[PM-31885] Consolidate all Send policies to a single policy #7113
+838
β2
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| ο»Ώusing System.ComponentModel.DataAnnotations; | ||
|
|
||
| namespace Bit.Core.AdminConsole.Models.Data.Organizations.Policies; | ||
|
|
||
| public class SendControlsPolicyData : IPolicyDataModel | ||
| { | ||
| [Display(Name = "DisableSend")] | ||
| public bool DisableSend { get; set; } | ||
| [Display(Name = "DisableHideEmail")] | ||
| public bool DisableHideEmail { get; set; } | ||
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| ο»Ώusing Bit.Core.AdminConsole.Enums; | ||
| using Bit.Core.AdminConsole.Models.Data.Organizations.Policies; | ||
|
|
||
| namespace Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements; | ||
|
|
||
| /// <summary> | ||
| /// Policy requirements for the Send Controls policy. | ||
| /// Supersedes DisableSend and SendOptions when the pm-31885-send-controls feature flag is active. | ||
| /// </summary> | ||
| public class SendControlsPolicyRequirement : IPolicyRequirement | ||
| { | ||
| /// <summary> | ||
| /// Indicates whether Send is disabled for the user. If true, the user should not be able to create or edit Sends. | ||
| /// They may still delete existing Sends. | ||
| /// </summary> | ||
| public bool DisableSend { get; init; } | ||
|
|
||
| /// <summary> | ||
| /// Indicates whether the user is prohibited from hiding their email from the recipient of a Send. | ||
| /// </summary> | ||
| public bool DisableHideEmail { get; init; } | ||
| } | ||
|
|
||
| public class SendControlsPolicyRequirementFactory : BasePolicyRequirementFactory<SendControlsPolicyRequirement> | ||
| { | ||
| public override PolicyType PolicyType => PolicyType.SendControls; | ||
|
|
||
| public override SendControlsPolicyRequirement Create(IEnumerable<PolicyDetails> policyDetails) | ||
| { | ||
| return policyDetails | ||
| .Select(p => p.GetDataModel<SendControlsPolicyData>()) | ||
| .Aggregate( | ||
| new SendControlsPolicyRequirement(), | ||
| (result, data) => new SendControlsPolicyRequirement | ||
| { | ||
| DisableSend = result.DisableSend || data.DisableSend, | ||
| DisableHideEmail = result.DisableHideEmail || data.DisableHideEmail, | ||
| }); | ||
| } | ||
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,54 @@ | ||
| ο»Ώusing Bit.Core.AdminConsole.Entities; | ||
| using Bit.Core.AdminConsole.Enums; | ||
| using Bit.Core.AdminConsole.Models.Data.Organizations.Policies; | ||
| using Bit.Core.AdminConsole.OrganizationFeatures.Policies.Models; | ||
| using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyUpdateEvents.Interfaces; | ||
| using Bit.Core.AdminConsole.Repositories; | ||
| using Bit.Core.Utilities; | ||
|
|
||
| namespace Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyValidators; | ||
|
|
||
| /// <summary> | ||
| /// Syncs changes to the DisableSend policy into the SendControls policy row. | ||
| /// Runs regardless of the pm-31885-send-controls feature flag to ensure SendControls | ||
| /// always stays current for when the flag is eventually enabled. | ||
| /// </summary> | ||
| public class DisableSendSyncPolicyEvent(IPolicyRepository policyRepository) : IOnPolicyPostUpdateEvent | ||
| { | ||
| public PolicyType Type => PolicyType.DisableSend; | ||
|
|
||
| public async Task ExecutePostUpsertSideEffectAsync( | ||
| SavePolicyModel policyRequest, | ||
| Policy postUpsertedPolicyState, | ||
| Policy? previousPolicyState) | ||
| { | ||
| var organizationId = policyRequest.PolicyUpdate.OrganizationId; | ||
|
|
||
