bpluser 0.1.19 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 8c08f03aeb2b30a9c376121bb846a875a8017858
-  data.tar.gz: 3cba37e4217227705179c59b1dedb58eb134ed80
+SHA256:
+  metadata.gz: 542e2ec27e1951726cb444ed5fca214b92259c6f789df4833863cdc0613febde
+  data.tar.gz: 76d39f975ba98651d264b6a887650a9b19de73ac078a03d77f244b10687ea0dc
 SHA512:
-  metadata.gz: c12bedf51df1e6704e97955160b05707175d92f1541d82b4a05bcf0c2e6041345c7afb64f289453c3291734233ef324b004688d1619070ecad3d93ff0c58e3a2
-  data.tar.gz: 1fe6280143a5784bc5cc8cf098719e660b6406d9cce0c4adc00b201641760ac853e678e6a7bdaa1fb0e1ed7144b23b64f6e263c930bb273829d39c76cb2cded0
+  metadata.gz: 58203dff5734d2c8756b3e5d83849091e31fb0acc6e19cbe57319a43f471d9f6f5a2bb7264a20c96912ceb5fb803eef03927a53748b366ce371268fd7ab1f362
+  data.tar.gz: 10d8f61f9fcd013c57b2faac5293a12b30ceb0e47042f3f49344a06a6bfec8e70189c39ffcff438a93835e1ff90cfc2b98e99cba37dd3f79ef30afb98bd9da71

data/README.md

@@ -0,0 +1,33 @@
+# Bpluser
+
+[![Build Status](https://travis-ci.com/boston-library/bpluser.svg?branch=master)](https://travis-ci.com/boston-library/bpluser) [![Coverage Status](https://coveralls.io/repos/github/boston-library/bpluser/badge.svg?branch=master)](https://coveralls.io/github/boston-library/bpluser?branch=master)
+
+Rails engine for providing Devise-based user models and functionality for digital repository applications using
+ [CommonwealthVlrEngine](https://github.com/boston-library/commonwealth-vlr-engine).
+
+This includes bookmarks (Blacklight default), custom folders, and saved searches.
+
+# Requirements
+- `ruby >= 2.6.10`
+- `rails ~> 6.0.6`
+- `postgres v12 or higher`
+
+To install, add the following to your Gemfile:
+```ruby
+gem 'bpluser', '~> 0.1.0'
+# OR
+gem 'bpluser', git: 'https://github.com/boston-library/bpluser'
+```
+Then run:
+```
+$ bundle install
+$ rails generate bpluser:install
+```
+
+When updating run
+
+```
+rails bpluser:install:update_migrations
+```
+
+(Note that the installer will ask to overwrite your local `config/locales/devise.en.yml`).

data/Rakefile

@@ -1,15 +1,46 @@
+# frozen_string_literal: true
+
 begin
   require 'bundler/setup'
 rescue LoadError
   puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
 end
 
-APP_RAKEFILE = File.expand_path("spec/dummy/Rakefile", __dir__)
+APP_RAKEFILE = File.expand_path('spec/dummy/Rakefile', __dir__)
 # load rake tasks defined in lib/tasks that are not loaded in lib/active_fedora.rb
 Dir['lib/tasks/*.rake'].each { |rake| load rake }
 
 load 'rails/tasks/engine.rake'
-
 load 'rails/tasks/statistics.rake'
 
-task :default => [:spec]
+begin
+  require 'rubocop/rake_task'
+  RuboCop::RakeTask.new(:rubocop) do |task|
+    task.requires << 'rubocop-rspec'
+    task.requires << 'rubocop-performance'
+    task.requires << 'rubocop-rails'
+    task.fail_on_error = true
+  end
+rescue LoadError
+  task rubocop: :environment do
+    warn 'Rubocop is disabled'
+  end
+end
+
+require 'solr_wrapper'
+require 'solr_wrapper/rake_task'
+
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new
+
+desc 'Lint, spin up Solr, index test docs, run test suite'
+task ci: [:environment, :rubocop] do
+  SolrWrapper.wrap(port: 8984, version: '8.11.2', persist: false) do |solr|
+    solr.with_collection(name: 'blacklight-core', dir: 'spec/dummy/solr/conf/') do
+      system 'RAILS_ENV=test rake app:bpluser:test_index:seed'
+      Rake::Task['spec'].invoke
+    end
+  end
+end
+
+task default: [:ci]

