[PM-37486] Remove IPolicyService and associated dead code

src/Api/Auth/Controllers/AccountsController.cs

@@ -7,8 +7,9 @@
 using Bit.Api.Models.Response;
 using Bit.Core;
 using Bit.Core.AdminConsole.Enums.Provider;
+using Bit.Core.AdminConsole.OrganizationFeatures.Policies;
+using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements;
 using Bit.Core.AdminConsole.Repositories;
-using Bit.Core.AdminConsole.Services;
 using Bit.Core.Auth.Identity;
 using Bit.Core.Auth.Models.Api.Request.Accounts;
 using Bit.Core.Auth.Services;
@@ -39,7 +40,7 @@ public class AccountsController : Controller
     private readonly IOrganizationUserRepository _organizationUserRepository;
     private readonly IProviderUserRepository _providerUserRepository;
     private readonly IUserService _userService;
-    private readonly IPolicyService _policyService;
+    private readonly IPolicyRequirementQuery _policyRequirementQuery;
     private readonly ISetInitialMasterPasswordCommandV1 _setInitialMasterPasswordCommandV1;
     private readonly IFinishSsoJitProvisionMasterPasswordCommand _finishSsoJitProvisionMasterPasswordCommand;
     private readonly ITdeSetPasswordCommand _tdeSetPasswordCommand;
@@ -57,7 +58,7 @@ public AccountsController(
         IOrganizationUserRepository organizationUserRepository,
         IProviderUserRepository providerUserRepository,
         IUserService userService,
-        IPolicyService policyService,
+        IPolicyRequirementQuery policyRequirementQuery,
         IFinishSsoJitProvisionMasterPasswordCommand finishSsoJitProvisionMasterPasswordCommand,
         ISetInitialMasterPasswordCommandV1 setInitialMasterPasswordCommandV1,
         ITdeSetPasswordCommand tdeSetPasswordCommand,
@@ -75,7 +76,7 @@ IRotateUserApiKeyCommand rotateUserApiKeyCommand
         _organizationUserRepository = organizationUserRepository;
         _providerUserRepository = providerUserRepository;
         _userService = userService;
-        _policyService = policyService;
+        _policyRequirementQuery = policyRequirementQuery;
         _finishSsoJitProvisionMasterPasswordCommand = finishSsoJitProvisionMasterPasswordCommand;
         _setInitialMasterPasswordCommandV1 = setInitialMasterPasswordCommandV1;
         _tdeSetPasswordCommand = tdeSetPasswordCommand;
@@ -282,7 +283,7 @@ public async Task<MasterPasswordPolicyResponseModel> PostVerifyPassword([FromBod
 
         if (await _userService.CheckPasswordAsync(user, model.MasterPasswordHash))
         {
-            var policyData = await _policyService.GetMasterPasswordPolicyForUserAsync(user);
+            var policyData = (await _policyRequirementQuery.GetAsyncVNext<MasterPasswordPolicyRequirement>(user.Id)).EnforcedOptions;
 
             return new MasterPasswordPolicyResponseModel(policyData);
         }

src/Core/AdminConsole/OrganizationFeatures/Organizations/InitPendingOrganizationValidator.cs

@@ -1,9 +1,7 @@
 using Bit.Core.AdminConsole.Entities;
-using Bit.Core.AdminConsole.Enums;
 using Bit.Core.AdminConsole.OrganizationFeatures.Organizations;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements;
-using Bit.Core.AdminConsole.Services;
 using Bit.Core.AdminConsole.Utilities.v2.Validation;
 using Bit.Core.Auth.Models.Business.Tokenables;
 using Bit.Core.Auth.UserFeatures.TwoFactorAuth.Interfaces;
@@ -29,20 +27,17 @@ Task<ValidationResult<InitPendingOrganizationValidationRequest>> ValidateAsync(
 public class InitPendingOrganizationValidator : IInitPendingOrganizationValidator
 {
     private readonly IDataProtectorTokenFactory<OrgUserInviteTokenable> _orgUserInviteTokenDataFactory;
-    private readonly IPolicyService _policyService;
     private readonly IPolicyRequirementQuery _policyRequirementQuery;
     private readonly ITwoFactorIsEnabledQuery _twoFactorIsEnabledQuery;
     private readonly IOrganizationUserRepository _organizationUserRepository;
 
     public InitPendingOrganizationValidator(
         IDataProtectorTokenFactory<OrgUserInviteTokenable> orgUserInviteTokenDataFactory,
-        IPolicyService policyService,
         IPolicyRequirementQuery policyRequirementQuery,
         ITwoFactorIsEnabledQuery twoFactorIsEnabledQuery,
         IOrganizationUserRepository organizationUserRepository)
     {
         _orgUserInviteTokenDataFactory = orgUserInviteTokenDataFactory;
-        _policyService = policyService;
         _policyRequirementQuery = policyRequirementQuery;
         _twoFactorIsEnabledQuery = twoFactorIsEnabledQuery;
         _organizationUserRepository = organizationUserRepository;
@@ -145,8 +140,8 @@ private bool ValidateInviteToken(OrganizationUser orgUser, User user, string ema
             return new SingleOrgPolicyViolationError();
         }
 
