curation_concerns 0.1.0 → 0.2.0

data/app/controllers/concerns/curation_concerns/download_behavior.rb

@@ -10,51 +10,65 @@ module CurationConcerns
       end
     end
 
-
-    # Customize the :download ability in your Ability class, or override this method
-    def authorize_download!
-      # authorize! :download, file # can't use this because Hydra::Ability#download_permissions assumes that files are in Basic Container (and thus include the asset's uri)
-      authorize! :read, asset
+    # Render the 404 page if the file doesn't exist.
+    # Otherwise renders the file.
+    def show
+      case file
+      when ActiveFedora::File
+        # For original files that are stored in fedora
+        super
+      when String
+        # For derivatives stored on the local file system
+        response.headers['Accept-Ranges'] = 'bytes'
+        response.headers['Content-Length'] = File.size(file).to_s
+        send_file file, type: mime_type_for(file), disposition: 'inline'
+      else
+        render_404
+      end
     end
 
-    # Overrides Hydra::Controller::DownloadBehavior#load_file, which is hard-coded to assume files are in BasicContainer (PCDM Objects use direct containment)
-    # Override this method to change which file is shown.
-    # Loads the file specified by the HTTP parameter `:file_id`.
-    # If this object does not have a file by that name, return the default file
-    # as returned by {#default_file}
-    # @return [ActiveFedora::File] the file
-    def load_file
-      file_reference = params[:file]
-      # f = asset.attached_files[file_path] if file_path   # can't use this because attached_files assumes basic containment
-      f = asset.send(file_reference) if valid_file_reference?(file_reference)
-      f ||= default_file
-      raise "Unable to find a file for #{asset}" if f.nil?
-      f
-    end
+    protected
 
-    def default_file
-      if asset.class.respond_to?(:default_file_path)
-        default_file_reference = asset.class.default_file_path
-      else
-        default_file_reference = DownloadsController.default_content_path
+      # Customize the :download ability in your Ability class, or override this method
+      def authorize_download!
+        # authorize! :download, file # can't use this because Hydra::Ability#download_permissions assumes that files are in Basic Container (and thus include the asset's uri)
+        authorize! :read, asset
       end
-      if valid_file_reference?(default_file_reference)
-        return asset.send(default_file_reference)
-      else
-        return nil
+
+      # Overrides Hydra::Controller::DownloadBehavior#load_file, which is hard-coded to assume files are in BasicContainer.
+      # Override this method to change which file is shown.
+      # Loads the file specified by the HTTP parameter `:file`.
+      # If this object does not have a file by that name, return the default file
+      # as returned by {#default_file}
+      # @return [ActiveFedora::File, String, NilClass] Returns the file from the repository or a path to a file on the local file system, if it exists.
+      def load_file
+        file_reference = params[:file]
+        return default_file unless file_reference
+
+        file_path = CurationConcerns::DerivativePath.derivative_path_for_reference(asset, file_reference)
+        File.exist?(file_path) ? file_path : nil
+      end
+
+      def default_file
+        if asset.class.respond_to?(:default_file_path)
+          default_file_reference = asset.class.default_file_path
+        else
+          default_file_reference = DownloadsController.default_content_path
+        end
+        association = dereference_file(default_file_reference)
+        association.reader if association
       end
-    end
 
     private
 
-    def valid_file_reference?(file_reference)
-      return false if file_reference.nil?
-      # the second part of this is covering the fact that directly_contains_one isn't implemented yet, so :original_file, :thumbnail,:extracted_text are not singular associations (yet)
-      singular_associations.include?(file_reference.to_sym) || [:original_file, :thumbnail,:extracted_text].include?(file_reference.to_sym)
-    end
+      def mime_type_for(file)
+        MIME::Types.type_for(File.extname(file)).first.content_type
+      end
 
