[PM-20452] - Offloading Stripe Update (#6034)

* Adding job to update stripe subscriptions and increment seat count  when inviting a user.

* Updating name

* Added ef migrations

* Fixing script

* Fixing procedures. Added repo tests.

* Fixed set stored procedure. Fixed parameter name.

* Added tests for database calls and updated stored procedures

* Fixed build for sql file.

* fixing sproc

* File is nullsafe

* Adding view to select from instead of table.

* Updating UpdateSubscriptionStatus to use a CTE and do all the updates in 1 statement.

* Setting revision date when incrementing seat count

* Added feature flag check for the background job.

* Fixing nullable property.

* Removing new table and just adding the column to org. Updating to query and command. Updated tests.

* Adding migration script rename

* Add SyncSeats to Org.sql def

* Adding contraint name

* Removing old table files.

* Added tests

* Upped the frequency to be at the top of every 3rd hour.

* Updating error message.

* Removing extension method

* Changed to GuidIdArray

* Added xml doc and switched class to record

src/Api/AdminConsole/Jobs/OrganizationSubscriptionUpdateJob.cs

@@ -0,0 +1,35 @@
+using System.Collections.Immutable;
+using Bit.Core;
+using Bit.Core.AdminConsole.OrganizationFeatures.Organizations.Interfaces;
+using Bit.Core.Jobs;
+using Bit.Core.Services;
+using Quartz;
+
+namespace Bit.Api.AdminConsole.Jobs;
+
+public class OrganizationSubscriptionUpdateJob(ILogger<OrganizationSubscriptionUpdateJob> logger,
+    IGetOrganizationSubscriptionsToUpdateQuery query,
+    IUpdateOrganizationSubscriptionCommand command,
+    IFeatureService featureService) : BaseJob(logger)
+{
+    protected override async Task ExecuteJobAsync(IJobExecutionContext _)
+    {
+        if (!featureService.IsEnabled(FeatureFlagKeys.ScimInviteUserOptimization))
+        {
+            return;
+        }
+
+        logger.LogInformation("OrganizationSubscriptionUpdateJob - START");
+
+        var organizationSubscriptionsToUpdate =
+            (await query.GetOrganizationSubscriptionsToUpdateAsync())
+            .ToImmutableList();
+
+        logger.LogInformation("OrganizationSubscriptionUpdateJob - {numberOfOrganizations} organization(s) to update",
+            organizationSubscriptionsToUpdate.Count);
+
+        await command.UpdateOrganizationSubscriptionAsync(organizationSubscriptionsToUpdate);
+
+        logger.LogInformation("OrganizationSubscriptionUpdateJob - COMPLETED");
+    }
+}

src/Api/Jobs/JobsHostedService.cs

@@ -1,4 +1,5 @@
-using Bit.Api.Auth.Jobs;
+using Bit.Api.AdminConsole.Jobs;
+using Bit.Api.Auth.Jobs;
 using Bit.Core.Jobs;
 using Bit.Core.Settings;
 using Quartz;
@@ -65,6 +66,11 @@ public class JobsHostedService : BaseJobsHostedService
                 .WithIntervalInHours(24)
                 .RepeatForever())
             .Build();
+        var updateOrgSubscriptionsTrigger = TriggerBuilder.Create()
+            .WithIdentity("UpdateOrgSubscriptionsTrigger")
+            .StartNow()
+            .WithCronSchedule("0 0 */3 * * ?") // top of every 3rd hour
+            .Build();
 
 
         var jobs = new List<Tuple<Type, ITrigger>>
@@ -76,6 +82,7 @@ public class JobsHostedService : BaseJobsHostedService
             new Tuple<Type, ITrigger>(typeof(ValidateOrganizationsJob), everyTwelfthHourAndThirtyMinutesTrigger),
             new Tuple<Type, ITrigger>(typeof(ValidateOrganizationDomainJob), validateOrganizationDomainTrigger),
             new Tuple<Type, ITrigger>(typeof(UpdatePhishingDomainsJob), updatePhishingDomainsTrigger),
+            new (typeof(OrganizationSubscriptionUpdateJob), updateOrgSubscriptionsTrigger),
         };
 
