From 06c0c4cfc19420c087558e3f23484ccac29b537d Mon Sep 17 00:00:00 2001
From: Alex Morask <amorask@bitwarden.com>
Date: Wed, 2 Apr 2025 11:45:15 -0400
Subject: [PATCH 01/12] [NO LOGIC] Rename MultiOrganizationEnterprise to
 BusinessUnit

---
 .../Providers/CreateProviderCommand.cs        |  2 +-
 .../AdminConsole/Services/ProviderService.cs  |  4 ++--
 .../Billing/ProviderBillingService.cs         |  2 +-
 .../Billing/ProviderPriceAdapter.cs           |  8 +++----
 .../CreateProviderCommandTests.cs             | 10 ++++-----
 .../Billing/ProviderBillingServiceTests.cs    |  2 +-
 .../Billing/ProviderPriceAdapterTests.cs      |  6 ++---
 .../Controllers/ProvidersController.cs        | 16 +++++++-------
 ....cs => CreateBusinessUnitProviderModel.cs} | 10 ++++-----
 .../AdminConsole/Models/ProviderEditModel.cs  |  4 ++--
 .../AdminConsole/Models/ProviderViewModel.cs  |  2 +-
 ...prise.cshtml => CreateBusinessUnit.cshtml} | 12 +++++-----
 .../AdminConsole/Views/Providers/Edit.cshtml  |  6 ++---
 .../Enums/Provider/ProviderType.cs            |  4 ++--
 .../Interfaces/ICreateProviderCommand.cs      |  2 +-
 .../Billing/Extensions/BillingExtensions.cs   |  4 ++--
 .../Repositories/OrganizationRepository.cs    |  2 +-
 .../Controllers/ProvidersControllerTests.cs   | 22 +++++++++----------
 18 files changed, 59 insertions(+), 59 deletions(-)
 rename src/Admin/AdminConsole/Models/{CreateMultiOrganizationEnterpriseProviderModel.cs => CreateBusinessUnitProviderModel.cs} (76%)
 rename src/Admin/AdminConsole/Views/Providers/{CreateMultiOrganizationEnterprise.cshtml => CreateBusinessUnit.cshtml} (77%)

diff --git a/bitwarden_license/src/Commercial.Core/AdminConsole/Providers/CreateProviderCommand.cs b/bitwarden_license/src/Commercial.Core/AdminConsole/Providers/CreateProviderCommand.cs
index 69b7e67ec1c9..36a5f2c0a920 100644
--- a/bitwarden_license/src/Commercial.Core/AdminConsole/Providers/CreateProviderCommand.cs
+++ b/bitwarden_license/src/Commercial.Core/AdminConsole/Providers/CreateProviderCommand.cs
@@ -48,7 +48,7 @@ public async Task CreateResellerAsync(Provider provider)
         await ProviderRepositoryCreateAsync(provider, ProviderStatusType.Created);
     }
 
-    public async Task CreateMultiOrganizationEnterpriseAsync(Provider provider, string ownerEmail, PlanType plan, int minimumSeats)
+    public async Task CreateBusinessUnitAsync(Provider provider, string ownerEmail, PlanType plan, int minimumSeats)
     {
         var providerId = await CreateProviderAsync(provider, ownerEmail);
 
diff --git a/bitwarden_license/src/Commercial.Core/AdminConsole/Services/ProviderService.cs b/bitwarden_license/src/Commercial.Core/AdminConsole/Services/ProviderService.cs
index 799b57dc5af4..fff6b5271d09 100644
--- a/bitwarden_license/src/Commercial.Core/AdminConsole/Services/ProviderService.cs
+++ b/bitwarden_license/src/Commercial.Core/AdminConsole/Services/ProviderService.cs
@@ -692,10 +692,10 @@ private void ThrowOnInvalidPlanType(ProviderType providerType, PlanType requeste
                     throw new BadRequestException($"Managed Service Providers cannot manage organizations with the plan type {requestedType}. Only Teams (Monthly) and Enterprise (Monthly) are allowed.");
                 }
                 break;
-            case ProviderType.MultiOrganizationEnterprise:
+            case ProviderType.BusinessUnit:
                 if (requestedType is not (PlanType.EnterpriseMonthly or PlanType.EnterpriseAnnually))
                 {
-                    throw new BadRequestException($"Multi-organization Enterprise Providers cannot manage organizations with the plan type {requestedType}. Only Enterprise (Monthly) and Enterprise (Annually) are allowed.");
+                    throw new BadRequestException($"Business Unit Providers cannot manage organizations with the plan type {requestedType}. Only Enterprise (Monthly) and Enterprise (Annually) are allowed.");
                 }
                 break;
             case ProviderType.Reseller:
diff --git a/bitwarden_license/src/Commercial.Core/Billing/ProviderBillingService.cs b/bitwarden_license/src/Commercial.Core/Billing/ProviderBillingService.cs
index 757d6510f1b0..98ebefd4f1c8 100644
--- a/bitwarden_license/src/Commercial.Core/Billing/ProviderBillingService.cs
+++ b/bitwarden_license/src/Commercial.Core/Billing/ProviderBillingService.cs
@@ -791,7 +791,7 @@ private async Task<PlanType> GetManagedPlanTypeAsync(
         Provider provider,
         Organization organization)
     {
-        if (provider.Type == ProviderType.MultiOrganizationEnterprise)
+        if (provider.Type == ProviderType.BusinessUnit)
         {
             return (await providerPlanRepository.GetByProviderId(provider.Id)).First().PlanType;
         }
diff --git a/bitwarden_license/src/Commercial.Core/Billing/ProviderPriceAdapter.cs b/bitwarden_license/src/Commercial.Core/Billing/ProviderPriceAdapter.cs
index 4cc0711ec910..a9dbb6febf10 100644
--- a/bitwarden_license/src/Commercial.Core/Billing/ProviderPriceAdapter.cs
+++ b/bitwarden_license/src/Commercial.Core/Billing/ProviderPriceAdapter.cs
@@ -51,7 +51,7 @@ public static class Legacy
     /// <param name="subscription">The provider's subscription.</param>
     /// <param name="planType">The plan type correlating to the desired Stripe price ID.</param>
     /// <returns>A Stripe <see cref="Stripe.Price"/> ID.</returns>
-    /// <exception cref="BillingException">Thrown when the provider's type is not <see cref="ProviderType.Msp"/> or <see cref="ProviderType.MultiOrganizationEnterprise"/>.</exception>
+    /// <exception cref="BillingException">Thrown when the provider's type is not <see cref="ProviderType.Msp"/> or <see cref="ProviderType.BusinessUnit"/>.</exception>
     /// <exception cref="BillingException">Thrown when the provided <see cref="planType"/> does not relate to a Stripe price ID.</exception>
     public static string GetPriceId(
         Provider provider,
@@ -78,7 +78,7 @@ public static string GetPriceId(
                     PlanType.EnterpriseMonthly => MSP.Active.Enterprise,
                     _ => throw invalidPlanType
                 },
-            ProviderType.MultiOrganizationEnterprise => BusinessUnit.Legacy.List.Intersect(priceIds).Any()
+            ProviderType.BusinessUnit => BusinessUnit.Legacy.List.Intersect(priceIds).Any()
                 ? planType switch
                 {
                     PlanType.EnterpriseAnnually => BusinessUnit.Legacy.Annually,
@@ -103,7 +103,7 @@ public static string GetPriceId(
     /// <param name="provider">The provider to get the Stripe price ID for.</param>
     /// <param name="planType">The plan type correlating to the desired Stripe price ID.</param>
     /// <returns>A Stripe <see cref="Stripe.Price"/> ID.</returns>
-    /// <exception cref="BillingException">Thrown when the provider's type is not <see cref="ProviderType.Msp"/> or <see cref="ProviderType.MultiOrganizationEnterprise"/>.</exception>
+    /// <exception cref="BillingException">Thrown when the provider's type is not <see cref="ProviderType.Msp"/> or <see cref="ProviderType.BusinessUnit"/>.</exception>
     /// <exception cref="BillingException">Thrown when the provided <see cref="planType"/> does not relate to a Stripe price ID.</exception>
     public static string GetActivePriceId(
         Provider provider,
@@ -120,7 +120,7 @@ public static string GetActivePriceId(
                 PlanType.EnterpriseMonthly => MSP.Active.Enterprise,
                 _ => throw invalidPlanType
             },
-            ProviderType.MultiOrganizationEnterprise => planType switch
+            ProviderType.BusinessUnit => planType switch
             {
                 PlanType.EnterpriseAnnually => BusinessUnit.Active.Annually,
                 PlanType.EnterpriseMonthly => BusinessUnit.Active.Monthly,
diff --git a/bitwarden_license/test/Commercial.Core.Test/AdminConsole/ProviderFeatures/CreateProviderCommandTests.cs b/bitwarden_license/test/Commercial.Core.Test/AdminConsole/ProviderFeatures/CreateProviderCommandTests.cs
index e354e4417304..82fcb016b358 100644
--- a/bitwarden_license/test/Commercial.Core.Test/AdminConsole/ProviderFeatures/CreateProviderCommandTests.cs
+++ b/bitwarden_license/test/Commercial.Core.Test/AdminConsole/ProviderFeatures/CreateProviderCommandTests.cs
@@ -63,7 +63,7 @@ public async Task CreateResellerAsync_Success(Provider provider, SutProvider<Cre
     }
 
     [Theory, BitAutoData]
-    public async Task CreateMultiOrganizationEnterpriseAsync_Success(
+    public async Task CreateBusinessUnitAsync_Success(
     Provider provider,
     User user,
     PlanType plan,
@@ -71,13 +71,13 @@ public async Task CreateMultiOrganizationEnterpriseAsync_Success(
     SutProvider<CreateProviderCommand> sutProvider)
     {
         // Arrange
-        provider.Type = ProviderType.MultiOrganizationEnterprise;
+        provider.Type = ProviderType.BusinessUnit;
 
         var userRepository = sutProvider.GetDependency<IUserRepository>();
         userRepository.GetByEmailAsync(user.Email).Returns(user);
 
         // Act
-        await sutProvider.Sut.CreateMultiOrganizationEnterpriseAsync(provider, user.Email, plan, minimumSeats);
+        await sutProvider.Sut.CreateBusinessUnitAsync(provider, user.Email, plan, minimumSeats);
 
         // Assert
         await sutProvider.GetDependency<IProviderRepository>().ReceivedWithAnyArgs().CreateAsync(provider);
@@ -85,7 +85,7 @@ public async Task CreateMultiOrganizationEnterpriseAsync_Success(
     }
 
     [Theory, BitAutoData]
-    public async Task CreateMultiOrganizationEnterpriseAsync_UserIdIsInvalid_Throws(
+    public async Task CreateBusinessUnitAsync_UserIdIsInvalid_Throws(
         Provider provider,
         SutProvider<CreateProviderCommand> sutProvider)
     {
@@ -94,7 +94,7 @@ public async Task CreateMultiOrganizationEnterpriseAsync_UserIdIsInvalid_Throws(
 
         // Act
         var exception = await Assert.ThrowsAsync<BadRequestException>(
-            () => sutProvider.Sut.CreateMultiOrganizationEnterpriseAsync(provider, default, default, default));
+            () => sutProvider.Sut.CreateBusinessUnitAsync(provider, default, default, default));
 
         // Assert
         Assert.Contains("Invalid owner.", exception.Message);
diff --git a/bitwarden_license/test/Commercial.Core.Test/Billing/ProviderBillingServiceTests.cs b/bitwarden_license/test/Commercial.Core.Test/Billing/ProviderBillingServiceTests.cs
index ab1000d6314f..2661a0eff63b 100644
--- a/bitwarden_license/test/Commercial.Core.Test/Billing/ProviderBillingServiceTests.cs
+++ b/bitwarden_license/test/Commercial.Core.Test/Billing/ProviderBillingServiceTests.cs
@@ -116,7 +116,7 @@ public async Task ChangePlan_UpdatesSubscriptionCorrectly(
         SutProvider<ProviderBillingService> sutProvider)
     {
         // Arrange
-        provider.Type = ProviderType.MultiOrganizationEnterprise;
+        provider.Type = ProviderType.BusinessUnit;
 
         var providerPlanRepository = sutProvider.GetDependency<IProviderPlanRepository>();
         var existingPlan = new ProviderPlan
diff --git a/bitwarden_license/test/Commercial.Core.Test/Billing/ProviderPriceAdapterTests.cs b/bitwarden_license/test/Commercial.Core.Test/Billing/ProviderPriceAdapterTests.cs
index 4fce78c05ab6..9ecb4b051108 100644
--- a/bitwarden_license/test/Commercial.Core.Test/Billing/ProviderPriceAdapterTests.cs
+++ b/bitwarden_license/test/Commercial.Core.Test/Billing/ProviderPriceAdapterTests.cs
@@ -71,7 +71,7 @@ public void GetPriceId_BusinessUnit_Legacy_Succeeds(string priceId, PlanType pla
         var provider = new Provider
         {
             Id = Guid.NewGuid(),
-            Type = ProviderType.MultiOrganizationEnterprise
+            Type = ProviderType.BusinessUnit
         };
 
         var subscription = new Subscription
@@ -98,7 +98,7 @@ public void GetPriceId_BusinessUnit_Active_Succeeds(string priceId, PlanType pla
         var provider = new Provider
         {
             Id = Guid.NewGuid(),
-            Type = ProviderType.MultiOrganizationEnterprise
+            Type = ProviderType.BusinessUnit
         };
 
         var subscription = new Subscription
@@ -141,7 +141,7 @@ public void GetActivePriceId_BusinessUnit_Succeeds(string priceId, PlanType plan
         var provider = new Provider
         {
             Id = Guid.NewGuid(),
-            Type = ProviderType.MultiOrganizationEnterprise
+            Type = ProviderType.BusinessUnit
         };
 
         var result = ProviderPriceAdapter.GetActivePriceId(provider, planType);
diff --git a/src/Admin/AdminConsole/Controllers/ProvidersController.cs b/src/Admin/AdminConsole/Controllers/ProvidersController.cs
index 0b1e4035dfc8..6dc33e49096a 100644
--- a/src/Admin/AdminConsole/Controllers/ProvidersController.cs
+++ b/src/Admin/AdminConsole/Controllers/ProvidersController.cs
@@ -133,10 +133,10 @@ public IActionResult CreateReseller()
         return View(new CreateResellerProviderModel());
     }
 
-    [HttpGet("providers/create/multi-organization-enterprise")]
-    public IActionResult CreateMultiOrganizationEnterprise(int enterpriseMinimumSeats, string ownerEmail = null)
+    [HttpGet("providers/create/business-unit")]
+    public IActionResult CreateBusinessUnit(int enterpriseMinimumSeats, string ownerEmail = null)
     {
-        return View(new CreateMultiOrganizationEnterpriseProviderModel
+        return View(new CreateBusinessUnitProviderModel
         {
             OwnerEmail = ownerEmail,
             EnterpriseSeatMinimum = enterpriseMinimumSeats
@@ -157,7 +157,7 @@ public IActionResult Create(CreateProviderModel model)
         {
             ProviderType.Msp => RedirectToAction("CreateMsp"),
             ProviderType.Reseller => RedirectToAction("CreateReseller"),
-            ProviderType.MultiOrganizationEnterprise => RedirectToAction("CreateMultiOrganizationEnterprise"),
+            ProviderType.BusinessUnit => RedirectToAction("CreateBusinessUnit"),
             _ => View(model)
         };
     }
@@ -198,10 +198,10 @@ public async Task<IActionResult> CreateReseller(CreateResellerProviderModel mode
         return RedirectToAction("Edit", new { id = provider.Id });
     }
 