-    def singular_associations
-      asset.association_cache.select {|key,assoc| assoc.kind_of?(ActiveFedora::Associations::SingularAssociation)}.keys
-    end
+      def dereference_file(file_reference)
+        return false if file_reference.nil?
+        association = asset.association(file_reference.to_sym)
+        association if association && association.is_a?(ActiveFedora::Associations::SingularAssociation)
+      end
   end
 end

data/app/controllers/concerns/curation_concerns/embargoes_controller_behavior.rb

@@ -1,44 +1,44 @@
 module CurationConcerns
   module EmbargoesControllerBehavior
     extend ActiveSupport::Concern
+    include CurationConcerns::ManagesEmbargoes
+    include Hydra::Collections::AcceptsBatches
 
     included do
-      skip_before_filter :normalize_identifier, only: :update
+      skip_before_action :normalize_identifier, only: :update
+    end
+
+    def index
+      authorize! :index, Hydra::AccessControls::Embargo
+    end
 
-      def destroy
-        update_files = !curation_concern.under_embargo? # embargo expired
-        remove_embargo(curation_concern)
-        flash[:notice] = curation_concern.embargo_history.last
-        if update_files
-          redirect_to confirm_curation_concerns_permission_path(curation_concern)
-        else
-          redirect_to edit_embargo_path(curation_concern)
-        end
+    # Removes a single embargo
+    def destroy
+      EmbargoActor.new(curation_concern).destroy
+      flash[:notice] = curation_concern.embargo_history.last
+      if curation_concern.work? && curation_concern.file_sets.present?
+        redirect_to confirm_curation_concerns_permission_path(curation_concern)
+      else
+        redirect_to edit_embargo_path(curation_concern)
       end
+    end
 
-      def update
-        filter_docs_with_edit_access!
-        copy_visibility = params[:embargoes].values.map { |h| h[:copy_visibility] }
-        batch.each do |id|
-          ActiveFedora::Base.find(id).tap do |curation_concern|
-            remove_embargo(curation_concern)
-            curation_concern.copy_visibility_to_files if copy_visibility.include?(id)
-          end
-        end
-        redirect_to embargoes_path
+    # Updates a batch of embargos
+    def update
+      filter_docs_with_edit_access!
+      copy_visibility = params[:embargoes].values.map { |h| h[:copy_visibility] }
+      ActiveFedora::Base.find(batch).each do |curation_concern|
+        EmbargoActor.new(curation_concern).destroy
+        curation_concern.copy_visibility_to_files if copy_visibility.include?(curation_concern.id)
       end
+      redirect_to embargoes_path
     end
 
     protected
 
-    def _prefixes
-      # This allows us to use the unauthorized template in curation_concerns/base
-      @_prefixes ||= super + ['curation_concerns/base']
-    end
-    def remove_embargo(work)
-      work.embargo_visibility! # If the embargo has lapsed, update the current visibility.
-      work.deactivate_embargo!
-      work.save
-    end
+      def _prefixes
+        # This allows us to use the unauthorized template in curation_concerns/base
+        @_prefixes ||= super + ['curation_concerns/base']
+      end
   end
 end

