Refactor PersonalOwnership Policy Requirement implementation

- Add PersonalOwnershipPolicyRequirementFactory to replace static Create method
- Simplify policy requirement creation logic
- Update PolicyServiceCollectionExtensions to register new factory
- Update ImportCiphersCommand to use correct user ID parameter
- Remove redundant PersonalOwnershipPolicyRequirementTests

Author: r-tome

src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/PersonalOwnershipPolicyRequirement.cs

@@ -1,6 +1,5 @@
 using Bit.Core.AdminConsole.Enums;
 using Bit.Core.AdminConsole.Models.Data.Organizations.Policies;
-using Bit.Core.Enums;
 
 namespace Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements;
 
@@ -13,27 +12,15 @@ public class PersonalOwnershipPolicyRequirement : IPolicyRequirement
     /// Indicates whether Personal Ownership is disabled for the user. If true, members are required to save items to an organization.
     /// </summary>
     public bool DisablePersonalOwnership { get; init; }
+}
 
-    /// <summary>
-    /// Creates a new PersonalOwnershipPolicyRequirement.
-    /// </summary>
-    /// <param name="policyDetails">All PolicyDetails relating to the user.</param>
-    /// <remarks>
-    /// This is a <see cref="RequirementFactory{T}"/> for the PersonalOwnershipPolicyRequirement.
-    /// </remarks>
-    public static PersonalOwnershipPolicyRequirement Create(IEnumerable<PolicyDetails> policyDetails)
-    {
-        var filteredPolicies = policyDetails
-            .ExemptRoles([OrganizationUserType.Owner, OrganizationUserType.Admin])
-            .ExemptStatus([OrganizationUserStatusType.Invited, OrganizationUserStatusType.Revoked])
-            .ExemptProviders()
-            .ToList();
-
-        var result = new PersonalOwnershipPolicyRequirement
-        {
-            DisablePersonalOwnership = filteredPolicies.GetPolicyType(PolicyType.PersonalOwnership).Any()
-        };
+public class PersonalOwnershipPolicyRequirementFactory : BasePolicyRequirementFactory<PersonalOwnershipPolicyRequirement>
+{
+    public override PolicyType PolicyType => PolicyType.PersonalOwnership;
 
+    public override PersonalOwnershipPolicyRequirement Create(IEnumerable<PolicyDetails> policyDetails)
+    {
+        var result = new PersonalOwnershipPolicyRequirement { DisablePersonalOwnership = policyDetails.Any() };
         return result;
     }
 }

src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyServiceCollectionExtensions.cs

@@ -33,5 +33,6 @@ private static void AddPolicyRequirements(this IServiceCollection services)
     {
         services.AddScoped<IPolicyRequirementFactory<IPolicyRequirement>, DisableSendPolicyRequirementFactory>();
         services.AddScoped<IPolicyRequirementFactory<IPolicyRequirement>, SendOptionsPolicyRequirementFactory>();
+        services.AddScoped<IPolicyRequirementFactory<IPolicyRequirement>, PersonalOwnershipPolicyRequirementFactory>();
     }
 }

src/Core/Tools/ImportFeatures/ImportCiphersCommand.cs

@@ -66,8 +66,8 @@ public async Task ImportIntoIndividualVaultAsync(
     {
         // Make sure the user can save new ciphers to their personal vault
         var isPersonalVaultRestricted = _featureService.IsEnabled(FeatureFlagKeys.PolicyRequirements)
-            ? (await _policyRequirementQuery.GetAsync<PersonalOwnershipPolicyRequirement>(userId.Value)).DisablePersonalOwnership
-            : await _policyService.AnyPoliciesApplicableToUserAsync(userId.Value, PolicyType.PersonalOwnership);
+            ? (await _policyRequirementQuery.GetAsync<PersonalOwnershipPolicyRequirement>(importingUserId)).DisablePersonalOwnership
+            : await _policyService.AnyPoliciesApplicableToUserAsync(importingUserId, PolicyType.PersonalOwnership);
 
         if (isPersonalVaultRestricted)
         {

test/Core.Test/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/PersonalOwnershipPolicyRequirementFactoryTests.cs