         if (_globalSettings.SelfHosted && _globalSettings.EnableCloudCommunication)
@@ -105,6 +112,7 @@ public class JobsHostedService : BaseJobsHostedService
         services.AddTransient<ValidateOrganizationsJob>();
         services.AddTransient<ValidateOrganizationDomainJob>();
         services.AddTransient<UpdatePhishingDomainsJob>();
+        services.AddTransient<OrganizationSubscriptionUpdateJob>();
     }
 
     public static void AddCommercialSecretsManagerJobServices(IServiceCollection services)

src/Core/AdminConsole/Entities/Organization.cs

@@ -123,6 +123,11 @@ public class Organization : ITableObject<Guid>, IStorableSubscriber, IRevisable
     /// </summary>
     public bool UseAdminSponsoredFamilies { get; set; }
 
+    /// <summary>
+    /// If set to true, organization needs their seat count synced with their subscription
+    /// </summary>
+    public bool SyncSeats { get; set; }
+
     public void SetNewId()
     {
         if (Id == default(Guid))

src/Core/AdminConsole/Models/Data/Organizations/OrganizationSubscriptionUpdate.cs

@@ -0,0 +1,11 @@
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.Models.StaticStore;
+
+namespace Bit.Core.AdminConsole.Models.Data.Organizations;
+
+public record OrganizationSubscriptionUpdate
+{
+    public required Organization Organization { get; set; }
+    public int Seats => Organization.Seats ?? 0;
+    public Plan? Plan { get; set; }
+}

src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/InviteUsers/InviteOrganizationUsersCommand.cs

@@ -25,7 +25,6 @@ namespace Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.InviteUse
 public class InviteOrganizationUsersCommand(IEventService eventService,
     IOrganizationUserRepository organizationUserRepository,
     IInviteUsersValidator inviteUsersValidator,
-    IPaymentService paymentService,
     IOrganizationRepository organizationRepository,
     IApplicationCacheService applicationCacheService,
     IMailService mailService,
@@ -190,12 +189,6 @@ public class InviteOrganizationUsersCommand(IEventService eventService,
     {
         if (validatedResult.Value.PasswordManagerSubscriptionUpdate is { Seats: > 0, SeatsRequiredToAdd: > 0 })
         {
-
-
-            await paymentService.AdjustSeatsAsync(organization,
-                validatedResult.Value.InviteOrganization.Plan,
-                validatedResult.Value.PasswordManagerSubscriptionUpdate.Seats.Value);
-
             organization.Seats = (short?)validatedResult.Value.PasswordManagerSubscriptionUpdate.Seats;
 
             await organizationRepository.ReplaceAsync(organization);
@@ -297,13 +290,14 @@ public class InviteOrganizationUsersCommand(IEventService eventService,
     {
         if (validatedResult.Value.PasswordManagerSubscriptionUpdate is { SeatsRequiredToAdd: > 0, UpdatedSeatTotal: > 0 })
         {
-            await paymentService.AdjustSeatsAsync(organization,
-                validatedResult.Value.InviteOrganization.Plan,
-                validatedResult.Value.PasswordManagerSubscriptionUpdate.UpdatedSeatTotal.Value);
+            await organizationRepository.IncrementSeatCountAsync(
+                organization.Id,
+                validatedResult.Value.PasswordManagerSubscriptionUpdate.SeatsRequiredToAdd,
+                validatedResult.Value.PerformedAt.UtcDateTime);
 
-            organization.Seats = (short?)validatedResult.Value.PasswordManagerSubscriptionUpdate.UpdatedSeatTotal;
+            organization.Seats = validatedResult.Value.PasswordManagerSubscriptionUpdate.UpdatedSeatTotal;
+            organization.SyncSeats = true;
 
-            await organizationRepository.ReplaceAsync(organization); // could optimize this with only a property update
             await applicationCacheService.UpsertOrganizationAbilityAsync(organization);
         }
     }

src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/InviteUsers/Validation/InviteOrganizationUserValidator.cs

