-value="(value: boolean) => updateBucketPermission(value, data.userId, Permissions.DELETE)"
-          />
+        <template #empty>
+          <div class="flex justify-content-center">
+            <h3>There are no users associated with this bucket.</h3>
+          </div>
         </template>
-      </Column>
-      <Column
-        header="Manage"
-        header-class="header-center"
-        body-class="content-center"
-      >
-        <template #body="{ data }">
-          <Checkbox
-            v-model="data.manage"
-            input-id="manage"
-            :binary="true"
-            :disabled="!data.elevatedRights"
-            @update:model-value="(value: boolean) => updateBucketPermission(value, data.userId, Permissions.MANAGE)"
-          />
-        </template>
-      </Column>
-      <Column header="Remove">
-        <template #body="{ data }">
-          <Button
-            class="p-button-lg p-button-text"
-            severity="danger"
-            aria-label="remove"
-            @click="removeBucketUser(data.userId)"
-          >
-            <font-awesome-icon icon="fa-solid fa-user-xmark" />
-          </Button>
-        </template>
-      </Column>
-    </DataTable>
-  </div>
+        <Column
+          field="fullName"
+          header="Name"
+          aria-labelledby="upload_checkbox"
+        />
+        <Column
+          field="idpName"
+          header="Provider"
+        />
+        <Column
+          header="Upload"
+          header-class="header-center"
+          body-class="content-center"
+        >
+          <template #body="{ data }">
+            <Checkbox
+              v-model="data.create"
+              input-id="create"
+              aria-label="upload"
+              :binary="true"
+              @update:model-value="(value: boolean) => updateBucketPermission(value, data.userId, Permissions.CREATE)"
+            />
+          </template>
+        </Column>
+        <Column
+          header="Read"
+          header-class="header-center"
+          body-class="content-center"
+        >
+          <template #body="{ data }">
+            <Checkbox
+              v-model="data.read"
+              input-id="read"
+              aria-label="Read"
+              :binary="true"
+              @update:model-value="(value: boolean) => updateBucketPermission(value, data.userId, Permissions.READ)"
+            />
+          </template>
+        </Column>
+        <Column
+          header="Update"
+          header-class="header-center"
+          body-class="content-center"
+        >
+          <template #body="{ data }">
+            <Checkbox
+              v-model="data.update"
+              input-id="update"
+              aria-label="Update"
+              :binary="true"
+              @update:model-value="(value: boolean) => updateBucketPermission(value, data.userId, Permissions.UPDATE)"
+            />
+          </template>
+        </Column>
+        <Column
+          header="Delete"
+          header-class="header-center"
+          body-class="content-center"
+        >
+          <template #body="{ data }">
+            <Checkbox
+              v-model="data.delete"
+              input-id="delete"
+              aria-label="delete"
+              :binary="true"
+              @update:model-value="(value: boolean) => updateBucketPermission(value, data.userId, Permissions.DELETE)"
+            />
+          </template>
+        </Column>
+        <Column
+          header="Manage"
+          header-class="header-center"
+          body-class="content-center"
+        >
+          <template #body="{ data }">
+            <Checkbox
+              v-model="data.manage"
+              input-id="manage"
+              aria-label="manage"
+              :binary="true"
+              :disabled="!data.elevatedRights"
+              @update:model-value="(value: boolean) => updateBucketPermission(value, data.userId, Permissions.MANAGE)"
+            />
+          </template>
+        </Column>
+        <Column header="Remove">
+          <template #body="{ data }">
+            <Button
+              class="p-button-lg p-button-text"
+              severity="danger"
+              aria-label="remove"
+              @click="removeBucketUser(data.userId)"
+            >
+              <font-awesome-icon icon="fa-solid fa-user-xmark" />
+            </Button>
+          </template>
+        </Column>
+      </DataTable>
+    </TabPanel>
+    <TabPanel header="Bulk add/remove">
+      <BulkPermission
+        resource-type="bucket"
+        :resource="bucket"
+      />
+    </TabPanel>
+  </TabView>
 </template>
 
