[AC 1451] Refactor staticstore plans and consuming logic (#3164)

* refactor the plan and create new objects * initial commit * Add new plan types * continue the refactoring by adding new plantypes * changes for plans * Refactoring continues * making changes for plan * Fixing the failing test * Fixing whitespace * Fix some in correct values * Resolve the plan data * rearranging the plan * Make the plan more immutable * Resolve the lint errors * Fix the failing test * Add custom plan * Fix the failing test * Fix the failing test * resolve the failing addons after refactoring * Refactoring * Merge branch 'master' into ac-1451/refactor-staticstore-plans-and-consuming-logic * merge from master * Merge branch 'master' into ac-1451/refactor-staticstore-plans-and-consuming-logic * format whitespace * resolve the conflict * Fix some pr comments * Fixing some of the pr comments * fixing some of the pr comments * Resolve some pr comments * Resolve pr comments * Resolves some pr comments * Resolving some or comments * Resolve a failing test * fix the failing test * Resolving some pr comments * Fix the failing test * resolve pr comment * add a using statement fir a failing test --------- Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
2026-01-05 01:53:17 +00:00 · 2023-10-17 15:56:35 +01:00
parent 1c3bd4d252
commit 8177821e8b
48 changed files with 1041 additions and 1173 deletions
--- a/src/Core/OrganizationFeatures/OrganizationSubscriptions/AddSecretsManagerSubscriptionCommand.cs
+++ b/src/Core/OrganizationFeatures/OrganizationSubscriptions/AddSecretsManagerSubscriptionCommand.cs
@@ -30,7 +30,7 @@ public class AddSecretsManagerSubscriptionCommand : IAddSecretsManagerSubscripti
    {
        await ValidateOrganization(organization);

-        var plan = StaticStore.GetSecretsManagerPlan(organization.PlanType);
+        var plan = StaticStore.GetPlan(organization.PlanType);
        var signup = SetOrganizationUpgrade(organization, additionalSmSeats, additionalServiceAccounts);
        _organizationService.ValidateSecretsManagerPlan(plan, signup);

@@ -39,8 +39,8 @@ public class AddSecretsManagerSubscriptionCommand : IAddSecretsManagerSubscripti
            await _paymentService.AddSecretsManagerToSubscription(organization, plan, additionalSmSeats, additionalServiceAccounts);
        }

-        organization.SmSeats = plan.BaseSeats + additionalSmSeats;
-        organization.SmServiceAccounts = plan.BaseServiceAccount.GetValueOrDefault() + additionalServiceAccounts;
+        organization.SmSeats = plan.SecretsManager.BaseSeats + additionalSmSeats;
+        organization.SmServiceAccounts = plan.SecretsManager.BaseServiceAccount + additionalServiceAccounts;
        organization.UseSecretsManager = true;

        await _organizationService.ReplaceAndUpdateCacheAsync(organization);
@@ -79,7 +79,7 @@ public class AddSecretsManagerSubscriptionCommand : IAddSecretsManagerSubscripti
            throw new BadRequestException("Organization already uses Secrets Manager.");
        }

-        var plan = StaticStore.GetSecretsManagerPlan(organization.PlanType);
+        var plan = StaticStore.Plans.FirstOrDefault(p => p.Type == organization.PlanType && p.SupportsSecretsManager);
        if (string.IsNullOrWhiteSpace(organization.GatewayCustomerId) && plan.Product != ProductType.Free)
        {
            throw new BadRequestException("No payment method found.");
--- a/src/Core/OrganizationFeatures/OrganizationSubscriptions/UpdateSecretsManagerSubscriptionCommand.cs
+++ b/src/Core/OrganizationFeatures/OrganizationSubscriptions/UpdateSecretsManagerSubscriptionCommand.cs
@@ -205,10 +205,10 @@ public class UpdateSecretsManagerSubscriptionCommand : IUpdateSecretsManagerSubs
        }