data/app/controllers/concerns/curation_concerns/file_sets_controller_behavior.rb

@@ -0,0 +1,198 @@
+module CurationConcerns
+  module FileSetsControllerBehavior
+    extend ActiveSupport::Concern
+
+    included do
+      include CurationConcerns::ThemedLayoutController
+      with_themed_layout '1_column'
+      load_and_authorize_resource class: ::FileSet, except: :show
+      helper_method :curation_concern
+      include CurationConcerns::ParentContainer
+      include Blacklight::Base
+      include Hydra::Controller::SearchBuilder
+      copy_blacklight_config_from(::CatalogController)
+    end
+
+    def curation_concern
+      @file_set
+    end
+
+    # routed to /files/new
+    def new
+    end
+
+    # routed to /files/:id/edit
+    def edit
+      @groups = current_user.groups
+    end
+
+    # routed to /files (POST)
+    def create
+      create_from_upload(params)
+    end
+
+    def create_from_upload(params)
+      # check error condition No files
+      return render_json_response(response_type: :bad_request, options: { message: 'Error! No file to save' }) unless params.key?(:file_set) && params.fetch(:file_set).key?(:files)
+
+      file = params[:file_set][:files].detect { |f| f.respond_to?(:original_filename) }
+      if !file
+        render_json_response(response_type: :bad_request, options: { message: 'Error! No file for upload', description: 'unknown file' })
+      elsif empty_file?(file)
+        render_json_response(response_type: :unprocessable_entity, options: { errors: { files: "#{file.original_filename} has no content! (Zero length file)" }, description: t('curation_concerns.api.unprocessable_entity.empty_file') })
+      else
+        process_file(file)
+      end
+    rescue RSolr::Error::Http => error
+      logger.error "FileSetController::create rescued #{error.class}\n\t#{error}\n #{error.backtrace.join("\n")}\n\n"
+      render_json_response(response_type: :internal_error, options: { message: 'Error occurred while creating generic file.' })
+    ensure
+      # remove the tempfile (only if it is a temp file)
+      file.tempfile.delete if file.respond_to?(:tempfile)
+    end
+
+    # routed to /files/:id
+    def show
+      respond_to do |wants|
+        wants.html do
+          _, document_list = search_results(params, [:add_access_controls_to_solr_params, :find_one, :only_file_sets])
+          curation_concern = document_list.first
+          raise CanCan::AccessDenied unless curation_concern
+          @presenter = show_presenter.new(curation_concern, current_ability)
+        end
+        wants.json do
+          # load and authorize @curation_concern manually because it's skipped for html
+          @file_set = curation_concern_type.load_instance_from_solr(params[:id]) unless curation_concern
+          authorize! :show, @file_set
+          render :show, status: :ok
+        end
+        additional_response_formats(wants)
+      end
+    end
+
+    # Gives the class of the show presenter. Override this if you want
+    # to use a different presenter.
+    def show_presenter
+      CurationConcerns::FileSetPresenter
+    end
+
+    def destroy
+      actor.destroy
+      redirect_to [main_app, :curation_concerns, @file_set.in_works.first], notice: 'The file has been deleted.'
+    end
+
+    # routed to /files/:id (PUT)
+    def update
+      success = if wants_to_revert?
+                  actor.revert_content(params[:revision])
+                elsif params.key?(:file_set)
+                  if params[:file_set].key?(:files)
+                    actor.update_content(params[:file_set][:files].first)
+                  else
+                    update_metadata
+                  end
+                end
+      if success
+        respond_to do |wants|
+          wants.html do
+            redirect_to [main_app, :curation_concerns, @file_set], notice:
+                                                                         "The file #{view_context.link_to(@file_set, [main_app, :curation_concerns, @file_set])} has been updated."
+          end
+          wants.json { render :show, status: :ok, location: polymorphic_path([main_app, :curation_concerns, @file_set]) }
+        end
+      else
+        respond_to do |wants|
+          wants.html { render 'edit', status: :unprocessable_entity }
+          wants.json { render_json_response(response_type: :unprocessable_entity, options: { errors: @file_set.errors }) }
+        end
+      end
+    rescue RSolr::Error::Http => error
+      flash[:error] = error.message
+      logger.error "FileSetsController::update rescued #{error.class}\n\t#{error.message}\n #{error.backtrace.join("\n")}\n\n"
+      render action: 'edit'
+    end
+
+    def versions
+      @version_list = version_list
+    end
+
+    # this is provided so that implementing application can override this behavior and map params to different attributes
+    def update_metadata
+      file_attributes = CurationConcerns::Forms::FileSetEditForm.model_attributes(attributes)
+      actor.update_metadata(file_attributes)
+    end
+
+    protected
+
+      # Override this method to add additional response
+      # formats to your local app
+      def additional_response_formats(_)
+        # nop
+      end
+
+      def file_set_params
+        params.require(:file_set).permit(
+          :visibility_during_embargo, :embargo_release_date, :visibility_after_embargo, :visibility_during_lease, :lease_expiration_date, :visibility_after_lease, :visibility, title: [])
+      end
+
+      def version_list
+        CurationConcerns::VersionListPresenter.new(@file_set.original_file.versions.all)
+      end
+
+      def wants_to_revert?
+        params.key?(:revision) && params[:revision] != @file_set.latest_content_version.label
+      end
+
+      def actor
+        @actor ||= ::CurationConcerns::FileSetActor.new(@file_set, current_user)
+      end
+
+      def attributes
+        # params.fetch(:file_set, {}).dup  # use a copy of the hash so that original params stays untouched when interpret_visibility modifies things
+        params.fetch(:file_set, {}).except(:files).permit!.dup # use a copy of the hash so that original params stays untouched when interpret_visibility modifies things
+      end
+
+      def _prefixes
+        # This allows us to use the unauthorized and form_permission template in curation_concerns/base
+        @_prefixes ||= super + ['curation_concerns/base']
+      end
+
+      def empty_file?(file)
+        (file.respond_to?(:tempfile) && file.tempfile.size == 0) || (file.respond_to?(:size) && file.size == 0)
+      end
+
+      def process_file(file)
+        update_metadata_from_upload_screen
+        parent = ActiveFedora::Base.find(parent_id)
+        actor.create_metadata(params[:upload_set_id], parent, params[:file_set])
+        if actor.create_content(file)
+          respond_to do |format|
+            format.html do
+              if request.xhr?
+                render 'jq_upload', formats: 'json', content_type: 'text/html'
+              else
+                redirect_to [main_app, :curation_concerns, @file_set.in_works.first]
+              end
+            end
+            format.json do
+              render 'jq_upload', status: :created, location: polymorphic_path([main_app, :curation_concerns, curation_concern])
+            end
+          end
+        else
+          msg = @file_set.errors.full_messages.join(', ')
+          flash[:error] = msg
+          json_error "Error creating generic file: #{msg}"
+        end
+      end
+
+      # this is provided so that implementing application can override this behavior and map params to different attributes
+      def update_metadata_from_upload_screen
+        # Relative path is set by the jquery uploader when uploading a directory
+        @file_set.relative_path = params[:relative_path] if params[:relative_path]
+      end
+
+      def curation_concern_type
+        ::FileSet
+      end
+  end
+end

