Add validation in BulkAddCollectionAccessCommand to prevent addition of collections of DefaultUserCollection type

* Implemented a check to throw a BadRequestException if an attempt is made to add access to collections of type DefaultUserCollection. * Added a unit test to ensure the exception is thrown with the correct message when this condition is met.
2025-06-27 14:16:19 -05:00 · 2025-06-13 14:51:59 +01:00 · 2025-06-13 14:51:59 +01:00 · f1afc653e3
commit f1afc653e3
parent e76763fcb2
2 changed files with 48 additions and 0 deletions
--- a/src/Core/OrganizationFeatures/OrganizationCollections/BulkAddCollectionAccessCommand.cs
+++ b/src/Core/OrganizationFeatures/OrganizationCollections/BulkAddCollectionAccessCommand.cs
@ -52,6 +52,11 @@ public class BulkAddCollectionAccessCommand : IBulkAddCollectionAccessCommand
            throw new BadRequestException("No collections were provided.");
        }
        if (collections.Any(c => c.Type == CollectionType.DefaultUserCollection))
        {
            throw new BadRequestException("You cannot add access to collections with the type as DefaultUserCollection.");
        }
        var orgId = collections.First().OrganizationId;
        if (collections.Any(c => c.OrganizationId != orgId))
--- a/test/Core.Test/OrganizationFeatures/OrganizationCollections/BulkAddCollectionAccessCommandTests.cs
+++ b/test/Core.Test/OrganizationFeatures/OrganizationCollections/BulkAddCollectionAccessCommandTests.cs
@ -27,6 +27,8 @@ public class BulkAddCollectionAccessCommandTests
        IEnumerable<CollectionUser> collectionUsers,
        IEnumerable<CollectionGroup> collectionGroups)
    {
        SetCollectionsToSharedType(collections);
        sutProvider.GetDependency<IOrganizationUserRepository>()
            .GetManyAsync(
                Arg.Is<IEnumerable<Guid>>(ids => ids.SequenceEqual(collectionUsers.Select(u => u.OrganizationUserId)))
@ -107,6 +109,8 @@ public class BulkAddCollectionAccessCommandTests
        IEnumerable<CollectionUser> collectionUsers,
        IEnumerable<CollectionGroup> collectionGroups)
    {
        SetCollectionsToSharedType(collections);
        collections.First().OrganizationId = Guid.NewGuid();
        var exception = await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.AddAccessAsync(collections,
@ -127,6 +131,8 @@ public class BulkAddCollectionAccessCommandTests
        IEnumerable<CollectionUser> collectionUsers,
        IEnumerable<CollectionGroup> collectionGroups)
    {
        SetCollectionsToSharedType(collections);
        organizationUsers.RemoveAt(0);
        sutProvider.GetDependency<IOrganizationUserRepository>()
@ -155,6 +161,8 @@ public class BulkAddCollectionAccessCommandTests
        IEnumerable<CollectionUser> collectionUsers,
        IEnumerable<CollectionGroup> collectionGroups)
    {
        SetCollectionsToSharedType(collections);
        organizationUsers.First().OrganizationId = Guid.NewGuid();
        sutProvider.GetDependency<IOrganizationUserRepository>()
@ -184,6 +192,8 @@ public class BulkAddCollectionAccessCommandTests
        IEnumerable<CollectionUser> collectionUsers,
        IEnumerable<CollectionGroup> collectionGroups)
    {
        SetCollectionsToSharedType(collections);
        groups.RemoveAt(0);
        sutProvider.GetDependency<IOrganizationUserRepository>()
@ -221,6 +231,8 @@ public class BulkAddCollectionAccessCommandTests
        IEnumerable<CollectionUser> collectionUsers,
        IEnumerable<CollectionGroup> collectionGroups)
    {
        SetCollectionsToSharedType(collections);
        groups.First().OrganizationId = Guid.NewGuid();
        sutProvider.GetDependency<IOrganizationUserRepository>()
@ -250,6 +262,37 @@ public class BulkAddCollectionAccessCommandTests
        );
    }
    [Theory, BitAutoData, CollectionCustomization]
    public async Task AddAccessAsync_WithDefaultUserCollectionType_ThrowsBadRequest(SutProvider<BulkAddCollectionAccessCommand> sutProvider,
        IList<Collection> collections,
        IEnumerable<CollectionUser> collectionUsers,
        IEnumerable<CollectionGroup> collectionGroups)
    {
        // Arrange
        collections.First().Type = CollectionType.DefaultUserCollection;
        // Act & Assert
        var exception = await Assert.ThrowsAsync<BadRequestException>(() => sutProvider.Sut.AddAccessAsync(collections,
            ToAccessSelection(collectionUsers),
            ToAccessSelection(collectionGroups)
        ));
        Assert.Contains("You cannot add access to collections with the type as DefaultUserCollection.", exception.Message);
        await sutProvider.GetDependency<ICollectionRepository>().DidNotReceiveWithAnyArgs().CreateOrUpdateAccessForManyAsync(default, default, default, default);
        await sutProvider.GetDependency<IEventService>().DidNotReceiveWithAnyArgs().LogCollectionEventsAsync(default);
        await sutProvider.GetDependency<IOrganizationUserRepository>().DidNotReceiveWithAnyArgs().GetManyAsync(default);
        await sutProvider.GetDependency<IGroupRepository>().DidNotReceiveWithAnyArgs().GetManyByManyIds(default);
    }
    private static void SetCollectionsToSharedType(IEnumerable<Collection> collections)
    {
        foreach (var collection in collections)
        {
            collection.Type = CollectionType.SharedCollection;
        }
    }
    private static ICollection<CollectionAccessSelection> ToAccessSelection(IEnumerable<CollectionUser> collectionUsers)
    {
        return collectionUsers.Select(cu => new CollectionAccessSelection