PM-15091 Add Feature Flag to DB called UseRiskInsights (#5088)

Add a new column called UseRiskInsights to `dbo.Organization`

src/Admin/AdminConsole/Controllers/OrganizationsController.cs

@@ -448,6 +448,7 @@ public class OrganizationsController : Controller
             organization.UseTotp = model.UseTotp;
             organization.UsersGetPremium = model.UsersGetPremium;
             organization.UseSecretsManager = model.UseSecretsManager;
+            organization.UseRiskInsights = model.UseRiskInsights;
 
             //secrets
             organization.SmSeats = model.SmSeats;

src/Admin/AdminConsole/Models/OrganizationEditModel.cs

@@ -80,6 +80,7 @@ public class OrganizationEditModel : OrganizationViewModel
         Use2fa = org.Use2fa;
         UseApi = org.UseApi;
         UseSecretsManager = org.UseSecretsManager;
+        UseRiskInsights = org.UseRiskInsights;
         UseResetPassword = org.UseResetPassword;
         SelfHost = org.SelfHost;
         UsersGetPremium = org.UsersGetPremium;
@@ -144,6 +145,8 @@ public class OrganizationEditModel : OrganizationViewModel
     public bool UseScim { get; set; }
     [Display(Name = "Secrets Manager")]
     public new bool UseSecretsManager { get; set; }
+    [Display(Name = "Risk Insights")]
+    public new bool UseRiskInsights { get; set; }
     [Display(Name = "Self Host")]
     public bool SelfHost { get; set; }
     [Display(Name = "Users Get Premium")]
@@ -284,6 +287,7 @@ public class OrganizationEditModel : OrganizationViewModel
         existingOrganization.Use2fa = Use2fa;
         existingOrganization.UseApi = UseApi;
         existingOrganization.UseSecretsManager = UseSecretsManager;
+        existingOrganization.UseRiskInsights = UseRiskInsights;
         existingOrganization.UseResetPassword = UseResetPassword;
         existingOrganization.SelfHost = SelfHost;
         existingOrganization.UsersGetPremium = UsersGetPremium;

src/Admin/AdminConsole/Models/OrganizationViewModel.cs

@@ -69,4 +69,5 @@ public class OrganizationViewModel
     public int ServiceAccountsCount { get; set; }
     public int OccupiedSmSeatsCount { get; set; }
     public bool UseSecretsManager => Organization.UseSecretsManager;
+    public bool UseRiskInsights => Organization.UseRiskInsights;
 }

src/Admin/AdminConsole/Views/Shared/_OrganizationForm.cshtml

@@ -94,7 +94,7 @@
             </div>
         </div>
         <h2>Features</h2>
-        <div class="row mb-3">
+        <div class="row mb-4">
             <div class="col-4">
                 <h3>General</h3>
                 <div class="form-check mb-2">
@@ -146,7 +146,7 @@
                     <label class="form-check-label" asp-for="UseCustomPermissions"></label>
                 </div>
             </div>
-            <div class="col-4">
+            <div class="col-3">
                 <h3>Password Manager</h3>
                 <div class="form-check">
                     <input type="checkbox" class="form-check-input" asp-for="UseTotp" disabled='@(canEditPlan ? null : "disabled")'>
@@ -157,13 +157,20 @@
                     <label class="form-check-label" asp-for="UsersGetPremium"></label>
                 </div>
             </div>
-            <div class="col-4">
+            <div class="col-3">
                 <h3>Secrets Manager</h3>
                 <div class="form-check">
                     <input type="checkbox" class="form-check-input" asp-for="UseSecretsManager" disabled='@(canEditPlan ? null : "disabled")'>
                     <label class="form-check-label" asp-for="UseSecretsManager"></label>
                 </div>
             </div>
+            <div class="col-2">
+                <h3>Access Insights</h3>
+                <div class="form-check">
+                    <input type="checkbox" class="form-check-input" asp-for="UseRiskInsights" disabled='@(canEditPlan ? null : "disabled")'>
+                    <label class="form-check-label" asp-for="UseRiskInsights"></label>
+                </div>
+            </div>
         </div>
     }
 

src/Api/AdminConsole/Models/Response/Organizations/OrganizationResponseModel.cs

@@ -60,6 +60,7 @@ public class OrganizationResponseModel : ResponseModel
         // Deprecated: https://bitwarden.atlassian.net/browse/PM-10863
         LimitCollectionCreationDeletion = organization.LimitCollectionCreationDeletion;
         AllowAdminAccessToAllCollectionItems = organization.AllowAdminAccessToAllCollectionItems;
+        UseRiskInsights = organization.UseRiskInsights;
     }
 
     public Guid Id { get; set; }
@@ -106,6 +107,7 @@ public class OrganizationResponseModel : ResponseModel
     // Deperectated: https://bitwarden.atlassian.net/browse/PM-10863
     public bool LimitCollectionCreationDeletion { get; set; }
     public bool AllowAdminAccessToAllCollectionItems { get; set; }
+    public bool UseRiskInsights { get; set; }
 }
 
