[AC-2086] Update CanDelete with v1 flag logic (#9100)

* feat: update org domain object deleteAnyCollection with v1 flag logic, refs AC-2086 * feat: update canDelete method to handle v1 flag logic, refs AC-2086 * feat: update canDelete references to pass v1 flag, refs AC-2086 * feat: add provider check and modify owner/admin type checks, refs AC-2086 * fix: add permission to org instantiation for vault item stories, refs AC-2086
2025-12-10 21:33:27 +00:00 · 2024-05-13 16:13:27 -05:00
parent 66f5d90803
commit 3900924250
11 changed files with 42 additions and 21 deletions
--- a/libs/common/src/admin-console/models/domain/organization.ts
+++ b/libs/common/src/admin-console/models/domain/organization.ts
@@ -232,8 +232,23 @@ export class Organization {
    );
  }

-  get canDeleteAnyCollection() {
-    return this.isAdmin || this.permissions.deleteAnyCollection;
+  /**
+   * @param flexibleCollectionsV1Enabled - Whether or not the V1 Flexible Collection feature flag is enabled
+   * @returns True if the user can delete any collection
+   */
+  canDeleteAnyCollection(flexibleCollectionsV1Enabled: boolean) {
+    // Providers and Users with DeleteAnyCollection permission can always delete collections
+    if (this.isProviderUser || this.permissions.deleteAnyCollection) {
+      return true;
+    }
+
+    // If AllowAdminAccessToAllCollectionItems is true, Owners and Admins can delete any collection, regardless of LimitCollectionCreationDeletion setting
+    // Using explicit type checks because provider users are handled above and this mimics the server's permission checks closely
+    if (!flexibleCollectionsV1Enabled || this.allowAdminAccessToAllCollectionItems) {
+      return this.type == OrganizationUserType.Owner || this.type == OrganizationUserType.Admin;
+    }
+
+    return false;
  }

  /**
@@ -242,7 +257,9 @@ export class Organization {
   */
  get canViewAllCollections() {
    // Admins can always see all collections even if collection management settings prevent them from editing them or seeing items
-    return this.isAdmin || this.permissions.editAnyCollection || this.canDeleteAnyCollection;
+    return (
+      this.isAdmin || this.permissions.editAnyCollection || this.permissions.deleteAnyCollection
+    );
  }

  /**
--- a/libs/common/src/vault/models/view/collection.view.ts
+++ b/libs/common/src/vault/models/view/collection.view.ts
@@ -75,16 +75,18 @@ export class CollectionView implements View, ITreeNodeObject {
  }

  // For deleting a collection, not the items within it.
-  canDelete(org: Organization): boolean {
+  canDelete(org: Organization, flexibleCollectionsV1Enabled: boolean): boolean {
    if (org != null && org.id !== this.organizationId) {
      throw new Error(
        "Id of the organization provided does not match the org id of the collection.",
      );
    }

-    return org?.flexibleCollections
-      ? org?.canDeleteAnyCollection || (!org?.limitCollectionCreationDeletion && this.manage)
-      : org?.canDeleteAnyCollection || org?.canDeleteAssignedCollections;
+    const canDeleteManagedCollections = !org?.limitCollectionCreationDeletion || org.isAdmin;
+    return (
+      org?.canDeleteAnyCollection(flexibleCollectionsV1Enabled) ||
+      (canDeleteManagedCollections && this.manage)
+    );
  }

  /**