data/app/controllers/concerns/curation_concerns/leases_controller_behavior.rb

@@ -1,36 +1,43 @@
 module CurationConcerns
   module LeasesControllerBehavior
     extend ActiveSupport::Concern
+    include CurationConcerns::ManagesEmbargoes
+    include Hydra::Collections::AcceptsBatches
 
     included do
-      skip_before_filter :normalize_identifier, only: :update
+      skip_before_action :normalize_identifier, only: :update
+    end
+
+    def index
+      authorize! :index, Hydra::AccessControls::Lease
+    end
 
-      def destroy
-        curation_concern.lease_visibility! # If the lease has lapsed, update the current visibility.
-        curation_concern.deactivate_lease!
-        saved = curation_concern.save
-        CurationConcerns.queue.push(VisibilityCopyWorker.new(curation_concern.id)) if saved
-        flash[:notice] = curation_concern.lease_history.last
+    # Removes a single lease
+    def destroy
+      LeaseActor.new(curation_concern).destroy
+      flash[:notice] = curation_concern.lease_history.last
+      if curation_concern.work? && curation_concern.file_sets.present?
+        redirect_to confirm_curation_concerns_permission_path(curation_concern)
+      else
         redirect_to edit_lease_path(curation_concern)
       end
+    end
 
-      def update
-        filter_docs_with_edit_access!
-        batch.each do |id|
-          ActiveFedora::Base.find(id).tap do |curation_concern|
-            curation_concern.deactivate_lease!
-            curation_concern.save
-          end
-        end
-        redirect_to leases_path
+    def update
+      filter_docs_with_edit_access!
+      copy_visibility = params[:leases].values.map { |h| h[:copy_visibility] }
+      ActiveFedora::Base.find(batch).each do |curation_concern|
+        LeaseActor.new(curation_concern).destroy
+        curation_concern.copy_visibility_to_files if copy_visibility.include?(curation_concern.id)
       end
+      redirect_to leases_path
     end
 
     protected
 
-    def _prefixes
-      # This allows us to use the unauthorized template in curation_concerns/base
-      @_prefixes ||= super + ['curation_concerns/base']
-    end
+      def _prefixes
+        # This allows us to use the unauthorized template in curation_concerns/base
+        @_prefixes ||= super + ['curation_concerns/base']
+      end
   end
 end

data/app/controllers/concerns/curation_concerns/manages_embargoes.rb

@@ -9,15 +9,10 @@ module CurationConcerns
       attr_accessor :curation_concern
       helper_method :curation_concern
       load_and_authorize_resource class: ActiveFedora::Base, instance_name: :curation_concern
-
-      def deny_access(exception)
-        redirect_to root_path, alert: exception.message
-      end
     end
 