-    [HttpPost("providers/create/multi-organization-enterprise")]
+    [HttpPost("providers/create/business-unit")]
     [ValidateAntiForgeryToken]
     [RequirePermission(Permission.Provider_Create)]
-    public async Task<IActionResult> CreateMultiOrganizationEnterprise(CreateMultiOrganizationEnterpriseProviderModel model)
+    public async Task<IActionResult> CreateBusinessUnit(CreateBusinessUnitProviderModel model)
     {
         if (!ModelState.IsValid)
         {
@@ -209,7 +209,7 @@ public async Task<IActionResult> CreateMultiOrganizationEnterprise(CreateMultiOr
         }
         var provider = model.ToProvider();
 
-        await _createProviderCommand.CreateMultiOrganizationEnterpriseAsync(
+        await _createProviderCommand.CreateBusinessUnitAsync(
             provider,
             model.OwnerEmail,
             model.Plan.Value,
@@ -307,7 +307,7 @@ public async Task<IActionResult> Edit(Guid id, ProviderEditModel model)
                     ]);
                 await _providerBillingService.UpdateSeatMinimums(updateMspSeatMinimumsCommand);
                 break;
-            case ProviderType.MultiOrganizationEnterprise:
+            case ProviderType.BusinessUnit:
                 {
                     var existingMoePlan = providerPlans.Single();
 
diff --git a/src/Admin/AdminConsole/Models/CreateMultiOrganizationEnterpriseProviderModel.cs b/src/Admin/AdminConsole/Models/CreateBusinessUnitProviderModel.cs
similarity index 76%
rename from src/Admin/AdminConsole/Models/CreateMultiOrganizationEnterpriseProviderModel.cs
rename to src/Admin/AdminConsole/Models/CreateBusinessUnitProviderModel.cs
index ef7210a9ef79..b57d90e33bc1 100644
--- a/src/Admin/AdminConsole/Models/CreateMultiOrganizationEnterpriseProviderModel.cs
+++ b/src/Admin/AdminConsole/Models/CreateBusinessUnitProviderModel.cs
@@ -6,7 +6,7 @@
 
 namespace Bit.Admin.AdminConsole.Models;
 
-public class CreateMultiOrganizationEnterpriseProviderModel : IValidatableObject
+public class CreateBusinessUnitProviderModel : IValidatableObject
 {
     [Display(Name = "Owner Email")]
     public string OwnerEmail { get; set; }
@@ -22,7 +22,7 @@ public virtual Provider ToProvider()
     {
         return new Provider
         {
-            Type = ProviderType.MultiOrganizationEnterprise
+            Type = ProviderType.BusinessUnit
         };
     }
 
@@ -30,17 +30,17 @@ public IEnumerable<ValidationResult> Validate(ValidationContext validationContex
     {
         if (string.IsNullOrWhiteSpace(OwnerEmail))
         {
-            var ownerEmailDisplayName = nameof(OwnerEmail).GetDisplayAttribute<CreateMultiOrganizationEnterpriseProviderModel>()?.GetName() ?? nameof(OwnerEmail);
+            var ownerEmailDisplayName = nameof(OwnerEmail).GetDisplayAttribute<CreateBusinessUnitProviderModel>()?.GetName() ?? nameof(OwnerEmail);
             yield return new ValidationResult($"The {ownerEmailDisplayName} field is required.");
         }
         if (EnterpriseSeatMinimum < 0)
         {
-            var enterpriseSeatMinimumDisplayName = nameof(EnterpriseSeatMinimum).GetDisplayAttribute<CreateMultiOrganizationEnterpriseProviderModel>()?.GetName() ?? nameof(EnterpriseSeatMinimum);
+            var enterpriseSeatMinimumDisplayName = nameof(EnterpriseSeatMinimum).GetDisplayAttribute<CreateBusinessUnitProviderModel>()?.GetName() ?? nameof(EnterpriseSeatMinimum);
             yield return new ValidationResult($"The {enterpriseSeatMinimumDisplayName} field can not be negative.");
         }
         if (Plan != PlanType.EnterpriseAnnually && Plan != PlanType.EnterpriseMonthly)
         {
-            var planDisplayName = nameof(Plan).GetDisplayAttribute<CreateMultiOrganizationEnterpriseProviderModel>()?.GetName() ?? nameof(Plan);
+            var planDisplayName = nameof(Plan).GetDisplayAttribute<CreateBusinessUnitProviderModel>()?.GetName() ?? nameof(Plan);
             yield return new ValidationResult($"The {planDisplayName} field must be set to Enterprise Annually or Enterprise Monthly.");
         }
     }
diff --git a/src/Admin/AdminConsole/Models/ProviderEditModel.cs b/src/Admin/AdminConsole/Models/ProviderEditModel.cs
index bcdf602c07e8..7f8ffb224ea2 100644
--- a/src/Admin/AdminConsole/Models/ProviderEditModel.cs
+++ b/src/Admin/AdminConsole/Models/ProviderEditModel.cs
@@ -34,7 +34,7 @@ public ProviderEditModel(
         GatewaySubscriptionUrl = gatewaySubscriptionUrl;
         Type = provider.Type;
 
-        if (Type == ProviderType.MultiOrganizationEnterprise)
+        if (Type == ProviderType.BusinessUnit)
         {
             var plan = providerPlans.SingleOrDefault();
             EnterpriseMinimumSeats = plan?.SeatMinimum ?? 0;
@@ -100,7 +100,7 @@ public IEnumerable<ValidationResult> Validate(ValidationContext validationContex
                     yield return new ValidationResult($"The {billingEmailDisplayName} field is required.");
                 }
                 break;
-            case ProviderType.MultiOrganizationEnterprise:
+            case ProviderType.BusinessUnit:
                 if (Plan == null)
                 {
                     var displayName = nameof(Plan).GetDisplayAttribute<CreateProviderModel>()?.GetName() ?? nameof(Plan);
diff --git a/src/Admin/AdminConsole/Models/ProviderViewModel.cs b/src/Admin/AdminConsole/Models/ProviderViewModel.cs
index 724e6220b36f..bcb96df00671 100644
--- a/src/Admin/AdminConsole/Models/ProviderViewModel.cs
+++ b/src/Admin/AdminConsole/Models/ProviderViewModel.cs
@@ -40,7 +40,7 @@ public ProviderViewModel(
                 ProviderPlanViewModels.Add(new ProviderPlanViewModel("Enterprise (Monthly) Subscription", enterpriseProviderPlan, usedEnterpriseSeats));
             }
         }
-        else if (Provider.Type == ProviderType.MultiOrganizationEnterprise)
+        else if (Provider.Type == ProviderType.BusinessUnit)
         {
             var usedEnterpriseSeats = ProviderOrganizations.Where(po => po.PlanType == PlanType.EnterpriseMonthly)
                 .Sum(po => po.OccupiedSeats).GetValueOrDefault(0);
diff --git a/src/Admin/AdminConsole/Views/Providers/CreateMultiOrganizationEnterprise.cshtml b/src/Admin/AdminConsole/Views/Providers/CreateBusinessUnit.cshtml
similarity index 77%
rename from src/Admin/AdminConsole/Views/Providers/CreateMultiOrganizationEnterprise.cshtml
rename to src/Admin/AdminConsole/Views/Providers/CreateBusinessUnit.cshtml
index f72e4af7df45..d94f444a6ced 100644
--- a/src/Admin/AdminConsole/Views/Providers/CreateMultiOrganizationEnterprise.cshtml
+++ b/src/Admin/AdminConsole/Views/Providers/CreateBusinessUnit.cshtml
@@ -1,15 +1,15 @@
 @using Bit.Core.Billing.Enums
 @using Microsoft.AspNetCore.Mvc.TagHelpers
 
-@model CreateMultiOrganizationEnterpriseProviderModel
+@model CreateBusinessUnitProviderModel
 
 @{
-    ViewData["Title"] = "Create Multi-organization Enterprise Provider";
+    ViewData["Title"] = "Create Business Unit Provider";
 }
 
-<h1 class="mb-4">Create Multi-organization Enterprise Provider</h1>
+<h1 class="mb-4">Create Business Unit Provider</h1>
 <div>
-    <form method="post" asp-action="CreateMultiOrganizationEnterprise">
+    <form method="post" asp-action="CreateBusinessUnit">
         <div asp-validation-summary="All" class="alert alert-danger"></div>
         <div class="mb-3">
             <label asp-for="OwnerEmail" class="form-label"></label>
@@ -19,14 +19,14 @@
             <div class="col-sm">
                 <div class="mb-3">
                     @{
-                        var multiOrgPlans = new List<PlanType>
+                        var businessUnitPlanTypes = new List<PlanType>
                         {
                             PlanType.EnterpriseAnnually,
                             PlanType.EnterpriseMonthly
                         };
                     }
                     <label asp-for="Plan" class="form-label"></label>
-                    <select class="form-select" asp-for="Plan" asp-items="Html.GetEnumSelectList(multiOrgPlans)">
+                    <select class="form-select" asp-for="Plan" asp-items="Html.GetEnumSelectList(businessUnitPlanTypes)">
                         <option value="">--</option>
                     </select>
                 </div>
diff --git a/src/Admin/AdminConsole/Views/Providers/Edit.cshtml b/src/Admin/AdminConsole/Views/Providers/Edit.cshtml
index 045109fb360c..2f4805460034 100644
--- a/src/Admin/AdminConsole/Views/Providers/Edit.cshtml
+++ b/src/Admin/AdminConsole/Views/Providers/Edit.cshtml
@@ -74,20 +74,20 @@
                 </div>
                 break;
             }
-            case ProviderType.MultiOrganizationEnterprise:
+            case ProviderType.BusinessUnit:
             {
                 <div class="row">
                     <div class="col-sm">
                         <div class="mb-3">
                             @{
-                                var multiOrgPlans = new List<PlanType>
+                                var businessUnitPlanTypes = new List<PlanType>
                                 {
                                     PlanType.EnterpriseAnnually,
                                     PlanType.EnterpriseMonthly
                                 };
                             }
                             <label asp-for="Plan" class="form-label"></label>
-                            <select class="form-control" asp-for="Plan" asp-items="Html.GetEnumSelectList(multiOrgPlans)">
+                            <select class="form-control" asp-for="Plan" asp-items="Html.GetEnumSelectList(businessUnitPlanTypes)">
                                 <option value="">--</option>
                             </select>
                         </div>
diff --git a/src/Core/AdminConsole/Enums/Provider/ProviderType.cs b/src/Core/AdminConsole/Enums/Provider/ProviderType.cs
index e244b9391e37..8e229ed5086c 100644
--- a/src/Core/AdminConsole/Enums/Provider/ProviderType.cs
+++ b/src/Core/AdminConsole/Enums/Provider/ProviderType.cs
@@ -8,6 +8,6 @@ public enum ProviderType : byte
     Msp = 0,
     [Display(ShortName = "Reseller", Name = "Reseller", Description = "Creates Bitwarden Portal page for client organization billing management", Order = 1000)]
     Reseller = 1,
-    [Display(ShortName = "MOE", Name = "Multi-organization Enterprises", Description = "Creates provider portal for multi-organization management", Order = 1)]
-    MultiOrganizationEnterprise = 2,
+    [Display(ShortName = "Business Unit", Name = "Business Unit", Description = "Creates provider portal for business unit management", Order = 1)]
+    BusinessUnit = 2,
 }
diff --git a/src/Core/AdminConsole/Providers/Interfaces/ICreateProviderCommand.cs b/src/Core/AdminConsole/Providers/Interfaces/ICreateProviderCommand.cs
index bea3c08a8541..b2484bf632c0 100644
--- a/src/Core/AdminConsole/Providers/Interfaces/ICreateProviderCommand.cs
+++ b/src/Core/AdminConsole/Providers/Interfaces/ICreateProviderCommand.cs
@@ -7,5 +7,5 @@ public interface ICreateProviderCommand
 {
     Task CreateMspAsync(Provider provider, string ownerEmail, int teamsMinimumSeats, int enterpriseMinimumSeats);
     Task CreateResellerAsync(Provider provider);
-    Task CreateMultiOrganizationEnterpriseAsync(Provider provider, string ownerEmail, PlanType plan, int minimumSeats);
+    Task CreateBusinessUnitAsync(Provider provider, string ownerEmail, PlanType plan, int minimumSeats);
 }
diff --git a/src/Core/Billing/Extensions/BillingExtensions.cs b/src/Core/Billing/Extensions/BillingExtensions.cs
index f6e65861cd75..6162aae37e00 100644
--- a/src/Core/Billing/Extensions/BillingExtensions.cs
+++ b/src/Core/Billing/Extensions/BillingExtensions.cs
@@ -24,12 +24,12 @@ _ when planType.ToString().Contains("Enterprise") => ProductTierType.Enterprise,
     public static bool IsBillable(this Provider provider) =>
         provider is
         {
-            Type: ProviderType.Msp or ProviderType.MultiOrganizationEnterprise,
+            Type: ProviderType.Msp or ProviderType.BusinessUnit,
             Status: ProviderStatusType.Billable
         };
 
     public static bool SupportsConsolidatedBilling(this ProviderType providerType)
-        => providerType is ProviderType.Msp or ProviderType.MultiOrganizationEnterprise;
+        => providerType is ProviderType.Msp or ProviderType.BusinessUnit;
 
     public static bool IsValidClient(this Organization organization)
         => organization is
diff --git a/src/Infrastructure.EntityFramework/AdminConsole/Repositories/OrganizationRepository.cs b/src/Infrastructure.EntityFramework/AdminConsole/Repositories/OrganizationRepository.cs
index c095b0703004..8024f9847366 100644
--- a/src/Infrastructure.EntityFramework/AdminConsole/Repositories/OrganizationRepository.cs
+++ b/src/Infrastructure.EntityFramework/AdminConsole/Repositories/OrganizationRepository.cs
@@ -330,7 +330,7 @@ join od in dbContext.OrganizationDomains on ou.OrganizationId equals od.Organiza
             var planTypes = providerType switch
             {
                 ProviderType.Msp => PlanConstants.EnterprisePlanTypes.Concat(PlanConstants.TeamsPlanTypes),
-                ProviderType.MultiOrganizationEnterprise => PlanConstants.EnterprisePlanTypes,
+                ProviderType.BusinessUnit => PlanConstants.EnterprisePlanTypes,
                 _ => []
             };
 
diff --git a/test/Admin.Test/AdminConsole/Controllers/ProvidersControllerTests.cs b/test/Admin.Test/AdminConsole/Controllers/ProvidersControllerTests.cs
index e84d4c0ef845..85a32b1531c5 100644
--- a/test/Admin.Test/AdminConsole/Controllers/ProvidersControllerTests.cs
+++ b/test/Admin.Test/AdminConsole/Controllers/ProvidersControllerTests.cs
@@ -75,25 +75,25 @@ public async Task CreateMspAsync_RedirectsToExpectedPage_AfterCreatingProvider(
     }
     #endregion
 
-    #region CreateMultiOrganizationEnterpriseAsync
+    #region CreateBusinessUnitAsync
     [BitAutoData]
     [SutProviderCustomize]
     [Theory]
-    public async Task CreateMultiOrganizationEnterpriseAsync_WithValidModel_CreatesProvider(
-        CreateMultiOrganizationEnterpriseProviderModel model,
+    public async Task CreateBusinessUnitAsync_WithValidModel_CreatesProvider(
+        CreateBusinessUnitProviderModel model,
         SutProvider<ProvidersController> sutProvider)
     {
         // Arrange
 
         // Act
-        var actual = await sutProvider.Sut.CreateMultiOrganizationEnterprise(model);
+        var actual = await sutProvider.Sut.CreateBusinessUnit(model);
 
         // Assert
         Assert.NotNull(actual);
         await sutProvider.GetDependency<ICreateProviderCommand>()
             .Received(Quantity.Exactly(1))
-            .CreateMultiOrganizationEnterpriseAsync(
-                Arg.Is<Provider>(x => x.Type == ProviderType.MultiOrganizationEnterprise),
+            .CreateBusinessUnitAsync(
+                Arg.Is<Provider>(x => x.Type == ProviderType.BusinessUnit),
                 model.OwnerEmail,
                 Arg.Is<PlanType>(y => y == model.Plan),
                 model.EnterpriseSeatMinimum);
@@ -102,16 +102,16 @@ await sutProvider.GetDependency<ICreateProviderCommand>()
     [BitAutoData]
     [SutProviderCustomize]
     [Theory]
-    public async Task CreateMultiOrganizationEnterpriseAsync_RedirectsToExpectedPage_AfterCreatingProvider(
-        CreateMultiOrganizationEnterpriseProviderModel model,
+    public async Task CreateBusinessUnitAsync_RedirectsToExpectedPage_AfterCreatingProvider(
+        CreateBusinessUnitProviderModel model,
         Guid expectedProviderId,
         SutProvider<ProvidersController> sutProvider)
     {
         // Arrange
         sutProvider.GetDependency<ICreateProviderCommand>()
             .When(x =>
-                x.CreateMultiOrganizationEnterpriseAsync(
-                    Arg.Is<Provider>(y => y.Type == ProviderType.MultiOrganizationEnterprise),
+                x.CreateBusinessUnitAsync(
+                    Arg.Is<Provider>(y => y.Type == ProviderType.BusinessUnit),
                     model.OwnerEmail,
                     Arg.Is<PlanType>(y => y == model.Plan),
                     model.EnterpriseSeatMinimum))
@@ -122,7 +122,7 @@ public async Task CreateMultiOrganizationEnterpriseAsync_RedirectsToExpectedPage
             });
 
         // Act
-        var actual = await sutProvider.Sut.CreateMultiOrganizationEnterprise(model);
+        var actual = await sutProvider.Sut.CreateBusinessUnit(model);
 
         // Assert
         Assert.NotNull(actual);

From 0df02d421ddffa24c26943d0823e6b77a6bac07b Mon Sep 17 00:00:00 2001
From: Alex Morask <amorask@bitwarden.com>
Date: Wed, 2 Apr 2025 12:43:03 -0400
Subject: [PATCH 02/12] [Core] Add
 IMailService.SendBusinessUnitConversionInviteAsync

---
 .../BusinessUnitConversionInvite.html.hbs     | 19 +++++++++++++++++++
 .../BusinessUnitConversionInvite.text.hbs     |  5 +++++
 .../BusinessUnitConversionInviteModel.cs      | 11 +++++++++++
 src/Core/Services/IMailService.cs             |  1 +
 .../Implementations/HandlebarsMailService.cs  | 17 +++++++++++++++++
 .../NoopImplementations/NoopMailService.cs    |  5 +++++
 6 files changed, 58 insertions(+)
 create mode 100644 src/Core/MailTemplates/Handlebars/Billing/BusinessUnitConversionInvite.html.hbs
 create mode 100644 src/Core/MailTemplates/Handlebars/Billing/BusinessUnitConversionInvite.text.hbs
 create mode 100644 src/Core/Models/Mail/Billing/BusinessUnitConversionInviteModel.cs

diff --git a/src/Core/MailTemplates/Handlebars/Billing/BusinessUnitConversionInvite.html.hbs b/src/Core/MailTemplates/Handlebars/Billing/BusinessUnitConversionInvite.html.hbs
new file mode 100644
index 000000000000..59da01983915
--- /dev/null
+++ b/src/Core/MailTemplates/Handlebars/Billing/BusinessUnitConversionInvite.html.hbs
@@ -0,0 +1,19 @@
+{{#>FullHtmlLayout}}
+    <table width="100%" cellpadding="0" cellspacing="0" style="margin: 0; box-sizing: border-box; color: #333; line-height: 25px; -webkit-font-smoothing: antialiased; -webkit-text-size-adjust: none;">
+        <tr style="margin: 0; box-sizing: border-box; color: #333; line-height: 25px; -webkit-font-smoothing: antialiased; -webkit-text-size-adjust: none;">
+            <td class="content-block" style="font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; box-sizing: border-box; font-size: 16px; color: #333; line-height: 25px; margin: 0; -webkit-font-smoothing: antialiased; padding: 0 0 10px; -webkit-text-size-adjust: none; text-align: left;" valign="top" align="center">
+                You have been invited to set up a new Business Unit Portal within Bitwarden.
+                <br style="margin: 0; box-sizing: border-box; color: #333; line-height: 25px; -webkit-font-smoothing: antialiased; -webkit-text-size-adjust: none;" />
+                <br style="margin: 0; box-sizing: border-box; color: #333; line-height: 25px; -webkit-font-smoothing: antialiased; -webkit-text-size-adjust: none;" />
+            </td>
+        </tr>
+        <tr style="margin: 0; box-sizing: border-box; color: #333; line-height: 25px; -webkit-font-smoothing: antialiased; -webkit-text-size-adjust: none;">
+            <td class="content-block" style="font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; box-sizing: border-box; font-size: 16px; color: #333; line-height: 25px; margin: 0; -webkit-font-smoothing: antialiased; padding: 0 0 10px; -webkit-text-size-adjust: none; text-align: center;" valign="top" align="center">
+                <a href="{{{Url}}}" clicktracking=off target="_blank" style="color: #ffffff; text-decoration: none; text-align: center; cursor: pointer; display: inline-block; border-radius: 5px; background-color: #175DDC; border-color: #175DDC; border-style: solid; border-width: 10px 20px; margin: 0; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; box-sizing: border-box; font-size: 16px; line-height: 25px; -webkit-font-smoothing: antialiased; -webkit-text-size-adjust: none;">
+                    Set Up Business Unit Portal Now
+                </a>
+                <br style="margin: 0; box-sizing: border-box; color: #333; line-height: 25px; -webkit-font-smoothing: antialiased; -webkit-text-size-adjust: none;" />
+            </td>
+        </tr>
+    </table>
+{{/FullHtmlLayout}}
diff --git a/src/Core/MailTemplates/Handlebars/Billing/BusinessUnitConversionInvite.text.hbs b/src/Core/MailTemplates/Handlebars/Billing/BusinessUnitConversionInvite.text.hbs
new file mode 100644
index 000000000000..b2973f32c22f
--- /dev/null
+++ b/src/Core/MailTemplates/Handlebars/Billing/BusinessUnitConversionInvite.text.hbs
@@ -0,0 +1,5 @@
+{{#>BasicTextLayout}}
+    You have been invited to set up a new Business Unit Portal within Bitwarden. To continue, click the following link:
+
+    {{{Url}}}
+{{/BasicTextLayout}}
diff --git a/src/Core/Models/Mail/Billing/BusinessUnitConversionInviteModel.cs b/src/Core/Models/Mail/Billing/BusinessUnitConversionInviteModel.cs
new file mode 100644
index 000000000000..a00df8180c87
--- /dev/null
+++ b/src/Core/Models/Mail/Billing/BusinessUnitConversionInviteModel.cs
@@ -0,0 +1,11 @@
+namespace Bit.Core.Models.Mail.Billing;
+
+public class BusinessUnitConversionInviteModel : BaseMailModel
+{
+    public string OrganizationId { get; set; }
+    public string Email { get; set; }
+    public string Token { get; set; }
+
+    public string Url =>
+        $"{WebVaultUrl}/providers/setup-business-unit?organizationId={OrganizationId}&email={Email}&token={Token}";
+}
diff --git a/src/Core/Services/IMailService.cs b/src/Core/Services/IMailService.cs
index e61127c57a3b..83535c4b97ac 100644
--- a/src/Core/Services/IMailService.cs
+++ b/src/Core/Services/IMailService.cs
@@ -70,6 +70,7 @@ Task SendInvoiceUpcoming(
     Task SendEnqueuedMailMessageAsync(IMailQueueMessage queueMessage);
     Task SendAdminResetPasswordEmailAsync(string email, string userName, string orgName);
     Task SendProviderSetupInviteEmailAsync(Provider provider, string token, string email);
+    Task SendBusinessUnitConversionInviteAsync(Organization organization, string token, string email);
     Task SendProviderInviteEmailAsync(string providerName, ProviderUser providerUser, string token, string email);
     Task SendProviderConfirmedEmailAsync(string providerName, string email);
     Task SendProviderUserRemoved(string providerName, string email);
diff --git a/src/Core/Services/Implementations/HandlebarsMailService.cs b/src/Core/Services/Implementations/HandlebarsMailService.cs
index a5513423248f..1d6dc57177c7 100644
--- a/src/Core/Services/Implementations/HandlebarsMailService.cs
+++ b/src/Core/Services/Implementations/HandlebarsMailService.cs
@@ -11,6 +11,7 @@
 using Bit.Core.Entities;
 using Bit.Core.Models.Data.Organizations;
 using Bit.Core.Models.Mail;
+using Bit.Core.Models.Mail.Billing;
 using Bit.Core.Models.Mail.FamiliesForEnterprise;
 using Bit.Core.Models.Mail.Provider;
 using Bit.Core.SecretsManager.Models.Mail;
@@ -951,6 +952,22 @@ public async Task SendProviderSetupInviteEmailAsync(Provider provider, string to
         await _mailDeliveryService.SendEmailAsync(message);
     }
 
+    public async Task SendBusinessUnitConversionInviteAsync(Organization organization, string token, string email)
+    {
+        var message = CreateDefaultMessage("Set Up Business Unit", email);
+        var model = new BusinessUnitConversionInviteModel
+        {
+            WebVaultUrl = _globalSettings.BaseServiceUri.VaultWithHash,
+            SiteName = _globalSettings.SiteName,
+            OrganizationId = organization.Id.ToString(),
+            Email = WebUtility.UrlEncode(email),
+            Token = WebUtility.UrlEncode(token)
+        };
+        await AddMessageContentAsync(message, "Billing.BusinessUnitConversionInvite", model);
+        message.Category = "BusinessUnitConversionInvite";
+        await _mailDeliveryService.SendEmailAsync(message);
+    }
+
     public async Task SendProviderInviteEmailAsync(string providerName, ProviderUser providerUser, string token, string email)
     {
         var message = CreateDefaultMessage($"Join {providerName}", email);
diff --git a/src/Core/Services/NoopImplementations/NoopMailService.cs b/src/Core/Services/NoopImplementations/NoopMailService.cs
index d829fbbacbb1..9730cc498868 100644
--- a/src/Core/Services/NoopImplementations/NoopMailService.cs
+++ b/src/Core/Services/NoopImplementations/NoopMailService.cs
@@ -212,6 +212,11 @@ public Task SendProviderSetupInviteEmailAsync(Provider provider, string token, s
         return Task.FromResult(0);
     }
 
+    public Task SendBusinessUnitConversionInviteAsync(Organization organization, string token, string email)
+    {
+        return Task.FromResult(0);
+    }
+
     public Task SendProviderInviteEmailAsync(string providerName, ProviderUser providerUser, string token, string email)
     {
         return Task.FromResult(0);

From ad26e4f3b239f097b954002981779991998c5f97 Mon Sep 17 00:00:00 2001
From: Alex Morask <amorask@bitwarden.com>
Date: Wed, 2 Apr 2025 13:06:29 -0400
Subject: [PATCH 03/12] [Core] Add BusinessUnitConverter

---
 .../Billing/BusinessUnitConverter.cs          | 459 ++++++++++++++++++
 .../Utilities/ServiceCollectionExtensions.cs  |   1 +
 .../Services/IBusinessUnitConverter.cs        |  58 +++
 3 files changed, 518 insertions(+)
 create mode 100644 bitwarden_license/src/Commercial.Core/Billing/BusinessUnitConverter.cs
 create mode 100644 src/Core/Billing/Services/IBusinessUnitConverter.cs