 public class OrganizationSubscriptionResponseModel : OrganizationResponseModel

src/Api/AdminConsole/Models/Response/ProfileOrganizationResponseModel.cs

@@ -71,6 +71,7 @@ public class ProfileOrganizationResponseModel : ResponseModel
         LimitCollectionCreationDeletion = organization.LimitCollectionCreationDeletion;
         AllowAdminAccessToAllCollectionItems = organization.AllowAdminAccessToAllCollectionItems;
         UserIsManagedByOrganization = organizationIdsManagingUser.Contains(organization.OrganizationId);
+        UseRiskInsights = organization.UseRiskInsights;
 
         if (organization.SsoConfig != null)
         {
@@ -143,4 +144,5 @@ public class ProfileOrganizationResponseModel : ResponseModel
     /// False if the Account Deprovisioning feature flag is disabled.
     /// </returns>
     public bool UserIsManagedByOrganization { get; set; }
+    public bool UseRiskInsights { get; set; }
 }

src/Api/AdminConsole/Models/Response/ProfileProviderOrganizationResponseModel.cs

@@ -49,5 +49,6 @@ public class ProfileProviderOrganizationResponseModel : ProfileOrganizationRespo
         // https://bitwarden.atlassian.net/browse/PM-10863
         LimitCollectionCreationDeletion = organization.LimitCollectionCreationDeletion;
         AllowAdminAccessToAllCollectionItems = organization.AllowAdminAccessToAllCollectionItems;
+        UseRiskInsights = organization.UseRiskInsights;
     }
 }

src/Core/AdminConsole/Entities/Organization.cs

@@ -115,6 +115,11 @@ public class Organization : ITableObject<Guid>, IStorableSubscriber, IRevisable,
     /// </summary>
     public bool AllowAdminAccessToAllCollectionItems { get; set; }
 
+    /// <summary>
+    /// Risk Insights is a reporting feature that provides insights into the security of an organization's vault.
+    /// </summary>
+    public bool UseRiskInsights { get; set; }
+
     public void SetNewId()
     {
         if (Id == default(Guid))

src/Core/AdminConsole/Models/Data/Organizations/OrganizationAbility.cs

@@ -26,6 +26,7 @@ public class OrganizationAbility
         // Deprecated: https://bitwarden.atlassian.net/browse/PM-10863
         LimitCollectionCreationDeletion = organization.LimitCollectionCreationDeletion;
         AllowAdminAccessToAllCollectionItems = organization.AllowAdminAccessToAllCollectionItems;
+        UseRiskInsights = organization.UseRiskInsights;
     }
 
     public Guid Id { get; set; }
@@ -45,4 +46,5 @@ public class OrganizationAbility
     // Deprecated: https://bitwarden.atlassian.net/browse/PM-10863
     public bool LimitCollectionCreationDeletion { get; set; }
     public bool AllowAdminAccessToAllCollectionItems { get; set; }
+    public bool UseRiskInsights { get; set; }
 }

src/Core/AdminConsole/Models/Data/Organizations/OrganizationUsers/OrganizationUserOrganizationDetails.cs

@@ -59,4 +59,5 @@ public class OrganizationUserOrganizationDetails
     // Deprecated: https://bitwarden.atlassian.net/browse/PM-10863
     public bool LimitCollectionCreationDeletion { get; set; }
     public bool AllowAdminAccessToAllCollectionItems { get; set; }
+    public bool UseRiskInsights { get; set; }
 }

src/Core/AdminConsole/Models/Data/Provider/ProviderUserOrganizationDetails.cs

@@ -44,4 +44,5 @@ public class ProviderUserOrganizationDetails
     public bool LimitCollectionDeletion { get; set; }
     public bool LimitCollectionCreationDeletion { get; set; }
     public bool AllowAdminAccessToAllCollectionItems { get; set; }
+    public bool UseRiskInsights { get; set; }
 }

src/Infrastructure.EntityFramework/AdminConsole/Repositories/OrganizationRepository.cs

@@ -103,7 +103,8 @@ public class OrganizationRepository : Repository<Core.AdminConsole.Entities.Orga
                 LimitCollectionDeletion = e.LimitCollectionDeletion,
                 // Deprecated: https://bitwarden.atlassian.net/browse/PM-10863
                 LimitCollectionCreationDeletion = e.LimitCollectionCreationDeletion,
-                AllowAdminAccessToAllCollectionItems = e.AllowAdminAccessToAllCollectionItems
+                AllowAdminAccessToAllCollectionItems = e.AllowAdminAccessToAllCollectionItems,
+                UseRiskInsights = e.UseRiskInsights,
             }).ToListAsync();
         }
     }

src/Infrastructure.EntityFramework/AdminConsole/Repositories/Queries/OrganizationUserOrganizationDetailsViewQuery.cs

@@ -71,6 +71,7 @@ public class OrganizationUserOrganizationDetailsViewQuery : IQuery<OrganizationU
                         // Deprecated: https://bitwarden.atlassian.net/browse/PM-10863
                         LimitCollectionCreationDeletion = o.LimitCollectionCreationDeletion,
                         AllowAdminAccessToAllCollectionItems = o.AllowAdminAccessToAllCollectionItems,
+                        UseRiskInsights = o.UseRiskInsights,
                     };
         return query;
     }

src/Infrastructure.EntityFramework/AdminConsole/Repositories/Queries/ProviderUserOrganizationDetailsViewQuery.cs