@@ -1,7 +1,4 @@
-// FIXME: Update this file to be null safe and then delete the line below
-#nullable disable
-
-using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.InviteUsers.Models;
+using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.InviteUsers.Models;
 using Bit.Core.AdminConsole.OrganizationFeatures.OrganizationUsers.InviteUsers.Validation.PasswordManager;
 using Bit.Core.AdminConsole.Utilities.Errors;
 using Bit.Core.AdminConsole.Utilities.Validation;

src/Core/AdminConsole/OrganizationFeatures/Organizations/GetOrganizationSubscriptionsToUpdateQuery.cs

@@ -0,0 +1,24 @@
+using Bit.Core.AdminConsole.Models.Data.Organizations;
+using Bit.Core.AdminConsole.OrganizationFeatures.Organizations.Interfaces;
+using Bit.Core.Billing.Pricing;
+using Bit.Core.Repositories;
+
+namespace Bit.Core.AdminConsole.OrganizationFeatures.Organizations;
+
+public class GetOrganizationSubscriptionsToUpdateQuery(IOrganizationRepository organizationRepository,
+    IPricingClient pricingClient) : IGetOrganizationSubscriptionsToUpdateQuery
+{
+    public async Task<IEnumerable<OrganizationSubscriptionUpdate>> GetOrganizationSubscriptionsToUpdateAsync()
+    {
+        var organizationsToUpdateTask = organizationRepository.GetOrganizationsForSubscriptionSyncAsync();
+        var plansTask = pricingClient.ListPlans();
+
+        await Task.WhenAll(organizationsToUpdateTask, plansTask);
+
+        return organizationsToUpdateTask.Result.Select(o => new OrganizationSubscriptionUpdate
+        {
+            Organization = o,
+            Plan = plansTask.Result.FirstOrDefault(plan => plan.Type == o.PlanType)
+        });
+    }
+}

src/Core/AdminConsole/OrganizationFeatures/Organizations/Interfaces/IGetOrganizationSubscriptionsToUpdateQuery.cs

@@ -0,0 +1,16 @@
+using Bit.Core.AdminConsole.Models.Data.Organizations;
+
+namespace Bit.Core.AdminConsole.OrganizationFeatures.Organizations.Interfaces;
+
+public interface IGetOrganizationSubscriptionsToUpdateQuery
+{
+    /// <summary>
+    /// Retrieves a collection of organization subscriptions that need to be updated. This is based on if the
+    /// Organization.SyncSeats flag is true and Organization.Seats has a value.
+    /// </summary>
+    /// <returns>
+    /// A collection of <see cref="OrganizationSubscriptionUpdate"/> instances, each representing an organization
+    /// subscription to be updated with their associated plan.
+    /// </returns>
+    Task<IEnumerable<OrganizationSubscriptionUpdate>> GetOrganizationSubscriptionsToUpdateAsync();
+}

src/Core/AdminConsole/OrganizationFeatures/Organizations/Interfaces/IUpdateOrganizationSubscriptionCommand.cs

@@ -0,0 +1,16 @@
+using Bit.Core.AdminConsole.Models.Data.Organizations;
+
+namespace Bit.Core.AdminConsole.OrganizationFeatures.Organizations.Interfaces;
+
+public interface IUpdateOrganizationSubscriptionCommand
+{
+    /// <summary>
+    /// Attempts to update the subscription of all organizations that have had a subscription update.
+    ///
+    /// If successful, the Organization.SyncSeats flag will be set to false and Organization.RevisionDate will be set.
+    ///
+    /// In the event of a failure, it will log the failure and maybe be picked up in later runs.
+    /// </summary>
+    /// <param name="subscriptionsToUpdate">The collection of organization subscriptions to update.</param>
+    Task UpdateOrganizationSubscriptionAsync(IEnumerable<OrganizationSubscriptionUpdate> subscriptionsToUpdate);
+}

src/Core/AdminConsole/OrganizationFeatures/Organizations/UpdateOrganizationSubscriptionCommand.cs

