[PM-35830] Add ChangeEmailCommand with DI

[ike-kottlowski]

🎟️ Tracking

PM-35830

📔 Objective

Introduces a new ChangeEmailCommand that encapsulates the user email change flow.

• Adds IChangeEmailCommand / ChangeEmailCommand under Bit.Core.Auth.UserFeatures.UserEmail, including claimed-domain enforcement, duplicate-email rejection, Stripe customer email sync with rollback on failure, and post-change push notifications (logout vs. settings sync depending on whether the user has a master password).
• Adds ChangeEmailCommandTests covering claimed-domain enforcement, disabled claiming orgs, duplicate email, same-user email, Stripe sync, Stripe rollback, and push branching.

This PR introduces the command only; switching callers from UserService.ChangeEmailAsync to the new command will follow in a separate PR.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 60.08%. Comparing base (c7c0ab2) to head (fd534bf).
⚠️ Report is 14 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #7650      +/-   ##
==========================================
+ Coverage   59.87%   60.08%   +0.20%     
==========================================
  Files        2121     2133      +12     
  Lines       93532    93950     +418     
  Branches     8301     8342      +41     
==========================================
+ Hits        56001    56448     +447     
+ Misses      35551    35518      -33     
- Partials     1980     1984       +4     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[eliykat]

As discussed in Slack, I think that the Admin Console layer can handle this.

Validation such as checking the admin role, making sure the user is claimed, and making sure the new email address is claimed, is all part of the admin/organization domain that we will handle.

The cross-team dependency on Auth is much narrower: we don't own the User domain and we don't know how to update a user's email (in the narrow sense). So that is the main thing we are looking for here.

I think if you remove the claimed domain check in this method, everything else LGTM. Thank you!

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud