[PM-26361] Add User Auto Confirmation (#6436)

* Adding AutoConfrim and migrations. * Add value to Admin Page and update sproc to correct name. * Correcting license constant. * Adding feature check back in. * Fixing sprocs :face_palm: * Remove Coalesce * Adding property to plan and model constructor * Correcting name of column. Cascading change throughout. Updating response models. Updating sprocs and views. Updating migrations * fixing sproc * Fixing up license stuff. * Updating org view * Code review changes and renames :face_palm: * Refershing additional views * Last two fixes.
2025-12-22 19:23:45 +00:00 · 2025-10-20 07:27:18 -05:00
parent 4bf7cf956b
commit dbce45291c
36 changed files with 10618 additions and 79 deletions
--- a/src/Admin/AdminConsole/Controllers/OrganizationsController.cs
+++ b/src/Admin/AdminConsole/Controllers/OrganizationsController.cs
@@ -472,6 +472,7 @@ public class OrganizationsController : Controller
            organization.UseRiskInsights = model.UseRiskInsights;
            organization.UseOrganizationDomains = model.UseOrganizationDomains;
            organization.UseAdminSponsoredFamilies = model.UseAdminSponsoredFamilies;
+            organization.UseAutomaticUserConfirmation = model.UseAutomaticUserConfirmation;

            //secrets
            organization.SmSeats = model.SmSeats;
--- a/src/Admin/AdminConsole/Models/OrganizationEditModel.cs
+++ b/src/Admin/AdminConsole/Models/OrganizationEditModel.cs
@@ -106,6 +106,8 @@ public class OrganizationEditModel : OrganizationViewModel
        SmServiceAccounts = org.SmServiceAccounts;
        MaxAutoscaleSmServiceAccounts = org.MaxAutoscaleSmServiceAccounts;
        UseOrganizationDomains = org.UseOrganizationDomains;
+        UseAutomaticUserConfirmation = org.UseAutomaticUserConfirmation;
+
        _plans = plans;
    }

@@ -192,6 +194,8 @@ public class OrganizationEditModel : OrganizationViewModel
    [Display(Name = "Use Organization Domains")]
    public bool UseOrganizationDomains { get; set; }

+    [Display(Name = "Automatic User Confirmation")]
+    public bool UseAutomaticUserConfirmation { get; set; }
    /**
     * Creates a Plan[] object for use in Javascript
     * This is mapped manually below to provide some type safety in case the plan objects change
@@ -231,6 +235,7 @@ public class OrganizationEditModel : OrganizationViewModel
                    LegacyYear = p.LegacyYear,
                    Disabled = p.Disabled,
                    SupportsSecretsManager = p.SupportsSecretsManager,
+                    AutomaticUserConfirmation = p.AutomaticUserConfirmation,
                    PasswordManager =
                        new
                        {
--- a/src/Admin/AdminConsole/Views/Shared/_OrganizationForm.cshtml
+++ b/src/Admin/AdminConsole/Views/Shared/_OrganizationForm.cshtml
@@ -159,6 +159,13 @@
                        <label class="form-check-label" asp-for="UseAdminSponsoredFamilies"></label>
                    </div>
                }
+                @if(FeatureService.IsEnabled(FeatureFlagKeys.AutomaticConfirmUsers))
+                {
+                    <div class="form-check">
+                        <input type="checkbox" class="form-check-input" asp-for="UseAutomaticUserConfirmation" disabled='@(canEditPlan ? null : "disabled")'>
+                        <label class="form-check-label" asp-for="UseAutomaticUserConfirmation"></label>
+                    </div>
+                }
            </div>
            <div class="col-3">
                <h3>Password Manager</h3>
--- a/src/Api/AdminConsole/Models/Response/Organizations/OrganizationResponseModel.cs
+++ b/src/Api/AdminConsole/Models/Response/Organizations/OrganizationResponseModel.cs
@@ -70,6 +70,7 @@ public class OrganizationResponseModel : ResponseModel
        UseRiskInsights = organization.UseRiskInsights;
        UseOrganizationDomains = organization.UseOrganizationDomains;
        UseAdminSponsoredFamilies = organization.UseAdminSponsoredFamilies;
+        UseAutomaticUserConfirmation = organization.UseAutomaticUserConfirmation;
    }