@@ -49,6 +49,7 @@ public class ProviderUserOrganizationDetailsViewQuery : IQuery<ProviderUserOrgan
             // Deprecated: https://bitwarden.atlassian.net/browse/PM-10863
             LimitCollectionCreationDeletion = x.o.LimitCollectionCreationDeletion,
             AllowAdminAccessToAllCollectionItems = x.o.AllowAdminAccessToAllCollectionItems,
+            UseRiskInsights = x.o.UseRiskInsights,
         });
     }
 }

src/Sql/dbo/Stored Procedures/Organization_Create.sql

@@ -54,7 +54,8 @@ CREATE PROCEDURE [dbo].[Organization_Create]
     @LimitCollectionCreationDeletion BIT = NULL, -- Deprecated https://bitwarden.atlassian.net/browse/PM-10863
     @LimitCollectionCreation BIT = NULL,
     @LimitCollectionDeletion BIT = NULL,
-    @AllowAdminAccessToAllCollectionItems BIT = 0
+    @AllowAdminAccessToAllCollectionItems BIT = 0,
+    @UseRiskInsights BIT = 0
 AS
 BEGIN
     SET NOCOUNT ON
@@ -119,7 +120,8 @@ BEGIN
         [LimitCollectionCreationDeletion], -- Deprecated https://bitwarden.atlassian.net/browse/PM-10863
         [LimitCollectionCreation],
         [LimitCollectionDeletion],
-        [AllowAdminAccessToAllCollectionItems]
+        [AllowAdminAccessToAllCollectionItems],
+        [UseRiskInsights]
     )
     VALUES
     (
@@ -178,6 +180,7 @@ BEGIN
         COALESCE(@LimitCollectionCreation, @LimitCollectionDeletion, 0), -- Deprecated https://bitwarden.atlassian.net/browse/PM-10863)
         @LimitCollectionCreation,
         @LimitCollectionDeletion,
-        @AllowAdminAccessToAllCollectionItems
+        @AllowAdminAccessToAllCollectionItems,
+        @UseRiskInsights
     )
 END

src/Sql/dbo/Stored Procedures/Organization_ReadAbilities.sql

@@ -24,7 +24,8 @@ BEGIN
         [LimitCollectionCreationDeletion], -- Deprecated https://bitwarden.atlassian.net/browse/PM-10863
         [LimitCollectionCreation],
         [LimitCollectionDeletion],
-        [AllowAdminAccessToAllCollectionItems]
+        [AllowAdminAccessToAllCollectionItems],
+        [UseRiskInsights]
     FROM
         [dbo].[Organization]
 END

src/Sql/dbo/Stored Procedures/Organization_Update.sql

@@ -54,7 +54,8 @@ CREATE PROCEDURE [dbo].[Organization_Update]
     @LimitCollectionCreationDeletion BIT = null, -- Deprecated https://bitwarden.atlassian.net/browse/PM-10863
     @LimitCollectionCreation BIT = null,
     @LimitCollectionDeletion BIT = null,
-    @AllowAdminAccessToAllCollectionItems BIT = 0
+    @AllowAdminAccessToAllCollectionItems BIT = 0,
+    @UseRiskInsights BIT = 0
 AS
 BEGIN
     SET NOCOUNT ON
@@ -119,7 +120,8 @@ BEGIN
         [LimitCollectionCreationDeletion] = COALESCE(@LimitCollectionCreation, @LimitCollectionDeletion, 0),
         [LimitCollectionCreation] = @LimitCollectionCreation,
         [LimitCollectionDeletion] = @LimitCollectionDeletion,
-        [AllowAdminAccessToAllCollectionItems] = @AllowAdminAccessToAllCollectionItems
+        [AllowAdminAccessToAllCollectionItems] = @AllowAdminAccessToAllCollectionItems,
+        [UseRiskInsights] = @UseRiskInsights
     WHERE
         [Id] = @Id
 END

src/Sql/dbo/Tables/Organization.sql

@@ -55,6 +55,7 @@ CREATE TABLE [dbo].[Organization] (
     [LimitCollectionCreation]       BIT              NOT NULL CONSTRAINT [DF_Organization_LimitCollectionCreation] DEFAULT (0),
     [LimitCollectionDeletion]       BIT              NOT NULL CONSTRAINT [DF_Organization_LimitCollectionDeletion] DEFAULT (0),
     [AllowAdminAccessToAllCollectionItems]   BIT              NOT NULL CONSTRAINT [DF_Organization_AllowAdminAccessToAllCollectionItems] DEFAULT (0),
+    [UseRiskInsights]               BIT              NOT NULL CONSTRAINT [DF_Organization_UseRiskInsights] DEFAULT (0),
     CONSTRAINT [PK_Organization] PRIMARY KEY CLUSTERED ([Id] ASC)
 );
 

src/Sql/dbo/Views/OrganizationUserOrganizationDetailsView.sql

@@ -49,7 +49,8 @@ SELECT
     O.[LimitCollectionCreationDeletion], -- Deprecated https://bitwarden.atlassian.net/browse/PM-10863
     O.[LimitCollectionCreation],
     O.[LimitCollectionDeletion],
-    O.[AllowAdminAccessToAllCollectionItems]
+    O.[AllowAdminAccessToAllCollectionItems],
+    O.[UseRiskInsights]
 FROM
     [dbo].[OrganizationUser] OU
 LEFT JOIN

