ddr-models 2.0.0.pre.3 → 2.0.0.pre.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/lib/ddr/auth/ability_definitions/role_based_ability_definitions.rb +2 -6
  3. data/lib/ddr/auth/role_based_access_controls_enforcement.rb +5 -0
  4. data/lib/ddr/models/has_admin_metadata.rb +4 -6
  5. data/lib/ddr/models/solr_document.rb +4 -4
  6. data/lib/ddr/models/version.rb +1 -1
  7. data/spec/auth/ability_spec.rb +3 -3
  8. data/spec/models/solr_document_spec.rb +0 -14
  9. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 8f7801ca7ccbd206fbcbf14c003e94e96ec27bd8
4
- data.tar.gz: aa257065eb2e5633013edde3fbf9dc129c15a797
3
+ metadata.gz: edec71f33dfe1094a8745e65ee9442145fff93c8
4
+ data.tar.gz: 4d4e93ebac4f35bdf3acd49b64feb90e6be9b7e5
5
5
  SHA512:
6
- metadata.gz: bf466708eec60b41361dee92ece57b90628f6942e6ac6719f4b804ad90e79fa99861de1d3554b217858bc7018f527ff5f0958acca26d4e371871d313913ca4f4
7
- data.tar.gz: 7c411fd9230412b7d90498125fdadb2e0768192261628dc09e7400927776043af9943b2c4f267cdc9697f714e0d27ce63ab918b4ec62e3f4d0d61c9e077bbeae
6
+ metadata.gz: d1f66ebd01130976ee83afdbf334058592da001d2616d566b2c874ed5ef5b60e2a832d13935b3f49552ec2e3feb859878a85561eb598c3bb828cb322dd9a5109
7
+ data.tar.gz: d88b98a85c9d7496530d07ee79ea036dbd58256b83667f701b688195a46186bfbd1c376890eac921441e232aa13c7d93e639c087a3cd298daff35aef12ee00fd
data/lib/ddr/auth/ability_definitions/role_based_ability_definitions.rb CHANGED
@@ -20,19 +20,15 @@ module Ddr
20
20
  case obj
21
21
  when Ddr::Models::Base, SolrDocument
22
22
  cached_permissions obj.pid do
23
- effective_permissions obj
23
+ obj.effective_permissions(agents)
24
24
  end
25
25
  when String
26
26
  cached_permissions obj do
27
- effective_permissions permissions_doc(obj)
27
+ permissions_doc(obj).effective_permissions(agents)
28
28
  end
29
29
  end
30
30
  end
31
31
 
32
- def effective_permissions(obj)
33
- EffectivePermissions.call(obj, agents)
34
- end
35
-
36
32
  def cached_permissions(pid, &block)
37
33
  cache[pid] ||= block.call
38
34
  end
data/lib/ddr/auth/role_based_access_controls_enforcement.rb CHANGED
@@ -46,6 +46,11 @@ module Ddr
46
46
  [resource_role_filters, policy_role_filters].compact
47
47
  end
48
48
 
49
+ # Overrides Hydra::AccessControlsEnforcement
50
+ def enforce_show_permissions
51
+ authorize! :read, params[:id]
52
+ end
53
+
49
54
  end
50
55
  end
51
56
  end
data/lib/ddr/models/has_admin_metadata.rb CHANGED
@@ -1,3 +1,5 @@
1
+ require "resque"
2
+
1
3
  module Ddr
2
4
  module Models
3
5
  module HasAdminMetadata
@@ -50,12 +52,8 @@ module Ddr
50
52
  roles.grant *(other.roles.in_resource_scope)
51
53
  end
52
54
 
53
- def inherited_roles
54
- Ddr::Auth::InheritedRoles.call(self)
55
- end
56
-
57
- def effective_roles
58
- Ddr::Auth::EffectiveRoles.call(self)
55
+ def effective_permissions(agents)
56
+ Ddr::Auth::EffectivePermissions.call(self, agents)
59
57
  end
60
58
 