diff --git a/bitwarden_license/src/Commercial.Core/Billing/BusinessUnitConverter.cs b/bitwarden_license/src/Commercial.Core/Billing/BusinessUnitConverter.cs
new file mode 100644
index 000000000000..05ca331feaca
--- /dev/null
+++ b/bitwarden_license/src/Commercial.Core/Billing/BusinessUnitConverter.cs
@@ -0,0 +1,459 @@
+#nullable enable
+using System.Diagnostics.CodeAnalysis;
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.AdminConsole.Entities.Provider;
+using Bit.Core.AdminConsole.Enums.Provider;
+using Bit.Core.AdminConsole.Repositories;
+using Bit.Core.Billing;
+using Bit.Core.Billing.Constants;
+using Bit.Core.Billing.Entities;
+using Bit.Core.Billing.Enums;
+using Bit.Core.Billing.Extensions;
+using Bit.Core.Billing.Pricing;
+using Bit.Core.Billing.Repositories;
+using Bit.Core.Billing.Services;
+using Bit.Core.Entities;
+using Bit.Core.Enums;
+using Bit.Core.Repositories;
+using Bit.Core.Services;
+using Bit.Core.Settings;
+using Bit.Core.Utilities;
+using Microsoft.AspNetCore.DataProtection;
+using Microsoft.Extensions.Logging;
+using OneOf;
+using Stripe;
+
+namespace Bit.Commercial.Core.Billing;
+
+public class BusinessUnitConverter(
+    IDataProtectionProvider dataProtectionProvider,
+    GlobalSettings globalSettings,
+    ILogger<BusinessUnitConverter> logger,
+    IMailService mailService,
+    IOrganizationRepository organizationRepository,
+    IOrganizationUserRepository organizationUserRepository,
+    IPricingClient pricingClient,
+    IProviderOrganizationRepository providerOrganizationRepository,
+    IProviderPlanRepository providerPlanRepository,
+    IProviderRepository providerRepository,
+    IProviderUserRepository providerUserRepository,
+    IStripeAdapter stripeAdapter,
+    ISubscriberService subscriberService,
+    IUserRepository userRepository) : IBusinessUnitConverter
+{
+    private readonly IDataProtector _dataProtector =
+        dataProtectionProvider.CreateProtector($"{nameof(BusinessUnitConverter)}DataProtector");
+
+    public async Task<Guid> FinalizeConversion(
+        Organization organization,
+        Guid userId,
+        string token,
+        string providerKey,
+        string organizationKey)
+    {
+        var user = await userRepository.GetByIdAsync(userId);
+
+        var (subscription, provider, providerOrganization, providerUser) = await ValidateFinalizationAsync(organization, user, token);
+
+        var existingPlan = await pricingClient.GetPlanOrThrow(organization.PlanType);
+        var updatedPlan = await pricingClient.GetPlanOrThrow(existingPlan.IsAnnual ? PlanType.EnterpriseAnnually : PlanType.EnterpriseMonthly);
+
+        // Bring organization under management.
+        organization.Plan = updatedPlan.Name;
+        organization.PlanType = updatedPlan.Type;
+        organization.MaxCollections = updatedPlan.PasswordManager.MaxCollections;
+        organization.MaxStorageGb = updatedPlan.PasswordManager.BaseStorageGb;
+        organization.UsePolicies = updatedPlan.HasPolicies;
+        organization.UseSso = updatedPlan.HasSso;
+        organization.UseGroups = updatedPlan.HasGroups;
+        organization.UseEvents = updatedPlan.HasEvents;
+        organization.UseDirectory = updatedPlan.HasDirectory;
+        organization.UseTotp = updatedPlan.HasTotp;
+        organization.Use2fa = updatedPlan.Has2fa;
+        organization.UseApi = updatedPlan.HasApi;
+        organization.UseResetPassword = updatedPlan.HasResetPassword;
+        organization.SelfHost = updatedPlan.HasSelfHost;
+        organization.UsersGetPremium = updatedPlan.UsersGetPremium;
+        organization.UseCustomPermissions = updatedPlan.HasCustomPermissions;
+        organization.UseScim = updatedPlan.HasScim;
+        organization.UseKeyConnector = updatedPlan.HasKeyConnector;
+        organization.MaxStorageGb = updatedPlan.PasswordManager.BaseStorageGb;
+        organization.BillingEmail = provider.BillingEmail!;
+        organization.GatewayCustomerId = null;
+        organization.GatewaySubscriptionId = null;
+        organization.ExpirationDate = null;
+        organization.MaxAutoscaleSeats = null;
+        organization.Status = OrganizationStatusType.Managed;
+
+        // Enable organization access via key exchange.
+        providerOrganization.Key = organizationKey;
+
+        // Complete provider setup.
+        provider.Gateway = GatewayType.Stripe;
+        provider.GatewayCustomerId = subscription.CustomerId;
+        provider.GatewaySubscriptionId = subscription.Id;
+        provider.Status = ProviderStatusType.Billable;
+
+        // Enable provider access via key exchange.
+        providerUser.Key = providerKey;
+        providerUser.Status = ProviderUserStatusType.Confirmed;
+
+        // Stripe requires that we clear all the custom fields from the invoice settings if we want to replace them.
+        await stripeAdapter.CustomerUpdateAsync(subscription.CustomerId, new CustomerUpdateOptions
+        {
+            InvoiceSettings = new CustomerInvoiceSettingsOptions
+            {
+                CustomFields = []
+            }
+        });
+
+        var metadata = new Dictionary<string, string>
+        {
+            [StripeConstants.MetadataKeys.OrganizationId] = string.Empty,
+            [StripeConstants.MetadataKeys.ProviderId] = provider.Id.ToString(),
+            ["convertedFrom"] = organization.Id.ToString()
+        };
+
+        var updateCustomer = stripeAdapter.CustomerUpdateAsync(subscription.CustomerId, new CustomerUpdateOptions
+        {
+            InvoiceSettings = new CustomerInvoiceSettingsOptions
+            {
+                CustomFields = [
+                    new CustomerInvoiceSettingsCustomFieldOptions
+                    {
+                        Name = provider.SubscriberType(),
+                        Value = provider.DisplayName()?.Length <= 30
+                            ? provider.DisplayName()
+                            : provider.DisplayName()?[..30]
+                    }
+                ]
+            },
+            Metadata = metadata
+        });
+
+        // Find the existing password manager price on the subscription.
+        var passwordManagerItem = subscription.Items.First(item =>
+        {
+            var priceId = existingPlan.HasNonSeatBasedPasswordManagerPlan()
+                ? existingPlan.PasswordManager.StripePlanId
+                : existingPlan.PasswordManager.StripeSeatPlanId;
+
+            return item.Price.Id == priceId;
+        });
+
+        // Get the new business unit price.
+        var updatedPriceId = ProviderPriceAdapter.GetActivePriceId(provider, updatedPlan.Type);
+
+        // Replace the existing password manager price with the new business unit price.
+        var updateSubscription =
+            stripeAdapter.SubscriptionUpdateAsync(subscription.Id,
+                new SubscriptionUpdateOptions
+                {
+                    Items = [
+                        new SubscriptionItemOptions
+                        {
+                            Id = passwordManagerItem.Id,
+                            Deleted = true
+                        },
+                        new SubscriptionItemOptions
+                        {
+                            Price = updatedPriceId,
+                            Quantity = organization.Seats
+                        }
+                    ],
+                    Metadata = metadata
+                });
+
+        await Task.WhenAll(updateCustomer, updateSubscription);
+
+        // Complete database updates for provider setup.
+        await Task.WhenAll(
+            organizationRepository.ReplaceAsync(organization),
+            providerOrganizationRepository.ReplaceAsync(providerOrganization),
+            providerRepository.ReplaceAsync(provider),
+            providerUserRepository.ReplaceAsync(providerUser));
+
+        return provider.Id;
+    }
+
+    public async Task<OneOf<Guid, List<string>>> InitiateConversion(
+        Organization organization,
+        string providerAdminEmail)
+    {
+        var user = await userRepository.GetByEmailAsync(providerAdminEmail);
+
+        var problems = await ValidateInitiationAsync(organization, user);
+
+        if (problems is { Count: > 0 })
+        {
+            return problems;
+        }
+
+        var provider = await providerRepository.CreateAsync(new Provider
+        {
+            Name = organization.Name,
+            BillingEmail = organization.BillingEmail,
+            Status = ProviderStatusType.Pending,
+            UseEvents = true,
+            Type = ProviderType.BusinessUnit
+        });
+
+        var plan = await pricingClient.GetPlanOrThrow(organization.PlanType);
+
+        var managedPlanType = plan.IsAnnual
+            ? PlanType.EnterpriseAnnually
+            : PlanType.EnterpriseMonthly;
+
+        var createProviderOrganization = providerOrganizationRepository.CreateAsync(new ProviderOrganization
+        {
+            ProviderId = provider.Id, OrganizationId = organization.Id
+        });
+
+        var createProviderPlan = providerPlanRepository.CreateAsync(new ProviderPlan
+        {
+            ProviderId = provider.Id,
+            PlanType = managedPlanType,
+            SeatMinimum = 0,
+            PurchasedSeats = organization.Seats,
+            AllocatedSeats = organization.Seats
+        });
+
+        var createProviderUser = providerUserRepository.CreateAsync(new ProviderUser
+        {
+            ProviderId = provider.Id,
+            UserId = user!.Id,
+            Email = user.Email,
+            Status = ProviderUserStatusType.Invited,
+            Type = ProviderUserType.ProviderAdmin
+        });
+
+        await Task.WhenAll(createProviderOrganization, createProviderPlan, createProviderUser);
+
+        await SendInviteAsync(organization, user.Email);
+
+        return provider.Id;
+    }
+
+    public Task ResendConversionInvite(
+        Organization organization,
+        string providerAdminEmail) =>
+        IfConversionInProgressAsync(organization, providerAdminEmail,
+            async (_, _, providerUser) =>
+            {
+                if (!string.IsNullOrEmpty(providerUser.Email))
+                {
+                    await SendInviteAsync(organization, providerUser.Email);
+                }
+            });
+
+    public Task ResetConversion(
+        Organization organization,
+        string providerAdminEmail) =>
+        IfConversionInProgressAsync(organization, providerAdminEmail,
+            async (provider, providerOrganization, providerUser) =>
+            {
+                var tasks = new List<Task>
+                {
+                    providerOrganizationRepository.DeleteAsync(providerOrganization),
+                    providerUserRepository.DeleteAsync(providerUser)
+                };
+
+                var providerPlans = await providerPlanRepository.GetByProviderId(provider.Id);
+
+                if (providerPlans is { Count: > 0 })
+                {
+                    tasks.AddRange(providerPlans.Select(providerPlanRepository.DeleteAsync));
+                }
+
+                await Task.WhenAll(tasks);
+
+                await providerRepository.DeleteAsync(provider);
+            });
+
+    #region Utilities
+
+    private async Task IfConversionInProgressAsync(
+        Organization organization,
+        string providerAdminEmail,
+        Func<Provider, ProviderOrganization, ProviderUser, Task> callback)
+    {
+        var user = await userRepository.GetByEmailAsync(providerAdminEmail);
+
+        if (user == null)
+        {
+            return;
+        }
+
+        var provider = await providerRepository.GetByOrganizationIdAsync(organization.Id);
+
+        if (provider is not
+            {
+                Type: ProviderType.BusinessUnit,
+                Status: ProviderStatusType.Pending
+            })
+        {
+            return;
+        }
+
+        var providerUser = await providerUserRepository.GetByProviderUserAsync(provider.Id, user.Id);
+
+        if (providerUser is
+            {
+                Type: ProviderUserType.ProviderAdmin,
+                Status: ProviderUserStatusType.Invited
+            })
+        {
+            var providerOrganization = await providerOrganizationRepository.GetByOrganizationId(organization.Id);
+            await callback(provider, providerOrganization!, providerUser);
+        }
+    }
+
+    private async Task SendInviteAsync(
+        Organization organization,
+        string providerAdminEmail)
+    {
+        var token = _dataProtector.Protect(
+            $"BusinessUnitConversionInvite {organization.Id} {providerAdminEmail} {CoreHelpers.ToEpocMilliseconds(DateTime.UtcNow)}");
+
+        await mailService.SendBusinessUnitConversionInviteAsync(organization, token, providerAdminEmail);
+    }
+
+    private async Task<(Subscription, Provider, ProviderOrganization, ProviderUser)> ValidateFinalizationAsync(
+        Organization organization,
+        User? user,
+        string token)
+    {
+        if (organization.PlanType.GetProductTier() != ProductTierType.Enterprise)
+        {
+            Fail("Organization must be on an enterprise plan.");
+        }
+
+        var subscription = await subscriberService.GetSubscription(organization);
+
+        if (subscription is not
+            {
+                Status:
+                StripeConstants.SubscriptionStatus.Active or
+                StripeConstants.SubscriptionStatus.Trialing or
+                StripeConstants.SubscriptionStatus.PastDue
+            })
+        {
+            Fail("Organization must have a valid subscription.");
+        }
+
+        if (user == null)
+        {
+            Fail("Provider admin must be a Bitwarden user.");
+        }
+
+        if (!CoreHelpers.TokenIsValid(
+                "BusinessUnitConversionInvite",
+                _dataProtector,
+                token,
+                user.Email,
+                organization.Id,
+                globalSettings.OrganizationInviteExpirationHours))
+        {
+            Fail("Email token is invalid.");
+        }
+
+        var organizationUser =
+            await organizationUserRepository.GetByOrganizationAsync(organization.Id, user.Id);
+
+        if (organizationUser is not
+            {
+                Status: OrganizationUserStatusType.Confirmed
+            })
+        {
+            Fail("Provider admin must be a confirmed member of the organization being converted.");
+        }
+
+        var provider = await providerRepository.GetByOrganizationIdAsync(organization.Id);
+
+        if (provider is not
+            {
+                Type: ProviderType.BusinessUnit,
+                Status: ProviderStatusType.Pending
+            })
+        {
+            Fail("Linked provider is not a pending business unit.");
+        }
+
+        var providerUser = await providerUserRepository.GetByProviderUserAsync(provider.Id, user.Id);
+
+        if (providerUser is not
+            {
+                Type: ProviderUserType.ProviderAdmin,
+                Status: ProviderUserStatusType.Invited
+            })
+        {
+            Fail("Provider admin has not been invited.");
+        }
+
+        var providerOrganization = await providerOrganizationRepository.GetByOrganizationId(organization.Id);
+
+        return (subscription, provider, providerOrganization!, providerUser);
+
+        [DoesNotReturn]
+        void Fail(string scopedError)
+        {
+            logger.LogError("Could not finalize business unit conversion for organization ({OrganizationID}): {Error}",
+                organization.Id, scopedError);
+            throw new BillingException();
+        }
+    }
+
+    private async Task<List<string>?> ValidateInitiationAsync(
+        Organization organization,
+        User? user)
+    {
+        var problems = new List<string>();
+
+        if (organization.PlanType.GetProductTier() != ProductTierType.Enterprise)
+        {
+            problems.Add("Organization must be on an enterprise plan.");
+        }
+
+        var subscription = await subscriberService.GetSubscription(organization);
+
+        if (subscription is not
+            {
+                Status:
+                StripeConstants.SubscriptionStatus.Active or
+                StripeConstants.SubscriptionStatus.Trialing or
+                StripeConstants.SubscriptionStatus.PastDue
+            })
+        {
+            problems.Add("Organization must have a valid subscription.");
+        }
+
+        var providerOrganization = await providerOrganizationRepository.GetByOrganizationId(organization.Id);
+
+        if (providerOrganization != null)
+        {
+            problems.Add("Organization is already linked to a provider.");
+        }
+
+        if (user == null)
+        {
+            problems.Add("Provider admin must be a Bitwarden user.");
+        }
+        else
+        {
+            var organizationUser =
+                await organizationUserRepository.GetByOrganizationAsync(organization.Id, user.Id);
+
+            if (organizationUser is not
+                {
+                    Status: OrganizationUserStatusType.Confirmed
+                })
+            {
+                problems.Add("Provider admin must be a confirmed member of the organization being converted.");
+            }
+        }
+
+        return problems.Count == 0 ? null : problems;
+    }
+
+    #endregion
+}
diff --git a/bitwarden_license/src/Commercial.Core/Utilities/ServiceCollectionExtensions.cs b/bitwarden_license/src/Commercial.Core/Utilities/ServiceCollectionExtensions.cs
index 5ae5be88471e..7f8c82e2c905 100644
--- a/bitwarden_license/src/Commercial.Core/Utilities/ServiceCollectionExtensions.cs
+++ b/bitwarden_license/src/Commercial.Core/Utilities/ServiceCollectionExtensions.cs
@@ -16,5 +16,6 @@ public static void AddCommercialCoreServices(this IServiceCollection services)
         services.AddScoped<ICreateProviderCommand, CreateProviderCommand>();
         services.AddScoped<IRemoveOrganizationFromProviderCommand, RemoveOrganizationFromProviderCommand>();
         services.AddTransient<IProviderBillingService, ProviderBillingService>();
+        services.AddTransient<IBusinessUnitConverter, BusinessUnitConverter>();
     }
 }
diff --git a/src/Core/Billing/Services/IBusinessUnitConverter.cs b/src/Core/Billing/Services/IBusinessUnitConverter.cs
new file mode 100644
index 000000000000..56c031892e65
--- /dev/null
+++ b/src/Core/Billing/Services/IBusinessUnitConverter.cs
@@ -0,0 +1,58 @@
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.AdminConsole.Entities.Provider;
+using Bit.Core.AdminConsole.Enums.Provider;
+using OneOf;
+
+namespace Bit.Core.Billing.Services;
+
+public interface IBusinessUnitConverter
+{
+    /// <summary>
+    /// Finalizes the process of converting the <paramref name="organization"/> to a <see cref="ProviderType.BusinessUnit"/> by
+    /// saving all the necessary key provided by the client and updating the <paramref name="organization"/>'s subscription to a
+    /// provider subscription.
+    /// </summary>
+    /// <param name="organization">The organization to convert to a business unit.</param>
+    /// <param name="userId">The ID of the organization member who will be the provider admin.</param>
+    /// <param name="token">The token sent to the client as part of the <see cref="InitiateConversion"/> process.</param>
+    /// <param name="providerKey">The encrypted provider key used to enable the <see cref="ProviderUser"/>.</param>
+    /// <param name="organizationKey">The encrypted organization key used to enable the <see cref="ProviderOrganization"/>.</param>
+    /// <returns>The provider ID</returns>
+    Task<Guid> FinalizeConversion(
+        Organization organization,
+        Guid userId,
+        string token,
+        string providerKey,
+        string organizationKey);
+
+    /// <summary>
+    /// Begins the process of converting the <paramref name="organization"/> to a <see cref="ProviderType.BusinessUnit"/> by
+    /// creating all the necessary database entities and sending a setup invitation to the <paramref name="providerAdminEmail"/>.
+    /// </summary>
+    /// <param name="organization">The organization to convert to a business unit.</param>
+    /// <param name="providerAdminEmail">The email address of the organization member who will be the provider admin.</param>
+    /// <returns>Either the newly created provider ID or a list of validation failures.</returns>
+    Task<OneOf<Guid, List<string>>> InitiateConversion(
+        Organization organization,
+        string providerAdminEmail);
+
+    /// <summary>
+    /// Checks if the <paramref name="organization"/> has a business unit conversion in progress and, if it does, resends the
+    /// setup invitation to the provider admin.
+    /// </summary>
+    /// <param name="organization">The organization to convert to a business unit.</param>
+    /// <param name="providerAdminEmail">The email address of the organization member who will be the provider admin.</param>
+    Task ResendConversionInvite(
+        Organization organization,
+        string providerAdminEmail);
+
+    /// <summary>
+    /// Checks if the <paramref name="organization"/> has a business unit conversion in progress and, if it does, resets that conversion
+    /// by deleting all the database entities created as part of <see cref="InitiateConversion"/>.
+    /// </summary>
+    /// <param name="organization">The organization to convert to a business unit.</param>
+    /// <param name="providerAdminEmail">The email address of the organization member who will be the provider admin.</param>
+    Task ResetConversion(
+        Organization organization,
+        string providerAdminEmail);
+}

