[PM-21612] [Unified] Fix unhandled error when editing an invited member

[eliykat]

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-21612

📔 Objective

As reported by @rsulzenbacher here, you cannot edit a Member in the Invited state on Unified due to an unhandled server error.

This was caused by trying to update the User's account revision date, however an invited member is not linked to any User account yet.

Changes:

• Updated the OrganizationUserRepository.ReplaceAsync EF method to check for null on UserId first, rather than using GetValueOrDefault() which is not appropriate here.
• Add tests.
• Updated the EF bump revision date method to throw if a default Guid is passed. Also enable nullable to guard against nulls (no other changes required to enable nullable as far as I can tell). Add explanatory xmldoc.
• I checked for any other code passing a default guid and found one other location in CipherRepository, so I updated that while I was here. I changed this interface so the caller has to specify a UserId, which I think is preferable to picking the first from the list.

📸 Screenshots

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[github-actions]

Checkmarx One – Scan Summary & Details – 04723e34-be1d-4f19-bbb2-cc2575fc2f68

New Issues (1)

Checkmarx found the following issues in this Pull Request

Severity	Issue	Source File / Package	Checkmarx Insight
	CSRF	/src/Billing/Controllers/PayPalController.cs: 70	details Method PostIpn at line 70 of /src/Billing/Controllers/PayPalController.cs gets a parameter from a user request from Body. This parameter value fl... ID: HIRv8XJ2uwImOjFqQXDx3QjwhSo%3D Attack Vector

Fixed Issues (4)

Great job! The following issues were fixed in this Pull Request

Severity	Issue	Source File / Package
	CSRF	/src/Api/Controllers/SelfHosted/SelfHostedOrganizationSponsorshipsController.cs: 109
	CSRF	/src/Api/Billing/Controllers/OrganizationSponsorshipsController.cs: 274
	CSRF	/src/Api/Billing/Controllers/OrganizationSponsorshipsController.cs: 210
	CSRF	/src/Api/Controllers/SelfHosted/SelfHostedOrganizationSponsorshipsController.cs: 80

[codecov]

Codecov Report

Attention: Patch coverage is 57.14286% with 6 lines in your changes missing coverage. Please review.

Project coverage is 50.80%. Comparing base (1ec06fa) to head (d47e639).

Files with missing lines	Patch %	Lines
...ramework/Repositories/DatabaseContextExtensions.cs	0.00%	2 Missing and 1 partial ⚠️
...tyFramework/Vault/Repositories/CipherRepository.cs	0.00%	2 Missing ⚠️
...ture.Dapper/Vault/Repositories/CipherRepository.cs	0.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #5817      +/-   ##
==========================================
+ Coverage   47.54%   50.80%   +3.26%     
==========================================
  Files        1651     1651              
  Lines       74814    74820       +6     
  Branches     6724     6726       +2     
==========================================
+ Hits        35569    38011    +2442     
+ Misses      37787    35289    -2498     
- Partials     1458     1520      +62     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[audreyality]

📝 The tools changes are limited to the userId change mentioned by @eliykat in the description.

@gbubemismith - if this change looks good to you, then it should be good for us, too.

[gbubemismith]

This Looks good

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud