mirror of
https://github.com/bitwarden/server.git
synced 2024-12-22 16:57:36 +01:00
[AC-2521] Remove FlexibleCollectionsSignUp feature flag (#4109)
* Remove FlexibleCollectionsSignUp feature flag * Always set Organization.FlexibleCollections to true * Remove explicit assignment of LimitCollectionCreationDeletion so it defaults to false
This commit is contained in:
parent
4264fc0729
commit
b2693913bf
@ -305,9 +305,8 @@ public class ProvidersController : Controller
|
||||
return RedirectToAction("Index");
|
||||
}
|
||||
|
||||
var flexibleCollectionsSignupEnabled = _featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsSignup);
|
||||
var flexibleCollectionsV1Enabled = _featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1);
|
||||
var organization = model.CreateOrganization(provider, flexibleCollectionsSignupEnabled, flexibleCollectionsV1Enabled);
|
||||
var organization = model.CreateOrganization(provider, flexibleCollectionsV1Enabled);
|
||||
await _organizationService.CreatePendingOrganization(organization, model.Owners, User, _userService, model.SalesAssistedTrialStarted);
|
||||
await _providerService.AddOrganization(providerId, organization.Id, null);
|
||||
|
||||
|
@ -162,19 +162,18 @@ public class OrganizationEditModel : OrganizationViewModel
|
||||
{ "baseServiceAccount", p.SecretsManager.BaseServiceAccount }
|
||||
});
|
||||
|
||||
public Organization CreateOrganization(Provider provider, bool flexibleCollectionsSignupEnabled, bool flexibleCollectionsV1Enabled)
|
||||
public Organization CreateOrganization(Provider provider, bool flexibleCollectionsV1Enabled)
|
||||
{
|
||||
BillingEmail = provider.BillingEmail;
|
||||
|
||||
var newOrg = new Organization
|
||||
{
|
||||
// This feature flag indicates that new organizations should be automatically onboarded to
|
||||
// Flexible Collections enhancements
|
||||
FlexibleCollections = flexibleCollectionsSignupEnabled,
|
||||
// These collection management settings smooth the migration for existing organizations by disabling some FC behavior.
|
||||
// If the organization is onboarded to Flexible Collections on signup, we turn them OFF to enable all new behaviour.
|
||||
// If the organization is NOT onboarded now, they will have to be migrated later, so they default to ON to limit FC changes on migration.
|
||||
LimitCollectionCreationDeletion = !flexibleCollectionsSignupEnabled,
|
||||
// Flexible Collections MVP is fully released and all organizations must always have this setting enabled.
|
||||
// AC-1714 will remove this flag after all old code has been removed.
|
||||
FlexibleCollections = true,
|
||||
|
||||
// This is a transitional setting that defaults to ON until Flexible Collections v1 is released
|
||||
// (to preserve existing behavior) and defaults to OFF after release (enabling new behavior)
|
||||
AllowAdminAccessToAllCollectionItems = !flexibleCollectionsV1Enabled
|
||||
};
|
||||
return ToOrganization(newOrg);
|
||||
|
@ -86,20 +86,20 @@ public class Organization : ITableObject<Guid>, IStorableSubscriber, IRevisable,
|
||||
public int? MaxAutoscaleSmSeats { get; set; }
|
||||
public int? MaxAutoscaleSmServiceAccounts { get; set; }
|
||||
/// <summary>
|
||||
/// Refers to the ability for an organization to limit collection creation and deletion to owners and admins only
|
||||
/// If set to true, only owners, admins, and some custom users can create and delete collections.
|
||||
/// If set to false, any organization member can create a collection, and any member can delete a collection that
|
||||
/// they have Can Manage permissions for.
|
||||
/// </summary>
|
||||
public bool LimitCollectionCreationDeletion { get; set; }
|
||||
/// <summary>
|
||||
/// Refers to the ability for an organization to limit owner/admin access to all collection items
|
||||
/// <remarks>
|
||||
/// True: Owner/admins can access all items belonging to any collections
|
||||
/// False: Owner/admins can only access items for collections they are assigned
|
||||
/// </remarks>
|
||||
/// If set to true, admins, owners, and some custom users can read/write all collections and items in the Admin Console.
|
||||
/// If set to false, users generally need collection-level permissions to read/write a collection or its items.
|
||||
/// </summary>
|
||||
public bool AllowAdminAccessToAllCollectionItems { get; set; }
|
||||
/// <summary>
|
||||
/// True if the organization is using the Flexible Collections permission changes, false otherwise.
|
||||
/// For existing organizations, this must only be set to true once data migrations have been run for this organization.
|
||||
/// This is an organization-level feature flag (not controlled via LaunchDarkly) to onboard organizations to the
|
||||
/// Flexible Collections MVP changes. This has been fully released and must always be set to TRUE for all organizations.
