In the `userAcl` function, we build the criteria to do a permission
check, on the permission groups. The query turns out to be something
like this:
```
{policies: {$elemMatch: {permissionGroups: {$in: ["6303edf184daf727dddb003d", "6303edf184daf727dddb003e"]}}}}
```
Where that list of ID strings is the permission group IDs we're trying
to match against.
Now, when the permission group list is empty, we end up with a query
like this:
```
{policies: {$elemMatch: {permissionGroups: {$in: []}}}}
```
Which, is always `false`. It never matches any documents. Behaviour
equivalent to "no permissions".
In this PR, we avoid hitting the DB at all, when `permissionGroups` is
empty, but `permission` is not `null`.
One example where this scenario happens, is the tiny test
`TenantServiceCETest#setMapsKeyWithoutAuthentication`. This leads me to
believe that several API calls are dealing with this case:
All unit and Cypress tests pass on EE, no conflicts and doesn't break
build.
/ok-to-test tags="@tag.All"
<!-- This is an auto-generated comment: Cypress test results -->
> [!TIP]
> 🟢🟢🟢 All cypress tests have passed! 🎉🎉🎉
> Workflow run:
<https://github.com/appsmithorg/appsmith/actions/runs/9243092434>
> Commit: dd7bb14be82b664f6a7fa1be05cca537c8bafdc0
> Cypress dashboard url: <a
href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=9243092434&attempt=2"
target="_blank">Click here!</a>
<!-- end of auto-generated comment: Cypress test results -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Bug Fixes**
- Improved performance by adding conditional checks to prevent
unnecessary database queries when no permission groups are provided.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
ef0d9518f6