-        var anySingleOrgPolicies = await _policyService.AnyPoliciesApplicableToUserAsync(user.Id, PolicyType.SingleOrg);
-        if (anySingleOrgPolicies)
+        var singleOrgReq = await _policyRequirementQuery.GetAsyncVNext<SingleOrganizationPolicyRequirement>(user.Id);
+        if (singleOrgReq.CanCreateOrganization() != null)
         {
             return new SingleOrgPolicyViolationError();
         }

src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyServiceCollectionExtensions.cs

@@ -4,8 +4,6 @@
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyUpdateEvents;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyUpdateEvents.Interfaces;
-using Bit.Core.AdminConsole.Services;
-using Bit.Core.AdminConsole.Services.Implementations;
 using Microsoft.Extensions.DependencyInjection;
 
 namespace Bit.Core.AdminConsole.OrganizationFeatures.Policies;
@@ -14,7 +12,6 @@ public static class PolicyServiceCollectionExtensions
 {
     public static void AddPolicyServices(this IServiceCollection services)
     {
-        services.AddScoped<IPolicyService, PolicyService>();
         services.AddScoped<ISavePolicyCommand, SavePolicyCommand>();
         services.AddScoped<IPolicyRequirementQuery, PolicyRequirementQuery>();
         services.AddScoped<IPolicyQuery, PolicyQuery>();

src/Core/AdminConsole/Repositories/IOrganizationUserRepository.cs

@@ -1,5 +1,4 @@
 using System.Data.Common;
-using Bit.Core.AdminConsole.Enums;
 using Bit.Core.AdminConsole.Models.Data.OrganizationUsers;
 using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.InviteUsers.Models;
 using Bit.Core.Entities;
@@ -80,7 +79,6 @@ Task<ICollection<OrganizationUserOrganizationDetails>> GetManyDetailsByUserAsync
     /// <param name="id">The ID of the organization user to restore.</param>
     /// <param name="status">The status to restore the user to (their status prior to being revoked).</param>
     Task RestoreAsync(Guid id, OrganizationUserStatusType status);
-    Task<IEnumerable<OrganizationUserPolicyDetails>> GetByUserIdWithPolicyDetailsAsync(Guid userId, PolicyType policyType);
     Task<int> GetOccupiedSmSeatCountByOrganizationIdAsync(Guid organizationId);
     Task<IEnumerable<OrganizationUserResetPasswordDetails>> GetManyAccountRecoveryDetailsByOrganizationUserAsync(Guid organizationId, IEnumerable<Guid> organizationUserIds);
 

src/Identity/IdentityServer/RequestValidators/BaseRequestValidator.cs

@@ -5,7 +5,7 @@
 using System.Security.Claims;
 using Bit.Core;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies;
-using Bit.Core.AdminConsole.Services;
+using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements;
 using Bit.Core.Auth.Entities;
 using Bit.Core.Auth.Enums;
 using Bit.Core.Auth.Identity;
@@ -45,7 +45,6 @@ public abstract class BaseRequestValidator<T> where T : class
     protected readonly IUpdateDeviceLastActivityCommand _updateDeviceLastActivityCommand;
 
     protected ICurrentContext CurrentContext { get; }
-    protected IPolicyService PolicyService { get; }
     protected IFeatureService _featureService { get; }
     protected ISsoConfigRepository SsoConfigRepository { get; }
     protected IUserService _userService { get; }
@@ -65,7 +64,6 @@ public BaseRequestValidator(
         ICurrentContext currentContext,
         GlobalSettings globalSettings,
         IUserRepository userRepository,
-        IPolicyService policyService,
         IFeatureService featureService,
         ISsoConfigRepository ssoConfigRepository,
         IUserDecryptionOptionsBuilder userDecryptionOptionsBuilder,
@@ -87,7 +85,6 @@ IUpdateDeviceLastActivityCommand updateDeviceLastActivityCommand
         _logger = logger;
         CurrentContext = currentContext;
         _globalSettings = globalSettings;
-        PolicyService = policyService;
         _userRepository = userRepository;
         _featureService = featureService;
         SsoConfigRepository = ssoConfigRepository;
@@ -589,7 +586,8 @@ private async Task<MasterPasswordPolicyResponseModel> GetMasterPasswordPolicyAsy
             return null;
         }
 
-        return new MasterPasswordPolicyResponseModel(await PolicyService.GetMasterPasswordPolicyForUserAsync(user));
+        return new MasterPasswordPolicyResponseModel(
+            (await PolicyRequirementQuery.GetAsyncVNext<MasterPasswordPolicyRequirement>(user.Id)).EnforcedOptions);
     }
 
