[PM-35830] Add ChangeEmailCommand#7650
Conversation
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #7650 +/- ##
==========================================
- Coverage 64.90% 60.59% -4.32%
==========================================
Files 2141 2145 +4
Lines 94654 94957 +303
Branches 8456 8498 +42
==========================================
- Hits 61435 57537 -3898
- Misses 31118 35401 +4283
+ Partials 2101 2019 -82 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
ike-kottlowski
requested review from
JaredSnider-Bitwarden
and removed request for
enmande
eliykat
left a comment
eliykat
left a comment
There was a problem hiding this comment.
Letting @jrmccannon handle this one as he's discussed the approach with you already.
ike-kottlowski
changed the title
|
@claude please review this PR. |
This comment was marked as resolved.
This comment was marked as resolved.
ike-kottlowski
requested review from
eliykat and
jrmccannon
and removed request for
eliykat
jrmccannon
left a comment
jrmccannon
left a comment
There was a problem hiding this comment.
Thanks for adding the additional domain checks!
JaredSnider-Bitwarden
left a comment
JaredSnider-Bitwarden
left a comment
There was a problem hiding this comment.
Looking really good so far. Just some clarity work to be done:
…in query Replace IsAllowedAsync's bool return with the OrganizationDomainAllowEmailChangeDenialReason enum so call sites can branch on the specific reason a domain change was denied. ChangeEmailCommand now surfaces a tailored BadRequestException message per denial reason.
Replace the if + switch with a switch expression whose discard arm throws InvalidOperationException, so any future OrganizationDomainAllowEmailChangeDenialReason value fails closed instead of letting the email change proceed. Add a unit test covering the UserIsClaimedAndDomainNotVerified branch, which previously had no assertion on its tailored error message.
|
@claude please review my current changes. Please consider @JaredSnider-Bitwarden comments when responding. |
This comment was marked as resolved.
This comment was marked as resolved.
|
@claude Please review again. for gap 1 the |
This comment was marked as resolved.
This comment was marked as resolved.
|
JaredSnider-Bitwarden
left a comment
JaredSnider-Bitwarden
left a comment
There was a problem hiding this comment.
Excellent work! LGTM! Please see my one comment below about QA note implications 👇
|
|
||
| await _userRepository.ReplaceAsync(user); | ||
|
|
||
| if (user.Gateway == GatewayType.Stripe) |
There was a problem hiding this comment.
🏅 The stripe logic change to allow free users with a gateway but no customer id to change their email appears to be a good one, but please be sure we note it as a QA test case if it can be tested since it is a behavior change.
There was a problem hiding this comment.
I'll add it to the self-service ticket. These changes won't be able to be tested until AC has their email change flow implemented. These changes are foundational and not functional at this point in time.
4 participants
🎟️ Tracking
PM-35830
📔 Objective
Introduces a new
ChangeEmailCommandthat encapsulates the user email change flow.IChangeEmailCommand/ChangeEmailCommandunderBit.Core.Auth.UserFeatures.UserEmail, including claimed-domain enforcement, duplicate-email rejection, Stripe customer email sync with rollback on failure, and post-change push notifications (logout vs. settings sync depending on whether the user has a master password).ChangeEmailCommandTestscovering claimed-domain enforcement, disabled claiming orgs, duplicate email, same-user email, Stripe sync, Stripe rollback, and push branching.This PR introduces the command only; switching callers from
UserService.ChangeEmailAsyncto the new command will follow in a separate PR.Introduces a Admin Console Query to check if the email domain is allowed to be used.