 <style lang="scss" scoped>
diff --git a/frontend/src/components/common/BulkPermission.vue b/frontend/src/components/common/BulkPermission.vue
new file mode 100644
index 00000000..10fef4b8
--- /dev/null
+++ b/frontend/src/components/common/BulkPermission.vue
@@ -0,0 +1,396 @@
+<script setup lang="ts">
+import { computed, ref } from 'vue';
+import { storeToRefs } from 'pinia';
+import { useForm, ErrorMessage } from 'vee-validate';
+import * as yup from 'yup';
+import { Button, RadioButton, Checkbox, useToast, TextArea } from '@/lib/primevue';
+import { Spinner } from '@/components/layout';
+
+import { Permissions, Regex } from '@/utils/constants';
+import { toBulkResult } from '@/utils/formatters';
+
+import { inviteService, permissionService, userService } from '@/services';
+import { usePermissionStore, useAuthStore } from '@/store';
+
+import type { Ref } from 'vue';
+
+// Types
+type Props = {
+  resourceType: string;
+  resource: any;
+};
+// Props
+const props = withDefaults(defineProps<Props>(), {});
+
+// Store
+const { getUser } = storeToRefs(useAuthStore());
+const permissionStore = usePermissionStore();
+const toast = useToast();
+
+// State
+const resourceId: Ref<string> = computed(() =>
+  props.resourceType === 'object' ? props.resource.id : props.resource.bucketId
+);
+const loading: Ref<boolean> = ref(false);
+const complete: Ref<boolean> = ref(false);
+const permHelpLink: Ref<string> = computed(() => {
+  return props.resourceType === 'bucket'
+    ? 'https://github.com/bcgov/bcbox/wiki/My-Files#folder-permissions'
+    : 'https://github.com/bcgov/bcbox/wiki/Files#file-permissions';
+});
+const results: Ref<Array<any>> = ref([
+  {
+    resourceType: props.resourceType,
+    resourceId: resourceId.value,
+    result: []
+  }
+]);
+
+const timeFrames: Record<string, number> = {
+  '1 Hour': 3600,
+  '8 Hour': 28800,
+  '1 Day (Default)': 86400,
+  '1 Week': 604800,
+  '1 Month (30 days)': 2592000
+};
+
+const bucketPermCodes: Record<string, string> = {
+  READ: 'Read',
+  CREATE: 'Upload',
+  UPDATE: 'Update'
+};
+
+const objectPermCodes: Record<string, string> = {
+  READ: 'Read',
+  UPDATE: 'Update'
+};
+
+// Permissions selection
+const selectedOptions = computed(() => {
+  return props.resourceType === 'bucket' ? bucketPermCodes : objectPermCodes;
+});
+
+// Form validation schema
+const schema = yup.object().shape({
+  permCodes: yup.array().when('action', {
+    is: (string: string) => string === 'add',
+    then: (schema) => schema.min(1, 'Select one or more access options')
+  }),
+  expiresAt: yup.string().when('notFound', {
+    is: (string: string) => string === 'invite',
+    then: (schema) => schema.required('Select an expiry time for email invites')
+  }),
+  multiEmail: yup
+    .array()
+    .transform(function (value, originalValue) {
+      if (this.isType(value) && value !== null) return value;
+      return originalValue ? originalValue.split(/[\r\n ,;]+/).filter((item: string) => item) : [];
+    })
+    .of(
+      yup
+        .string()
+        .matches(new RegExp(Regex.EMAIL), 'Provide a list of valid email addresses separated by commas or semicolons')
+    )
+    .min(1, 'Enter one or more email addresses')
+});
+
+// create a vee-validate form context
+const { values, defineField, handleSubmit } = useForm({
+  validationSchema: schema,
+  initialValues: {
+    action: 'add',
+    permCodes: props.resourceType === 'object' ? ['READ'] : [],
+    notFound: 'invite',
+    expiresAt: 86400,
+    multiEmail: ''
+  }
+});
+
+// map the input models for vee-validate
+const [action] = defineField('action', {});
+const [permCodes] = defineField('permCodes', {});
+const [notFound] = defineField('notFound', {});
+const [expiresAt] = defineField('expiresAt', {});
+const [multiEmail] = defineField('multiEmail', {});
+
+// require READ perm for file invites
+const isDisabled = (optionValue: string) => {
+  return props.resourceType === 'object' && optionValue === 'READ';
+};
+
+// Form is submitted
+const onSubmit = handleSubmit(async (values: any, { resetForm }) => {
+  loading.value = true;
+  try {
+    // put email(s) into an array, delimit, de-dupe and remove empty
+    const emailArray: any = [...new Set(values.multiEmail.split(/[\r\n ,;]+/).filter((item: string) => item))];
+
+    // for each email, if user exists in db then give permissions, otherwise send invite
+    let permData: Array<{ userId: string; permCode: string }> = [];
+    let inviteUsers: Array<string> = [];
+    const result = await Promise.all(
+      emailArray.map(async (email: string) => {
+        const users = (await userService.searchForUsers({ email: email })).data;
+        // if an exact match on one account
+        if (users.length === 1 && users[0].email === email) {
+          if (values.action === 'add') {
+            values.permCodes.forEach((pc: string) => {
+              permData.push({ userId: users[0].userId, permCode: pc });
+            });
+          } else if (values.action === 'remove') {
+            Object.values(Permissions).forEach((pc: string) => {
+              permData.push({ userId: users[0].userId, permCode: pc });
+            });
+          }
+          return { email: email, userId: users[0].userId, permissions: [] };
+        } else if (values.action === 'add') {
+          inviteUsers.push(email);
+          return { email: email };
+        }
+      })
+    );
+    // add to results
+    results.value[0].result = result;
+
+    // handle permission updates for users already in the system
+    if (permData.length > 0) {
+      let permResponse;
+      if (values.action === 'add') {
+        // if adding
+        permResponse =
+          props.resourceType === 'object'
+            ? await permissionService.objectAddPermissions(resourceId.value, permData)
+            : await permissionService.bucketAddPermissions(resourceId.value, permData);
+      } else {
+        // else removing
+        const deletePermData = { userId: permData[0].userId, permCode: permData.map((p) => p.permCode) };
+        permResponse =
+          props.resourceType === 'object'
+            ? await permissionService.objectDeletePermission(resourceId.value, deletePermData)
+            : await permissionService.bucketDeletePermission(resourceId.value, deletePermData);
+      }
+      // add updated permissions to results
+      permResponse.data.forEach((p: any) => {
+        const el = results.value[0].result.find((r: any) => r.userId === p.userId);
+        el.permissions.push({
+          createdAt: p.createdAt,
+          permCode: p.permCode
+        });
+      });
+    }
+
+    // generate invites (for emails not already in the system)
+    if (values.notFound === 'invite' && inviteUsers.length > 0 && values.action === 'add') {
+      const expiresAt = Math.floor(Date.now() / 1000) + values.expiresAt;
+      const emailResponse = await inviteService.createInvites(
+        props.resourceType,
+        props.resource,
+        getUser.value?.profile,
+        inviteUsers,
+        expiresAt,
+        values.permCodes
+      );
+      // add to results
+      emailResponse.data.messages.forEach((msg: { msgId: string; to: Array<string> }) => {
+        results.value[0].result.find((r: any) => r.email === msg.to[0]).chesMsgId = msg.msgId;
+      });
+    }
+
+    // format results into human-readable descriptions
+    results.value[0].result = toBulkResult(values.notFound, values.action, results.value[0].result);
+
+    // refresh store
+    if (props.resourceType === 'object') {
+      await permissionStore.fetchObjectPermissions({ objectId: resourceId.value });
+      await permissionStore.mapObjectToUserPermissions(resourceId.value);
+    } else {
+      await permissionStore.fetchBucketPermissions({ bucketId: resourceId.value });
+      await permissionStore.mapBucketToUserPermissions(resourceId.value);
+    }
+    complete.value = true;
+    resetForm();
+  } catch (error: any) {
+    toast.error('Bulk permission operation failed', error.response?.data.detail, { life: 0 });
+  }
+  loading.value = false;
+});
+</script>
+
+<template>
+  <h3 class="mt-1 mb-2">Bulk add/remove</h3>
+  <ul class="mb-4 pl-4">
+    <li>Adding users will add permissions in bulk to any existing emails associated with BCBox accounts</li>
+    <li>
+      Removing users will remove all their permissions to this
+      {{ props.resourceType === 'object' ? 'file' : 'folder' }}
+    </li>
+    <li>
+      If you include email addresses not associated with BCBox users, you can choose to send emails to invite them
+    </li>
+  </ul>
+
+  <form @submit="onSubmit">
+    <p class="mb-2">Add or remove permissions</p>
+    <div class="flex flex-wrap gap-3 mb-3">
+      <div class="flex align-items-center">
+        <RadioButton
+          v-model="action"
+          name="action"
+          value="add"
+        />
+        <label
+          for="add"
+          class="ml-2"
+        >
+          Add
+        </label>
+      </div>
+      <div class="flex align-items-center">
+        <RadioButton
+          v-model="action"
+          name="action"
+          value="remove"
+        />
+        <label
+          for="remove"
+          class="ml-2"
+        >
+          Remove
+        </label>
+      </div>
+    </div>
+
+    <div v-if="values.action === 'add'">
+      <p class="mb-2">Access options</p>
+      <div class="field">
+        <div class="flex flex-wrap gap-3 align-items-center">
+          <div
+            v-for="(name, value) in selectedOptions"
+            :key="value"
+            class="flex align-items-center"
+          >
+            <Checkbox
+              v-model="permCodes"
+              name="permCodes"
+              :value="value"
+              :disabled="isDisabled(value)"
+            />
+            <label
+              :for="value.toString()"
+              class="ml-2"
+            >
+              {{ name }}
+            </label>
+          </div>
+          <small class="help">
+            <a
+              :href="`${permHelpLink}`"
+              target="_blank"
+            >
+              Get help understanding permissions
+            </a>
+          </small>
+        </div>
+        <ErrorMessage
+          name="permCodes"
+          class="block"
+        />
+      </div>
+    </div>
+
+    <div v-if="values.action === 'add'">
+      <p class="mb-2">If users with specified email(s) are not found?</p>
+      <div class="flex flex-wrap gap-3 mb-3">
+        <div class="flex align-items-center">
+          <RadioButton
+            v-model="notFound"
+            name="notFound"
+            value="ignore"
+          />
+          <label
+            for="ignore"
+            class="ml-2"
+          >
+            Ignore
+          </label>
+        </div>
+        <div class="flex align-items-center">
+          <RadioButton
+            v-model="notFound"
+            name="notFound"
+            value="invite"
+          />
+          <label
+            for="invite"
+            class="ml-2"
+          >
+            Send email invite(s)
+          </label>
+        </div>
+      </div>
+    </div>
+
+    <div v-if="values.action === 'add' && values.notFound === 'invite'">
+      <p class="mb-2">Make invite available for</p>
+      <div class="flex flex-wrap gap-3 field">
+        <div
+          v-for="(value, name) in timeFrames"
+          :key="value"
+          class="flex align-items-center"
+        >
+          <RadioButton
+            v-model="expiresAt"
+            name="expiresAt"
+            :value="value"
+          />
+          <label
+            :for="value.toString()"
+            class="ml-2"
+          >
+            {{ name }}
+          </label>
+        </div>
+        <ErrorMessage
+          name="expiresAt"
+          class="block"
+        />
+      </div>
+    </div>
+
+    <div class="field">
+      <!-- eslint-disable -->
+      <TextArea
+        v-model="multiEmail"
+        name="multiEmail"
+        type="textarea"
+        placeholder="Enter email(s) separated by commas (, ) or semicolons (; ) - for example: email1@gov.bc.ca, email2@gov.bc.ca"
+        class="w-full block"
+      />
+      <!-- eslint-enable -->
+      <small
+        id="multiEmail-help"
+        class="block"
+      >
+        Enter an email address for each person whose permissions you wish to update for this
+        {{ props.resourceType === 'bucket' ? 'folder' : 'file' }}. The email address should be associated with the IDIR
+        or BCeID account they will use to sign in to BCBox.
+      </small>
+      <ErrorMessage name="multiEmail" />
+    </div>
+
+    <div class="my-4 inline-flex">
+      <Button
+        class="p-button p-button-primary mr-3"
+        :disabled="loading"
+        type="submit"
+      >
+        Submit
+      </Button>
+      <Spinner
+        v-if="loading"
+        class="h-2rem w-2rem"
+      />
+    </div>
+  </form>
+  <pre v-if="complete">{{ results }}</pre>
+</template>
diff --git a/frontend/src/components/common/Invite.vue b/frontend/src/components/common/Invite.vue
index 557aaf61..7a6870c5 100644
--- a/frontend/src/components/common/Invite.vue
+++ b/frontend/src/components/common/Invite.vue
@@ -29,20 +29,21 @@ const { getUser } = storeToRefs(useAuthStore());
 const toast = useToast();
 