        // Check plan maximum seats
-        if (!plan.HasAdditionalSeatsOption ||
-            (plan.MaxAdditionalSeats.HasValue && update.SmSeatsExcludingBase > plan.MaxAdditionalSeats.Value))
+        if (!plan.SecretsManager.HasAdditionalSeatsOption ||
+            (plan.SecretsManager.MaxAdditionalSeats.HasValue && update.SmSeatsExcludingBase > plan.SecretsManager.MaxAdditionalSeats.Value))
        {
-            var planMaxSeats = plan.BaseSeats + plan.MaxAdditionalSeats.GetValueOrDefault();
+            var planMaxSeats = plan.SecretsManager.BaseSeats + plan.SecretsManager.MaxAdditionalSeats.GetValueOrDefault();
            throw new BadRequestException($"You have reached the maximum number of Secrets Manager seats ({planMaxSeats}) for this plan.");
        }

@@ -222,9 +222,9 @@ public class UpdateSecretsManagerSubscriptionCommand : IUpdateSecretsManagerSubs
        }

        // Check minimum seats included with plan
-        if (plan.BaseSeats > update.SmSeats.Value)
+        if (plan.SecretsManager.BaseSeats > update.SmSeats.Value)
        {
-            throw new BadRequestException($"Plan has a minimum of {plan.BaseSeats} Secrets Manager  seats.");
+            throw new BadRequestException($"Plan has a minimum of {plan.SecretsManager.BaseSeats} Secrets Manager  seats.");
        }

        // Check minimum seats required by business logic
@@ -262,11 +262,11 @@ public class UpdateSecretsManagerSubscriptionCommand : IUpdateSecretsManagerSubs
        }

        // Check plan maximum service accounts
-        if (!plan.HasAdditionalServiceAccountOption ||
-            (plan.MaxAdditionalServiceAccount.HasValue && update.SmServiceAccountsExcludingBase > plan.MaxAdditionalServiceAccount.Value))
+        if (!plan.SecretsManager.HasAdditionalServiceAccountOption ||
+            (plan.SecretsManager.MaxAdditionalServiceAccount.HasValue && update.SmServiceAccountsExcludingBase > plan.SecretsManager.MaxAdditionalServiceAccount.Value))
        {
-            var planMaxServiceAccounts = plan.BaseServiceAccount.GetValueOrDefault() +
-                                         plan.MaxAdditionalServiceAccount.GetValueOrDefault();
+            var planMaxServiceAccounts = plan.SecretsManager.BaseServiceAccount +
+                                         plan.SecretsManager.MaxAdditionalServiceAccount.GetValueOrDefault();
            throw new BadRequestException($"You have reached the maximum number of service accounts ({planMaxServiceAccounts}) for this plan.");
        }

@@ -281,9 +281,9 @@ public class UpdateSecretsManagerSubscriptionCommand : IUpdateSecretsManagerSubs
        }

        // Check minimum service accounts included with plan
-        if (plan.BaseServiceAccount.HasValue && plan.BaseServiceAccount.Value > update.SmServiceAccounts.Value)
+        if (plan.SecretsManager.BaseServiceAccount > update.SmServiceAccounts.Value)
        {
-            throw new BadRequestException($"Plan has a minimum of {plan.BaseServiceAccount} service accounts.");
+            throw new BadRequestException($"Plan has a minimum of {plan.SecretsManager.BaseServiceAccount} service accounts.");
        }

        // Check minimum service accounts required by business logic
@@ -319,15 +319,15 @@ public class UpdateSecretsManagerSubscriptionCommand : IUpdateSecretsManagerSubs
            throw new BadRequestException($"Cannot set max Secrets Manager seat autoscaling below current Secrets Manager seat count.");
        }