|
||||
/// AC-1714 will remove this flag after all old code has been removed.
|
||||
/// </summary>
|
||||
public bool FlexibleCollections { get; set; }
|
||||
|
||||
|
@ -438,9 +438,6 @@ public class OrganizationService : IOrganizationService
|
||||
|
||||
ValidatePlan(plan, signup.AdditionalSeats, "Password Manager");
|
||||
|
||||
var flexibleCollectionsSignupEnabled =
|
||||
_featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsSignup);
|
||||
|
||||
var flexibleCollectionsV1Enabled =
|
||||
_featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1);
|
||||
|
||||
@ -482,14 +479,12 @@ public class OrganizationService : IOrganizationService
|
||||
// Secrets Manager not available for purchase with Consolidated Billing.
|
||||
UseSecretsManager = false,
|
||||
|
||||
// This feature flag indicates that new organizations should be automatically onboarded to
|
||||
// Flexible Collections enhancements
|
||||
FlexibleCollections = flexibleCollectionsSignupEnabled,
|
||||
// Flexible Collections MVP is fully released and all organizations must always have this setting enabled.
|
||||
// AC-1714 will remove this flag after all old code has been removed.
|
||||
FlexibleCollections = true,
|
||||
|
||||
// These collection management settings smooth the migration for existing organizations by disabling some FC behavior.
|
||||
// If the organization is onboarded to Flexible Collections on signup, we turn them OFF to enable all new behaviour.
|
||||
// If the organization is NOT onboarded now, they will have to be migrated later, so they default to ON to limit FC changes on migration.
|
||||
LimitCollectionCreationDeletion = !flexibleCollectionsSignupEnabled,
|
||||
// This is a transitional setting that defaults to ON until Flexible Collections v1 is released
|
||||
// (to preserve existing behavior) and defaults to OFF after release (enabling new behavior)
|
||||
AllowAdminAccessToAllCollectionItems = !flexibleCollectionsV1Enabled
|
||||
};
|
||||
|
||||
@ -533,9 +528,6 @@ public class OrganizationService : IOrganizationService
|
||||
await ValidateSignUpPoliciesAsync(signup.Owner.Id);
|
||||
}
|
||||
|
||||
var flexibleCollectionsSignupEnabled =
|
||||
_featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsSignup);
|
||||
|
||||
var flexibleCollectionsV1IsEnabled =
|
||||
_featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1);
|
||||
|
||||
@ -577,14 +569,12 @@ public class OrganizationService : IOrganizationService
|
||||
UsePasswordManager = true,
|
||||
UseSecretsManager = signup.UseSecretsManager,
|
||||
|
||||
// This feature flag indicates that new organizations should be automatically onboarded to
|
||||
// Flexible Collections enhancements
|
||||
FlexibleCollections = flexibleCollectionsSignupEnabled,
|
||||
// Flexible Collections MVP is fully released and all organizations must always have this setting enabled.
|
||||
// AC-1714 will remove this flag after all old code has been removed.
|
||||
FlexibleCollections = true,
|
||||
|
||||
// These collection management settings smooth the migration for existing organizations by disabling some FC behavior.
|
||||
// If the organization is onboarded to Flexible Collections on signup, we turn them OFF to enable all new behaviour.
|
||||
// If the organization is NOT onboarded now, they will have to be migrated later, so they default to ON to limit FC changes on migration.
|
||||
LimitCollectionCreationDeletion = !flexibleCollectionsSignupEnabled,
|
||||
// This is a transitional setting that defaults to ON until Flexible Collections v1 is released
|
||||
// (to preserve existing behavior) and defaults to OFF after release (enabling new behavior)
|
||||
AllowAdminAccessToAllCollectionItems = !flexibleCollectionsV1IsEnabled
|
||||
};
|
||||
|
||||
@ -665,9 +655,6 @@ public class OrganizationService : IOrganizationService
|
||||
|
||||
await ValidateSignUpPoliciesAsync(owner.Id);
|
||||
|
||||
var flexibleCollectionsSignupEnabled =
|
||||
_featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsSignup);
|
||||
|
||||
var organization = new Organization
|
||||
{
|
||||
Name = license.Name,
|
||||
@ -713,7 +700,7 @@ public class OrganizationService : IOrganizationService
|
||||
|
||||
// This feature flag indicates that new organizations should be automatically onboarded to
|
||||
// Flexible Collections enhancements
|
||||
FlexibleCollections = flexibleCollectionsSignupEnabled,
|
||||
FlexibleCollections = true,
|
||||
};
|
||||
|
||||
var result = await SignUpAsync(organization, owner.Id, ownerKey, collectionName, false);
|
||||
|
@ -115,10 +115,6 @@ public static class FeatureFlagKeys
|
||||
public const string KeyRotationImprovements = "key-rotation-improvements";
|
||||
public const string DuoRedirect = "duo-redirect";
|
||||
/// <summary>
|
||||
/// Enables flexible collections improvements for new organizations on creation
|
||||
/// </summary>
|
||||
public const string FlexibleCollectionsSignup = "flexible-collections-signup";
|
||||
/// <summary>
|
||||
/// Exposes a migration button in the web vault which allows users to migrate an existing organization to
|
||||
/// flexible collections
|
||||
/// </summary>
|
||||
@ -151,8 +147,7 @@ public static class FeatureFlagKeys
|
||||
return new Dictionary<string, string>()
|
||||
{
|
||||
{ DuoRedirect, "true" },
|
||||
{ UnassignedItemsBanner, "true"},
|
||||
{ FlexibleCollectionsSignup, "true" }
|
||||
{ UnassignedItemsBanner, "true"}
|
||||
};
|
||||
}
|
||||
}
|
||||
|
@ -252,7 +252,7 @@ public class OrganizationServiceTests
|
||||
|
||||
[Theory]
|
||||
[BitAutoData(PlanType.FamiliesAnnually)]
|
||||
public async Task SignUp_WithFlexibleCollections_SetsAccessAllToFalse
|
||||
public async Task SignUp_EnablesFlexibleCollectionsFeatures
|
||||
(PlanType planType, OrganizationSignup signup, SutProvider<OrganizationService> sutProvider)
|
||||
{
|
||||
signup.Plan = planType;
|
||||
@ -261,10 +261,6 @@ public class OrganizationServiceTests
|
||||
signup.PremiumAccessAddon = false;
|
||||
signup.UseSecretsManager = false;
|
||||
|
||||
sutProvider.GetDependency<IFeatureService>()
|
||||
.IsEnabled(FeatureFlagKeys.FlexibleCollectionsSignup)
|
||||
.Returns(true);
|
||||
|
||||
// Extract orgUserId when created
|
||||
Guid? orgUserId = null;
|
||||
await sutProvider.GetDependency<IOrganizationUserRepository>()
|
||||
@ -272,6 +268,10 @@ public class OrganizationServiceTests
|
||||
|
||||
var result = await sutProvider.Sut.SignUpAsync(signup);
|
||||
|
||||
// Assert: Organization.FlexibleCollections is enabled
|
||||
await sutProvider.GetDependency<IOrganizationRepository>().Received(1)
|
||||
.CreateAsync(Arg.Is<Organization>(o => o.FlexibleCollections));
|
||||
|
||||
// Assert: AccessAll is not used
|
||||
await sutProvider.GetDependency<IOrganizationUserRepository>().Received(1).CreateAsync(
|
||||
Arg.Is<OrganizationUser>(o =>
|
||||
@ -295,33 +295,6 @@ public class OrganizationServiceTests
|
||||
Assert.NotNull(result.Item2);
|
||||
}
|
||||
|
||||
[Theory]
|
||||
[BitAutoData(PlanType.FamiliesAnnually)]
|
||||
public async Task SignUp_WithoutFlexibleCollections_SetsAccessAllToTrue
|
||||
(PlanType planType, OrganizationSignup signup, SutProvider<OrganizationService> sutProvider)
|
||||
{
|
||||
signup.Plan = planType;
|
||||
var plan = StaticStore.GetPlan(signup.Plan);
|
||||
signup.AdditionalSeats = 0;
|
||||
signup.PaymentMethodType = PaymentMethodType.Card;
|
||||
signup.PremiumAccessAddon = false;
|
||||
signup.UseSecretsManager = false;
|
||||
|
||||
sutProvider.GetDependency<IFeatureService>()
|
||||
.IsEnabled(FeatureFlagKeys.FlexibleCollectionsSignup)
|
||||
.Returns(false);
|
||||
|
||||
var result = await sutProvider.Sut.SignUpAsync(signup);
|
||||
|
||||
await sutProvider.GetDependency<IOrganizationUserRepository>().Received(1).CreateAsync(
|
||||
Arg.Is<OrganizationUser>(o =>
|
||||
o.UserId == signup.Owner.Id &&
|
||||
o.AccessAll == true));
|
||||
|
||||
Assert.NotNull(result.Item1);
|
||||
Assert.NotNull(result.Item2);
|
||||
}
|
||||
|
||||
[Theory]
|
||||
[BitAutoData(PlanType.EnterpriseAnnually)]
|
||||
[BitAutoData(PlanType.EnterpriseMonthly)]
|
||||
|
Loading…
Reference in New Issue
Block a user