Implemented Custom role and permissions (#1189)

* Implemented Custom role and permissions

* changed permissions to permissions model

* added a semicolon
This commit is contained in:
Addison Beck 2021-01-13 14:31:27 -05:00 committed by GitHub
parent ca7794e6f2
commit cdc08e7e8a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 35 additions and 2 deletions

View file

@ -102,7 +102,7 @@ namespace Bit.Droid.Autofill
if (policy.Enabled)
{
var org = await _userService.GetOrganizationAsync(policy.OrganizationId);
if (org != null && org.Enabled && org.UsePolicies && !org.IsAdmin
if (org != null && org.Enabled && org.UsePolicies && !org.canManagePolicies
&& org.Status == OrganizationUserStatusType.Confirmed)
{
return;

View file

@ -298,7 +298,7 @@ namespace Bit.App.Pages
if (org.Enabled && org.Status == OrganizationUserStatusType.Confirmed)
{
OwnershipOptions.Add(new KeyValuePair<string, string>(org.Name, org.Id));
if (policies != null && org.UsePolicies && !org.IsAdmin && AllowPersonal)
if (policies != null && org.UsePolicies && !org.canManagePolicies && AllowPersonal)
{
foreach (var policy in policies)
{

View file

@ -6,5 +6,6 @@
Admin = 1,
User = 2,
Manager = 3,
Custom = 4,
}
}

View file

@ -26,6 +26,7 @@ namespace Bit.Core.Models.Data
Seats = response.Seats;
MaxCollections = response.MaxCollections;
MaxStorageGb = response.MaxStorageGb;
Permissions = response.Permissions;
}
public string Id { get; set; }
@ -45,5 +46,6 @@ namespace Bit.Core.Models.Data
public int Seats { get; set; }
public int MaxCollections { get; set; }
public short? MaxStorageGb { get; set; }
public Permissions Permissions { get; set; }
}
}

View file

@ -0,0 +1,16 @@
namespace Bit.Core.Models.Data
{
public class Permissions
{
public bool AccessBusinessPortal { get; set; }
public bool AccessEventLogs { get; set; }
public bool AccessImportExport { get; set; }
public bool AccessReports { get; set; }
public bool ManageAssignedCollections { get; set; }
public bool ManageAllCollections { get; set; }
public bool ManageGroups { get; set; }
public bool ManagePolicies { get; set; }
public bool ManageSso { get; set; }
public bool ManageUsers { get; set; }
}
}

View file

@ -26,6 +26,7 @@ namespace Bit.Core.Models.Domain
Seats = obj.Seats;
MaxCollections = obj.MaxCollections;
MaxStorageGb = obj.MaxStorageGb;
Permissions = obj.Permissions;
}
public string Id { get; set; }
@ -45,6 +46,7 @@ namespace Bit.Core.Models.Domain
public int Seats { get; set; }
public int MaxCollections { get; set; }
public short? MaxStorageGb { get; set; }
public Permissions Permissions { get; set; }
public bool CanAccess
{
@ -76,5 +78,15 @@ namespace Bit.Core.Models.Domain
public bool IsAdmin => Type == OrganizationUserType.Owner || Type == OrganizationUserType.Admin;
public bool IsOwner => Type == OrganizationUserType.Owner;
public bool IsCustom => Type == OrganizationUserType.Custom;
public bool canAccessBusinessPortl => IsAdmin || Permissions.AccessBusinessPortal;
public bool canAccessEventLogs => IsAdmin || Permissions.AccessEventLogs;
public bool canAccessImportExport => IsAdmin || Permissions.AccessImportExport;
public bool canAccessReports => IsAdmin || Permissions.AccessReports;
public bool canManageAllCollections => IsAdmin || Permissions.ManageAllCollections;
public bool canManageAssignedCollections => IsManager || Permissions.ManageAssignedCollections;
public bool canManageGroups => IsAdmin || Permissions.ManageGroups;
public bool canManagePolicies => IsAdmin || Permissions.ManagePolicies;
public bool canManageUser => IsAdmin || Permissions.ManageUsers;
}
}

View file

@ -1,4 +1,5 @@
using Bit.Core.Enums;
using Bit.Core.Models.Data;
namespace Bit.Core.Models.Response
{
@ -22,5 +23,6 @@ namespace Bit.Core.Models.Response
public OrganizationUserStatusType Status { get; set; }
public OrganizationUserType Type { get; set; }
public bool Enabled { get; set; }
public Permissions Permissions { get; set; }
}
}