Remove TrustedPublishing feature flag (#10631)

Author: japarson

src/AccountDeleter/EmptyFeatureFlagService.cs

@@ -333,11 +333,6 @@ public bool CanUseFederatedCredentials(User user)
         {
             throw new NotImplementedException();
         }
-        
-        public bool IsTrustedPublishingEnabled(User user)
-        {
-            throw new NotImplementedException();
-        }
 
         public bool IsProfileLoadOptimizationEnabled()
         {

src/GitHubVulnerabilities2Db/Fakes/FakeFeatureFlagService.cs

@@ -335,11 +335,6 @@ public bool CanUseFederatedCredentials(User user)
             throw new NotImplementedException();
         }
 
-        public bool IsTrustedPublishingEnabled(User user)
-        {
-            throw new NotImplementedException();
-        }
-
         public bool IsProfileLoadOptimizationEnabled()
         {
             throw new NotImplementedException();

src/NuGetGallery.Services/Authentication/Federated/GitHubTokenPolicyValidator.cs

@@ -70,13 +70,6 @@ public override FederatedCredentialPolicyValidationResult ValidatePolicy(Federat
                     policyPropertyName: null);
             }
 
-            if (!_featureFlagService.IsTrustedPublishingEnabled(policy.CreatedBy))
-            {
-                return FederatedCredentialPolicyValidationResult.BadRequest(
-                    $"Trusted Publishing is not enabled for '{policy.CreatedBy.Username}'.",
-                    nameof(FederatedCredentialPolicy.CreatedBy));
-            }
-
             GitHubCriteria gitHubCriteria = GitHubCriteria.FromDatabaseJson(policy.Criteria);
             NormalizeRepositoryName(gitHubCriteria);
             NormalizeWorkflowFileName(gitHubCriteria);
@@ -184,11 +177,6 @@ public override async Task<FederatedCredentialPolicyResult> EvaluatePolicyAsync(
                 return FederatedCredentialPolicyResult.NotApplicable;
             }
 
-            if (!_featureFlagService.IsTrustedPublishingEnabled(policy.CreatedBy))
-            {
-                return FederatedCredentialPolicyResult.Unauthorized($"Trusted publishing is not enabled for {policy.CreatedBy.Username}");
-            }
-
             var criteria = GitHubCriteria.FromDatabaseJson(policy.Criteria);
 
             // Validate required GitHub criterias first

src/NuGetGallery.Services/Configuration/FeatureFlagService.cs

@@ -440,11 +440,6 @@ public bool CanUseFederatedCredentials(User user)
             return _client.IsEnabled(FederatedCredentialsFeatureName, user, defaultValue: false);
         }
 
-        public bool IsTrustedPublishingEnabled(User user)
-        {
-            return _client.IsEnabled(TrustedPublishingFeatureName, user, defaultValue: false);
-        }
-
         public bool IsProfileLoadOptimizationEnabled()
         {
             return _client.IsEnabled(ProfileLoadOptimization, defaultValue: true);

src/NuGetGallery.Services/Configuration/IFeatureFlagService.cs

@@ -356,13 +356,6 @@ public interface IFeatureFlagService
         /// </summary>
         bool CanUseFederatedCredentials(User user);
 
-        /// <summary>
-        /// Whether or not the user can access trusted publishing functionality, e.g. GitHub Actions workflows.
-        /// When enabled, this controls both the ability to create Trusted Publishing policies and the ability
-        /// to exchange external tokens for NuGet API keys during package operations.
-        /// </summary>
-        bool IsTrustedPublishingEnabled(User user);
-
         /// <summary>
         /// Whether or not the first iteration of the profile load optimization is enabled.
         /// </summary>

src/NuGetGallery/Controllers/UsersController.cs

@@ -1039,11 +1039,6 @@ public virtual ActionResult PasswordChanged()
         public virtual ActionResult TrustedPublishing()
         {
             User currentUser = GetCurrentUser();
-            if (!_featureFlagService.IsTrustedPublishingEnabled(currentUser))
-            {
-                return new HttpStatusCodeResult(HttpStatusCode.NotFound);
-            }
-
             var userPolicies = _federatedCredentialService.GetPoliciesCreatedByUser(currentUser.Key);
 