data/app/assets/config/bpluser_manifest.js

@@ -0,0 +1 @@
+//= link bpluser/folder_tools.js

data/app/assets/javascripts/bpluser/folder_tools.js

@@ -0,0 +1,26 @@
+// item actions for folders and bookmarks
+
+$(document).ready ( function () {
+    // remove duplicate buttons from form
+    $('#cite_btn,#email_btn').remove();
+    //  add click event for any checkbox in doc list
+    $(':checkbox[name="selected[]"]').click( function () {
+        addCheckedToURL();
+    });
+
+    // select/unselect all
+    $('#selectAllItems').click( function () {
+        $(':checkbox[name="selected[]"]').prop('checked', this.checked);
+        addCheckedToURL();
+    });
+});
+
+
+// when any checkbox is selected, append the ids of all checked items to url
+function addCheckedToURL () {
+    var checkboxValues = $('[name="selected[]"]:checked').serialize();
+    checkboxValues = checkboxValues.replace(/selected/g,"id");
+    $('#citeLink,#emailLink,#copyLink').attr('href', function(index,previousValue) {
+        return previousValue.replace(/\?.*/,"?" + checkboxValues);
+    });
+}

data/app/controllers/bookmarks_controller.rb

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+class BookmarksController < CatalogController
+  include Blacklight::Bookmarks
+
+  # LOCAL OVERRIDE to render update.js.erb partial when bookmark created
+  def create
+    @bookmarks = params[:bookmarks].present? ? bookmark_params : default_bookmark_params
+
+    current_or_guest_user.save! unless current_or_guest_user.persisted?
+
+    success = @bookmarks.all? do |bookmark|
+      next true if current_or_guest_user.bookmarks.exists?(bookmark)
+
+      begin
+        current_or_guest_user.bookmarks.create!(bookmark)
+        next true
+      rescue ActiveRecord::RecordInvalid
+        break false
+      end
+    end
+
+    if request.xhr?
+      # success ? render(json: { bookmarks: { count: current_or_guest_user.bookmarks.count }}) : render(:text => "", :status => "500")
+      success ? render(:update) : render(plain: '', status: '500')
+    else
+      if @bookmarks.any? && success
+        flash[:notice] = I18n.t('blacklight.bookmarks.add.success', count: @bookmarks.count)
+      elsif @bookmarks.any?
+        flash[:error] = I18n.t('blacklight.bookmarks.add.failure', count: @bookmarks.count)
+      end
+
+      redirect_back fallback_location: bookmarks_path
+    end
+  end
+
+  def folder_item_actions
+    redirect_to action: 'index'
+  end
+
+  private
+
+  def default_bookmark_params
+    [{ document_id: params[:id], document_type: blacklight_config.document_model.to_s }]
+  end
+
+  def bookmark_params
+    params.require(:bookmarks).map { |item_params| item_params.permit(:document_id, :document_type) }
+  end
+end

data/app/controllers/concerns/bpluser/folders_verify_user.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module Bpluser
+  module FoldersVerifyUser
+    # Concern that adds verify_user method for folder related controller endopints t('blacklight.folders.need_login')
+    extend ActiveSupport::Concern
+
+    included do
+      include InstanceMethods
+    end
+
+    module InstanceMethods
+      protected
+
+      def verify_user
+        flash[:notice] = t('blacklight.folders.need_login') and raise Blacklight::Exceptions::AccessDenied unless current_user
+      end
+    end
+  end
+end

data/app/controllers/concerns/bpluser/omniauth_callbacks.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Bpluser
+  module OmniauthCallbacks
+    extend ActiveSupport::Concern
+
+    included do
+      include InstanceMethods
+
+      skip_before_action :verify_authenticity_token, only: :polaris
+    end
+
+    module InstanceMethods
+      def polaris
+        @user = User.find_for_polaris_oauth(request.env['omniauth.auth'])
+
+        if @user.persisted?
+          sign_in_and_redirect @user, event: :authentication
+          set_flash_message(:notice, :success, kind: 'Polaris') if is_navigational_format?
+        else
+          session['devise.polaris_data'] = request.env['omniauth.auth'].except(:extra)
+          redirect_to new_user_registration_url
+        end
+      end
+    end
+  end
+end

