From 65ec7fd6c1b750f8e37f1cf8d971319c0865f4dd Mon Sep 17 00:00:00 2001 From: Conner Turnbull Date: Mon, 9 Jun 2025 14:58:04 -0400 Subject: [PATCH] Removed obsolete methods --- .../Implementations/OrganizationService.cs | 2 +- .../Models/Business/OrganizationLicense.cs | 211 +----------------- src/Core/Models/Business/UserLicense.cs | 84 ------- .../UpdateOrganizationLicenseCommand.cs | 2 +- 4 files changed, 3 insertions(+), 296 deletions(-) diff --git a/src/Core/AdminConsole/Services/Implementations/OrganizationService.cs b/src/Core/AdminConsole/Services/Implementations/OrganizationService.cs index 16e58d27ad..2e910873ee 100644 --- a/src/Core/AdminConsole/Services/Implementations/OrganizationService.cs +++ b/src/Core/AdminConsole/Services/Implementations/OrganizationService.cs @@ -399,7 +399,7 @@ public class OrganizationService : IOrganizationService } var claimsPrincipal = _licensingService.GetClaimsPrincipalFromLicense(license); - var canUse = license.CanUse(_globalSettings, _licensingService, claimsPrincipal, out var exception); + var canUse = license.CanUse(_globalSettings, claimsPrincipal, out var exception); if (!canUse) { diff --git a/src/Core/Models/Business/OrganizationLicense.cs b/src/Core/Models/Business/OrganizationLicense.cs index dddaac34d1..b802a02bc1 100644 --- a/src/Core/Models/Business/OrganizationLicense.cs +++ b/src/Core/Models/Business/OrganizationLicense.cs @@ -224,15 +224,9 @@ public class OrganizationLicense : BaseLicense public bool CanUse( IGlobalSettings globalSettings, - ILicensingService licensingService, ClaimsPrincipal claimsPrincipal, out string exception) { - if (string.IsNullOrWhiteSpace(Token) || claimsPrincipal is null) - { - return ObsoleteCanUse(globalSettings, licensingService, out exception); - } - var errorMessages = new StringBuilder(); var enabled = claimsPrincipal.GetValue(nameof(Enabled)); @@ -254,7 +248,7 @@ public class OrganizationLicense : BaseLicense } var licenseType = claimsPrincipal.GetValue(nameof(LicenseType)); - if (licenseType != Enums.LicenseType.Organization) + if (licenseType != LicenseType.Organization) { errorMessages.AppendLine("Premium licenses cannot be applied to an organization. " + "Upload this license from your personal account settings page."); @@ -270,102 +264,11 @@ public class OrganizationLicense : BaseLicense return true; } - /// - /// Validates an obsolete license format using property-based validation. - /// - /// - /// - /// ⚠️ DEPRECATED: This method is deprecated and should not be extended or modified. - /// It is maintained only for backward compatibility with old license formats. - /// - /// - /// This method has been replaced by a new claims-based validation system that provides: - /// - Better security through JWT claims - /// - More flexible validation rules - /// - Easier extensibility without changing the license format - /// - Better separation of concerns - /// - /// - /// To add new license validation rules: - /// 1. Add new claims to the license token in the claims-based system - /// 2. Extend the method - /// 3. Validate the new claims using the ClaimsPrincipal parameter - /// - /// - /// This method will be removed in a future version once all old licenses have been migrated - /// to the new claims-based system. - /// - /// - /// The global settings containing installation information. - /// The service used to verify the license signature. - /// When the method returns false, contains the error message explaining why the license is invalid. - /// True if the license is valid, false otherwise. - private bool ObsoleteCanUse(IGlobalSettings globalSettings, ILicensingService licensingService, out string exception) - { - // Do not extend this method. It is only here for backwards compatibility with old licenses. - var errorMessages = new StringBuilder(); - - if (!Enabled) - { - errorMessages.AppendLine("Your cloud-hosted organization is currently disabled."); - } - - if (Issued > DateTime.UtcNow) - { - errorMessages.AppendLine("The license hasn't been issued yet."); - } - - if (Expires < DateTime.UtcNow) - { - errorMessages.AppendLine("The license has expired."); - } - - if (!ValidLicenseVersion) - { - errorMessages.AppendLine($"Version {Version} is not supported."); - } - - if (InstallationId != globalSettings.Installation.Id) - { - errorMessages.AppendLine("The installation ID does not match the current installation."); - } - - if (!SelfHost) - { - errorMessages.AppendLine("The license does not allow for on-premise hosting of organizations."); - } - - if (LicenseType != LicenseType.Organization) - { - errorMessages.AppendLine("Premium licenses cannot be applied to an organization. " + - "Upload this license from your personal account settings page."); - } - - if (!licensingService.VerifyLicense(this)) - { - errorMessages.AppendLine("The license verification failed."); - } - - if (errorMessages.Length > 0) - { - exception = $"Invalid license. {errorMessages.ToString().TrimEnd()}"; - return false; - } - - exception = ""; - return true; - } - public bool VerifyData( Organization organization, ClaimsPrincipal claimsPrincipal, IGlobalSettings globalSettings) { - if (string.IsNullOrWhiteSpace(Token)) - { - return ObsoleteVerifyData(organization, globalSettings); - } - var issued = claimsPrincipal.GetValue(nameof(Issued)); var expires = claimsPrincipal.GetValue(nameof(Expires)); var installationId = claimsPrincipal.GetValue(nameof(InstallationId)); @@ -425,117 +328,5 @@ public class OrganizationLicense : BaseLicense smServiceAccounts == organization.SmServiceAccounts && useAdminSponsoredFamilies == organization.UseAdminSponsoredFamilies && useOrganizationDomains == organization.UseOrganizationDomains; - - } - - /// - /// Do not extend this method. It is only here for backwards compatibility with old licenses. - /// Instead, extend the VerifyData method using the ClaimsPrincipal. - /// - /// - /// - /// - /// - private bool ObsoleteVerifyData(Organization organization, IGlobalSettings globalSettings) - { - // Do not extend this method. It is only here for backwards compatibility with old licenses. - if (Issued > DateTime.UtcNow || Expires < DateTime.UtcNow) - { - return false; - } - - if (!ValidLicenseVersion) - { - throw new NotSupportedException($"Version {Version} is not supported."); - } - - var valid = - globalSettings.Installation.Id == InstallationId && - organization.LicenseKey != null && organization.LicenseKey.Equals(LicenseKey) && - organization.Enabled == Enabled && - organization.PlanType == PlanType && - organization.Seats == Seats && - organization.MaxCollections == MaxCollections && - organization.UseGroups == UseGroups && - organization.UseDirectory == UseDirectory && - organization.UseTotp == UseTotp && - organization.SelfHost == SelfHost && - organization.Name.Equals(Name); - - if (valid && Version >= 2) - { - valid = organization.UsersGetPremium == UsersGetPremium; - } - - if (valid && Version >= 3) - { - valid = organization.UseEvents == UseEvents; - } - - if (valid && Version >= 4) - { - valid = organization.Use2fa == Use2fa; - } - - if (valid && Version >= 5) - { - valid = organization.UseApi == UseApi; - } - - if (valid && Version >= 6) - { - valid = organization.UsePolicies == UsePolicies; - } - - if (valid && Version >= 7) - { - valid = organization.UseSso == UseSso; - } - - if (valid && Version >= 8) - { - valid = organization.UseResetPassword == UseResetPassword; - } - - if (valid && Version >= 9) - { - valid = organization.UseKeyConnector == UseKeyConnector; - } - - if (valid && Version >= 10) - { - valid = organization.UseScim == UseScim; - } - - if (valid && Version >= 11) - { - valid = organization.UseCustomPermissions == UseCustomPermissions; - } - - /*Version 12 added ExpirationWithoutDatePeriod, but that property is informational only and is not saved - to the Organization object. It's validated as part of the hash but does not need to be validated here. - */ - - if (valid && Version >= 13) - { - valid = organization.UseSecretsManager == UseSecretsManager && - organization.UsePasswordManager == UsePasswordManager && - organization.SmSeats == SmSeats && - organization.SmServiceAccounts == SmServiceAccounts; - } - - /* - * Version 14 added LimitCollectionCreationDeletion and Version - * 15 added