A little bit of both. With pre-shared key both Alice and Bob knows the
same pass phrase that is used by WPA. When they connect to the access
point they will each negotiate a separate "temporal" key that is
private and that key will be used to encrypt the traffic. This means
that Alice cannot decrypt Bobs traffic (unless she hacks the system by
some other means) and vice versa.
However, if Alice can listen when Bob connects for the first time then
she can utilize her knowledge of the shared key (the pass phrase) to
figure out which temporal key Bob got and she can then decrypt his
traffic.
Wireshark, for instance, can do this decryption for you automatically
as long as it has access to the first 4 data packets of the
connection.
Note that this is by design, the temporal key is not there to provide
privacy between stations connected to the same ESS.