From 7c5d6aef37be8ec38732a979d9ad9ab5a9672a7e Mon Sep 17 00:00:00 2001
From: Jared McCannon <jmccannon@bitwarden.com>
Date: Wed, 26 Nov 2025 13:59:06 -0600
Subject: [PATCH] Fixing up logic.

---
 ...cUserConfirmationPolicyEnforcementQuery.cs | 20 ++++++--------
 ...ConfirmationPolicyEnforcementQueryTests.cs | 27 +------------------
 2 files changed, 9 insertions(+), 38 deletions(-)

diff --git a/src/Core/AdminConsole/OrganizationFeatures/Policies/Enforcement/AutoConfirm/AutomaticUserConfirmationPolicyEnforcementQuery.cs b/src/Core/AdminConsole/OrganizationFeatures/Policies/Enforcement/AutoConfirm/AutomaticUserConfirmationPolicyEnforcementQuery.cs
index 388cc9c0ad..e530550dd0 100644
--- a/src/Core/AdminConsole/OrganizationFeatures/Policies/Enforcement/AutoConfirm/AutomaticUserConfirmationPolicyEnforcementQuery.cs
+++ b/src/Core/AdminConsole/OrganizationFeatures/Policies/Enforcement/AutoConfirm/AutomaticUserConfirmationPolicyEnforcementQuery.cs
@@ -1,14 +1,12 @@
 using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.AutoConfirmUser;
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements;
 using Bit.Core.AdminConsole.Utilities.v2.Validation;
-using Bit.Core.Repositories;
 using static Bit.Core.AdminConsole.Utilities.v2.Validation.ValidationResultHelpers;
 
 namespace Bit.Core.AdminConsole.OrganizationFeatures.Policies.Enforcement.AutoConfirm;
 
 public class AutomaticUserConfirmationPolicyEnforcementQuery(
-    IPolicyRequirementQuery policyRequirementQuery,
-    IOrganizationUserRepository organizationUserRepository)
+    IPolicyRequirementQuery policyRequirementQuery)
     : IAutomaticUserConfirmationPolicyEnforcementQuery
 {
     public async Task<ValidationResult<AutomaticUserConfirmationPolicyEnforcementRequest>> IsCompliantAsync(
@@ -18,19 +16,18 @@ public class AutomaticUserConfirmationPolicyEnforcementQuery(
             .GetAsync<AutomaticUserConfirmationPolicyRequirement>(request.User.Id);
 
         if (automaticUserConfirmationPolicyRequirement.IsEnabled(request.OrganizationUser.OrganizationId)
-            && await OrganizationUserBelongsToAnotherOrganizationAsync(request))
+            && OrganizationUserBelongsToAnotherOrganization(request))
         {
             return Invalid(request, new OrganizationEnforcesSingleOrgPolicy());
         }
 
-        if (automaticUserConfirmationPolicyRequirement.IsEnabledAndUserIsAProvider(request.OrganizationUser
-                .OrganizationId))
+        if (automaticUserConfirmationPolicyRequirement.IsEnabledAndUserIsAProvider(request.OrganizationUser.OrganizationId))
         {
             return Invalid(request, new ProviderUsersCannotJoin());
         }
 
-        if (automaticUserConfirmationPolicyRequirement.IsEnabledForOrganizationsOtherThan(request.OrganizationUser
-                .OrganizationId))
+        if (automaticUserConfirmationPolicyRequirement
+            .IsEnabledForOrganizationsOtherThan(request.OrganizationUser.OrganizationId))
         {
             return Invalid(request, new OtherOrganizationEnforcesSingleOrgPolicy());
         }
@@ -38,8 +35,7 @@ public class AutomaticUserConfirmationPolicyEnforcementQuery(
         return Valid(request);
     }
 
