[AC-2646] Remove FC MVP dead code from Core (#4281)

* chore: remove fc refs in CreateGroup and UpdateGroup commands, refs AC-2646 * chore: remove fc refs and update interface to represent usage/get rid of double enumeration warnings, refs AC-2646 * chore: remove org/provider service fc callers, refs AC-2646 * chore: remove collection service fc callers, refs AC-2646 * chore: remove cipher service import ciphers fc callers, refs AC-2646 * fix: UpdateOrganizationUserCommandTests collections to list, refs AC-2646 * fix: update CreateGroupCommandTests, refs AC-2646 * fix: adjust UpdateGroupCommandTests, refs AC-2646 * fix: adjust UpdateOrganizationUserCommandTests for FC always true, refs AC-2646 * fix: update CollectionServiceTests, refs AC-2646 * fix: remove unnecessary test with fc disabled, refs AC-2646 * fix: update tests to account for AccessAll removal and Manager removal, refs AC-2646 * chore: remove dependence on FC flag for tests, refs AC-2646
2025-07-01 08:02:49 -05:00 · 2024-07-12 12:25:04 -05:00
parent 25dc0c9178
commit 02b3453cd5
22 changed files with 167 additions and 218 deletions
--- a/src/Core/AdminConsole/OrganizationFeatures/Groups/CreateGroupCommand.cs
+++ b/src/Core/AdminConsole/OrganizationFeatures/Groups/CreateGroupCommand.cs
@ -115,18 +115,15 @@ public class CreateGroupCommand : ICreateGroupCommand
            throw new BadRequestException("This organization cannot use groups.");
        }

-        if (organization.FlexibleCollections)
+        if (group.AccessAll)
        {
-            if (group.AccessAll)
-            {
-                throw new BadRequestException("The AccessAll property has been deprecated by collection enhancements. Assign the group to collections instead.");
-            }
+            throw new BadRequestException("The AccessAll property has been deprecated by collection enhancements. Assign the group to collections instead.");
+        }

-            var invalidAssociations = collections?.Where(cas => cas.Manage && (cas.ReadOnly || cas.HidePasswords));
-            if (invalidAssociations?.Any() ?? false)
-            {
-                throw new BadRequestException("The Manage property is mutually exclusive and cannot be true while the ReadOnly or HidePasswords properties are also true.");
-            }
+        var invalidAssociations = collections?.Where(cas => cas.Manage && (cas.ReadOnly || cas.HidePasswords));
+        if (invalidAssociations?.Any() ?? false)
+        {
+            throw new BadRequestException("The Manage property is mutually exclusive and cannot be true while the ReadOnly or HidePasswords properties are also true.");
        }
    }
 }
--- a/src/Core/AdminConsole/OrganizationFeatures/Groups/UpdateGroupCommand.cs
+++ b/src/Core/AdminConsole/OrganizationFeatures/Groups/UpdateGroupCommand.cs
@ -109,18 +109,15 @@ public class UpdateGroupCommand : IUpdateGroupCommand
            throw new BadRequestException("This organization cannot use groups.");
        }

-        if (organization.FlexibleCollections)
+        if (group.AccessAll)
        {
-            if (group.AccessAll)
-            {
-                throw new BadRequestException("The AccessAll property has been deprecated by collection enhancements. Assign the group to collections instead.");
-            }
+            throw new BadRequestException("The AccessAll property has been deprecated by collection enhancements. Assign the group to collections instead.");
+        }

-            var invalidAssociations = collections?.Where(cas => cas.Manage && (cas.ReadOnly || cas.HidePasswords));
-            if (invalidAssociations?.Any() ?? false)
-            {
-                throw new BadRequestException("The Manage property is mutually exclusive and cannot be true while the ReadOnly or HidePasswords properties are also true.");
-            }
+        var invalidAssociations = collections?.Where(cas => cas.Manage && (cas.ReadOnly || cas.HidePasswords));
+        if (invalidAssociations?.Any() ?? false)
+        {
+            throw new BadRequestException("The Manage property is mutually exclusive and cannot be true while the ReadOnly or HidePasswords properties are also true.");
        }
    }
 }
--- a/src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/Interfaces/IUpdateOrganizationUserCommand.cs
+++ b/src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/Interfaces/IUpdateOrganizationUserCommand.cs
@ -6,5 +6,5 @@ namespace Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.Interface

 public interface IUpdateOrganizationUserCommand
 {
-    Task UpdateUserAsync(OrganizationUser user, Guid? savingUserId, IEnumerable<CollectionAccessSelection> collections, IEnumerable<Guid>? groups);
+    Task UpdateUserAsync(OrganizationUser user, Guid? savingUserId, List<CollectionAccessSelection> collections, IEnumerable<Guid>? groups);
 }
--- a/src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/UpdateOrganizationUserCommand.cs
+++ b/src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/UpdateOrganizationUserCommand.cs
@ -37,7 +37,7 @@ public class UpdateOrganizationUserCommand : IUpdateOrganizationUserCommand
    }

    public async Task UpdateUserAsync(OrganizationUser user, Guid? savingUserId,
-        IEnumerable<CollectionAccessSelection> collections, IEnumerable<Guid>? groups)
+        List<CollectionAccessSelection>? collections, IEnumerable<Guid>? groups)
    {
        if (user.Id.Equals(default(Guid)))
        {
@ -59,14 +59,12 @@ public class UpdateOrganizationUserCommand : IUpdateOrganizationUserCommand
            throw new BadRequestException("Organization must have at least one confirmed owner.");
        }

-        // If the organization is using Flexible Collections, prevent use of any deprecated permissions
-        var organization = await _organizationRepository.GetByIdAsync(user.OrganizationId);
-        if (organization.FlexibleCollections && user.AccessAll)
+        if (user.AccessAll)
        {
            throw new BadRequestException("The AccessAll property has been deprecated by collection enhancements. Assign the user to collections instead.");
        }

-        if (organization.FlexibleCollections && collections?.Any() == true)
+        if (collections?.Count > 0)
        {
            var invalidAssociations = collections.Where(cas => cas.Manage && (cas.ReadOnly || cas.HidePasswords));
            if (invalidAssociations.Any())
@ -74,7 +72,6 @@ public class UpdateOrganizationUserCommand : IUpdateOrganizationUserCommand
                throw new BadRequestException("The Manage property is mutually exclusive and cannot be true while the ReadOnly or HidePasswords properties are also true.");
            }
        }
-        // End Flexible Collections

        // Only autoscale (if required) after all validation has passed so that we know it's a valid request before
        // updating Stripe
@ -83,17 +80,13 @@ public class UpdateOrganizationUserCommand : IUpdateOrganizationUserCommand
            var additionalSmSeatsRequired = await _countNewSmSeatsRequiredQuery.CountNewSmSeatsRequiredAsync(user.OrganizationId, 1);
            if (additionalSmSeatsRequired > 0)
            {
+                var organization = await _organizationRepository.GetByIdAsync(user.OrganizationId);
                var update = new SecretsManagerSubscriptionUpdate(organization, true)
                    .AdjustSeats(additionalSmSeatsRequired);
                await _updateSecretsManagerSubscriptionCommand.UpdateSubscriptionAsync(update);
            }
        }

-        if (user.AccessAll)
-        {
-            // We don't need any collections if we're flagged to have all access.
-            collections = new List<CollectionAccessSelection>();
-        }
        await _organizationUserRepository.ReplaceAsync(user, collections);

        if (groups != null)