| // Step 1: sync DisableSend.Enabled -> SendControlsPolicy.Data.DisableSend | ||
| var sendControlsPolicy = await policyRepository.GetByOrganizationIdTypeAsync( | ||
| organizationId, PolicyType.SendControls) ?? new Policy | ||
| { | ||
| Id = CoreHelpers.GenerateComb(), | ||
| OrganizationId = organizationId, | ||
| Type = PolicyType.SendControls, | ||
| }; | ||
|
|
||
| var sendOptionsPolicy = await policyRepository.GetByOrganizationIdTypeAsync( | ||
| organizationId, PolicyType.SendOptions); | ||
|
|
||
| var sendControlsPolicyData = sendControlsPolicy.GetDataModel<SendControlsPolicyData>(); | ||
| sendControlsPolicyData.DisableSend = postUpsertedPolicyState.Enabled; | ||
| if (sendOptionsPolicy?.Enabled == true) | ||
| { | ||
| sendControlsPolicyData.DisableHideEmail = | ||
| sendOptionsPolicy.GetDataModel<SendOptionsPolicyData>().DisableHideEmail; | ||
| } | ||
|
|
||
| sendControlsPolicy.SetDataModel(sendControlsPolicyData); | ||
|
|
||
| // Step 2: sync Enabled status. SendControlsPolicy is enabled if either legacy policy is enabled | ||
| sendControlsPolicy.Enabled = postUpsertedPolicyState.Enabled || (sendOptionsPolicy?.Enabled ?? false); | ||
|
|
||
| await policyRepository.UpsertAsync(sendControlsPolicy); | ||
| } | ||
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,74 @@ | ||
| ο»Ώusing Bit.Core.AdminConsole.Entities; | ||
| using Bit.Core.AdminConsole.Enums; | ||
| using Bit.Core.AdminConsole.Models.Data.Organizations.Policies; | ||
| using Bit.Core.AdminConsole.OrganizationFeatures.Policies.Models; | ||
| using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyUpdateEvents.Interfaces; | ||
| using Bit.Core.AdminConsole.Repositories; | ||
| using Bit.Core.Utilities; | ||
|
|
||
| namespace Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyValidators; | ||
|
|
||
| /// <summary> | ||
| /// When the pm-31885-send-controls flag is active, syncs changes to the SendControls policy | ||
| /// back into the legacy DisableSend and SendOptions policy rows, enabling safe rollback. | ||
| /// </summary> | ||
| public class SendControlsSyncPolicyEvent( | ||
| IPolicyRepository policyRepository, | ||
| TimeProvider timeProvider) : IOnPolicyPostUpdateEvent | ||
| { | ||
| public PolicyType Type => PolicyType.SendControls; | ||
|
|
||
| public async Task ExecutePostUpsertSideEffectAsync( | ||
| SavePolicyModel policyRequest, | ||
| Policy postUpsertedPolicyState, | ||
| Policy? previousPolicyState) | ||
| { | ||
| var policyUpdate = policyRequest.PolicyUpdate; | ||
|
|
||
| var sendControlsPolicy = await policyRepository.GetByOrganizationIdTypeAsync( | ||
| policyUpdate.OrganizationId, PolicyType.SendControls) ?? new Policy | ||
| { | ||
| Id = CoreHelpers.GenerateComb(), | ||
| OrganizationId = policyUpdate.OrganizationId, | ||
| Type = PolicyType.SendControls, | ||
| }; | ||
|
|
||
| var sendControlsPolicyData = | ||
| sendControlsPolicy.GetDataModel<SendControlsPolicyData>(); | ||
|
|
||
| await UpsertLegacyPolicyAsync( | ||
| policyRequest.PolicyUpdate.OrganizationId, | ||
| PolicyType.DisableSend, | ||
| enabled: postUpsertedPolicyState.Enabled && sendControlsPolicyData.DisableSend, | ||
| policyData: null); | ||
|
|
||
| var sendOptionsData = new SendOptionsPolicyData { DisableHideEmail = sendControlsPolicyData.DisableHideEmail }; | ||
| await UpsertLegacyPolicyAsync( | ||
| policyRequest.PolicyUpdate.OrganizationId, | ||
| PolicyType.SendOptions, | ||
| enabled: postUpsertedPolicyState.Enabled && sendControlsPolicyData.DisableHideEmail, | ||
| policyData: CoreHelpers.ClassToJsonData(sendOptionsData)); | ||
| } | ||
|
|
||