-
-    def index
-      authorize! :discover, :embargo
+    def deny_access(exception)
+      redirect_to root_path, alert: exception.message
     end
 
     def edit

data/app/controllers/concerns/curation_concerns/parent_container.rb

@@ -6,18 +6,35 @@ module CurationConcerns::ParentContainer
     # before_filter :authorize_edit_parent_rights!, except: [:show]  # Not sure we actually want this enforced any more (was originally in worthwhile), especially since GenericFiles and GenericWorks (which are PCDM::Objects)can belong to multiple parents
   end
 
+  # TODO: this is slow, refactor to return a Presenter (fetch from solr)
   def parent
-    @parent ||= new_or_create? ? ActiveFedora::Base.find(parent_id) : curation_concern.parent_objects.first  # parent_objects method is inherited from Hydra::PCDM::ObjectBehavior
+    @parent ||= new_or_create? ? find_parent_by_id : lookup_parent_from_child
+  end
+
+  def find_parent_by_id
+    ActiveFedora::Base.find(parent_id)
+  end
+
+  def lookup_parent_from_child
+    if curation_concern
+      # in_objects method is inherited from Hydra::PCDM::ObjectBehavior
+      curation_concern.in_objects.first
+    elsif @presenter
+
+      CurationConcerns::ParentService.parent_for(@presenter.id)
+    else
+      raise "no child"
+    end
   end
 
   def parent_id
-    @parent_id ||= new_or_create? ? params[:parent_id] : curation_concern.generic_works.parent_objects.first.id
+    @parent_id ||= new_or_create? ? params[:parent_id] : curation_concern.generic_works.in_objects.first.id
   end
 
   protected
 
     def new_or_create?
-      ['create', 'new'].include? action_name
+      %w(create new).include? action_name
     end
 
     def namespaced_parent_id
@@ -29,5 +46,4 @@ module CurationConcerns::ParentContainer
     def authorize_edit_parent_rights!
       authorize! :edit, parent_id
     end
-
 end

data/app/controllers/concerns/curation_concerns/single_use_links_controller_behavior.rb

@@ -0,0 +1,48 @@
+module CurationConcerns
+  module SingleUseLinksControllerBehavior
+    extend ActiveSupport::Concern
+    included do
+      before_action :authenticate_user!
+      before_action :authorize_user!
+      # Catch permission errors
+      rescue_from Hydra::AccessDenied, CanCan::AccessDenied do |exception|
+        if current_user && current_user.persisted?
+          redirect_to main_app.root_url, alert: "You do not have sufficient privileges to create links to this document"
+        else
+          session["user_return_to"] = request.url
+          redirect_to new_user_session_url, alert: exception.message
+        end
+      end
+    end
+
+    def new_download
+      @su = SingleUseLink.create itemId: params[:id], path: main_app.download_path(id: asset)
+      @link = curation_concerns.download_single_use_link_path(@su.downloadKey)
+
+      respond_to do |format|
+        format.html
+        format.js { render js: @link }
+      end
+    end
+
+    def new_show
+      @su = SingleUseLink.create itemId: params[:id], path: polymorphic_path([main_app, :curation_concerns, asset])
+      @link = curation_concerns.show_single_use_link_path(@su.downloadKey)
+
+      respond_to do |format|
+        format.html
+        format.js { render js: @link }
+      end
+    end
+
+    protected
+
+      def authorize_user!
+        authorize! :edit, asset
+      end
+
+      def asset
+        @asset ||= ActiveFedora::Base.load_instance_from_solr(params[:id])
+      end
+  end
+end

data/app/controllers/concerns/curation_concerns/single_use_links_viewer_controller_behavior.rb