 // State
+const resourceId: Ref<string> = computed(() =>
+  props.resourceType === 'object' ? props.resource.id : props.resource.bucketId
+);
 const loading: Ref<boolean> = ref(false);
+const complete: Ref<boolean> = ref(false);
 const permHelpLink: Ref<string> = computed(() => {
   return props.resourceType === 'bucket'
     ? 'https://github.com/bcgov/bcbox/wiki/My-Files#folder-permissions'
     : 'https://github.com/bcgov/bcbox/wiki/Files#file-permissions';
 });
-const resourceId: Ref<string> = computed(() =>
-  props.resourceType === 'object' ? props.resource.id : props.resource.bucketId
-);
 const results: Ref<Array<any>> = ref([
   {
     resourceType: props.resourceType,
     resourceId: resourceId.value,
-    results: []
+    result: []
   }
 ]);
 
@@ -119,8 +120,9 @@ const [multiEmail] = defineField('multiEmail', {});
 const isDisabled = (optionValue: string) => {
   return props.resourceType === 'object' && optionValue === 'READ';
 };
+
 // Invite form is submitted
-const onSubmit = handleSubmit(async (values: any) => {
+const onSubmit = handleSubmit(async (values: any, { resetForm }) => {
   loading.value = true;
   try {
     // put email(s) into an array, delimit, de-dupe and remove empty
@@ -128,27 +130,21 @@ const onSubmit = handleSubmit(async (values: any) => {
     if (values.emailType === 'single') emailArray = [values.email];
     else emailArray = [...new Set(values.multiEmail.split(/[\r\n ,;]+/).filter((item: string) => item))];
 
-    // for each email, if user exists in db then give permissions, otherwise send invite
+    // for each email, if user already exists in db then give permissions, otherwise send invite
     let permData: Array<{ userId: string; permCode: string }> = [];
-    let newUsers: Array<string> = [];
+    let inviteUsers: Array<string> = [];
     const result = await Promise.all(
       emailArray.map(async (email) => {
-        const user = (await userService.searchForUsers({ email: email })).data;
+        const users = (await userService.searchForUsers({ email: email })).data;
         // if an exact match on one account
-        if (user.length > 0 && user[0].email === email) {
+        if (users.length === 1 && users[0].email === email) {
           values.permCodes.forEach((pc: string) => {
-            permData.push({ userId: user[0].userId, permCode: pc });
+            permData.push({ userId: users[0].userId, permCode: pc });
           });
-          return {
-            email: email,
-            userId: user[0].userId,
-            permissions: []
-          };
+          return { email: email, userId: users[0].userId, permissions: [] };
         } else {
-          newUsers.push(email);
-          return {
-            email: email
-          };
+          inviteUsers.push(email);
+          return { email: email };
         }
       })
     );
@@ -157,7 +153,10 @@ const onSubmit = handleSubmit(async (values: any) => {
 
     // give permissions to users already in the system
     if (permData.length > 0) {
-      const permResponse = await permissionService.bucketAddPermissions(props.resource.bucketId, permData);
+      const permResponse =
+        props.resourceType === 'object'
+          ? await permissionService.objectAddPermissions(resourceId.value, permData)
+          : await permissionService.bucketAddPermissions(resourceId.value, permData);
       permResponse.data.forEach((p: any) => {
         const el = results.value[0].result.find((r: any) => r.userId === p.userId);
         el.permissions.push({
@@ -168,13 +167,13 @@ const onSubmit = handleSubmit(async (values: any) => {
     }
 
