[AC-1981] Fix CollectionsController.Get auth check by just checking collections for the requested orgId (#3575)

* Fixed auth check by just checking collections for the requested orgId * [AC-1139] Refactor collection authorization logic to check for manage permission * [AC-1139] Remove unnecessary authorization check in CollectionsController * [AC-1139] Remove unused test method * [AC-1139] Remove unnecessary code for checking read permissions
2025-06-30 15:42:48 -05:00 · 2023-12-20 16:34:09 +00:00
parent ca750e226f
commit 72ebb5e66f
4 changed files with 62 additions and 31 deletions
--- a/test/Api.Test/Vault/AuthorizationHandlers/BulkCollectionAuthorizationHandlerTests.cs
+++ b/test/Api.Test/Vault/AuthorizationHandlers/BulkCollectionAuthorizationHandlerTests.cs
@ -204,13 +204,18 @@ public class BulkCollectionAuthorizationHandlerTests
    }

    [Theory, BitAutoData, CollectionCustomization]
-    public async Task CanReadAsync_WhenUserIsAssignedToCollections_Success(
+    public async Task CanReadAsync_WhenUserCanManageCollections_Success(
        SutProvider<BulkCollectionAuthorizationHandler> sutProvider,
        ICollection<CollectionDetails> collections,
        CurrentContextOrganization organization)
    {
        var actingUserId = Guid.NewGuid();

+        foreach (var c in collections)
+        {
+            c.Manage = true;
+        }
+
        organization.Type = OrganizationUserType.User;
        organization.LimitCollectionCreationDeletion = false;
        organization.Permissions = new Permissions();