Add failing tests

test/Infrastructure.IntegrationTest/AdminConsole/OrganizationTestHelpers.cs

@@ -47,6 +47,17 @@ public static class OrganizationTestHelpers
             Type = OrganizationUserType.Owner
         });
 
+    public static Task<OrganizationUser> CreateTestOrganizationUserInviteAsync(
+        this IOrganizationUserRepository organizationUserRepository,
+        Organization organization)
+        => organizationUserRepository.CreateAsync(new OrganizationUser
+        {
+            OrganizationId = organization.Id,
+            UserId = null, // Invites are not linked to a UserId
+            Status = OrganizationUserStatusType.Invited,
+            Type = OrganizationUserType.Owner
+        });
+
     public static Task<Group> CreateTestGroupAsync(
         this IGroupRepository groupRepository,
         Organization organization,
@@ -54,4 +65,14 @@ public static class OrganizationTestHelpers
         => groupRepository.CreateAsync(
             new Group { OrganizationId = organization.Id, Name = $"{identifier} {Guid.NewGuid()}" }
         );
+
+    public static Task<Collection> CreateTestCollectionAsync(
+        this ICollectionRepository collectionRepository,
+        Organization organization,
+        string identifier = "test")
+    => collectionRepository.CreateAsync(new Collection
+    {
+        OrganizationId = organization.Id,
+        Name = $"{identifier} {Guid.NewGuid()}"
+    });
 }

test/Infrastructure.IntegrationTest/AdminConsole/Repositories/OrganizationUserRepository/OrganizationUserReplaceTests.cs

@@ -0,0 +1,83 @@
+using Bit.Core.Enums;
+using Bit.Core.Models.Data;
+using Bit.Core.Repositories;
+using Xunit;
+
+namespace Bit.Infrastructure.IntegrationTest.AdminConsole.Repositories.OrganizationUserRepository;
+
+public class OrganizationUserReplaceTests
+{
+    /// <summary>
+    /// Specifically tests OrganizationUsers in the invited state, which is unique because
+    /// they're not linked to a UserId.
+    /// </summary>
+    [DatabaseTheory, DatabaseData]
+    public async Task ReplaceAsync_WithCollectionAccess_WhenUserIsInvited_Success(
+        IOrganizationRepository organizationRepository,
+        IOrganizationUserRepository organizationUserRepository,
+        ICollectionRepository collectionRepository)
+    {
+        var organization = await organizationRepository.CreateTestOrganizationAsync();
+
+        var orgUser = await organizationUserRepository.CreateTestOrganizationUserInviteAsync(organization);
+
+        // Act: update the user, including collection access so we test this overloaded method
+        orgUser.Type = OrganizationUserType.Admin;
+        orgUser.AccessSecretsManager = true;
+        var collection = await collectionRepository.CreateTestCollectionAsync(organization);
+
+        await organizationUserRepository.ReplaceAsync(orgUser, [
+            new CollectionAccessSelection { Id = collection.Id, Manage = true }
+        ]);
+
+        // Assert
+        var (actualUser, actualCollections) = await organizationUserRepository.GetByIdWithCollectionsAsync(orgUser.Id);
+        Assert.NotNull(actualUser);
+        Assert.Equal(OrganizationUserType.Admin, actualUser.Type);
+        Assert.True(actualUser.AccessSecretsManager);
+
+        var collectionAccess = Assert.Single(actualCollections);
+        Assert.Equal(collection.Id, collectionAccess.Id);
+        Assert.True(collectionAccess.Manage);
+    }
+
+    /// <summary>
+    /// Tests OrganizationUsers in the Confirmed status, which is a stand-in for all other
+    /// non-Invited statuses (which are all linked to a UserId).
+    /// </summary>
+    /// <param name="organizationRepository"></param>
+    /// <param name="organizationUserRepository"></param>
+    /// <param name="collectionRepository"></param>
+    [DatabaseTheory, DatabaseData]
+    public async Task ReplaceAsync_WithCollectionAccess_WhenUserIsConfirmed_Success(
+        IUserRepository userRepository,
+        IOrganizationRepository organizationRepository,
+        IOrganizationUserRepository organizationUserRepository,
+        ICollectionRepository collectionRepository)
+    {
+        var organization = await organizationRepository.CreateTestOrganizationAsync();
+
+        var user = await userRepository.CreateTestUserAsync();
+        // OrganizationUser is linked with the User in the Confirmed status
+        var orgUser = await organizationUserRepository.CreateTestOrganizationUserAsync(organization, user);
+
+        // Act: update the user, including collection access so we test this overloaded method
+        orgUser.Type = OrganizationUserType.Admin;
+        orgUser.AccessSecretsManager = true;
+        var collection = await collectionRepository.CreateTestCollectionAsync(organization);
+
+        await organizationUserRepository.ReplaceAsync(orgUser, [
+            new CollectionAccessSelection { Id = collection.Id, Manage = true }
+        ]);
+
+        // Assert
+        var (actualUser, actualCollections) = await organizationUserRepository.GetByIdWithCollectionsAsync(orgUser.Id);
+        Assert.NotNull(actualUser);
+        Assert.Equal(OrganizationUserType.Admin, actualUser.Type);
+        Assert.True(actualUser.AccessSecretsManager);
+
+        var collectionAccess = Assert.Single(actualCollections);
+        Assert.Equal(collection.Id, collectionAccess.Id);
+        Assert.True(collectionAccess.Manage);
+    }
+}

test/Infrastructure.IntegrationTest/AdminConsole/Repositories/OrganizationUserRepository/OrganizationUserRepositoryTests.cs

@@ -8,7 +8,7 @@ using Bit.Core.Repositories;
 using Bit.Core.Utilities;
 using Xunit;
 
-namespace Bit.Infrastructure.IntegrationTest.AdminConsole.Repositories;
+namespace Bit.Infrastructure.IntegrationTest.AdminConsole.Repositories.OrganizationUserRepository;
 
 public class OrganizationUserRepositoryTests
 {