@@ -0,0 +1,43 @@
+using Bit.Core.AdminConsole.Models.Data.Organizations;
+using Bit.Core.AdminConsole.OrganizationFeatures.Organizations.Interfaces;
+using Bit.Core.Repositories;
+using Bit.Core.Services;
+using Microsoft.Extensions.Logging;
+
+namespace Bit.Core.AdminConsole.OrganizationFeatures.Organizations;
+
+public class UpdateOrganizationSubscriptionCommand(IPaymentService paymentService,
+    IOrganizationRepository repository,
+    TimeProvider timeProvider,
+    ILogger<UpdateOrganizationSubscriptionCommand> logger) : IUpdateOrganizationSubscriptionCommand
+{
+    public async Task UpdateOrganizationSubscriptionAsync(IEnumerable<OrganizationSubscriptionUpdate> subscriptionsToUpdate)
+    {
+        var successfulSyncs = new List<Guid>();
+
+        foreach (var subscriptionUpdate in subscriptionsToUpdate)
+        {
+            try
+            {
+                await paymentService.AdjustSeatsAsync(subscriptionUpdate.Organization,
+                    subscriptionUpdate.Plan,
+                    subscriptionUpdate.Seats);
+
+                successfulSyncs.Add(subscriptionUpdate.Organization.Id);
+            }
+            catch (Exception ex)
+            {
+                logger.LogError(ex,
+                    "Failed to update organization {organizationId} subscription.",
+                    subscriptionUpdate.Organization.Id);
+            }
+        }
+
+        if (successfulSyncs.Count == 0)
+        {
+            return;
+        }
+
+        await repository.UpdateSuccessfulOrganizationSyncStatusAsync(successfulSyncs, timeProvider.GetUtcNow().UtcDateTime);
+    }
+}

src/Core/AdminConsole/Repositories/IOrganizationRepository.cs

@@ -24,6 +24,7 @@ public interface IOrganizationRepository : IRepository<Organization, Guid>
     /// Gets the organizations that have a verified domain matching the user's email domain.
     /// </summary>
     Task<ICollection<Organization>> GetByVerifiedUserEmailDomainAsync(Guid userId);
+
     Task<ICollection<Organization>> GetAddableToProviderByUserIdAsync(Guid userId, ProviderType providerType);
     Task<ICollection<Organization>> GetManyByIdsAsync(IEnumerable<Guid> ids);
 
@@ -36,4 +37,29 @@ public interface IOrganizationRepository : IRepository<Organization, Guid>
     /// <param name="organizationId">The ID of the organization to get the occupied seat count for.</param>
     /// <returns>The number of occupied seats for the organization.</returns>
     Task<OrganizationSeatCounts> GetOccupiedSeatCountByOrganizationIdAsync(Guid organizationId);
+
+    /// <summary>
+    /// Get all organizations that need to have their seat count updated to their Stripe subscription.
+    /// </summary>
+    /// <returns>Organizations to sync to Stripe</returns>
+    Task<IEnumerable<Organization>> GetOrganizationsForSubscriptionSyncAsync();
+
+    /// <summary>
+    /// Updates the organization SeatSync property to signify the organization's subscription has been updated in stripe
+    /// to match the password manager seats for the organization.
+    /// </summary>
+    /// <param name="successfulOrganizations"></param>
+    /// <param name="syncDate"></param>
+    /// <returns></returns>
+    Task UpdateSuccessfulOrganizationSyncStatusAsync(IEnumerable<Guid> successfulOrganizations, DateTime syncDate);
+
+    /// <summary>
+    /// This increments the password manager seat count on the organization by the provided amount and sets SyncSeats to true.
+    /// It also sets the revision date using the request date.
+    /// </summary>
+    /// <param name="organizationId">Organization to update</param>
+    /// <param name="increaseAmount">Amount to increase password manager seats by</param>
+    /// <param name="requestDate">When the action was performed</param>
+    /// <returns></returns>
+    Task IncrementSeatCountAsync(Guid organizationId, int increaseAmount, DateTime requestDate);
 }

src/Core/OrganizationFeatures/OrganizationSubscriptions/OrganizationSubscriptionServiceCollectionExtensions.cs