    public Guid Id { get; set; }
@@ -118,6 +119,7 @@ public class OrganizationResponseModel : ResponseModel
    public bool UseRiskInsights { get; set; }
    public bool UseOrganizationDomains { get; set; }
    public bool UseAdminSponsoredFamilies { get; set; }
+    public bool UseAutomaticUserConfirmation { get; set; }
 }

 public class OrganizationSubscriptionResponseModel : OrganizationResponseModel
--- a/src/Api/AdminConsole/Models/Response/ProfileOrganizationResponseModel.cs
+++ b/src/Api/AdminConsole/Models/Response/ProfileOrganizationResponseModel.cs
@@ -87,6 +87,8 @@ public class ProfileOrganizationResponseModel : ResponseModel
            KeyConnectorUrl = ssoConfigData.KeyConnectorUrl;
            SsoMemberDecryptionType = ssoConfigData.MemberDecryptionType;
        }
+
+        UseAutomaticUserConfirmation = organization.UseAutomaticUserConfirmation;
    }

    public Guid Id { get; set; }
@@ -164,4 +166,5 @@ public class ProfileOrganizationResponseModel : ResponseModel
    public bool IsAdminInitiated { get; set; }
    public bool SsoEnabled { get; set; }
    public MemberDecryptionType? SsoMemberDecryptionType { get; set; }
+    public bool UseAutomaticUserConfirmation { get; set; }
 }
--- a/src/Api/AdminConsole/Models/Response/ProfileProviderOrganizationResponseModel.cs
+++ b/src/Api/AdminConsole/Models/Response/ProfileProviderOrganizationResponseModel.cs
@@ -52,5 +52,6 @@ public class ProfileProviderOrganizationResponseModel : ProfileOrganizationRespo
        UseRiskInsights = organization.UseRiskInsights;
        UseOrganizationDomains = organization.UseOrganizationDomains;
        UseAdminSponsoredFamilies = organization.UseAdminSponsoredFamilies;
+        UseAutomaticUserConfirmation = organization.UseAutomaticUserConfirmation;
    }
 }
--- a/src/Core/AdminConsole/Entities/Organization.cs
+++ b/src/Core/AdminConsole/Entities/Organization.cs
@@ -129,6 +129,11 @@ public class Organization : ITableObject<Guid>, IStorableSubscriber, IRevisable
    /// </summary>
    public bool SyncSeats { get; set; }

+    /// <summary>
+    /// If set to true,  user accounts created within the organization are automatically confirmed without requiring additional verification steps.
+    /// </summary>
+    public bool UseAutomaticUserConfirmation { get; set; }
+
    public void SetNewId()
    {
        if (Id == default(Guid))
--- a/src/Core/AdminConsole/Models/Data/Organizations/OrganizationAbility.cs
+++ b/src/Core/AdminConsole/Models/Data/Organizations/OrganizationAbility.cs
@@ -28,6 +28,7 @@ public class OrganizationAbility
        UseRiskInsights = organization.UseRiskInsights;
        UseOrganizationDomains = organization.UseOrganizationDomains;
        UseAdminSponsoredFamilies = organization.UseAdminSponsoredFamilies;
+        UseAutomaticUserConfirmation = organization.UseAutomaticUserConfirmation;
    }

