From c94c8539da9d41032180e7a3a6ab9cb4c7f0c135 Mon Sep 17 00:00:00 2001 From: Rui Tome Date: Thu, 2 Nov 2023 15:22:16 +0000 Subject: [PATCH] =?UTF-8?q?[AC-1139]=C2=A0Reverted=20changes=20made=20to?= =?UTF-8?q?=20CollectionService=20and=20OrganizationService?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Implementations/CollectionService.cs | 21 ++---------- .../Implementations/OrganizationService.cs | 32 ++++--------------- 2 files changed, 10 insertions(+), 43 deletions(-) diff --git a/src/Core/Services/Implementations/CollectionService.cs b/src/Core/Services/Implementations/CollectionService.cs index b36e3b13a6..0e703dcedf 100644 --- a/src/Core/Services/Implementations/CollectionService.cs +++ b/src/Core/Services/Implementations/CollectionService.cs @@ -53,36 +53,21 @@ public class CollectionService : ICollectionService } var groupsList = groups?.ToList(); - var usersList = users?.ToList() ?? new List(); + var usersList = users?.ToList(); // If using Flexible Collections - a collection should always have someone with Can Manage permissions if (_featureService.IsEnabled(FeatureFlagKeys.FlexibleCollections, _currentContext)) { var groupHasManageAccess = groupsList?.Any(g => g.Manage) ?? false; - var userHasManageAccess = usersList.Any(u => u.Manage); + var userHasManageAccess = usersList?.Any(u => u.Manage) ?? false; if (!groupHasManageAccess && !userHasManageAccess) { throw new BadRequestException( "At least one member or group must have can manage permission."); } } - else - { - // If not using Flexible Collections - // all Organization users with EditAssignedCollections permission should have Manage permission for the collection - var organizationUsers = await _organizationUserRepository - .GetManyByOrganizationAsync(collection.OrganizationId, null); - foreach (var orgUser in organizationUsers.Where(ou => ou.GetPermissions()?.EditAssignedCollections ?? false)) - { - var user = usersList.FirstOrDefault(u => u.Id == orgUser.Id); - if (user != null) - { - user.Manage = true; - } - } - } - if (collection.Id == default) + if (collection.Id == default(Guid)) { if (org.MaxCollections.HasValue) { diff --git a/src/Core/Services/Implementations/OrganizationService.cs b/src/Core/Services/Implementations/OrganizationService.cs index 9385d8ac2e..73eb98cd0c 100644 --- a/src/Core/Services/Implementations/OrganizationService.cs +++ b/src/Core/Services/Implementations/OrganizationService.cs @@ -61,8 +61,6 @@ public class OrganizationService : IOrganizationService private readonly IDataProtectorTokenFactory _orgUserInviteTokenDataFactory; private readonly IFeatureService _featureService; - private bool UseFlexibleCollections => _featureService.IsEnabled(FeatureFlagKeys.FlexibleCollections, _currentContext); - public OrganizationService( IOrganizationRepository organizationRepository, IOrganizationUserRepository organizationUserRepository, @@ -434,7 +432,7 @@ public class OrganizationService : IOrganizationService await ValidateSignUpPoliciesAsync(signup.Owner.Id); } - var useFlexibleCollections = + var flexibleCollectionsIsEnabled = _featureService.IsEnabled(FeatureFlagKeys.FlexibleCollections, _currentContext); var organization = new Organization @@ -474,7 +472,7 @@ public class OrganizationService : IOrganizationService Status = OrganizationStatusType.Created, UsePasswordManager = true, UseSecretsManager = signup.UseSecretsManager, - LimitCollectionCreationDeletion = !useFlexibleCollections + LimitCollectionCreationDeletion = !flexibleCollectionsIsEnabled }; if (signup.UseSecretsManager) @@ -931,10 +929,6 @@ public class OrganizationService : IOrganizationService orgUser.Permissions = JsonSerializer.Serialize(invite.Permissions, JsonHelpers.CamelCase); } - // If Flexible Collections is disabled and the user has EditAssignedCollections permission - // grant Manage permission for all assigned collections - invite.Collections = ApplyManageCollectionPermissions(orgUser, invite.Collections); - if (!orgUser.AccessAll && invite.Collections.Any()) { limitedCollectionOrgUsers.Add((orgUser, invite.Collections)); @@ -1313,9 +1307,11 @@ public class OrganizationService : IOrganizationService } } - // If Flexible Collections is disabled and the user has EditAssignedCollections permission - // grant Manage permission for all assigned collections - collections = ApplyManageCollectionPermissions(user, collections); + if (user.AccessAll) + { + // We don't need any collections if we're flagged to have all access. + collections = new List(); + } await _organizationUserRepository.ReplaceAsync(user, collections); if (groups != null) @@ -2420,18 +2416,4 @@ public class OrganizationService : IOrganizationService await _collectionRepository.CreateAsync(defaultCollection); } } - - private IEnumerable ApplyManageCollectionPermissions(OrganizationUser orgUser, IEnumerable collections) - { - if (!UseFlexibleCollections && (orgUser.GetPermissions()?.EditAssignedCollections ?? false)) - { - return collections.Select(c => - { - c.Manage = true; - return c; - }).ToList(); - } - - return collections; - } }