Refactor AcceptOrgUserCommand: delegate feature flag check to the ValidateTwoFactorAuthenticationPolicyAsync method

2025-06-04 18:20:33 -05:00 · 2025-05-26 10:35:10 +01:00 · 2025-05-26 10:35:10 +01:00 · 265dd37ca0
commit 265dd37ca0
parent d98b4b3c4e
1 changed files with 21 additions and 21 deletions
--- a/src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/AcceptOrgUserCommand.cs
+++ b/src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/AcceptOrgUserCommand.cs
@ -203,22 +203,7 @@ public class AcceptOrgUserCommand : IAcceptOrgUserCommand
        }

        // Enforce Two Factor Authentication Policy of organization user is trying to join
-        if (_featureService.IsEnabled(FeatureFlagKeys.PolicyRequirements))
-        {
-            await ValidateTwoFactorAuthenticationPolicyAsync(user, orgUser.OrganizationId);
-        }
-        else
-        {
-            if (!await _twoFactorIsEnabledQuery.TwoFactorIsEnabledAsync(user))
-            {
-                var invitedTwoFactorPolicies = await _policyService.GetPoliciesApplicableToUserAsync(user.Id,
-                    PolicyType.TwoFactorAuthentication, OrganizationUserStatusType.Invited);
-                if (invitedTwoFactorPolicies.Any(p => p.OrganizationId == orgUser.OrganizationId))
-                {
-                    throw new BadRequestException("You cannot join this organization until you enable two-step login on your user account.");
-                }
-            }
-        }
+        await ValidateTwoFactorAuthenticationPolicyAsync(user, orgUser.OrganizationId);

        orgUser.Status = OrganizationUserStatusType.Accepted;
        orgUser.UserId = user.Id;
@ -248,12 +233,27 @@ public class AcceptOrgUserCommand : IAcceptOrgUserCommand
    /// the user does not have two-step login enabled.</exception>
    private async Task ValidateTwoFactorAuthenticationPolicyAsync(User user, Guid organizationId)
    {
-        var twoFactorPolicyRequirement = await _policyRequirementQuery.GetAsync<RequireTwoFactorPolicyRequirement>(user.Id);
-        var twoFactorRequiredForOrganization = twoFactorPolicyRequirement.IsTwoFactorRequiredForOrganization(organizationId);
-
-        if (twoFactorRequiredForOrganization && !await _twoFactorIsEnabledQuery.TwoFactorIsEnabledAsync(user))
+        if (_featureService.IsEnabled(FeatureFlagKeys.PolicyRequirements))
        {
-            throw new BadRequestException("You cannot join this organization until you enable two-step login on your user account.");
+            var twoFactorPolicyRequirement = await _policyRequirementQuery.GetAsync<RequireTwoFactorPolicyRequirement>(user.Id);
+            var twoFactorRequiredForOrganization = twoFactorPolicyRequirement.IsTwoFactorRequiredForOrganization(organizationId);
+
+            if (twoFactorRequiredForOrganization && !await _twoFactorIsEnabledQuery.TwoFactorIsEnabledAsync(user))
+            {
+                throw new BadRequestException("You cannot join this organization until you enable two-step login on your user account.");
+            }
+        }
+        else
+        {
+            if (!await _twoFactorIsEnabledQuery.TwoFactorIsEnabledAsync(user))
+            {
+                var invitedTwoFactorPolicies = await _policyService.GetPoliciesApplicableToUserAsync(user.Id,
+                    PolicyType.TwoFactorAuthentication, OrganizationUserStatusType.Invited);
+                if (invitedTwoFactorPolicies.Any(p => p.OrganizationId == organizationId))
+                {
+                    throw new BadRequestException("You cannot join this organization until you enable two-step login on your user account.");
+                }
+            }
        }
    }
 }