[PM-13839][PM-13840] Admin Console Collections

apps/web/src/app/vault/components/vault-item-dialog/vault-item-dialog.component.ts

@@ -6,6 +6,7 @@ import { firstValueFrom, Observable, Subject } from "rxjs";
 import { map } from "rxjs/operators";
 
 import { CollectionView } from "@bitwarden/admin-console/common";
+import { ApiService } from "@bitwarden/common/abstractions/api.service";
 import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
 import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
 import { BillingAccountProfileStateService } from "@bitwarden/common/billing/abstractions";
@@ -17,6 +18,8 @@ import { CipherService } from "@bitwarden/common/vault/abstractions/cipher.servi
 import { PremiumUpgradePromptService } from "@bitwarden/common/vault/abstractions/premium-upgrade-prompt.service";
 import { ViewPasswordHistoryService } from "@bitwarden/common/vault/abstractions/view-password-history.service";
 import { CipherType } from "@bitwarden/common/vault/enums";
+import { CipherData } from "@bitwarden/common/vault/models/data/cipher.data";
+import { Cipher } from "@bitwarden/common/vault/models/domain/cipher";
 import { CipherView } from "@bitwarden/common/vault/models/view/cipher.view";
 import { CipherAuthorizationService } from "@bitwarden/common/vault/services/cipher-authorization.service";
 import {
@@ -231,6 +234,7 @@ export class VaultItemDialogComponent implements OnInit, OnDestroy {
     private billingAccountProfileStateService: BillingAccountProfileStateService,
     private premiumUpgradeService: PremiumUpgradePromptService,
     private cipherAuthorizationService: CipherAuthorizationService,
+    private apiService: ApiService,
   ) {
     this.updateTitle();
   }
@@ -278,7 +282,20 @@ export class VaultItemDialogComponent implements OnInit, OnDestroy {
     if (this._originalFormMode === "add" || this._originalFormMode === "clone") {
       this.formConfig.mode = "edit";
     }
-    this.formConfig.originalCipher = await this.cipherService.get(cipherView.id);
+
+    let cipher: Cipher;
+
+    // When the form config is used within the Admin Console, retrieve the cipher from the admin endpoint
+    if (this.formConfig.isAdminConsole) {
+      const cipherResponse = await this.apiService.getCipherAdmin(cipherView.id);
+      const cipherData = new CipherData(cipherResponse);
+      cipher = new Cipher(cipherData);
+    } else {
+      cipher = await this.cipherService.get(cipherView.id);
+    }
+
+    // Store the updated cipher so any following edits use the most up to date cipher
+    this.formConfig.originalCipher = cipher;
     this._cipherModified = true;
     await this.changeMode("view");
   }

apps/web/src/app/vault/org-vault/services/admin-console-cipher-form-config.service.spec.ts

@@ -17,7 +17,23 @@ describe("AdminConsoleCipherFormConfigService", () => {
   let adminConsoleConfigService: AdminConsoleCipherFormConfigService;
 
   const cipherId = "333-444-555" as CipherId;
-  const testOrg = { id: "333-44-55", name: "Test Org", canEditAllCiphers: false };
+  const testOrg = {
+    id: "333-44-55",
+    name: "Test Org",
+    canEditAllCiphers: false,
+    isMember: true,
+    enabled: true,
+    status: OrganizationUserStatusType.Confirmed,
+  };
+  const testOrg2 = {
+    id: "333-999-888",
+    name: "Test Org 2",
+    canEditAllCiphers: false,
+    isMember: true,
+    enabled: true,
+    status: OrganizationUserStatusType.Confirmed,
+  };
+  const policyAppliesToActiveUser$ = new BehaviorSubject<boolean>(true);
   const collection = {
     id: "12345-5555",
     organizationId: "234534-34334",
@@ -32,6 +48,7 @@ describe("AdminConsoleCipherFormConfigService", () => {
     assigned: true,
     readOnly: false,
   } as CollectionAdminView;
+
   const organization$ = new BehaviorSubject<Organization>(testOrg as Organization);
   const organizations$ = new BehaviorSubject<Organization[]>([testOrg, testOrg2] as Organization[]);
   const getCipherAdmin = jest.fn().mockResolvedValue(null);
@@ -43,11 +60,15 @@ describe("AdminConsoleCipherFormConfigService", () => {
     await TestBed.configureTestingModule({
       providers: [
         AdminConsoleCipherFormConfigService,
-        { provide: OrganizationService, useValue: { get$: () => organization$ } },
+        { provide: OrganizationService, useValue: { get$: () => organization$, organizations$ } },
         {
           provide: CollectionAdminService,
           useValue: { getAll: () => Promise.resolve([collection, collection2]) },
         },
+        {
+          provide: PolicyService,
+          useValue: { policyAppliesToActiveUser$: () => policyAppliesToActiveUser$ },
+        },
         {
           provide: RoutedVaultFilterService,
           useValue: { filter$: new BehaviorSubject({ organizationId: testOrg.id }) },

apps/web/src/app/vault/org-vault/services/admin-console-cipher-form-config.service.ts

@@ -4,6 +4,8 @@ import { combineLatest, filter, firstValueFrom, map, switchMap } from "rxjs";
 import { CollectionAdminService } from "@bitwarden/admin-console/common";
 import { ApiService } from "@bitwarden/common/abstractions/api.service";
 import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
+import { PolicyService } from "@bitwarden/common/admin-console/abstractions/policy/policy.service.abstraction";
+import { PolicyType, OrganizationUserStatusType } from "@bitwarden/common/admin-console/enums";
 import { CipherId } from "@bitwarden/common/types/guid";
 import { CipherType } from "@bitwarden/common/vault/enums";
 import { CipherData } from "@bitwarden/common/vault/models/data/cipher.data";
@@ -55,11 +57,23 @@ export class AdminConsoleCipherFormConfigService implements CipherFormConfigServ
     cipherId?: CipherId,
     cipherType?: CipherType,
   ): Promise<CipherFormConfig> {
-    const [organization, allCollections] = await firstValueFrom(
-      combineLatest([this.organization$, this.allCollections$]),
-    );
-
     const cipher = await this.getCipher(cipherId);
+    const [organization, allowPersonalOwnership, allOrganizations, allCollections] =
+      await firstValueFrom(
+        combineLatest([
+          this.organization$,
+          this.allowPersonalOwnership$,
+          this.allOrganizations$,
+          this.allCollections$,
+        ]),
+      );
+
+    // When cloning from within the Admin Console, all organizations should be available.
+    // Otherwise only the one in context should be
+    const organizations = mode === "clone" ? allOrganizations : [organization];
+    // Only allow the user to assign to their personal vault when cloning and
+    // the policies are enabled for it.
+    const allowPersonalOwnershipOnlyForClone = mode === "clone" ? allowPersonalOwnership : false;
 
     return {
       mode,
@@ -68,7 +82,7 @@ export class AdminConsoleCipherFormConfigService implements CipherFormConfigServ
       allowPersonalOwnership: allowPersonalOwnershipOnlyForClone,
       originalCipher: cipher,
       collections: allCollections,
-      organizations: [organization], // only a single org is in context at a time
+      organizations,
       folders: [], // folders not applicable in the admin console
       hideIndividualVaultFields: true,
       isAdminConsole: true,