Skip to content

[PM-34565] Save Cancellation Details for Scheduled Subscriptions#7535

Merged
sbrown-livefront merged 10 commits intomainfrom
billing/pm-34565/save-cancellation-details-for-scheduled-subscriptions
Apr 28, 2026
Merged

[PM-34565] Save Cancellation Details for Scheduled Subscriptions#7535
sbrown-livefront merged 10 commits intomainfrom
billing/pm-34565/save-cancellation-details-for-scheduled-subscriptions

Conversation

@sbrown-livefront
Copy link
Copy Markdown
Collaborator

@sbrown-livefront sbrown-livefront commented Apr 23, 2026
edited
Loading

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-34565

📔 Objective

Updates how deferred price increase subscription cancellations and reinstatements are handled. The changes ensure that when a subscription with a pending price increase is cancelled at period end, the associated schedule is released (not updated) with cancellationDetails being updated, a specific metadata flag is set, and reinstatement logic is simplified to clear this flag and reschedule appropriately. Tests have been updated to reflect these new behaviors.

📸 Screenshots

Screen.Recording.2026-04-23.at.4.31.36.PM.mov

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 23, 2026
edited
Loading

Logo
Checkmarx One – Scan Summary & Details1928ff4f-06a7-40f9-8fca-8a28804423c0

New Issues (4) Checkmarx found the following issues in this Pull Request
# Severity Issue Source File / Package Checkmarx Insight
1 MEDIUM CSRF src/Api/Vault/Controllers/CiphersController.cs: 1558
detailsMethod at line 1558 of /src/Api/Vault/Controllers/CiphersController.cs gets a parameter from a user request from id. This parameter value flows ...
Attack Vector
2 MEDIUM CSRF src/Api/Billing/Controllers/VNext/AccountBillingVNextController.cs: 146
detailsMethod at line 146 of /src/Api/Billing/Controllers/VNext/AccountBillingVNextController.cs gets a parameter from a user request from request. Thi...
Attack Vector
3 MEDIUM CSRF src/Api/Auth/Controllers/AccountsController.cs: 452
detailsMethod at line 452 of /src/Api/Auth/Controllers/AccountsController.cs gets a parameter from a user request from model. This parameter value flow...
Attack Vector
4 MEDIUM CSRF src/Api/Vault/Controllers/CiphersController.cs: 1385
detailsMethod at line 1385 of /src/Api/Vault/Controllers/CiphersController.cs gets a parameter from a user request from id. This parameter value flows ...
Attack Vector
Fixed Issues (1) Great job! The following issues were fixed in this Pull Request
Severity Issue Source File / Package
MEDIUM CSRF src/Identity/Controllers/AccountsController.cs: 138

@codecov
Copy link
Copy Markdown

codecov Bot commented Apr 23, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 59.24%. Comparing base (329b144) to head (ca87aa0).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #7535      +/-   ##
==========================================
- Coverage   59.26%   59.24%   -0.02%     
==========================================
  Files        2082     2082              
  Lines       92060    91994      -66     
  Branches     8181     8177       -4     
==========================================
- Hits        54557    54501      -56     
+ Misses      35562    35553       -9     
+ Partials     1941     1940       -1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@sbrown-livefront sbrown-livefront marked this pull request as ready for review April 23, 2026 20:54
@sbrown-livefront sbrown-livefront requested a review from a team as a code owner April 23, 2026 20:54
@sbrown-livefront sbrown-livefront self-assigned this Apr 24, 2026
@sbrown-livefront sbrown-livefront added the ai-review Request a Claude code review label Apr 24, 2026
amorask-bitwarden
amorask-bitwarden approved these changes Apr 24, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@amorask-bitwarden amorask-bitwarden left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great - nice work.

@sbrown-livefront sbrown-livefront enabled auto-merge (squash) April 27, 2026 14:47
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 28, 2026
edited
Loading

🤖 Bitwarden Claude Code Review

Overall Assessment: APPROVE

Reviewed PR #7535 which simplifies how deferred price increase subscription cancellations and reinstatements are handled. The cancellation path now releases the active schedule (rather than rewriting its phases) and stamps a cancelled_during_deferred_price_increase metadata flag, while reinstate clears that flag and re-invokes the existing IPriceIncreaseScheduler.Schedule to recreate the two-phase schedule. The change removes ~300 lines of complex schedule-phase manipulation in favor of native Stripe primitives, and tests have been updated to cover the new behavior.

Code Review Details

No actionable findings. A few notes verified during review:

  • Metadata clear via empty string (Metadata[...] = "") in ReinstateSubscriptionCommand.cs:57 is the documented Stripe API convention for removing a metadata key, so the subsequent ContainsKey check will correctly return false on later reads.
  • After ReleaseSubscriptionScheduleAsync, the released schedule's status is no longer Active, so Schedule()'s active-schedule guard will correctly allow recreation.
  • Stripe metadata updates merge per-key (rather than replacing the whole map), so existing keys like organizationId/userId are preserved when only the flag is sent.

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Apr 28, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@sbrown-livefront sbrown-livefront merged commit 995ccbb into main Apr 28, 2026
39 of 40 checks passed
@sbrown-livefront sbrown-livefront deleted the billing/pm-34565/save-cancellation-details-for-scheduled-subscriptions branch April 28, 2026 22:03
@amorask-bitwarden amorask-bitwarden mentioned this pull request Apr 29, 2026
Open
jaasen-livefront pushed a commit that referenced this pull request Apr 29, 2026
@sbrown-livefront @jaasen-livefront
[PM-34565] Save Cancellation Details for Scheduled Subscriptions (#7535)
885ab25 
* refactor(billing): add constant for deferred price increase cancellation

* feat(billing): update cancellation logic to release schedules and set metadata

* feat(billing): update reinstatement logic to recreate schedules

* style(billing): cleanup formatting

* fix(billing) run dotnet format

* docs(billing): clarify stripe subscription update behavior regarding schedules
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@amorask-bitwarden amorask-bitwarden amorask-bitwarden approved these changes

Assignees

@sbrown-livefront sbrown-livefront

Labels

ai-review Request a Claude code review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sbrown-livefront @amorask-bitwarden