Add validation in BulkAddCollectionAccessCommand to prevent addition of collections of DefaultUserCollection type

* Implemented a check to throw a BadRequestException if an attempt is made to add access to collections of type DefaultUserCollection. * Added a unit test to ensure the exception is thrown with the correct message when this condition is met.
2025-06-27 14:16:19 -05:00 · 2025-06-13 14:51:59 +01:00 · 2025-06-13 14:51:59 +01:00 · f1afc653e3
commit f1afc653e3
parent e76763fcb2
2 changed files with 48 additions and 0 deletions
--- a/src/Core/OrganizationFeatures/OrganizationCollections/BulkAddCollectionAccessCommand.cs
+++ b/src/Core/OrganizationFeatures/OrganizationCollections/BulkAddCollectionAccessCommand.cs
@ -52,6 +52,11 @@ public class BulkAddCollectionAccessCommand : IBulkAddCollectionAccessCommand
            throw new BadRequestException("No collections were provided.");
        }

+        if (collections.Any(c => c.Type == CollectionType.DefaultUserCollection))
+        {
+            throw new BadRequestException("You cannot add access to collections with the type as DefaultUserCollection.");
+        }
+
        var orgId = collections.First().OrganizationId;

        if (collections.Any(c => c.OrganizationId != orgId))
--- a/test/Core.Test/OrganizationFeatures/OrganizationCollections/BulkAddCollectionAccessCommandTests.cs
+++ b/test/Core.Test/OrganizationFeatures/OrganizationCollections/BulkAddCollectionAccessCommandTests.cs
@ -27,6 +27,8 @@ public class BulkAddCollectionAccessCommandTests
        IEnumerable<CollectionUser> collectionUsers,
        IEnumerable<CollectionGroup> collectionGroups)
    {
+        SetCollectionsToSharedType(collections);
+
        sutProvider.GetDependency<IOrganizationUserRepository>()
            .GetManyAsync(
                Arg.Is<IEnumerable<Guid>>(ids => ids.SequenceEqual(collectionUsers.Select(u => u.OrganizationUserId)))
@ -107,6 +109,8 @@ public class BulkAddCollectionAccessCommandTests
        IEnumerable<CollectionUser> collectionUsers,
        IEnumerable<CollectionGroup> collectionGroups)
    {
+        SetCollectionsToSharedType(collections);
+
        collections.First().OrganizationId = Guid.NewGuid();

        var exception = await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.AddAccessAsync(collections,
@ -127,6 +131,8 @@ public class BulkAddCollectionAccessCommandTests
        IEnumerable<CollectionUser> collectionUsers,
        IEnumerable<CollectionGroup> collectionGroups)
    {
+        SetCollectionsToSharedType(collections);
+
        organizationUsers.RemoveAt(0);

        sutProvider.GetDependency<IOrganizationUserRepository>()
@ -155,6 +161,8 @@ public class BulkAddCollectionAccessCommandTests
        IEnumerable<CollectionUser> collectionUsers,
        IEnumerable<CollectionGroup> collectionGroups)
    {
+        SetCollectionsToSharedType(collections);
+
        organizationUsers.First().OrganizationId = Guid.NewGuid();

        sutProvider.GetDependency<IOrganizationUserRepository>()
@ -184,6 +192,8 @@ public class BulkAddCollectionAccessCommandTests
        IEnumerable<CollectionUser> collectionUsers,
        IEnumerable<CollectionGroup> collectionGroups)
    {
+        SetCollectionsToSharedType(collections);
+
        groups.RemoveAt(0);

        sutProvider.GetDependency<IOrganizationUserRepository>()
@ -221,6 +231,8 @@ public class BulkAddCollectionAccessCommandTests
        IEnumerable<CollectionUser> collectionUsers,
        IEnumerable<CollectionGroup> collectionGroups)
    {
+        SetCollectionsToSharedType(collections);
+
        groups.First().OrganizationId = Guid.NewGuid();

        sutProvider.GetDependency<IOrganizationUserRepository>()
@ -250,6 +262,37 @@ public class BulkAddCollectionAccessCommandTests
        );
    }

+    [Theory, BitAutoData, CollectionCustomization]
+    public async Task AddAccessAsync_WithDefaultUserCollectionType_ThrowsBadRequest(SutProvider<BulkAddCollectionAccessCommand> sutProvider,
+        IList<Collection> collections,
+        IEnumerable<CollectionUser> collectionUsers,
+        IEnumerable<CollectionGroup> collectionGroups)
+    {
+        // Arrange
+        collections.First().Type = CollectionType.DefaultUserCollection;
+
+        // Act & Assert
+        var exception = await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.AddAccessAsync(collections,
+            ToAccessSelection(collectionUsers),
+            ToAccessSelection(collectionGroups)
+        ));
+
+        Assert.Contains("You cannot add access to collections with the type as DefaultUserCollection.", exception.Message);
+
+        await sutProvider.GetDependency<ICollectionRepository>().DidNotReceiveWithAnyArgs().CreateOrUpdateAccessForManyAsync(default, default, default, default);
+        await sutProvider.GetDependency<IEventService>().DidNotReceiveWithAnyArgs().LogCollectionEventsAsync(default);
+        await sutProvider.GetDependency<IOrganizationUserRepository>().DidNotReceiveWithAnyArgs().GetManyAsync(default);
+        await sutProvider.GetDependency<IGroupRepository>().DidNotReceiveWithAnyArgs().GetManyByManyIds(default);
+    }
+
+    private static void SetCollectionsToSharedType(IEnumerable<Collection> collections)
+    {
+        foreach (var collection in collections)
+        {
+            collection.Type = CollectionType.SharedCollection;
+        }
+    }
+
    private static ICollection<CollectionAccessSelection> ToAccessSelection(IEnumerable<CollectionUser> collectionUsers)
    {
        return collectionUsers.Select(cu => new CollectionAccessSelection