From f478c710191d3d20b04f3656f89d620a02b570b1 Mon Sep 17 00:00:00 2001
From: Alex Morask <amorask@bitwarden.com>
Date: Wed, 2 Apr 2025 13:12:43 -0400
Subject: [PATCH 04/12] [Admin] Add new permission

---
 src/Admin/Enums/Permissions.cs               | 1 +
 src/Admin/Utilities/RolePermissionMapping.cs | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/src/Admin/Enums/Permissions.cs b/src/Admin/Enums/Permissions.cs
index 4edcd742b4db..704fd770bbc1 100644
--- a/src/Admin/Enums/Permissions.cs
+++ b/src/Admin/Enums/Permissions.cs
@@ -38,6 +38,7 @@ public enum Permission
     Org_Billing_View,
     Org_Billing_Edit,
     Org_Billing_LaunchGateway,
+    Org_Billing_ConvertToBusinessUnit,
 
     Provider_List_View,
     Provider_Create,
diff --git a/src/Admin/Utilities/RolePermissionMapping.cs b/src/Admin/Utilities/RolePermissionMapping.cs
index 3b510781be71..f342dfce7c4f 100644
--- a/src/Admin/Utilities/RolePermissionMapping.cs
+++ b/src/Admin/Utilities/RolePermissionMapping.cs
@@ -42,6 +42,7 @@ public static class RolePermissionMapping
                 Permission.Org_Billing_View,
                 Permission.Org_Billing_Edit,
                 Permission.Org_Billing_LaunchGateway,
+                Permission.Org_Billing_ConvertToBusinessUnit,
                 Permission.Provider_List_View,
                 Permission.Provider_Create,
                 Permission.Provider_View,
@@ -90,6 +91,7 @@ public static class RolePermissionMapping
                 Permission.Org_Billing_View,
                 Permission.Org_Billing_Edit,
                 Permission.Org_Billing_LaunchGateway,
+                Permission.Org_Billing_ConvertToBusinessUnit,
                 Permission.Org_InitiateTrial,
                 Permission.Provider_List_View,
                 Permission.Provider_Create,
@@ -166,6 +168,7 @@ public static class RolePermissionMapping
                 Permission.Org_Billing_View,
                 Permission.Org_Billing_Edit,
                 Permission.Org_Billing_LaunchGateway,
+                Permission.Org_Billing_ConvertToBusinessUnit,
                 Permission.Org_RequestDelete,
                 Permission.Provider_Edit,
                 Permission.Provider_View,

From 582cd7eb4402016ee2a3a84b11d22cbc5f8d06fd Mon Sep 17 00:00:00 2001
From: Alex Morask <amorask@bitwarden.com>
Date: Wed, 2 Apr 2025 13:13:42 -0400
Subject: [PATCH 05/12] [Admin] Add BusinessUnitConverterController

---
 src/Admin/Admin.csproj                        |   3 -
 .../BusinessUnitConversionController.cs       | 183 ++++++++++++++++++
 .../Models/BusinessUnitConversionModel.cs     |  25 +++
 .../Views/BusinessUnitConversion/Index.cshtml |  75 +++++++
 4 files changed, 283 insertions(+), 3 deletions(-)
 create mode 100644 src/Admin/Billing/Controllers/BusinessUnitConversionController.cs
 create mode 100644 src/Admin/Billing/Models/BusinessUnitConversionModel.cs
 create mode 100644 src/Admin/Billing/Views/BusinessUnitConversion/Index.cshtml

diff --git a/src/Admin/Admin.csproj b/src/Admin/Admin.csproj
index 4a255eefb254..cd30e841b451 100644
--- a/src/Admin/Admin.csproj
+++ b/src/Admin/Admin.csproj
@@ -14,9 +14,6 @@
     <ProjectReference Include="..\Core\Core.csproj" />
     <ProjectReference Include="..\..\util\SqliteMigrations\SqliteMigrations.csproj" />
   </ItemGroup>
-  <ItemGroup>
-    <Folder Include="Billing\Controllers\" />
-  </ItemGroup>
 
   <Choose>
     <When Condition="!$(DefineConstants.Contains('OSS'))">
diff --git a/src/Admin/Billing/Controllers/BusinessUnitConversionController.cs b/src/Admin/Billing/Controllers/BusinessUnitConversionController.cs
new file mode 100644
index 000000000000..d48319b440de
--- /dev/null
+++ b/src/Admin/Billing/Controllers/BusinessUnitConversionController.cs
@@ -0,0 +1,183 @@
+#nullable enable
+using Bit.Admin.Billing.Models;
+using Bit.Admin.Enums;
+using Bit.Admin.Utilities;
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.AdminConsole.Entities.Provider;
+using Bit.Core.AdminConsole.Enums.Provider;
+using Bit.Core.AdminConsole.Repositories;
+using Bit.Core.Billing.Services;
+using Bit.Core.Exceptions;
+using Bit.Core.Repositories;
+using Bit.Core.Utilities;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+
+namespace Bit.Admin.Billing.Controllers;
+
+[Authorize]
+[Route("organizations/billing/{organizationId:guid}/business-unit")]
+public class BusinessUnitConversionController(
+    IBusinessUnitConverter businessUnitConverter,
+    IOrganizationRepository organizationRepository,
+    IProviderRepository providerRepository,
+    IProviderUserRepository providerUserRepository) : Controller
+{
+    [HttpGet]
+    [RequirePermission(Permission.Org_Billing_ConvertToBusinessUnit)]
+    [SelfHosted(NotSelfHostedOnly = true)]
+    public async Task<IActionResult> IndexAsync([FromRoute] Guid organizationId)
+    {
+        var organization = await organizationRepository.GetByIdAsync(organizationId);
+
+        if (organization == null)
+        {
+            throw new NotFoundException();
+        }
+
+        var model = new BusinessUnitConversionModel { Organization = organization };
+
+        var invitedProviderAdmin = await GetInvitedProviderAdminAsync(organization);
+
+        if (invitedProviderAdmin != null)
+        {
+            model.ProviderAdminEmail = invitedProviderAdmin.Email;
+            model.ProviderId = invitedProviderAdmin.ProviderId;
+        }
+
+        var success = ReadSuccessMessage();
+
+        if (!string.IsNullOrEmpty(success))
+        {
+            model.Success = success;
+        }
+
+        var errors = ReadErrorMessages();
+
+        if (errors is { Count: > 0 })
+        {
+            model.Errors = errors;
+        }
+
+        return View(model);
+    }
+
+    [HttpPost]
+    [RequirePermission(Permission.Org_Billing_ConvertToBusinessUnit)]
+    [SelfHosted(NotSelfHostedOnly = true)]
+    public async Task<IActionResult> InitiateAsync(
+        [FromRoute] Guid organizationId,
+        BusinessUnitConversionModel model)
+    {
+        var organization = await organizationRepository.GetByIdAsync(organizationId);
+
+        if (organization == null)
+        {
+            throw new NotFoundException();
+        }
+
+        var result = await businessUnitConverter.InitiateConversion(
+            organization,
+            model.ProviderAdminEmail!);
+
+        return result.Match(
+            providerId => RedirectToAction("Edit", "Providers", new { id = providerId }),
+            errors =>
+            {
+                PersistErrorMessages(errors);
+                return RedirectToAction("Index", new { organizationId });
+            });
+    }
+
+    [HttpPost("reset")]
+    [RequirePermission(Permission.Org_Billing_ConvertToBusinessUnit)]
+    [SelfHosted(NotSelfHostedOnly = true)]
+    public async Task<IActionResult> ResetAsync(
+        [FromRoute] Guid organizationId,
+        BusinessUnitConversionModel model)
+    {
+        var organization = await organizationRepository.GetByIdAsync(organizationId);
+
+        if (organization == null)
+        {
+            throw new NotFoundException();
+        }
+
+        await businessUnitConverter.ResetConversion(organization, model.ProviderAdminEmail!);
+
+        PersistSuccessMessage("Business unit conversion was successfully reset.");
+
+        return RedirectToAction("Index", new { organizationId });
+    }
+
+    [HttpPost("resend-invite")]
+    [RequirePermission(Permission.Org_Billing_ConvertToBusinessUnit)]
+    [SelfHosted(NotSelfHostedOnly = true)]
+    public async Task<IActionResult> ResendInviteAsync(
+        [FromRoute] Guid organizationId,
+        BusinessUnitConversionModel model)
+    {
+        var organization = await organizationRepository.GetByIdAsync(organizationId);
+
+        if (organization == null)
+        {
+            throw new NotFoundException();
+        }
+
+        await businessUnitConverter.ResendConversionInvite(organization, model.ProviderAdminEmail!);
+
+        PersistSuccessMessage($"Invite was successfully resent to {model.ProviderAdminEmail}.");
+
+        return RedirectToAction("Index", new { organizationId });
+    }
+
+    private async Task<ProviderUser?> GetInvitedProviderAdminAsync(
+        Organization organization)
+    {
+        var provider = await providerRepository.GetByOrganizationIdAsync(organization.Id);
+
+        if (provider is not
+            {
+                Type: ProviderType.BusinessUnit,
+                Status: ProviderStatusType.Pending
+            })
+        {
+            return null;
+        }
+
+        var providerUsers =
+            await providerUserRepository.GetManyByProviderAsync(provider.Id, ProviderUserType.ProviderAdmin);
+
+        if (providerUsers.Count != 1)
+        {
+            return null;
+        }
+
+        var providerUser = providerUsers.First();
+
+        return providerUser is
+        {
+            Type: ProviderUserType.ProviderAdmin,
+            Status: ProviderUserStatusType.Invited,
+            UserId: not null
+        } ? providerUser : null;
+    }
+
+    private const string _errors = "errors";
+    private const string _success = "Success";
+
+    private void PersistSuccessMessage(string message) => TempData[_success] = message;
+    private void PersistErrorMessages(List<string> errors)
+    {
+        var input = string.Join("|", errors);
+        TempData[_errors] = input;
+    }
+    private string? ReadSuccessMessage() => ReadTempData<string>(_success);
+    private List<string>? ReadErrorMessages()
+    {
+        var output = ReadTempData<string>(_errors);
+        return string.IsNullOrEmpty(output) ? null : output.Split('|').ToList();
+    }
+
+    private T? ReadTempData<T>(string key) => TempData.TryGetValue(key, out var obj) && obj is T value ? value : default;
+}
diff --git a/src/Admin/Billing/Models/BusinessUnitConversionModel.cs b/src/Admin/Billing/Models/BusinessUnitConversionModel.cs
new file mode 100644
index 000000000000..2ea94d6cc83e
--- /dev/null
+++ b/src/Admin/Billing/Models/BusinessUnitConversionModel.cs
@@ -0,0 +1,25 @@
+#nullable enable
+using System.ComponentModel.DataAnnotations;
+using Bit.Core.AdminConsole.Entities;
+using Microsoft.AspNetCore.Mvc.ModelBinding;
+
+namespace Bit.Admin.Billing.Models;
+
+public class BusinessUnitConversionModel
+{
+    [Required]
+    [EmailAddress]
+    [Display(Name = "Provider Admin Email")]
+    public string? ProviderAdminEmail { get; set; }
+
+    [BindNever]
+    public required Organization Organization { get; set; }
+
+    [BindNever]
+    public Guid? ProviderId { get; set; }
+
+    [BindNever]
+    public string? Success { get; set; }
+
+    [BindNever] public List<string>? Errors { get; set; } = [];
+}
diff --git a/src/Admin/Billing/Views/BusinessUnitConversion/Index.cshtml b/src/Admin/Billing/Views/BusinessUnitConversion/Index.cshtml
new file mode 100644
index 000000000000..4ec4c97d02e0
--- /dev/null
+++ b/src/Admin/Billing/Views/BusinessUnitConversion/Index.cshtml
@@ -0,0 +1,75 @@
+@model Bit.Admin.Billing.Models.BusinessUnitConversionModel
+
+@{
+    ViewData["Title"] = "Convert Organization to Business Unit";
+}
+
+@if (!string.IsNullOrEmpty(Model.ProviderAdminEmail))
+{
+    <h1>Convert @Model.Organization.Name to Business Unit</h1>
+    @if (!string.IsNullOrEmpty(Model.Success))
+    {
+        <div class="alert alert-success alert-dismissible fade show mb-3" role="alert">
+            @Model.Success
+            <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+        </div>
+    }
+    @if (Model.Errors?.Any() ?? false)
+    {
+        @foreach (var error in Model.Errors)
+        {
+            <div class="alert alert-danger alert-dismissible fade show mb-3" role="alert">
+                @error
+                <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+            </div>
+        }
+    }
+    <p>This organization has a business unit conversion in progress.</p>
+
+    <div class="mb-3">
+        <label asp-for="ProviderAdminEmail" class="form-label"></label>
+        <input type="email" class="form-control" asp-for="ProviderAdminEmail" disabled></input>
+    </div>
+
+    <div class="d-flex gap-2">
+        <form method="post" asp-controller="BusinessUnitConversion" asp-action="ResendInvite" asp-route-organizationId="@Model.Organization.Id">
+            <input type="hidden" asp-for="ProviderAdminEmail" />
+            <button type="submit" class="btn btn-primary mb-2">Resend Invite</button>
+        </form>
+        <form method="post" asp-controller="BusinessUnitConversion" asp-action="Reset" asp-route-organizationId="@Model.Organization.Id">
+            <input type="hidden" asp-for="ProviderAdminEmail" />
+            <button type="submit" class="btn btn-danger mb-2">Reset Conversion</button>
+        </form>
+        @if (Model.ProviderId.HasValue)
+        {
+            <a asp-controller="Providers"
+               asp-action="Edit"
+               asp-route-id="@Model.ProviderId"
+               class="btn btn-secondary mb-2">
+                Go to Provider
+            </a>
+        }
+    </div>
+}
+else
+{
+    <h1>Convert @Model.Organization.Name to Business Unit</h1>
+    @if (Model.Errors?.Any() ?? false)
+    {
+        @foreach (var error in Model.Errors)
+        {
+            <div class="alert alert-danger alert-dismissible fade show mb-3" role="alert">
+                @error
+                <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+            </div>
+        }
+    }
+    <form method="post" asp-controller="BusinessUnitConversion" asp-action="Initiate" asp-route-organizationId="@Model.Organization.Id">
+        <div asp-validation-summary="All" class="alert alert-danger"></div>
+        <div class="mb-3">
+            <label asp-for="ProviderAdminEmail" class="form-label"></label>
+            <input type="email" class="form-control" asp-for="ProviderAdminEmail" />
+        </div>
+        <button type="submit" class="btn btn-primary mb-2">Convert</button>
+    </form>
+}