     // generate invites (for emails not already in the system)
-    if (newUsers.length > 0) {
+    if (inviteUsers.length > 0) {
       const expiresAt = Math.floor(Date.now() / 1000) + values.expiresAt;
       const emailResponse = await inviteService.createInvites(
         props.resourceType,
         props.resource,
         getUser.value?.profile,
-        newUsers,
+        inviteUsers,
         expiresAt,
         values.permCodes
       );
@@ -183,9 +182,10 @@ const onSubmit = handleSubmit(async (values: any) => {
         results.value[0].result.find((r: any) => r.email === msg.to[0]).chesMsgId = msg.msgId;
       });
     }
-    results.value[0].result = toBulkResult(results.value[0].result);
-    // console.log('results', JSON.stringify(results.value));
-    toast.success('', 'Invite notifications sent.', { life: 5000 });
+    // format results into human-readable descriptions
+    results.value[0].result = toBulkResult('invite', 'add', results.value[0].result);
+    complete.value = true;
+    resetForm();
   } catch (error: any) {
     toast.error('Creating Invite', error.response?.data.detail, { life: 0 });
   }
@@ -289,9 +289,9 @@ const onSubmit = handleSubmit(async (values: any) => {
         name="email"
         type="text"
         placeholder="Enter email"
-        :help-text="`Enter an email address of person you are inviting to access this
+        :help-text="`Enter an email address of the person you are inviting to access this
           ${props.resourceType === 'bucket' ? 'folder' : 'file'}. <br />
-          The email address must be associated with the account they use to sign in to BCBox.`"
+          The email address must be associated with the account they will use to sign in to BCBox.`"
         class="invite-email"
       />
     </div>
@@ -303,7 +303,7 @@ const onSubmit = handleSubmit(async (values: any) => {
           name="multiEmail"
           type="textarea"
           placeholder="Enter email(s) separated by commas (, ) or semicolons (; ) - for example: email1@gov.bc.ca, email2@gov.bc.ca"
-          class="multi-email block"
+          class="w-full block"
         />
         <!-- eslint-enable -->
         <small
@@ -312,7 +312,7 @@ const onSubmit = handleSubmit(async (values: any) => {
         >
           Enter an email address for each person you are inviting to access this
           {{ props.resourceType === 'bucket' ? 'folder' : 'file' }}. The email address must be associated with the
-          account they use to sign in to BCBox.
+          account they will use to sign in to BCBox.
         </small>
         <ErrorMessage name="multiEmail" />
       </div>
@@ -337,6 +337,7 @@ const onSubmit = handleSubmit(async (values: any) => {
       />
     </div>
   </form>
+  <pre v-if="complete">{{ results }}</pre>
 </template>
 
 <style scoped lang="scss">
@@ -344,7 +345,4 @@ div:has(.invite-email),
 .invite-email:deep(input) {
   width: 80%;
 }
-.multi-email {
-  width: 100%;
-}
 </style>
diff --git a/frontend/src/components/common/index.ts b/frontend/src/components/common/index.ts
index ea3c4693..328cf6a3 100644
--- a/frontend/src/components/common/index.ts
+++ b/frontend/src/components/common/index.ts
@@ -1,3 +1,4 @@
+export { default as BulkPermission } from './BulkPermission.vue';
 export { default as Invite } from './Invite.vue';
 export { default as Share } from './Share.vue';
 export { default as ShareButton } from './ShareButton.vue';
diff --git a/frontend/src/components/object/ObjectPermission.vue b/frontend/src/components/object/ObjectPermission.vue
index 0da62b60..0fbde7ed 100644
--- a/frontend/src/components/object/ObjectPermission.vue
+++ b/frontend/src/components/object/ObjectPermission.vue
@@ -1,10 +1,12 @@
 <script setup lang="ts">
 import { storeToRefs } from 'pinia';
-import { onBeforeMount, ref } from 'vue';
+import { computed, onBeforeMount, ref } from 'vue';
 import { FontAwesomeIcon } from '@fortawesome/vue-fontawesome';
 
 import { ObjectPermissionAddUser, ObjectPublicToggle } from '@/components/object';
-import { Button, Checkbox, Column, DataTable } from '@/lib/primevue';
+import { BulkPermission } from '@/components/common';
+import { Button, Checkbox, Column, DataTable, TabPanel, TabView } from '@/lib/primevue';
+
 import { useAuthStore, useObjectStore, usePermissionStore } from '@/store';
 import { Permissions } from '@/utils/constants';
 
@@ -26,7 +28,9 @@ const { getUserId } = storeToRefs(useAuthStore());
 
 // State
 const showSearchUsers: Ref<boolean> = ref(false);
-const object: Ref<COMSObject | undefined> = ref(undefined);
+const object: Ref<COMSObject | undefined> = computed(() => {
+  return objectStore.getObject(props.objectId);
+});
 
 // Actions
 const cancelSearchUsers = () => {
@@ -47,158 +51,166 @@ const updateObjectPermission = (value: boolean, userId: string, permCode: string
 
 onBeforeMount(() => {
   permissionStore.mapObjectToUserPermissions(props.objectId);
-  object.value = objectStore.getObject(props.objectId);
 });
 </script>
 
 <template>
-  <div>
-    <div class="flex flex-row gap-6 pb-3">
-      <div>
-        <h3 class="pb-1">Public</h3>
-        <ul>
-          <li>This option toggles the file to be publicly available and accessible to anyone</li>
-          <li>To instead set explicit permissions, add users and use the options below</li>
-        </ul>
+  <TabView>
+    <TabPanel header="Manage permissions">
+      <div class="flex flex-row gap-6 pb-3">
+        <div>
+          <h3 class="pb-1">Public</h3>
+          <ul>
+            <li>This option toggles the file to be publicly available and accessible to anyone</li>
+            <li>To instead set explicit permissions, add users and use the options below</li>
+          </ul>
+        </div>
+        <ObjectPublicToggle
+          v-if="object && getUserId"
+          class="ml-4"
+          :bucket-id="object.bucketId"
+          :object-id="object.id"
+          :object-name="object.name"
+          :object-public="object.public"
+          :user-id="getUserId"
+        />
       </div>
-      <ObjectPublicToggle
-        v-if="object && getUserId"
-        class="ml-4"
-        :bucket-id="object.bucketId"
-        :object-id="object.id"
-        :object-name="object.name"
-        :object-public="object.public"
-        :user-id="getUserId"
-      />
-    </div>
 
-    <h3 class="mt-1 mb-2">User Permissions</h3>
+      <h3 class="mt-1 mb-2">User Permissions</h3>
 
-    <div v-if="!showSearchUsers">
-      <Button
-        class="mt-1 mb-4"
-        @click="showSearchUsers = true"
-        @keyup.enter="showSearchUsers = true"
-      >
-        <font-awesome-icon
-          icon="fa-solid fa-user-plus"
-          class="mr-1"
-        />
-        Add user
-      </Button>
-    </div>
-    <div v-else>
-      <ObjectPermissionAddUser
-        :object-id="object?.id!"
-        @cancel-search-users="cancelSearchUsers"
-      />
-    </div>
-
-    <DataTable
-      :value="getMappedObjectToUserPermissions"
-      data-key="userId"
-      class="p-datatable-sm"
-      responsive-layout="scroll"
-      :paginator="true"
-      :rows="10"
-      paginator-template="RowsPerPageDropdown CurrentPageReport PrevPageLink NextPageLink"
-      current-page-report-template="{first}-{last} of {totalRecords}"
-      :rows-per-page-options="[10, 20, 50]"
-      sort-field="fullName"
-      aria-label="File Permissions"
-      :sort-order="1"
-    >
-      <template #empty>
-        <div class="flex justify-content-center">
-          <div>
-            <h3>There are no users associated specifically with this file.</h3>
-            <span>Permissions at the folder level still apply but aren't shown here.</span>
-          </div>
-        </div>
-      </template>
-      <Column
-        field="fullName"
-        header="Name"
-      />
-      <Column
-        field="idpName"
-        header="Provider"
-      />
-      <Column
-        header="Read"
-        header-class="header-center"
-        body-class="content-center"
-      >
-        <template #body="{ data }">
-          <Checkbox
-            v-model="data.read"
-            input-id="read"
-            :binary="true"
-            :disabled="data.read"
-            @update:model-value="(value: boolean) => updateObjectPermission(value, data.userId, Permissions.READ)"
-          />
-        </template>
-      </Column>
-      <Column
-        header="Update"
-        header-class="header-center"
-        body-class="content-center"
-      >
-        <template #body="{ data }">
-          <Checkbox
-            v-model="data.update"
-            input-id="update"
-            aria-label="update"
-            :binary="true"
-            @update:model-value="(value: boolean) => updateObjectPermission(value, data.userId, Permissions.UPDATE)"
-          />
-        </template>
-      </Column>
-      <Column
-        header="Delete"
-        header-class="header-center"
-        body-class="content-center"
-      >
-        <template #body="{ data }">
-          <Checkbox
-            v-model="data.delete"
-            input-id="delete"
-            aria-label="delete"
-            :binary="true"
-            @update:model-value="(value: boolean) => updateObjectPermission(value, data.userId, Permissions.DELETE)"
+      <div v-if="!showSearchUsers">
+        <Button
+          class="mt-1 mb-4"
+          @click="showSearchUsers = true"
+          @keyup.enter="showSearchUsers = true"
+        >
+          <font-awesome-icon
+            icon="fa-solid fa-user-plus"
+            class="mr-1"
           />
-        </template>
-      </Column>
-      <Column
-        header="Manage"
-        header-class="header-center"
-        body-class="content-center"
+          Add user
+        </Button>
+      </div>
+      <div v-else>
+        <ObjectPermissionAddUser
+          :object-id="object?.id!"
+          @cancel-search-users="cancelSearchUsers"
+        />
+      </div>
+
+      <DataTable
+        :value="getMappedObjectToUserPermissions"
+        data-key="userId"
+        class="p-datatable-sm"
+        responsive-layout="scroll"
+        :paginator="true"
+        :rows="10"
+        paginator-template="RowsPerPageDropdown CurrentPageReport PrevPageLink NextPageLink"
+        current-page-report-template="{first}-{last} of {totalRecords}"
+        :rows-per-page-options="[10, 20, 50]"
+        sort-field="fullName"
+        aria-label="File Permissions"
+        :sort-order="1"
       >
-        <template #body="{ data }">
-          <Checkbox
-            v-model="data.manage"
-            input-id="manage"
-            aria-label="manage"
-            :binary="true"
-            @update:model-value="(value: boolean) => updateObjectPermission(value, data.userId, Permissions.MANAGE)"
-          />
-        </template>
-      </Column>
-      <Column header="Remove">
-        <template #body="{ data }">
-          <Button
-            class="p-button-lg p-button-text"
-            severity="danger"
-            aria-label="remove"
-            @click="removeObjectUser(data.userId)"
-            @keyup.enter="removeObjectUser(data.userId)"
-          >
-            <font-awesome-icon icon="fa-solid fa-user-xmark" />
-          </Button>
+        <template #empty>
+          <div class="flex justify-content-center">
+            <div>
+              <h3>There are no users associated specifically with this file.</h3>
+              <span>Permissions at the folder level still apply but aren't shown here.</span>
+            </div>
+          </div>
         </template>
-      </Column>
-    </DataTable>
-  </div>
+        <Column
+          field="fullName"
+          header="Name"
+        />
+        <Column
+          field="idpName"
+          header="Provider"
+        />
+        <Column
+          header="Read"
+          header-class="header-center"
+          body-class="content-center"
+        >
+          <template #body="{ data }">
+            <Checkbox
+              v-model="data.read"
+              input-id="read"
+              aria-label="read"
+              :binary="true"
+              :disabled="data.read"
+              @update:model-value="(value: boolean) => updateObjectPermission(value, data.userId, Permissions.READ)"
+            />
+          </template>
+        </Column>
+        <Column
+          header="Update"
+          header-class="header-center"
+          body-class="content-center"
+        >
+          <template #body="{ data }">
+            <Checkbox
+              v-model="data.update"
+              input-id="update"
+              aria-label="update"
+              :binary="true"
+              @update:model-value="(value: boolean) => updateObjectPermission(value, data.userId, Permissions.UPDATE)"
+            />
+          </template>
+        </Column>
+        <Column
+          header="Delete"
+          header-class="header-center"
+          body-class="content-center"
+        >
+          <template #body="{ data }">
+            <Checkbox
+              v-model="data.delete"
+              input-id="delete"
+              aria-label="delete"
+              :binary="true"
+              @update:model-value="(value: boolean) => updateObjectPermission(value, data.userId, Permissions.DELETE)"
+            />
+          </template>
+        </Column>
+        <Column
+          header="Manage"
+          header-class="header-center"
+          body-class="content-center"
+        >
+          <template #body="{ data }">
+            <Checkbox
+              v-model="data.manage"
+              input-id="manage"
+              aria-label="manage"
+              :binary="true"
+              @update:model-value="(value: boolean) => updateObjectPermission(value, data.userId, Permissions.MANAGE)"
+            />
+          </template>
+        </Column>
+        <Column header="Remove">
+          <template #body="{ data }">
+            <Button
+              class="p-button-lg p-button-text"
+              severity="danger"
+              aria-label="remove"
+              @click="removeObjectUser(data.userId)"
+              @keyup.enter="removeObjectUser(data.userId)"
+            >
+              <font-awesome-icon icon="fa-solid fa-user-xmark" />
+            </Button>
+          </template>
+        </Column>
+      </DataTable>
+    </TabPanel>
+    <TabPanel header="Bulk add/remove">
+      <BulkPermission
+        resource-type="object"
+        :resource="object"
+      />
+    </TabPanel>
+  </TabView>
 </template>
 