             // Show newest policies on the top.
@@ -1208,11 +1203,6 @@ private string ViewToPolicyCriteria(string criteria)
         public virtual async Task<ActionResult> RemoveTrustedPublisherPolicy(int? federatedCredentialKey)
         {
             User currentUser = GetCurrentUser();
-            if (!_featureFlagService.IsTrustedPublishingEnabled(currentUser))
-            {
-                Response.StatusCode = (int)HttpStatusCode.BadRequest;
-                return Json(Strings.DefaultUserSafeExceptionMessage);
-            }
 
             var result = GetFederatedCredentialPolicy(federatedCredentialKey);
             if (result.policy == null)

src/NuGetGallery/Views/Shared/Gallery/Header.cshtml

@@ -6,8 +6,6 @@
         && Config.Current.DeprecateNuGetPasswordLogins
         && User.HasPasswordLogin();
     var rawErrorMessage = TempData.ContainsKey("RawErrorMessage") ? TempData["RawErrorMessage"].ToString() : null;
-    var featureFlagService = DependencyResolver.Current.GetService<IFeatureFlagService>();
-    ViewBag.IsTrustedPublishingEnabled = featureFlagService != null && featureFlagService.IsTrustedPublishingEnabled(CurrentUser);
 }
 
 <div id="cookie-banner"></div>
@@ -143,10 +141,7 @@
                                             </a>
                                         </li>
 
-                                        @if (ViewBag.IsTrustedPublishingEnabled)
-                                        {
-                                            <li role="presentation"><a href="@Url.ManageMyTrustedPublishing()" role="menuitem">Trusted Publishing</a></li>
-                                        }
+                                        <li role="presentation"><a href="@Url.ManageMyTrustedPublishing()" role="menuitem">Trusted Publishing</a></li>
                                         <li role="presentation"><a href="@Url.ManageMyApiKeys()" role="menuitem">API Keys</a></li>
 
                                         <li class="divider"></li>

src/NuGetGallery/Views/Users/ApiKeys.cshtml

@@ -4,8 +4,6 @@
 @{
     ViewBag.Title = "API Keys";
     ViewBag.MdPageColumns = GalleryConstants.ColumnsFormMd;
-    var featureFlagService = DependencyResolver.Current.GetService<IFeatureFlagService>();
-    ViewBag.IsTrustedPublishingEnabled = featureFlagService != null && featureFlagService.IsTrustedPublishingEnabled(CurrentUser);
 }
 
 <section role="main" class="container main-container page-api-keys">
@@ -14,16 +12,13 @@
         <div class="@ViewHelpers.GetColumnClasses(ViewBag)">
             @ViewHelpers.BreadcrumbWithProfile(Url, CurrentUser, true, @<text>API keys</text>)
 
-            @if (ViewBag.IsTrustedPublishingEnabled)
-            {
-                @ViewHelpers.Alert(
+            @ViewHelpers.Alert(
                     @<text>
                         <strong>Looking for a more secure and streamlined way to publish packages?</strong>
                         If you're using GitHub Actions, we recommend switching to
                         <a href="@Url.ManageMyTrustedPublishing()">Trusted Publishing</a> since it eliminates the need to manage API keys.
                     </text>,
-                    "info", icon: null)
-            }
+           "info", icon: null)
 
             <p>
                 An API key is a token that can identify you to @(Config.Current.Brand). The
@@ -33,10 +28,10 @@
             @if (!CurrentUser.Confirmed)
             {
                 @ViewHelpers.AlertWarning(
-                    @<text>
-                        To get an API Key you will need to
-                        <a href="@Url.ConfirmationRequired()">confirm your account</a>.
-                    </text>)
+                        @<text>
+                            To get an API Key you will need to
+                            <a href="@Url.ConfirmationRequired()">confirm your account</a>.
+                        </text>)
             }
             else
             {
@@ -49,21 +44,21 @@
                 @ViewHelpers.Section(this,
                     "create",
                     "Create",
-                    @<text>
-                        <div class="upsert-api-key">
-                            <div class="panel-body" data-bind="template: { name: 'upsert-api-key', data: NewApiKey }"></div>
-                        </div>
-                    </text>,
-        expanded: false,
-        expandedIcon: "Subtraction",
-        collapsedIcon: "Add")
+                        @<text>
+                            <div class="upsert-api-key">
+                                <div class="panel-body" data-bind="template: { name: 'upsert-api-key', data: NewApiKey }"></div>
+                            </div>
+                        </text>,
+     expanded: false,
+     expandedIcon: "Subtraction",
+     collapsedIcon: "Add")
 
                 @ViewHelpers.Section(this,
                     "manage",
                     "Manage",
-                    @<text>
-                        <div data-bind="template: 'manage-api-keys'"></div>
-                    </text>)
+                        @<text>
+                            <div data-bind="template: 'manage-api-keys'"></div>
+                        </text>)
             }
         </div>
     </div>

src/VerifyMicrosoftPackage/Fakes/FakeFeatureFlagService.cs

@@ -140,8 +140,6 @@ public class FakeFeatureFlagService : IFeatureFlagService
 
         public bool CanUseFederatedCredentials(User user) => throw new NotImplementedException();
 
-        public bool IsTrustedPublishingEnabled(User user) => throw new NotImplementedException();
-
         public bool IsProfileLoadOptimizationEnabled() => throw new NotImplementedException();
 
         public bool IsProfileLoadOptimizationV2Enabled() => throw new NotImplementedException();