[PM-30920] Server changes to encrypt send access email list (#6867)

* models, entity, and stored procs updated to work with EmailHashes with migrations

* configure data protection for EmailHashes

* update SendAuthenticationQuery to use EmailHashes and perform validation

* respond to Claude's comments and update tests

* fix send.sql alignment

Co-authored-by: mkincaid-bw <mkincaid@bitwarden.com>

---------

Co-authored-by: Alex Dragovich <46065570+itsadrago@users.noreply.github.com>
Co-authored-by: mkincaid-bw <mkincaid@bitwarden.com>

test/Api.Test/Tools/Controllers/SendsControllerTests.cs

@@ -981,205 +981,6 @@ public class SendsControllerTests : IDisposable
         Assert.Equal(expectedUrl, response.Url);
     }
 
-    #region AccessUsingAuth Validation Tests
-
-    [Theory, AutoData]
-    public async Task AccessUsingAuth_WithExpiredSend_ThrowsNotFoundException(Guid sendId)
-    {
-        var send = new Send
-        {
-            Id = sendId,
-            UserId = Guid.NewGuid(),
-            Type = SendType.Text,
-            Data = JsonSerializer.Serialize(new SendTextData("Test", "Notes", "Text", false)),
-            DeletionDate = DateTime.UtcNow.AddDays(7),
-            ExpirationDate = DateTime.UtcNow.AddDays(-1), // Expired yesterday
-            Disabled = false,
-            AccessCount = 0,
-            MaxAccessCount = null
-        };
-        var user = CreateUserWithSendIdClaim(sendId);
-        _sut.ControllerContext = CreateControllerContextWithUser(user);
-        _sendRepository.GetByIdAsync(sendId).Returns(send);
-
-        await Assert.ThrowsAsync<NotFoundException>(() => _sut.AccessUsingAuth());
-
-        await _sendRepository.Received(1).GetByIdAsync(sendId);
-    }
-
-    [Theory, AutoData]
-    public async Task AccessUsingAuth_WithDeletedSend_ThrowsNotFoundException(Guid sendId)
-    {
-        var send = new Send
-        {
-            Id = sendId,
-            UserId = Guid.NewGuid(),
-            Type = SendType.Text,
-            Data = JsonSerializer.Serialize(new SendTextData("Test", "Notes", "Text", false)),
-            DeletionDate = DateTime.UtcNow.AddDays(-1), // Should have been deleted yesterday
-            ExpirationDate = null,
-            Disabled = false,
-            AccessCount = 0,
-            MaxAccessCount = null
-        };
-        var user = CreateUserWithSendIdClaim(sendId);
-        _sut.ControllerContext = CreateControllerContextWithUser(user);
-        _sendRepository.GetByIdAsync(sendId).Returns(send);
-
-        await Assert.ThrowsAsync<NotFoundException>(() => _sut.AccessUsingAuth());
-
-        await _sendRepository.Received(1).GetByIdAsync(sendId);
-    }
-
-    [Theory, AutoData]
-    public async Task AccessUsingAuth_WithDisabledSend_ThrowsNotFoundException(Guid sendId)
-    {
-        var send = new Send
-        {
-            Id = sendId,
-            UserId = Guid.NewGuid(),
-            Type = SendType.Text,
-            Data = JsonSerializer.Serialize(new SendTextData("Test", "Notes", "Text", false)),
-            DeletionDate = DateTime.UtcNow.AddDays(7),
-            ExpirationDate = null,
-            Disabled = true, // Disabled
-            AccessCount = 0,
-            MaxAccessCount = null
-        };
-        var user = CreateUserWithSendIdClaim(sendId);
-        _sut.ControllerContext = CreateControllerContextWithUser(user);
-        _sendRepository.GetByIdAsync(sendId).Returns(send);
-
-        await Assert.ThrowsAsync<NotFoundException>(() => _sut.AccessUsingAuth());
-
-        await _sendRepository.Received(1).GetByIdAsync(sendId);
-    }
-
-    [Theory, AutoData]
-    public async Task AccessUsingAuth_WithAccessCountExceeded_ThrowsNotFoundException(Guid sendId)
-    {
-        var send = new Send
-        {
-            Id = sendId,
-            UserId = Guid.NewGuid(),
-            Type = SendType.Text,
-            Data = JsonSerializer.Serialize(new SendTextData("Test", "Notes", "Text", false)),
-            DeletionDate = DateTime.UtcNow.AddDays(7),
-            ExpirationDate = null,
-            Disabled = false,
-            AccessCount = 5,
-            MaxAccessCount = 5 // Limit reached
-        };
-        var user = CreateUserWithSendIdClaim(sendId);
