Wrapped phishing detection feature behind feature flag (#5532)

2025-04-04 20:50:21 -05:00 · 2025-03-20 09:56:03 -04:00 · 2025-03-20 09:56:03 -04:00 · 90b70ce354
commit 90b70ce354
parent 0eaab14628
3 changed files with 25 additions and 3 deletions
--- a/src/Api/Controllers/PhishingDomainsController.cs
+++ b/src/Api/Controllers/PhishingDomainsController.cs
@ -1,14 +1,21 @@
-using Bit.Core.Repositories;
+using Bit.Core;
+using Bit.Core.Repositories;
+using Bit.Core.Services;
 using Microsoft.AspNetCore.Mvc;

 namespace Bit.Api.Controllers;

 [Route("phishing-domains")]
-public class PhishingDomainsController(IPhishingDomainRepository phishingDomainRepository) : Controller
+public class PhishingDomainsController(IPhishingDomainRepository phishingDomainRepository, IFeatureService featureService) : Controller
 {
    [HttpGet]
    public async Task<ActionResult<ICollection<string>>> GetPhishingDomainsAsync()
    {
+        if (!featureService.IsEnabled(FeatureFlagKeys.PhishingDetection))
+        {
+            return NotFound();
+        }
+
        var domains = await phishingDomainRepository.GetActivePhishingDomainsAsync();
        return Ok(domains);
    }
@ -16,6 +23,11 @@ public class PhishingDomainsController(IPhishingDomainRepository phishingDomainR
    [HttpGet("checksum")]
    public async Task<ActionResult<string>> GetChecksumAsync()
    {
+        if (!featureService.IsEnabled(FeatureFlagKeys.PhishingDetection))
+        {
+            return NotFound();
+        }
+
        var checksum = await phishingDomainRepository.GetCurrentChecksumAsync();
        return Ok(checksum);
    }
--- a/src/Api/Jobs/UpdatePhishingDomainsJob.cs
+++ b/src/Api/Jobs/UpdatePhishingDomainsJob.cs
@ -2,6 +2,7 @@
 using Bit.Core.Jobs;
 using Bit.Core.PhishingDomainFeatures.Interfaces;
 using Bit.Core.Repositories;
+using Bit.Core.Services;
 using Bit.Core.Settings;
 using Quartz;

@ -12,21 +13,29 @@ public class UpdatePhishingDomainsJob : BaseJob
    private readonly GlobalSettings _globalSettings;
    private readonly IPhishingDomainRepository _phishingDomainRepository;
    private readonly ICloudPhishingDomainQuery _cloudPhishingDomainQuery;
-
+    private readonly IFeatureService _featureService;
    public UpdatePhishingDomainsJob(
        GlobalSettings globalSettings,
        IPhishingDomainRepository phishingDomainRepository,
        ICloudPhishingDomainQuery cloudPhishingDomainQuery,
+        IFeatureService featureService,
        ILogger<UpdatePhishingDomainsJob> logger)
        : base(logger)
    {
        _globalSettings = globalSettings;
        _phishingDomainRepository = phishingDomainRepository;
        _cloudPhishingDomainQuery = cloudPhishingDomainQuery;
+        _featureService = featureService;
    }

    protected override async Task ExecuteJobAsync(IJobExecutionContext context)
    {
+        if (!_featureService.IsEnabled(FeatureFlagKeys.PhishingDetection))
+        {
+            _logger.LogInformation(Constants.BypassFiltersEventId, "Skipping phishing domain update. Feature flag is disabled.");
+            return;
+        }
+
        if (string.IsNullOrWhiteSpace(_globalSettings.PhishingDomain?.UpdateUrl))
        {
            _logger.LogInformation(Constants.BypassFiltersEventId, "Skipping phishing domain update. No URL configured.");
--- a/src/Core/Constants.cs
+++ b/src/Core/Constants.cs
@ -177,6 +177,7 @@ public static class FeatureFlagKeys
    public const string PM12276Breadcrumbing = "pm-12276-breadcrumbing-for-business-features";
    public const string PM18794_ProviderPaymentMethod = "pm-18794-provider-payment-method";
    public const string PM3553_MobileSimpleLoginSelfHostAlias = "simple-login-self-host-alias";
+    public const string PhishingDetection = "phishing-detection";

    public static List<string> GetAllKeys()
    {