-        if (plan.MaxUsers.HasValue && update.MaxAutoscaleSmSeats.Value > plan.MaxUsers)
+        if (plan.SecretsManager.MaxSeats.HasValue && update.MaxAutoscaleSmSeats.Value > plan.SecretsManager.MaxSeats)
        {
            throw new BadRequestException(string.Concat(
-                $"Your plan has a Secrets Manager seat limit of {plan.MaxUsers}, ",
+                $"Your plan has a Secrets Manager seat limit of {plan.SecretsManager.MaxSeats}, ",
                $"but you have specified a max autoscale count of {update.MaxAutoscaleSmSeats}.",
                "Reduce your max autoscale count."));
        }

-        if (!plan.AllowSeatAutoscale)
+        if (!plan.SecretsManager.AllowSeatAutoscale)
        {
            throw new BadRequestException("Your plan does not allow Secrets Manager seat autoscaling.");
        }
@@ -349,15 +349,15 @@ public class UpdateSecretsManagerSubscriptionCommand : IUpdateSecretsManagerSubs
                $"Cannot set max service accounts autoscaling below current service accounts count.");
        }

-        if (!plan.AllowServiceAccountsAutoscale)
+        if (!plan.SecretsManager.AllowServiceAccountsAutoscale)
        {
            throw new BadRequestException("Your plan does not allow service accounts autoscaling.");
        }

-        if (plan.MaxServiceAccounts.HasValue && update.MaxAutoscaleSmServiceAccounts.Value > plan.MaxServiceAccounts)
+        if (plan.SecretsManager.MaxServiceAccounts.HasValue && update.MaxAutoscaleSmServiceAccounts.Value > plan.SecretsManager.MaxServiceAccounts)
        {
            throw new BadRequestException(string.Concat(
-                $"Your plan has a service account limit of {plan.MaxServiceAccounts}, ",
+                $"Your plan has a service account limit of {plan.SecretsManager.MaxServiceAccounts}, ",
                $"but you have specified a max autoscale count of {update.MaxAutoscaleSmServiceAccounts}.",
                "Reduce your max autoscale count."));
        }
--- a/src/Core/OrganizationFeatures/OrganizationSubscriptions/UpgradeOrganizationPlanCommand.cs
+++ b/src/Core/OrganizationFeatures/OrganizationSubscriptions/UpgradeOrganizationPlanCommand.cs
@@ -73,69 +73,67 @@ public class UpgradeOrganizationPlanCommand : IUpgradeOrganizationPlanCommand
            throw new BadRequestException("Your account has no payment method available.");
        }

-        var existingPasswordManagerPlan = StaticStore.PasswordManagerPlans.FirstOrDefault(p => p.Type == organization.PlanType);
-        if (existingPasswordManagerPlan == null)
+        var existingPlan = StaticStore.GetPlan(organization.PlanType);
+        if (existingPlan == null)
        {
            throw new BadRequestException("Existing plan not found.");
        }

-        var newPasswordManagerPlan =
-            StaticStore.PasswordManagerPlans.FirstOrDefault(p => p.Type == upgrade.Plan && !p.Disabled);
-        if (newPasswordManagerPlan == null)
+        var newPlan = StaticStore.Plans.FirstOrDefault(p => p.Type == upgrade.Plan && !p.Disabled);
+        if (newPlan == null)
        {
            throw new BadRequestException("Plan not found.");
        }

-        if (existingPasswordManagerPlan.Type == newPasswordManagerPlan.Type)
+        if (existingPlan.Type == newPlan.Type)
        {
            throw new BadRequestException("Organization is already on this plan.");
        }

-        if (existingPasswordManagerPlan.UpgradeSortOrder >= newPasswordManagerPlan.UpgradeSortOrder)
+        if (existingPlan.UpgradeSortOrder >= newPlan.UpgradeSortOrder)
        {
            throw new BadRequestException("You cannot upgrade to this plan.");
        }

-        if (existingPasswordManagerPlan.Type != PlanType.Free)
+        if (existingPlan.Type != PlanType.Free)
        {
            throw new BadRequestException("You can only upgrade from the free plan. Contact support.");
        }

