[PM-13790] Remove RefactorOrganizationUserApi feature flag

src/Api/AdminConsole/Controllers/OrganizationUsersController.cs

@@ -116,7 +116,6 @@ public async Task<OrganizationUserDetailsResponseModel> Get(string id, bool incl
     }
 
     [HttpGet("mini-details")]
-    [RequireFeature(FeatureFlagKeys.Pm3478RefactorOrganizationUserApi)]
     public async Task<ListResponseModel<OrganizationUserUserMiniDetailsResponseModel>> GetMiniDetails(Guid orgId)
     {
         var authorizationResult = await _authorizationService.AuthorizeAsync(User, new OrganizationScope(orgId),

src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/Authorization/OrganizationUserUserDetailsAuthorizationHandler.cs

@@ -1,7 +1,6 @@
 #nullable enable
 using Bit.Core.Context;
 using Bit.Core.Enums;
-using Bit.Core.Services;
 using Microsoft.AspNetCore.Authorization;
 
 namespace Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.Authorization;
@@ -10,12 +9,10 @@ public class OrganizationUserUserDetailsAuthorizationHandler
     : AuthorizationHandler<OrganizationUserUserDetailsOperationRequirement, OrganizationScope>
 {
     private readonly ICurrentContext _currentContext;
-    private readonly IFeatureService _featureService;
 
-    public OrganizationUserUserDetailsAuthorizationHandler(ICurrentContext currentContext, IFeatureService featureService)
+    public OrganizationUserUserDetailsAuthorizationHandler(ICurrentContext currentContext)
     {
         _currentContext = currentContext;
-        _featureService = featureService;
     }
 
     protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context,
@@ -37,29 +34,6 @@ protected override async Task HandleRequirementAsync(AuthorizationHandlerContext
     }
 
     private async Task<bool> CanReadAllAsync(Guid organizationId)
-    {
-        if (_featureService.IsEnabled(FeatureFlagKeys.Pm3478RefactorOrganizationUserApi))
-        {
-            return await CanReadAllAsync_vNext(organizationId);
-        }
-
-        return await CanReadAllAsync_vCurrent(organizationId);
-    }
-
-    private async Task<bool> CanReadAllAsync_vCurrent(Guid organizationId)
-    {
-        // All users of an organization can read all other users of that organization for collection access management
-        var org = _currentContext.GetOrganization(organizationId);
-        if (org is not null)
-        {
-            return true;
-        }
-
-        // Allow provider users to read all organization users if they are a provider for the target organization
-        return await _currentContext.ProviderUserForOrgAsync(organizationId);
-    }
-
-    private async Task<bool> CanReadAllAsync_vNext(Guid organizationId)
     {
         // Admins can access this for general user management
         var organization = _currentContext.GetOrganization(organizationId);

src/Core/Constants.cs

@@ -142,7 +142,6 @@ public static class FeatureFlagKeys
     public const string EnableNewCardCombinedExpiryAutofill = "enable-new-card-combined-expiry-autofill";
     public const string StorageReseedRefactor = "storage-reseed-refactor";
     public const string TrialPayment = "PM-8163-trial-payment";
-    public const string Pm3478RefactorOrganizationUserApi = "pm-3478-refactor-organizationuser-api";
     public const string RemoveServerVersionHeader = "remove-server-version-header";
     public const string AccessIntelligence = "pm-13227-access-intelligence";
     public const string VerifiedSsoDomainEndpoint = "pm-12337-refactor-sso-details-endpoint";

test/Core.Test/AdminConsole/Authorization/OrganizationUserUserDetailsAuthorizationHandlerTests.cs

@@ -2,7 +2,6 @@
 using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.Authorization;
 using Bit.Core.Context;
 using Bit.Core.Enums;
-using Bit.Core.Services;
 using Bit.Core.Test.AdminConsole.AutoFixture;
 using Bit.Test.Common.AutoFixture;
 using Bit.Test.Common.AutoFixture.Attributes;
@@ -24,7 +23,6 @@ public async Task ReadAll_Admins_Success(
         CurrentContextOrganization organization,
         SutProvider<OrganizationUserUserDetailsAuthorizationHandler> sutProvider)
     {
-        EnableFeatureFlag(sutProvider);
         organization.Type = userType;
         sutProvider.GetDependency<ICurrentContext>().GetOrganization(organization.Id).Returns(organization);
 