 <style lang="scss" scoped>
diff --git a/frontend/src/types/options/BucketDeletePermissionsOptions.ts b/frontend/src/types/options/BucketDeletePermissionsOptions.ts
index e247eea3..8a5e7fd3 100644
--- a/frontend/src/types/options/BucketDeletePermissionsOptions.ts
+++ b/frontend/src/types/options/BucketDeletePermissionsOptions.ts
@@ -1,4 +1,4 @@
 export type BucketDeletePermissionsOptions = {
   userId?: string;
-  permCode?: string;
+  permCode?: string | Array<string>;
 };
diff --git a/frontend/src/utils/formatters.ts b/frontend/src/utils/formatters.ts
index 157af3ec..167f46d7 100644
--- a/frontend/src/utils/formatters.ts
+++ b/frontend/src/utils/formatters.ts
@@ -42,24 +42,35 @@ export function toKebabCase(str: string | null) {
 /**
  * @function toBulkResult
  * transforms an array of invite/add/remove data into an array of human-readable descriptions
+ * @param {string} notFound if user not found (eg: 'invite' or 'ignore')
+ * @param {string} action permission action (eg: 'add' or 'remove')
  * @param {object[]} data results invite/add/remove
  * @returns {object[]} an array of human-readable descriptions
  */
 export function toBulkResult(
+  notFound: string,
+  action: string,
   data: Array<{ email: string; chesMsgId: string; permissions: Array<{ permCode: string }> | undefined }>
 ) {
   const result = data.map((r) => {
-    let description = '';
-
-    if (r.chesMsgId) description = 'Success: Invite emailed';
+    let description = 'No action taken';
+    // invites
+    if (r.chesMsgId && notFound === 'invite') description = 'Invite emailed';
+    else if (notFound === 'ignore' && !r.permissions) {
+      description = 'No invite was emailed';
+    }
+    // permission updates
     else if (r.permissions && r.permissions.length > 0) {
       const perms = r.permissions.map((p) => {
         return Permissionlabels[p.permCode as keyof typeof Permissionlabels];
       });
-      description = `Success: Permissions applied ( ${perms.join(' and ')})`;
-    } else if (r.permissions && r.permissions.length == 0) {
-      description = 'Success: Permissions already existed';
+      description = `Permissions ${action === 'add' ? 'added' : 'removed'} (${perms.join(' and ')})`;
+    } else if (r.permissions && r.permissions.length == 0 && action === 'add') {
+      description = 'Permissions already existed';
+    } else if (r.permissions && r.permissions.length == 0 && action === 'remove') {
+      description = 'Permissions did not exist';
     }
+
     return new Object({
       email: r.email,
       description: description
diff --git a/frontend/src/views/HomeView.vue b/frontend/src/views/HomeView.vue
index 53ea074e..1907df75 100644
--- a/frontend/src/views/HomeView.vue
+++ b/frontend/src/views/HomeView.vue
@@ -37,8 +37,8 @@ const { getConfig } = storeToRefs(useConfigStore());
         users can upload and share files.
         <br />
         <br />
-        BCBox displays files in folders, which are visualizations of &quot;bucket&quot; storage
-        location sources required to use BCBox. If you are new to this and don't know a bucket manager, contact
+        BCBox displays files in folders, which are visualizations of &quot;bucket&quot; storage location sources
+        required to use BCBox. If you are new to this and don't know a bucket manager, contact
         <a href="https://apps.nrs.gov.bc.ca/int/jira/servicedesk/customer/portal/1/create/701">NRIDS Optimization</a>
         (NRM only) or your ministry's service desk to get credentials for a &quot;bucket&quot; storage location source.
         Then come back, log in, and add it in BCBox to have it show up as a folder.
@@ -91,7 +91,7 @@ const { getConfig } = storeToRefs(useConfigStore());
             <br />
             IDIR users can also choose to share files with public links. Contact your organization's privacy and
             security teams to see if this fits your intended use. Make sure you don't upload personal or private
-            information without the consent of your Ministry Privacy Officer.
+            information without first consulting your Ministry Privacy Officer.
           </p>
         </div>
         <div class="col-6">
@@ -161,8 +161,8 @@ const { getConfig } = storeToRefs(useConfigStore());
               indicating your BCeID-related intentions
             </li>
             <li>
-              All other inquiries around getting or using &quot;bucket&quot;
-              storage location sources should be directed to
+              All other inquiries around getting or using &quot;bucket&quot; storage location sources should be directed
+              to
               <a
                 href="https://apps.nrs.gov.bc.ca/int/jira/servicedesk/customer/portal/1/create/701"
                 target="_blank"
@@ -172,8 +172,8 @@ const { getConfig } = storeToRefs(useConfigStore());
               (Natural Resource ministries) or your ministry's service desk
             </li>
             <li>
-              Storage and custodianship of just the metadata and tags, not the objects themselves,
-              is maintained by Natural Resource Information &amp; Digital Services
+              Storage and custodianship of just the metadata and tags, not the objects themselves, is maintained by
+              Natural Resource Information &amp; Digital Services
             </li>
             <li>
               You will refer to and adhere to
diff --git a/frontend/tests/unit/components/bucket/BucketPermission.spec.ts b/frontend/tests/unit/components/bucket/BucketPermission.spec.ts
index 0b1da1d8..3b70f437 100644
--- a/frontend/tests/unit/components/bucket/BucketPermission.spec.ts
+++ b/frontend/tests/unit/components/bucket/BucketPermission.spec.ts
@@ -46,7 +46,7 @@ describe('BucketPermission.vue', async () => {
       },
       global: {
         plugins: [ConfirmationService, PrimeVue, testingPinia, ToastService],
-        stubs: ['font-awesome-icon', 'DataTable']
+        stubs: ['font-awesome-icon', 'DataTable', 'bulkPermission']
       }
     });
 

From 14fee3fa3f43c28bb49da82c78378117e2ff9163 Mon Sep 17 00:00:00 2001
From: Csaky <Tim.Csaky@gov.bc.ca>
Date: Fri, 14 Jun 2024 11:34:11 -0700
Subject: [PATCH 4/4] Bulk perm removal for multiple matching accounts

Improve formatting of results
---
 .../src/components/common/BulkPermission.vue  | 59 ++++++++++++-------
 .../common/BulkPermissionResults.vue          | 21 +++++++
 frontend/src/components/common/Invite.vue     | 34 +++++------
 frontend/src/components/common/index.ts       |  1 +
 .../options/BucketDeletePermissionsOptions.ts |  2 +-
 .../options/ObjectDeletePermissionsOptions.ts |  2 +-
 frontend/src/utils/formatters.ts              | 36 +++++++----
 7 files changed, 101 insertions(+), 54 deletions(-)
 create mode 100644 frontend/src/components/common/BulkPermissionResults.vue

diff --git a/frontend/src/components/common/BulkPermission.vue b/frontend/src/components/common/BulkPermission.vue
index 10fef4b8..bc549c6f 100644
--- a/frontend/src/components/common/BulkPermission.vue
+++ b/frontend/src/components/common/BulkPermission.vue
@@ -5,6 +5,7 @@ import { useForm, ErrorMessage } from 'vee-validate';
 import * as yup from 'yup';
 import { Button, RadioButton, Checkbox, useToast, TextArea } from '@/lib/primevue';
 import { Spinner } from '@/components/layout';
+import { BulkPermissionResults } from '@/components/common';
 
 import { Permissions, Regex } from '@/utils/constants';
 import { toBulkResult } from '@/utils/formatters';
@@ -38,13 +39,7 @@ const permHelpLink: Ref<string> = computed(() => {
     ? 'https://github.com/bcgov/bcbox/wiki/My-Files#folder-permissions'
     : 'https://github.com/bcgov/bcbox/wiki/Files#file-permissions';
 });
-const results: Ref<Array<any>> = ref([
-  {
-    resourceType: props.resourceType,
-    resourceId: resourceId.value,
-    result: []
-  }
-]);
+const results: Ref<Array<any>> = ref([]);
 
 const timeFrames: Record<string, number> = {
   '1 Hour': 3600,
@@ -127,8 +122,8 @@ const onSubmit = handleSubmit(async (values: any, { resetForm }) => {
 