data/app/controllers/concerns/bpluser/registrations.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+module Bpluser
+  module Registrations
+    extend ActiveSupport::Concern
+
+    included do
+      include InstanceMethods
+      before_action :configure_permitted_parameters, only: [:create, :update], if: :devise_controller?
+    end
+
+    module InstanceMethods
+      # POST /resource
+      def create
+        if User.exists?(email: sign_up_params[:email])
+          flash[:error] = "An account with that email (#{sign_up_params[:email]}) already exists. Please sign in or click the \"Forgot your password?\" link below."
+          redirect_to new_user_session_path and return
+        end
+
+        super
+      end
+
+      protected
+
+      def configure_permitted_parameters
+        case params[:action]
+        when 'create'
+          devise_parameter_sanitizer.permit(:sign_up, keys: %i[first_name last_name])
+        when 'update'
+          devise_parameter_sanitizer.permit(:account_update, keys: %i[first_name last_name])
+        end
+      end
+    end
+  end
+end

data/app/controllers/concerns/bpluser/saved_searches.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+# copied from Blacklight 6.19.2 -- this feature is no longer provided by Blacklight >= 7
+module Bpluser
+  module SavedSearches
+    extend ActiveSupport::Concern
+
+    included do
+      include Blacklight::Configurable
+      copy_blacklight_config_from(CatalogController)
+      # before_action :require_user_authentication_provider This is deprecated
+      before_action :verify_user
+    end
+
+    def index
+      @searches = current_user.searches
+    end
+
+    def save
+      current_user.searches << searches_from_history.find(params[:id])
+
+      if current_user.save
+        flash[:notice] = t('blacklight.saved_searches.add.success')
+      else
+        flash[:error] = t('blacklight.saved_searches.add.failure')
+      end
+
+      redirect_back fallback_location: saved_searches_path
+    end
+
+    # Only dereferences the user rather than removing the item in case it
+    # is in the session[:history]
+    def forget
+      search = current_user.searches.find(params[:id])
+
+      if search.update(user_id: nil)
+        flash[:notice] = t('blacklight.saved_searches.remove.success')
+      else
+        flash[:error] = t('blacklight.saved_searches.remove.failure')
+      end
+
+      redirect_back fallback_location: saved_searches_path
+    end
+
+    # Only dereferences the user rather than removing the items in case they
+    # are in the session[:history]
+    def clear
+      if current_user.searches.all? { |s| s.update(user_id: nil) } && current_user.save
+        flash[:notice] = t('blacklight.saved_searches.clear.success')
+      else
+        flash[:error] = t('blacklight.saved_searches.clear.failure')
+      end
+      redirect_to saved_searches_url
+    end
+
+    protected
+
+    def verify_user
+      flash[:notice] = t('blacklight.saved_searches.need_login') and raise Blacklight::Exceptions::AccessDenied unless current_user
+    end
+  end
+end

data/app/controllers/folder_items_actions_controller.rb

@@ -0,0 +1,77 @@
+# frozen_string_literal: true
+
+# use to share folder item actions (email, cite, delete) between folders and bookmarks
+class FolderItemsActionsController < ApplicationController
+  def folder_item_actions
+    @folder = Bpluser::Folder.find(params[:id]) if params[:origin] == 'folders'
+    @user = current_or_guest_user
+
+    unless params[:selected]
+      flash[:error] = t('blacklight.folders.update_items.remove.no_items')
+      redirect_back(fallback_location: root_path)
+    end
+
+    items = params[:selected]
+    case params[:commit]
+    # email
+    when t('blacklight.tools.email')
+      redirect_to email_solr_document_path(id: items)
+    # cite
+    when t('blacklight.tools.citation')
+      redirect_to citation_solr_document_path(id: items)
+    # remove
+    when t('blacklight.tools.remove')
+      if params[:origin] == 'folders'
+        if @folder.folder_items.destroy_by(document_id: items)
+          flash[:notice] = t('blacklight.folders.update_items.remove.success')
+        else
+          flash[:error] = t('blacklight.folders.update_items.remove.failure')
+        end
+        redirect_to folder_path(@folder, view_params)
+      else
+        if current_or_guest_user.bookmarks.destroy_by(document_id: items)
+          flash[:notice] = t('blacklight.folders.update_items.remove.success')
+        else
+          flash[:error] = t('blacklight.folders.update_items.remove.failure')
+        end
+        redirect_to bookmarks_path(view_params)
+      end
+    # copy
+    when /#{t('blacklight.tools.copy_to')}/
+      destination = params[:commit].split("#{t('blacklight.tools.copy_to')} ")[1]
+      if destination == t('blacklight.bookmarks.title')
+        success = items.all? do |item_id|
+          next true if current_or_guest_user.bookmarks.exists?(document_id: item_id)
+
+          current_or_guest_user.bookmarks.create(document_id: item_id)
+        end
+      else
+        folder_to_update = current_user.folders.find(destination)
+        success = items.all? do |item_id|
+          next true if folder_to_update.folder_item?(item_id)
+
+          begin
+            folder_to_update.folder_items.create!(document_id: item_id)
+            next true
+          rescue ActiveRecord::RecordInvalid
+            break false
+          end
+        end
+      end
+
+      if success
+        folder_display_name = destination == t('blacklight.bookmarks.title') ? t('blacklight.bookmarks.title') : folder_to_update.title
+        flash[:notice] = t('blacklight.folders.update_items.copy.success', folder_name: folder_display_name)
+      else
+        flash[:error] = t('blacklight.folders.update_items.copy.failure')
+      end
+      redirect_back(fallback_location: root_path)
+    end
+  end
+
+  private
+
+  def view_params
+    params.permit(:sort, :per_page, :view)
+  end
+end