@@ -0,0 +1,90 @@
+using Bit.Core.AdminConsole.Enums;
+using Bit.Core.AdminConsole.Models.Data.Organizations.Policies;
+using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements;
+using Bit.Core.Enums;
+using Bit.Core.Test.AdminConsole.AutoFixture;
+using Bit.Test.Common.AutoFixture;
+using Bit.Test.Common.AutoFixture.Attributes;
+using Xunit;
+
+namespace Bit.Core.Test.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements;
+
+[SutProviderCustomize]
+public class PersonalOwnershipPolicyRequirementFactoryTests
+{
+    [Theory, BitAutoData]
+    public void DisablePersonalOwnership_WithNoPolicies_ReturnsFalse(SutProvider<PersonalOwnershipPolicyRequirementFactory> sutProvider)
+    {
+        var actual = sutProvider.Sut.Create([]);
+
+        Assert.False(actual.DisablePersonalOwnership);
+    }
+
+    [Theory, BitAutoData]
+    public void DisablePersonalOwnership_WithNonPersonalOwnershipPolicies_ReturnsFalse(
+        [PolicyDetails(PolicyType.RequireSso)] PolicyDetails otherPolicy1,
+        [PolicyDetails(PolicyType.SendOptions)] PolicyDetails otherPolicy2,
+        SutProvider<PersonalOwnershipPolicyRequirementFactory> sutProvider)
+    {
+        var actual = sutProvider.Sut.Create([otherPolicy1, otherPolicy2]);
+
+        Assert.False(actual.DisablePersonalOwnership);
+    }
+
+    [Theory, BitAutoData]
+    public void DisablePersonalOwnership_WithPersonalOwnershipPolicies_ReturnsTrue(
+        [PolicyDetails(PolicyType.PersonalOwnership)] PolicyDetails[] policies,
+        SutProvider<PersonalOwnershipPolicyRequirementFactory> sutProvider
+        )
+    {
+        var actual = sutProvider.Sut.Create(policies);
+
+        Assert.True(actual.DisablePersonalOwnership);
+    }
+
+    [Theory, BitAutoData]
+    public void DisablePersonalOwnership_WithProviderUserParameter_ReturnsFalse(
+        [PolicyDetails(PolicyType.PersonalOwnership, isProvider: true)] PolicyDetails policyDetails,
+        SutProvider<PersonalOwnershipPolicyRequirementFactory> sutProvider)
+    {
+        var actual = sutProvider.Sut.Create([policyDetails]);
+
+        Assert.False(actual.DisablePersonalOwnership);
+    }
+
+    [Theory]
+    [BitAutoData(OrganizationUserType.Owner, false)]
+    [BitAutoData(OrganizationUserType.Admin, false)]
+    [BitAutoData(OrganizationUserType.User, true)]
+    [BitAutoData(OrganizationUserType.Custom, true)]
+    public void DisablePersonalOwnership_RespectsExemptRoles(
+        OrganizationUserType userType,
+        bool shouldBeEnforced,
+        [PolicyDetails(PolicyType.PersonalOwnership)] PolicyDetails policyDetails,
+        SutProvider<PersonalOwnershipPolicyRequirementFactory> sutProvider)
+    {
+        policyDetails.OrganizationUserType = userType;
+
+        var actual = sutProvider.Sut.Create([policyDetails]);
+
+        Assert.Equal(shouldBeEnforced, actual.DisablePersonalOwnership);
+    }
+
+    [Theory]
+    [BitAutoData(OrganizationUserStatusType.Confirmed, true)]
+    [BitAutoData(OrganizationUserStatusType.Accepted, true)]
+    [BitAutoData(OrganizationUserStatusType.Invited, false)]
+    [BitAutoData(OrganizationUserStatusType.Revoked, false)]
+    public void DisablePersonalOwnership_RespectsExemptStatuses(
+        OrganizationUserStatusType userStatus,
+        bool shouldBeEnforced,
+        [PolicyDetails(PolicyType.PersonalOwnership)] PolicyDetails policyDetails,
+        SutProvider<PersonalOwnershipPolicyRequirementFactory> sutProvider)
+    {
+        policyDetails.OrganizationUserStatus = userStatus;
+
+        var actual = sutProvider.Sut.Create([policyDetails]);
+
+        Assert.Equal(shouldBeEnforced, actual.DisablePersonalOwnership);
+    }
+}

test/Core.Test/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/PersonalOwnershipPolicyRequirementTests.cs