src/Sql/dbo/Views/ProviderUserProviderOrganizationDetailsView.sql

@@ -35,7 +35,8 @@ SELECT
     O.[LimitCollectionCreationDeletion], -- Deprecated https://bitwarden.atlassian.net/browse/PM-10863
     O.[LimitCollectionCreation],
     O.[LimitCollectionDeletion],
-    O.[AllowAdminAccessToAllCollectionItems]
+    O.[AllowAdminAccessToAllCollectionItems],
+    O.[UseRiskInsights]
 FROM
     [dbo].[ProviderUser] PU
 INNER JOIN

test/Infrastructure.IntegrationTest/AdminConsole/Repositories/OrganizationUserRepositoryTests.cs

@@ -258,6 +258,7 @@ public class OrganizationUserRepositoryTests
         // Deprecated: https://bitwarden.atlassian.net/browse/PM-10863
         Assert.Equal(organization.LimitCollectionCreationDeletion, result.LimitCollectionCreationDeletion);
         Assert.Equal(organization.AllowAdminAccessToAllCollectionItems, result.AllowAdminAccessToAllCollectionItems);
+        Assert.Equal(organization.UseRiskInsights, result.UseRiskInsights);
     }
 
     [DatabaseTheory, DatabaseData]

util/Migrator/DbScripts/2024-11-25_00_AddUseRiskInsightsToOrganization.sql

@@ -0,0 +1,356 @@
+    /* Introduce new column 'UseRiskInsights' not nullable with default of 0  */
+    ALTER TABLE [dbo].[Organization] ADD [UseRiskInsights] bit NOT NULL CONSTRAINT [DF_Organization_UseRiskInsights] default (0)
+    GO
+
+    /* Add UseRiskInsights as a column to Organization_create */
+    CREATE OR ALTER PROCEDURE [dbo].[Organization_Create]
+        @Id UNIQUEIDENTIFIER OUTPUT,
+        @Identifier NVARCHAR(50),
+        @Name NVARCHAR(50),
+        @BusinessName NVARCHAR(50),
+        @BusinessAddress1 NVARCHAR(50),
+        @BusinessAddress2 NVARCHAR(50),
+        @BusinessAddress3 NVARCHAR(50),
+        @BusinessCountry VARCHAR(2),
+        @BusinessTaxNumber NVARCHAR(30),
+        @BillingEmail NVARCHAR(256),
+        @Plan NVARCHAR(50),
+        @PlanType TINYINT,
+        @Seats INT,
+        @MaxCollections SMALLINT,
+        @UsePolicies BIT,
+        @UseSso BIT,
+        @UseGroups BIT,
+        @UseDirectory BIT,
+        @UseEvents BIT,
+        @UseTotp BIT,
+        @Use2fa BIT,
+        @UseApi BIT,
+        @UseResetPassword BIT,
+        @SelfHost BIT,
+        @UsersGetPremium BIT,
+        @Storage BIGINT,
+        @MaxStorageGb SMALLINT,
+        @Gateway TINYINT,
+        @GatewayCustomerId VARCHAR(50),
+        @GatewaySubscriptionId VARCHAR(50),
+        @ReferenceData VARCHAR(MAX),
+        @Enabled BIT,
+        @LicenseKey VARCHAR(100),
+        @PublicKey VARCHAR(MAX),
+        @PrivateKey VARCHAR(MAX),
+        @TwoFactorProviders NVARCHAR(MAX),
+        @ExpirationDate DATETIME2(7),
+        @CreationDate DATETIME2(7),
+        @RevisionDate DATETIME2(7),
+        @OwnersNotifiedOfAutoscaling DATETIME2(7),
+        @MaxAutoscaleSeats INT,
+        @UseKeyConnector BIT = 0,
+        @UseScim BIT = 0,
+        @UseCustomPermissions BIT = 0,
+        @UseSecretsManager BIT = 0,
+        @Status TINYINT = 0,
+        @UsePasswordManager BIT = 1,
+        @SmSeats INT = null,
+        @SmServiceAccounts INT = null,
+        @MaxAutoscaleSmSeats INT= null,
+        @MaxAutoscaleSmServiceAccounts INT = null,
+        @SecretsManagerBeta BIT = 0,
+        @LimitCollectionCreationDeletion BIT = NULL, -- Deprecated https://bitwarden.atlassian.net/browse/PM-10863
+        @LimitCollectionCreation BIT = NULL,
+        @LimitCollectionDeletion BIT = NULL,
+        @AllowAdminAccessToAllCollectionItems BIT = 0,
+        @UseRiskInsights BIT = 0
+    AS
+    BEGIN
+        SET NOCOUNT ON
+
+        SET @LimitCollectionCreation = COALESCE(@LimitCollectionCreation, @LimitCollectionCreationDeletion, 0);
+        SET @LimitCollectionDeletion = COALESCE(@LimitCollectionDeletion, @LimitCollectionCreationDeletion, 0);
+
+        INSERT INTO [dbo].[Organization]
+        (
+            [Id],
+            [Identifier],
+            [Name],
+            [BusinessName],
+            [BusinessAddress1],
+            [BusinessAddress2],
+            [BusinessAddress3],
+            [BusinessCountry],
+            [BusinessTaxNumber],
+            [BillingEmail],
+            [Plan],
+            [PlanType],
+            [Seats],
+            [MaxCollections],
+            [UsePolicies],
+            [UseSso],
+            [UseGroups],
+            [UseDirectory],
+            [UseEvents],
+            [UseTotp],
+            [Use2fa],
+            [UseApi],
+            [UseResetPassword],
+            [SelfHost],
+            [UsersGetPremium],
+            [Storage],
+            [MaxStorageGb],
+            [Gateway],
+            [GatewayCustomerId],
+            [GatewaySubscriptionId],
+            [ReferenceData],
+            [Enabled],
+            [LicenseKey],
+            [PublicKey],
+            [PrivateKey],
+            [TwoFactorProviders],
+            [ExpirationDate],
+            [CreationDate],
+            [RevisionDate],
+            [OwnersNotifiedOfAutoscaling],
+            [MaxAutoscaleSeats],
+            [UseKeyConnector],
+            [UseScim],
+            [UseCustomPermissions],
+            [UseSecretsManager],
+            [Status],
+            [UsePasswordManager],
+            [SmSeats],
+            [SmServiceAccounts],
+            [MaxAutoscaleSmSeats],
+            [MaxAutoscaleSmServiceAccounts],
+            [SecretsManagerBeta],
+            [LimitCollectionCreationDeletion], -- Deprecated https://bitwarden.atlassian.net/browse/PM-10863
+            [LimitCollectionCreation],
+            [LimitCollectionDeletion],
+            [AllowAdminAccessToAllCollectionItems],
+            [UseRiskInsights]
+        )
+        VALUES
+        (
+            @Id,
+            @Identifier,
+            @Name,
+            @BusinessName,
+            @BusinessAddress1,
+            @BusinessAddress2,
+            @BusinessAddress3,
+            @BusinessCountry,
+            @BusinessTaxNumber,
+            @BillingEmail,
+            @Plan,
+            @PlanType,
+            @Seats,
+            @MaxCollections,
+            @UsePolicies,
+            @UseSso,
+            @UseGroups,
+            @UseDirectory,
+            @UseEvents,
+            @UseTotp,
+            @Use2fa,
+            @UseApi,
+            @UseResetPassword,
+            @SelfHost,
+            @UsersGetPremium,
+            @Storage,
+            @MaxStorageGb,
+            @Gateway,
+            @GatewayCustomerId,
+            @GatewaySubscriptionId,
+            @ReferenceData,
+            @Enabled,
+            @LicenseKey,
+            @PublicKey,
+            @PrivateKey,
+            @TwoFactorProviders,
+            @ExpirationDate,
+            @CreationDate,
+            @RevisionDate,
+            @OwnersNotifiedOfAutoscaling,
+            @MaxAutoscaleSeats,
+            @UseKeyConnector,
+            @UseScim,
+            @UseCustomPermissions,
+            @UseSecretsManager,
+            @Status,
+            @UsePasswordManager,
+            @SmSeats,
+            @SmServiceAccounts,
+            @MaxAutoscaleSmSeats,
+            @MaxAutoscaleSmServiceAccounts,
+            @SecretsManagerBeta,
+            COALESCE(@LimitCollectionCreation, @LimitCollectionDeletion, 0), -- Deprecated https://bitwarden.atlassian.net/browse/PM-10863)
+            @LimitCollectionCreation,
+            @LimitCollectionDeletion,
+            @AllowAdminAccessToAllCollectionItems,
+            @UseRiskInsights
+        )
+    END
+    GO
+
+    /* Add UseRiskInsights to Organization_readAbilities */
+    CREATE OR ALTER PROCEDURE [dbo].[Organization_ReadAbilities]
+    AS
+    BEGIN
+        SET NOCOUNT ON
+
+        SELECT
+            [Id],
+            [UseEvents],
+            [Use2fa],
+            CASE
+            WHEN [Use2fa] = 1 AND [TwoFactorProviders] IS NOT NULL AND [TwoFactorProviders] != '{}' THEN
+                1
+            ELSE
+                0
+            END AS [Using2fa],
+            [UsersGetPremium],
+            [UseCustomPermissions],
+            [UseSso],
+            [UseKeyConnector],
+            [UseScim],
+            [UseResetPassword],
+            [UsePolicies],
+            [Enabled],
+            [LimitCollectionCreationDeletion], -- Deprecated https://bitwarden.atlassian.net/browse/PM-10863
+            [LimitCollectionCreation],
+            [LimitCollectionDeletion],
+            [AllowAdminAccessToAllCollectionItems],
+            [UseRiskInsights]
+        FROM
+            [dbo].[Organization]
+    END
+    GO
+
+    /* Add UseRiskInsights to Organization_Update */
+    CREATE OR ALTER PROCEDURE [dbo].[Organization_Update]
+        @Id UNIQUEIDENTIFIER,
+        @Identifier NVARCHAR(50),
+        @Name NVARCHAR(50),
+        @BusinessName NVARCHAR(50),
+        @BusinessAddress1 NVARCHAR(50),
+        @BusinessAddress2 NVARCHAR(50),
+        @BusinessAddress3 NVARCHAR(50),
+        @BusinessCountry VARCHAR(2),
+        @BusinessTaxNumber NVARCHAR(30),
+        @BillingEmail NVARCHAR(256),
+        @Plan NVARCHAR(50),
+        @PlanType TINYINT,
+        @Seats INT,
+        @MaxCollections SMALLINT,
+        @UsePolicies BIT,
+        @UseSso BIT,
+        @UseGroups BIT,
+        @UseDirectory BIT,
