[PM-17901] Replaced hard-coded Bitwarden Vault URLs

[amorask-bitwarden]

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-17901

📔 Objective

There were several cases where we had the .com Bitwarden Vault URL hard-coded in our email templates. This PR resolves those according to the requirements in the ticket's "How do we fix it?" section.

📸 Screenshots

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[codecov]

Codecov Report

Attention: Patch coverage is 0% with 12 lines in your changes missing coverage. Please review.

Project coverage is 44.37%. Comparing base (88e9173) to head (48563f4).

Files with missing lines	Patch %	Lines
.../Services/Implementations/HandlebarsMailService.cs	0.00%	9 Missing ⚠️
...odels/Mail/OrganizationSeatsAutoscaledViewModel.cs	0.00%	1 Missing ⚠️
...odels/Mail/OrganizationSeatsMaxReachedViewModel.cs	0.00%	1 Missing ⚠️
.../OrganizationServiceAccountsMaxReachedViewModel.cs	0.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #5458      +/-   ##
==========================================
- Coverage   44.37%   44.37%   -0.01%     
==========================================
  Files        1534     1534              
  Lines       70499    70504       +5     
  Branches     6314     6315       +1     
==========================================
  Hits        31287    31287              
- Misses      37869    37874       +5     
  Partials     1343     1343              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[jrmccannon]

Looks good. Just had a small question/suggestion. Non-blocking.

[github-actions]

Checkmarx One – Scan Summary & Details – 8128b643-65fd-47b2-9faa-8476816c18fc

New Issues (6)

Checkmarx found the following issues in this Pull Request

Severity	Issue	Source File / Package	Checkmarx Insight
	CSRF	/src/Api/AdminConsole/Controllers/GroupsController.cs: 164	details Method Put at line 164 of /src/Api/AdminConsole/Controllers/GroupsController.cs gets a parameter from a user request from model. This parameter val... Attack Vector
	CSRF	/bitwarden_license/src/Scim/Controllers/v2/GroupsController.cs: 104	details Method Patch at line 104 of /bitwarden_license/src/Scim/Controllers/v2/GroupsController.cs gets a parameter from a user request from model. This pa... Attack Vector
	CSRF	/bitwarden_license/src/Scim/Controllers/v2/GroupsController.cs: 94	details Method Put at line 94 of /bitwarden_license/src/Scim/Controllers/v2/GroupsController.cs gets a parameter from a user request from model. This param... Attack Vector
	CSRF	/src/Api/AdminConsole/Public/Controllers/GroupsController.cs: 133	details Method Put at line 133 of /src/Api/AdminConsole/Public/Controllers/GroupsController.cs gets a parameter from a user request from model. This parame... Attack Vector
	Unsafe_Use_Of_Target_blank	/src/Core/MailTemplates/Handlebars/OrganizationSeatsAutoscaled.html.hbs: 29	details Using <a href="{{{VaultSubscriptionUrl}}}" clicktracking=off target="_blank" style="color: #ffffff; text-decoration: none; text-align: center; curs... Attack Vector
	Unsafe_Use_Of_Target_blank	/src/Core/MailTemplates/Handlebars/OrganizationSeatsMaxReached.html.hbs: 27	details Using <a href="{{{VaultSubscriptionUrl}}}" clicktracking=off target="_blank" style="color: #ffffff; text-decoration: none; text-align: center; curs... Attack Vector

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud