[PM-26426] [PM-26427] Remove feature flag - policy validators/requirements refactor (#6674)

* chore: remove ff from PoliciesController, refs PM-26426 * chore: remove ff from public PoliciesController, refs PM-26426 * chore: remove ff from VerifyOrganizationDomainCommands, refs PM-26426 * chore: remove ff from SsoConfigService, refs PM-26426 * chore: remove ff from public PoliciesControllerTests, refs PM-26426 * chore: remove ff from PoliciesControllerTests, refs PM-26426 * chore: remove ff from VerifyOrganizationDomainCommandTests, refs PM-26426 * chore: remove ff from SsoConfigServiceTests, refs PM-26426 * chore: remove ff definition, refs PM-26427 * chore: dotnet format * chore: remove unused constructor parameters, refs PM-26426 * chore: fix failing tests for VerifyOrganizationDomainCommandTests and SsoConfigServiceTests, refs PM-26426
2025-12-06 00:03:34 +00:00 · 2025-12-03 10:42:54 -06:00
parent 1566a6d587
commit ded1c58c27
9 changed files with 65 additions and 218 deletions
--- a/test/Api.Test/AdminConsole/Public/Controllers/PoliciesControllerTests.cs
+++ b/test/Api.Test/AdminConsole/Public/Controllers/PoliciesControllerTests.cs
@@ -1,14 +1,11 @@
 using Bit.Api.AdminConsole.Public.Controllers;
 using Bit.Api.AdminConsole.Public.Models.Request;
-using Bit.Core;
 using Bit.Core.AdminConsole.Entities;
 using Bit.Core.AdminConsole.Enums;
 using Bit.Core.AdminConsole.Models.Data;
-using Bit.Core.AdminConsole.OrganizationFeatures.Policies;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies.Models;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyUpdateEvents.Interfaces;
 using Bit.Core.Context;
-using Bit.Core.Services;
 using Bit.Test.Common.AutoFixture;
 using Bit.Test.Common.AutoFixture.Attributes;
 using NSubstitute;
@@ -22,7 +19,7 @@ public class PoliciesControllerTests
 {
    [Theory]
    [BitAutoData]
-    public async Task Put_WhenPolicyValidatorsRefactorEnabled_UsesVNextSavePolicyCommand(
+    public async Task Put_UsesVNextSavePolicyCommand(
        Guid organizationId,
        PolicyType policyType,
        PolicyUpdateRequestModel model,
@@ -33,9 +30,6 @@ public class PoliciesControllerTests
        policy.Data = null;
        sutProvider.GetDependency<ICurrentContext>()
            .OrganizationId.Returns(organizationId);
-        sutProvider.GetDependency<IFeatureService>()
-            .IsEnabled(FeatureFlagKeys.PolicyValidatorsRefactor)
-            .Returns(true);
        sutProvider.GetDependency<IVNextSavePolicyCommand>()
            .SaveAsync(Arg.Any<SavePolicyModel>())
            .Returns(policy);
@@ -52,36 +46,4 @@ public class PoliciesControllerTests
                m.PolicyUpdate.Enabled == model.Enabled.GetValueOrDefault() &&
                m.PerformedBy is SystemUser));
    }
-
-    [Theory]
-    [BitAutoData]
-    public async Task Put_WhenPolicyValidatorsRefactorDisabled_UsesLegacySavePolicyCommand(
-        Guid organizationId,
-        PolicyType policyType,
-        PolicyUpdateRequestModel model,
-        Policy policy,
-        SutProvider<PoliciesController> sutProvider)
-    {
-        // Arrange
-        policy.Data = null;
-        sutProvider.GetDependency<ICurrentContext>()
-            .OrganizationId.Returns(organizationId);
-        sutProvider.GetDependency<IFeatureService>()
-            .IsEnabled(FeatureFlagKeys.PolicyValidatorsRefactor)
-            .Returns(false);
-        sutProvider.GetDependency<ISavePolicyCommand>()
-            .SaveAsync(Arg.Any<PolicyUpdate>())
-            .Returns(policy);
-
-        // Act
-        await sutProvider.Sut.Put(policyType, model);
-
-        // Assert
-        await sutProvider.GetDependency<ISavePolicyCommand>()
-            .Received(1)
-            .SaveAsync(Arg.Is<PolicyUpdate>(p =>
-                p.OrganizationId == organizationId &&
-                p.Type == policyType &&
-                p.Enabled == model.Enabled));
-    }
 }
--- a/test/Api.Test/Controllers/PoliciesControllerTests.cs
+++ b/test/Api.Test/Controllers/PoliciesControllerTests.cs
@@ -3,7 +3,6 @@ using System.Text.Json;
 using Bit.Api.AdminConsole.Controllers;
 using Bit.Api.AdminConsole.Models.Request;
 using Bit.Api.AdminConsole.Models.Response.Organizations;
-using Bit.Core;
 using Bit.Core.AdminConsole.Entities;
 using Bit.Core.AdminConsole.Enums;
 using Bit.Core.AdminConsole.Models.Data.Organizations.Policies;
@@ -291,7 +290,7 @@ public class PoliciesControllerTests
        string token,
        string email,
        Organization organization
-        )
+    )
    {
        // Arrange
        organization.UsePolicies = true;
@@ -302,14 +301,15 @@ public class PoliciesControllerTests
        var decryptedToken = Substitute.For<OrgUserInviteTokenable>();
        decryptedToken.Valid.Returns(false);

