[AC-1880] - Public API - Update collection permission associations with Manage property (#3656)

* Add missing hide-passwords permission to api models * Update src/Api/Auth/Models/Public/AssociationWithPermissionsBaseModel.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> * Rename ToSelectionReadOnly to ToCollectionAccessSelection * Remove Required attribute which would break backwards compatability * Update src/Api/Auth/Models/Public/Request/AssociationWithPermissionsRequestModel.cs Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com> * feat: add Manage property to collection permissions associations, refs AC-1880 * feat: throw if not allowed to send manage property, refs AC-1880 * fix: format, refs AC-1880 * feat: replace ambiguous call for all organizations in cache with specific orgId, refs AC-1880 * feat: move all property assignements back into CollectionAccessSelection init, refs AC-1880 * feat: align bad request messaging, refs AC-1880 --------- Co-authored-by: Daniel James Smith <djsmith@web.de> Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com> Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com> Co-authored-by: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
2026-01-03 09:03:44 +00:00 · 2024-01-22 10:44:33 -06:00
parent e6bb6e1114
commit aeca1722fc
6 changed files with 37 additions and 11 deletions
--- a/src/Api/AdminConsole/Public/Controllers/GroupsController.cs
+++ b/src/Api/AdminConsole/Public/Controllers/GroupsController.cs
@@ -110,8 +110,8 @@ public class GroupsController : Controller
    public async Task<IActionResult> Post([FromBody] GroupCreateUpdateRequestModel model)
    {
        var group = model.ToGroup(_currentContext.OrganizationId.Value);
-        var associations = model.Collections?.Select(c => c.ToCollectionAccessSelection());
        var organization = await _organizationRepository.GetByIdAsync(_currentContext.OrganizationId.Value);
+        var associations = model.Collections?.Select(c => c.ToCollectionAccessSelection(organization.FlexibleCollections));
        await _createGroupCommand.CreateGroupAsync(group, organization, associations);
        var response = new GroupResponseModel(group, associations);
        return new JsonResult(response);
@@ -139,8 +139,8 @@ public class GroupsController : Controller
        }

        var updatedGroup = model.ToGroup(existingGroup);
-        var associations = model.Collections?.Select(c => c.ToCollectionAccessSelection());
        var organization = await _organizationRepository.GetByIdAsync(_currentContext.OrganizationId.Value);
+        var associations = model.Collections?.Select(c => c.ToCollectionAccessSelection(organization.FlexibleCollections));
        await _updateGroupCommand.UpdateGroupAsync(updatedGroup, organization, associations);
        var response = new GroupResponseModel(updatedGroup, associations);
        return new JsonResult(response);
--- a/src/Api/AdminConsole/Public/Controllers/MembersController.cs
+++ b/src/Api/AdminConsole/Public/Controllers/MembersController.cs
@@ -23,6 +23,7 @@ public class MembersController : Controller
    private readonly IUserService _userService;
    private readonly ICurrentContext _currentContext;
    private readonly IUpdateOrganizationUserGroupsCommand _updateOrganizationUserGroupsCommand;
+    private readonly IApplicationCacheService _applicationCacheService;

    public MembersController(
        IOrganizationUserRepository organizationUserRepository,
@@ -30,7 +31,8 @@ public class MembersController : Controller
        IOrganizationService organizationService,
        IUserService userService,
        ICurrentContext currentContext,
-        IUpdateOrganizationUserGroupsCommand updateOrganizationUserGroupsCommand)
+        IUpdateOrganizationUserGroupsCommand updateOrganizationUserGroupsCommand,
+        IApplicationCacheService applicationCacheService)
    {
        _organizationUserRepository = organizationUserRepository;
        _groupRepository = groupRepository;
@@ -38,6 +40,7 @@ public class MembersController : Controller
        _userService = userService;
        _currentContext = currentContext;
        _updateOrganizationUserGroupsCommand = updateOrganizationUserGroupsCommand;
+        _applicationCacheService = applicationCacheService;
    }

    /// <summary>
@@ -119,7 +122,8 @@ public class MembersController : Controller
    [ProducesResponseType(typeof(ErrorResponseModel), (int)HttpStatusCode.BadRequest)]
    public async Task<IActionResult> Post([FromBody] MemberCreateRequestModel model)
    {
-        var associations = model.Collections?.Select(c => c.ToCollectionAccessSelection());
+        var organizationAbility = await _applicationCacheService.GetOrganizationAbilityAsync(_currentContext.OrganizationId.Value);
+        var associations = model.Collections?.Select(c => c.ToCollectionAccessSelection(organizationAbility?.FlexibleCollections ?? false));
        var invite = new OrganizationUserInvite
        {
            Emails = new List<string> { model.Email },
@@ -154,7 +158,8 @@ public class MembersController : Controller
            return new NotFoundResult();
        }
        var updatedUser = model.ToOrganizationUser(existingUser);
-        var associations = model.Collections?.Select(c => c.ToCollectionAccessSelection());
+        var organizationAbility = await _applicationCacheService.GetOrganizationAbilityAsync(_currentContext.OrganizationId.Value);
+        var associations = model.Collections?.Select(c => c.ToCollectionAccessSelection(organizationAbility?.FlexibleCollections ?? false));
        await _organizationService.SaveUserAsync(updatedUser, null, associations, model.Groups);
        MemberResponseModel response = null;
        if (existingUser.UserId.HasValue)