[PM-3478] Refactor OrganizationUser api

[eliykat]

🎟️ Tracking

📔 Objective

From bitwarden/server#4752:

Introduce a new OrganizationUsers endpoint which provides a listing of all members' basic details - name, email address, status, role. Restrict access to the current endpoint which returns full details.

The new endpoint and models are called OrganizationUserUserMiniDetails, following the naming convention of CipherMiniDetails. Also because naming is hard, and "mini" is a relatively clear convention.

This PR refactors the client-side code to use the new endpoint.

Generally the components were not using the additional properties from the existing endpoint, so the new api call and model could be swapped in with no complaints from Typescript.

One exception is the collections dialog. Currently we fetch user-collection associations from the existing endpoint to check whether a user has access to the collection. However, this is already available when we load the collection data, using the collection.users property. I've updated it to use this instead, so we don't need the extra member info. I've also made a similar change to the group mapping logic for consistency and created a follow-up ticket to refactor that controller: AC-3035.

(I'd like to refactor how the access-selector works, I tried some small improvements here, but it seems like nothing short of a rewrite will cover all our current use cases. For another day.)

📸 Screenshots

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[codecov]

Codecov Report

Attention: Patch coverage is 12.50000% with 14 lines in your changes missing coverage. Please review.

Project coverage is 33.26%. Comparing base (0ecdd46) to head (c0d4530).
Report is 15 commits behind head on main.

✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
...s/collection-dialog/collection-dialog.component.ts	0.00%	11 Missing ⚠️
...le/organizations/manage/entity-events.component.ts	0.00%	1 Missing ⚠️
...n-console/organizations/manage/events.component.ts	0.00%	1 Missing ⚠️
...e/organizations/manage/group-add-edit.component.ts	0.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #10949      +/-   ##
==========================================
+ Coverage   33.25%   33.26%   +0.01%     
==========================================
  Files        2731     2731              
  Lines       85298    85296       -2     
  Branches    16226    16226              
==========================================
+ Hits        28364    28372       +8     
+ Misses      54676    54666      -10     
  Partials     2258     2258              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[github-actions]

Checkmarx One – Scan Summary & Details – ee6cb8f8-a3ea-4d57-88bb-b9d6d01856ee

New Issues

Severity	Issue	Source File / Package	Checkmarx Insight
	Angular_Improper_Type_Pipe_Usage	/libs/tools/generator/components/src/username-generator.component.html: 44	Attack Vector
	Angular_Improper_Type_Pipe_Usage	/libs/tools/generator/components/src/username-generator.component.html: 39	Attack Vector
	Angular_Improper_Type_Pipe_Usage	/libs/tools/generator/components/src/username-generator.component.html: 34	Attack Vector
	Angular_Improper_Type_Pipe_Usage	/libs/tools/generator/components/src/username-generator.component.html: 29	Attack Vector
	Angular_Improper_Type_Pipe_Usage	/libs/tools/generator/components/src/username-generator.component.html: 29	Attack Vector
	Client_Privacy_Violation	/libs/tools/send/send-ui/src/send-form/components/options/send-options.component.ts: 52	Attack Vector

Fixed Issues

Severity	Issue	Source File / Package
	Client_Privacy_Violation	/libs/tools/generator/components/src/username-generator.component.html: 3

[addisonbeck]

Straight forward. Good work!

[eliykat]

I've put the new API call behind a feature flag in DefaultOrganizationUserApiService. If the flag is disabled, the new api call will just redirect to the old one. Corresponding changes have been made to the server PR.