     /// <summary>

src/Identity/IdentityServer/RequestValidators/CustomTokenRequestValidator.cs

@@ -2,7 +2,6 @@
 using System.Security.Claims;
 using Bit.Core;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies;
-using Bit.Core.AdminConsole.Services;
 using Bit.Core.Auth.Identity;
 using Bit.Core.Auth.IdentityServer;
 using Bit.Core.Auth.Repositories;
@@ -40,7 +39,6 @@ public CustomTokenRequestValidator(
         ICurrentContext currentContext,
         GlobalSettings globalSettings,
         IUserRepository userRepository,
-        IPolicyService policyService,
         IFeatureService featureService,
         ISsoConfigRepository ssoConfigRepository,
         IUserDecryptionOptionsBuilder userDecryptionOptionsBuilder,
@@ -63,7 +61,6 @@ public CustomTokenRequestValidator(
             currentContext,
             globalSettings,
             userRepository,
-            policyService,
             featureService,
             ssoConfigRepository,
             userDecryptionOptionsBuilder,

src/Identity/IdentityServer/RequestValidators/ResourceOwnerPasswordValidator.cs

@@ -4,7 +4,6 @@
 using System.Security.Claims;
 using Bit.Core;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies;
-using Bit.Core.AdminConsole.Services;
 using Bit.Core.Auth.Repositories;
 using Bit.Core.Auth.UserFeatures.Devices.Interfaces;
 using Bit.Core.Context;
@@ -39,7 +38,6 @@ public ResourceOwnerPasswordValidator(
         GlobalSettings globalSettings,
         IAuthRequestRepository authRequestRepository,
         IUserRepository userRepository,
-        IPolicyService policyService,
         IFeatureService featureService,
         ISsoConfigRepository ssoConfigRepository,
         IUserDecryptionOptionsBuilder userDecryptionOptionsBuilder,
@@ -60,7 +58,6 @@ public ResourceOwnerPasswordValidator(
             currentContext,
             globalSettings,
             userRepository,
-            policyService,
             featureService,
             ssoConfigRepository,
             userDecryptionOptionsBuilder,

src/Identity/IdentityServer/RequestValidators/WebAuthnGrantValidator.cs

@@ -2,7 +2,6 @@
 using System.Text.Json;
 using Bit.Core;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies;
-using Bit.Core.AdminConsole.Services;
 using Bit.Core.Auth.Enums;
 using Bit.Core.Auth.Models.Business.Tokenables;
 using Bit.Core.Auth.Repositories;
@@ -43,7 +42,6 @@ public WebAuthnGrantValidator(
         GlobalSettings globalSettings,
         ISsoConfigRepository ssoConfigRepository,
         IUserRepository userRepository,
-        IPolicyService policyService,
         IDataProtectorTokenFactory<WebAuthnLoginAssertionOptionsTokenable> assertionOptionsDataProtector,
         IFeatureService featureService,
         IUserDecryptionOptionsBuilder userDecryptionOptionsBuilder,
@@ -66,7 +64,6 @@ public WebAuthnGrantValidator(
             currentContext,
             globalSettings,
             userRepository,
-            policyService,
             featureService,
             ssoConfigRepository,
             userDecryptionOptionsBuilder,

src/Infrastructure.Dapper/AdminConsole/Repositories/OrganizationUserRepository.cs

@@ -2,7 +2,6 @@
 using System.Data.Common;
 using System.Text.Json;
 using Bit.Core.AdminConsole.Entities;
-using Bit.Core.AdminConsole.Enums;
 using Bit.Core.AdminConsole.Models.Data.OrganizationUsers;
 using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.InviteUsers.Models;
 using Bit.Core.AdminConsole.Utilities.DebuggingInstruments;
@@ -569,19 +568,6 @@ public async Task RestoreAsync(Guid id, OrganizationUserStatusType status)
         await RestoreManyAsync([id], status);
     }
 
-    public async Task<IEnumerable<OrganizationUserPolicyDetails>> GetByUserIdWithPolicyDetailsAsync(Guid userId, PolicyType policyType)
-    {
-        using (var connection = new SqlConnection(ConnectionString))
-        {
-            var results = await connection.QueryAsync<OrganizationUserPolicyDetails>(
-                $"[{Schema}].[{Table}_ReadByUserIdWithPolicyDetails]",
-                new { UserId = userId, PolicyType = policyType },
-                commandType: CommandType.StoredProcedure);
-
-            return results.ToList();
-        }
-    }
-
     public async Task<IEnumerable<OrganizationUserResetPasswordDetails>> GetManyAccountRecoveryDetailsByOrganizationUserAsync(
         Guid organizationId, IEnumerable<Guid> organizationUserIds)
     {