Wrapped phishing detection feature behind feature flag (#5532)

src/Api/Controllers/PhishingDomainsController.cs

@@ -1,14 +1,21 @@
-using Bit.Core.Repositories;
+using Bit.Core;
+using Bit.Core.Repositories;
+using Bit.Core.Services;
 using Microsoft.AspNetCore.Mvc;
 
 namespace Bit.Api.Controllers;
 
 [Route("phishing-domains")]
-public class PhishingDomainsController(IPhishingDomainRepository phishingDomainRepository) : Controller
+public class PhishingDomainsController(IPhishingDomainRepository phishingDomainRepository, IFeatureService featureService) : Controller
 {
     [HttpGet]
     public async Task<ActionResult<ICollection<string>>> GetPhishingDomainsAsync()
     {
+        if (!featureService.IsEnabled(FeatureFlagKeys.PhishingDetection))
+        {
+            return NotFound();
+        }
+
         var domains = await phishingDomainRepository.GetActivePhishingDomainsAsync();
         return Ok(domains);
     }
@@ -16,6 +23,11 @@ public class PhishingDomainsController(IPhishingDomainRepository phishingDomainR
     [HttpGet("checksum")]
     public async Task<ActionResult<string>> GetChecksumAsync()
     {
+        if (!featureService.IsEnabled(FeatureFlagKeys.PhishingDetection))
+        {
+            return NotFound();
+        }
+
         var checksum = await phishingDomainRepository.GetCurrentChecksumAsync();
         return Ok(checksum);
     }

src/Api/Jobs/UpdatePhishingDomainsJob.cs

@@ -2,6 +2,7 @@
 using Bit.Core.Jobs;
 using Bit.Core.PhishingDomainFeatures.Interfaces;
 using Bit.Core.Repositories;
+using Bit.Core.Services;
 using Bit.Core.Settings;
 using Quartz;
 
@@ -12,21 +13,29 @@ public class UpdatePhishingDomainsJob : BaseJob
     private readonly GlobalSettings _globalSettings;
     private readonly IPhishingDomainRepository _phishingDomainRepository;
     private readonly ICloudPhishingDomainQuery _cloudPhishingDomainQuery;
-
+    private readonly IFeatureService _featureService;
     public UpdatePhishingDomainsJob(
         GlobalSettings globalSettings,
         IPhishingDomainRepository phishingDomainRepository,
         ICloudPhishingDomainQuery cloudPhishingDomainQuery,
+        IFeatureService featureService,
         ILogger<UpdatePhishingDomainsJob> logger)
         : base(logger)
     {
         _globalSettings = globalSettings;
         _phishingDomainRepository = phishingDomainRepository;
         _cloudPhishingDomainQuery = cloudPhishingDomainQuery;
+        _featureService = featureService;
     }
 
     protected override async Task ExecuteJobAsync(IJobExecutionContext context)
     {
+        if (!_featureService.IsEnabled(FeatureFlagKeys.PhishingDetection))
+        {
+            _logger.LogInformation(Constants.BypassFiltersEventId, "Skipping phishing domain update. Feature flag is disabled.");
+            return;
+        }
+
         if (string.IsNullOrWhiteSpace(_globalSettings.PhishingDomain?.UpdateUrl))
         {
             _logger.LogInformation(Constants.BypassFiltersEventId, "Skipping phishing domain update. No URL configured.");

src/Core/Constants.cs

@@ -177,6 +177,7 @@ public static class FeatureFlagKeys
     public const string PM12276Breadcrumbing = "pm-12276-breadcrumbing-for-business-features";
     public const string PM18794_ProviderPaymentMethod = "pm-18794-provider-payment-method";
     public const string PM3553_MobileSimpleLoginSelfHostAlias = "simple-login-self-host-alias";
+    public const string PhishingDetection = "phishing-detection";
 
     public static List<string> GetAllKeys()
     {