    public Guid Id { get; set; }
@@ -49,4 +50,5 @@ public class OrganizationAbility
    public bool UseRiskInsights { get; set; }
    public bool UseOrganizationDomains { get; set; }
    public bool UseAdminSponsoredFamilies { get; set; }
+    public bool UseAutomaticUserConfirmation { get; set; }
 }
--- a/src/Core/AdminConsole/Models/Data/Organizations/OrganizationUsers/OrganizationUserOrganizationDetails.cs
+++ b/src/Core/AdminConsole/Models/Data/Organizations/OrganizationUsers/OrganizationUserOrganizationDetails.cs
@@ -66,4 +66,5 @@ public class OrganizationUserOrganizationDetails
    public bool UseOrganizationDomains { get; set; }
    public bool UseAdminSponsoredFamilies { get; set; }
    public bool? IsAdminInitiated { get; set; }
+    public bool UseAutomaticUserConfirmation { get; set; }
 }
--- a/src/Core/AdminConsole/Models/Data/Provider/ProviderUserOrganizationDetails.cs
+++ b/src/Core/AdminConsole/Models/Data/Provider/ProviderUserOrganizationDetails.cs
@@ -51,4 +51,5 @@ public class ProviderUserOrganizationDetails
    public bool UseOrganizationDomains { get; set; }
    public bool UseAdminSponsoredFamilies { get; set; }
    public ProviderType ProviderType { get; set; }
+    public bool UseAutomaticUserConfirmation { get; set; }
 }
--- a/src/Core/AdminConsole/Services/OrganizationFactory.cs
+++ b/src/Core/AdminConsole/Services/OrganizationFactory.cs
@@ -61,6 +61,7 @@ public static class OrganizationFactory
            claimsPrincipal.GetValue<bool>(OrganizationLicenseConstants.UseOrganizationDomains),
            UseAdminSponsoredFamilies =
            claimsPrincipal.GetValue<bool>(OrganizationLicenseConstants.UseAdminSponsoredFamilies),
+            UseAutomaticUserConfirmation = claimsPrincipal.GetValue<bool>(OrganizationLicenseConstants.UseAutomaticUserConfirmation),
        };

    public static Organization Create(
--- a/src/Core/Billing/Licenses/LicenseConstants.cs
+++ b/src/Core/Billing/Licenses/LicenseConstants.cs
@@ -43,6 +43,7 @@ public static class OrganizationLicenseConstants
    public const string Trial = nameof(Trial);
    public const string UseAdminSponsoredFamilies = nameof(UseAdminSponsoredFamilies);
    public const string UseOrganizationDomains = nameof(UseOrganizationDomains);
+    public const string UseAutomaticUserConfirmation = nameof(UseAutomaticUserConfirmation);
 }

 public static class UserLicenseConstants
--- a/src/Core/Billing/Licenses/Services/Implementations/OrganizationLicenseClaimsFactory.cs
+++ b/src/Core/Billing/Licenses/Services/Implementations/OrganizationLicenseClaimsFactory.cs
@@ -56,6 +56,7 @@ public class OrganizationLicenseClaimsFactory : ILicenseClaimsFactory<Organizati
            new(nameof(OrganizationLicenseConstants.Trial), trial.ToString()),
            new(nameof(OrganizationLicenseConstants.UseAdminSponsoredFamilies), entity.UseAdminSponsoredFamilies.ToString()),
            new(nameof(OrganizationLicenseConstants.UseOrganizationDomains), entity.UseOrganizationDomains.ToString()),
+            new(nameof(OrganizationLicenseConstants.UseAutomaticUserConfirmation), entity.UseAutomaticUserConfirmation.ToString()),
        };

        if (entity.Name is not null)
--- a/src/Core/Billing/Models/StaticStore/Plan.cs
+++ b/src/Core/Billing/Models/StaticStore/Plan.cs
@@ -43,6 +43,8 @@ public abstract record Plan
    public SecretsManagerPlanFeatures SecretsManager { get; protected init; }
    public bool SupportsSecretsManager => SecretsManager != null;

+    public bool AutomaticUserConfirmation { get; init; }
+
    public bool HasNonSeatBasedPasswordManagerPlan() =>
        PasswordManager is { StripePlanId: not null and not "", StripeSeatPlanId: null or "" };

--- a/src/Core/Billing/Organizations/Models/OrganizationLicense.cs
+++ b/src/Core/Billing/Organizations/Models/OrganizationLicense.cs
@@ -153,6 +153,7 @@ public class OrganizationLicense : ILicense
    public LicenseType? LicenseType { get; set; }
    public bool UseOrganizationDomains { get; set; }
    public bool UseAdminSponsoredFamilies { get; set; }
+    public bool UseAutomaticUserConfirmation { get; set; }
    public string Hash { get; set; }
    public string Signature { get; set; }
    public string Token { get; set; }
@@ -226,7 +227,8 @@ public class OrganizationLicense : ILicense
                    // any new fields added need to be added here so that they're ignored
                    !p.Name.Equals(nameof(UseRiskInsights)) &&
                    !p.Name.Equals(nameof(UseAdminSponsoredFamilies)) &&
-                    !p.Name.Equals(nameof(UseOrganizationDomains)))
+                    !p.Name.Equals(nameof(UseOrganizationDomains)) &&
+                    !p.Name.Equals(nameof(UseAutomaticUserConfirmation)))
                .OrderBy(p => p.Name)
                .Select(p => $"{p.Name}:{Core.Utilities.CoreHelpers.FormatLicenseSignatureValue(p.GetValue(this, null))}")
                .Aggregate((c, n) => $"{c}|{n}");
@@ -421,6 +423,7 @@ public class OrganizationLicense : ILicense
        var smServiceAccounts = claimsPrincipal.GetValue<int?>(nameof(SmServiceAccounts));
        var useAdminSponsoredFamilies = claimsPrincipal.GetValue<bool>(nameof(UseAdminSponsoredFamilies));
        var useOrganizationDomains = claimsPrincipal.GetValue<bool>(nameof(UseOrganizationDomains));
+        var useAutomaticUserConfirmation = claimsPrincipal.GetValue<bool>(nameof(UseAutomaticUserConfirmation));

