[PM-30682] Add missing null check, update tests (#6826)

* add missing null check, update tests

* CR feedback

src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyValidators/AutomaticUserConfirmationPolicyEventHandler.cs

@@ -74,8 +74,12 @@ public class AutomaticUserConfirmationPolicyEventHandler(
     private async Task<string> ValidateUserComplianceWithSingleOrgAsync(Guid organizationId,
         ICollection<OrganizationUserUserDetails> organizationUsers)
     {
-        var hasNonCompliantUser = (await organizationUserRepository.GetManyByManyUsersAsync(
-                organizationUsers.Select(ou => ou.UserId!.Value)))
+        var userIds = organizationUsers.Where(
+                u => u.UserId is not null &&
+                u.Status != OrganizationUserStatusType.Invited)
+            .Select(u => u.UserId!.Value);
+
+        var hasNonCompliantUser = (await organizationUserRepository.GetManyByManyUsersAsync(userIds))
             .Any(uo => uo.OrganizationId != organizationId
                        && uo.Status != OrganizationUserStatusType.Invited);
 

test/Core.Test/AdminConsole/OrganizationFeatures/Policies/PolicyValidators/AutomaticUserConfirmationPolicyEventHandlerTests.cs

@@ -283,7 +283,7 @@ public class AutomaticUserConfirmationPolicyEventHandlerTests
             OrganizationId = policyUpdate.OrganizationId,
             Type = OrganizationUserType.User,
             Status = OrganizationUserStatusType.Invited,
-            UserId = Guid.NewGuid(),
+            UserId = null,
             Email = "invited@example.com"
         };
 
@@ -302,6 +302,56 @@ public class AutomaticUserConfirmationPolicyEventHandlerTests
         Assert.True(string.IsNullOrEmpty(result));
     }
 
+    [Theory, BitAutoData]
+    public async Task ValidateAsync_EnablingPolicy_MixedUsersWithNullUserId_HandlesCorrectly(
+        [PolicyUpdate(PolicyType.AutomaticUserConfirmation)] PolicyUpdate policyUpdate,
+        Guid confirmedUserId,
+        SutProvider<AutomaticUserConfirmationPolicyEventHandler> sutProvider)
+    {
+        // Arrange
+        var invitedUser = new OrganizationUserUserDetails
+        {
+            Id = Guid.NewGuid(),
+            OrganizationId = policyUpdate.OrganizationId,
+            Type = OrganizationUserType.User,
+            Status = OrganizationUserStatusType.Invited,
+            UserId = null,
+            Email = "invited@example.com"
+        };
+
+        var confirmedUser = new OrganizationUserUserDetails
+        {
+            Id = Guid.NewGuid(),
+            OrganizationId = policyUpdate.OrganizationId,
+            Type = OrganizationUserType.User,
+            Status = OrganizationUserStatusType.Confirmed,
+            UserId = confirmedUserId,
+            Email = "confirmed@example.com"
+        };
+
+        sutProvider.GetDependency<IOrganizationUserRepository>()
+            .GetManyDetailsByOrganizationAsync(policyUpdate.OrganizationId)
+            .Returns([invitedUser, confirmedUser]);
+
+        sutProvider.GetDependency<IOrganizationUserRepository>()
+            .GetManyByManyUsersAsync(Arg.Any<IEnumerable<Guid>>())
+            .Returns([]);
+
+        sutProvider.GetDependency<IProviderUserRepository>()
+            .GetManyByManyUsersAsync(Arg.Any<IEnumerable<Guid>>())
+            .Returns([]);
+
+        // Act
+        var result = await sutProvider.Sut.ValidateAsync(policyUpdate, null);
+
+        // Assert
+        Assert.True(string.IsNullOrEmpty(result));
+
+        await sutProvider.GetDependency<IOrganizationUserRepository>()
+            .Received(1)
+            .GetManyByManyUsersAsync(Arg.Is<IEnumerable<Guid>>(ids => ids.Count() == 1 && ids.First() == confirmedUserId));
+    }
+
     [Theory, BitAutoData]
     public async Task ValidateAsync_EnablingPolicy_RevokedUsersIncluded_InComplianceCheck(
         [PolicyUpdate(PolicyType.AutomaticUserConfirmation)] PolicyUpdate policyUpdate,