@@ -48,7 +46,6 @@ public async Task ReadAll_ProviderUser_Success(
         CurrentContextOrganization organization,
         SutProvider<OrganizationUserUserDetailsAuthorizationHandler> sutProvider)
     {
-        EnableFeatureFlag(sutProvider);
         organization.Type = OrganizationUserType.User;
         sutProvider.GetDependency<ICurrentContext>()
             .ProviderUserForOrgAsync(organization.Id)
@@ -69,7 +66,6 @@ public async Task ReadAll_User_NoSuccess(
         CurrentContextOrganization organization,
         SutProvider<OrganizationUserUserDetailsAuthorizationHandler> sutProvider)
     {
-        EnableFeatureFlag(sutProvider);
         organization.Type = OrganizationUserType.User;
         sutProvider.GetDependency<ICurrentContext>().GetOrganization(Arg.Any<Guid>()).Returns(organization);
         sutProvider.GetDependency<ICurrentContext>().ProviderUserForOrgAsync(Arg.Any<Guid>()).Returns(false);
@@ -88,78 +84,6 @@ public async Task ReadAll_User_NoSuccess(
     public async Task ReadAll_NotMember_NoSuccess(
         CurrentContextOrganization organization,
         SutProvider<OrganizationUserUserDetailsAuthorizationHandler> sutProvider)
-    {
-        EnableFeatureFlag(sutProvider);
-        var context = new AuthorizationHandlerContext(
-            new[] { OrganizationUserUserDetailsOperations.ReadAll },
-            new ClaimsPrincipal(),
-            new OrganizationScope(organization.Id)
-        );
-
-        sutProvider.GetDependency<ICurrentContext>().GetOrganization(Arg.Any<Guid>()).Returns((CurrentContextOrganization)null);
-        sutProvider.GetDependency<ICurrentContext>().ProviderUserForOrgAsync(Arg.Any<Guid>()).Returns(false);
-
-        await sutProvider.Sut.HandleAsync(context);
-        Assert.False(context.HasSucceeded);
-    }
-
-    private void EnableFeatureFlag(SutProvider<OrganizationUserUserDetailsAuthorizationHandler> sutProvider)
-    {
-        sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.Pm3478RefactorOrganizationUserApi)
-            .Returns(true);
-    }
-
-    // TESTS WITH FLAG DISABLED - TO BE DELETED IN FLAG CLEANUP
-
-    [Theory, CurrentContextOrganizationCustomize]
-    [BitAutoData(OrganizationUserType.Admin)]
-    [BitAutoData(OrganizationUserType.Owner)]
-    [BitAutoData(OrganizationUserType.User)]
-    [BitAutoData(OrganizationUserType.Custom)]
-    public async Task FlagDisabled_ReadAll_AnyMemberOfOrg_Success(
-        OrganizationUserType userType,
-        Guid userId, SutProvider<OrganizationUserUserDetailsAuthorizationHandler> sutProvider,
-        CurrentContextOrganization organization)
-    {
-        organization.Type = userType;
-
-        var context = new AuthorizationHandlerContext(
-            new[] { OrganizationUserUserDetailsOperations.ReadAll },
-            new ClaimsPrincipal(),
-            new OrganizationScope(organization.Id));
-
-        sutProvider.GetDependency<ICurrentContext>().UserId.Returns(userId);
-        sutProvider.GetDependency<ICurrentContext>().GetOrganization(organization.Id).Returns(organization);
-
-        await sutProvider.Sut.HandleAsync(context);
-
-        Assert.True(context.HasSucceeded);
-    }
-
-    [Theory, BitAutoData, CurrentContextOrganizationCustomize]
-    public async Task FlagDisabled_ReadAll_ProviderUser_Success(
-        CurrentContextOrganization organization,
-        SutProvider<OrganizationUserUserDetailsAuthorizationHandler> sutProvider)
-    {
-        organization.Type = OrganizationUserType.User;
-        sutProvider.GetDependency<ICurrentContext>()
-            .ProviderUserForOrgAsync(organization.Id)
-            .Returns(true);
-
-        var context = new AuthorizationHandlerContext(
-            new[] { OrganizationUserUserDetailsOperations.ReadAll },
-            new ClaimsPrincipal(),
-            new OrganizationScope(organization.Id));
-
-        await sutProvider.Sut.HandleAsync(context);
-
-        Assert.True(context.HasSucceeded);
-    }
-
-    [Theory, BitAutoData]
-    public async Task FlagDisabled_ReadAll_NotMember_NoSuccess(
-        CurrentContextOrganization organization,
-        SutProvider<OrganizationUserUserDetailsAuthorizationHandler> sutProvider)
     {
         var context = new AuthorizationHandlerContext(
             new[] { OrganizationUserUserDetailsOperations.ReadAll },