From c62922842f3457cf17a588efdc7ebb4f4169f673 Mon Sep 17 00:00:00 2001 From: Rui Tome Date: Mon, 30 Oct 2023 15:27:24 +0000 Subject: [PATCH] [AC-1139] Created new CollectionOperationRequirement ReadAllWithAccess --- src/Api/Controllers/CollectionsController.cs | 2 +- .../CollectionAuthorizationHandler.cs | 34 +++++++++++++++++++ .../Collections/CollectionOperations.cs | 4 +++ .../Controllers/CollectionsControllerTests.cs | 4 +-- 4 files changed, 41 insertions(+), 3 deletions(-) diff --git a/src/Api/Controllers/CollectionsController.cs b/src/Api/Controllers/CollectionsController.cs index b89c029205..cdfa08b187 100644 --- a/src/Api/Controllers/CollectionsController.cs +++ b/src/Api/Controllers/CollectionsController.cs @@ -521,7 +521,7 @@ public class CollectionsController : Controller .GetManyByUserIdWithAccessAsync(_currentContext.UserId.Value, orgId); var readAllAuthorized = - (await _authorizationService.AuthorizeAsync(User, CollectionOperations.ReadAll(orgId))).Succeeded; + (await _authorizationService.AuthorizeAsync(User, CollectionOperations.ReadAllWithAccess(orgId))).Succeeded; if (readAllAuthorized) { // The user can view all collections, but they may not always be assigned to all of them diff --git a/src/Api/Vault/AuthorizationHandlers/Collections/CollectionAuthorizationHandler.cs b/src/Api/Vault/AuthorizationHandlers/Collections/CollectionAuthorizationHandler.cs index 1f35954a56..7082a72bce 100644 --- a/src/Api/Vault/AuthorizationHandlers/Collections/CollectionAuthorizationHandler.cs +++ b/src/Api/Vault/AuthorizationHandlers/Collections/CollectionAuthorizationHandler.cs @@ -55,6 +55,10 @@ public class CollectionAuthorizationHandler : AuthorizationHandler diff --git a/test/Api.Test/Controllers/CollectionsControllerTests.cs b/test/Api.Test/Controllers/CollectionsControllerTests.cs index 04a31a7eb4..da5f554e97 100644 --- a/test/Api.Test/Controllers/CollectionsControllerTests.cs +++ b/test/Api.Test/Controllers/CollectionsControllerTests.cs @@ -100,7 +100,7 @@ public class CollectionsControllerTests Arg.Any(), Arg.Is>(requirements => requirements.Cast().All(operation => - operation.Name == nameof(CollectionOperations.ReadAll) + operation.Name == nameof(CollectionOperations.ReadAllWithAccess) && operation.OrganizationId == organization.Id))) .Returns(AuthorizationResult.Success()); @@ -121,7 +121,7 @@ public class CollectionsControllerTests Arg.Any(), Arg.Is>(requirements => requirements.Cast().All(operation => - operation.Name == nameof(CollectionOperations.ReadAll) + operation.Name == nameof(CollectionOperations.ReadAllWithAccess) && operation.OrganizationId == organization.Id))) .Returns(AuthorizationResult.Failed());