-        var orgUserInviteTokenDataFactory = sutProvider.GetDependency<IDataProtectorTokenFactory<OrgUserInviteTokenable>>();
+        var orgUserInviteTokenDataFactory =
+            sutProvider.GetDependency<IDataProtectorTokenFactory<OrgUserInviteTokenable>>();

        orgUserInviteTokenDataFactory.TryUnprotect(token, out Arg.Any<OrgUserInviteTokenable>())
            .Returns(x =>
-        {
-            x[1] = decryptedToken;
-            return true;
-        });
+            {
+                x[1] = decryptedToken;
+                return true;
+            });

        // Act & Assert
        await Assert.ThrowsAsync<NotFoundException>(() =>
@@ -325,7 +325,7 @@ public class PoliciesControllerTests
        string token,
        string email,
        Organization organization
-        )
+    )
    {
        // Arrange
        organization.UsePolicies = true;
@@ -338,14 +338,15 @@ public class PoliciesControllerTests
        decryptedToken.OrgUserId = organizationUserId;
        decryptedToken.OrgUserEmail = email;

-        var orgUserInviteTokenDataFactory = sutProvider.GetDependency<IDataProtectorTokenFactory<OrgUserInviteTokenable>>();
+        var orgUserInviteTokenDataFactory =
+            sutProvider.GetDependency<IDataProtectorTokenFactory<OrgUserInviteTokenable>>();

        orgUserInviteTokenDataFactory.TryUnprotect(token, out Arg.Any<OrgUserInviteTokenable>())
            .Returns(x =>
-        {
-            x[1] = decryptedToken;
-            return true;
-        });
+            {
+                x[1] = decryptedToken;
+                return true;
+            });

        sutProvider.GetDependency<IOrganizationUserRepository>()
            .GetByIdAsync(organizationUserId)
@@ -366,7 +367,7 @@ public class PoliciesControllerTests
        string email,
        OrganizationUser orgUser,
        Organization organization
-        )
+    )
    {
        // Arrange
        organization.UsePolicies = true;
@@ -379,14 +380,15 @@ public class PoliciesControllerTests
        decryptedToken.OrgUserId = organizationUserId;
        decryptedToken.OrgUserEmail = email;

-        var orgUserInviteTokenDataFactory = sutProvider.GetDependency<IDataProtectorTokenFactory<OrgUserInviteTokenable>>();
+        var orgUserInviteTokenDataFactory =
+            sutProvider.GetDependency<IDataProtectorTokenFactory<OrgUserInviteTokenable>>();

        orgUserInviteTokenDataFactory.TryUnprotect(token, out Arg.Any<OrgUserInviteTokenable>())
            .Returns(x =>
-        {
-            x[1] = decryptedToken;
-            return true;
-        });
+            {
+                x[1] = decryptedToken;
+                return true;
+            });

        orgUser.OrganizationId = Guid.Empty;

