New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[AC-2086] Update CanDelete to handle V1 flag logic #3979
[AC-2086] Update CanDelete to handle V1 flag logic #3979
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #3979 +/- ##
=======================================
Coverage 38.33% 38.33%
=======================================
Files 1209 1209
Lines 58686 58688 +2
Branches 5589 5591 +2
=======================================
+ Hits 22495 22498 +3
+ Misses 35147 35146 -1
Partials 1044 1044 ☔ View full report in Codecov by Sentry. |
New Issues
Fixed Issues
|
// LimitCollectionCreationDeletion is false, AllowAdminAccessToAllCollectionItems setting is irrelevant. | ||
// Ensure acting user has manage permissions for all collections being deleted | ||
if (organizationAbility is { LimitCollectionCreationDeletion: false }) | ||
{ | ||
var canManageCollections = await CanManageCollectionsAsync(resources); | ||
if (canManageCollections) | ||
{ | ||
return true; | ||
} | ||
} | ||
else | ||
// LimitCollectionCreationDeletion is true, only Owners and Admins can delete collections they manage | ||
{ | ||
if (org is { Type: OrganizationUserType.Owner or OrganizationUserType.Admin } && canManageCollections) | ||
{ | ||
return true; | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How you've written this works and I think this has turned out pretty well after much discussion about the business logic side of things.
One suggestion, I think this could be expressed more succinctly:
var canDeleteManagedCollections = organizationAbility is { LimitCollectionCreationDeletion: false } ||
org is { Type: OrganizationUserType.Owner or OrganizationUserType.Admin };
if (canDeleteManagedCollections && await canManageCollections(resources))
{
return true;
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you!
if ((organizationAbility is { AllowAdminAccessToAllCollectionItems: true } || | ||
!_featureService.IsEnabled(FeatureFlagKeys.FlexibleCollectionsV1)) && | ||
org is { Type: OrganizationUserType.Owner or OrganizationUserType.Admin }) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I ended up separating these lines to make the logic a little clearer - see CanUpdateCollectionAsync.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please add a test case for:
- owner/admin
- deleting a collection they don't manage
- admins can manage all collections and items is set to false
- expect: not authorized
or if it's here and I'm missing it, just point me to it 😁
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe I've added the test you're looking for!
Also just confirming that we need the same changes in |
…ion, refs AC-2086
…ut can manage, refs AC-2086
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great work!
Type of change
Objective
Code changes
CanDeleteAsync
method to take into account logic changes from theAllowAdminAccessToAllCollectionItems
settingBefore you submit
dotnet format --verify-no-changes
) (required)