ddr-models 3.0.0.alpha.4 → 3.0.0.beta.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +0 -2
- data/app/models/collection.rb +6 -2
- data/config/initializers/active_fedora_base.rb +3 -4
- data/ddr-models.gemspec +4 -3
- data/lib/ddr/auth/effective_roles.rb +1 -5
- data/lib/ddr/auth/inherited_roles.rb +2 -5
- data/lib/ddr/auth/resource_roles.rb +1 -4
- data/lib/ddr/auth/roles.rb +3 -3
- data/lib/ddr/auth/roles/role.rb +54 -101
- data/lib/ddr/auth/roles/role_attribute.rb +16 -0
- data/lib/ddr/auth/roles/role_set.rb +19 -72
- data/lib/ddr/auth/roles/role_set_manager.rb +68 -0
- data/lib/ddr/auth/roles/role_set_query.rb +10 -22
- data/lib/ddr/auth/roles/role_type.rb +1 -0
- data/lib/ddr/auth/roles/role_validator.rb +11 -0
- data/lib/ddr/models.rb +2 -1
- data/lib/ddr/models/base.rb +78 -17
- data/lib/ddr/models/has_admin_metadata.rb +6 -4
- data/lib/ddr/models/has_content.rb +0 -10
- data/lib/ddr/models/solr_document.rb +6 -2
- data/lib/ddr/models/validatable.rb +20 -0
- data/lib/ddr/models/validator.rb +8 -0
- data/lib/ddr/models/version.rb +1 -1
- data/lib/ddr/vocab/roles.rb +14 -10
- data/spec/auth/effective_permissions_spec.rb +1 -1
- data/spec/auth/effective_roles_spec.rb +5 -5
- data/spec/auth/roles/role_set_manager_spec.rb +86 -0
- data/spec/auth/roles/role_set_query_spec.rb +50 -67
- data/spec/auth/roles/role_set_spec.rb +41 -0
- data/spec/auth/roles/role_spec.rb +45 -42
- data/spec/models/collection_spec.rb +1 -1
- data/spec/models/has_admin_metadata_spec.rb +2 -2
- data/spec/models/indexing_spec.rb +2 -2
- data/spec/models/search_builder_spec.rb +3 -3
- data/spec/models/solr_document_spec.rb +3 -3
- data/spec/support/shared_examples_for_non_collection_models.rb +1 -1
- metadata +33 -18
- data/lib/ddr/auth/roles/detached_role_set.rb +0 -59
- data/lib/ddr/auth/roles/property_role_set.rb +0 -46
- data/lib/ddr/auth/roles/roles_datastream.rb +0 -9
- data/lib/ddr/models/describable.rb +0 -79
- data/spec/auth/roles/detached_role_set_spec.rb +0 -50
- data/spec/auth/roles/property_role_set_spec.rb +0 -32
@@ -2,9 +2,9 @@ module Ddr::Auth
|
|
2
2
|
RSpec.describe EffectiveRoles do
|
3
3
|
|
4
4
|
let(:resource) { FactoryGirl.build(:item) }
|
5
|
-
let(:policy) { Collection.new(
|
5
|
+
let(:policy) { Collection.new(id: "coll-1") }
|
6
6
|
let(:agents) { [ "Editors", "bob@example.com", "public" ] }
|
7
|
-
let(:editor) { Roles::Role.build
|
7
|
+
let(:editor) { Roles::Role.build role_type: "Editor", agent: "Editors", scope: "policy" }
|
8
8
|
let(:downloader) { FactoryGirl.build(:role, :downloader, :public) }
|
9
9
|
|
10
10
|
before do
|
@@ -13,9 +13,9 @@ module Ddr::Auth
|
|
13
13
|
policy.roles.grant editor
|
14
14
|
end
|
15
15
|
|
16
|
-
it "
|
17
|
-
expect(described_class.call(resource, agents)
|
18
|
-
.to eq(Roles::
|
16
|
+
it "returns the list of roles granted to the agents on the resource in resource scope, plus the roles granted to the agents on the resource's policy in policy scope" do
|
17
|
+
expect(described_class.call(resource, agents))
|
18
|
+
.to eq(Roles::RoleSet.new(roles: [downloader, editor]))
|
19
19
|
end
|
20
20
|
|
21
21
|
end
|
@@ -0,0 +1,86 @@
|
|
1
|
+
module Ddr::Auth
|
2
|
+
module Roles
|
3
|
+
RSpec.describe RoleSetManager do
|
4
|
+
|
5
|
+
subject { described_class.new(object) }
|
6
|
+
|
7
|
+
let(:object) { Item.new }
|
8
|
+
|
9
|
+
let(:role1) { FactoryGirl.build(:role, :editor, :person, :resource) }
|
10
|
+
let(:role2) { FactoryGirl.build(:role, :curator, :group, :policy) }
|
11
|
+
let(:role3) { FactoryGirl.build(:role, :viewer, :public) }
|
12
|
+
|
13
|
+
describe "#grant" do
|
14
|
+
describe "by attributes" do
|
15
|
+
it "can grant a role" do
|
16
|
+
subject.grant role1.to_h
|
17
|
+
expect(object.roles.granted?(role1)).to be true
|
18
|
+
end
|
19
|
+
it "can grant multiple roles" do
