[PM-17154] Limit item deletion feature flag logic removal (#5925)

* Refactor CiphersController and related tests by removing unused IFeatureService dependency and associated feature flag checks. Cleaned up tests to reflect these changes, ensuring they focus on manage permissions without reliance on feature flags. * Refactor CipherService and related tests by removing feature flag checks for item deletion permissions. Updated tests to focus on user manage permissions without reliance on feature flags, ensuring cleaner and more maintainable code. * Enhance CiphersControllerTests by adding user retrieval and organization ability checks. Updated test cases to ensure proper handling of item deletion permissions based on user roles and organization settings, improving test coverage and reliability.
2026-01-06 02:23:51 +00:00 · 2025-06-10 09:57:29 +01:00
parent fbdd62fadd
commit 021e69bc5d
4 changed files with 322 additions and 820 deletions
--- a/src/Api/Vault/Controllers/CiphersController.cs
+++ b/src/Api/Vault/Controllers/CiphersController.cs
@@ -42,7 +42,6 @@ public class CiphersController : Controller
    private readonly ICurrentContext _currentContext;
    private readonly ILogger<CiphersController> _logger;
    private readonly GlobalSettings _globalSettings;
-    private readonly IFeatureService _featureService;
    private readonly IOrganizationCiphersQuery _organizationCiphersQuery;
    private readonly IApplicationCacheService _applicationCacheService;
    private readonly ICollectionRepository _collectionRepository;
@@ -57,7 +56,6 @@ public class CiphersController : Controller
        ICurrentContext currentContext,
        ILogger<CiphersController> logger,
        GlobalSettings globalSettings,
-        IFeatureService featureService,
        IOrganizationCiphersQuery organizationCiphersQuery,
        IApplicationCacheService applicationCacheService,
        ICollectionRepository collectionRepository)
@@ -71,7 +69,6 @@ public class CiphersController : Controller
        _currentContext = currentContext;
        _logger = logger;
        _globalSettings = globalSettings;
-        _featureService = featureService;
        _organizationCiphersQuery = organizationCiphersQuery;
        _applicationCacheService = applicationCacheService;
        _collectionRepository = collectionRepository;
@@ -375,11 +372,6 @@ public class CiphersController : Controller

    private async Task<bool> CanDeleteOrRestoreCipherAsAdminAsync(Guid organizationId, IEnumerable<Guid> cipherIds)
    {
-        if (!_featureService.IsEnabled(FeatureFlagKeys.LimitItemDeletion))
-        {
-            return await CanEditCipherAsAdminAsync(organizationId, cipherIds);
-        }
-
        var org = _currentContext.GetOrganization(organizationId);

        // If we're not an "admin" or if we're a provider user we don't need to check the ciphers
--- a/src/Core/Vault/Services/Implementations/CipherService.cs
+++ b/src/Core/Vault/Services/Implementations/CipherService.cs
@@ -821,11 +821,6 @@ public class CipherService : ICipherService

    private async Task<bool> UserCanDeleteAsync(CipherDetails cipher, Guid userId)
    {
-        if (!_featureService.IsEnabled(FeatureFlagKeys.LimitItemDeletion))
-        {
-            return await UserCanEditAsync(cipher, userId);
-        }
-
        var user = await _userService.GetUserByIdAsync(userId);
        var organizationAbility = cipher.OrganizationId.HasValue ?
            await _applicationCacheService.GetOrganizationAbilityAsync(cipher.OrganizationId.Value) : null;
@@ -835,11 +830,6 @@ public class CipherService : ICipherService

    private async Task<bool> UserCanRestoreAsync(CipherDetails cipher, Guid userId)
    {
-        if (!_featureService.IsEnabled(FeatureFlagKeys.LimitItemDeletion))
-        {
-            return await UserCanEditAsync(cipher, userId);
-        }
-
        var user = await _userService.GetUserByIdAsync(userId);
        var organizationAbility = cipher.OrganizationId.HasValue ?
            await _applicationCacheService.GetOrganizationAbilityAsync(cipher.OrganizationId.Value) : null;
@@ -1059,17 +1049,11 @@ public class CipherService : ICipherService
    }

    // This method is used to filter ciphers based on the user's permissions to delete them.
-    // It supports both the old and new logic depending on the feature flag.
    private async Task<List<T>> FilterCiphersByDeletePermission<T>(
        IEnumerable<T> ciphers,
        HashSet<Guid> cipherIdsSet,
        Guid userId) where T : CipherDetails
    {
-        if (!_featureService.IsEnabled(FeatureFlagKeys.LimitItemDeletion))
-        {
-            return ciphers.Where(c => cipherIdsSet.Contains(c.Id) && c.Edit).ToList();
-        }
-
        var user = await _userService.GetUserByIdAsync(userId);
        var organizationAbilities = await _applicationCacheService.GetOrganizationAbilitiesAsync();