     // for each email, if user exists in db then give permissions, otherwise send invite
     let permData: Array<{ userId: string; permCode: string }> = [];
-    let inviteUsers: Array<string> = [];
-    const result = await Promise.all(
+    let newUsers: Array<string> = [];
+    let resultData = await Promise.all(
       emailArray.map(async (email: string) => {
         const users = (await userService.searchForUsers({ email: email })).data;
         // if an exact match on one account
@@ -142,15 +137,26 @@ const onSubmit = handleSubmit(async (values: any, { resetForm }) => {
               permData.push({ userId: users[0].userId, permCode: pc });
             });
           }
-          return { email: email, userId: users[0].userId, permissions: [] };
-        } else if (values.action === 'add') {
-          inviteUsers.push(email);
+          return { email: email, users: [users[0].userId], permissions: [] };
+        }
+        // else if adding perms (and users not found)
+        else if (values.action === 'add') {
+          newUsers.push(email);
           return { email: email };
         }
+        // else if removing permissions and more than one matching user was found
+        else if (values.action === 'remove' && users.length > 1) {
+          users.forEach((u: any) => {
+            if (u.email === email) {
+              Object.values(Permissions).forEach((pc: string) => {
+                permData.push({ userId: u.userId, permCode: pc });
+              });
+            }
+          });
+          return { email: email, users: users.map((u: any) => u.userId), permissions: [] };
+        }
       })
     );
-    // add to results
-    results.value[0].result = result;
 
     // handle permission updates for users already in the system
     if (permData.length > 0) {
@@ -163,7 +169,11 @@ const onSubmit = handleSubmit(async (values: any, { resetForm }) => {
             : await permissionService.bucketAddPermissions(resourceId.value, permData);
       } else {
         // else removing
-        const deletePermData = { userId: permData[0].userId, permCode: permData.map((p) => p.permCode) };
+        const deletePermData = {
+          userId: [...new Set(permData.map((item) => item.userId))],
+          permCode: Object.values(Permissions)
+        };
+
         permResponse =
           props.resourceType === 'object'
             ? await permissionService.objectDeletePermission(resourceId.value, deletePermData)
@@ -171,7 +181,7 @@ const onSubmit = handleSubmit(async (values: any, { resetForm }) => {
       }
       // add updated permissions to results
       permResponse.data.forEach((p: any) => {
-        const el = results.value[0].result.find((r: any) => r.userId === p.userId);
+        const el = resultData.find((r: any) => r.users.includes(p.userId));
         el.permissions.push({
           createdAt: p.createdAt,
           permCode: p.permCode
@@ -180,24 +190,24 @@ const onSubmit = handleSubmit(async (values: any, { resetForm }) => {
     }
 
     // generate invites (for emails not already in the system)
-    if (values.notFound === 'invite' && inviteUsers.length > 0 && values.action === 'add') {
+    if (values.action === 'add' && values.notFound === 'invite' && newUsers.length > 0) {
       const expiresAt = Math.floor(Date.now() / 1000) + values.expiresAt;
       const emailResponse = await inviteService.createInvites(
         props.resourceType,
         props.resource,
         getUser.value?.profile,
-        inviteUsers,
+        newUsers,
         expiresAt,
         values.permCodes
       );
-      // add to results
+      // add CHES msgId's to results
       emailResponse.data.messages.forEach((msg: { msgId: string; to: Array<string> }) => {
-        results.value[0].result.find((r: any) => r.email === msg.to[0]).chesMsgId = msg.msgId;
+        resultData.find((r: any) => r.email === msg.to[0]).chesMsgId = msg.msgId;
       });
     }
 
     // format results into human-readable descriptions
-    results.value[0].result = toBulkResult(values.notFound, values.action, results.value[0].result);
+    results.value = toBulkResult(values.notFound, values.action, resultData);
 
     // refresh store
     if (props.resourceType === 'object') {
@@ -392,5 +402,12 @@ const onSubmit = handleSubmit(async (values: any, { resetForm }) => {
       />
     </div>
   </form>
+  <BulkPermissionResults
+    v-model="complete"
+    :results="results"
+    :resource="resource"
+    :resource-type="resourceType"
+  />
+
   <pre v-if="complete">{{ results }}</pre>
 </template>
diff --git a/frontend/src/components/common/BulkPermissionResults.vue b/frontend/src/components/common/BulkPermissionResults.vue
new file mode 100644
index 00000000..d69d37fb
--- /dev/null
+++ b/frontend/src/components/common/BulkPermissionResults.vue
@@ -0,0 +1,21 @@
+<script setup lang="ts">
+import { Dialog } from '@/lib/primevue';
+// Props
+type Props = {
+  results: Array<Object>;
+  resource: any;
+  resourceType: string;
+};
+const props = withDefaults(defineProps<Props>(), {});
+
+const modelValue = defineModel<boolean>({ default: false });
+</script>
+<template>
+  <Dialog
+    v-model:visible="modelValue"
+    header="Results"
+    :modal="true"
+  >
+    <pre>{{ props.results }}</pre>
+  </Dialog>
+</template>
diff --git a/frontend/src/components/common/Invite.vue b/frontend/src/components/common/Invite.vue
index 7a6870c5..7824dfcf 100644
--- a/frontend/src/components/common/Invite.vue
+++ b/frontend/src/components/common/Invite.vue
@@ -7,6 +7,7 @@ import { FontAwesomeIcon } from '@fortawesome/vue-fontawesome';
 import { Button, RadioButton, Checkbox, useToast, TextArea } from '@/lib/primevue';
 import TextInput from '@/components/form/TextInput.vue';
 import { Spinner } from '@/components/layout';
+import { BulkPermissionResults } from '@/components/common';
 
 import { Regex } from '@/utils/constants';
 import { toBulkResult } from '@/utils/formatters';
@@ -39,13 +40,7 @@ const permHelpLink: Ref<string> = computed(() => {
     ? 'https://github.com/bcgov/bcbox/wiki/My-Files#folder-permissions'
     : 'https://github.com/bcgov/bcbox/wiki/Files#file-permissions';
 });
-const results: Ref<Array<any>> = ref([
-  {
-    resourceType: props.resourceType,
-    resourceId: resourceId.value,
-    result: []
-  }
-]);
+const results: Ref<Array<any>> = ref([]);
 
 const timeFrames: Record<string, number> = {
   '1 Hour': 3600,
@@ -132,8 +127,8 @@ const onSubmit = handleSubmit(async (values: any, { resetForm }) => {
 
