Merge branch 'main' into billing/pm-30908/correct-premium-subscription-status-handling

Author: cyprain-okeke

src/Api/Tools/Models/Request/SendRequestModel.cs

@@ -3,7 +3,6 @@
 
 using System.ComponentModel.DataAnnotations;
 using System.Text.Json;
-using Bit.Api.Tools.Utilities;
 using Bit.Core.Exceptions;
 using Bit.Core.Tools.Entities;
 using Bit.Core.Tools.Enums;
@@ -264,8 +263,9 @@ private Send ToSendBase(Send existingSend, ISendAuthorizationService authorizati
         }
         else
         {
-            // Neither Password nor Emails provided - preserve existing values and infer AuthType
-            existingSend.AuthType = SendUtilities.InferAuthType(existingSend);
+            existingSend.Emails = null;
+            existingSend.Password = null;
+            existingSend.AuthType = Core.Tools.Enums.AuthType.None;
         }
 
         existingSend.Disabled = Disabled.GetValueOrDefault();

src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyValidators/BlockClaimedDomainAccountCreationPolicyValidator.cs

@@ -5,21 +5,17 @@
 using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationDomains.Interfaces;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies.Models;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyUpdateEvents.Interfaces;
-using Bit.Core.Services;
 
 namespace Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyValidators;
 
 public class BlockClaimedDomainAccountCreationPolicyValidator : IPolicyValidator, IPolicyValidationEvent
 {
     private readonly IOrganizationHasVerifiedDomainsQuery _organizationHasVerifiedDomainsQuery;
-    private readonly IFeatureService _featureService;
 
     public BlockClaimedDomainAccountCreationPolicyValidator(
-        IOrganizationHasVerifiedDomainsQuery organizationHasVerifiedDomainsQuery,
-        IFeatureService featureService)
+        IOrganizationHasVerifiedDomainsQuery organizationHasVerifiedDomainsQuery)
     {
         _organizationHasVerifiedDomainsQuery = organizationHasVerifiedDomainsQuery;
-        _featureService = featureService;
     }
 
     public PolicyType Type => PolicyType.BlockClaimedDomainAccountCreation;
@@ -34,12 +30,6 @@ public async Task<string> ValidateAsync(SavePolicyModel policyRequest, Policy? c
 
     public async Task<string> ValidateAsync(PolicyUpdate policyUpdate, Policy? currentPolicy)
     {
-        // Check if feature is enabled
-        if (!_featureService.IsEnabled(FeatureFlagKeys.BlockClaimedDomainAccountCreation))
-        {
-            return "This feature is not enabled";
-        }
-
         // Only validate when trying to ENABLE the policy
         if (policyUpdate is { Enabled: true })
         {

src/Core/Auth/UserFeatures/Registration/Implementations/RegisterUserCommand.cs

@@ -81,7 +81,6 @@ public RegisterUserCommand(
         _emergencyAccessInviteTokenDataFactory = emergencyAccessInviteTokenDataFactory;
 
         _providerServiceDataProtector = dataProtectionProvider.CreateProtector("ProviderServiceDataProtector");
-        _featureService = featureService;
     }
 
     public async Task<IdentityResult> RegisterUser(User user)
@@ -413,12 +412,6 @@ private RegistrationEmailVerificationTokenable ValidateRegistrationEmailVerifica
 
     private async Task ValidateEmailDomainNotBlockedAsync(string email, Guid? excludeOrganizationId = null)
     {
-        // Only check if feature flag is enabled
-        if (!_featureService.IsEnabled(FeatureFlagKeys.BlockClaimedDomainAccountCreation))
-        {
-            return;
-        }
-
         var emailDomain = EmailValidation.GetDomain(email);
 
         var isDomainBlocked = await _organizationDomainRepository.HasVerifiedDomainWithBlockClaimedDomainPolicyAsync(

src/Core/Auth/UserFeatures/Registration/Implementations/SendVerificationEmailForRegistrationCommand.cs