+        @UseEvents BIT,
+        @UseTotp BIT,
+        @Use2fa BIT,
+        @UseApi BIT,
+        @UseResetPassword BIT,
+        @SelfHost BIT,
+        @UsersGetPremium BIT,
+        @Storage BIGINT,
+        @MaxStorageGb SMALLINT,
+        @Gateway TINYINT,
+        @GatewayCustomerId VARCHAR(50),
+        @GatewaySubscriptionId VARCHAR(50),
+        @ReferenceData VARCHAR(MAX),
+        @Enabled BIT,
+        @LicenseKey VARCHAR(100),
+        @PublicKey VARCHAR(MAX),
+        @PrivateKey VARCHAR(MAX),
+        @TwoFactorProviders NVARCHAR(MAX),
+        @ExpirationDate DATETIME2(7),
+        @CreationDate DATETIME2(7),
+        @RevisionDate DATETIME2(7),
+        @OwnersNotifiedOfAutoscaling DATETIME2(7),
+        @MaxAutoscaleSeats INT,
+        @UseKeyConnector BIT = 0,
+        @UseScim BIT = 0,
+        @UseCustomPermissions BIT = 0,
+        @UseSecretsManager BIT = 0,
+        @Status TINYINT = 0,
+        @UsePasswordManager BIT = 1,
+        @SmSeats INT = null,
+        @SmServiceAccounts INT = null,
+        @MaxAutoscaleSmSeats INT = null,
+        @MaxAutoscaleSmServiceAccounts INT = null,
+        @SecretsManagerBeta BIT = 0,
+        @LimitCollectionCreationDeletion BIT = null, -- Deprecated https://bitwarden.atlassian.net/browse/PM-10863
+        @LimitCollectionCreation BIT = null,
+        @LimitCollectionDeletion BIT = null,
+        @AllowAdminAccessToAllCollectionItems BIT = 0,
+        @UseRiskInsights BIT = 0
+    AS
+    BEGIN
+        SET NOCOUNT ON
+
+        SET @LimitCollectionCreation = COALESCE(@LimitCollectionCreation, @LimitCollectionCreationDeletion, 0);
+        SET @LimitCollectionDeletion = COALESCE(@LimitCollectionDeletion, @LimitCollectionCreationDeletion, 0);
+
+        UPDATE
+            [dbo].[Organization]
+        SET
+            [Identifier] = @Identifier,
+            [Name] = @Name,
+            [BusinessName] = @BusinessName,
+            [BusinessAddress1] = @BusinessAddress1,
+            [BusinessAddress2] = @BusinessAddress2,
+            [BusinessAddress3] = @BusinessAddress3,
+            [BusinessCountry] = @BusinessCountry,
+            [BusinessTaxNumber] = @BusinessTaxNumber,
+            [BillingEmail] = @BillingEmail,
+            [Plan] = @Plan,
+            [PlanType] = @PlanType,
+            [Seats] = @Seats,
+            [MaxCollections] = @MaxCollections,
+            [UsePolicies] = @UsePolicies,
+            [UseSso] = @UseSso,
+            [UseGroups] = @UseGroups,
+            [UseDirectory] = @UseDirectory,
+            [UseEvents] = @UseEvents,
+            [UseTotp] = @UseTotp,
+            [Use2fa] = @Use2fa,
+            [UseApi] = @UseApi,
+            [UseResetPassword] = @UseResetPassword,
+            [SelfHost] = @SelfHost,
+            [UsersGetPremium] = @UsersGetPremium,
+            [Storage] = @Storage,
+            [MaxStorageGb] = @MaxStorageGb,
+            [Gateway] = @Gateway,
+            [GatewayCustomerId] = @GatewayCustomerId,
+            [GatewaySubscriptionId] = @GatewaySubscriptionId,
+            [ReferenceData] = @ReferenceData,
+            [Enabled] = @Enabled,
+            [LicenseKey] = @LicenseKey,
+            [PublicKey] = @PublicKey,
+            [PrivateKey] = @PrivateKey,
+            [TwoFactorProviders] = @TwoFactorProviders,
+            [ExpirationDate] = @ExpirationDate,
+            [CreationDate] = @CreationDate,
+            [RevisionDate] = @RevisionDate,
+            [OwnersNotifiedOfAutoscaling] = @OwnersNotifiedOfAutoscaling,
+            [MaxAutoscaleSeats] = @MaxAutoscaleSeats,
+            [UseKeyConnector] = @UseKeyConnector,
+            [UseScim] = @UseScim,
+            [UseCustomPermissions] = @UseCustomPermissions,
+            [UseSecretsManager] = @UseSecretsManager,
+            [Status] = @Status,
+            [UsePasswordManager] = @UsePasswordManager,
+            [SmSeats] = @SmSeats,
+            [SmServiceAccounts] = @SmServiceAccounts,
+            [MaxAutoscaleSmSeats] = @MaxAutoscaleSmSeats,
+            [MaxAutoscaleSmServiceAccounts] = @MaxAutoscaleSmServiceAccounts,
+            [SecretsManagerBeta] = @SecretsManagerBeta,
+            [LimitCollectionCreationDeletion] = COALESCE(@LimitCollectionCreation, @LimitCollectionDeletion, 0),
+            [LimitCollectionCreation] = @LimitCollectionCreation,
+            [LimitCollectionDeletion] = @LimitCollectionDeletion,
+            [AllowAdminAccessToAllCollectionItems] = @AllowAdminAccessToAllCollectionItems,
+            [UseRiskInsights] = @UseRiskInsights
+        WHERE
+            [Id] = @Id
+    END
+    GO