@@ -0,0 +1,75 @@
+module CurationConcerns
+  module SingleUseLinksViewerControllerBehavior
+    extend ActiveSupport::Concern
+    include CurationConcerns::DownloadBehavior
+    include Blacklight::Base
+    include Hydra::Controller::SearchBuilder
+
+    included do
+      include ActionDispatch::Routing::PolymorphicRoutes
+
+      skip_before_action :authorize_download!, only: :show
+      rescue_from CurationConcerns::SingleUseError, with: :render_single_use_error
+      rescue_from CanCan::AccessDenied, with: :render_single_use_error
+      rescue_from ActiveRecord::RecordNotFound, with: :render_single_use_error
+      class_attribute :presenter_class
+      self.presenter_class = CurationConcerns::FileSetPresenter
+      copy_blacklight_config_from(::CatalogController)
+    end
+
+    def download
+      raise not_found_exception unless single_use_link.path == main_app.download_path(id: @asset)
+      send_content
+    end
+
+    def show
+      _, document_list = search_results({ id: single_use_link.itemId }, [:find_one])
+      curation_concern = document_list.first
+
+      # Authorize using SingleUseLinksViewerController::Ability
+      authorize! :read, curation_concern
+
+      raise not_found_exception unless single_use_link.path == polymorphic_path([main_app, :curation_concerns, curation_concern])
+
+      # show the file
+      @presenter = presenter_class.new(curation_concern, current_ability)
+
+      # create a dowload link that is single use for the user since we do not just want to show metadata we want to access it too
+      @su = single_use_link.create_for_path main_app.download_path(curation_concern.id)
+      @download_link = curation_concerns.download_single_use_link_path(@su.downloadKey)
+    end
+
+    protected
+
+      # This is called in a before filter. It causes @asset to be set.
+      def authorize_download!
+        authorize! :read, asset
+      end
+
+      def single_use_link
+        @single_use_link ||= SingleUseLink.find_by_downloadKey!(params[:id])
+      end
+
+      def not_found_exception
+        CurationConcerns::SingleUseError.new('Single-Use Link Not Found')
+      end
+
+      def asset
+        @asset ||= ActiveFedora::Base.find(single_use_link.itemId)
+      end
+
+      def current_ability
+        @current_ability ||= SingleUseLinksViewerController::Ability.new current_user, single_use_link
+      end
+
+      def render_single_use_error(exception)
+        logger.error("Rendering PAGE due to exception: #{exception.inspect} - #{exception.backtrace if exception.respond_to? :backtrace}")
+        render template: '/error/single_use_error', layout: "error", formats: [:html], status: 404
+      end
+
+      def _prefixes
+        # This allows us to use the attributes templates in curation_concerns/base
+        @_prefixes ||= super + ['curation_concerns/base']
+      end
+  end
+end

data/app/controllers/concerns/curation_concerns/themed_layout_controller.rb

@@ -27,5 +27,4 @@ module CurationConcerns::ThemedLayoutController
   def show_site_search?
     true
   end
-
 end

data/app/controllers/concerns/curation_concerns/upload_sets_controller_behavior.rb

@@ -0,0 +1,38 @@
+module CurationConcerns
+  module UploadSetsControllerBehavior
+    extend ActiveSupport::Concern
+    include Hydra::Controller::ControllerBehavior
+
+    included do
+      include CurationConcerns::ThemedLayoutController
+      with_themed_layout '1_column'
+
+      class_attribute :edit_form_class
+      self.edit_form_class = CurationConcerns::Forms::FileSetEditForm
+    end
+
+    def edit
+      @upload_set = UploadSet.find_or_create(params[:id])
+      @form = edit_form
+    end
+
+    def update
+      authenticate_user!
+      @upload_set = UploadSet.find_or_create(params[:id])
+      @upload_set.status = ["processing"]
+      @upload_set.save
+      file_attributes = edit_form_class.model_attributes(params[:file_set])
+      UploadSetUpdateJob.perform_later(current_user.user_key, params[:id], params[:title], file_attributes, params[:visibility])
+      flash[:notice] = 'Your files are being processed by ' + t('curation_concerns.product_name') + ' in the background. The metadata and access controls you specified are being applied. Files will be marked <span class="label label-danger" title="Private">Private</span> until this process is complete (shouldn\'t take too long, hang in there!). You may need to refresh your dashboard to see these updates.'
+
+      redirect_to main_app.curation_concerns_generic_works_path
+    end
+
+    protected
+
+      def edit_form
+        file_set = ::FileSet.new(creator: [current_user.user_key], title: @upload_set.file_sets.map(&:label))
+        edit_form_class.new(file_set)
+      end
+  end
+end