[PM-11360] Remove export permission for providers

[eliykat]

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-11360

📔 Objective

Remove provider export permissions. Provider users will not have the ability to access an organization’s export tab or export a managed organization’s items.

• split organization.canAccessImportExport into separate getters for import and export (providers can still import)
• restrict provider access to export (behind a feature flag)

Server PR: bitwarden/server#5051

📸 Screenshots

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[eliykat]

Tools Team: this is just updating the org.canAccessImportExport property reference, which has been split into org.canAccessImport and org.canAccessExport. Given that this is the import component, it now refers to org.canAccessImport.

[eliykat]

The canAccessImport helper function in organization.service.abstraction has also been removed because it was only used here and this is all it was doing.

[eliykat]

It's a bit awkward to make callers fetch their own feature flag value to pass in. I tried some other approaches, but introducing any observable or promise here makes pretty large waves through all its callers. This remains the simplest approach for now.

[github-actions]

Checkmarx One – Scan Summary & Details – 87284dc1-1623-47fd-a13a-bd96053e76b7

Fixed Issues

Severity	Issue	Source File / Package
	Client_JQuery_Deprecated_Symbols	/apps/cli/src/service-container/service-container.ts: 876

[eliykat]

This is necessary because some of our model mapping is wrong. I've logged a bug here: https://bitwarden.atlassian.net/browse/PM-15078

[codecov]

Codecov Report

Attention: Patch coverage is 11.62791% with 38 lines in your changes missing coverage. Please review.

Project coverage is 33.45%. Comparing base (34e20b7) to head (079d9b9).
Report is 9 commits behind head on main.

✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
...s/settings/organization-settings-routing.module.ts	0.00%	14 Missing ⚠️
...nizations/layouts/organization-layout.component.ts	40.00%	6 Missing ⚠️
...on/src/admin-console/models/domain/organization.ts	0.00%	6 Missing ⚠️
libs/importer/src/components/import.component.ts	0.00%	5 Missing ⚠️
...navigation-switcher/navigation-switcher.stories.ts	0.00%	3 Missing ⚠️
...youts/product-switcher/product-switcher.stories.ts	0.00%	3 Missing ⚠️
apps/cli/src/tools/import.command.ts	0.00%	1 Missing ⚠️

Additional details and impacted files

@@           Coverage Diff           @@
##             main   #12062   +/-   ##
=======================================
  Coverage   33.44%   33.45%           
=======================================
  Files        2864     2864           
  Lines       89666    89667    +1     
  Branches    17067    17067           
=======================================
+ Hits        29988    29997    +9     
+ Misses      57317    57309    -8     
  Partials     2361     2361           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

---

🚨 Try these New Features:

• JS Bundle Analysis - Avoid shipping oversized bundles

[audreyality]

👍🏻 Tools changes LGTM!

[vleague2]

DS-owned file looks good!

[eliykat]

I had to fix some mocks used in Storybook. The remaining 1 story change is an unapproved change from main which I will chase up now, but is not caused by this PR.