Split Organization.LimitCollectionCreationDeletion into two separate business rules (#4730)

* Add feature flag * Promoted the new Entiy Framework properties * Deprecate the old property * Update references * Fix mispelling * Re-add contextual comment regarding dropped license properties * Add back deleted assertion for deprecated property * Add back removed fixture property assignment * Improve feature toggling scenerios for self hosted org creation/update * Unblock `PutCollectionManagement` for self host * Simplify logic of a couple of conditionals * Feature toggle route unblocking * Adjust logic collection creation/deletion authorization handler * Create tests * Fix bug caught by tests * Fix bugs caught during manual testing * Remove remark about license
2025-06-30 15:42:48 -05:00 · 2024-10-18 11:00:01 -04:00
parent 4fec7cadb7
commit 91409a45f0
22 changed files with 701 additions and 69 deletions
--- a/src/Api/Models/Request/Organizations/OrganizationCollectionManagementUpdateRequestModel.cs
+++ b/src/Api/Models/Request/Organizations/OrganizationCollectionManagementUpdateRequestModel.cs
@ -1,15 +1,29 @@
-using Bit.Core.AdminConsole.Entities;
+using Bit.Core;
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.Services;

 namespace Bit.Api.Models.Request.Organizations;

 public class OrganizationCollectionManagementUpdateRequestModel
 {
+    public bool LimitCollectionCreation { get; set; }
+    public bool LimitCollectionDeletion { get; set; }
+    // Deprecated: https://bitwarden.atlassian.net/browse/PM-10863
    public bool LimitCreateDeleteOwnerAdmin { get; set; }
    public bool AllowAdminAccessToAllCollectionItems { get; set; }

-    public virtual Organization ToOrganization(Organization existingOrganization)
+    public virtual Organization ToOrganization(Organization existingOrganization, IFeatureService featureService)
    {
-        existingOrganization.LimitCollectionCreationDeletion = LimitCreateDeleteOwnerAdmin;
+        if (featureService.IsEnabled(FeatureFlagKeys.LimitCollectionCreationDeletionSplit))
+        {
+            existingOrganization.LimitCollectionCreation = LimitCollectionCreation;
+            existingOrganization.LimitCollectionDeletion = LimitCollectionDeletion;
+        }
+        else
+        {
+            existingOrganization.LimitCollectionCreationDeletion = LimitCreateDeleteOwnerAdmin || LimitCollectionCreation || LimitCollectionDeletion;
+        }
+
        existingOrganization.AllowAdminAccessToAllCollectionItems = AllowAdminAccessToAllCollectionItems;
        return existingOrganization;
    }