-        _organizationService.ValidatePasswordManagerPlan(newPasswordManagerPlan, upgrade);
-        var newSecretsManagerPlan =
-            StaticStore.SecretManagerPlans.FirstOrDefault(p => p.Type == upgrade.Plan && !p.Disabled);
+        _organizationService.ValidatePasswordManagerPlan(newPlan, upgrade);
+
        if (upgrade.UseSecretsManager)
        {
-            _organizationService.ValidateSecretsManagerPlan(newSecretsManagerPlan, upgrade);
+            _organizationService.ValidateSecretsManagerPlan(newPlan, upgrade);
        }

-        var newPasswordManagerPlanSeats = (short)(newPasswordManagerPlan.BaseSeats +
-                                                  (newPasswordManagerPlan.HasAdditionalSeatsOption ? upgrade.AdditionalSeats : 0));
-        if (!organization.Seats.HasValue || organization.Seats.Value > newPasswordManagerPlanSeats)
+        var updatedPasswordManagerSeats = (short)(newPlan.PasswordManager.BaseSeats +
+                                                  (newPlan.PasswordManager.HasAdditionalSeatsOption ? upgrade.AdditionalSeats : 0));
+        if (!organization.Seats.HasValue || organization.Seats.Value > updatedPasswordManagerSeats)
        {
            var occupiedSeats =
                await _organizationUserRepository.GetOccupiedSeatCountByOrganizationIdAsync(organization.Id);
-            if (occupiedSeats > newPasswordManagerPlanSeats)
+            if (occupiedSeats > updatedPasswordManagerSeats)
            {
                throw new BadRequestException($"Your organization currently has {occupiedSeats} seats filled. " +
-                                              $"Your new plan only has ({newPasswordManagerPlanSeats}) seats. Remove some users.");
+                                              $"Your new plan only has ({updatedPasswordManagerSeats}) seats. Remove some users.");
            }
        }

-        if (newPasswordManagerPlan.MaxCollections.HasValue && (!organization.MaxCollections.HasValue ||
+        if (newPlan.PasswordManager.MaxCollections.HasValue && (!organization.MaxCollections.HasValue ||
                                                               organization.MaxCollections.Value >
-                                                               newPasswordManagerPlan.MaxCollections.Value))
+                                                               newPlan.PasswordManager.MaxCollections.Value))
        {
            var collectionCount = await _collectionRepository.GetCountByOrganizationIdAsync(organization.Id);
-            if (collectionCount > newPasswordManagerPlan.MaxCollections.Value)
+            if (collectionCount > newPlan.PasswordManager.MaxCollections.Value)
            {
                throw new BadRequestException($"Your organization currently has {collectionCount} collections. " +
-                                              $"Your new plan allows for a maximum of ({newPasswordManagerPlan.MaxCollections.Value}) collections. " +
+                                              $"Your new plan allows for a maximum of ({newPlan.PasswordManager.MaxCollections.Value}) collections. " +
                                              "Remove some collections.");
            }
        }

-        if (!newPasswordManagerPlan.HasGroups && organization.UseGroups)
+        if (!newPlan.HasGroups && organization.UseGroups)
        {
            var groups = await _groupRepository.GetManyByOrganizationIdAsync(organization.Id);
            if (groups.Any())
@@ -145,7 +143,7 @@ public class UpgradeOrganizationPlanCommand : IUpgradeOrganizationPlanCommand
            }
        }

-        if (!newPasswordManagerPlan.HasPolicies && organization.UsePolicies)
+        if (!newPlan.HasPolicies && organization.UsePolicies)
        {
            var policies = await _policyRepository.GetManyByOrganizationIdAsync(organization.Id);
            if (policies.Any(p => p.Enabled))
@@ -155,7 +153,7 @@ public class UpgradeOrganizationPlanCommand : IUpgradeOrganizationPlanCommand
            }
        }

