[AC-2653] Remove old permissions code from GroupsController (#4148)

2024-11-24 12:35:25 +01:00 · 2024-06-04 08:46:48 +10:00 · 2024-06-04 08:46:48 +10:00 · 80793d1ffa
commit 80793d1ffa
parent fe76de63a0
2 changed files with 8 additions and 46 deletions
--- a/src/Api/AdminConsole/Controllers/GroupsController.cs
+++ b/src/Api/AdminConsole/Controllers/GroupsController.cs
@ -92,19 +92,9 @@ public class GroupsController : Controller
    [HttpGet("")]
    public async Task<ListResponseModel<GroupDetailsResponseModel>> Get(Guid orgId)
    {
-        if (await FlexibleCollectionsIsEnabledAsync(orgId))
-        {
-            // New flexible collections logic
-            return await Get_vNext(orgId);
-        }
-
-        // Old pre-flexible collections logic follows
-        var canAccess = await _currentContext.ManageGroups(orgId) ||
-                        await _currentContext.ViewAssignedCollections(orgId) ||
-                        await _currentContext.ViewAllCollections(orgId) ||
-                        await _currentContext.ManageUsers(orgId);
-
-        if (!canAccess)
+        var authorized =
+            (await _authorizationService.AuthorizeAsync(User, GroupOperations.ReadAll(orgId))).Succeeded;
+        if (!authorized)
        {
            throw new NotFoundException();
        }
@ -137,9 +127,7 @@ public class GroupsController : Controller
        }

        // Flexible Collections - check the user has permission to grant access to the collections for the new group
-        if (await FlexibleCollectionsIsEnabledAsync(orgId) &&
-            _featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1) &&
-            model.Collections?.Any() == true)
+        if (_featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1) && model.Collections?.Any() == true)
        {
            var collections = await _collectionRepository.GetManyByManyIdsAsync(model.Collections.Select(a => a.Id));
            var authorized =
@ -162,7 +150,7 @@ public class GroupsController : Controller
    [HttpPost("{id}")]
    public async Task<GroupResponseModel> Put(Guid orgId, Guid id, [FromBody] GroupRequestModel model)
    {
-        if (await FlexibleCollectionsIsEnabledAsync(orgId) && _featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1))
+        if (_featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1))
        {
            // Use new Flexible Collections v1 logic
            return await Put_vNext(orgId, id, model);
@ -284,24 +272,4 @@ public class GroupsController : Controller

        await _groupService.DeleteUserAsync(group, new Guid(orgUserId));
    }
-
-    private async Task<ListResponseModel<GroupDetailsResponseModel>> Get_vNext(Guid orgId)
-    {
-        var authorized =
-            (await _authorizationService.AuthorizeAsync(User, GroupOperations.ReadAll(orgId))).Succeeded;
-        if (!authorized)
-        {
-            throw new NotFoundException();
-        }
-
-        var groups = await _groupRepository.GetManyWithCollectionsByOrganizationIdAsync(orgId);
-        var responses = groups.Select(g => new GroupDetailsResponseModel(g.Item1, g.Item2));
-        return new ListResponseModel<GroupDetailsResponseModel>(responses);
-    }
-
-    private async Task<bool> FlexibleCollectionsIsEnabledAsync(Guid organizationId)
-    {
-        var organizationAbility = await _applicationCacheService.GetOrganizationAbilityAsync(organizationId);
-        return organizationAbility?.FlexibleCollections ?? false;
-    }
 }
--- a/test/Api.Test/AdminConsole/Controllers/GroupsControllerTests.cs
+++ b/test/Api.Test/AdminConsole/Controllers/GroupsControllerTests.cs
@ -56,7 +56,7 @@ public class GroupsControllerTests
    {
        // Enable FC and v1
        sutProvider.GetDependency<IApplicationCacheService>().GetOrganizationAbilityAsync(organization.Id).Returns(
-            new OrganizationAbility { Id = organization.Id, FlexibleCollections = true, AllowAdminAccessToAllCollectionItems = false });
+            new OrganizationAbility { Id = organization.Id, AllowAdminAccessToAllCollectionItems = false });
        sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1).Returns(true);

        sutProvider.GetDependency<IAuthorizationService>()
@ -102,7 +102,7 @@ public class GroupsControllerTests
    {
        // Enable FC and v1
        sutProvider.GetDependency<IApplicationCacheService>().GetOrganizationAbilityAsync(organization.Id).Returns(
-            new OrganizationAbility { Id = organization.Id, FlexibleCollections = true, AllowAdminAccessToAllCollectionItems = false });
+            new OrganizationAbility { Id = organization.Id, AllowAdminAccessToAllCollectionItems = false });
        sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1).Returns(true);

        sutProvider.GetDependency<IOrganizationRepository>().GetByIdAsync(organization.Id).Returns(organization);
@ -133,7 +133,7 @@ public class GroupsControllerTests

        // Enable FC and v1, set Collection Management Setting
        sutProvider.GetDependency<IApplicationCacheService>().GetOrganizationAbilityAsync(organization.Id).Returns(
-            new OrganizationAbility { Id = organization.Id, AllowAdminAccessToAllCollectionItems = true, FlexibleCollections = true });
+            new OrganizationAbility { Id = organization.Id, AllowAdminAccessToAllCollectionItems = true });
        sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1).Returns(true);

        sutProvider.GetDependency<IOrganizationRepository>().GetByIdAsync(organization.Id).Returns(organization);
@ -177,7 +177,6 @@ public class GroupsControllerTests
            {
                Id = organization.Id,
                AllowAdminAccessToAllCollectionItems = false,
-                FlexibleCollections = true
            });
        sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1).Returns(true);

@ -218,7 +217,6 @@ public class GroupsControllerTests
            {
                Id = organization.Id,
                AllowAdminAccessToAllCollectionItems = false,
-                FlexibleCollections = true
            });
        sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1).Returns(true);

@ -274,7 +272,6 @@ public class GroupsControllerTests
            {
                Id = organization.Id,
                AllowAdminAccessToAllCollectionItems = false,
-                FlexibleCollections = true
            });
        sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1).Returns(true);

@ -314,7 +311,6 @@ public class GroupsControllerTests
        Group group, Organization organization,
        SutProvider<GroupsController> sutProvider, Guid savingUserId)
    {
-        organization.FlexibleCollections = true;
        sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1).Returns(true);
        Put_Setup(sutProvider, organization, group, savingUserId);

@ -402,7 +398,6 @@ public class GroupsControllerTests
        Group group, Organization organization,
        SutProvider<GroupsController> sutProvider, Guid savingUserId)
    {
-        organization.FlexibleCollections = true;
        sutProvider.GetDependency<IFeatureService>().IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1).Returns(true);
        Put_Setup(sutProvider, organization, group, savingUserId);

@ -434,7 +429,6 @@ public class GroupsControllerTests
            .Returns(new OrganizationAbility
            {
                Id = organization.Id,
-                FlexibleCollections = true,
                AllowAdminAccessToAllCollectionItems = false
            });