@@ -409,7 +411,7 @@ public class PoliciesControllerTests
        string email,
        OrganizationUser orgUser,
        Organization organization
-        )
+    )
    {
        // Arrange
        organization.UsePolicies = true;
@@ -422,14 +424,15 @@ public class PoliciesControllerTests
        decryptedToken.OrgUserId = organizationUserId;
        decryptedToken.OrgUserEmail = email;

-        var orgUserInviteTokenDataFactory = sutProvider.GetDependency<IDataProtectorTokenFactory<OrgUserInviteTokenable>>();
+        var orgUserInviteTokenDataFactory =
+            sutProvider.GetDependency<IDataProtectorTokenFactory<OrgUserInviteTokenable>>();

        orgUserInviteTokenDataFactory.TryUnprotect(token, out Arg.Any<OrgUserInviteTokenable>())
            .Returns(x =>
-        {
-            x[1] = decryptedToken;
-            return true;
-        });
+            {
+                x[1] = decryptedToken;
+                return true;
+            });

        orgUser.OrganizationId = orgId;
        sutProvider.GetDependency<IOrganizationUserRepository>()
@@ -463,7 +466,7 @@ public class PoliciesControllerTests

    [Theory]
    [BitAutoData]
-    public async Task PutVNext_WhenPolicyValidatorsRefactorEnabled_UsesVNextSavePolicyCommand(
+    public async Task PutVNext_UsesVNextSavePolicyCommand(
        SutProvider<PoliciesController> sutProvider, Guid orgId,
        SavePolicyRequest model, Policy policy, Guid userId)
    {
@@ -478,10 +481,6 @@ public class PoliciesControllerTests
            .OrganizationOwner(orgId)
            .Returns(true);

-        sutProvider.GetDependency<IFeatureService>()
-            .IsEnabled(FeatureFlagKeys.PolicyValidatorsRefactor)
-            .Returns(true);
-
        sutProvider.GetDependency<IVNextSavePolicyCommand>()
            .SaveAsync(Arg.Any<SavePolicyModel>())
            .Returns(policy);
@@ -492,12 +491,11 @@ public class PoliciesControllerTests
        // Assert
        await sutProvider.GetDependency<IVNextSavePolicyCommand>()
            .Received(1)
-            .SaveAsync(Arg.Is<SavePolicyModel>(
-                m => m.PolicyUpdate.OrganizationId == orgId &&
-                     m.PolicyUpdate.Type == policy.Type &&
-                     m.PolicyUpdate.Enabled == model.Policy.Enabled &&
-                     m.PerformedBy.UserId == userId &&
-                     m.PerformedBy.IsOrganizationOwnerOrProvider == true));
+            .SaveAsync(Arg.Is<SavePolicyModel>(m => m.PolicyUpdate.OrganizationId == orgId &&
+                                                    m.PolicyUpdate.Type == policy.Type &&
+                                                    m.PolicyUpdate.Enabled == model.Policy.Enabled &&
+                                                    m.PerformedBy.UserId == userId &&
+                                                    m.PerformedBy.IsOrganizationOwnerOrProvider == true));

