[AC-1784] Revert changes made on assigning Manage permission to collections (#3501)

This reverts commit fe702c6535.

src/Core/AdminConsole/Services/Implementations/OrganizationService.cs

@@ -64,9 +64,6 @@ public class OrganizationService : IOrganizationService
     private readonly IDataProtectorTokenFactory<OrgUserInviteTokenable> _orgUserInviteTokenDataFactory;
     private readonly IFeatureService _featureService;
 
-    private bool FlexibleCollectionsIsEnabled => _featureService.IsEnabled(FeatureFlagKeys.FlexibleCollections, _currentContext);
-    private bool FlexibleCollectionsV1IsEnabled => _featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1, _currentContext);
-
     public OrganizationService(
         IOrganizationRepository organizationRepository,
         IOrganizationUserRepository organizationUserRepository,
@@ -440,6 +437,11 @@ public class OrganizationService : IOrganizationService
             await ValidateSignUpPoliciesAsync(signup.Owner.Id);
         }
 
+        var flexibleCollectionsIsEnabled =
+            _featureService.IsEnabled(FeatureFlagKeys.FlexibleCollections, _currentContext);
+        var flexibleCollectionsV1IsEnabled =
+            _featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1, _currentContext);
+
         var organization = new Organization
         {
             // Pre-generate the org id so that we can save it with the Stripe subscription..
@@ -477,8 +479,8 @@ public class OrganizationService : IOrganizationService
             Status = OrganizationStatusType.Created,
             UsePasswordManager = true,
             UseSecretsManager = signup.UseSecretsManager,
-            LimitCollectionCreationDeletion = !FlexibleCollectionsIsEnabled,
-            AllowAdminAccessToAllCollectionItems = !FlexibleCollectionsV1IsEnabled
+            LimitCollectionCreationDeletion = !flexibleCollectionsIsEnabled,
+            AllowAdminAccessToAllCollectionItems = !flexibleCollectionsV1IsEnabled
         };
 
         if (signup.UseSecretsManager)
@@ -935,10 +937,6 @@ public class OrganizationService : IOrganizationService
                         orgUser.Permissions = JsonSerializer.Serialize(invite.Permissions, JsonHelpers.CamelCase);
                     }
 
-                    // If Flexible Collections is disabled and the user has EditAssignedCollections permission
-                    // grant Manage permission for all assigned collections
-                    invite.Collections = ApplyManageCollectionPermissions(orgUser, invite.Collections);
-
                     if (!orgUser.AccessAll && invite.Collections.Any())
                     {
                         limitedCollectionOrgUsers.Add((orgUser, invite.Collections));
@@ -1325,9 +1323,11 @@ public class OrganizationService : IOrganizationService
             }
         }
 
-        // If Flexible Collections is disabled and the user has EditAssignedCollections permission
-        // grant Manage permission for all assigned collections
-        collections = ApplyManageCollectionPermissions(user, collections);
+        if (user.AccessAll)
+        {
+            // We don't need any collections if we're flagged to have all access.
+            collections = new List<CollectionAccessSelection>();
+        }
         await _organizationUserRepository.ReplaceAsync(user, collections);
 
         if (groups != null)
@@ -2440,18 +2440,4 @@ public class OrganizationService : IOrganizationService
             await _collectionRepository.CreateAsync(defaultCollection);
         }
     }
-
-    private IEnumerable<CollectionAccessSelection> ApplyManageCollectionPermissions(OrganizationUser orgUser, IEnumerable<CollectionAccessSelection> collections)
-    {
-        if (!FlexibleCollectionsIsEnabled && (orgUser.GetPermissions()?.EditAssignedCollections ?? false))
-        {
-            return collections.Select(c =>
-            {
-                c.Manage = true;
-                return c;
-            }).ToList();
-        }
-
-        return collections;
-    }
 }

src/Core/Services/Implementations/CollectionService.cs

@@ -53,36 +53,21 @@ public class CollectionService : ICollectionService
         }
 
         var groupsList = groups?.ToList();
-        var usersList = users?.ToList() ?? new List<CollectionAccessSelection>();
+        var usersList = users?.ToList();
 
         // If using Flexible Collections - a collection should always have someone with Can Manage permissions
         if (_featureService.IsEnabled(FeatureFlagKeys.FlexibleCollections, _currentContext))
         {
             var groupHasManageAccess = groupsList?.Any(g => g.Manage) ?? false;
-            var userHasManageAccess = usersList.Any(u => u.Manage);
+            var userHasManageAccess = usersList?.Any(u => u.Manage) ?? false;
             if (!groupHasManageAccess && !userHasManageAccess)
             {
                 throw new BadRequestException(
                     "At least one member or group must have can manage permission.");
             }
         }
-        else
-        {
-            // If not using Flexible Collections
-            // all Organization users with EditAssignedCollections permission should have Manage permission for the collection
-            var organizationUsers = await _organizationUserRepository
-                .GetManyByOrganizationAsync(collection.OrganizationId, null);
-            foreach (var orgUser in organizationUsers.Where(ou => ou.GetPermissions()?.EditAssignedCollections ?? false))
-            {
-                var user = usersList.FirstOrDefault(u => u.Id == orgUser.Id);
-                if (user != null)
-                {
-                    user.Manage = true;
-                }
-            }
-        }
 
-        if (collection.Id == default)
+        if (collection.Id == default(Guid))
         {
             if (org.MaxCollections.HasValue)
             {