server
server copied to clipboard
bitwarden
[AC-2809] Remove unused FlexibleCollections feature flag from Cipher Repository
đī¸ Tracking
https://bitwarden.atlassian.net/browse/AC-2809
đ Objective
In short: remove the unused FlexibleCollections feature flag from the CipherRepository, along with v2 sprocs that were never used and are no longer required.
Longer: OrganizationUser.AccessAll and Group.AccessAll were flags that gave orgUsers access to all organization items. They were deprecated as part of Flexible Collections, however this was a challenge because the flags are evaluated at the database level. The initial approach was to create v2 versions of all sprocs that used AccessAll, and then use a feature flag to switch between the old & new sprocs. This was not workable and was abandoned in favour of a hard data migration - i.e. setting AccessAll to 0 and then removing the logic later. The result is that we still have this feature flag being passed around everywhere even though it was never turned on, and v2 sprocs that were never used.
This PR starts removing this tech debt by removing the feature flag code that was intended to switch between the sprocs. After 1 release, the v2 sprocs will be dropped altogether.
Because we ended up migrating the data first, we don't actually need to update these sprocs at all: they all call UserCipherDetails which can be updated in place (without copying/versioning). It was only the name change rippling outwards that required these sprocs to be updated.
đ¸ Screenshots
â° Reminders before review
- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team
đĻŽ Reviewer guidelines
- đ (
:+1:) or similar for great changes - đ (
:memo:) or âšī¸ (:information_source:) for notes or general info - â (
:question:) for questions - đ¤ (
:thinking:) or đ (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion - đ¨ (
:art:) for suggestions / improvements - â (
:x:) or â ī¸ (:warning:) for more significant problems or concerns needing attention - đą (
:seedling:) or âģī¸ (:recycle:) for future improvements or indications of technical debt - â (
:pick:) for minor or nitpick changes
Codecov Report
Attention: Patch coverage is 11.11111% with 16 lines in your changes missing coverage. Please review.
Project coverage is 40.92%. Comparing base (
b5d42eb) to head (b2e61c4).
Additional details and impacted files
@@ Coverage Diff @@
## main #4282 +/- ##
==========================================
+ Coverage 40.91% 40.92% +0.01%
==========================================
Files 1260 1260
Lines 60111 60094 -17
Branches 5490 5485 -5
==========================================
Hits 24592 24592
+ Misses 34382 34365 -17
Partials 1137 1137
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
Checkmarx One â Scan Summary & Details â 8712ecdd-35dc-4cae-9a72-0527eddea2f4
New Issues
| Severity | Issue | Source File / Package | Checkmarx Insight |
|---|---|---|---|
 |
Missing_HSTS_Header | /src/Billing/Startup.cs: 34 | Attack Vector |
 |
Log_Forging | /src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 456 | Attack Vector |
|
Log_Forging | /src/Billing/Controllers/StripeController.cs: 117 | Attack Vector |
|
Log_Forging | /src/Billing/Controllers/StripeController.cs: 117 | Attack Vector |
|
Log_Forging | /src/Billing/Controllers/StripeController.cs: 117 | Attack Vector |
|
Log_Forging | /src/Billing/Controllers/StripeController.cs: 117 | Attack Vector |
|
Log_Forging | /src/Billing/Controllers/StripeController.cs: 117 | Attack Vector |
|
Log_Forging | /src/Billing/Controllers/StripeController.cs: 117 | Attack Vector |
|
Log_Forging | /src/Billing/Controllers/StripeController.cs: 117 | Attack Vector |
|
Log_Forging | /src/Billing/Controllers/StripeController.cs: 117 | Attack Vector |
|
Log_Forging | /src/Billing/Controllers/StripeController.cs: 117 | Attack Vector |
|
Log_Forging | /src/Billing/Controllers/StripeController.cs: 117 | Attack Vector |
|
Log_Forging | /src/Billing/Controllers/StripeController.cs: 117 | Attack Vector |
Fixed Issues
| Severity | Issue | Source File / Package |
|---|---|---|
|
CSRF | /src/Api/AdminConsole/Controllers/OrganizationsController.cs: 218 |
|
CSRF | /src/Api/Auth/Controllers/TwoFactorController.cs: 411 |
|
CSRF | /src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 345 |
|
CSRF | /src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 92 |
|
CSRF | /src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 121 |
|
Privacy_Violation | /src/Core/Services/Implementations/UserService.cs: 786 |
|
Log_Forging | /src/Billing/Controllers/StripeController.cs: 117 |
|
Log_Forging | /src/Billing/Controllers/StripeController.cs: 117 |
|
Log_Forging | /src/Billing/Controllers/StripeController.cs: 117 |
|
Log_Forging | /src/Billing/Controllers/StripeController.cs: 117 |
|
Log_Forging | /src/Billing/Controllers/StripeController.cs: 117 |
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}