data/app/controllers/folder_items_controller.rb

@@ -0,0 +1,97 @@
+# frozen_string_literal: true
+
+class FolderItemsController < CatalogController
+  include Bpluser::FoldersVerifyUser
+
+  before_action :verify_user
+
+  def create
+    @response, @document = search_service.fetch(params[:id])
+
+    @folder_items = params[:folder_items].present? ? folder_items_params : default_folder_item_params
+
+    success = @folder_items.all? do |f_item|
+      folder_to_update = current_user.folders.find(f_item[:folder_id])
+
+      next true if folder_to_update.folder_item?(f_item[:document_id])
+
+      begin
+        folder_to_update.folder_items.create!(document_id: f_item[:document_id])
+        next true
+      rescue ActiveRecord::RecordInvalid
+        break false
+      end
+    end
+
+    unless request.xhr?
+      if success
+        flash[:notice] = t('blacklight.folder_items.add.success')
+      else
+        flash[:error] = t('blacklight.folder_items.add.failure')
+      end
+    end
+
+    respond_to do |format|
+      format.html { redirect_back(fallback_location: root_path) }
+      format.js
+    end
+  end
+
+  def update
+    create
+  end
+
+  # Beware, :id is the Solr document_id, not the actual Bookmark id.
+  # idempotent, as DELETE is supposed to be.
+  # PRETTY SURE THIS METHOD IS NEVER USED!
+  def destroy
+    @response, @document = search_service.fetch(params[:id])
+    folder_item = current_user.existing_folder_item_for(params[:id])
+
+    Bpluser::FolderItem.find(folder_item.id).destroy
+
+    respond_to do |format|
+      format.html { redirect_back(fallback_location: root_path) }
+      format.js
+    end
+  end
+
+  def clear
+    @folder = current_user.folders.find(params[:id])
+
+    if @folder.folder_items.clear && @folder.save
+      flash[:notice] = t('blacklight.folder_items.clear.success')
+    else
+      flash[:error] = t('blacklight.folder_items.clear.failure')
+    end
+    redirect_to folders_path(@folder)
+  end
+
+  # PRETTY SURE THIS METHOD IS NEVER USED!
+  def delete_selected
+    @folder = Bpluser::Folder.find(params[:id])
+
+    if params[:selected]
+      if @folder.folder_items.destroy_by(document_id: params[:selected])
+        flash[:notice] = t('blacklight.folders.update_items.remove.success')
+      else
+        flash[:error] = t('blacklight.folders.update_items.remove.failure')
+      end
+
+      redirect_to folders_path(@folder)
+    else
+      flash[:error] = t('blacklight.folders.update_items.remove.no_items')
+      redirect_back(fallback_location: root_path)
+    end
+  end
+
+  protected
+
+  def default_folder_item_params
+    [{ document_id: params[:id], folder_id: params[:folder_id] }]
+  end
+
+  def folder_items_params
+    params.require(:folder_items).map { |fi_params| fi_params.permit(:document_id, :folder_id) }
+  end
+end

