Give creating owner Manage permissions for default collection (#3776)

2025-01-21 21:41:21 +01:00 · 2024-02-12 08:50:41 +10:00 · 2024-02-12 08:50:41 +10:00 · 1d9fe79ef6
commit 1d9fe79ef6
parent 17118bc74f
2 changed files with 51 additions and 14 deletions
--- a/src/Core/AdminConsole/Services/Implementations/OrganizationService.cs
+++ b/src/Core/AdminConsole/Services/Implementations/OrganizationService.cs
@ -655,18 +655,6 @@ public class OrganizationService : IOrganizationService
            });
            await _applicationCacheService.UpsertOrganizationAbilityAsync(organization);

-            if (!string.IsNullOrWhiteSpace(collectionName))
-            {
-                var defaultCollection = new Collection
-                {
-                    Name = collectionName,
-                    OrganizationId = organization.Id,
-                    CreationDate = organization.CreationDate,
-                    RevisionDate = organization.CreationDate
-                };
-                await _collectionRepository.CreateAsync(defaultCollection);
-            }
-
            OrganizationUser orgUser = null;
            if (ownerId != default)
            {
@ -685,6 +673,7 @@ public class OrganizationService : IOrganizationService
                    CreationDate = organization.CreationDate,
                    RevisionDate = organization.CreationDate
                };
+                orgUser.SetNewId();

                await _organizationUserRepository.CreateAsync(orgUser);

@ -694,6 +683,27 @@ public class OrganizationService : IOrganizationService
                await _pushNotificationService.PushSyncOrgKeysAsync(ownerId);
            }

+            if (!string.IsNullOrWhiteSpace(collectionName))
+            {
+                var defaultCollection = new Collection
+                {
+                    Name = collectionName,
+                    OrganizationId = organization.Id,
+                    CreationDate = organization.CreationDate,
+                    RevisionDate = organization.CreationDate
+                };
+
+                // If using Flexible Collections, give the owner Can Manage access over the default collection
+                List<CollectionAccessSelection> defaultOwnerAccess = null;
+                if (organization.FlexibleCollections)
+                {
+                    defaultOwnerAccess =
+                        [new CollectionAccessSelection { Id = orgUser.Id, HidePasswords = false, ReadOnly = false, Manage = true }];
+                }
+
+                await _collectionRepository.CreateAsync(defaultCollection, null, defaultOwnerAccess);
+            }
+
            return new Tuple<Organization, OrganizationUser>(organization, orgUser);
        }
        catch
@ -2548,12 +2558,21 @@ public class OrganizationService : IOrganizationService

        if (!string.IsNullOrWhiteSpace(collectionName))
        {
+            // If using Flexible Collections, give the owner Can Manage access over the default collection
+            List<CollectionAccessSelection> defaultOwnerAccess = null;
+            if (org.FlexibleCollections)
+            {
+                var orgUser = await _organizationUserRepository.GetByOrganizationAsync(org.Id, userId);
+                defaultOwnerAccess =
+                    [new CollectionAccessSelection { Id = orgUser.Id, HidePasswords = false, ReadOnly = false, Manage = true }];
+            }
+
            var defaultCollection = new Collection
            {
                Name = collectionName,
                OrganizationId = org.Id
            };
-            await _collectionRepository.CreateAsync(defaultCollection);
+            await _collectionRepository.CreateAsync(defaultCollection, null, defaultOwnerAccess);
        }
    }
 }
--- a/test/Core.Test/AdminConsole/Services/OrganizationServiceTests.cs
+++ b/test/Core.Test/AdminConsole/Services/OrganizationServiceTests.cs
@ -259,7 +259,6 @@ public class OrganizationServiceTests
        (PlanType planType, OrganizationSignup signup, SutProvider<OrganizationService> sutProvider)
    {
        signup.Plan = planType;
-        var plan = StaticStore.GetPlan(signup.Plan);
        signup.AdditionalSeats = 0;
        signup.PaymentMethodType = PaymentMethodType.Card;
        signup.PremiumAccessAddon = false;
@ -269,13 +268,32 @@ public class OrganizationServiceTests
            .IsEnabled(FeatureFlagKeys.FlexibleCollectionsSignup)
            .Returns(true);

+        // Extract orgUserId when created
+        Guid? orgUserId = null;
+        await sutProvider.GetDependency<IOrganizationUserRepository>()
+            .CreateAsync(Arg.Do<OrganizationUser>(ou => orgUserId = ou.Id));
+
        var result = await sutProvider.Sut.SignUpAsync(signup);

+        // Assert: AccessAll is not used
        await sutProvider.GetDependency<IOrganizationUserRepository>().Received(1).CreateAsync(
            Arg.Is<OrganizationUser>(o =>
                o.UserId == signup.Owner.Id &&
                o.AccessAll == false));

+        // Assert: created a Can Manage association for the default collection instead
+        Assert.NotNull(orgUserId);
+        await sutProvider.GetDependency<ICollectionRepository>().Received(1).CreateAsync(
+            Arg.Any<Collection>(),
+            Arg.Is<IEnumerable<CollectionAccessSelection>>(cas => cas == null),
+            Arg.Is<IEnumerable<CollectionAccessSelection>>(cas =>
+                cas.Count() == 1 &&
+                cas.All(c =>
+                    c.Id == orgUserId &&
+                    !c.ReadOnly &&
+                    !c.HidePasswords &&
+                    c.Manage)));
+
        Assert.NotNull(result);
        Assert.NotNull(result.Item1);
        Assert.NotNull(result.Item2);