util/Migrator/DbScripts/2024-11-25_01_AddUseRiskInsightsToViews.sql

@@ -0,0 +1,142 @@
+    /* Alter view to include UseRiskInsights */
+    CREATE OR ALTER VIEW [dbo].[OrganizationUserOrganizationDetailsView]
+    AS
+    SELECT
+        OU.[UserId],
+        OU.[OrganizationId],
+        OU.[Id] OrganizationUserId,
+        O.[Name],
+        O.[Enabled],
+        O.[PlanType],
+        O.[UsePolicies],
+        O.[UseSso],
+        O.[UseKeyConnector],
+        O.[UseScim],
+        O.[UseGroups],
+        O.[UseDirectory],
+        O.[UseEvents],
+        O.[UseTotp],
+        O.[Use2fa],
+        O.[UseApi],
+        O.[UseResetPassword],
+        O.[SelfHost],
+        O.[UsersGetPremium],
+        O.[UseCustomPermissions],
+        O.[UseSecretsManager],
+        O.[Seats],
+        O.[MaxCollections],
+        O.[MaxStorageGb],
+        O.[Identifier],
+        OU.[Key],
+        OU.[ResetPasswordKey],
+        O.[PublicKey],
+        O.[PrivateKey],
+        OU.[Status],
+        OU.[Type],
+        SU.[ExternalId] SsoExternalId,
+        OU.[Permissions],
+        PO.[ProviderId],
+        P.[Name] ProviderName,
+        P.[Type] ProviderType,
+        SS.[Data] SsoConfig,
+        OS.[FriendlyName] FamilySponsorshipFriendlyName,
+        OS.[LastSyncDate] FamilySponsorshipLastSyncDate,
+        OS.[ToDelete] FamilySponsorshipToDelete,
+        OS.[ValidUntil] FamilySponsorshipValidUntil,
+        OU.[AccessSecretsManager],
+        O.[UsePasswordManager],
+        O.[SmSeats],
+        O.[SmServiceAccounts],
+        O.[LimitCollectionCreationDeletion], -- Deprecated https://bitwarden.atlassian.net/browse/PM-10863
+        O.[LimitCollectionCreation],
+        O.[LimitCollectionDeletion],
+        O.[AllowAdminAccessToAllCollectionItems],
+        O.[UseRiskInsights]
+    FROM
+        [dbo].[OrganizationUser] OU
+    LEFT JOIN
+        [dbo].[Organization] O ON O.[Id] = OU.[OrganizationId]
+    LEFT JOIN
+        [dbo].[SsoUser] SU ON SU.[UserId] = OU.[UserId] AND SU.[OrganizationId] = OU.[OrganizationId]
+    LEFT JOIN
+        [dbo].[ProviderOrganization] PO ON PO.[OrganizationId] = O.[Id]
+    LEFT JOIN
+        [dbo].[Provider] P ON P.[Id] = PO.[ProviderId]
+    LEFT JOIN
+        [dbo].[SsoConfig] SS ON SS.[OrganizationId] = OU.[OrganizationId]
+    LEFT JOIN
+        [dbo].[OrganizationSponsorship] OS ON OS.[SponsoringOrganizationUserID] = OU.[Id]
+    GO
+
+    /* Alter this view to include UseRiskInsights column to the query */
+    CREATE OR ALTER VIEW [dbo].[ProviderUserProviderOrganizationDetailsView]
+    AS
+    SELECT
+        PU.[UserId],
+        PO.[OrganizationId],
+        O.[Name],
+        O.[Enabled],
+        O.[UsePolicies],
+        O.[UseSso],
+        O.[UseKeyConnector],
+        O.[UseScim],
+        O.[UseGroups],
+        O.[UseDirectory],
+        O.[UseEvents],
+        O.[UseTotp],
+        O.[Use2fa],
+        O.[UseApi],
+        O.[UseResetPassword],
+        O.[SelfHost],
+        O.[UsersGetPremium],
+        O.[UseCustomPermissions],
+        O.[Seats],
+        O.[MaxCollections],
+        O.[MaxStorageGb],
+        O.[Identifier],
+        PO.[Key],
+        O.[PublicKey],
+        O.[PrivateKey],
+        PU.[Status],
+        PU.[Type],
+        PO.[ProviderId],
+        PU.[Id] ProviderUserId,
+        P.[Name] ProviderName,
+        O.[PlanType],
+        O.[LimitCollectionCreationDeletion], -- Deprecated https://bitwarden.atlassian.net/browse/PM-10863
+        O.[LimitCollectionCreation],
+        O.[LimitCollectionDeletion],
+        O.[AllowAdminAccessToAllCollectionItems],
+        O.[UseRiskInsights]
+    FROM
+        [dbo].[ProviderUser] PU
+    INNER JOIN
+        [dbo].[ProviderOrganization] PO ON PO.[ProviderId] = PU.[ProviderId]
+    INNER JOIN
+        [dbo].[Organization] O ON O.[Id] = PO.[OrganizationId]
+    INNER JOIN
+        [dbo].[Provider] P ON P.[Id] = PU.[ProviderId]
+    GO
+
+
+    --Manually refresh [dbo].[OrganizationUserOrganizationDetailsView]
+    IF OBJECT_ID('[dbo].[OrganizationUserOrganizationDetailsView]') IS NOT NULL
+        BEGIN
+            EXECUTE sp_refreshsqlmodule N'[dbo].[OrganizationUserOrganizationDetailsView]';
+        END
+    GO
+
+    --Manually refresh [dbo].[ProviderUserProviderOrganizationDetailsView]
+    IF OBJECT_ID('[dbo].[ProviderUserProviderOrganizationDetailsView]') IS NOT NULL
+        BEGIN
+            EXECUTE sp_refreshsqlmodule N'[dbo].[ProviderUserProviderOrganizationDetailsView]';
+        END
+    GO
+
+    --Manually refresh [dbo].[OrganizationView]
+    IF OBJECT_ID('[dbo].[OrganizationView]') IS NOT NULL
+        BEGIN
+            EXECUTE sp_refreshsqlmodule N'[dbo].[OrganizationView]';
+        END
+    GO
+    

