[PM-18234] Add SendPolicyRequirement (#5409)

2025-07-06 10:32:49 -05:00 · 2025-02-24 09:19:52 +10:00
parent 5241e09c1a
commit b0c6fc9146
8 changed files with 384 additions and 6 deletions
--- a/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/SendPolicyRequirement.cs
+++ b/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/SendPolicyRequirement.cs
@ -0,0 +1,54 @@
+using Bit.Core.AdminConsole.Enums;
+using Bit.Core.AdminConsole.Models.Data.Organizations.Policies;
+using Bit.Core.Enums;
+
+namespace Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements;
+
+/// <summary>
+/// Policy requirements for the Disable Send and Send Options policies.
+/// </summary>
+public class SendPolicyRequirement : IPolicyRequirement
+{
+    /// <summary>
+    /// Indicates whether Send is disabled for the user. If true, the user should not be able to create or edit Sends.
+    /// They may still delete existing Sends.
+    /// </summary>
+    public bool DisableSend { get; init; }
+    /// <summary>
+    /// Indicates whether the user is prohibited from hiding their email from the recipient of a Send.
+    /// </summary>
+    public bool DisableHideEmail { get; init; }
+
+    /// <summary>
+    /// Create a new SendPolicyRequirement.
+    /// </summary>
+    /// <param name="policyDetails">All PolicyDetails relating to the user.</param>
+    /// <remarks>
+    /// This is a <see cref="RequirementFactory{T}"/> for the SendPolicyRequirement.
+    /// </remarks>
+    public static SendPolicyRequirement Create(IEnumerable<PolicyDetails> policyDetails)
+    {
+        var filteredPolicies = policyDetails
+            .ExemptRoles([OrganizationUserType.Owner, OrganizationUserType.Admin])
+            .ExemptStatus([OrganizationUserStatusType.Invited, OrganizationUserStatusType.Revoked])
+            .ExemptProviders()
+            .ToList();
+
+        var result = filteredPolicies
+            .GetPolicyType(PolicyType.SendOptions)
+            .Select(p => p.GetDataModel<SendOptionsPolicyData>())
+            .Aggregate(
+                new SendPolicyRequirement
+                {
+                    // Set Disable Send requirement in the initial seed
+                    DisableSend = filteredPolicies.GetPolicyType(PolicyType.DisableSend).Any()
+                },
+                (result, data) => new SendPolicyRequirement
+                {
+                    DisableSend = result.DisableSend,
+                    DisableHideEmail = result.DisableHideEmail || data.DisableHideEmail
+                });
+
+        return result;
+    }
+}
--- a/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyServiceCollectionExtensions.cs
+++ b/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyServiceCollectionExtensions.cs
@ -32,6 +32,7 @@ public static class PolicyServiceCollectionExtensions
    private static void AddPolicyRequirements(this IServiceCollection services)
    {
        // Register policy requirement factories here
+        services.AddPolicyRequirement(SendPolicyRequirement.Create);
    }

    /// <summary>