diff --git a/apps/web/src/app/vault/components/vault-items/vault-cipher-row.component.html b/apps/web/src/app/vault/components/vault-items/vault-cipher-row.component.html index 4302edcb4ec..2f38d7c70db 100644 --- a/apps/web/src/app/vault/components/vault-items/vault-cipher-row.component.html +++ b/apps/web/src/app/vault/components/vault-items/vault-cipher-row.component.html @@ -1,5 +1,6 @@ (); protected CipherType = CipherType; + protected organization?: Organization; constructor(private configService: ConfigService) {} @@ -53,6 +54,9 @@ export class VaultCipherRowComponent implements OnInit { this.extensionRefreshEnabled = await firstValueFrom( this.configService.getFeatureFlag$(FeatureFlag.ExtensionRefresh), ); + if (this.cipher.organizationId != null) { + this.organization = this.organizations.find((o) => o.id === this.cipher.organizationId); + } } protected get showTotpCopyButton() { @@ -138,4 +142,12 @@ export class VaultCipherRowComponent implements OnInit { protected assignToCollections() { this.onEvent.emit({ type: "assignToCollections", items: [this.cipher] }); } + + protected get showCheckbox() { + if (!this.viewingOrgVault || !this.organization) { + return true; // Always show checkbox in individual vault or for non-org items + } + + return this.organization.canEditAllCiphers || this.cipher.edit; + } } diff --git a/apps/web/src/app/vault/components/vault-items/vault-collection-row.component.ts b/apps/web/src/app/vault/components/vault-items/vault-collection-row.component.ts index 36cd3679a0d..9656e4e8353 100644 --- a/apps/web/src/app/vault/components/vault-items/vault-collection-row.component.ts +++ b/apps/web/src/app/vault/components/vault-items/vault-collection-row.component.ts @@ -103,6 +103,10 @@ export class VaultCollectionRowComponent { } protected get showCheckbox() { - return this.collection?.id !== Unassigned; + if (this.collection?.id === Unassigned) { + return false; // Never show checkbox for Unassigned + } + + return this.canEditCollection || this.canDeleteCollection; } } diff --git a/apps/web/src/app/vault/components/vault-items/vault-items.component.ts b/apps/web/src/app/vault/components/vault-items/vault-items.component.ts index 04f2245d26d..794a0b3b252 100644 --- a/apps/web/src/app/vault/components/vault-items/vault-items.component.ts +++ b/apps/web/src/app/vault/components/vault-items/vault-items.component.ts @@ -1,7 +1,7 @@ import { SelectionModel } from "@angular/cdk/collections"; import { Component, EventEmitter, Input, Output } from "@angular/core"; -import { Unassigned, CollectionView } from "@bitwarden/admin-console/common"; +import { CollectionView, Unassigned } from "@bitwarden/admin-console/common"; import { Organization } from "@bitwarden/common/admin-console/models/domain/organization"; import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view"; import { TableDataSource } from "@bitwarden/components"; @@ -205,11 +205,12 @@ export class VaultItemsComponent { this.selection.clear(); - // Every item except for the Unassigned collection is selectable, individual bulk actions check the user's permission + // All ciphers are selectable, collections only if they can be edited or deleted this.editableItems = items.filter( (item) => item.cipher !== undefined || - (item.collection !== undefined && item.collection.id !== Unassigned), + (item.collection !== undefined && + (this.canEditCollection(item.collection) || this.canDeleteCollection(item.collection))), ); this.dataSource.data = items;