61
59
  private
data/lib/ddr/models/solr_document.rb CHANGED
@@ -106,10 +106,6 @@ module Ddr
106
106
  end
107
107
  alias_method :title_display, :title # duck-type Ddr::Models::Base
108
108
 
109
- def principal_has_role?(principal, role)
110
- (Array(self["admin_metadata__#{role}_ssim"]) & Array(principal)).any?
111
- end
112
-
113
109
  def identifier
114
110
  # We want the multivalued version here
115
111
  get(ActiveFedora::SolrService.solr_name(:identifier, :stored_searchable, type: :text))
@@ -226,6 +222,10 @@ module Ddr
226
222
  struct_maps.present? ? struct_maps.fetch(type) : nil
227
223
  end
228
224
 
225
+ def effective_permissions(agents)
226
+ Ddr::Auth::EffectivePermissions.call(self, agents)
227
+ end
228
+
229
229
  private
230
230
 
231
231
  def targets_query
data/lib/ddr/models/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Ddr
2
2
  module Models
3
- VERSION = "2.0.0.pre.3"
3
+ VERSION = "2.0.0.pre.4"
4
4
  end
5
5
  end
data/spec/auth/ability_spec.rb CHANGED
@@ -146,7 +146,7 @@ module Ddr::Auth
146
146
  describe "when permissions are cached" do
147
147
  before { subject.cache[cache_key] = [ Permissions::READ ] }
148
148
  it "should use the cached permissions" do
149
- expect_any_instance_of(RoleBasedAbilityDefinitions).not_to receive(:effective_permissions)
149
+ expect(perm_obj).not_to receive(:effective_permissions)
150
150
  expect(subject).to be_able_to(:read, obj)
151
151
  expect(subject).not_to be_able_to(:edit, obj)
152
152
  end
@@ -154,7 +154,7 @@ module Ddr::Auth
154
154
  describe "when permissions are not cached" do
155
155
  describe "and user context has role based permission" do
156
156
  before do
157
- allow_any_instance_of(RoleBasedAbilityDefinitions).to receive(:effective_permissions).with(perm_obj) do
157
+ allow(perm_obj).to receive(:effective_permissions) do
158
158
  [ Permissions::UPDATE ]
159
159
  end
160
160
  end
@@ -162,7 +162,7 @@ module Ddr::Auth
162
162
  end
163
163
  describe "and user context does not have role based permission" do
164
164
  before do
165
- allow_any_instance_of(RoleBasedAbilityDefinitions).to receive(:effective_permissions).with(perm_obj) do
165
+ allow(perm_obj).to receive(:effective_permissions) do
166
166
  [ Permissions::READ ]
167
167
  end
168
168
  end
data/spec/models/solr_document_spec.rb CHANGED
@@ -15,20 +15,6 @@ RSpec.describe SolrDocument, type: :model do
15
15
  end
16
16
  end
17
17
 
18
- describe "#principal_has_role?" do
19
- before { subject["admin_metadata__role_ssim"] = [ "inst.faculty", "inst.staff", "inst.student" ] }
20
- context "user does not have role" do
21
- it "should return false" do
22
- expect(subject.principal_has_role?([ "registered" ], "role")).to be false
23
- end
24
- end
25
- context "user does have role" do
26
- it "should return true" do
27
- expect(subject.principal_has_role?([ "inst.staff" ], "role")).to be true
28
- end
29
- end
30
- end
31
-
32
18
  describe "#permanent_id" do
33
19
  before { subject[Ddr::IndexFields::PERMANENT_ID] = "foo" }
34
20
  its(:permanent_id) { is_expected.to eq("foo") }
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ddr-models
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.0.pre.3
4
+ version: 2.0.0.pre.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jim Coble
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2015-07-16 00:00:00.000000000 Z
12
+ date: 2015-07-22 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rails
@@ -624,7 +624,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
624
624
  version: 1.3.1
625
625
  requirements: []
626
626
  rubyforge_project:
627
- rubygems_version: 2.2.2
627
+ rubygems_version: 2.4.6
628
628
  signing_key:
629
629
  specification_version: 4
630
630
  summary: Models used in the Duke Digital Repository