        return issued <= DateTime.UtcNow &&
               expires >= DateTime.UtcNow &&
@@ -450,7 +453,8 @@ public class OrganizationLicense : ILicense
               smSeats == organization.SmSeats &&
               smServiceAccounts == organization.SmServiceAccounts &&
               useAdminSponsoredFamilies == organization.UseAdminSponsoredFamilies &&
-               useOrganizationDomains == organization.UseOrganizationDomains;
+               useOrganizationDomains == organization.UseOrganizationDomains &&
+               useAutomaticUserConfirmation == organization.UseAutomaticUserConfirmation;

    }

--- a/src/Core/Constants.cs
+++ b/src/Core/Constants.cs
@@ -140,6 +140,7 @@ public static class FeatureFlagKeys
    public const string EventBasedOrganizationIntegrations = "event-based-organization-integrations";
    public const string SeparateCustomRolePermissions = "pm-19917-separate-custom-role-permissions";
    public const string CreateDefaultLocation = "pm-19467-create-default-location";
+    public const string AutomaticConfirmUsers = "pm-19934-auto-confirm-organization-users";
    public const string PM23845_VNextApplicationCache = "pm-24957-refactor-memory-application-cache";

    /* Auth Team */
--- a/src/Infrastructure.EntityFramework/AdminConsole/Repositories/OrganizationRepository.cs
+++ b/src/Infrastructure.EntityFramework/AdminConsole/Repositories/OrganizationRepository.cs
@@ -112,7 +112,8 @@ public class OrganizationRepository : Repository<Core.AdminConsole.Entities.Orga
                AllowAdminAccessToAllCollectionItems = e.AllowAdminAccessToAllCollectionItems,
                UseRiskInsights = e.UseRiskInsights,
                UseOrganizationDomains = e.UseOrganizationDomains,
-                UseAdminSponsoredFamilies = e.UseAdminSponsoredFamilies
+                UseAdminSponsoredFamilies = e.UseAdminSponsoredFamilies,
+                UseAutomaticUserConfirmation = e.UseAutomaticUserConfirmation
            }).ToListAsync();
        }
    }
@@ -375,11 +376,6 @@ public class OrganizationRepository : Repository<Core.AdminConsole.Entities.Orga
        return await query.ToArrayAsync();
    }