@@ -1,4 +1,6 @@
-using Bit.Core.OrganizationFeatures.OrganizationSubscriptions.Interface;
+using Bit.Core.AdminConsole.OrganizationFeatures.Organizations;
+using Bit.Core.AdminConsole.OrganizationFeatures.Organizations.Interfaces;
+using Bit.Core.OrganizationFeatures.OrganizationSubscriptions.Interface;
 using Microsoft.Extensions.DependencyInjection;
 
 namespace Bit.Core.OrganizationFeatures.OrganizationSubscriptions;
@@ -7,7 +9,10 @@ public static class OrganizationSubscriptionServiceCollectionExtensions
 {
     public static void AddOrganizationSubscriptionServices(this IServiceCollection services)
     {
-        services.AddScoped<IUpgradeOrganizationPlanCommand, UpgradeOrganizationPlanCommand>();
-        services.AddScoped<IAddSecretsManagerSubscriptionCommand, AddSecretsManagerSubscriptionCommand>();
+        services
+            .AddScoped<IUpgradeOrganizationPlanCommand, UpgradeOrganizationPlanCommand>()
+            .AddScoped<IAddSecretsManagerSubscriptionCommand, AddSecretsManagerSubscriptionCommand>()
+            .AddScoped<IGetOrganizationSubscriptionsToUpdateQuery, GetOrganizationSubscriptionsToUpdateQuery>()
+            .AddScoped<IUpdateOrganizationSubscriptionCommand, UpdateOrganizationSubscriptionCommand>();
     }
 }

src/Core/Services/IPaymentService.cs

@@ -25,6 +25,14 @@ public interface IPaymentService
         int? newlyPurchasedSecretsManagerSeats,
         int? newlyPurchasedAdditionalSecretsManagerServiceAccounts,
         int newlyPurchasedAdditionalStorage);
+
+    /// <summary>
+    /// Used to update the organization's password manager subscription
+    /// </summary>
+    /// <param name="organization"></param>
+    /// <param name="plan"></param>
+    /// <param name="additionalSeats">New seat total</param>
+    /// <returns></returns>
     Task<string> AdjustSeatsAsync(Organization organization, Plan plan, int additionalSeats);
     Task<string> AdjustSmSeatsAsync(Organization organization, Plan plan, int additionalSeats);
     Task<string> AdjustStorageAsync(IStorableSubscriber storableSubscriber, int additionalStorage, string storagePlanId);

src/Infrastructure.Dapper/AdminConsole/Repositories/OrganizationRepository.cs

@@ -220,4 +220,35 @@ public class OrganizationRepository : Repository<Organization, Guid>, IOrganizat
             return result.SingleOrDefault() ?? new OrganizationSeatCounts();
         }
     }
+
+    public async Task<IEnumerable<Organization>> GetOrganizationsForSubscriptionSyncAsync()
+    {
+        await using var connection = new SqlConnection(ConnectionString);
+
+        return await connection.QueryAsync<Organization>(
+            "[dbo].[Organization_GetOrganizationsForSubscriptionSync]",
+            commandType: CommandType.StoredProcedure);
+    }
+
+    public async Task UpdateSuccessfulOrganizationSyncStatusAsync(IEnumerable<Guid> successfulOrganizations, DateTime syncDate)
+    {
+        await using var connection = new SqlConnection(ConnectionString);
+
+        await connection.ExecuteAsync("[dbo].[Organization_UpdateSubscriptionStatus]",
+            new
+            {
+                SuccessfulOrganizations = successfulOrganizations.ToGuidIdArrayTVP(),
+                SyncDate = syncDate
+            },
+            commandType: CommandType.StoredProcedure);
+    }
+
+    public async Task IncrementSeatCountAsync(Guid organizationId, int increaseAmount, DateTime requestDate)
+    {
+        await using var connection = new SqlConnection(ConnectionString);
+
+        await connection.ExecuteAsync("[dbo].[Organization_IncrementSeatCount]",
+            new { OrganizationId = organizationId, SeatsToAdd = increaseAmount, RequestDate = requestDate },
+            commandType: CommandType.StoredProcedure);
+    }
 }

src/Infrastructure.Dapper/AdminConsole/Repositories/OrganizationUserRepository.cs

