[AC-1191] TDE admin approval email (#3044)

* feat: add new command for updating request and emailing user, refs AC-1191

* feat: inject service with organization service collection extensions, refs AC-1191

* feat: add function to send admin approval email to mail services (interface/noop/handlebars), refs AC-1191

* feat: add html/text mail templates and add view model for email data, refs AC-1191

* feat: update org auth request controller to use new command during auth request update, refs AC-1191

* fix: dotnet format, refs AC-1191

* refactor: update user not found error, FirstOrDefault for enum type display name, refs AC-1191

* refactor: update user not found to log error instead of throws, refs AC-1191

* fix: remove whitespace lint errors, refs AC-1191

* refactor: update hardcoded UTC timezone string, refs AC-1191

* refactor: add unit test for new command, refs AC-1191

* refactor: improve enum name fallback and identifier string creation, refs AC-1191

* refactor: add addtional unit tests, refs AC-1191

* refactor: update success test to use more generated params, refs AC-1191

* fix: dotnet format...again, refs AC-1191

* refactor: make UTC display a constant for handlebars mail service, refs AC-1191

* refactor: update displayTypeIdentifer to displayTypeAndIdentifier for clarity, refs AC-1191

src/Core/AdminConsole/OrganizationAuth/Interfaces/IUpdateOrganizationAuthRequestCommand.cs

@@ -0,0 +1,6 @@
+namespace Bit.Core.AdminConsole.OrganizationAuth.Interfaces;
+
+public interface IUpdateOrganizationAuthRequestCommand
+{
+    Task UpdateAsync(Guid requestId, Guid userId, bool requestApproved, string encryptedUserKey);
+}

src/Core/AdminConsole/OrganizationAuth/UpdateOrganizationAuthRequestCommand.cs

@@ -0,0 +1,55 @@
+using System.ComponentModel.DataAnnotations;
+using System.Reflection;
+using Bit.Core.AdminConsole.OrganizationAuth.Interfaces;
+using Bit.Core.Auth.Models.Api.Request.AuthRequest;
+using Bit.Core.Auth.Services;
+using Bit.Core.Repositories;
+using Bit.Core.Services;
+using Microsoft.Extensions.Logging;
+
+namespace Bit.Core.AdminConsole.OrganizationAuth;
+
+public class UpdateOrganizationAuthRequestCommand : IUpdateOrganizationAuthRequestCommand
+{
+    private readonly IAuthRequestService _authRequestService;
+    private readonly IMailService _mailService;
+    private readonly IUserRepository _userRepository;
+    private readonly ILogger<UpdateOrganizationAuthRequestCommand> _logger;
+
+    public UpdateOrganizationAuthRequestCommand(
+        IAuthRequestService authRequestService,
+        IMailService mailService,
+        IUserRepository userRepository,
+        ILogger<UpdateOrganizationAuthRequestCommand> logger)
+    {
+        _authRequestService = authRequestService;
+        _mailService = mailService;
+        _userRepository = userRepository;
+        _logger = logger;
+    }
+
+    public async Task UpdateAsync(Guid requestId, Guid userId, bool requestApproved, string encryptedUserKey)
+    {
+        var updatedAuthRequest = await _authRequestService.UpdateAuthRequestAsync(requestId, userId,
+            new AuthRequestUpdateRequestModel { RequestApproved = requestApproved, Key = encryptedUserKey });
+
+        if (updatedAuthRequest.Approved is true)
+        {
+            var user = await _userRepository.GetByIdAsync(userId);
+            if (user == null)
+            {
+                _logger.LogError("User ({id}) not found. Trusted device admin approval email not sent.", userId);
+                return;
+            }
+            var approvalDateTime = updatedAuthRequest.ResponseDate ?? DateTime.UtcNow;
+            var deviceTypeDisplayName = updatedAuthRequest.RequestDeviceType.GetType()
+                .GetMember(updatedAuthRequest.RequestDeviceType.ToString())
+                .FirstOrDefault()?
+                .GetCustomAttribute<DisplayAttribute>()?.Name ?? "Unknown";
+            var deviceTypeAndIdentifier = $"{deviceTypeDisplayName} - {updatedAuthRequest.RequestDeviceIdentifier}";
+            await _mailService.SendTrustedDeviceAdminApprovalEmailAsync(user.Email, approvalDateTime,
+                updatedAuthRequest.RequestIpAddress, deviceTypeAndIdentifier);
+        }
+    }
+}
+