RubyGems - blacklight-access_controls - Versions diffs - 0.4.1 → 0.5.0 - Mend

blacklight-access_controls 0.4.1 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/VERSION +1 -1
data/lib/blacklight/access_controls/enforcement.rb +9 -7
data/spec/unit/enforcement_spec.rb +16 -38
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ffbb2c368a44b27a8f4f2f2d8a1dcaf9e852d1d2
-  data.tar.gz: 8bbce1c96b6dc86e87bdc34e0ee0fb38d3fd1a29
+  metadata.gz: df1f39af20b67cfc2e2c67c604b555349db0974f
+  data.tar.gz: fff1a1c47059217f4469cc263407787f12a66cd4
 SHA512:
-  metadata.gz: 609ee8e41330854b9e56b63739244696f50d2caf110117cf6581b974ad25a4e5526e9aebece6d51774f81c816cda17fbaa6ef5d9b1eb6db375eacf817125b751
-  data.tar.gz: dab7487a3bb03d5bd9133f91e9a4cb1650e43a371adf08fdd22d8ff961619c8629aeb1f7174f2f11cdf1455649d275bf669c981b12cfe224de25283bb163f4a7
+  metadata.gz: 4744d9de092e65196a7a3a7be04981496fff4277eb2fb48cfad7efb14ae2b6878c14562cd40149e95b812c2b7c28e8c97e6ac56ea92600281a6482bdbe541fb3
+  data.tar.gz: a42057263e9c5cd3fe599f4f833b0a18b0a26891fd0f31f64bd4d38ce39ec7043d0a6c590a9543477ff67e2e5cf00488c321c309b8e4364b93e3fc1be32926e4

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 0.4.1
1	+ 0.5.0

data/lib/blacklight/access_controls/enforcement.rb CHANGED Viewed

@@ -68,13 +68,12 @@ module Blacklight
       def apply_group_permissions(permission_types, ability = current_ability)
         # for groups
-        user_access_filters = []
-        ability.user_groups.each_with_index do |group, i|
-          permission_types.each do |type|
-            user_access_filters << escape_filter(solr_field_for(type, 'group'), group)
-          end
+        permission_types.map do |type|
+          field = solr_field_for(type, 'group')
+          groups = ability.user_groups.map { |g| escape_value(g) }
+          # The parens are required to properly OR the cases together.
+          "({!terms f=#{field}}#{groups.join(',')})"
         end
-        user_access_filters
       end
       def apply_user_permissions(permission_types, ability = current_ability)
@@ -97,9 +96,12 @@ module Blacklight
       end
       def escape_filter(key, value)
-        [key, value.gsub(/[ :\/]/, ' ' => '\ ', '/' => '\/', ':' => '\:')].join(':')
+        [key, escape_value(value)].join(':')
       end
+      def escape_value(value)
+        RSolr.solr_escape(value).gsub(/ /, '\ ')
+      end
     end
   end
 end