|
20
|
+
subject.grant role1.to_h, role2.to_h
|
21
|
+
expect(object.roles.granted?(role1)).to be true
|
22
|
+
expect(object.roles.granted?(role2)).to be true
|
23
|
+
end
|
24
|
+
end
|
25
|
+
describe "by resource" do
|
26
|
+
it "can grant a role by role instance" do
|
27
|
+
subject.grant role1
|
28
|
+
expect(object.roles.granted?(role1)).to be true
|
29
|
+
end
|
30
|
+
it "can grant multiple roles" do
|
31
|
+
subject.grant role1, role2
|
32
|
+
expect(object.roles.granted?(role1)).to be true
|
33
|
+
expect(object.roles.granted?(role2)).to be true
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
describe "#revoke" do
|
39
|
+
before { subject.grant role1, role2 }
|
40
|
+
it "can revoke a role by type, agent name and (optionally) scope" do
|
41
|
+
subject.revoke role1.to_h
|
42
|
+
expect(object.roles.granted?(role1)).to be false
|
43
|
+
end
|
44
|
+
it "can revoke a role by role instance" do
|
45
|
+
subject.revoke role1
|
46
|
+
expect(object.roles.granted?(role1)).to be false
|
47
|
+
end
|
48
|
+
it "can revoke multiple roles" do
|
49
|
+
subject.revoke role1, role2
|
50
|
+
expect(object.roles.granted?(role1)).to be false
|
51
|
+
expect(object.roles.granted?(role2)).to be false
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
describe "#revoke_all" do
|
56
|
+
before { subject.grant role1, role2 }
|
57
|
+
it "revokes all roles" do
|
58
|
+
subject.revoke_all
|
59
|
+
expect(object.roles).to be_empty
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
describe "#replace" do
|
64
|
+
before { subject.grant role1, role2 }
|
65
|
+
it "replaces the current role(s) with the new role(s)" do
|
66
|
+
expect { subject.replace(role3) }.to change(subject, :to_a).from([role1, role2]).to([role3])
|
67
|
+
end
|
68
|
+
end
|
69
|
+
|
70
|
+
describe "#granted?" do
|
71
|
+
before { subject.grant role1 }
|
72
|
+
it "returns true if an equivalent role has been granted" do
|
73
|
+
expect(subject.granted?(role1.dup)).to be true
|
74
|
+
end
|
75
|
+
it "returns false if no equivalent role has been granted" do
|
76
|
+
expect(subject.granted?(role2)).to be false
|
77
|
+
end
|
78
|
+
it "returns true if a role matching the arguments has been granted" do
|
79
|
+
expect(subject.granted?(role1.to_h)).to be true
|
80
|
+
expect(subject.granted?(role2.to_h)).to be false
|
81
|
+
end
|
82
|
+
end
|
83
|
+
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
@@ -2,86 +2,69 @@ module Ddr::Auth
|
|
2
2
|
module Roles
|
3
3
|
RSpec.describe RoleSetQuery do
|
4
4
|
|
5
|
-
|
5
|
+
subject { described_class.new(role_set) }
|
6
6
|
|
7
|
-
|
7
|
+
let(:role_set) { RoleSet.new }
|
8
|
+
let(:curator) { "curator@example.com" }
|
9
|
+
let(:editor) { "editor@example.com" }
|
10
|
+
let(:other_person) { "other@example.com" }
|
11
|
+
let(:other_group) { "Others" }
|
12
|
+
let(:contributor_group) { "Contributors" }
|
13
|
+
let(:downloader_group) { "Downloaders" }
|
14
|
+
let(:viewer_group) { "Viewers" }
|
15
|
+
let(:contributor_role) { Role.build(role_type: "Contributor", agent: contributor_group, scope: "resource") }
|
16
|
+
let(:downloader_role) { Role.build(role_type: "Downloader", agent: downloader_group, scope: "resource") }
|
17
|
+
let(:editor_role) { Role.build(role_type: "Editor", agent: editor, scope: "resource") }
|
18
|
+
let(:curator_role) { Role.build(role_type: "Curator", agent: curator, scope: "policy") }
|
19
|
+
let(:viewer_role) { Role.build(role_type: "Viewer", agent: viewer_group, scope: "policy") }
|
20
|
+
let(:policy_roles) { [curator_role, viewer_role] }
|
21
|
+
let(:resource_roles) { [contributor_role, downloader_role, editor_role] }
|
8
22
|
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
let(:other_group) { "Others" }
|
13
|
-
let(:contributor_group) { "Contributors" }
|
14
|
-
