From fbb7aa1350f1e5d59e7ab3587920cb5323a8d8e0 Mon Sep 17 00:00:00 2001
From: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Date: Thu, 28 Sep 2023 20:32:52 -0500
Subject: [PATCH] [AC-1666] Removed EditAnyCollection from Create/Delete
 permission checks (#3301)

* fix: remove EditAnyCollection from Create/Delete permission check, refs AC-1666

* fix: updated comment, refs AC-1666
---
 .../Collections/CollectionAuthorizationHandler.cs         | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/Api/Vault/AuthorizationHandlers/Collections/CollectionAuthorizationHandler.cs b/src/Api/Vault/AuthorizationHandlers/Collections/CollectionAuthorizationHandler.cs
index 17e02d4628..b3e15e281f 100644
--- a/src/Api/Vault/AuthorizationHandlers/Collections/CollectionAuthorizationHandler.cs
+++ b/src/Api/Vault/AuthorizationHandlers/Collections/CollectionAuthorizationHandler.cs
@@ -77,10 +77,10 @@ public class CollectionAuthorizationHandler : BulkAuthorizationHandler<Collectio
             return;
         }
 
-        // Owners, Admins, Providers, and users with CreateNewCollections or EditAnyCollection permission can always create collections
+        // Owners, Admins, Providers, and users with CreateNewCollections permission can always create collections
         if (
             org.Type is OrganizationUserType.Owner or OrganizationUserType.Admin ||
-            org.Permissions.CreateNewCollections || org.Permissions.EditAnyCollection ||
+            org.Permissions is { CreateNewCollections: true } ||
             await _currentContext.ProviderUserForOrgAsync(org.Id))
         {
             context.Succeed(requirement);
@@ -93,10 +93,10 @@ public class CollectionAuthorizationHandler : BulkAuthorizationHandler<Collectio
     private async Task CanDeleteAsync(AuthorizationHandlerContext context, CollectionOperationRequirement requirement,
         ICollection<Collection> resources, CurrentContextOrganization org)
     {
-        // Owners, Admins, Providers, and users with DeleteAnyCollection or EditAnyCollection permission can always delete collections
+        // Owners, Admins, Providers, and users with DeleteAnyCollection permission can always delete collections
         if (
             org.Type is OrganizationUserType.Owner or OrganizationUserType.Admin ||
-            org.Permissions.DeleteAnyCollection || org.Permissions.EditAnyCollection ||
+            org.Permissions is { DeleteAnyCollection: true } ||
             await _currentContext.ProviderUserForOrgAsync(org.Id))
         {
             context.Succeed(requirement);