[PM-34146] Add stored procedures for accepted users

Author: JimmyVo16

src/Core/AdminConsole/Repositories/IPolicyRepository.cs

@@ -21,6 +21,15 @@ public interface IPolicyRepository : IRepository<Policy, Guid>
     Task<ICollection<Policy>> GetManyByOrganizationIdAsync(Guid organizationId);
     Task<ICollection<Policy>> GetManyByUserIdAsync(Guid userId);
 
+    /// <summary>
+    /// Gets all policies for a user across organizations where the user is in the Confirmed or Accepted status.
+    /// </summary>
+    /// <remarks>
+    /// WARNING: do not use this to enforce policies against a user! It returns raw data and does not take into account
+    /// various business rules. Use <see cref="IPolicyRequirementQuery"/> instead.
+    /// </remarks>
+    Task<ICollection<Policy>> GetManyConfirmedAndAcceptedByUserAsync(Guid userId);
+
     /// <summary>
     /// Retrieves <see cref="OrganizationPolicyDetails"/> of the specified <paramref name="policyType"/>
     /// for users in the given organization and for any other organizations those users belong to.

src/Infrastructure.Dapper/AdminConsole/Repositories/PolicyRepository.cs

@@ -61,6 +61,19 @@ public async Task<ICollection<Policy>> GetManyByUserIdAsync(Guid userId)
         }
     }
 
+    public async Task<ICollection<Policy>> GetManyConfirmedAndAcceptedByUserAsync(Guid userId)
+    {
+        using (var connection = new SqlConnection(ConnectionString))
+        {
+            var results = await connection.QueryAsync<Policy>(
+                $"[{Schema}].[{Table}_ReadByUserIdWithConfirmedAndAccepted]",
+                new { UserId = userId },
+                commandType: CommandType.StoredProcedure);
+
+            return results.ToList();
+        }
+    }
+
     public async Task<IEnumerable<OrganizationPolicyDetails>> GetPolicyDetailsByUserIdsAndPolicyType(IEnumerable<Guid> userIds, PolicyType type)
     {
         await using var connection = new SqlConnection(ConnectionString);

src/Infrastructure.EntityFramework/AdminConsole/Repositories/PolicyRepository.cs

@@ -56,6 +56,18 @@ public PolicyRepository(IServiceScopeFactory serviceScopeFactory, IMapper mapper
         }
     }
 
+    public async Task<ICollection<AdminConsoleEntities.Policy>> GetManyConfirmedAndAcceptedByUserAsync(Guid userId)
+    {
+        using (var scope = ServiceScopeFactory.CreateScope())
+        {
+            var dbContext = GetDatabaseContext(scope);
+
+            var query = new PolicyReadByUserIdConfirmedAndAcceptedQuery(userId);
+            var results = await query.Run(dbContext).ToListAsync();
+            return Mapper.Map<List<AdminConsoleEntities.Policy>>(results);
+        }
+    }
+
     public async Task<IEnumerable<OrganizationPolicyDetails>> GetPolicyDetailsByOrganizationIdAsync(Guid organizationId, PolicyType policyType)
     {
         using var scope = ServiceScopeFactory.CreateScope();

src/Infrastructure.EntityFramework/AdminConsole/Repositories/Queries/PolicyReadByUserIdConfirmedAndAcceptedQuery.cs

@@ -0,0 +1,31 @@
+using Bit.Core.Enums;
+using Bit.Infrastructure.EntityFramework.AdminConsole.Models;
+using Bit.Infrastructure.EntityFramework.Repositories;
+using Bit.Infrastructure.EntityFramework.Repositories.Queries;
+
+namespace Bit.Infrastructure.EntityFramework.AdminConsole.Repositories.Queries;
+
+public class PolicyReadByUserIdConfirmedAndAcceptedQuery : IQuery<Policy>
+{
+    private readonly Guid _userId;
+
+    public PolicyReadByUserIdConfirmedAndAcceptedQuery(Guid userId)
+    {
+        _userId = userId;
+    }
+
+    public IQueryable<Policy> Run(DatabaseContext dbContext)
+    {
+        var query = from p in dbContext.Policies
+                    join ou in dbContext.OrganizationUsers
+                        on p.OrganizationId equals ou.OrganizationId
+                    join o in dbContext.Organizations
+                        on ou.OrganizationId equals o.Id
+                    where ou.UserId == _userId &&
+                        (ou.Status == OrganizationUserStatusType.Confirmed ||
+                         ou.Status == OrganizationUserStatusType.Accepted)
+                    select p;
+
+        return query;
+    }
+}

src/Sql/dbo/Stored Procedures/Policy_ReadByUserIdWithConfirmedAndAccepted.sql

@@ -0,0 +1,18 @@
+CREATE PROCEDURE [dbo].[Policy_ReadByUserIdWithConfirmedAndAccepted]
+    @UserId UNIQUEIDENTIFIER
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    SELECT
+        P.*
+    FROM
+        [dbo].[PolicyView] P
+    INNER JOIN
+        [dbo].[OrganizationUser] OU ON P.[OrganizationId] = OU.[OrganizationId]
+    INNER JOIN
+        [dbo].[Organization] O ON OU.[OrganizationId] = O.[Id]
+    WHERE
+        OU.[UserId] = @UserId
+        AND OU.[Status] IN (1, 2) -- 1 = Accepted, 2 = Confirmed
+END

util/Migrator/DbScripts/2026-04-06_00_AddPolicy_ReadByUserIdWithConfirmedAndAccepted.sql

@@ -0,0 +1,25 @@
+IF OBJECT_ID('[dbo].[Policy_ReadByUserIdWithConfirmedAndAccepted]') IS NOT NULL
+BEGIN
+    DROP PROCEDURE [dbo].[Policy_ReadByUserIdWithConfirmedAndAccepted]
+END
+GO
+
+CREATE PROCEDURE [dbo].[Policy_ReadByUserIdWithConfirmedAndAccepted]
+    @UserId UNIQUEIDENTIFIER
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    SELECT
+        P.*
+    FROM
+        [dbo].[PolicyView] P
+    INNER JOIN
+        [dbo].[OrganizationUser] OU ON P.[OrganizationId] = OU.[OrganizationId]
+    INNER JOIN
+        [dbo].[Organization] O ON OU.[OrganizationId] = O.[Id]
+    WHERE
+        OU.[UserId] = @UserId
+        AND OU.[Status] IN (1, 2) -- 1 = Accepted, 2 = Confirmed
+END
+GO