data/app/controllers/folders_controller.rb

@@ -0,0 +1,100 @@
+# frozen_string_literal: true
+
+class FoldersController < CatalogController
+  ##
+  # Give Bookmarks access to the CatalogController configuration
+  include Blacklight::Configurable
+  include Blacklight::TokenBasedUser
+  include Bpluser::FoldersVerifyUser
+
+  copy_blacklight_config_from(CatalogController)
+
+  # Blacklight uses #search_action_url to figure out the right URL for
+  # the global search box
+  def search_action_url(options = {})
+    search_catalog_url(options.except(:controller, :action))
+  end
+  helper_method :search_action_url
+
+  before_action :verify_user, except: [:index, :show, :public_list]
+  before_action :check_visibility, only: [:show]
+  before_action :correct_user_for_folder, only: [:update, :edit, :destroy]
+
+  blacklight_config.track_search_session = false
+  blacklight_config.http_method = Blacklight::Engine.config.bookmarks_http_method
+
+  def index
+    @folders = current_or_guest_user.folders.with_folder_items if current_or_guest_user
+  end
+
+  def show
+    # @folder is set by correct_user_for_folder
+    @folder_items = @folder.folder_items
+    folder_items_ids = @folder_items.pluck(:document_id)
+    params[:sort] ||= 'title_info_primary_ssort asc, date_start_dtsi asc'
+    @response, @document_list = search_service.fetch(folder_items_ids)
+  end
+
+  def new
+    @folder = current_user.folders.build
+  end
+
+  def edit; end
+
+  def create
+    @folder = current_user.folders.new(folder_params)
+
+    if @folder.save
+      flash[:notice] = t('blacklight.folders.create.success')
+      redirect_to action: 'index'
+    else
+      render action: 'new'
+    end
+  end
+
+  def update
+    # @folder is set by correct_user_for_folder
+    if @folder.update(folder_params)
+      flash[:notice] = t('blacklight.folders.update.success')
+      redirect_to @folder
+    else
+      render action: :edit
+    end
+  end
+
+  def destroy
+    # @folder is set by correct_user_for_folder
+    @folder.destroy
+    flash[:notice] = t('blacklight.folders.delete.success')
+    redirect_to action: 'index'
+  end
+
+  # return a list of publicly visible folders that have items
+  def public_list
+    @folders = Bpluser::Folder.public_list
+  end
+
+  private
+
+  def folder_params
+    params.require(:folder).permit(:title, :description, :visibility)
+  end
+
+  def check_visibility
+    @folder = Bpluser::Folder.with_folder_items.find(params[:id])
+
+    return if @folder&.public?
+
+    correct_user_for_folder
+  end
+
+  def correct_user_for_folder
+    @folder ||= Bpluser::Folder.with_folder_items.find(params[:id])
+
+    if current_or_guest_user
+      flash[:notice] = t('blacklight.folders.private') and redirect_to root_path unless current_or_guest_user.folders.include?(@folder)
+    else
+      flash[:notice] = t('blacklight.folders.private') and redirect_to root_path
+    end
+  end
+end

data/app/controllers/saved_searches_controller.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+class SavedSearchesController < ApplicationController
+  include Bpluser::SavedSearches
+end

data/app/controllers/users/omniauth_callbacks_controller.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Users
+  class OmniauthCallbacksController < Devise::OmniauthCallbacksController
+    include Bpluser::OmniauthCallbacks
+  end
+end

data/app/controllers/users/registrations_controller.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Users
+  class RegistrationsController < Devise::RegistrationsController
+    include Bpluser::Registrations
+  end
+end

data/app/controllers/users/sessions_controller.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+module Users
+  class SessionsController < Devise::SessionsController
+  end
+end

data/app/controllers/users_controller.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+class UsersController < ApplicationController
+  before_action :authenticate_user!, :correct_user, only: [:show]
+
+  # getting some weird intermittent errors where users are being redirected
+  # to '/users' after signup. this is a failsafe last-resort solution
+  def index
+    redirect_to root_path
+  end
+
+  def show
+    respond_to do |format|
+      format.html
+    end
+  end
+
+  protected
+
+  def correct_user
+    @user = User.find(params[:id])
+
+    redirect_to root_path unless current_user == @user
+  end
+end

data/app/helpers/bpluser/folders_helper_behavior.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Bpluser
+  module FoldersHelperBehavior
+    def folder_belongs_to_user(folder)
+      return false if folder.blank?
+
+      current_or_guest_user.folders.include?(folder)
+    end
+  end
+end

data/app/helpers/folders_helper.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module FoldersHelper
+  include Bpluser::FoldersHelperBehavior
+end