@@ -660,12 +660,14 @@ public class OrganizationUserRepository : Repository<OrganizationUser, Guid>, IO
     {
         await using var connection = new SqlConnection(_marsConnectionString);
 
+        var organizationUsersList = organizationUserCollection.ToList();
+
         await connection.ExecuteAsync(
             $"[{Schema}].[OrganizationUser_CreateManyWithCollectionsAndGroups]",
             new
             {
-                OrganizationUserData = JsonSerializer.Serialize(organizationUserCollection.Select(x => x.OrganizationUser)),
-                CollectionData = JsonSerializer.Serialize(organizationUserCollection
+                OrganizationUserData = JsonSerializer.Serialize(organizationUsersList.Select(x => x.OrganizationUser)),
+                CollectionData = JsonSerializer.Serialize(organizationUsersList
                     .SelectMany(x => x.Collections, (user, collection) => new CollectionUser
                     {
                         CollectionId = collection.Id,
@@ -674,7 +676,7 @@ public class OrganizationUserRepository : Repository<OrganizationUser, Guid>, IO
                         HidePasswords = collection.HidePasswords,
                         Manage = collection.Manage
                     })),
-                GroupData = JsonSerializer.Serialize(organizationUserCollection
+                GroupData = JsonSerializer.Serialize(organizationUsersList
                     .SelectMany(x => x.Groups, (user, group) => new GroupUser
                     {
                         GroupId = group,

src/Infrastructure.EntityFramework/AdminConsole/Repositories/OrganizationRepository.cs

@@ -403,4 +403,41 @@ public class OrganizationRepository : Repository<Core.AdminConsole.Entities.Orga
             };
         }
     }
+
+    public async Task<IEnumerable<Core.AdminConsole.Entities.Organization>> GetOrganizationsForSubscriptionSyncAsync()
+    {
+        using var scope = ServiceScopeFactory.CreateScope();
+        await using var dbContext = GetDatabaseContext(scope);
+
+        var organizations = await dbContext.Organizations
+            .Where(o => o.SyncSeats == true && o.Seats != null)
+            .ToArrayAsync();
+
+        return organizations;
+    }
+
+    public async Task UpdateSuccessfulOrganizationSyncStatusAsync(IEnumerable<Guid> successfulOrganizations, DateTime syncDate)
+    {
+        using var scope = ServiceScopeFactory.CreateScope();
+        await using var dbContext = GetDatabaseContext(scope);
+
+        await dbContext.Organizations
+            .Where(o => successfulOrganizations.Contains(o.Id))
+            .ExecuteUpdateAsync(o => o
+                .SetProperty(x => x.SyncSeats, false)
+                .SetProperty(x => x.RevisionDate, syncDate.Date));
+    }
+
+    public async Task IncrementSeatCountAsync(Guid organizationId, int increaseAmount, DateTime requestDate)
+    {
+        using var scope = ServiceScopeFactory.CreateScope();
+        await using var dbContext = GetDatabaseContext(scope);
+
+        await dbContext.Organizations
+            .Where(o => o.Id == organizationId)
+            .ExecuteUpdateAsync(s => s
+                .SetProperty(o => o.Seats, o => o.Seats + increaseAmount)
+                .SetProperty(o => o.SyncSeats, true)
+                .SetProperty(o => o.RevisionDate, requestDate));
+    }
 }

src/Sql/dbo/Stored Procedures/Organization_Create.sql

@@ -57,7 +57,8 @@ CREATE PROCEDURE [dbo].[Organization_Create]
     @UseRiskInsights BIT = 0,
     @LimitItemDeletion BIT = 0,
     @UseOrganizationDomains BIT = 0,
-    @UseAdminSponsoredFamilies BIT = 0
+    @UseAdminSponsoredFamilies BIT = 0,
+    @SyncSeats BIT = 0
 AS
 BEGIN
     SET NOCOUNT ON
@@ -122,7 +123,8 @@ BEGIN
         [UseRiskInsights],
         [LimitItemDeletion],
         [UseOrganizationDomains],
-        [UseAdminSponsoredFamilies]
+        [UseAdminSponsoredFamilies],
+        [SyncSeats]
     )
     VALUES
     (
@@ -184,6 +186,7 @@ BEGIN
         @UseRiskInsights,
         @LimitItemDeletion,
         @UseOrganizationDomains,
-        @UseAdminSponsoredFamilies
+        @UseAdminSponsoredFamilies,
+        @SyncSeats
     )
 END

src/Sql/dbo/Stored Procedures/Organization_GetOrganizationsForSubscriptionSync.sql