| private async Task UpsertLegacyPolicyAsync( | ||
| Guid organizationId, | ||
| PolicyType type, | ||
| bool enabled, | ||
| string? policyData) | ||
| { | ||
| var existing = await policyRepository.GetByOrganizationIdTypeAsync(organizationId, type); | ||
|
|
||
| var policy = existing ?? new Policy { OrganizationId = organizationId, Type = type, }; | ||
|
|
||
| if (existing == null) | ||
| { | ||
| policy.SetNewId(); | ||
| } | ||
|
|
||
| policy.Enabled = enabled; | ||
| policy.Data = policyData; | ||
|
Comment on lines
+68
to
+69
Member
There was a problem hiding this comment. Also need to bump the |
||
| policy.RevisionDate = timeProvider.GetUtcNow().UtcDateTime; | ||
|
|
||
| await policyRepository.UpsertAsync(policy); | ||
| } | ||
| } | ||
|
Member
There was a problem hiding this comment. Feedback on the DisableSend version of this class is also relevant here. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,48 @@ | ||
| ο»Ώusing Bit.Core.AdminConsole.Entities; | ||
| using Bit.Core.AdminConsole.Enums; | ||
| using Bit.Core.AdminConsole.Models.Data.Organizations.Policies; | ||
| using Bit.Core.AdminConsole.OrganizationFeatures.Policies.Models; | ||
| using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyUpdateEvents.Interfaces; | ||
| using Bit.Core.AdminConsole.Repositories; | ||
| using Bit.Core.Utilities; | ||
|
|
||
| namespace Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyValidators; | ||
|
|
||
| /// <summary> | ||
| /// Syncs changes to the SendOptions policy into the SendControls policy row. | ||
| /// Runs regardless of the pm-31885-send-controls feature flag to ensure SendControls | ||
| /// always stays current for when the flag is eventually enabled. | ||
| /// </summary> | ||
| public class SendOptionsSyncPolicyEvent(IPolicyRepository policyRepository) : IOnPolicyPostUpdateEvent | ||
| { | ||
| public PolicyType Type => PolicyType.SendOptions; | ||
|
|
||
| public async Task ExecutePostUpsertSideEffectAsync( | ||
| SavePolicyModel policyRequest, | ||
| Policy postUpsertedPolicyState, | ||
| Policy? previousPolicyState) | ||
| { | ||
| var organizationId = policyRequest.PolicyUpdate.OrganizationId; | ||
|
|
||
| // Step 1: sync SendOptionsPolicy.Data.DisableHideEmail -> SendControlsPolicy.Data.DisableHideEmail | ||
| var sendControlsPolicy = await policyRepository.GetByOrganizationIdTypeAsync( | ||
| organizationId, PolicyType.SendControls) ?? new Policy | ||
| { | ||
| Id = CoreHelpers.GenerateComb(), | ||
| OrganizationId = organizationId, | ||
| Type = PolicyType.SendControls, | ||
| }; | ||
|
|
||
| var sendControlsPolicyData = sendControlsPolicy.GetDataModel<SendControlsPolicyData>(); | ||
| sendControlsPolicyData.DisableHideEmail = postUpsertedPolicyState.GetDataModel<SendOptionsPolicyData>().DisableHideEmail; | ||
| sendControlsPolicy.SetDataModel(sendControlsPolicyData); | ||
|
|
||
| // Step 2: sync Enabled status. SendControlsPolicy is enabled if either legacy policy is enabled | ||
| // Optimization: DisableSendPolicy.Enabled maps to SendControlsPolicy.Data.DisableSend - so we can use that | ||
| // as a proxy for that legacy policy state | ||
| sendControlsPolicy.Enabled = postUpsertedPolicyState.Enabled || | ||
| sendControlsPolicyData.DisableSend; | ||
|
|
||
| await policyRepository.UpsertAsync(sendControlsPolicy); | ||
| } | ||
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@eliykat could this be obtained directly using
postUpsertedPolicyState? I might be confused, but I vaguely recall that usingpolicyRepositorywas a deliberate change here, although looking this over it does appear redundant.