[PM-37486] Remove IPolicyService and associated dead code

[r-tome]

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-37486

📔 Objective

Migrate remaining IPolicyService callers to use IPolicyRequirementQuery and subsequently delete IPolicyService and no longer used stored procedures.

[github-actions]

Bitwarden Claude Code Review

Overall Assessment: APPROVE

This PR completes the migration from the legacy IPolicyService to IPolicyRequirementQuery, deletes the now-orphaned service, its OrganizationUserPolicyDetails model, the GetByUserIdWithPolicyDetailsAsync repository method on both Dapper and EF implementations, and the associated test fixtures and integration tests. Call sites in AccountsController, InitPendingOrganizationValidator, and the Identity request validators (BaseRequestValidator, CustomTokenRequestValidator, ResourceOwnerPasswordValidator, SsoRequestValidator, WebAuthnGrantValidator) have been switched over with semantically equivalent replacements — SingleOrganizationPolicyRequirement.CanCreateOrganization() for the SingleOrg check and MasterPasswordPolicyRequirement.EnforcedOptions for the master-password policy, both of which apply the same role/status/provider filtering as the deleted PolicyService once the underlying sproc-level org/policy-enabled checks are accounted for.

Prior reviewer concerns appear addressed: the orphaned EfPolicyApplicableToUser AutoFixture types are removed from PolicyFixtures.cs, and the stored-procedure DROP migration that risked a rollback-incompatible deployment has been reverted, leaving OrganizationUser_ReadByUserIdWithPolicyDetails and PolicyDetails_ReadByUserId in place for a later, safer cleanup PR.

Code Review Details

No new findings.

[codecov]

Codecov Report

❌ Patch coverage is 80.00000% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 64.45%. Comparing base (4a3c204) to head (99035ae).
⚠️ Report is 4 commits behind head on main.

Files with missing lines	Patch %	Lines
src/Api/Auth/Controllers/AccountsController.cs	50.00%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #7672      +/-   ##
==========================================
+ Coverage   59.98%   64.45%   +4.47%     
==========================================
  Files        2133     2130       -3     
  Lines       93731    93640      -91     
  Branches     8311     8314       +3     
==========================================
+ Hits        56226    60360    +4134     
+ Misses      35527    31213    -4314     
- Partials     1978     2067      +89     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[mkincaid-bw]

It looks like the C# code that calls this proc is being removed in this PR. If the deployment requires a server code rollback, this DROP would cause issues since DB changes are not reverted. This DROP should be moved to another PR to be done at a later date once this server deployment is hardened.

[r-tome]

Thanks for calling this out! I have reverted the SQL changes in this branch. I will create a separate task to drop the stored procedures in a future release.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[eliykat]

🧹