From 35f9aae463ab8226576c53d921d83047715efd71 Mon Sep 17 00:00:00 2001
From: Alex Morask <amorask@bitwarden.com>
Date: Wed, 2 Apr 2025 13:15:50 -0400
Subject: [PATCH 06/12] [Admin] Add Convert to Business Unit button to
 Organization edit page

---
 .../Views/Organizations/Edit.cshtml           | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/src/Admin/AdminConsole/Views/Organizations/Edit.cshtml b/src/Admin/AdminConsole/Views/Organizations/Edit.cshtml
index 3ac716a6d4e8..1134972b8b95 100644
--- a/src/Admin/AdminConsole/Views/Organizations/Edit.cshtml
+++ b/src/Admin/AdminConsole/Views/Organizations/Edit.cshtml
@@ -1,7 +1,9 @@
 @using Bit.Admin.Enums;
 @using Bit.Admin.Models
+@using Bit.Core.AdminConsole.Enums.Provider
 @using Bit.Core.Billing.Enums
-@using Bit.Core.Enums
+@using Bit.Core.Billing.Extensions
+@using Microsoft.AspNetCore.Mvc.TagHelpers
 @inject Bit.Admin.Services.IAccessControlService AccessControlService
 @model OrganizationEditModel
 @{
@@ -13,6 +15,12 @@
     var canRequestDelete = AccessControlService.UserHasPermission(Permission.Org_RequestDelete);
     var canDelete = AccessControlService.UserHasPermission(Permission.Org_Delete);
     var canUnlinkFromProvider = AccessControlService.UserHasPermission(Permission.Provider_Edit);
+
+    var canConvertToBusinessUnit =
+        AccessControlService.UserHasPermission(Permission.Org_Billing_ConvertToBusinessUnit) &&
+        Model.Organization.PlanType.GetProductTier() == ProductTierType.Enterprise &&
+        !string.IsNullOrEmpty(Model.Organization.GatewaySubscriptionId) &&
+        Model.Provider is null or { Type: ProviderType.BusinessUnit, Status: ProviderStatusType.Pending };
 }
 
 @section Scripts {
@@ -114,6 +122,15 @@
                 Enterprise Trial
             </button>
         }
+        @if (canConvertToBusinessUnit)
+        {
+            <a asp-controller="BusinessUnitConversion"
+               asp-action="Index"
+               asp-route-organizationId="@Model.Organization.Id"
+               class="btn btn-secondary me-2">
+                Convert to Business Unit
+            </a>
+        }
         @if (canUnlinkFromProvider && Model.Provider is not null)
         {
             <button class="btn btn-outline-danger me-2"

From 4baa4d6ba48767c829672f169396bd0c8e39ef72 Mon Sep 17 00:00:00 2001
From: Alex Morask <amorask@bitwarden.com>
Date: Wed, 2 Apr 2025 13:23:51 -0400
Subject: [PATCH 07/12] [Api] Add
 OrganizationBillingController.SetupBusinessUnitAsync action

---
 .../OrganizationBillingController.cs          | 30 +++++++++++++++++++
 .../Requests/SetupBusinessUnitRequestBody.cs  | 18 +++++++++++
 2 files changed, 48 insertions(+)
 create mode 100644 src/Api/Billing/Models/Requests/SetupBusinessUnitRequestBody.cs

diff --git a/src/Api/Billing/Controllers/OrganizationBillingController.cs b/src/Api/Billing/Controllers/OrganizationBillingController.cs
index 2ec503281e7e..781397889f43 100644
--- a/src/Api/Billing/Controllers/OrganizationBillingController.cs
+++ b/src/Api/Billing/Controllers/OrganizationBillingController.cs
@@ -12,12 +12,14 @@
 using Bit.Core.Utilities;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
+using OneOf.Types;
 
 namespace Bit.Api.Billing.Controllers;
 
 [Route("organizations/{organizationId:guid}/billing")]
 [Authorize("Application")]
 public class OrganizationBillingController(
+    IBusinessUnitConverter businessUnitConverter,
     ICurrentContext currentContext,
     IOrganizationBillingService organizationBillingService,
     IOrganizationRepository organizationRepository,
@@ -296,4 +298,32 @@ public async Task<IResult> RestartSubscriptionAsync([FromRoute] Guid organizatio
 
         return TypedResults.Ok();
     }
+
+    [HttpPost("setup-business-unit")]
+    [SelfHosted(NotSelfHostedOnly = true)]
+    public async Task<IResult> SetupBusinessUnitAsync(
+        [FromRoute] Guid organizationId,
+        [FromBody] SetupBusinessUnitRequestBody requestBody)
+    {
+        var organization = await organizationRepository.GetByIdAsync(organizationId);
+
+        if (organization == null)
+        {
+            return Error.NotFound();
+        }
+
+        if (!await currentContext.OrganizationUser(organizationId))
+        {
+            return Error.Unauthorized();
+        }
+
+        var providerId = await businessUnitConverter.FinalizeConversion(
+            organization,
+            requestBody.UserId,
+            requestBody.Token,
+            requestBody.ProviderKey,
+            requestBody.OrganizationKey);
+
+        return TypedResults.Ok(providerId);
+    }
 }
diff --git a/src/Api/Billing/Models/Requests/SetupBusinessUnitRequestBody.cs b/src/Api/Billing/Models/Requests/SetupBusinessUnitRequestBody.cs
new file mode 100644
index 000000000000..fa1b83944150
--- /dev/null
+++ b/src/Api/Billing/Models/Requests/SetupBusinessUnitRequestBody.cs
@@ -0,0 +1,18 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace Bit.Api.Billing.Models.Requests;
+
+public class SetupBusinessUnitRequestBody
+{
+    [Required]
+    public Guid UserId { get; set; }
+
+    [Required]
+    public string Token { get; set; }
+
+    [Required]
+    public string ProviderKey { get; set; }
+
+    [Required]
+    public string OrganizationKey { get; set; }
+}

From 36b04606f817214d56b3b918c72276c4cf587f07 Mon Sep 17 00:00:00 2001
From: Alex Morask <amorask@bitwarden.com>
Date: Thu, 3 Apr 2025 14:09:48 -0400
Subject: [PATCH 08/12] [Multi] Propagate provider type to sync response

---
 .../Models/Response/Providers/ProfileProviderResponseModel.cs   | 2 ++
 .../Models/Data/Provider/ProviderUserProviderDetails.cs         | 1 +
 .../ProviderUserProviderDetailsReadByUserIdStatusQuery.cs       | 1 +
 3 files changed, 4 insertions(+)

diff --git a/src/Api/AdminConsole/Models/Response/Providers/ProfileProviderResponseModel.cs b/src/Api/AdminConsole/Models/Response/Providers/ProfileProviderResponseModel.cs
index bdfec2624285..9cc5b89ee825 100644
--- a/src/Api/AdminConsole/Models/Response/Providers/ProfileProviderResponseModel.cs
+++ b/src/Api/AdminConsole/Models/Response/Providers/ProfileProviderResponseModel.cs
@@ -22,6 +22,7 @@ public ProfileProviderResponseModel(ProviderUserProviderDetails provider)
         UserId = provider.UserId;
         UseEvents = provider.UseEvents;
         ProviderStatus = provider.ProviderStatus;
+        ProviderType = provider.ProviderType;
     }
 
     public Guid Id { get; set; }
@@ -35,4 +36,5 @@ public ProfileProviderResponseModel(ProviderUserProviderDetails provider)
     public Guid? UserId { get; set; }
     public bool UseEvents { get; set; }
     public ProviderStatusType ProviderStatus { get; set; }
+    public ProviderType ProviderType { get; set; }
 }
diff --git a/src/Core/AdminConsole/Models/Data/Provider/ProviderUserProviderDetails.cs b/src/Core/AdminConsole/Models/Data/Provider/ProviderUserProviderDetails.cs
index 23f4e1d57a79..67565bad6dea 100644
--- a/src/Core/AdminConsole/Models/Data/Provider/ProviderUserProviderDetails.cs
+++ b/src/Core/AdminConsole/Models/Data/Provider/ProviderUserProviderDetails.cs
@@ -17,4 +17,5 @@ public class ProviderUserProviderDetails
     public string Permissions { get; set; }
     public bool UseEvents { get; set; }
     public ProviderStatusType ProviderStatus { get; set; }
+    public ProviderType ProviderType { get; set; }
 }
diff --git a/src/Infrastructure.EntityFramework/AdminConsole/Repositories/Queries/ProviderUserProviderDetailsReadByUserIdStatusQuery.cs b/src/Infrastructure.EntityFramework/AdminConsole/Repositories/Queries/ProviderUserProviderDetailsReadByUserIdStatusQuery.cs
index 6469ffc9ce9e..231f5874292e 100644
--- a/src/Infrastructure.EntityFramework/AdminConsole/Repositories/Queries/ProviderUserProviderDetailsReadByUserIdStatusQuery.cs
+++ b/src/Infrastructure.EntityFramework/AdminConsole/Repositories/Queries/ProviderUserProviderDetailsReadByUserIdStatusQuery.cs
@@ -35,6 +35,7 @@ from p in p_g.DefaultIfEmpty()
             Permissions = x.pu.Permissions,
             UseEvents = x.p.UseEvents,
             ProviderStatus = x.p.Status,
+            ProviderType = x.p.Type
         });
     }
 }

From 7b83f287b8ec18c04675555bab56ea25d4c521e3 Mon Sep 17 00:00:00 2001
From: Alex Morask <amorask@bitwarden.com>
Date: Thu, 3 Apr 2025 14:36:42 -0400
Subject: [PATCH 09/12] [Multi] Put updates behind feature flag

---
 .../Commercial.Core/Billing/BusinessUnitConverter.cs   |  2 ++
 src/Admin/AdminConsole/Views/Organizations/Edit.cshtml |  4 ++++
 .../Controllers/BusinessUnitConversionController.cs    |  2 ++
 .../Controllers/OrganizationBillingController.cs       | 10 ++++++++++
 src/Core/Constants.cs                                  |  1 +
 5 files changed, 19 insertions(+)

diff --git a/bitwarden_license/src/Commercial.Core/Billing/BusinessUnitConverter.cs b/bitwarden_license/src/Commercial.Core/Billing/BusinessUnitConverter.cs
index 05ca331feaca..5e14a06f0c5a 100644
--- a/bitwarden_license/src/Commercial.Core/Billing/BusinessUnitConverter.cs
+++ b/bitwarden_license/src/Commercial.Core/Billing/BusinessUnitConverter.cs
@@ -1,5 +1,6 @@
 #nullable enable
 using System.Diagnostics.CodeAnalysis;
+using Bit.Core;
 using Bit.Core.AdminConsole.Entities;
 using Bit.Core.AdminConsole.Entities.Provider;
 using Bit.Core.AdminConsole.Enums.Provider;
@@ -25,6 +26,7 @@
 
 namespace Bit.Commercial.Core.Billing;
 
+[RequireFeature(FeatureFlagKeys.PM18770_EnableOrganizationBusinessUnitConversion)]
 public class BusinessUnitConverter(
     IDataProtectionProvider dataProtectionProvider,
     GlobalSettings globalSettings,
diff --git a/src/Admin/AdminConsole/Views/Organizations/Edit.cshtml b/src/Admin/AdminConsole/Views/Organizations/Edit.cshtml
index 1134972b8b95..f240cb192f96 100644
--- a/src/Admin/AdminConsole/Views/Organizations/Edit.cshtml
+++ b/src/Admin/AdminConsole/Views/Organizations/Edit.cshtml
@@ -1,10 +1,13 @@
 @using Bit.Admin.Enums;
 @using Bit.Admin.Models
+@using Bit.Core
 @using Bit.Core.AdminConsole.Enums.Provider
 @using Bit.Core.Billing.Enums
 @using Bit.Core.Billing.Extensions
+@using Bit.Core.Services
 @using Microsoft.AspNetCore.Mvc.TagHelpers
 @inject Bit.Admin.Services.IAccessControlService AccessControlService
+@inject IFeatureService FeatureService
 @model OrganizationEditModel
 @{
     ViewData["Title"] = (Model.Provider != null ? "Client " : string.Empty) + "Organization: " + Model.Name;
@@ -17,6 +20,7 @@
     var canUnlinkFromProvider = AccessControlService.UserHasPermission(Permission.Provider_Edit);
 
     var canConvertToBusinessUnit =
+        FeatureService.IsEnabled(FeatureFlagKeys.PM18770_EnableOrganizationBusinessUnitConversion) &&
         AccessControlService.UserHasPermission(Permission.Org_Billing_ConvertToBusinessUnit) &&
         Model.Organization.PlanType.GetProductTier() == ProductTierType.Enterprise &&
         !string.IsNullOrEmpty(Model.Organization.GatewaySubscriptionId) &&
diff --git a/src/Admin/Billing/Controllers/BusinessUnitConversionController.cs b/src/Admin/Billing/Controllers/BusinessUnitConversionController.cs
index d48319b440de..390aa57d5d5c 100644
--- a/src/Admin/Billing/Controllers/BusinessUnitConversionController.cs
+++ b/src/Admin/Billing/Controllers/BusinessUnitConversionController.cs
@@ -2,6 +2,7 @@
 using Bit.Admin.Billing.Models;
 using Bit.Admin.Enums;
 using Bit.Admin.Utilities;
+using Bit.Core;
 using Bit.Core.AdminConsole.Entities;
 using Bit.Core.AdminConsole.Entities.Provider;
 using Bit.Core.AdminConsole.Enums.Provider;
@@ -17,6 +18,7 @@ namespace Bit.Admin.Billing.Controllers;
 