@@ -22,7 +22,6 @@ public class SendVerificationEmailForRegistrationCommand : ISendVerificationEmai
     private readonly GlobalSettings _globalSettings;
     private readonly IMailService _mailService;
     private readonly IDataProtectorTokenFactory<RegistrationEmailVerificationTokenable> _tokenDataFactory;
-    private readonly IFeatureService _featureService;
     private readonly IOrganizationDomainRepository _organizationDomainRepository;
 
     public SendVerificationEmailForRegistrationCommand(
@@ -31,15 +30,13 @@ public SendVerificationEmailForRegistrationCommand(
         GlobalSettings globalSettings,
         IMailService mailService,
         IDataProtectorTokenFactory<RegistrationEmailVerificationTokenable> tokenDataFactory,
-        IFeatureService featureService,
         IOrganizationDomainRepository organizationDomainRepository)
     {
         _logger = logger;
         _userRepository = userRepository;
         _globalSettings = globalSettings;
         _mailService = mailService;
         _tokenDataFactory = tokenDataFactory;
-        _featureService = featureService;
         _organizationDomainRepository = organizationDomainRepository;
 
     }
@@ -57,17 +54,14 @@ public SendVerificationEmailForRegistrationCommand(
         }
 
         // Check if the email domain is blocked by an organization policy
-        if (_featureService.IsEnabled(FeatureFlagKeys.BlockClaimedDomainAccountCreation))
-        {
-            var emailDomain = EmailValidation.GetDomain(email);
+        var emailDomain = EmailValidation.GetDomain(email);
 
-            if (await _organizationDomainRepository.HasVerifiedDomainWithBlockClaimedDomainPolicyAsync(emailDomain))
-            {
-                _logger.LogInformation(
-                    "User registration email verification blocked by domain claim policy. Domain: {Domain}",
-                    emailDomain);
-                throw new BadRequestException("This email address is claimed by an organization using Bitwarden.");
-            }
+        if (await _organizationDomainRepository.HasVerifiedDomainWithBlockClaimedDomainPolicyAsync(emailDomain))
+        {
+            _logger.LogInformation(
+                "User registration email verification blocked by domain claim policy. Domain: {Domain}",
+                emailDomain);
+            throw new BadRequestException("This email address is claimed by an organization using Bitwarden.");
         }
 
         // Check to see if the user already exists

src/Core/Constants.cs

@@ -140,7 +140,6 @@ public static class FeatureFlagKeys
     public const string CreateDefaultLocation = "pm-19467-create-default-location";
     public const string AutomaticConfirmUsers = "pm-19934-auto-confirm-organization-users";
     public const string PM23845_VNextApplicationCache = "pm-24957-refactor-memory-application-cache";
-    public const string BlockClaimedDomainAccountCreation = "pm-28297-block-uninvited-claimed-domain-registration";
     public const string DefaultUserCollectionRestore = "pm-30883-my-items-restored-users";
     public const string PremiumAccessQuery = "pm-29495-refactor-premium-interface";
     public const string RefactorMembersComponent = "pm-29503-refactor-members-inheritance";
@@ -256,6 +255,7 @@ public static class FeatureFlagKeys
     public const string PM27632_CipherCrudOperationsToSdk = "pm-27632-cipher-crud-operations-to-sdk";
     public const string PM30521_AutofillButtonViewLoginScreen = "pm-30521-autofill-button-view-login-screen";
     public const string PM29438_WelcomeDialogWithExtensionPrompt = "pm-29438-welcome-dialog-with-extension-prompt";
+    public const string PM31039_ItemActionInExtension = "pm-31039-item-action-in-extension";
 
     /* Innovation Team */
     public const string ArchiveVaultItems = "pm-19148-innovation-archive";

test/Api.Test/Tools/Controllers/SendsControllerTests.cs

@@ -657,7 +657,7 @@ await _nonAnonymousSendCommand.Received(1).SaveSendAsync(Arg.Is<Send>(s =>
     }
 