        await sutProvider.GetDependency<ISavePolicyCommand>()
            .DidNotReceiveWithAnyArgs()
@@ -507,51 +505,4 @@ public class PoliciesControllerTests
        Assert.Equal(policy.Id, result.Id);
        Assert.Equal(policy.Type, result.Type);
    }
-
-    [Theory]
-    [BitAutoData]
-    public async Task PutVNext_WhenPolicyValidatorsRefactorDisabled_UsesSavePolicyCommand(
-        SutProvider<PoliciesController> sutProvider, Guid orgId,
-        SavePolicyRequest model, Policy policy, Guid userId)
-    {
-        // Arrange
-        policy.Data = null;
-
-        sutProvider.GetDependency<ICurrentContext>()
-            .UserId
-            .Returns(userId);
-
-        sutProvider.GetDependency<ICurrentContext>()
-            .OrganizationOwner(orgId)
-            .Returns(true);
-
-        sutProvider.GetDependency<IFeatureService>()
-            .IsEnabled(FeatureFlagKeys.PolicyValidatorsRefactor)
-            .Returns(false);
-
-        sutProvider.GetDependency<ISavePolicyCommand>()
-            .VNextSaveAsync(Arg.Any<SavePolicyModel>())
-            .Returns(policy);
-
-        // Act
-        var result = await sutProvider.Sut.PutVNext(orgId, policy.Type, model);
-
-        // Assert
-        await sutProvider.GetDependency<ISavePolicyCommand>()
-            .Received(1)
-            .VNextSaveAsync(Arg.Is<SavePolicyModel>(
-                m => m.PolicyUpdate.OrganizationId == orgId &&
-                     m.PolicyUpdate.Type == policy.Type &&
-                     m.PolicyUpdate.Enabled == model.Policy.Enabled &&
-                     m.PerformedBy.UserId == userId &&
-                     m.PerformedBy.IsOrganizationOwnerOrProvider == true));
-
-        await sutProvider.GetDependency<IVNextSavePolicyCommand>()
-            .DidNotReceiveWithAnyArgs()
-            .SaveAsync(default);
-
-        Assert.NotNull(result);
-        Assert.Equal(policy.Id, result.Id);
-        Assert.Equal(policy.Type, result.Type);
-    }
 }
--- a/test/Core.Test/AdminConsole/OrganizationFeatures/OrganizationDomains/VerifyOrganizationDomainCommandTests.cs
+++ b/test/Core.Test/AdminConsole/OrganizationFeatures/OrganizationDomains/VerifyOrganizationDomainCommandTests.cs
@@ -2,7 +2,6 @@
 using Bit.Core.AdminConsole.Enums;
 using Bit.Core.AdminConsole.Models.Data;
 using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationDomains;
-using Bit.Core.AdminConsole.OrganizationFeatures.Policies;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies.Models;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyUpdateEvents.Interfaces;
 using Bit.Core.Context;
@@ -183,17 +182,17 @@ public class VerifyOrganizationDomainCommandTests

        _ = await sutProvider.Sut.UserVerifyOrganizationDomainAsync(domain);

-        await sutProvider.GetDependency<ISavePolicyCommand>()
+        await sutProvider.GetDependency<IVNextSavePolicyCommand>()
            .Received(1)
-            .SaveAsync(Arg.Is<PolicyUpdate>(x => x.Type == PolicyType.SingleOrg &&
-                x.OrganizationId == domain.OrganizationId &&
-                x.Enabled &&
+            .SaveAsync(Arg.Is<SavePolicyModel>(x => x.PolicyUpdate.Type == PolicyType.SingleOrg &&
+                                                    x.PolicyUpdate.OrganizationId == domain.OrganizationId &&
+                                                    x.PolicyUpdate.Enabled &&
                x.PerformedBy is StandardUser &&
                x.PerformedBy.UserId == userId));
    }

    [Theory, BitAutoData]
-    public async Task UserVerifyOrganizationDomainAsync_WhenPolicyValidatorsRefactorFlagEnabled_UsesVNextSavePolicyCommand(
+    public async Task UserVerifyOrganizationDomainAsync_UsesVNextSavePolicyCommand(
        OrganizationDomain domain, Guid userId, SutProvider<VerifyOrganizationDomainCommand> sutProvider)
    {
        sutProvider.GetDependency<IOrganizationDomainRepository>()
@@ -207,10 +206,6 @@ public class VerifyOrganizationDomainCommandTests
        sutProvider.GetDependency<ICurrentContext>()
            .UserId.Returns(userId);

-        sutProvider.GetDependency<IFeatureService>()
-            .IsEnabled(FeatureFlagKeys.PolicyValidatorsRefactor)
-            .Returns(true);
-
        _ = await sutProvider.Sut.UserVerifyOrganizationDomainAsync(domain);

        await sutProvider.GetDependency<IVNextSavePolicyCommand>()
@@ -240,9 +235,9 @@ public class VerifyOrganizationDomainCommandTests

        _ = await sutProvider.Sut.UserVerifyOrganizationDomainAsync(domain);

-        await sutProvider.GetDependency<ISavePolicyCommand>()
+        await sutProvider.GetDependency<IVNextSavePolicyCommand>()
            .DidNotReceive()
-            .SaveAsync(Arg.Any<PolicyUpdate>());
+            .SaveAsync(Arg.Any<SavePolicyModel>());
    }

