[AC-2086] Update CanDelete to handle V1 flag logic (#3979)

* feat: Update authorization handler to handle V1 collection enhancement, refs AC-2086

* feat: update tests to account for new V1 flag/setting logic, refs AC-2086

* feat: update CanDelete with all collection enhancement combinations, refs AC-2086

* feat: add tests for new delete flows, refs AC-2086

* fix: update new conditionals with bool return value, refs AC-2086

* feat: simplify conditional in regards to LimitCollectionCreationDeletion, refs AC-2086

* feat: simplify AllowAdminAccessToAllCollectionItems conditional, refs AC-2086

* feat: add unit test making sure admins can't delete collections without can manage, refs AC-2086

src/Api/Vault/AuthorizationHandlers/Collections/BulkCollectionAuthorizationHandler.cs

@@ -227,24 +227,29 @@ public class BulkCollectionAuthorizationHandler : BulkAuthorizationHandler<BulkC
 
     private async Task<bool> CanDeleteAsync(ICollection<Collection> resources, CurrentContextOrganization? org)
     {
-        // Owners, Admins, and users with DeleteAnyCollection permission can always delete collections
-        if (org is
-        { Type: OrganizationUserType.Owner or OrganizationUserType.Admin } or
-        { Permissions.DeleteAnyCollection: true })
+        // Users with DeleteAnyCollection permission can always delete collections
+        if (org is { Permissions.DeleteAnyCollection: true })
         {
             return true;
         }
 
-        // Check for non-null org here: the user must be apart of the organization for this setting to take affect
-        // The limit collection management setting is disabled,
-        // ensure acting user has manage permissions for all collections being deleted
-        if (await GetOrganizationAbilityAsync(org) is { LimitCollectionCreationDeletion: false })
+        // If AllowAdminAccessToAllCollectionItems is true, Owners and Admins can delete any collection, regardless of LimitCollectionCreationDeletion setting
+        var organizationAbility = await GetOrganizationAbilityAsync(org);
+        var allowAdminAccessToAllCollectionItems = !_featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1) ||
+                                                   organizationAbility is { AllowAdminAccessToAllCollectionItems: true };
+        if (allowAdminAccessToAllCollectionItems && org is { Type: OrganizationUserType.Owner or OrganizationUserType.Admin })
         {
-            var canManageCollections = await CanManageCollectionsAsync(resources, org);
-            if (canManageCollections)
-            {
-                return true;
-            }
+            return true;
+        }
+
+        // If LimitCollectionCreationDeletion is false, AllowAdminAccessToAllCollectionItems setting is irrelevant.
+        // Ensure acting user has manage permissions for all collections being deleted
+        // If LimitCollectionCreationDeletion is true, only Owners and Admins can delete collections they manage
+        var canDeleteManagedCollections = organizationAbility is { LimitCollectionCreationDeletion: false } ||
+                                          org is { Type: OrganizationUserType.Owner or OrganizationUserType.Admin };
+        if (canDeleteManagedCollections && await CanManageCollectionsAsync(resources, org))
+        {
+            return true;
         }
 
         // Allow providers to delete collections if they are a provider for the target organization