-    public Task EnableCollectionEnhancements(Guid organizationId)
-    {
-        throw new NotImplementedException("Collection enhancements migration is not yet supported for Entity Framework.");
-    }
-
    public async Task<OrganizationSeatCounts> GetOccupiedSeatCountByOrganizationIdAsync(Guid organizationId)
    {
        using (var scope = ServiceScopeFactory.CreateScope())
--- a/src/Infrastructure.EntityFramework/AdminConsole/Repositories/Queries/ProviderUserOrganizationDetailsViewQuery.cs
+++ b/src/Infrastructure.EntityFramework/AdminConsole/Repositories/Queries/ProviderUserOrganizationDetailsViewQuery.cs
@@ -52,6 +52,7 @@ public class ProviderUserOrganizationDetailsViewQuery : IQuery<ProviderUserOrgan
            ProviderType = x.p.Type,
            UseOrganizationDomains = x.o.UseOrganizationDomains,
            UseAdminSponsoredFamilies = x.o.UseAdminSponsoredFamilies,
+            UseAutomaticUserConfirmation = x.o.UseAutomaticUserConfirmation
        });
    }
 }
--- a/Procedures/Organization_Create.sql
+++ b/Procedures/Organization_Create.sql
@@ -58,7 +58,8 @@ CREATE PROCEDURE [dbo].[Organization_Create]
    @LimitItemDeletion BIT = 0,
    @UseOrganizationDomains BIT = 0,
    @UseAdminSponsoredFamilies BIT = 0,
-    @SyncSeats BIT = 0
+    @SyncSeats BIT = 0,
+    @UseAutomaticUserConfirmation BIT = 0
 AS
 BEGIN
    SET NOCOUNT ON
@@ -124,69 +125,71 @@ BEGIN
        [LimitItemDeletion],
        [UseOrganizationDomains],
        [UseAdminSponsoredFamilies],
-        [SyncSeats]
+        [SyncSeats],
+        [UseAutomaticUserConfirmation]
    )
    VALUES
-    (
-        @Id,
-        @Identifier,
-        @Name,
-        @BusinessName,
-        @BusinessAddress1,
-        @BusinessAddress2,
-        @BusinessAddress3,
-        @BusinessCountry,
-        @BusinessTaxNumber,
-        @BillingEmail,
-        @Plan,
-        @PlanType,
-        @Seats,
-        @MaxCollections,
-        @UsePolicies,
-        @UseSso,
-        @UseGroups,
-        @UseDirectory,
-        @UseEvents,
-        @UseTotp,
-        @Use2fa,
-        @UseApi,
-        @UseResetPassword,
-        @SelfHost,
-        @UsersGetPremium,
-        @Storage,
-        @MaxStorageGb,
-        @Gateway,
-        @GatewayCustomerId,
-        @GatewaySubscriptionId,
-        @ReferenceData,
-        @Enabled,
-        @LicenseKey,
-        @PublicKey,
-        @PrivateKey,
-        @TwoFactorProviders,
-        @ExpirationDate,
-        @CreationDate,
-        @RevisionDate,
-        @OwnersNotifiedOfAutoscaling,
-        @MaxAutoscaleSeats,
-        @UseKeyConnector,
-        @UseScim,
-        @UseCustomPermissions,
-        @UseSecretsManager,
-        @Status,
-        @UsePasswordManager,
-        @SmSeats,
-        @SmServiceAccounts,
-        @MaxAutoscaleSmSeats,
-        @MaxAutoscaleSmServiceAccounts,
-        @SecretsManagerBeta,
-        @LimitCollectionCreation,
-        @LimitCollectionDeletion,
-        @AllowAdminAccessToAllCollectionItems,
-        @UseRiskInsights,
-        @LimitItemDeletion,
-        @UseOrganizationDomains,
-        @UseAdminSponsoredFamilies,
-        @SyncSeats
-    )
+        (
+            @Id,
+            @Identifier,
+            @Name,
+            @BusinessName,
+            @BusinessAddress1,
+            @BusinessAddress2,
+            @BusinessAddress3,
+            @BusinessCountry,
+            @BusinessTaxNumber,
+            @BillingEmail,
+            @Plan,
+            @PlanType,
+            @Seats,
+            @MaxCollections,
+            @UsePolicies,
+            @UseSso,
+            @UseGroups,
+            @UseDirectory,
+            @UseEvents,
+            @UseTotp,
+            @Use2fa,
+            @UseApi,
+            @UseResetPassword,
+            @SelfHost,
+            @UsersGetPremium,
+            @Storage,
