ddr-models 2.0.0.pre.3 → 2.0.0.pre.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/ddr/auth/ability_definitions/role_based_ability_definitions.rb +2 -6
- data/lib/ddr/auth/role_based_access_controls_enforcement.rb +5 -0
- data/lib/ddr/models/has_admin_metadata.rb +4 -6
- data/lib/ddr/models/solr_document.rb +4 -4
- data/lib/ddr/models/version.rb +1 -1
- data/spec/auth/ability_spec.rb +3 -3
- data/spec/models/solr_document_spec.rb +0 -14
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: edec71f33dfe1094a8745e65ee9442145fff93c8
|
4
|
+
data.tar.gz: 4d4e93ebac4f35bdf3acd49b64feb90e6be9b7e5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d1f66ebd01130976ee83afdbf334058592da001d2616d566b2c874ed5ef5b60e2a832d13935b3f49552ec2e3feb859878a85561eb598c3bb828cb322dd9a5109
|
7
|
+
data.tar.gz: d88b98a85c9d7496530d07ee79ea036dbd58256b83667f701b688195a46186bfbd1c376890eac921441e232aa13c7d93e639c087a3cd298daff35aef12ee00fd
|
@@ -20,19 +20,15 @@ module Ddr
|
|
20
20
|
case obj
|
21
21
|
when Ddr::Models::Base, SolrDocument
|
22
22
|
cached_permissions obj.pid do
|
23
|
-
effective_permissions
|
23
|
+
obj.effective_permissions(agents)
|
24
24
|
end
|
25
25
|
when String
|
26
26
|
cached_permissions obj do
|
27
|
-
|
27
|
+
permissions_doc(obj).effective_permissions(agents)
|
28
28
|
end
|
29
29
|
end
|
30
30
|
end
|
31
31
|
|
32
|
-
def effective_permissions(obj)
|
33
|
-
EffectivePermissions.call(obj, agents)
|
34
|
-
end
|
35
|
-
|
36
32
|
def cached_permissions(pid, &block)
|
37
33
|
cache[pid] ||= block.call
|
38
34
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
require "resque"
|
2
|
+
|
1
3
|
module Ddr
|
2
4
|
module Models
|
3
5
|
module HasAdminMetadata
|
@@ -50,12 +52,8 @@ module Ddr
|
|
50
52
|
roles.grant *(other.roles.in_resource_scope)
|
51
53
|
end
|
52
54
|
|
53
|
-
def
|
54
|
-
Ddr::Auth::
|
55
|
-
end
|
56
|
-
|
57
|
-
def effective_roles
|
58
|
-
Ddr::Auth::EffectiveRoles.call(self)
|
55
|
+
def effective_permissions(agents)
|
56
|
+
Ddr::Auth::EffectivePermissions.call(self, agents)
|
59
57
|
end
|
60
58
|
|
61
59
|
private
|
@@ -106,10 +106,6 @@ module Ddr
|
|
106
106
|
end
|
107
107
|
alias_method :title_display, :title # duck-type Ddr::Models::Base
|
108
108
|
|
109
|
-
def principal_has_role?(principal, role)
|
110
|
-
(Array(self["admin_metadata__#{role}_ssim"]) & Array(principal)).any?
|
111
|
-
end
|
112
|
-
|
113
109
|
def identifier
|
114
110
|
# We want the multivalued version here
|
115
111
|
get(ActiveFedora::SolrService.solr_name(:identifier, :stored_searchable, type: :text))
|
@@ -226,6 +222,10 @@ module Ddr
|
|
226
222
|
struct_maps.present? ? struct_maps.fetch(type) : nil
|
227
223
|
end
|
228
224
|
|
225
|
+
def effective_permissions(agents)
|
226
|
+
Ddr::Auth::EffectivePermissions.call(self, agents)
|
227
|
+
end
|
228
|
+
|
229
229
|
private
|
230
230
|
|
231
231
|
def targets_query
|
data/lib/ddr/models/version.rb
CHANGED
data/spec/auth/ability_spec.rb
CHANGED
@@ -146,7 +146,7 @@ module Ddr::Auth
|
|
146
146
|
describe "when permissions are cached" do
|
147
147
|
before { subject.cache[cache_key] = [ Permissions::READ ] }
|
148
148
|
it "should use the cached permissions" do
|
149
|
-
|
149
|
+
expect(perm_obj).not_to receive(:effective_permissions)
|
150
150
|
expect(subject).to be_able_to(:read, obj)
|
151
151
|
expect(subject).not_to be_able_to(:edit, obj)
|
152
152
|
end
|
@@ -154,7 +154,7 @@ module Ddr::Auth
|
|
154
154
|
describe "when permissions are not cached" do
|
155
155
|
describe "and user context has role based permission" do
|
156
156
|
before do
|
157
|
-
|
157
|
+
allow(perm_obj).to receive(:effective_permissions) do
|
158
158
|
[ Permissions::UPDATE ]
|
159
159
|
end
|
160
160
|
end
|
@@ -162,7 +162,7 @@ module Ddr::Auth
|
|
162
162
|
end
|
163
163
|
describe "and user context does not have role based permission" do
|
164
164
|
before do
|
165
|
-
|
165
|
+
allow(perm_obj).to receive(:effective_permissions) do
|
166
166
|
[ Permissions::READ ]
|
167
167
|
end
|
168
168
|
end
|
@@ -15,20 +15,6 @@ RSpec.describe SolrDocument, type: :model do
|
|
15
15
|
end
|
16
16
|
end
|
17
17
|
|
18
|
-
describe "#principal_has_role?" do
|
19
|
-
before { subject["admin_metadata__role_ssim"] = [ "inst.faculty", "inst.staff", "inst.student" ] }
|
20
|
-
context "user does not have role" do
|
21
|
-
it "should return false" do
|
22
|
-
expect(subject.principal_has_role?([ "registered" ], "role")).to be false
|
23
|
-
end
|
24
|
-
end
|
25
|
-
context "user does have role" do
|
26
|
-
it "should return true" do
|
27
|
-
expect(subject.principal_has_role?([ "inst.staff" ], "role")).to be true
|
28
|
-
end
|
29
|
-
end
|
30
|
-
end
|
31
|
-
|
32
18
|
describe "#permanent_id" do
|
33
19
|
before { subject[Ddr::IndexFields::PERMANENT_ID] = "foo" }
|
34
20
|
its(:permanent_id) { is_expected.to eq("foo") }
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ddr-models
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.0.pre.
|
4
|
+
version: 2.0.0.pre.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jim Coble
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2015-07-
|
12
|
+
date: 2015-07-22 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rails
|
@@ -624,7 +624,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
624
624
|
version: 1.3.1
|
625
625
|
requirements: []
|
626
626
|
rubyforge_project:
|
627
|
-
rubygems_version: 2.
|
627
|
+
rubygems_version: 2.4.6
|
628
628
|
signing_key:
|
629
629
|
specification_version: 4
|
630
630
|
summary: Models used in the Duke Digital Repository
|