-        if (!newPasswordManagerPlan.HasSso && organization.UseSso)
+        if (!newPlan.HasSso && organization.UseSso)
        {
            var ssoConfig = await _ssoConfigRepository.GetByOrganizationIdAsync(organization.Id);
            if (ssoConfig != null && ssoConfig.Enabled)
@@ -165,7 +163,7 @@ public class UpgradeOrganizationPlanCommand : IUpgradeOrganizationPlanCommand
            }
        }

-        if (!newPasswordManagerPlan.HasKeyConnector && organization.UseKeyConnector)
+        if (!newPlan.HasKeyConnector && organization.UseKeyConnector)
        {
            var ssoConfig = await _ssoConfigRepository.GetByOrganizationIdAsync(organization.Id);
            if (ssoConfig != null && ssoConfig.GetData().MemberDecryptionType == MemberDecryptionType.KeyConnector)
@@ -175,7 +173,7 @@ public class UpgradeOrganizationPlanCommand : IUpgradeOrganizationPlanCommand
            }
        }

-        if (!newPasswordManagerPlan.HasResetPassword && organization.UseResetPassword)
+        if (!newPlan.HasResetPassword && organization.UseResetPassword)
        {
            var resetPasswordPolicy =
                await _policyRepository.GetByOrganizationIdTypeAsync(organization.Id, PolicyType.ResetPassword);
@@ -186,7 +184,7 @@ public class UpgradeOrganizationPlanCommand : IUpgradeOrganizationPlanCommand
            }
        }

-        if (!newPasswordManagerPlan.HasScim && organization.UseScim)
+        if (!newPlan.HasScim && organization.UseScim)
        {
            var scimConnections = await _organizationConnectionRepository.GetByOrganizationIdTypeAsync(organization.Id,
                OrganizationConnectionType.Scim);
@@ -197,7 +195,7 @@ public class UpgradeOrganizationPlanCommand : IUpgradeOrganizationPlanCommand
            }
        }

-        if (!newPasswordManagerPlan.HasCustomPermissions && organization.UseCustomPermissions)
+        if (!newPlan.HasCustomPermissions && organization.UseCustomPermissions)
        {
            var organizationCustomUsers =
                await _organizationUserRepository.GetManyByOrganizationAsync(organization.Id,
@@ -209,9 +207,9 @@ public class UpgradeOrganizationPlanCommand : IUpgradeOrganizationPlanCommand
            }
        }

-        if (upgrade.UseSecretsManager && newSecretsManagerPlan != null)
+        if (upgrade.UseSecretsManager)
        {
-            await ValidateSecretsManagerSeatsAndServiceAccountAsync(upgrade, organization, newSecretsManagerPlan);
+            await ValidateSecretsManagerSeatsAndServiceAccountAsync(upgrade, organization, newPlan);
        }

        // TODO: Check storage?
@@ -220,12 +218,8 @@ public class UpgradeOrganizationPlanCommand : IUpgradeOrganizationPlanCommand

        if (string.IsNullOrWhiteSpace(organization.GatewaySubscriptionId))
        {
-            var organizationUpgradePlan = upgrade.UseSecretsManager
-                ? StaticStore.Plans.Where(p => p.Type == upgrade.Plan).ToList()
-                : StaticStore.Plans.Where(p => p.Type == upgrade.Plan && p.BitwardenProduct == BitwardenProductType.PasswordManager).ToList();
-
            paymentIntentClientSecret = await _paymentService.UpgradeFreeOrganizationAsync(organization,
-                organizationUpgradePlan, upgrade);
+                newPlan, upgrade);
            success = string.IsNullOrWhiteSpace(paymentIntentClientSecret);
        }
        else
@@ -235,34 +229,34 @@ public class UpgradeOrganizationPlanCommand : IUpgradeOrganizationPlanCommand
        }

