[PM-39164] Gate Access Intelligence report reads on new-architecture flag

[Banrion]

🎟️ Tracking

PM-39164

Related Client PR: bitwarden/clients#21315

📔 Objective

This re-points the Access Intelligence report read path from the file-storage flag (AccessIntelligenceVersion2) to the new-architecture flag (AccessIntelligenceNewArchitecture). The file-storage flag should govern only the write format, so keying reads off it meant a report written as a file no longer loaded once file storage was toggled off, the read fell back to inline-only logic and returned a stale or broken "last report." This change fixes that so a file-backed report still loads in any valid flag state, while write-format selection remains file-flag-gated.

Changes

• Gate GetLatestOrganizationReportAsync (read branch + validated-file download-URL block) on AccessIntelligenceNewArchitecture instead of the file-storage flag.
• Gate the DownloadReportFileAsync validated-file check on AccessIntelligenceNewArchitecture.
• Update the affected GetLatest and DownloadReportFile flag-on/flag-off cases in OrganizationReportsControllerTests to exercise the new-architecture flag.

[github-actions]

🤖 Bitwarden Claude Code Review

Overall Assessment: APPROVE

Reviewed the re-pointing of the Access Intelligence report read path from the file-storage flag (AccessIntelligenceVersion2) to the new-architecture flag (AccessIntelligenceNewArchitecture) in OrganizationReportsController. The change correctly gates GetLatestOrganizationReportAsync (read branch and validated-file download-URL block) and the DownloadReportFileAsync validated-file check on the new flag, while write-format paths such as UpdateOrganizationReportAsync remain gated on the file-storage flag — consistent with the stated intent. Both feature flag constants exist in Constants.cs, and the test updates correctly swap the two DownloadReportFile cases from SetupV2Authorization to SetupAuthorization plus an explicit new-architecture flag stub, keeping flag-on/flag-off coverage symmetric.

Code Review Details

No findings. The change is well-scoped, the flag re-pointing matches the PR objective, and the test updates accurately mirror the controller's new gating logic.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 61.24%. Comparing base (a7e9480) to head (38fac60).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #7825      +/-   ##
==========================================
- Coverage   65.72%   61.24%   -4.49%     
==========================================
  Files        2210     2210              
  Lines       97820    97820              
  Branches     8832     8832              
==========================================
- Hits        64296    59905    -4391     
- Misses      31298    35782    +4484     
+ Partials     2226     2133      -93     

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.