[PM-38926] feat: Add admin change member email to v2 UpdateOrganizationUser command#7964
Draft
jrmccannon wants to merge 6 commits into
Draft
Conversation
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## jmccannon/ac/pm-38923-update-orguser-v2 #7964 +/- ##
===========================================================================
- Coverage 62.11% 62.06% -0.06%
===========================================================================
Files 2281 2282 +1
Lines 99714 99898 +184
Branches 9029 9048 +19
===========================================================================
+ Hits 61939 62002 +63
- Misses 35586 35706 +120
- Partials 2189 2190 +1 ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
68e4f70 to
6fb4bab
Compare
…onUser command Allow an admin to change a claimed member's email via the v2 update flow when the member has no master password and the new email is on an org-verified domain. The validator enforces these rules and surfaces RFC 7807 problems keyed on "email"; the command loads the account and delegates the change to the Auth IChangeEmailCommand, mapping its BadRequestExceptions to typed errors.
6fb4bab to
075a64e
Compare
BTreston
reviewed
Jul 14, 2026
| } | ||
|
|
||
| public record MemberHasMasterPasswordError() | ||
| : EmailValidationError("Cannot change the email of a member who has a master password.", "member_has_master_password"); |
Contributor
There was a problem hiding this comment.
@jrmccannon Are these the strings + Keys (and then mapped to real client owned keys) that need to be added to the client for i18n? Are these final?
Contributor
Author
There was a problem hiding this comment.
As of now, yes. It is the "member_has_master_password" type should be mapped over to the i18n key. I don't plan changing any of those, but if that happens i'll be sure to loop you in.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🎟️ Tracking
https://bitwarden.atlassian.net/browse/PM-38926
📔 Objective
Adds admin change-member-email to the v2
UpdateOrganizationUserCommand, behind thepm-28365-change-member-email-no-mp(FeatureFlagKeys.ChangeMemberEmailNoMp) flag. Part of epic PM-28365 (Milestone 1: manual single-email change for members without passwords).An org admin may change a member's email only when:
The validator (
ValidateEmailChangeAsync) enforces these rules and surfaces RFC 7807 problems keyed onemail; the command loads the target account, delegates the change to the AuthIChangeEmailCommand, and maps itsBadRequestExceptions to typed errors. After a successful change it callsPushSyncSettingsAsyncso the member's devices re-sync. Secrets Manager autoscale runs before the email write so a failed Stripe call can't leave a partial update.Out of scope: dedicated email-changed event log (separate cross-team PR), SSO flows, members with a master password, and client UI.
📸 Screenshots
N/A — no UI changes.