[PM-26378] Auto confirm events (#7017)

* implement auto confirm push notification

* fix test

* fix test

* simplify LINQ

* add event logging for auto confirm

* fix test

src/Admin/AdminConsole/Controllers/OrganizationsController.cs

@@ -61,6 +61,7 @@ public class OrganizationsController : Controller
     private readonly IPricingClient _pricingClient;
     private readonly IResendOrganizationInviteCommand _resendOrganizationInviteCommand;
     private readonly IOrganizationBillingService _organizationBillingService;
+    private readonly IEventService _eventService;
     private readonly IAutomaticUserConfirmationOrganizationPolicyComplianceValidator _automaticUserConfirmationOrganizationPolicyComplianceValidator;
 
     public OrganizationsController(
@@ -88,6 +89,7 @@ public class OrganizationsController : Controller
         IPricingClient pricingClient,
         IResendOrganizationInviteCommand resendOrganizationInviteCommand,
         IOrganizationBillingService organizationBillingService,
+        IEventService eventService,
         IAutomaticUserConfirmationOrganizationPolicyComplianceValidator automaticUserConfirmationOrganizationPolicyComplianceValidator)
     {
         _organizationRepository = organizationRepository;
@@ -114,6 +116,7 @@ public class OrganizationsController : Controller
         _pricingClient = pricingClient;
         _resendOrganizationInviteCommand = resendOrganizationInviteCommand;
         _organizationBillingService = organizationBillingService;
+        _eventService = eventService;
         _automaticUserConfirmationOrganizationPolicyComplianceValidator = automaticUserConfirmationOrganizationPolicyComplianceValidator;
     }
 
@@ -283,6 +286,8 @@ public class OrganizationsController : Controller
             }
         }
 
+        var previousUseAutomaticUserConfirmation = organization.UseAutomaticUserConfirmation;
+
         UpdateOrganization(organization, model);
         var plan = await _pricingClient.GetPlanOrThrow(organization.PlanType);
         if (organization.UseSecretsManager && !plan.SupportsSecretsManager)
@@ -304,6 +309,14 @@ public class OrganizationsController : Controller
 
         await _organizationRepository.ReplaceAsync(organization);
 
+        if (previousUseAutomaticUserConfirmation != organization.UseAutomaticUserConfirmation)
+        {
+            var eventType = organization.UseAutomaticUserConfirmation
+                ? EventType.Organization_AutoConfirmEnabled_Portal
+                : EventType.Organization_AutoConfirmDisabled_Portal;
+            await _eventService.LogOrganizationEventAsync(organization, eventType, EventSystemUser.BitwardenPortal);
+        }
+
         await _applicationCacheService.UpsertOrganizationAbilityAsync(organization);
 
         // Sync name/email changes to Stripe

src/Core/AdminConsole/Services/IEventService.cs

@@ -28,6 +28,7 @@ public interface IEventService
     Task LogOrganizationUserEventsAsync<T>(IEnumerable<(T, EventType, DateTime?)> events) where T : IOrganizationUser;
     Task LogOrganizationUserEventsAsync<T>(IEnumerable<(T, EventType, EventSystemUser, DateTime?)> events) where T : IOrganizationUser;
     Task LogOrganizationEventAsync(Organization organization, EventType type, DateTime? date = null);
+    Task LogOrganizationEventAsync(Organization organization, EventType type, EventSystemUser systemUser, DateTime? date = null);
     Task LogProviderUserEventAsync(ProviderUser providerUser, EventType type, DateTime? date = null);
     Task LogProviderUsersEventAsync(IEnumerable<(ProviderUser, EventType, DateTime?)> events);
     Task LogProviderOrganizationEventAsync(ProviderOrganization providerOrganization, EventType type, DateTime? date = null);

src/Core/Dirt/Enums/EventSystemUser.cs

@@ -7,4 +7,5 @@ public enum EventSystemUser : byte
     DomainVerification = 2,
     PublicApi = 3,
     TwoFactorDisabled = 4,
+    BitwardenPortal = 5,
 }

src/Core/Dirt/Enums/EventType.cs

@@ -84,6 +84,10 @@ public enum EventType : int
     Organization_CollectionManagement_AllowAdminAccessToAllCollectionItemsDisabled = 1617,
     Organization_ItemOrganization_Accepted = 1618,
     Organization_ItemOrganization_Declined = 1619,
+    Organization_AutoConfirmEnabled_Admin = 1620,
+    Organization_AutoConfirmDisabled_Admin = 1621,
+    Organization_AutoConfirmEnabled_Portal = 1622,
+    Organization_AutoConfirmDisabled_Portal = 1623,
 
     Policy_Updated = 1700,
 

src/Core/Dirt/Services/Implementations/EventService.cs

@@ -309,6 +309,25 @@ public class EventService : IEventService
         await _eventWriteService.CreateAsync(e);
     }
 
+    public async Task LogOrganizationEventAsync(Organization organization, EventType type, EventSystemUser systemUser, DateTime? date = null)
+    {
+        if (!organization.Enabled || !organization.UseEvents)
+        {
+            return;
+        }
+
+        var EventMessage = new EventMessage
+        {
+            OrganizationId = organization.Id,
+            ProviderId = await GetProviderIdAsync(organization.Id),
+            Type = type,
+            SystemUser = systemUser,
+            Date = date.GetValueOrDefault(DateTime.UtcNow),
+            DeviceType = DeviceType.Server
+        };
+        await _eventWriteService.CreateAsync(EventMessage);
+    }
+
     public async Task LogProviderUserEventAsync(ProviderUser providerUser, EventType type, DateTime? date = null)
     {
         await LogProviderUsersEventAsync(new[] { (providerUser, type, date) });

src/Core/Dirt/Services/NoopImplementations/NoopEventService.cs

@@ -57,6 +57,11 @@ public class NoopEventService : IEventService
         return Task.FromResult(0);
     }
 
+    public Task LogOrganizationEventAsync(Organization organization, EventType type, EventSystemUser systemUser, DateTime? date = null)
+    {
+        return Task.FromResult(0);
+    }
+
     public Task LogProviderUserEventAsync(ProviderUser providerUser, EventType type, DateTime? date = null)
     {
         return Task.FromResult(0);

src/Events/Controllers/CollectController.cs

@@ -131,6 +131,8 @@ public class CollectController : Controller
                     break;
 
                 case EventType.Organization_ClientExportedVault:
+                case EventType.Organization_AutoConfirmEnabled_Admin:
+                case EventType.Organization_AutoConfirmDisabled_Admin:
                     if (!eventModel.OrganizationId.HasValue)
                     {
                         continue;