        organization.BusinessName = upgrade.BusinessName;
-        organization.PlanType = newPasswordManagerPlan.Type;
-        organization.Seats = (short)(newPasswordManagerPlan.BaseSeats + upgrade.AdditionalSeats);
-        organization.MaxCollections = newPasswordManagerPlan.MaxCollections;
-        organization.UseGroups = newPasswordManagerPlan.HasGroups;
-        organization.UseDirectory = newPasswordManagerPlan.HasDirectory;
-        organization.UseEvents = newPasswordManagerPlan.HasEvents;
-        organization.UseTotp = newPasswordManagerPlan.HasTotp;
-        organization.Use2fa = newPasswordManagerPlan.Has2fa;
-        organization.UseApi = newPasswordManagerPlan.HasApi;
-        organization.SelfHost = newPasswordManagerPlan.HasSelfHost;
-        organization.UsePolicies = newPasswordManagerPlan.HasPolicies;
-        organization.MaxStorageGb = !newPasswordManagerPlan.BaseStorageGb.HasValue
+        organization.PlanType = newPlan.Type;
+        organization.Seats = (short)(newPlan.PasswordManager.BaseSeats + upgrade.AdditionalSeats);
+        organization.MaxCollections = newPlan.PasswordManager.MaxCollections;
+        organization.UseGroups = newPlan.HasGroups;
+        organization.UseDirectory = newPlan.HasDirectory;
+        organization.UseEvents = newPlan.HasEvents;
+        organization.UseTotp = newPlan.HasTotp;
+        organization.Use2fa = newPlan.Has2fa;
+        organization.UseApi = newPlan.HasApi;
+        organization.SelfHost = newPlan.HasSelfHost;
+        organization.UsePolicies = newPlan.HasPolicies;
+        organization.MaxStorageGb = !newPlan.PasswordManager.BaseStorageGb.HasValue
            ? (short?)null
-            : (short)(newPasswordManagerPlan.BaseStorageGb.Value + upgrade.AdditionalStorageGb);
-        organization.UseGroups = newPasswordManagerPlan.HasGroups;
-        organization.UseDirectory = newPasswordManagerPlan.HasDirectory;
-        organization.UseEvents = newPasswordManagerPlan.HasEvents;
-        organization.UseTotp = newPasswordManagerPlan.HasTotp;
-        organization.Use2fa = newPasswordManagerPlan.Has2fa;
-        organization.UseApi = newPasswordManagerPlan.HasApi;
-        organization.UseSso = newPasswordManagerPlan.HasSso;
-        organization.UseKeyConnector = newPasswordManagerPlan.HasKeyConnector;
-        organization.UseScim = newPasswordManagerPlan.HasScim;
-        organization.UseResetPassword = newPasswordManagerPlan.HasResetPassword;
-        organization.SelfHost = newPasswordManagerPlan.HasSelfHost;
-        organization.UsersGetPremium = newPasswordManagerPlan.UsersGetPremium || upgrade.PremiumAccessAddon;
-        organization.UseCustomPermissions = newPasswordManagerPlan.HasCustomPermissions;
-        organization.Plan = newPasswordManagerPlan.Name;
+            : (short)(newPlan.PasswordManager.BaseStorageGb.Value + upgrade.AdditionalStorageGb);
+        organization.UseGroups = newPlan.HasGroups;
+        organization.UseDirectory = newPlan.HasDirectory;
+        organization.UseEvents = newPlan.HasEvents;
+        organization.UseTotp = newPlan.HasTotp;
+        organization.Use2fa = newPlan.Has2fa;
+        organization.UseApi = newPlan.HasApi;
+        organization.UseSso = newPlan.HasSso;
+        organization.UseKeyConnector = newPlan.HasKeyConnector;
+        organization.UseScim = newPlan.HasScim;
+        organization.UseResetPassword = newPlan.HasResetPassword;
+        organization.SelfHost = newPlan.HasSelfHost;
+        organization.UsersGetPremium = newPlan.UsersGetPremium || upgrade.PremiumAccessAddon;
+        organization.UseCustomPermissions = newPlan.HasCustomPermissions;
+        organization.Plan = newPlan.Name;
        organization.Enabled = success;
        organization.PublicKey = upgrade.PublicKey;
        organization.PrivateKey = upgrade.PrivateKey;
@@ -271,8 +265,8 @@ public class UpgradeOrganizationPlanCommand : IUpgradeOrganizationPlanCommand

