[AC-1139] Unit tests refactors and added tests

2026-01-10 04:23:31 +00:00 · 2023-11-01 16:03:08 +00:00
parent db19d143ed
commit 52ae10fd50
4 changed files with 733 additions and 87 deletions
--- a/src/Api/Vault/AuthorizationHandlers/Collections/BulkCollectionAuthorizationHandler.cs
+++ b/src/Api/Vault/AuthorizationHandlers/Collections/BulkCollectionAuthorizationHandler.cs
@@ -42,21 +42,13 @@ public class BulkCollectionAuthorizationHandler : BulkAuthorizationHandler<Colle
        }

        // Establish pattern of authorization handler null checking passed resources
-        if (resources == null)
+        if (resources == null || !resources.Any() || !_currentContext.UserId.HasValue)
        {
            context.Fail();
            return;
        }

-        if (!_currentContext.UserId.HasValue)
-        {
-            context.Fail();
-            return;
-        }
-
-        var targetOrganizationId = requirement.OrganizationId != default
-            ? requirement.OrganizationId : resources.FirstOrDefault()?.OrganizationId ?? default;
-
+        var targetOrganizationId = resources.FirstOrDefault()?.OrganizationId ?? default;
        if (targetOrganizationId == default)
        {
            context.Fail();
@@ -123,6 +115,7 @@ public class BulkCollectionAuthorizationHandler : BulkAuthorizationHandler<Colle
        ICollection<Collection> targetCollections, CurrentContextOrganization org)
    {
        if (org.Type is OrganizationUserType.Owner or OrganizationUserType.Admin ||
+            org.Permissions.EditAnyCollection || org.Permissions.DeleteAnyCollection ||
            await _currentContext.ProviderUserForOrgAsync(org.Id))
        {
            context.Succeed(requirement);
--- a/src/Api/Vault/AuthorizationHandlers/Collections/CollectionAuthorizationHandler.cs
+++ b/src/Api/Vault/AuthorizationHandlers/Collections/CollectionAuthorizationHandler.cs
@@ -61,8 +61,6 @@ public class CollectionAuthorizationHandler : AuthorizationHandler<CollectionOpe
        {
            // Acting user is a member of the target organization, check permissions
            if (org.Type is OrganizationUserType.Owner or OrganizationUserType.Admin ||
-                  org.Permissions.ManageGroups ||
-                  org.Permissions.ManageUsers ||
                  org.Permissions.EditAnyCollection ||
                  org.Permissions.DeleteAnyCollection ||
                  org.Permissions.AccessImportExport)
@@ -86,8 +84,6 @@ public class CollectionAuthorizationHandler : AuthorizationHandler<CollectionOpe
        {
            // Acting user is a member of the target organization, check permissions
            if (org.Type is OrganizationUserType.Owner or OrganizationUserType.Admin ||
-                org.Permissions.ManageGroups ||
-                org.Permissions.ManageUsers ||
                org.Permissions.EditAnyCollection ||
                org.Permissions.DeleteAnyCollection)
            {
@@ -101,6 +97,5 @@ public class CollectionAuthorizationHandler : AuthorizationHandler<CollectionOpe
        {
            context.Succeed(requirement);
        }
-
    }
 }