AllowAdminAccessToAllCollectionItems, however they - * are no longer used and are intentionally excluded from - * validation. - */ - - if (valid && Version >= CurrentLicenseFileVersion + 1) - { - valid = organization.UseOrganizationDomains; - } - - return valid; } } diff --git a/src/Core/Models/Business/UserLicense.cs b/src/Core/Models/Business/UserLicense.cs index 7539c9944b..cb36d53a52 100644 --- a/src/Core/Models/Business/UserLicense.cs +++ b/src/Core/Models/Business/UserLicense.cs @@ -77,11 +77,6 @@ public class UserLicense : BaseLicense public bool CanUse(User user, ClaimsPrincipal claimsPrincipal, out string exception) { - if (string.IsNullOrWhiteSpace(Token) || claimsPrincipal is null) - { - return ObsoleteCanUse(user, out exception); - } - var errorMessages = new StringBuilder(); if (!user.EmailVerified) @@ -105,61 +100,8 @@ public class UserLicense : BaseLicense return true; } - /// - /// Do not extend this method. It is only here for backwards compatibility with old licenses. - /// Instead, extend the CanUse method using the ClaimsPrincipal. - /// - /// - /// - /// - /// - private bool ObsoleteCanUse(User user, out string exception) - { - // Do not extend this method. It is only here for backwards compatibility with old licenses. - var errorMessages = new StringBuilder(); - - if (Issued > DateTime.UtcNow) - { - errorMessages.AppendLine("The license hasn't been issued yet."); - } - - if (Expires < DateTime.UtcNow) - { - errorMessages.AppendLine("The license has expired."); - } - - if (!ValidLicenseVersion) - { - throw new NotSupportedException($"Version {Version} is not supported."); - } - - if (!user.EmailVerified) - { - errorMessages.AppendLine("The user's email is not verified."); - } - - if (!user.Email.Equals(Email, StringComparison.InvariantCultureIgnoreCase)) - { - errorMessages.AppendLine("The user's email does not match the license email."); - } - - if (errorMessages.Length > 0) - { - exception = $"Invalid license. {errorMessages.ToString().TrimEnd()}"; - return false; - } - - exception = ""; - return true; - } - public bool VerifyData(User user, ClaimsPrincipal claimsPrincipal) { - if (string.IsNullOrWhiteSpace(Token) || claimsPrincipal is null) - { - return ObsoleteVerifyData(user); - } - var licenseKey = claimsPrincipal.GetValue(nameof(LicenseKey)); var premium = claimsPrincipal.GetValue(nameof(Premium)); var email = claimsPrincipal.GetValue(nameof(Email)); @@ -168,30 +110,4 @@ public class UserLicense : BaseLicense premium == user.Premium && email.Equals(user.Email, StringComparison.InvariantCultureIgnoreCase); } - - /// - /// Do not extend this method. It is only here for backwards compatibility with old licenses. - /// Instead, extend the VerifyData method using the ClaimsPrincipal. - /// - /// - /// - /// - private bool ObsoleteVerifyData(User user) - { - // Do not extend this method. It is only here for backwards compatibility with old licenses. - if (Issued > DateTime.UtcNow || Expires < DateTime.UtcNow) - { - return false; - } - - if (!ValidLicenseVersion) - { - throw new NotSupportedException($"Version {Version} is not supported."); - } - - return - user.LicenseKey != null && user.LicenseKey.Equals(LicenseKey) && - user.Premium == Premium && - user.Email.Equals(Email, StringComparison.InvariantCultureIgnoreCase); - } } diff --git a/src/Core/OrganizationFeatures/OrganizationLicenses/UpdateOrganizationLicenseCommand.cs b/src/Core/OrganizationFeatures/OrganizationLicenses/UpdateOrganizationLicenseCommand.cs index ffeee39c07..7ca140793b 100644 --- a/src/Core/OrganizationFeatures/OrganizationLicenses/UpdateOrganizationLicenseCommand.cs +++ b/src/Core/OrganizationFeatures/OrganizationLicenses/UpdateOrganizationLicenseCommand.cs @@ -40,7 +40,7 @@ public class UpdateOrganizationLicenseCommand : IUpdateOrganizationLicenseComman } var claimsPrincipal = _licensingService.GetClaimsPrincipalFromLicense(license); - var canUse = license.CanUse(_globalSettings, _licensingService, claimsPrincipal, out var exception) && + var canUse = license.CanUse(_globalSettings, claimsPrincipal, out var exception) && selfHostedOrganization.CanUseLicense(license, out exception); if (!canUse)