[PM-22103] Exclude default collections from admin apis (#6021)

* feat: exclude DefaultUserCollection from GetManyByOrganizationIdWithPermissionsAsync Updated EF implementation, SQL procedure, and unit test to verify that default user collections are filtered from results * Update the public CollectionsController.Get method to return a NotFoundResult for collections of type DefaultUserCollection. * Add unit tests for the public CollectionsController * Update ICollectionRepository.GetManyByOrganizationIdAsync to exclude results of the type DefaultUserCollection Modified the SQL stored procedure and the EF query to reflect this change and added a new integration test to ensure the functionality works as expected. * Refactor CollectionsController to remove unused IApplicationCacheService dependency * Update IOrganizationUserRepository.GetDetailsByIdWithCollectionsAsync to exclude DefaultUserCollections * Update IOrganizationUserRepository.GetManyDetailsByOrganizationAsync to exclude DefaultUserCollections * Undo change to GetByIdWithCollectionsAsync * Update integration test to verify exclusion of DefaultUserCollection in OrganizationUserRepository.GetDetailsByIdWithCollectionsAsync * Clarify documentation in ICollectionRepository to specify that GetManyByOrganizationIdWithAccessAsync returns only shared collections belonging to the organization. * Add Arrange, Act, and Assert comments to CollectionsControllerTests
2025-12-17 16:53:23 +00:00 · 2025-07-18 13:00:54 +01:00
parent 828003f101
commit 30300bc59b
14 changed files with 500 additions and 15 deletions
--- a/test/Infrastructure.IntegrationTest/AdminConsole/Repositories/CollectionRepository/CollectionRepositoryTests.cs
+++ b/test/Infrastructure.IntegrationTest/AdminConsole/Repositories/CollectionRepository/CollectionRepositoryTests.cs
@@ -296,10 +296,29 @@ public class CollectionRepositoryTests
            }
        }, null);

+        // Create a default user collection (should be excluded from admin console results)
+        var defaultCollection = new Collection
+        {
+            Name = "My Items Collection",
+            OrganizationId = organization.Id,
+            Type = CollectionType.DefaultUserCollection
+        };
+
+        await collectionRepository.CreateAsync(defaultCollection, null, users: new[]
+        {
+            new CollectionAccessSelection()
+            {
+                Id = orgUser.Id, HidePasswords = false, ReadOnly = false, Manage = true
+            }
+        });
+
        var collections = await collectionRepository.GetManyByOrganizationIdWithPermissionsAsync(organization.Id, user.Id, true);

        Assert.NotNull(collections);

+        // Should return only 3 collections (excluding the default user collection)
+        Assert.Equal(3, collections.Count);
+
        collections = collections.OrderBy(c => c.Name).ToList();

        Assert.Collection(collections, c1 =>
@@ -463,4 +482,69 @@ public class CollectionRepositoryTests
            Assert.False(c3.Unmanaged);
        });
    }
+
+    /// <summary>
+    /// Test to ensure collections are properly retrieved by organization
+    /// </summary>
+    [DatabaseTheory, DatabaseData]
+    public async Task GetManyByOrganizationIdAsync_Success(
+        IUserRepository userRepository,
+        IOrganizationRepository organizationRepository,
+        ICollectionRepository collectionRepository,
+        IOrganizationUserRepository organizationUserRepository)
+    {
+        var user = await userRepository.CreateAsync(new User
+        {
+            Name = "Test User",
+            Email = $"test+{Guid.NewGuid()}@email.com",
+            ApiKey = "TEST",
+            SecurityStamp = "stamp",
+        });
+
+        var organization = await organizationRepository.CreateAsync(new Organization
+        {
+            Name = "Test Org",
+            PlanType = PlanType.EnterpriseAnnually,
+            Plan = "Test Plan",
+            BillingEmail = "billing@email.com"
+        });
+
+        var orgUser = await organizationUserRepository.CreateAsync(new OrganizationUser
+        {
+            OrganizationId = organization.Id,
+            UserId = user.Id,
+            Status = OrganizationUserStatusType.Confirmed,
+        });
+
+        var collection1 = new Collection { Name = "Collection 1", OrganizationId = organization.Id, };
+        await collectionRepository.CreateAsync(collection1, null, null);
+
+        var collection2 = new Collection { Name = "Collection 2", OrganizationId = organization.Id, };
+        await collectionRepository.CreateAsync(collection2, null, null);
+
+        var collection3 = new Collection { Name = "Collection 3", OrganizationId = organization.Id, };
+        await collectionRepository.CreateAsync(collection3, null, null);
+
+        // Create a default user collection (should not be returned by this method)
+        var defaultCollection = new Collection
+        {
+            Name = "My Items",
+            OrganizationId = organization.Id,
+            Type = CollectionType.DefaultUserCollection
+        };
+        await collectionRepository.CreateAsync(defaultCollection, null, null);
+
+        var collections = await collectionRepository.GetManyByOrganizationIdAsync(organization.Id);
+
+        Assert.NotNull(collections);
+        Assert.Equal(3, collections.Count); // Should only return the 3 shared collections, excluding the default user collection
+        Assert.All(collections, c => Assert.Equal(organization.Id, c.OrganizationId));
+        Assert.All(collections, c => Assert.NotEqual(CollectionType.DefaultUserCollection, c.Type));
+
+        // Verify specific collections are returned
+        Assert.Contains(collections, c => c.Name == "Collection 1");
+        Assert.Contains(collections, c => c.Name == "Collection 2");
+        Assert.Contains(collections, c => c.Name == "Collection 3");
+        Assert.DoesNotContain(collections, c => c.Name == "My Items");
+    }
 }