data/spec/unit/enforcement_spec.rb CHANGED Viewed

@@ -27,7 +27,7 @@ describe Blacklight::AccessControls::Enforcement do
       end
       it "Then I should be treated as a member of the 'public' group" do
-        expect(@solr_parameters[:fq].first).to eq 'discover_access_group_ssim:public OR read_access_group_ssim:public'
+        expect(@solr_parameters[:fq].first).to eq '({!terms f=discover_access_group_ssim}public) OR ({!terms f=read_access_group_ssim}public)'
       end
       it "Then I should not be treated as a member of the 'registered' group" do
@@ -46,26 +46,16 @@ describe Blacklight::AccessControls::Enforcement do
         subject.send(:apply_gated_discovery, @solr_parameters)
       end
-      it "Then I should be treated as a member of the 'public' and 'registered' groups" do
-        ["discover","read"].each do |type|
-          expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:public/)
-          expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:registered/)
-        end
+      it "searches for my groups" do
+        expect(@solr_parameters[:fq].first).to match(%r{\{!terms f=discover_access_group_ssim\}public,faculty,africana\\-faculty,registered})
+        expect(@solr_parameters[:fq].first).to match(%r{\{!terms f=read_access_group_ssim\}public,faculty,africana\\-faculty,registered})
       end
-      it "Then I should see assets that I have discover or read access to" do
+      it "searches for my user key" do
         ["discover","read"].each do |type|
           expect(@solr_parameters[:fq].first).to match(/#{type}_access_person_ssim\:#{user.user_key}/)
         end
       end
-      it "Then I should see assets that my groups have discover or read access to" do
-        ["faculty", "africana-faculty"].each do |group_id|
-          ["discover","read"].each do |type|
-            expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:#{group_id}/)
-          end
-        end
-      end
     end
   end
@@ -99,44 +89,35 @@ describe Blacklight::AccessControls::Enforcement do
     before do
       @solr_parameters = {}
+      subject.send(:apply_gated_discovery, @solr_parameters)
     end
     it "sets query fields for the user id checking against the discover, read fields" do
-      subject.send(:apply_gated_discovery, @solr_parameters)
       ["discover","read"].each do |type|
         expect(@solr_parameters[:fq].first).to match(/#{type}_access_person_ssim\:#{user.user_key}/)
       end
     end
-    it "sets query fields for all roles the user is a member of checking against the discover, read fields" do
-      subject.send(:apply_gated_discovery, @solr_parameters)
-      ["discover","read"].each do |type|
-        expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:archivist/)
-        expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:researcher/)
-      end
+    it "queries roles the user is a member of checking against the discover, read fields" do
+      expect(@solr_parameters[:fq].first).to match(%r{\{!terms f=discover_access_group_ssim\}public,archivist,researcher,registered})
+      expect(@solr_parameters[:fq].first).to match(%r{\{!terms f=read_access_group_ssim\}public,archivist,researcher,registered})
     end
     context 'slashes in the group names' do
       let(:groups) { ["abc/123","cde/567"] }
       it "should escape slashes" do
-        subject.send(:apply_gated_discovery, @solr_parameters)
-        ["discover","read"].each do |type|
-          expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:abc\\\/123/)
-            expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:cde\\\/567/)
-        end
+        expect(@solr_parameters[:fq].first).to match(%r{\{!terms f=discover_access_group_ssim\}public,abc\\/123,cde\\/567,registered})
+        expect(@solr_parameters[:fq].first).to match(%r{\{!terms f=read_access_group_ssim\}public,abc\\/123,cde\\/567,registered})
       end
     end
     context 'spaces in the group names' do
       let(:groups) { ["abc 123","cd/e 567"] }
-      it "should escape spaces" do
-        subject.send(:apply_gated_discovery, @solr_parameters)
-        ["discover","read"].each do |type|
-          expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:abc\\ 123/)
-            expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:cd\\\/e\\ 567/)
-        end
+      it "escapes spaces in group names" do
+        expect(@solr_parameters[:fq].first).to match(%r{\{!terms f=discover_access_group_ssim\}public,abc\\ 123,cd\\/e\\ 567,registered})
+        expect(@solr_parameters[:fq].first).to match(%r{\{!terms f=read_access_group_ssim\}public,abc\\ 123,cd\\/e\\ 567,registered})
       end
     end
@@ -144,11 +125,8 @@ describe Blacklight::AccessControls::Enforcement do
       let(:groups) { ["abc:123","cde:567"] }
       it "should escape colons" do
-        subject.send(:apply_gated_discovery, @solr_parameters)
-        ["discover","read"].each do |type|
-          expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:abc\\:123/)
-            expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:cde\\:567/)
-        end
+        expect(@solr_parameters[:fq].first).to match(%r{\{!terms f=discover_access_group_ssim\}public,abc\\:123,cde\\:567,registered})
+        expect(@solr_parameters[:fq].first).to match(%r{\{!terms f=read_access_group_ssim\}public,abc\\:123,cde\\:567,registered})
       end
     end
   end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: blacklight-access_controls
 version: !ruby/object:Gem::Version
-  version: 0.4.1
+  version: 0.5.0
 platform: ruby
 authors:
 - Chris Beer