    [Theory, BitAutoData]
--- a/test/Core.Test/Auth/Services/SsoConfigServiceTests.cs
+++ b/test/Core.Test/Auth/Services/SsoConfigServiceTests.cs
@@ -2,7 +2,6 @@
 using Bit.Core.AdminConsole.Enums;
 using Bit.Core.AdminConsole.Models.Data;
 using Bit.Core.AdminConsole.Models.Data.Organizations.Policies;
-using Bit.Core.AdminConsole.OrganizationFeatures.Policies;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies.Models;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyUpdateEvents.Interfaces;
 using Bit.Core.AdminConsole.Repositories;
@@ -14,7 +13,6 @@ using Bit.Core.Auth.Services;
 using Bit.Core.Exceptions;
 using Bit.Core.Models.Data.Organizations.OrganizationUsers;
 using Bit.Core.Repositories;
-using Bit.Core.Services;
 using Bit.Test.Common.AutoFixture;
 using Bit.Test.Common.AutoFixture.Attributes;
 using NSubstitute;
@@ -342,26 +340,26 @@ public class SsoConfigServiceTests

        await sutProvider.Sut.SaveAsync(ssoConfig, organization);

-        await sutProvider.GetDependency<ISavePolicyCommand>().Received(1)
+        await sutProvider.GetDependency<IVNextSavePolicyCommand>().Received(1)
            .SaveAsync(
-                Arg.Is<PolicyUpdate>(t => t.Type == PolicyType.SingleOrg &&
-                    t.OrganizationId == organization.Id &&
-                    t.Enabled)
+                Arg.Is<SavePolicyModel>(t => t.PolicyUpdate.Type == PolicyType.SingleOrg &&
+                                             t.PolicyUpdate.OrganizationId == organization.Id &&
+                                             t.PolicyUpdate.Enabled)
            );

-        await sutProvider.GetDependency<ISavePolicyCommand>().Received(1)
+        await sutProvider.GetDependency<IVNextSavePolicyCommand>().Received(1)
            .SaveAsync(
-                Arg.Is<PolicyUpdate>(t => t.Type == PolicyType.ResetPassword &&
-                    t.GetDataModel<ResetPasswordDataModel>().AutoEnrollEnabled &&
-                    t.OrganizationId == organization.Id &&
-                    t.Enabled)
+                Arg.Is<SavePolicyModel>(t => t.PolicyUpdate.Type == PolicyType.ResetPassword &&
+                                             t.PolicyUpdate.GetDataModel<ResetPasswordDataModel>().AutoEnrollEnabled &&
+                                             t.PolicyUpdate.OrganizationId == organization.Id &&
+                                             t.PolicyUpdate.Enabled)
            );

-        await sutProvider.GetDependency<ISavePolicyCommand>().Received(1)
+        await sutProvider.GetDependency<IVNextSavePolicyCommand>().Received(1)
            .SaveAsync(
-                Arg.Is<PolicyUpdate>(t => t.Type == PolicyType.RequireSso &&
-                    t.OrganizationId == organization.Id &&
-                    t.Enabled)
+                Arg.Is<SavePolicyModel>(t => t.PolicyUpdate.Type == PolicyType.RequireSso &&
+                                             t.PolicyUpdate.OrganizationId == organization.Id &&
+                                             t.PolicyUpdate.Enabled)
            );

        await sutProvider.GetDependency<ISsoConfigRepository>().ReceivedWithAnyArgs()
@@ -369,7 +367,7 @@ public class SsoConfigServiceTests
    }

    [Theory, BitAutoData]
-    public async Task SaveAsync_Tde_WhenPolicyValidatorsRefactorEnabled_UsesVNextSavePolicyCommand(
+    public async Task SaveAsync_Tde_UsesVNextSavePolicyCommand(
        SutProvider<SsoConfigService> sutProvider, Organization organization)
    {
        var ssoConfig = new SsoConfig
@@ -383,10 +381,6 @@ public class SsoConfigServiceTests
            OrganizationId = organization.Id,
        };

-        sutProvider.GetDependency<IFeatureService>()
-            .IsEnabled(FeatureFlagKeys.PolicyValidatorsRefactor)
-            .Returns(true);
-
        await sutProvider.Sut.SaveAsync(ssoConfig, organization);

        await sutProvider.GetDependency<IVNextSavePolicyCommand>()