-        _sut.ControllerContext = CreateControllerContextWithUser(user);
-        _sendRepository.GetByIdAsync(sendId).Returns(send);
-
-        await Assert.ThrowsAsync<NotFoundException>(() => _sut.AccessUsingAuth());
-
-        await _sendRepository.Received(1).GetByIdAsync(sendId);
-    }
-
-    #endregion
-
-    #region GetSendFileDownloadDataUsingAuth Validation Tests
-
-    [Theory, AutoData]
-    public async Task GetSendFileDownloadDataUsingAuth_WithExpiredSend_ThrowsNotFoundException(
-        Guid sendId, string fileId)
-    {
-        var send = new Send
-        {
-            Id = sendId,
-            Type = SendType.File,
-            Data = JsonSerializer.Serialize(new SendFileData("Test", "Notes", "file.pdf")),
-            DeletionDate = DateTime.UtcNow.AddDays(7),
-            ExpirationDate = DateTime.UtcNow.AddDays(-1), // Expired
-            Disabled = false,
-            AccessCount = 0,
-            MaxAccessCount = null
-        };
-        var user = CreateUserWithSendIdClaim(sendId);
-        _sut.ControllerContext = CreateControllerContextWithUser(user);
-        _sendRepository.GetByIdAsync(sendId).Returns(send);
-
-        await Assert.ThrowsAsync<NotFoundException>(() => _sut.GetSendFileDownloadDataUsingAuth(fileId));
-
-        await _sendRepository.Received(1).GetByIdAsync(sendId);
-    }
-
-    [Theory, AutoData]
-    public async Task GetSendFileDownloadDataUsingAuth_WithDeletedSend_ThrowsNotFoundException(
-        Guid sendId, string fileId)
-    {
-        var send = new Send
-        {
-            Id = sendId,
-            Type = SendType.File,
-            Data = JsonSerializer.Serialize(new SendFileData("Test", "Notes", "file.pdf")),
-            DeletionDate = DateTime.UtcNow.AddDays(-1), // Deleted
-            ExpirationDate = null,
-            Disabled = false,
-            AccessCount = 0,
-            MaxAccessCount = null
-        };
-        var user = CreateUserWithSendIdClaim(sendId);
-        _sut.ControllerContext = CreateControllerContextWithUser(user);
-        _sendRepository.GetByIdAsync(sendId).Returns(send);
-
-        await Assert.ThrowsAsync<NotFoundException>(() => _sut.GetSendFileDownloadDataUsingAuth(fileId));
-
-        await _sendRepository.Received(1).GetByIdAsync(sendId);
-    }
-
-    [Theory, AutoData]
-    public async Task GetSendFileDownloadDataUsingAuth_WithDisabledSend_ThrowsNotFoundException(
-        Guid sendId, string fileId)
-    {
-        var send = new Send
-        {
-            Id = sendId,
-            Type = SendType.File,
-            Data = JsonSerializer.Serialize(new SendFileData("Test", "Notes", "file.pdf")),
-            DeletionDate = DateTime.UtcNow.AddDays(7),
-            ExpirationDate = null,
-            Disabled = true, // Disabled
-            AccessCount = 0,
-            MaxAccessCount = null
-        };
-        var user = CreateUserWithSendIdClaim(sendId);
-        _sut.ControllerContext = CreateControllerContextWithUser(user);
-        _sendRepository.GetByIdAsync(sendId).Returns(send);
-
-        await Assert.ThrowsAsync<NotFoundException>(() => _sut.GetSendFileDownloadDataUsingAuth(fileId));
-
-        await _sendRepository.Received(1).GetByIdAsync(sendId);
-    }
-
-    [Theory, AutoData]
-    public async Task GetSendFileDownloadDataUsingAuth_WithAccessCountExceeded_ThrowsNotFoundException(
-        Guid sendId, string fileId)
-    {
-        var send = new Send
-        {
-            Id = sendId,
-            Type = SendType.File,
-            Data = JsonSerializer.Serialize(new SendFileData("Test", "Notes", "file.pdf")),
-            DeletionDate = DateTime.UtcNow.AddDays(7),
-            ExpirationDate = null,
-            Disabled = false,
-            AccessCount = 10,
-            MaxAccessCount = 10 // Limit reached
-        };
-        var user = CreateUserWithSendIdClaim(sendId);
-        _sut.ControllerContext = CreateControllerContextWithUser(user);
-        _sendRepository.GetByIdAsync(sendId).Returns(send);
-
-        await Assert.ThrowsAsync<NotFoundException>(() => _sut.GetSendFileDownloadDataUsingAuth(fileId));
-
-        await _sendRepository.Received(1).GetByIdAsync(sendId);
-    }
-
-    #endregion
 
     #endregion