-    private async Task<bool> OrganizationUserBelongsToAnotherOrganizationAsync(
-        AutomaticUserConfirmationPolicyEnforcementRequest request) =>
-        (await organizationUserRepository.GetManyByUserAsync(request.User.Id)).Any(x =>
-            x.OrganizationId != request.OrganizationUser.OrganizationId);
+    private static bool OrganizationUserBelongsToAnotherOrganization(AutomaticUserConfirmationPolicyEnforcementRequest request) =>
+        request.OtherOrganizationsOrganizationUsers.Any(ou =>
+            ou.OrganizationId != request.OrganizationUser.OrganizationId);
 }
diff --git a/test/Core.Test/AdminConsole/OrganizationFeatures/Policies/Enforcement/AutoConfirm/AutomaticUserConfirmationPolicyEnforcementQueryTests.cs b/test/Core.Test/AdminConsole/OrganizationFeatures/Policies/Enforcement/AutoConfirm/AutomaticUserConfirmationPolicyEnforcementQueryTests.cs
index 5515d8a4cb..9328c852f4 100644
--- a/test/Core.Test/AdminConsole/OrganizationFeatures/Policies/Enforcement/AutoConfirm/AutomaticUserConfirmationPolicyEnforcementQueryTests.cs
+++ b/test/Core.Test/AdminConsole/OrganizationFeatures/Policies/Enforcement/AutoConfirm/AutomaticUserConfirmationPolicyEnforcementQueryTests.cs
@@ -6,7 +6,6 @@ using Bit.Core.AdminConsole.OrganizationFeatures.Policies.Enforcement.AutoConfir
 using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements;
 using Bit.Core.Entities;
 using Bit.Core.Enums;
-using Bit.Core.Repositories;
 using Bit.Core.Test.AutoFixture.OrganizationUserFixtures;
 using Bit.Test.Common.AutoFixture;
 using Bit.Test.Common.AutoFixture.Attributes;
@@ -35,10 +34,6 @@ public class AutomaticUserConfirmationPolicyEnforcementQueryTests
             .GetAsync<AutomaticUserConfirmationPolicyRequirement>(user.Id)
             .Returns(new AutomaticUserConfirmationPolicyRequirement([]));
 
-        sutProvider.GetDependency<IOrganizationUserRepository>()
-            .GetManyByUserAsync(user.Id)
-            .Returns([organizationUser]);
-
         // Act
         var result = await sutProvider.Sut.IsCompliantAsync(request);
 
@@ -70,10 +65,6 @@ public class AutomaticUserConfirmationPolicyEnforcementQueryTests
             .GetAsync<AutomaticUserConfirmationPolicyRequirement>(user.Id)
             .Returns(new AutomaticUserConfirmationPolicyRequirement([policyDetails]));
 
-        sutProvider.GetDependency<IOrganizationUserRepository>()
-            .GetManyByUserAsync(user.Id)
-            .Returns([organizationUser]); // Only belongs to this one org
-
         // Act
         var result = await sutProvider.Sut.IsCompliantAsync(request);
 
@@ -138,10 +129,6 @@ public class AutomaticUserConfirmationPolicyEnforcementQueryTests
             .GetAsync<AutomaticUserConfirmationPolicyRequirement>(user.Id)
             .Returns(new AutomaticUserConfirmationPolicyRequirement([policyDetails]));
 
-        sutProvider.GetDependency<IOrganizationUserRepository>()
-            .GetManyByUserAsync(user.Id)
-            .Returns([organizationUser]); // Only in this org, so first check passes
-
         // Act
         var result = await sutProvider.Sut.IsCompliantAsync(request);
 
@@ -175,10 +162,6 @@ public class AutomaticUserConfirmationPolicyEnforcementQueryTests
             .GetAsync<AutomaticUserConfirmationPolicyRequirement>(user.Id)
             .Returns(new AutomaticUserConfirmationPolicyRequirement([policyDetails]));
 
-        sutProvider.GetDependency<IOrganizationUserRepository>()
-            .GetManyByUserAsync(user.Id)
-            .Returns([organizationUser]);
-
         // Act
         var result = await sutProvider.Sut.IsCompliantAsync(request);
 
@@ -223,17 +206,13 @@ public class AutomaticUserConfirmationPolicyEnforcementQueryTests
         // Arrange
         var request = new AutomaticUserConfirmationPolicyEnforcementRequest(
             organizationUser,
-            [],
+            [organizationUser],
             user);
 
         sutProvider.GetDependency<IPolicyRequirementQuery>()
             .GetAsync<AutomaticUserConfirmationPolicyRequirement>(user.Id)
             .Returns(new AutomaticUserConfirmationPolicyRequirement([]));
 
-        sutProvider.GetDependency<IOrganizationUserRepository>()
-            .GetManyByUserAsync(user.Id)
-            .Returns([organizationUser]); // Only one org
-
         // Act
         var result = await sutProvider.Sut.IsCompliantAsync(request);
 
@@ -292,10 +271,6 @@ public class AutomaticUserConfirmationPolicyEnforcementQueryTests
             .GetAsync<AutomaticUserConfirmationPolicyRequirement>(user.Id)
             .Returns(new AutomaticUserConfirmationPolicyRequirement([]));
 
-        sutProvider.GetDependency<IOrganizationUserRepository>()
-            .GetManyByUserAsync(user.Id)
-            .Returns([organizationUser]); // Only one org
-
         // Act
         var result = await sutProvider.Sut.IsCompliantAsync(request);