let(:downloader_group) { "Downloaders" }
|
15
|
-
let(:viewer_group) { "Viewers" }
|
16
|
-
let(:contributor_role) { Role.build(type: "Contributor", agent: contributor_group, scope: "resource") }
|
17
|
-
let(:downloader_role) { Role.build(type: "Downloader", agent: downloader_group, scope: "resource") }
|
18
|
-
let(:editor_role) { Role.build(type: "Editor", agent: editor, scope: "resource") }
|
19
|
-
let(:curator_role) { Role.build(type: "Curator", agent: curator, scope: "policy") }
|
20
|
-
let(:viewer_role) { Role.build(type: "Viewer", agent: viewer_group, scope: "policy") }
|
21
|
-
let(:policy_roles) { [curator_role, viewer_role] }
|
22
|
-
let(:resource_roles) { [contributor_role, downloader_role, editor_role] }
|
23
|
+
before do
|
24
|
+
role_set.roles = [contributor_role, downloader_role, editor_role, curator_role, viewer_role]
|
25
|
+
end
|
23
26
|
|
24
|
-
|
25
|
-
|
27
|
+
describe "filtering by role type" do
|
28
|
+
it "should filter by a type" do
|
29
|
+
expect(subject.where(role_type: "Contributor").to_a).to eq([contributor_role])
|
30
|
+
expect(subject.role_type("Contributor").to_a).to eq([contributor_role])
|
31
|
+
expect(subject.type("Contributor").to_a).to eq([contributor_role])
|
26
32
|
end
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
it "should filter by a list of types" do
|
35
|
-
expect(subject.where(role_type: ["Contributor", "Curator", "MetadataEditor"]).to_a)
|
36
|
-
.to eq([contributor_role, curator_role])
|
37
|
-
expect(subject.role_type(["Contributor", "Curator", "MetadataEditor"]).to_a)
|
38
|
-
.to eq([contributor_role, curator_role])
|
39
|
-
expect(subject.type(["Contributor", "Curator", "MetadataEditor"]).to_a)
|
40
|
-
.to eq([contributor_role, curator_role])
|
41
|
-
end
|
33
|
+
it "should filter by a list of types" do
|
34
|
+
expect(subject.where(role_type: ["Contributor", "Curator", "MetadataEditor"]).to_a)
|
35
|
+
.to eq([contributor_role, curator_role])
|
36
|
+
expect(subject.role_type(["Contributor", "Curator", "MetadataEditor"]).to_a)
|
37
|
+
.to eq([contributor_role, curator_role])
|
38
|
+
expect(subject.type(["Contributor", "Curator", "MetadataEditor"]).to_a)
|
39
|
+
.to eq([contributor_role, curator_role])
|
42
40
|
end
|
41
|
+
end
|
43
42
|
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
end
|
49
|
-
it "should filter by a list of agents" do
|
50
|
-
expect(subject.where(agent: [curator, other_person, downloader_group]).to_a)
|
51
|
-
.to eq([downloader_role, curator_role])
|
52
|
-
expect(subject.agent([curator, other_person, downloader_group]).to_a)
|
53
|
-
.to eq([downloader_role, curator_role])
|
54
|
-
end
|
43
|
+
describe "filtering by agent" do
|
44
|
+
it "should filter by an agent" do
|
45
|
+
expect(subject.where(agent: curator).to_a).to eq([curator_role])
|
46
|
+
expect(subject.agent(curator).to_a).to eq([curator_role])
|
55
47
|
end
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
end
|
62
|
-
it "should filter by the resource scope" do
|
63
|
-
expect(subject.where(scope: "resource").to_a).to eq(resource_roles)
|
64
|
-
expect(subject.scope("resource").to_a).to eq(resource_roles)
|
65
|
-
end
|
48
|
+
it "should filter by a list of agents" do
|
49
|
+
expect(subject.where(agent: [curator, other_person, downloader_group]).to_a)
|
50
|
+
.to eq([downloader_role, curator_role])
|
51
|
+
expect(subject.agent([curator, other_person, downloader_group]).to_a)
|
52
|
+
.to eq([downloader_role, curator_role])
|
66
53
|
end
|
67
|
-
|
68
54
|
end
|
69
55
|
|
70
|
-
describe "
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
56
|
+
describe "filtering by scope" do
|
57
|
+
it "should filter by the policy scope" do
|
58
|
+
expect(subject.where(scope: "policy").to_a).to eq(policy_roles)
|
59
|
+
expect(subject.scope("policy").to_a).to eq(policy_roles)
