[AC-2653] Remove old permissions code from GroupsController (#4148)

src/Api/AdminConsole/Controllers/GroupsController.cs

@@ -92,19 +92,9 @@ public class GroupsController : Controller
     [HttpGet("")]
     public async Task<ListResponseModel<GroupDetailsResponseModel>> Get(Guid orgId)
     {
-        if (await FlexibleCollectionsIsEnabledAsync(orgId))
+        var authorized =
-        {
+            (await _authorizationService.AuthorizeAsync(User, GroupOperations.ReadAll(orgId))).Succeeded;
-            // New flexible collections logic
+        if (!authorized)
-            return await Get_vNext(orgId);
-        }
-
-        // Old pre-flexible collections logic follows
-        var canAccess = await _currentContext.ManageGroups(orgId) ||
-                        await _currentContext.ViewAssignedCollections(orgId) ||
-                        await _currentContext.ViewAllCollections(orgId) ||
-                        await _currentContext.ManageUsers(orgId);
-
-        if (!canAccess)
         {
             throw new NotFoundException();
         }
@@ -137,9 +127,7 @@ public class GroupsController : Controller
         }
 
         // Flexible Collections - check the user has permission to grant access to the collections for the new group
-        if (await FlexibleCollectionsIsEnabledAsync(orgId) &&
+        if (_featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1) && model.Collections?.Any() == true)
-            _featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1) &&
-            model.Collections?.Any() == true)
         {
             var collections = await _collectionRepository.GetManyByManyIdsAsync(model.Collections.Select(a => a.Id));
             var authorized =
@@ -162,7 +150,7 @@ public class GroupsController : Controller
     [HttpPost("{id}")]
     public async Task<GroupResponseModel> Put(Guid orgId, Guid id, [FromBody] GroupRequestModel model)
     {
-        if (await FlexibleCollectionsIsEnabledAsync(orgId) && _featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1))
+        if (_featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1))
         {
             // Use new Flexible Collections v1 logic
             return await Put_vNext(orgId, id, model);
@@ -284,24 +272,4 @@ public class GroupsController : Controller
 
         await _groupService.DeleteUserAsync(group, new Guid(orgUserId));
     }
-
-    private async Task<ListResponseModel<GroupDetailsResponseModel>> Get_vNext(Guid orgId)
-    {
-        var authorized =
-            (await _authorizationService.AuthorizeAsync(User, GroupOperations.ReadAll(orgId))).Succeeded;
-        if (!authorized)
-        {
-            throw new NotFoundException();
-        }
-
-        var groups = await _groupRepository.GetManyWithCollectionsByOrganizationIdAsync(orgId);
-        var responses = groups.Select(g => new GroupDetailsResponseModel(g.Item1, g.Item2));
-        return new ListResponseModel<GroupDetailsResponseModel>(responses);
-    }
-
-    private async Task<bool> FlexibleCollectionsIsEnabledAsync(Guid organizationId)
-    {
-        var organizationAbility = await _applicationCacheService.GetOrganizationAbilityAsync(organizationId);
-        return organizationAbility?.FlexibleCollections ?? false;
-    }
 }

test/Api.Test/AdminConsole/Controllers/GroupsControllerTests.cs

@@ -56,7 +56,7 @@ public class GroupsControllerTests
     {
         // Enable FC and v1
         sutProvider.GetDependency<IApplicationCacheService>().GetOrganizationAbilityAsync(organization.Id).Returns(
-            new OrganizationAbility { Id = organization.Id, FlexibleCollections = true, AllowAdminAccessToAllCollectionItems = false });
+            new OrganizationAbility { Id = organization.Id, AllowAdminAccessToAllCollectionItems = false });
         sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1).Returns(true);
 
         sutProvider.GetDependency<IAuthorizationService>()
@@ -102,7 +102,7 @@ public class GroupsControllerTests
     {
         // Enable FC and v1
         sutProvider.GetDependency<IApplicationCacheService>().GetOrganizationAbilityAsync(organization.Id).Returns(
-            new OrganizationAbility { Id = organization.Id, FlexibleCollections = true, AllowAdminAccessToAllCollectionItems = false });
+            new OrganizationAbility { Id = organization.Id, AllowAdminAccessToAllCollectionItems = false });
         sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1).Returns(true);
 
         sutProvider.GetDependency<IOrganizationRepository>().GetByIdAsync(organization.Id).Returns(organization);
@@ -133,7 +133,7 @@ public class GroupsControllerTests
 
         // Enable FC and v1, set Collection Management Setting
         sutProvider.GetDependency<IApplicationCacheService>().GetOrganizationAbilityAsync(organization.Id).Returns(
-            new OrganizationAbility { Id = organization.Id, AllowAdminAccessToAllCollectionItems = true, FlexibleCollections = true });
+            new OrganizationAbility { Id = organization.Id, AllowAdminAccessToAllCollectionItems = true });
         sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1).Returns(true);
 
         sutProvider.GetDependency<IOrganizationRepository>().GetByIdAsync(organization.Id).Returns(organization);
@@ -177,7 +177,6 @@ public class GroupsControllerTests
             {
                 Id = organization.Id,
                 AllowAdminAccessToAllCollectionItems = false,
-                FlexibleCollections = true
             });
         sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1).Returns(true);
 
@@ -218,7 +217,6 @@ public class GroupsControllerTests
             {
                 Id = organization.Id,
                 AllowAdminAccessToAllCollectionItems = false,
-                FlexibleCollections = true
             });
         sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1).Returns(true);
 
@@ -274,7 +272,6 @@ public class GroupsControllerTests
             {
                 Id = organization.Id,
                 AllowAdminAccessToAllCollectionItems = false,
-                FlexibleCollections = true
             });
         sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1).Returns(true);
 
@@ -314,7 +311,6 @@ public class GroupsControllerTests
         Group group, Organization organization,
         SutProvider<GroupsController> sutProvider, Guid savingUserId)
     {
-        organization.FlexibleCollections = true;
         sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1).Returns(true);
         Put_Setup(sutProvider, organization, group, savingUserId);
 
@@ -402,7 +398,6 @@ public class GroupsControllerTests
         Group group, Organization organization,
         SutProvider<GroupsController> sutProvider, Guid savingUserId)
     {
-        organization.FlexibleCollections = true;
         sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1).Returns(true);
         Put_Setup(sutProvider, organization, group, savingUserId);
 
@@ -434,7 +429,6 @@ public class GroupsControllerTests
             .Returns(new OrganizationAbility
             {
                 Id = organization.Id,
-                FlexibleCollections = true,
                 AllowAdminAccessToAllCollectionItems = false
             });