[PM-12485] Create OrganizationUpdateKeys command (#5600)

* Add OrganizationUpdateKeysCommand

* Add unit tests for OrganizationUpdateKeysCommand to validate permission checks and key updates

* Register OrganizationUpdateKeysCommand for dependency injection

* Refactor OrganizationsController to use IOrganizationUpdateKeysCommand for updating organization keys

* Remove outdated unit tests for UpdateOrganizationKeysAsync in OrganizationServiceTests

* Remove UpdateOrganizationKeysAsync method from IOrganizationService and OrganizationService implementations

* Add IOrganizationUpdateKeysCommand dependency mock to OrganizationsControllerTests

src/Core/AdminConsole/OrganizationFeatures/Organizations/Interfaces/IOrganizationUpdateKeysCommand.cs

@@ -0,0 +1,13 @@
+using Bit.Core.AdminConsole.Entities;
+
+public interface IOrganizationUpdateKeysCommand
+{
+    /// <summary>
+    /// Update the keys for an organization.
+    /// </summary>
+    /// <param name="orgId">The ID of the organization to update.</param>
+    /// <param name="publicKey">The public key for the organization.</param>
+    /// <param name="privateKey">The private key for the organization.</param>
+    /// <returns>The updated organization.</returns>
+    Task<Organization> UpdateOrganizationKeysAsync(Guid orgId, string publicKey, string privateKey);
+}

src/Core/AdminConsole/OrganizationFeatures/Organizations/OrganizationUpdateKeysCommand.cs

@@ -0,0 +1,47 @@
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.Context;
+using Bit.Core.Exceptions;
+using Bit.Core.Repositories;
+using Bit.Core.Services;
+
+public class OrganizationUpdateKeysCommand : IOrganizationUpdateKeysCommand
+{
+    private readonly ICurrentContext _currentContext;
+    private readonly IOrganizationRepository _organizationRepository;
+    private readonly IOrganizationService _organizationService;
+
+    public const string OrganizationKeysAlreadyExistErrorMessage = "Organization Keys already exist.";
+
+    public OrganizationUpdateKeysCommand(
+        ICurrentContext currentContext,
+        IOrganizationRepository organizationRepository,
+        IOrganizationService organizationService)
+    {
+        _currentContext = currentContext;
+        _organizationRepository = organizationRepository;
+        _organizationService = organizationService;
+    }
+
+    public async Task<Organization> UpdateOrganizationKeysAsync(Guid organizationId, string publicKey, string privateKey)
+    {
+        if (!await _currentContext.ManageResetPassword(organizationId))
+        {
+            throw new UnauthorizedAccessException();
+        }
+
+        // If the keys already exist, error out
+        var organization = await _organizationRepository.GetByIdAsync(organizationId);
+        if (organization.PublicKey != null && organization.PrivateKey != null)
+        {
+            throw new BadRequestException(OrganizationKeysAlreadyExistErrorMessage);
+        }
+
+        // Update org with generated public/private key
+        organization.PublicKey = publicKey;
+        organization.PrivateKey = privateKey;
+
+        await _organizationService.UpdateAsync(organization);
+
+        return organization;
+    }
+}

src/Core/AdminConsole/Services/IOrganizationService.cs

@@ -43,7 +43,6 @@ public interface IOrganizationService
         IEnumerable<ImportedOrganizationUser> newUsers, IEnumerable<string> removeUserExternalIds,
         bool overwriteExisting, EventSystemUser eventSystemUser);
     Task DeleteSsoUserAsync(Guid userId, Guid? organizationId);
-    Task<Organization> UpdateOrganizationKeysAsync(Guid orgId, string publicKey, string privateKey);
     Task RevokeUserAsync(OrganizationUser organizationUser, Guid? revokingUserId);
     Task RevokeUserAsync(OrganizationUser organizationUser, EventSystemUser systemUser);
     Task<List<Tuple<OrganizationUser, string>>> RevokeUsersAsync(Guid organizationId,

src/Core/AdminConsole/Services/Implementations/OrganizationService.cs

@@ -1418,28 +1418,6 @@ public class OrganizationService : IOrganizationService
         }
     }
 
-    public async Task<Organization> UpdateOrganizationKeysAsync(Guid orgId, string publicKey, string privateKey)
-    {
-        if (!await _currentContext.ManageResetPassword(orgId))
-        {
-            throw new UnauthorizedAccessException();
-        }
-
-        // If the keys already exist, error out
-        var org = await _organizationRepository.GetByIdAsync(orgId);
-        if (org.PublicKey != null && org.PrivateKey != null)
-        {
-            throw new BadRequestException("Organization Keys already exist");
-        }
-
-        // Update org with generated public/private key
-        org.PublicKey = publicKey;
-        org.PrivateKey = privateKey;
-        await UpdateAsync(org);
-
-        return org;
-    }
-
     private async Task UpdateUsersAsync(Group group, HashSet<string> groupUsers,
         Dictionary<string, Guid> existingUsersIdDict, HashSet<Guid> existingUsers = null)
     {

src/Core/OrganizationFeatures/OrganizationServiceCollectionExtensions.cs

@@ -60,6 +60,7 @@ public static class OrganizationServiceCollectionExtensions
         services.AddOrganizationDomainCommandsQueries();
         services.AddOrganizationSignUpCommands();
         services.AddOrganizationDeleteCommands();
+        services.AddOrganizationUpdateCommands();
         services.AddOrganizationEnableCommands();
         services.AddOrganizationDisableCommands();
         services.AddOrganizationAuthCommands();
@@ -77,6 +78,11 @@ public static class OrganizationServiceCollectionExtensions
         services.AddScoped<IOrganizationInitiateDeleteCommand, OrganizationInitiateDeleteCommand>();
     }
 
+    private static void AddOrganizationUpdateCommands(this IServiceCollection services)
+    {
+        services.AddScoped<IOrganizationUpdateKeysCommand, OrganizationUpdateKeysCommand>();
+    }
+
     private static void AddOrganizationEnableCommands(this IServiceCollection services) =>
         services.AddScoped<IOrganizationEnableCommand, OrganizationEnableCommand>();