 [Authorize]
 [Route("organizations/billing/{organizationId:guid}/business-unit")]
+[RequireFeature(FeatureFlagKeys.PM18770_EnableOrganizationBusinessUnitConversion)]
 public class BusinessUnitConversionController(
     IBusinessUnitConverter businessUnitConverter,
     IOrganizationRepository organizationRepository,
diff --git a/src/Api/Billing/Controllers/OrganizationBillingController.cs b/src/Api/Billing/Controllers/OrganizationBillingController.cs
index 781397889f43..4a9682d7efe1 100644
--- a/src/Api/Billing/Controllers/OrganizationBillingController.cs
+++ b/src/Api/Billing/Controllers/OrganizationBillingController.cs
@@ -2,6 +2,7 @@
 using Bit.Api.AdminConsole.Models.Request.Organizations;
 using Bit.Api.Billing.Models.Requests;
 using Bit.Api.Billing.Models.Responses;
+using Bit.Core;
 using Bit.Core.Billing.Models;
 using Bit.Core.Billing.Models.Sales;
 using Bit.Core.Billing.Pricing;
@@ -21,6 +22,7 @@ namespace Bit.Api.Billing.Controllers;
 public class OrganizationBillingController(
     IBusinessUnitConverter businessUnitConverter,
     ICurrentContext currentContext,
+    IFeatureService featureService,
     IOrganizationBillingService organizationBillingService,
     IOrganizationRepository organizationRepository,
     IPaymentService paymentService,
@@ -305,6 +307,14 @@ public async Task<IResult> SetupBusinessUnitAsync(
         [FromRoute] Guid organizationId,
         [FromBody] SetupBusinessUnitRequestBody requestBody)
     {
+        var enableOrganizationBusinessUnitConversion =
+            featureService.IsEnabled(FeatureFlagKeys.PM18770_EnableOrganizationBusinessUnitConversion);
+
+        if (!enableOrganizationBusinessUnitConversion)
+        {
+            return Error.NotFound();
+        }
+
         var organization = await organizationRepository.GetByIdAsync(organizationId);
 
         if (organization == null)
diff --git a/src/Core/Constants.cs b/src/Core/Constants.cs
index 310b917bf761..c4ef2957fff1 100644
--- a/src/Core/Constants.cs
+++ b/src/Core/Constants.cs
@@ -150,6 +150,7 @@ public static class FeatureFlagKeys
     public const string PM18794_ProviderPaymentMethod = "pm-18794-provider-payment-method";
     public const string PM19147_AutomaticTaxImprovements = "pm-19147-automatic-tax-improvements";
     public const string PM19422_AllowAutomaticTaxUpdates = "pm-19422-allow-automatic-tax-updates";
+    public const string PM18770_EnableOrganizationBusinessUnitConversion = "pm-18770-enable-organization-business-unit-conversion";
 
     /* Key Management Team */
     public const string ReturnErrorOnExistingKeypair = "return-error-on-existing-keypair";

From 9ad6733d56f55742d8547f9c83ea008ffea7fb34 Mon Sep 17 00:00:00 2001
From: Alex Morask <amorask@bitwarden.com>
Date: Thu, 3 Apr 2025 16:24:32 -0400
Subject: [PATCH 10/12] [Tests] BusinessUnitConverterTests

---
 .../Billing/BusinessUnitConverterTests.cs     | 497 ++++++++++++++++++
 1 file changed, 497 insertions(+)
 create mode 100644 bitwarden_license/test/Commercial.Core.Test/Billing/BusinessUnitConverterTests.cs

diff --git a/bitwarden_license/test/Commercial.Core.Test/Billing/BusinessUnitConverterTests.cs b/bitwarden_license/test/Commercial.Core.Test/Billing/BusinessUnitConverterTests.cs
new file mode 100644
index 000000000000..21513aecc7f0
--- /dev/null
+++ b/bitwarden_license/test/Commercial.Core.Test/Billing/BusinessUnitConverterTests.cs
@@ -0,0 +1,497 @@
+#nullable enable
+using System.Text;
+using Bit.Commercial.Core.Billing;
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.AdminConsole.Entities.Provider;
+using Bit.Core.AdminConsole.Enums.Provider;
+using Bit.Core.AdminConsole.Repositories;
+using Bit.Core.Billing;
+using Bit.Core.Billing.Constants;
+using Bit.Core.Billing.Entities;
+using Bit.Core.Billing.Enums;
+using Bit.Core.Billing.Pricing;
+using Bit.Core.Billing.Repositories;
+using Bit.Core.Billing.Services;
+using Bit.Core.Entities;
+using Bit.Core.Enums;
+using Bit.Core.Repositories;
+using Bit.Core.Services;
+using Bit.Core.Settings;
+using Bit.Core.Utilities;
+using Bit.Test.Common.AutoFixture.Attributes;
+using Microsoft.AspNetCore.DataProtection;
+using Microsoft.Extensions.Logging;
+using NSubstitute;
+using Stripe;
+using Xunit;
+
+namespace Bit.Commercial.Core.Test.Billing;
+
+public class BusinessUnitConverterTests
+{
+    private readonly IDataProtectionProvider _dataProtectionProvider = Substitute.For<IDataProtectionProvider>();
+    private readonly GlobalSettings _globalSettings = new();
+    private readonly ILogger<BusinessUnitConverter> _logger = Substitute.For<ILogger<BusinessUnitConverter>>();
+    private readonly IMailService _mailService = Substitute.For<IMailService>();
+    private readonly IOrganizationRepository _organizationRepository = Substitute.For<IOrganizationRepository>();
+    private readonly IOrganizationUserRepository _organizationUserRepository = Substitute.For<IOrganizationUserRepository>();
+    private readonly IPricingClient _pricingClient = Substitute.For<IPricingClient>();
+    private readonly IProviderOrganizationRepository _providerOrganizationRepository = Substitute.For<IProviderOrganizationRepository>();
+    private readonly IProviderPlanRepository _providerPlanRepository = Substitute.For<IProviderPlanRepository>();
+    private readonly IProviderRepository _providerRepository = Substitute.For<IProviderRepository>();
+    private readonly IProviderUserRepository _providerUserRepository = Substitute.For<IProviderUserRepository>();
+    private readonly IStripeAdapter _stripeAdapter = Substitute.For<IStripeAdapter>();
+    private readonly ISubscriberService _subscriberService = Substitute.For<ISubscriberService>();
+    private readonly IUserRepository _userRepository = Substitute.For<IUserRepository>();
+
+    private BusinessUnitConverter BuildConverter() => new (
+        _dataProtectionProvider,
+        _globalSettings,
+        _logger,
+        _mailService,
+        _organizationRepository,
+        _organizationUserRepository,
+        _pricingClient,
+        _providerOrganizationRepository,
+        _providerPlanRepository,
+        _providerRepository,
+        _providerUserRepository,
+        _stripeAdapter,
+        _subscriberService,
+        _userRepository);
+
+    #region FinalizeConversion
+
+    [Theory, BitAutoData]
+    public async Task FinalizeConversion_Succeeds_ReturnsProviderId(
+        Organization organization,
+        Guid userId,
+        string providerKey,
+        string organizationKey)
+    {
+        organization.PlanType = PlanType.EnterpriseAnnually2020;
+
+        var enterpriseAnnually2020 = StaticStore.GetPlan(PlanType.EnterpriseAnnually2020);
+
+        var subscription = new Subscription
+        {
+            Id = "subscription_id",
+            CustomerId = "customer_id",
+            Status = StripeConstants.SubscriptionStatus.Active,
+            Items = new StripeList<SubscriptionItem>
+            {
+                Data = [
+                    new SubscriptionItem
+                    {
+                        Id = "subscription_item_id",
+                        Price = new Price
+                        {
+                            Id = enterpriseAnnually2020.PasswordManager.StripeSeatPlanId
+                        }
+                    }
+                ]
+            }
+        };
+
+        _subscriberService.GetSubscription(organization).Returns(subscription);
+
+        var user = new User
+        {
+            Id = Guid.NewGuid(),
+            Email = "provider-admin@example.com"
+        };
+
+        _userRepository.GetByIdAsync(userId).Returns(user);
+
+        var token = SetupDataProtection(organization, user.Email);
+
+        var organizationUser = new OrganizationUser { Status = OrganizationUserStatusType.Confirmed };
+
+        _organizationUserRepository.GetByOrganizationAsync(organization.Id, user.Id)
+            .Returns(organizationUser);
+
+        var provider = new Provider
+        {
+            Type = ProviderType.BusinessUnit,
+            Status = ProviderStatusType.Pending
+        };
+
+        _providerRepository.GetByOrganizationIdAsync(organization.Id).Returns(provider);
+
+        var providerUser = new ProviderUser
+        {
+            Type = ProviderUserType.ProviderAdmin,
+            Status = ProviderUserStatusType.Invited
+        };
+
+        _providerUserRepository.GetByProviderUserAsync(provider.Id, user.Id).Returns(providerUser);
+
+        var providerOrganization = new ProviderOrganization();
+
+        _providerOrganizationRepository.GetByOrganizationId(organization.Id).Returns(providerOrganization);
+
+        _pricingClient.GetPlanOrThrow(PlanType.EnterpriseAnnually2020)
+            .Returns(enterpriseAnnually2020);
+
+        var enterpriseAnnually = StaticStore.GetPlan(PlanType.EnterpriseAnnually);
+
+        _pricingClient.GetPlanOrThrow(PlanType.EnterpriseAnnually)
+            .Returns(enterpriseAnnually);
+
+        var businessUnitConverter = BuildConverter();
+
+        await businessUnitConverter.FinalizeConversion(organization, userId, token, providerKey, organizationKey);
+
+        await _stripeAdapter.Received(2).CustomerUpdateAsync(subscription.CustomerId, Arg.Any<CustomerUpdateOptions>());
+
+        var updatedPriceId = ProviderPriceAdapter.GetActivePriceId(provider, enterpriseAnnually.Type);
+
+        await _stripeAdapter.Received(1).SubscriptionUpdateAsync(subscription.Id, Arg.Is<SubscriptionUpdateOptions>(
+            arguments =>
+                arguments.Items.Count == 2 &&
+                arguments.Items[0].Id == "subscription_item_id" &&
+                arguments.Items[0].Deleted == true &&
+                arguments.Items[1].Price == updatedPriceId &&
+                arguments.Items[1].Quantity == organization.Seats));
+
+        await _organizationRepository.Received(1).ReplaceAsync(Arg.Is<Organization>(arguments =>
+            arguments.PlanType == PlanType.EnterpriseAnnually &&
+            arguments.Status == OrganizationStatusType.Managed &&
+            arguments.GatewayCustomerId == null &&
+            arguments.GatewaySubscriptionId == null));
+
+        await _providerOrganizationRepository.Received(1).ReplaceAsync(Arg.Is<ProviderOrganization>(arguments =>
+            arguments.Key == organizationKey));
+
+        await _providerRepository.Received(1).ReplaceAsync(Arg.Is<Provider>(arguments =>
+            arguments.Gateway == GatewayType.Stripe &&
+            arguments.GatewayCustomerId == subscription.CustomerId &&
+            arguments.GatewaySubscriptionId == subscription.Id &&
+            arguments.Status == ProviderStatusType.Billable));
+
+        await _providerUserRepository.Received(1).ReplaceAsync(Arg.Is<ProviderUser>(arguments =>
+            arguments.Key == providerKey &&
+            arguments.Status == ProviderUserStatusType.Confirmed));
+    }
+
+    /*
+     * Because the validation for finalization is not an applicative like initialization is,
+     * I'm just testing one specific failure here. I don't see much value in testing every single opportunity for failure.
+     */
+    [Theory, BitAutoData]
+    public async Task FinalizeConversion_ValidationFails_ThrowsBillingException(
+        Organization organization,
+        Guid userId,
+        string token,
+        string providerKey,
+        string organizationKey)
+    {
+        organization.PlanType = PlanType.EnterpriseAnnually2020;
+
+        var subscription = new Subscription
+        {
+            Status = StripeConstants.SubscriptionStatus.Canceled
+        };
+
+        _subscriberService.GetSubscription(organization).Returns(subscription);
+
+        var businessUnitConverter = BuildConverter();
+
+        await Assert.ThrowsAsync<BillingException>(() =>
+            businessUnitConverter.FinalizeConversion(organization, userId, token, providerKey, organizationKey));
+
+        await _organizationUserRepository.DidNotReceiveWithAnyArgs()
+            .GetByOrganizationAsync(Arg.Any<Guid>(), Arg.Any<Guid>());
+    }
+
+    #endregion
+
+    #region InitiateConversion
+
+    [Theory, BitAutoData]
+    public async Task InitiateConversion_Succeeds_ReturnsProviderId(
+        Organization organization,
+        string providerAdminEmail)
+    {
+        organization.PlanType = PlanType.EnterpriseAnnually;
+
+        _subscriberService.GetSubscription(organization).Returns(new Subscription
+        {
+            Status = StripeConstants.SubscriptionStatus.Active
+        });
+
+        var user = new User
+        {
+            Id = Guid.NewGuid(), Email = providerAdminEmail
+        };
+
+        _userRepository.GetByEmailAsync(providerAdminEmail).Returns(user);
+
+        var organizationUser = new OrganizationUser { Status = OrganizationUserStatusType.Confirmed };
+
+        _organizationUserRepository.GetByOrganizationAsync(organization.Id, user.Id)
+            .Returns(organizationUser);
+
+        var provider = new Provider { Id = Guid.NewGuid() };
+
+        _providerRepository.CreateAsync(Arg.Is<Provider>(argument =>
+            argument.Name == organization.Name &&
+            argument.BillingEmail == organization.BillingEmail &&
+            argument.Status == ProviderStatusType.Pending &&
+            argument.Type == ProviderType.BusinessUnit)).Returns(provider);
+
+        var plan = StaticStore.GetPlan(organization.PlanType);
+
+        _pricingClient.GetPlanOrThrow(organization.PlanType).Returns(plan);
+
+        var token = SetupDataProtection(organization, providerAdminEmail);
+
+        var businessUnitConverter = BuildConverter();
+
+        var result = await businessUnitConverter.InitiateConversion(organization, providerAdminEmail);
+
+        Assert.True(result.IsT0);
+
+        var providerId = result.AsT0;
+
+        Assert.Equal(provider.Id, providerId);
+
+        await _providerOrganizationRepository.Received(1).CreateAsync(
+            Arg.Is<ProviderOrganization>(argument =>
+                argument.ProviderId == provider.Id &&
+                argument.OrganizationId == organization.Id));
+
+        await _providerPlanRepository.Received(1).CreateAsync(
+            Arg.Is<ProviderPlan>(argument =>
+                argument.ProviderId == provider.Id &&
+                argument.PlanType == PlanType.EnterpriseAnnually &&
+                argument.SeatMinimum == 0 &&
+                argument.PurchasedSeats == organization.Seats &&
+                argument.AllocatedSeats == organization.Seats));
+
+        await _providerUserRepository.Received(1).CreateAsync(
+            Arg.Is<ProviderUser>(argument =>
+                argument.ProviderId == provider.Id &&
+                argument.UserId == user.Id &&
+                argument.Email == user.Email &&
+                argument.Status == ProviderUserStatusType.Invited &&
+                argument.Type == ProviderUserType.ProviderAdmin));
+
+        await _mailService.Received(1).SendBusinessUnitConversionInviteAsync(
+            organization,
+            token,
+            user.Email);
+    }
+
+    [Theory, BitAutoData]
+    public async Task InitiateConversion_ValidationFails_ReturnsErrors(
+        Organization organization,
+        string providerAdminEmail)
+    {
+        organization.PlanType = PlanType.TeamsMonthly;
+
+        _subscriberService.GetSubscription(organization).Returns(new Subscription
+        {
+            Status = StripeConstants.SubscriptionStatus.Canceled
+        });
+
+        var user = new User
+        {
+            Id = Guid.NewGuid(), Email = providerAdminEmail
+        };
+
+        _providerOrganizationRepository.GetByOrganizationId(organization.Id)
+            .Returns(new ProviderOrganization());
+
+        _userRepository.GetByEmailAsync(providerAdminEmail).Returns(user);
+
+        var organizationUser = new OrganizationUser { Status = OrganizationUserStatusType.Invited };
+
+        _organizationUserRepository.GetByOrganizationAsync(organization.Id, user.Id)
+            .Returns(organizationUser);
+
+        var businessUnitConverter = BuildConverter();
+
+        var result = await businessUnitConverter.InitiateConversion(organization, providerAdminEmail);
+
+        Assert.True(result.IsT1);
+
+        var problems = result.AsT1;
+
+        Assert.Contains("Organization must be on an enterprise plan.", problems);
+
+        Assert.Contains("Organization must have a valid subscription.", problems);
+
+        Assert.Contains("Organization is already linked to a provider.", problems);
+
+        Assert.Contains("Provider admin must be a confirmed member of the organization being converted.", problems);
+    }
+
+    #endregion
+
+    #region ResendConversionInvite
+
+    [Theory, BitAutoData]
+    public async Task ResendConversionInvite_ConversionInProgress_Succeeds(
+        Organization organization,
+        string providerAdminEmail)
+    {
+        SetupConversionInProgress(organization, providerAdminEmail);
+
+        var token = SetupDataProtection(organization, providerAdminEmail);
+
+        var businessUnitConverter = BuildConverter();
+
+        await businessUnitConverter.ResendConversionInvite(organization, providerAdminEmail);
+
+        await _mailService.Received(1).SendBusinessUnitConversionInviteAsync(
+            organization,
+            token,
+            providerAdminEmail);
+    }
+
+    [Theory, BitAutoData]
+    public async Task ResendConversionInvite_NoConversionInProgress_DoesNothing(
+        Organization organization,
+        string providerAdminEmail)
+    {
+        SetupDataProtection(organization, providerAdminEmail);
+
+        var businessUnitConverter = BuildConverter();
+
+        await businessUnitConverter.ResendConversionInvite(organization, providerAdminEmail);
+
+        await _mailService.DidNotReceiveWithAnyArgs().SendBusinessUnitConversionInviteAsync(
+            Arg.Any<Organization>(),
+            Arg.Any<string>(),
+            Arg.Any<string>());
+    }
+
+    #endregion
+
+    #region ResetConversion
+
+    [Theory, BitAutoData]
+    public async Task ResetConversion_ConversionInProgress_Succeeds(
+        Organization organization,
+        string providerAdminEmail)
+    {
+        var (provider, providerOrganization, providerUser, providerPlan) = SetupConversionInProgress(organization, providerAdminEmail);
+
+        var businessUnitConverter = BuildConverter();
+
+        await businessUnitConverter.ResetConversion(organization, providerAdminEmail);
+
+        await _providerOrganizationRepository.Received(1)
+            .DeleteAsync(providerOrganization);
+
+        await _providerUserRepository.Received(1)
+            .DeleteAsync(providerUser);
+
+        await _providerPlanRepository.Received(1)
+            .DeleteAsync(providerPlan);
+
+        await _providerRepository.Received(1)
+            .DeleteAsync(provider);
+    }
+
+    [Theory, BitAutoData]
+    public async Task ResetConversion_NoConversionInProgress_DoesNothing(
+        Organization organization,
+        string providerAdminEmail)
+    {
+        var businessUnitConverter = BuildConverter();
+
+        await businessUnitConverter.ResetConversion(organization, providerAdminEmail);
+
+        await _providerOrganizationRepository.DidNotReceiveWithAnyArgs()
+            .DeleteAsync(Arg.Any<ProviderOrganization>());
+
+        await _providerUserRepository.DidNotReceiveWithAnyArgs()
+            .DeleteAsync(Arg.Any<ProviderUser>());
+
+        await _providerPlanRepository.DidNotReceiveWithAnyArgs()
+            .DeleteAsync(Arg.Any<ProviderPlan>());
+
+        await _providerRepository.DidNotReceiveWithAnyArgs()
+            .DeleteAsync(Arg.Any<Provider>());
+    }
+
+    #endregion
+
+    #region Utilities
+
+    private string SetupDataProtection(
+        Organization organization,
+        string providerAdminEmail)
+    {
+        var dataProtector = new MockDataProtector(organization, providerAdminEmail);
+        _dataProtectionProvider.CreateProtector($"{nameof(BusinessUnitConverter)}DataProtector").Returns(dataProtector);
+        return dataProtector.Protect(dataProtector.Token);
+    }
+
+    private (Provider, ProviderOrganization, ProviderUser, ProviderPlan) SetupConversionInProgress(
+        Organization organization,
+        string providerAdminEmail)
+    {
+        var user = new User { Id = Guid.NewGuid() };
+
+        _userRepository.GetByEmailAsync(providerAdminEmail).Returns(user);
+
+        var provider = new Provider
+        {
+            Id = Guid.NewGuid(),
+            Type = ProviderType.BusinessUnit,
+            Status = ProviderStatusType.Pending
+        };
+
+        _providerRepository.GetByOrganizationIdAsync(organization.Id).Returns(provider);
+
+        var providerUser = new ProviderUser
+        {
+            Id = Guid.NewGuid(),
+            ProviderId = provider.Id,
+            UserId = user.Id,
+            Type = ProviderUserType.ProviderAdmin,
+            Status = ProviderUserStatusType.Invited,
+            Email = providerAdminEmail
+        };
+
+        _providerUserRepository.GetByProviderUserAsync(provider.Id, user.Id)
+            .Returns(providerUser);
+
+        var providerOrganization = new ProviderOrganization
+        {
+            Id = Guid.NewGuid(),
+            OrganizationId = organization.Id,
+            ProviderId = provider.Id
+        };
+
+        _providerOrganizationRepository.GetByOrganizationId(organization.Id)
+            .Returns(providerOrganization);
+
+        var providerPlan = new ProviderPlan
+        {
+            Id = Guid.NewGuid(), ProviderId = provider.Id, PlanType = PlanType.EnterpriseAnnually
+        };
+
+        _providerPlanRepository.GetByProviderId(provider.Id).Returns([providerPlan]);
+
+        return (provider, providerOrganization, providerUser, providerPlan);
+    }
+
+    #endregion
+}
+
+public class MockDataProtector(
+    Organization organization,
+    string providerAdminEmail) : IDataProtector
+{
+    public string Token = $"BusinessUnitConversionInvite {organization.Id} {providerAdminEmail} {CoreHelpers.ToEpocMilliseconds(DateTime.UtcNow)}";
+
+    public IDataProtector CreateProtector(string purpose) => this;
+
+    public byte[] Protect(byte[] plaintext) => Encoding.UTF8.GetBytes(Token);
+
+    public byte[] Unprotect(byte[] protectedData) => Encoding.UTF8.GetBytes(Token);
+}