     [Theory, AutoData]
-    public async Task Put_WithoutPasswordOrEmails_PreservesExistingPassword(Guid userId, Guid sendId)
+    public async Task Put_WithoutPasswordOrEmails_ClearsExistingPassword(Guid userId, Guid sendId)
     {
         _userService.GetProperUserId(Arg.Any<ClaimsPrincipal>()).Returns(userId);
         var existingSend = new Send
@@ -685,13 +685,13 @@ public async Task Put_WithoutPasswordOrEmails_PreservesExistingPassword(Guid use
         Assert.Equal(sendId, result.Id);
         await _nonAnonymousSendCommand.Received(1).SaveSendAsync(Arg.Is<Send>(s =>
             s.Id == sendId &&
-            s.AuthType == AuthType.Password &&
-            s.Password == "hashed-password" &&
+            s.AuthType == AuthType.None &&
+            s.Password == null &&
             s.Emails == null));
     }
 
     [Theory, AutoData]
-    public async Task Put_WithoutPasswordOrEmails_PreservesExistingEmails(Guid userId, Guid sendId)
+    public async Task Put_WithoutPasswordOrEmails_ClearsExistingEmails(Guid userId, Guid sendId)
     {
         _userService.GetProperUserId(Arg.Any<ClaimsPrincipal>()).Returns(userId);
         var existingSend = new Send
@@ -719,9 +719,9 @@ public async Task Put_WithoutPasswordOrEmails_PreservesExistingEmails(Guid userI
         Assert.Equal(sendId, result.Id);
         await _nonAnonymousSendCommand.Received(1).SaveSendAsync(Arg.Is<Send>(s =>
             s.Id == sendId &&
-            s.AuthType == AuthType.Email &&
-            s.Emails == "[email protected]" &&
-            s.Password == null));
+            s.AuthType == AuthType.None &&
+            s.Password == null &&
+            s.Emails == null));
     }
 
     [Theory, AutoData]

test/Core.Test/AdminConsole/OrganizationFeatures/Policies/PolicyValidators/BlockClaimedDomainAccountCreationPolicyValidatorTests.cs

@@ -4,7 +4,6 @@
 using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationDomains.Interfaces;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies.Models;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyValidators;
-using Bit.Core.Services;
 using Bit.Core.Test.AdminConsole.AutoFixture;
 using Bit.Test.Common.AutoFixture;
 using Bit.Test.Common.AutoFixture.Attributes;
@@ -20,10 +19,6 @@ public async Task ValidateAsync_EnablingPolicy_NoVerifiedDomains_ValidationError
         SutProvider<BlockClaimedDomainAccountCreationPolicyValidator> sutProvider)
     {
         // Arrange
-        sutProvider.GetDependency<IFeatureService>()
-            .IsEnabled(FeatureFlagKeys.BlockClaimedDomainAccountCreation)
-            .Returns(true);
-
         sutProvider.GetDependency<IOrganizationHasVerifiedDomainsQuery>()
             .HasVerifiedDomainsAsync(policyUpdate.OrganizationId)
             .Returns(false);
@@ -41,10 +36,6 @@ public async Task ValidateAsync_EnablingPolicy_HasVerifiedDomains_Success(
         SutProvider<BlockClaimedDomainAccountCreationPolicyValidator> sutProvider)
     {
         // Arrange
-        sutProvider.GetDependency<IFeatureService>()
-            .IsEnabled(FeatureFlagKeys.BlockClaimedDomainAccountCreation)
-            .Returns(true);
-
         sutProvider.GetDependency<IOrganizationHasVerifiedDomainsQuery>()
             .HasVerifiedDomainsAsync(policyUpdate.OrganizationId)
             .Returns(true);
@@ -61,11 +52,6 @@ public async Task ValidateAsync_DisablingPolicy_NoValidation(
         [PolicyUpdate(PolicyType.BlockClaimedDomainAccountCreation, false)] PolicyUpdate policyUpdate,
         SutProvider<BlockClaimedDomainAccountCreationPolicyValidator> sutProvider)
     {
-        // Arrange
-        sutProvider.GetDependency<IFeatureService>()
-            .IsEnabled(FeatureFlagKeys.BlockClaimedDomainAccountCreation)
-            .Returns(true);
-
         // Act
         var result = await sutProvider.Sut.ValidateAsync(policyUpdate, null);
 