@@ -0,0 +1,7 @@
+CREATE PROCEDURE [dbo].[Organization_GetOrganizationsForSubscriptionSync]
+AS
+BEGIN
+    SELECT *
+    FROM [dbo].[OrganizationView]
+    WHERE [Seats] IS NOT NULL AND [SyncSeats] = 1
+END

src/Sql/dbo/Stored Procedures/Organization_IncrementSeatCount.sql

@@ -0,0 +1,15 @@
+CREATE PROCEDURE [dbo].[Organization_IncrementSeatCount]
+    @OrganizationId UNIQUEIDENTIFIER,
+    @SeatsToAdd INT,
+    @RequestDate DATETIME2
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    UPDATE [dbo].[Organization]
+    SET
+        [Seats] = [Seats] + @SeatsToAdd,
+        [SyncSeats] = 1,
+        [RevisionDate] = @RequestDate
+    WHERE [Id] = @OrganizationId
+END

src/Sql/dbo/Stored Procedures/Organization_Update.sql

@@ -57,7 +57,8 @@ CREATE PROCEDURE [dbo].[Organization_Update]
     @UseRiskInsights BIT = 0,
     @LimitItemDeletion BIT = 0,
     @UseOrganizationDomains BIT = 0,
-    @UseAdminSponsoredFamilies BIT = 0
+    @UseAdminSponsoredFamilies BIT = 0,
+    @SyncSeats BIT = 0
 AS
 BEGIN
     SET NOCOUNT ON
@@ -122,7 +123,8 @@ BEGIN
         [UseRiskInsights] = @UseRiskInsights,
         [LimitItemDeletion] = @LimitItemDeletion,
         [UseOrganizationDomains] = @UseOrganizationDomains,
-        [UseAdminSponsoredFamilies] = @UseAdminSponsoredFamilies
+        [UseAdminSponsoredFamilies] = @UseAdminSponsoredFamilies,
+        [SyncSeats] = @SyncSeats
     WHERE
         [Id] = @Id
 END

src/Sql/dbo/Stored Procedures/Organization_UpdateSubscriptionStatus.sql

@@ -0,0 +1,14 @@
+CREATE PROCEDURE [dbo].[Organization_UpdateSubscriptionStatus]
+    @SuccessfulOrganizations AS [dbo].[GuidIdArray] READONLY,
+    @SyncDate DATETIME2
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    UPDATE o
+    SET
+        [SyncSeats] = 0,
+        [RevisionDate] = @SyncDate
+    FROM [dbo].[Organization] o
+    INNER JOIN @SuccessfulOrganizations success on success.Id = o.Id
+END

src/Sql/dbo/Tables/Organization.sql

@@ -58,6 +58,7 @@ CREATE TABLE [dbo].[Organization] (
     [UseRiskInsights]               BIT              NOT NULL CONSTRAINT [DF_Organization_UseRiskInsights] DEFAULT (0),
     [UseOrganizationDomains]        BIT              NOT NULL CONSTRAINT [DF_Organization_UseOrganizationDomains] DEFAULT (0),
     [UseAdminSponsoredFamilies]     BIT              NOT NULL CONSTRAINT [DF_Organization_UseAdminSponsoredFamilies] DEFAULT (0),
+    [SyncSeats]                     BIT              NOT NULL CONSTRAINT [DF_Organization_SyncSeats] DEFAULT (0),
     CONSTRAINT [PK_Organization] PRIMARY KEY CLUSTERED ([Id] ASC)
 );