From a209dd16bb7806262fd0f5b68269f74cd7e0c5f9 Mon Sep 17 00:00:00 2001
From: Alex Morask <amorask@bitwarden.com>
Date: Fri, 4 Apr 2025 13:53:13 -0400
Subject: [PATCH 11/12] Run dotnet format

---
 .../Commercial.Core/Billing/BusinessUnitConverter.cs |  5 +++--
 .../Billing/BusinessUnitConverterTests.cs            | 12 ++++++++----
 .../Controllers/BusinessUnitConversionController.cs  |  2 +-
 .../Billing/Models/BusinessUnitConversionModel.cs    |  2 +-
 .../Controllers/OrganizationBillingController.cs     |  1 -
 .../Models/Requests/SetupBusinessUnitRequestBody.cs  |  2 +-
 src/Core/Billing/Services/IBusinessUnitConverter.cs  |  2 +-
 .../Billing/BusinessUnitConversionInviteModel.cs     |  2 +-
 8 files changed, 16 insertions(+), 12 deletions(-)

diff --git a/bitwarden_license/src/Commercial.Core/Billing/BusinessUnitConverter.cs b/bitwarden_license/src/Commercial.Core/Billing/BusinessUnitConverter.cs
index 5e14a06f0c5a..97d9377cd678 100644
--- a/bitwarden_license/src/Commercial.Core/Billing/BusinessUnitConverter.cs
+++ b/bitwarden_license/src/Commercial.Core/Billing/BusinessUnitConverter.cs
@@ -1,4 +1,4 @@
-#nullable enable
+#nullable enable
 using System.Diagnostics.CodeAnalysis;
 using Bit.Core;
 using Bit.Core.AdminConsole.Entities;
@@ -208,7 +208,8 @@ public async Task<OneOf<Guid, List<string>>> InitiateConversion(
 
         var createProviderOrganization = providerOrganizationRepository.CreateAsync(new ProviderOrganization
         {
-            ProviderId = provider.Id, OrganizationId = organization.Id
+            ProviderId = provider.Id,
+            OrganizationId = organization.Id
         });
 
         var createProviderPlan = providerPlanRepository.CreateAsync(new ProviderPlan
diff --git a/bitwarden_license/test/Commercial.Core.Test/Billing/BusinessUnitConverterTests.cs b/bitwarden_license/test/Commercial.Core.Test/Billing/BusinessUnitConverterTests.cs
index 21513aecc7f0..5d2d0a2c7cd4 100644
--- a/bitwarden_license/test/Commercial.Core.Test/Billing/BusinessUnitConverterTests.cs
+++ b/bitwarden_license/test/Commercial.Core.Test/Billing/BusinessUnitConverterTests.cs
@@ -44,7 +44,7 @@ public class BusinessUnitConverterTests
     private readonly ISubscriberService _subscriberService = Substitute.For<ISubscriberService>();
     private readonly IUserRepository _userRepository = Substitute.For<IUserRepository>();
 
-    private BusinessUnitConverter BuildConverter() => new (
+    private BusinessUnitConverter BuildConverter() => new(
         _dataProtectionProvider,
         _globalSettings,
         _logger,
@@ -222,7 +222,8 @@ public async Task InitiateConversion_Succeeds_ReturnsProviderId(
 
         var user = new User
         {
-            Id = Guid.NewGuid(), Email = providerAdminEmail
+            Id = Guid.NewGuid(),
+            Email = providerAdminEmail
         };
 
         _userRepository.GetByEmailAsync(providerAdminEmail).Returns(user);
@@ -297,7 +298,8 @@ public async Task InitiateConversion_ValidationFails_ReturnsErrors(
 
         var user = new User
         {
-            Id = Guid.NewGuid(), Email = providerAdminEmail
+            Id = Guid.NewGuid(),
+            Email = providerAdminEmail
         };
 
         _providerOrganizationRepository.GetByOrganizationId(organization.Id)
@@ -472,7 +474,9 @@ private string SetupDataProtection(
 
         var providerPlan = new ProviderPlan
         {
-            Id = Guid.NewGuid(), ProviderId = provider.Id, PlanType = PlanType.EnterpriseAnnually
+            Id = Guid.NewGuid(),
+            ProviderId = provider.Id,
+            PlanType = PlanType.EnterpriseAnnually
         };
 
         _providerPlanRepository.GetByProviderId(provider.Id).Returns([providerPlan]);
diff --git a/src/Admin/Billing/Controllers/BusinessUnitConversionController.cs b/src/Admin/Billing/Controllers/BusinessUnitConversionController.cs
index 390aa57d5d5c..2421710d4113 100644
--- a/src/Admin/Billing/Controllers/BusinessUnitConversionController.cs
+++ b/src/Admin/Billing/Controllers/BusinessUnitConversionController.cs
@@ -1,4 +1,4 @@
-#nullable enable
+#nullable enable
 using Bit.Admin.Billing.Models;
 using Bit.Admin.Enums;
 using Bit.Admin.Utilities;
diff --git a/src/Admin/Billing/Models/BusinessUnitConversionModel.cs b/src/Admin/Billing/Models/BusinessUnitConversionModel.cs
index 2ea94d6cc83e..2f2165e5ab21 100644
--- a/src/Admin/Billing/Models/BusinessUnitConversionModel.cs
+++ b/src/Admin/Billing/Models/BusinessUnitConversionModel.cs
@@ -1,4 +1,4 @@
-#nullable enable
+#nullable enable
 using System.ComponentModel.DataAnnotations;
 using Bit.Core.AdminConsole.Entities;
 using Microsoft.AspNetCore.Mvc.ModelBinding;
diff --git a/src/Api/Billing/Controllers/OrganizationBillingController.cs b/src/Api/Billing/Controllers/OrganizationBillingController.cs
index 4a9682d7efe1..1d4ebc15114e 100644
--- a/src/Api/Billing/Controllers/OrganizationBillingController.cs
+++ b/src/Api/Billing/Controllers/OrganizationBillingController.cs
@@ -13,7 +13,6 @@
 using Bit.Core.Utilities;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
-using OneOf.Types;
 
 namespace Bit.Api.Billing.Controllers;
 
diff --git a/src/Api/Billing/Models/Requests/SetupBusinessUnitRequestBody.cs b/src/Api/Billing/Models/Requests/SetupBusinessUnitRequestBody.cs
index fa1b83944150..c4b87a01f5a5 100644
--- a/src/Api/Billing/Models/Requests/SetupBusinessUnitRequestBody.cs
+++ b/src/Api/Billing/Models/Requests/SetupBusinessUnitRequestBody.cs
@@ -1,4 +1,4 @@
-using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations;
 
 namespace Bit.Api.Billing.Models.Requests;
 
diff --git a/src/Core/Billing/Services/IBusinessUnitConverter.cs b/src/Core/Billing/Services/IBusinessUnitConverter.cs
index 56c031892e65..06ff883eaec5 100644
--- a/src/Core/Billing/Services/IBusinessUnitConverter.cs
+++ b/src/Core/Billing/Services/IBusinessUnitConverter.cs
@@ -1,4 +1,4 @@
-using Bit.Core.AdminConsole.Entities;
+using Bit.Core.AdminConsole.Entities;
 using Bit.Core.AdminConsole.Entities.Provider;
 using Bit.Core.AdminConsole.Enums.Provider;
 using OneOf;
diff --git a/src/Core/Models/Mail/Billing/BusinessUnitConversionInviteModel.cs b/src/Core/Models/Mail/Billing/BusinessUnitConversionInviteModel.cs
index a00df8180c87..328d37058b11 100644
--- a/src/Core/Models/Mail/Billing/BusinessUnitConversionInviteModel.cs
+++ b/src/Core/Models/Mail/Billing/BusinessUnitConversionInviteModel.cs
@@ -1,4 +1,4 @@
-namespace Bit.Core.Models.Mail.Billing;
+namespace Bit.Core.Models.Mail.Billing;
 
 public class BusinessUnitConversionInviteModel : BaseMailModel
 {

From 14acf3cd23060719e3f955fa3e8b1f84fee0ee2c Mon Sep 17 00:00:00 2001
From: Alex Morask <amorask@bitwarden.com>
Date: Mon, 7 Apr 2025 11:04:05 -0400
Subject: [PATCH 12/12] Fixing post-main merge compilation failure

---
 src/Core/Billing/Extensions/BillingExtensions.cs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Core/Billing/Extensions/BillingExtensions.cs b/src/Core/Billing/Extensions/BillingExtensions.cs
index 5c9fcb31bf68..c8a1496726f8 100644
--- a/src/Core/Billing/Extensions/BillingExtensions.cs
+++ b/src/Core/Billing/Extensions/BillingExtensions.cs
@@ -32,7 +32,7 @@ provider is
     public static bool IsBillable(this InviteOrganizationProvider inviteOrganizationProvider) =>
         inviteOrganizationProvider is
         {
-            Type: ProviderType.Msp or ProviderType.MultiOrganizationEnterprise,
+            Type: ProviderType.Msp or ProviderType.BusinessUnit,
             Status: ProviderStatusType.Billable
         };