     // for each email, if user already exists in db then give permissions, otherwise send invite
     let permData: Array<{ userId: string; permCode: string }> = [];
-    let inviteUsers: Array<string> = [];
-    const result = await Promise.all(
+    let newUsers: Array<string> = [];
+    let resultData: any = await Promise.all(
       emailArray.map(async (email) => {
         const users = (await userService.searchForUsers({ email: email })).data;
         // if an exact match on one account
@@ -143,13 +138,11 @@ const onSubmit = handleSubmit(async (values: any, { resetForm }) => {
           });
           return { email: email, userId: users[0].userId, permissions: [] };
         } else {
-          inviteUsers.push(email);
+          newUsers.push(email);
           return { email: email };
         }
       })
     );
-    // add to results array
-    results.value[0].result = result;
 
     // give permissions to users already in the system
     if (permData.length > 0) {
@@ -158,7 +151,7 @@ const onSubmit = handleSubmit(async (values: any, { resetForm }) => {
           ? await permissionService.objectAddPermissions(resourceId.value, permData)
           : await permissionService.bucketAddPermissions(resourceId.value, permData);
       permResponse.data.forEach((p: any) => {
-        const el = results.value[0].result.find((r: any) => r.userId === p.userId);
+        const el = resultData.find((r: any) => r.userId === p.userId);
         el.permissions.push({
           createdAt: p.createdAt,
           permCode: p.permCode
@@ -167,23 +160,23 @@ const onSubmit = handleSubmit(async (values: any, { resetForm }) => {
     }
 
     // generate invites (for emails not already in the system)
-    if (inviteUsers.length > 0) {
+    if (newUsers.length > 0) {
       const expiresAt = Math.floor(Date.now() / 1000) + values.expiresAt;
       const emailResponse = await inviteService.createInvites(
         props.resourceType,
         props.resource,
         getUser.value?.profile,
-        inviteUsers,
+        newUsers,
         expiresAt,
         values.permCodes
       );
       // add to results
       emailResponse.data.messages.forEach((msg: { msgId: string; to: Array<string> }) => {
-        results.value[0].result.find((r: any) => r.email === msg.to[0]).chesMsgId = msg.msgId;
+        resultData.find((r: any) => r.email === msg.to[0]).chesMsgId = msg.msgId;
       });
     }
     // format results into human-readable descriptions
-    results.value[0].result = toBulkResult('invite', 'add', results.value[0].result);
+    results.value = toBulkResult('invite', 'add', resultData);
     complete.value = true;
     resetForm();
   } catch (error: any) {
@@ -337,7 +330,12 @@ const onSubmit = handleSubmit(async (values: any, { resetForm }) => {
       />
     </div>
   </form>
-  <pre v-if="complete">{{ results }}</pre>
+  <BulkPermissionResults
+    v-model="complete"
+    :results="results"
+    :resource="resource"
+    :resource-type="resourceType"
+  />
 </template>
 
 <style scoped lang="scss">
diff --git a/frontend/src/components/common/index.ts b/frontend/src/components/common/index.ts
index 328cf6a3..4b0f18c9 100644
--- a/frontend/src/components/common/index.ts
+++ b/frontend/src/components/common/index.ts
@@ -1,4 +1,5 @@
 export { default as BulkPermission } from './BulkPermission.vue';
+export { default as BulkPermissionResults } from './BulkPermissionResults.vue';
 export { default as Invite } from './Invite.vue';
 export { default as Share } from './Share.vue';
 export { default as ShareButton } from './ShareButton.vue';
diff --git a/frontend/src/types/options/BucketDeletePermissionsOptions.ts b/frontend/src/types/options/BucketDeletePermissionsOptions.ts
index 8a5e7fd3..1b0aa44d 100644
--- a/frontend/src/types/options/BucketDeletePermissionsOptions.ts
+++ b/frontend/src/types/options/BucketDeletePermissionsOptions.ts
@@ -1,4 +1,4 @@
 export type BucketDeletePermissionsOptions = {
-  userId?: string;
+  userId?: string | Array<string>;
   permCode?: string | Array<string>;
 };
diff --git a/frontend/src/types/options/ObjectDeletePermissionsOptions.ts b/frontend/src/types/options/ObjectDeletePermissionsOptions.ts
index 62be57e9..b296c350 100644
--- a/frontend/src/types/options/ObjectDeletePermissionsOptions.ts
+++ b/frontend/src/types/options/ObjectDeletePermissionsOptions.ts
@@ -1,4 +1,4 @@
 export type ObjectDeletePermissionsOptions = {
-  userId?: string;
+  userId?: string | Array<string>;
   permCode?: string | Array<string>;
 };
diff --git a/frontend/src/utils/formatters.ts b/frontend/src/utils/formatters.ts
index 167f46d7..419f4ebf 100644
--- a/frontend/src/utils/formatters.ts
+++ b/frontend/src/utils/formatters.ts
@@ -53,27 +53,37 @@ export function toBulkResult(
   data: Array<{ email: string; chesMsgId: string; permissions: Array<{ permCode: string }> | undefined }>
 ) {
   const result = data.map((r) => {
-    let description = 'No action taken';
+    let description: string = 'No action taken';
+    let status: number = 1;
     // invites
     if (r.chesMsgId && notFound === 'invite') description = 'Invite emailed';
     else if (notFound === 'ignore' && !r.permissions) {
       description = 'No invite was emailed';
+      status = 0;
     }
-    // permission updates
-    else if (r.permissions && r.permissions.length > 0) {
-      const perms = r.permissions.map((p) => {
-        return Permissionlabels[p.permCode as keyof typeof Permissionlabels];
-      });
-      description = `Permissions ${action === 'add' ? 'added' : 'removed'} (${perms.join(' and ')})`;
-    } else if (r.permissions && r.permissions.length == 0 && action === 'add') {
-      description = 'Permissions already existed';
-    } else if (r.permissions && r.permissions.length == 0 && action === 'remove') {
-      description = 'Permissions did not exist';
+    // adding permission
+    else if (action === 'add' && r.permissions) {
+      if (r.permissions.length > 0) {
+        const perms = r.permissions.map((p) => {
+          return Permissionlabels[p.permCode as keyof typeof Permissionlabels];
+        });
+        description = `Permissions added (${perms.join(' and ')})`;
+      } else {
+        description = 'Permissions already existed';
+        status = 0;
+      }
+    }
+    // removing permissions
+    else if (action === 'remove' && r.permissions) {
+      if (r.permissions.length == 0) {
+        description = 'Permissions did not exist';
+        status = 0;
+      } else description = 'All Permissions removed';
     }
-
     return new Object({
       email: r.email,
-      description: description
+      description: description,
+      status: status
     });
   });
   return result;