[PM-13839][PM-13840] Admin Console Collections #11649
Conversation
- When "manage all" option is selected all collections should be editable
Codecov ReportAttention: Patch coverage is
✅ All tests successful. No failed tests found. Additional details and impacted files@@ Coverage Diff @@
## main #11649 +/- ##
=======================================
Coverage ? 33.54%
=======================================
Files ? 2814
Lines ? 87435
Branches ? 16675
=======================================
Hits ? 29333
Misses ? 55797
Partials ? 2305 ☔ View full report in Codecov by Sentry. |
|
No New Or Fixed Issues Found |
…ng any other edits - This handles the case where a cipher is moving from unassigned to assigned and needs to have a collection to save any other edits
There was a problem hiding this comment.
This change from saving the collections before any other edits was made in part of PM-13887. I was seeing errors with saving edits before assigning to the collection.
| // Then save the new collection changes separately | ||
| encryptedCipher.collectionIds = cipher.collectionIds; | ||
| savedCipher = await this.cipherService.saveCollectionsWithServer(encryptedCipher); | ||
| savedCipher = await this.cipherService.updateWithServer(encryptedCipher, config.admin); |
There was a problem hiding this comment.
cipherService.updateWithServer will fail due to a lack of permissions after first updating the collections. You'd only run into this if the access all items as admin setting was off and you removed a the last editable collection.
I believe to avoid this, we can still save the collections first. But, when the original cipher is unassigned, we need to update the call to updateWithServer to have a check for an unassigned original cipher.
e.g.
updateWithServer(encryptedCipher, config.admin || originalCollectionIds.size === 0)This will use the admin endpoint for both of the scenarios that require it.
There was a problem hiding this comment.
As always, great catch 🤯 e6c5032
There was a problem hiding this comment.
Agh, I misspoke in my comment above, sorry. We should still update the cipher first.
That way if a user makes a change to the cipher AND unassigns themselves, the change to cipher is still persisted. Otherwise, the user is going to unassign themselves and then fail to update the cipher because they no longer have access.
If the cipher is originally unassigned, we can update the cipher first by making the change described above and also updating the call to use the saveCollectionsWithServerAdmin() method to account for the unassigned permissions.
There was a problem hiding this comment.
(We should eventually just encapsulate this “admin / not admin” logic internally within the CipherService to avoid this headache repeatedly. But, I don’t think we need to do that here and now, as there will likely be other consequences we’ll have to consider that outside of scope.)
- handling the case where the user un-assigns themselves from a cipher
| c.canEditItems(organization) && | ||
| (this.partialEdit || !c.readOnly || this.config.admin) |
There was a problem hiding this comment.
@shane-melton The logic behind canEditItems and !c.readOnly || this.config.admin overlaps. Do you think it's better to be explicit here with referencing the config? Or should I update the logic to
c.organizationId === orgId && c.canEditItems(organization) && this.partialEdit
There was a problem hiding this comment.
I think its okay to be explicit and reference the config.
With that said, I do think we want to re-arrange these conditions so that partialEdit still supersedes the edit-ability of a collection because the control is disabled.
c.organizationId === orgId && (this.partialEdit || c.canEditItems(organization) || this.config.admin)
…t/pm-13839-13840/admin-console-collections
| } else { | ||
| collectionsControl.enable(); | ||
| this.showCollectionsControl = true; |
There was a problem hiding this comment.
@shane-melton Calling this change out. The "should enable/show collection control when an organization is selected" unit test caught the case where orgId is falsy but then truthy. I don't believe that this would happen in the UI but through the logic it's possible so I added the enable/show logic here.
There was a problem hiding this comment.
That should be fine and I agree, I don't think it should come up in use, but better safe than sorry!
…t/pm-13839-13840/admin-console-collections
| let cipher: Cipher; | ||
|
|
||
| // When the form config is used within the Admin Console, retrieve the cipher from the admin endpoint | ||
| if (this.formConfig.isAdminConsole) { | ||
| const cipherResponse = await this.apiService.getCipherAdmin(cipherView.id); | ||
| const cipherData = new CipherData(cipherResponse); | ||
| cipher = new Cipher(cipherData); | ||
| } else { | ||
| cipher = await this.cipherService.get(cipherView.id); | ||
| } | ||
|
|
||
| // Store the updated cipher so any following edits use the most up to date cipher | ||
| this.formConfig.originalCipher = cipher; |
There was a problem hiding this comment.
This logic stems from defect: PM-14449.
When a cipher was edited within the Admin console and the user doesn't have "direct" access, the cipherService will return null. In this case the getCipherAdmin should be used to refetch the cipher
There was a problem hiding this comment.
edit-after-edit.mov
There was a problem hiding this comment.
😅 We can all thank Brad!
nick-livefront
deleted the
vault/pm-13839-13840/admin-console-collections
branch
🎟️ Tracking
PM-13839
PM-13840
PM-13887
Associated Server PR
📔 Objective
📸 Screenshots
admin-console-collections.mov
🦮 Reviewer guidelines
:+1:) or similar for great changes:memo:) or ℹ️ (:information_source:) for notes or general info:question:) for questions:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion:art:) for suggestions / improvements:x:) or:warning:) for more significant problems or concerns needing attention:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt:pick:) for minor or nitpick changes