[PM-28300] Remove BlockClaimedDomainAccountCreation feature flag checks (#6934)

* [PM-28300] Remove BlockClaimedDomainAccountCreation feature flag checks * Fix user registration tests by adding proper email domains * Remove redundant feature flag checks from user registration tests * Remove BlockClaimedDomainAccountCreation constant from FeatureFlagKeys
2026-02-14 15:33:35 +00:00 · 2026-02-11 22:10:59 +00:00
parent d9b6df2692
commit 17166dc0f5
7 changed files with 113 additions and 146 deletions
--- a/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyValidators/BlockClaimedDomainAccountCreationPolicyValidator.cs
+++ b/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyValidators/BlockClaimedDomainAccountCreationPolicyValidator.cs
@@ -5,21 +5,17 @@ using Bit.Core.AdminConsole.Enums;
 using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationDomains.Interfaces;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies.Models;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyUpdateEvents.Interfaces;
-using Bit.Core.Services;

 namespace Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyValidators;

 public class BlockClaimedDomainAccountCreationPolicyValidator : IPolicyValidator, IPolicyValidationEvent
 {
    private readonly IOrganizationHasVerifiedDomainsQuery _organizationHasVerifiedDomainsQuery;
-    private readonly IFeatureService _featureService;

    public BlockClaimedDomainAccountCreationPolicyValidator(
-        IOrganizationHasVerifiedDomainsQuery organizationHasVerifiedDomainsQuery,
-        IFeatureService featureService)
+        IOrganizationHasVerifiedDomainsQuery organizationHasVerifiedDomainsQuery)
    {
        _organizationHasVerifiedDomainsQuery = organizationHasVerifiedDomainsQuery;
-        _featureService = featureService;
    }

    public PolicyType Type => PolicyType.BlockClaimedDomainAccountCreation;
@@ -34,12 +30,6 @@ public class BlockClaimedDomainAccountCreationPolicyValidator : IPolicyValidator

    public async Task<string> ValidateAsync(PolicyUpdate policyUpdate, Policy? currentPolicy)
    {
-        // Check if feature is enabled
-        if (!_featureService.IsEnabled(FeatureFlagKeys.BlockClaimedDomainAccountCreation))
-        {
-            return "This feature is not enabled";
-        }
-
        // Only validate when trying to ENABLE the policy
        if (policyUpdate is { Enabled: true })
        {
--- a/src/Core/Auth/UserFeatures/Registration/Implementations/RegisterUserCommand.cs
+++ b/src/Core/Auth/UserFeatures/Registration/Implementations/RegisterUserCommand.cs
@@ -81,7 +81,6 @@ public class RegisterUserCommand : IRegisterUserCommand
        _emergencyAccessInviteTokenDataFactory = emergencyAccessInviteTokenDataFactory;

        _providerServiceDataProtector = dataProtectionProvider.CreateProtector("ProviderServiceDataProtector");
-        _featureService = featureService;
    }

    public async Task<IdentityResult> RegisterUser(User user)
@@ -413,12 +412,6 @@ public class RegisterUserCommand : IRegisterUserCommand

    private async Task ValidateEmailDomainNotBlockedAsync(string email, Guid? excludeOrganizationId = null)
    {
-        // Only check if feature flag is enabled
-        if (!_featureService.IsEnabled(FeatureFlagKeys.BlockClaimedDomainAccountCreation))
-        {
-            return;
-        }
-
        var emailDomain = EmailValidation.GetDomain(email);

        var isDomainBlocked = await _organizationDomainRepository.HasVerifiedDomainWithBlockClaimedDomainPolicyAsync(
--- a/src/Core/Auth/UserFeatures/Registration/Implementations/SendVerificationEmailForRegistrationCommand.cs
+++ b/src/Core/Auth/UserFeatures/Registration/Implementations/SendVerificationEmailForRegistrationCommand.cs
@@ -22,7 +22,6 @@ public class SendVerificationEmailForRegistrationCommand : ISendVerificationEmai
    private readonly GlobalSettings _globalSettings;
    private readonly IMailService _mailService;
    private readonly IDataProtectorTokenFactory<RegistrationEmailVerificationTokenable> _tokenDataFactory;
-    private readonly IFeatureService _featureService;
    private readonly IOrganizationDomainRepository _organizationDomainRepository;

    public SendVerificationEmailForRegistrationCommand(
@@ -31,7 +30,6 @@ public class SendVerificationEmailForRegistrationCommand : ISendVerificationEmai
        GlobalSettings globalSettings,
        IMailService mailService,
        IDataProtectorTokenFactory<RegistrationEmailVerificationTokenable> tokenDataFactory,
-        IFeatureService featureService,
        IOrganizationDomainRepository organizationDomainRepository)
    {
        _logger = logger;
@@ -39,7 +37,6 @@ public class SendVerificationEmailForRegistrationCommand : ISendVerificationEmai
        _globalSettings = globalSettings;
        _mailService = mailService;
        _tokenDataFactory = tokenDataFactory;
-        _featureService = featureService;
        _organizationDomainRepository = organizationDomainRepository;

    }
@@ -57,17 +54,14 @@ public class SendVerificationEmailForRegistrationCommand : ISendVerificationEmai
        }

        // Check if the email domain is blocked by an organization policy
-        if (_featureService.IsEnabled(FeatureFlagKeys.BlockClaimedDomainAccountCreation))
-        {
-            var emailDomain = EmailValidation.GetDomain(email);
+        var emailDomain = EmailValidation.GetDomain(email);

-            if (await _organizationDomainRepository.HasVerifiedDomainWithBlockClaimedDomainPolicyAsync(emailDomain))
-            {
-                _logger.LogInformation(
-                    "User registration email verification blocked by domain claim policy. Domain: {Domain}",
-                    emailDomain);
-                throw new BadRequestException("This email address is claimed by an organization using Bitwarden.");
-            }
+        if (await _organizationDomainRepository.HasVerifiedDomainWithBlockClaimedDomainPolicyAsync(emailDomain))
+        {
+            _logger.LogInformation(
+                "User registration email verification blocked by domain claim policy. Domain: {Domain}",
+                emailDomain);
+            throw new BadRequestException("This email address is claimed by an organization using Bitwarden.");
        }

        // Check to see if the user already exists
--- a/src/Core/Constants.cs
+++ b/src/Core/Constants.cs
@@ -140,7 +140,6 @@ public static class FeatureFlagKeys
    public const string CreateDefaultLocation = "pm-19467-create-default-location";
    public const string AutomaticConfirmUsers = "pm-19934-auto-confirm-organization-users";
    public const string PM23845_VNextApplicationCache = "pm-24957-refactor-memory-application-cache";
-    public const string BlockClaimedDomainAccountCreation = "pm-28297-block-uninvited-claimed-domain-registration";
    public const string DefaultUserCollectionRestore = "pm-30883-my-items-restored-users";
    public const string PremiumAccessQuery = "pm-29495-refactor-premium-interface";
    public const string RefactorMembersComponent = "pm-29503-refactor-members-inheritance";