        if (upgrade.UseSecretsManager)
        {
-            organization.SmSeats = newSecretsManagerPlan.BaseSeats + upgrade.AdditionalSmSeats.GetValueOrDefault();
-            organization.SmServiceAccounts = newSecretsManagerPlan.BaseServiceAccount.GetValueOrDefault() +
+            organization.SmSeats = newPlan.SecretsManager.BaseSeats + upgrade.AdditionalSmSeats.GetValueOrDefault();
+            organization.SmServiceAccounts = newPlan.SecretsManager.BaseServiceAccount +
                                             upgrade.AdditionalServiceAccounts.GetValueOrDefault();
        }

@@ -283,10 +277,10 @@ public class UpgradeOrganizationPlanCommand : IUpgradeOrganizationPlanCommand
            await _referenceEventService.RaiseEventAsync(
                new ReferenceEvent(ReferenceEventType.UpgradePlan, organization, _currentContext)
                {
-                    PlanName = newPasswordManagerPlan.Name,
-                    PlanType = newPasswordManagerPlan.Type,
-                    OldPlanName = existingPasswordManagerPlan.Name,
-                    OldPlanType = existingPasswordManagerPlan.Type,
+                    PlanName = newPlan.Name,
+                    PlanType = newPlan.Type,
+                    OldPlanName = existingPlan.Name,
+                    OldPlanType = existingPlan.Type,
                    Seats = organization.Seats,
                    Storage = organization.MaxStorageGb,
                    // TODO: add reference events for SmSeats and Service Accounts - see AC-1481
@@ -299,8 +293,8 @@ public class UpgradeOrganizationPlanCommand : IUpgradeOrganizationPlanCommand
    private async Task ValidateSecretsManagerSeatsAndServiceAccountAsync(OrganizationUpgrade upgrade, Organization organization,
        Models.StaticStore.Plan newSecretsManagerPlan)
    {
-        var newPlanSmSeats = (short)(newSecretsManagerPlan.BaseSeats +
-                                     (newSecretsManagerPlan.HasAdditionalSeatsOption
+        var newPlanSmSeats = (short)(newSecretsManagerPlan.SecretsManager.BaseSeats +
+                                     (newSecretsManagerPlan.SecretsManager.HasAdditionalSeatsOption
                                         ? upgrade.AdditionalSmSeats
                                         : 0));
        var occupiedSmSeats =
@@ -316,10 +310,10 @@ public class UpgradeOrganizationPlanCommand : IUpgradeOrganizationPlanCommand
            }
        }

-        var additionalServiceAccounts = newSecretsManagerPlan.HasAdditionalServiceAccountOption
+        var additionalServiceAccounts = newSecretsManagerPlan.SecretsManager.HasAdditionalServiceAccountOption
            ? upgrade.AdditionalServiceAccounts
            : 0;
-        var newPlanServiceAccounts = newSecretsManagerPlan.BaseServiceAccount + additionalServiceAccounts;
+        var newPlanServiceAccounts = newSecretsManagerPlan.SecretsManager.BaseServiceAccount + additionalServiceAccounts;

        if (!organization.SmServiceAccounts.HasValue || organization.SmServiceAccounts.Value > newPlanServiceAccounts)
        {
@@ -329,7 +323,7 @@ public class UpgradeOrganizationPlanCommand : IUpgradeOrganizationPlanCommand
            {
                throw new BadRequestException(
                    $"Your organization currently has {currentServiceAccounts} service accounts. " +
-                    $"Your new plan only allows {newSecretsManagerPlan.MaxServiceAccounts} service accounts. " +
+                    $"Your new plan only allows {newSecretsManagerPlan.SecretsManager.MaxServiceAccounts} service accounts. " +
                    "Remove some service accounts or increase your subscription.");
            }
        }