+            @MaxStorageGb,
+            @Gateway,
+            @GatewayCustomerId,
+            @GatewaySubscriptionId,
+            @ReferenceData,
+            @Enabled,
+            @LicenseKey,
+            @PublicKey,
+            @PrivateKey,
+            @TwoFactorProviders,
+            @ExpirationDate,
+            @CreationDate,
+            @RevisionDate,
+            @OwnersNotifiedOfAutoscaling,
+            @MaxAutoscaleSeats,
+            @UseKeyConnector,
+            @UseScim,
+            @UseCustomPermissions,
+            @UseSecretsManager,
+            @Status,
+            @UsePasswordManager,
+            @SmSeats,
+            @SmServiceAccounts,
+            @MaxAutoscaleSmSeats,
+            @MaxAutoscaleSmServiceAccounts,
+            @SecretsManagerBeta,
+            @LimitCollectionCreation,
+            @LimitCollectionDeletion,
+            @AllowAdminAccessToAllCollectionItems,
+            @UseRiskInsights,
+            @LimitItemDeletion,
+            @UseOrganizationDomains,
+            @UseAdminSponsoredFamilies,
+            @SyncSeats,
+            @UseAutomaticUserConfirmation
+        );
 END
--- a/Procedures/Organization_ReadAbilities.sql
+++ b/Procedures/Organization_ReadAbilities.sql
@@ -27,7 +27,8 @@ BEGIN
        [UseRiskInsights],
        [LimitItemDeletion],
        [UseOrganizationDomains],
-        [UseAdminSponsoredFamilies]
+        [UseAdminSponsoredFamilies],
+        [UseAutomaticUserConfirmation]
    FROM
        [dbo].[Organization]
 END
--- a/Procedures/Organization_Update.sql
+++ b/Procedures/Organization_Update.sql
@@ -58,7 +58,8 @@ CREATE PROCEDURE [dbo].[Organization_Update]
    @LimitItemDeletion BIT = 0,
    @UseOrganizationDomains BIT = 0,
    @UseAdminSponsoredFamilies BIT = 0,
-    @SyncSeats BIT = 0
+    @SyncSeats BIT = 0,
+    @UseAutomaticUserConfirmation BIT = 0
 AS
 BEGIN
    SET NOCOUNT ON
@@ -124,7 +125,8 @@ BEGIN
        [LimitItemDeletion] = @LimitItemDeletion,
        [UseOrganizationDomains] = @UseOrganizationDomains,
        [UseAdminSponsoredFamilies] = @UseAdminSponsoredFamilies,
-        [SyncSeats] = @SyncSeats
+        [SyncSeats] = @SyncSeats,
+        [UseAutomaticUserConfirmation] = @UseAutomaticUserConfirmation
    WHERE
-        [Id] = @Id
+        [Id] = @Id;
 END
--- a/src/Sql/dbo/Tables/Organization.sql
+++ b/src/Sql/dbo/Tables/Organization.sql
@@ -59,6 +59,7 @@ CREATE TABLE [dbo].[Organization] (
    [UseOrganizationDomains]        BIT              NOT NULL CONSTRAINT [DF_Organization_UseOrganizationDomains] DEFAULT (0),
    [UseAdminSponsoredFamilies]     BIT              NOT NULL CONSTRAINT [DF_Organization_UseAdminSponsoredFamilies] DEFAULT (0),
    [SyncSeats]                     BIT              NOT NULL CONSTRAINT [DF_Organization_SyncSeats] DEFAULT (0),
+    [UseAutomaticUserConfirmation]  BIT              NOT NULL CONSTRAINT [DF_Organization_UseAutomaticUserConfirmation] DEFAULT (0),
    CONSTRAINT [PK_Organization] PRIMARY KEY CLUSTERED ([Id] ASC)
 );

--- a/src/Sql/dbo/Views/OrganizationUserOrganizationDetailsView.sql
+++ b/src/Sql/dbo/Views/OrganizationUserOrganizationDetailsView.sql
@@ -54,7 +54,8 @@ SELECT
    O.[LimitItemDeletion],
    O.[UseAdminSponsoredFamilies],
    O.[UseOrganizationDomains],
-    OS.[IsAdminInitiated]
+    OS.[IsAdminInitiated],
+    O.[UseAutomaticUserConfirmation]
 FROM
    [dbo].[OrganizationUser] OU
 LEFT JOIN
--- a/src/Sql/dbo/Views/ProviderUserProviderOrganizationDetailsView.sql
+++ b/src/Sql/dbo/Views/ProviderUserProviderOrganizationDetailsView.sql
@@ -39,7 +39,8 @@ SELECT
    O.[UseAdminSponsoredFamilies],
    P.[Type] ProviderType,
    O.[LimitItemDeletion],
-    O.[UseOrganizationDomains]
+    O.[UseOrganizationDomains],
+    O.[UseAutomaticUserConfirmation]
 FROM
    [dbo].[ProviderUser] PU
 INNER JOIN