util/MySqlMigrations/Migrations/20241125185627_AddUseRiskInsightsFlag.cs

@@ -0,0 +1,28 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Bit.MySqlMigrations.Migrations;
+
+/// <inheritdoc />
+public partial class AddUseRiskInsightsFlag : Migration
+{
+    /// <inheritdoc />
+    protected override void Up(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.AddColumn<bool>(
+            name: "UseRiskInsights",
+            table: "Organization",
+            type: "tinyint(1)",
+            nullable: false,
+            defaultValue: false);
+    }
+
+    /// <inheritdoc />
+    protected override void Down(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.DropColumn(
+            name: "UseRiskInsights",
+            table: "Organization");
+    }
+}

util/MySqlMigrations/Migrations/DatabaseContextModelSnapshot.cs

@@ -191,6 +191,9 @@ namespace Bit.MySqlMigrations.Migrations
                     b.Property<bool>("UseResetPassword")
                         .HasColumnType("tinyint(1)");
 
+                    b.Property<bool>("UseRiskInsights")
+                        .HasColumnType("tinyint(1)");
+
                     b.Property<bool>("UseScim")
                         .HasColumnType("tinyint(1)");
 

util/PostgresMigrations/Migrations/20241125185635_AddUseRiskInsightsFlag.cs

@@ -0,0 +1,28 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Bit.PostgresMigrations.Migrations;
+
+/// <inheritdoc />
+public partial class AddUseRiskInsightsFlag : Migration
+{
+    /// <inheritdoc />
+    protected override void Up(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.AddColumn<bool>(
+            name: "UseRiskInsights",
+            table: "Organization",
+            type: "boolean",
+            nullable: false,
+            defaultValue: false);
+    }
+
+    /// <inheritdoc />
+    protected override void Down(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.DropColumn(
+            name: "UseRiskInsights",
+            table: "Organization");
+    }
+}

util/PostgresMigrations/Migrations/DatabaseContextModelSnapshot.cs

@@ -193,6 +193,9 @@ namespace Bit.PostgresMigrations.Migrations
                     b.Property<bool>("UseResetPassword")
                         .HasColumnType("boolean");
 
+                    b.Property<bool>("UseRiskInsights")
+                        .HasColumnType("boolean");
+
                     b.Property<bool>("UseScim")
                         .HasColumnType("boolean");
 

util/SqliteMigrations/Migrations/20241125185632_AddUseRiskInsightsFlag.cs

@@ -0,0 +1,28 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace Bit.SqliteMigrations.Migrations;
+
+/// <inheritdoc />
+public partial class AddUseRiskInsightsFlag : Migration
+{
+    /// <inheritdoc />
+    protected override void Up(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.AddColumn<bool>(
+            name: "UseRiskInsights",
+            table: "Organization",
+            type: "INTEGER",
+            nullable: false,
+            defaultValue: false);
+    }
+
+    /// <inheritdoc />
+    protected override void Down(MigrationBuilder migrationBuilder)
+    {
+        migrationBuilder.DropColumn(
+            name: "UseRiskInsights",
+            table: "Organization");
+    }
+}

util/SqliteMigrations/Migrations/DatabaseContextModelSnapshot.cs

@@ -186,6 +186,9 @@ namespace Bit.SqliteMigrations.Migrations
                     b.Property<bool>("UseResetPassword")
                         .HasColumnType("INTEGER");
 
+                    b.Property<bool>("UseRiskInsights")
+                        .HasColumnType("INTEGER");
+
                     b.Property<bool>("UseScim")
                         .HasColumnType("INTEGER");