@@ -82,10 +68,6 @@ public async Task ValidateAsync_WithSavePolicyModel_EnablingPolicy_NoVerifiedDom
         SutProvider<BlockClaimedDomainAccountCreationPolicyValidator> sutProvider)
     {
         // Arrange
-        sutProvider.GetDependency<IFeatureService>()
-            .IsEnabled(FeatureFlagKeys.BlockClaimedDomainAccountCreation)
-            .Returns(true);
-
         sutProvider.GetDependency<IOrganizationHasVerifiedDomainsQuery>()
             .HasVerifiedDomainsAsync(policyUpdate.OrganizationId)
             .Returns(false);
@@ -105,10 +87,6 @@ public async Task ValidateAsync_WithSavePolicyModel_EnablingPolicy_HasVerifiedDo
         SutProvider<BlockClaimedDomainAccountCreationPolicyValidator> sutProvider)
     {
         // Arrange
-        sutProvider.GetDependency<IFeatureService>()
-            .IsEnabled(FeatureFlagKeys.BlockClaimedDomainAccountCreation)
-            .Returns(true);
-
         sutProvider.GetDependency<IOrganizationHasVerifiedDomainsQuery>()
             .HasVerifiedDomainsAsync(policyUpdate.OrganizationId)
             .Returns(true);
@@ -128,10 +106,6 @@ public async Task ValidateAsync_WithSavePolicyModel_DisablingPolicy_NoValidation
         SutProvider<BlockClaimedDomainAccountCreationPolicyValidator> sutProvider)
     {
         // Arrange
-        sutProvider.GetDependency<IFeatureService>()
-            .IsEnabled(FeatureFlagKeys.BlockClaimedDomainAccountCreation)
-            .Returns(true);
-
         var savePolicyModel = new SavePolicyModel(policyUpdate, null, new EmptyMetadataModel());
 
         // Act
@@ -144,31 +118,11 @@ await sutProvider.GetDependency<IOrganizationHasVerifiedDomainsQuery>()
             .HasVerifiedDomainsAsync(Arg.Any<Guid>());
     }
 
-    [Theory, BitAutoData]
-    public async Task ValidateAsync_FeatureFlagDisabled_ReturnsError(
-        [PolicyUpdate(PolicyType.BlockClaimedDomainAccountCreation, true)] PolicyUpdate policyUpdate,
-        SutProvider<BlockClaimedDomainAccountCreationPolicyValidator> sutProvider)
-    {
-        // Arrange
-        sutProvider.GetDependency<IFeatureService>()
-            .IsEnabled(FeatureFlagKeys.BlockClaimedDomainAccountCreation)
-            .Returns(false);
-
-        // Act
-        var result = await sutProvider.Sut.ValidateAsync(policyUpdate, null);
-
-        // Assert
-        Assert.Equal("This feature is not enabled", result);
-        await sutProvider.GetDependency<IOrganizationHasVerifiedDomainsQuery>()
-            .DidNotReceive()
-            .HasVerifiedDomainsAsync(Arg.Any<Guid>());
-    }
-
     [Fact]
     public void Type_ReturnsBlockClaimedDomainAccountCreation()
     {
         // Arrange
-        var validator = new BlockClaimedDomainAccountCreationPolicyValidator(null, null);
+        var validator = new BlockClaimedDomainAccountCreationPolicyValidator(null);
 
         // Act & Assert
         Assert.Equal(PolicyType.BlockClaimedDomainAccountCreation, validator.Type);
@@ -178,7 +132,7 @@ public void Type_ReturnsBlockClaimedDomainAccountCreation()
     public void RequiredPolicies_ReturnsEmpty()
     {
         // Arrange
-        var validator = new BlockClaimedDomainAccountCreationPolicyValidator(null, null);
+        var validator = new BlockClaimedDomainAccountCreationPolicyValidator(null);
 
         // Act
         var requiredPolicies = validator.RequiredPolicies.ToList();