@@ -1,65 +1 @@
-using AutoFixture.Xunit2;
-using Bit.Core.AdminConsole.Enums;
-using Bit.Core.AdminConsole.Models.Data.Organizations.Policies;
-using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements;
-using Bit.Core.Enums;
-using Bit.Core.Test.AdminConsole.AutoFixture;
-using Xunit;
-
-namespace Bit.Core.Test.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements;
-
-public class PersonalOwnershipPolicyRequirementTests
-{
-    [Theory, AutoData]
-    public void Create_WithNonPersonalOwnershipPolicies_ReturnsDisablePersonalOwnershipFalse(
-        [PolicyDetails(PolicyType.RequireSso)] PolicyDetails otherPolicy1,
-        [PolicyDetails(PolicyType.SendOptions)] PolicyDetails otherPolicy2)
-    {
-        var actual = PersonalOwnershipPolicyRequirement.Create([otherPolicy1, otherPolicy2]);
-
-        Assert.False(actual.DisablePersonalOwnership);
-    }
-
-    [Theory]
-    [InlineAutoData(OrganizationUserType.Owner, false)]
-    [InlineAutoData(OrganizationUserType.Admin, false)]
-    [InlineAutoData(OrganizationUserType.User, true)]
-    [InlineAutoData(OrganizationUserType.Custom, true)]
-    public void Create_WithDifferentOrganizationUserTypes_ReturnsExpectedEnforcement(
-        OrganizationUserType userType,
-        bool shouldBeEnforced,
-        [PolicyDetails(PolicyType.PersonalOwnership)] PolicyDetails policyDetails)
-    {
-        policyDetails.OrganizationUserType = userType;
-
-        var actual = PersonalOwnershipPolicyRequirement.Create([policyDetails]);
-
-        Assert.Equal(shouldBeEnforced, actual.DisablePersonalOwnership);
-    }
-
-    [Theory, AutoData]
-    public void Create_WithProviderPolicyDetails_ReturnsDisablePersonalOwnershipFalse(
-        [PolicyDetails(PolicyType.PersonalOwnership, isProvider: true)] PolicyDetails policyDetails)
-    {
-        var actual = PersonalOwnershipPolicyRequirement.Create([policyDetails]);
-
-        Assert.False(actual.DisablePersonalOwnership);
-    }
-
-    [Theory]
-    [InlineAutoData(OrganizationUserStatusType.Confirmed, true)]
-    [InlineAutoData(OrganizationUserStatusType.Accepted, true)]
-    [InlineAutoData(OrganizationUserStatusType.Invited, false)]
-    [InlineAutoData(OrganizationUserStatusType.Revoked, false)]
-    public void Create_WithDifferentOrganizationUserStatuses_ReturnsExpectedEnforcement(
-        OrganizationUserStatusType userStatus,
-        bool shouldBeEnforced,
-        [PolicyDetails(PolicyType.PersonalOwnership)] PolicyDetails policyDetails)
-    {
-        policyDetails.OrganizationUserStatus = userStatus;
-
-        var actual = PersonalOwnershipPolicyRequirement.Create([policyDetails]);
-
-        Assert.Equal(shouldBeEnforced, actual.DisablePersonalOwnership);
-    }
-}
+

test/Core.Test/Tools/ImportFeatures/ImportCiphersAsyncCommandTests.cs

@@ -75,7 +75,7 @@ public async Task ImportIntoIndividualVaultAsync_WithPolicyRequirementsEnabled_W
 
         var folderRelationships = new List<KeyValuePair<int, int>>();
 
-        await sutProvider.Sut.ImportIntoIndividualVaultAsync(folders, ciphers, folderRelationships);
+        await sutProvider.Sut.ImportIntoIndividualVaultAsync(folders, ciphers, folderRelationships, importingUserId);
 
         await sutProvider.GetDependency<ICipherRepository>().Received(1).CreateAsync(ciphers, Arg.Any<List<Folder>>());
         await sutProvider.GetDependency<IPushNotificationService>().Received(1).PushSyncVaultAsync(importingUserId);
@@ -124,7 +124,7 @@ public async Task ImportIntoIndividualVaultAsync_WithPolicyRequirementsEnabled_W
         var folderRelationships = new List<KeyValuePair<int, int>>();
 
         var exception = await Assert.ThrowsAsync<BadRequestException>(() =>
-            sutProvider.Sut.ImportIntoIndividualVaultAsync(folders, ciphers, folderRelationships));
+            sutProvider.Sut.ImportIntoIndividualVaultAsync(folders, ciphers, folderRelationships, userId));
 
         Assert.Equal("You cannot import items into your personal vault because you are a member of an organization which forbids it.", exception.Message);
     }