The collection access permissions cannot be modified via the EDIT MEMBER modal if the organizational member is assigned to a group.

[SergeantConfused]

Steps To Reproduce

1. Assign a User-type organizational member to a group.
2. Navigate to (Organizations) > (Members) and click on that member (email address).
3. Assign them (Can Edit) access to another collection and click on Save.

Expected Result

To grant them access to that new collection.

Actual Result

An error message is displayed. (An error has occurred. An unhandled server error has occurred.)

Screenshots or Videos

N/A.

Additional Context

1. You'd encounter the same error message if you attempt to remove a collection they already had access to.
2. Unassigning that organizational member from the group(s) would allow modifying their collection permissions via the EDIT MEMBER modal.

Operating System

Windows

Operating System Version

Windows 11 Pro 22H2

Web Browser

Firefox

Browser Version

112.0.2

Build Version

2023.4.0

Issue Tracking Info

• I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.

[joachimmathes]

As noted in #2906 the API log shows:

bitwarden-api    | fail: Bit.Api.Utilities.ExceptionHandlerFilterAttribute[0]
bitwarden-api    |       => SpanId:97a1ab0487a2d895, TraceId:ce080de2ff40a764a775324addecc849, ParentId:0000000000000000 => ConnectionId:0HMQ9IHIIRUJM => RequestPath:/organizations/11111111-1111-1111-1111-111111111111/users/22222222-2222-2222-2222-222222222222 RequestId:0HMQ9IHIIRUJM:00000002 => Bit.Api.Controllers.OrganizationUsersController.Put (Api)
bitwarden-api    |       Guid should contain 32 digits with 4 dashes (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx).
bitwarden-api    |       System.FormatException: Guid should contain 32 digits with 4 dashes (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx).
bitwarden-api    |          at System.Guid.GuidResult.SetFailure(Boolean overflow, String failureMessageID)
bitwarden-api    |          at System.Guid.TryParseExactD(ReadOnlySpan`1 guidString, GuidResult& result)
bitwarden-api    |          at System.Guid.TryParseGuid(ReadOnlySpan`1 guidString, GuidResult& result)
bitwarden-api    |          at System.Guid..ctor(String g)
bitwarden-api    |          at Bit.Api.Models.Request.SelectionReadOnlyRequestModel.ToSelectionReadOnly() in /home/runner/work/server/server/src/Api/Models/Request/SelectionReadOnlyRequestModel.cs:line 15
bitwarden-api    |          at Bit.Api.Controllers.OrganizationUsersController.<>c.<Put>b__21_0(SelectionReadOnlyRequestModel c) in /home/runner/work/server/server/src/Api/Controllers/OrganizationUsersController.cs:line 284
bitwarden-api    |          at System.Linq.Enumerable.SelectListIterator`2.MoveNext()
bitwarden-api    |          at Bit.Infrastructure.Dapper.DapperHelpers.ToArrayTVP(IEnumerable`1 values) in /home/runner/work/server/server/src/Infrastructure.Dapper/DapperHelpers.cs:line 46
bitwarden-api    |          at Bit.Infrastructure.Dapper.Repositories.OrganizationUserRepository.ReplaceAsync(OrganizationUser obj, IEnumerable`1 collections) in /home/runner/work/server/server/src/Infrastructure.Dapper/Repositories/OrganizationUserRepository.cs:line 326
bitwarden-api    |          at Bit.Core.Services.OrganizationService.SaveUserAsync(OrganizationUser user, Nullable`1 savingUserId, IEnumerable`1 collections, IEnumerable`1 groups) in /home/runner/work/server/server/src/Core/Services/Implementations/OrganizationService.cs:line 1552
bitwarden-api    |          at Bit.Api.Controllers.OrganizationUsersController.Put(String orgId, String id, OrganizationUserUpdateRequestModel model) in /home/runner/work/server/server/src/Api/Controllers/OrganizationUsersController.cs:line 283
bitwarden-api    |          at lambda_method346(Closure , Object )
bitwarden-api    |          at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.AwaitableResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
bitwarden-api    |          at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Logged|12_1(ControllerActionInvoker invoker)
bitwarden-api    |          at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
bitwarden-api    |          at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
bitwarden-api    |          at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
bitwarden-api    |          at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeInnerFilterAsync>g__Awaited|13_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
bitwarden-api    |          at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|26_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)

Note: RequestPath Guids are obfuscated but number of digits is preserved in this stacktrace.