|
60
|
+
end
|
61
|
+
it "should filter by the resource scope" do
|
62
|
+
expect(subject.where(scope: "resource").to_a).to eq(resource_roles)
|
63
|
+
expect(subject.scope("resource").to_a).to eq(resource_roles)
|
75
64
|
end
|
76
|
-
let(:role_set) { PropertyRoleSet.new(role_assignable.new.role) }
|
77
|
-
it_behaves_like "a role set query"
|
78
|
-
end
|
79
|
-
|
80
|
-
describe "with a DetachedRoleSet" do
|
81
|
-
let(:role_set) { DetachedRoleSet.new }
|
82
|
-
it_behaves_like "a role set query"
|
83
65
|
end
|
84
66
|
|
85
67
|
end
|
68
|
+
|
86
69
|
end
|
87
70
|
end
|
@@ -0,0 +1,41 @@
|
|
1
|
+
module Ddr::Auth
|
2
|
+
module Roles
|
3
|
+
RSpec.describe RoleSet do
|
4
|
+
|
5
|
+
describe "JSON serialization / deserialization" do
|
6
|
+
subject { described_class.new roles: [role1, role2] }
|
7
|
+
|
8
|
+
let(:role1) { {role_type: "Editor", agent: "bob@example.com", scope: "resource"} }
|
9
|
+
let(:role2) { {role_type: "Curator", agent: "sue@example.com", scope: "policy"} }
|
10
|
+
let(:json) { "{\"roles\":[{\"agent\":\"bob@example.com\",\"role_type\":\"Editor\",\"scope\":\"resource\"},{\"agent\":\"sue@example.com\",\"role_type\":\"Curator\",\"scope\":\"policy\"}]}" }
|
11
|
+
|
12
|
+
its(:to_json) { is_expected.to eq(json) }
|
13
|
+
it "loads data from JSON" do
|
14
|
+
expect(described_class.from_json(json).roles).to eq(Set.new([Role.new(role1), Role.new(role2)]))
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
describe "conversion to array" do
|
19
|
+
subject { described_class.new roles: roles }
|
20
|
+
|
21
|
+
let(:roles) { FactoryGirl.build_list(:role, 3, :contributor, :person, :resource) }
|
22
|
+
|
23
|
+
its(:to_a) { is_expected.to be_a(Array) }
|
24
|
+
it { is_expected.to contain_exactly(*roles) }
|
25
|
+
end
|
26
|
+
|
27
|
+
describe "equality" do
|
28
|
+
subject { described_class.new roles: [role1, role2] }
|
29
|
+
|
30
|
+
let(:role1) { FactoryGirl.build(:role, :curator, :person, :policy) }
|
31
|
+
let(:role2) { FactoryGirl.build(:role, :editor, :group, :resource) }
|
32
|
+
let(:other) { described_class.new roles: [role2, role1] }
|
33
|
+
|
34
|
+
it "is equal to another role set if it has the same roles, regardless of order" do
|
35
|
+
expect(subject).to eq(other)
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
@@ -2,81 +2,84 @@ module Ddr::Auth
|
|
2
2
|
module Roles
|
3
3
|
RSpec.describe Role do
|
4
4
|
|
5
|
-
let(:agent) { "bob@example.com" }
|
6
|
-
|
7
|
-
describe "equality" do
|
8
|
-
subject { described_class.build(type: "Viewer", agent: "public", scope: "policy") }
|
9
|
-
describe "when two roles have the same type, agent and scope" do
|
10
|
-
let(:other) { described_class.build(type: "Viewer", agent: "public", scope: "policy") }
|
11
|
-
it { should eq(other) }
|
12
|
-
it { should eql(other) }
|
13
|
-
end
|
14
|
-
end
|
15
|
-
|
16
5
|
describe "scope" do
|
17
6
|
describe "default scope" do
|
18
|
-
subject { described_class.
|
19
|
-
its(:scope) {
|
7
|
+
subject { described_class.new(role_type: "Curator", agent: "bob") }
|
8
|
+
its(:scope) { is_expected.to eq(described_class::DEFAULT_SCOPE) }
|
20
9
|
end
|
21
10
|
describe "#in_resource_scope?" do
|
22
11
|
describe "when scope == 'resource'" do
|
23
|
-
subject { described_class.
|
24
|
-
it {
|
12
|
+
subject { described_class.new(role_type: "Curator", agent: "bob", scope: "resource") }
|
13
|
+
it { is_expected.to be_in_resource_scope }
|
25
14
|
end
|
26
15
|
describe "when scope != 'resource'" do
|
27
|
-
subject { described_class.
|
28
|
-
it {
|
16
|
+
subject { described_class.new(role_type: "Curator", agent: "bob", scope: "policy") }
|
17
|
+
it { is_expected.to_not be_in_resource_scope }
|
29
18
|
end
|
30
19
|
end
|
31
20
|
describe "#in_policy_scope?" do
|
32
21
|
describe "when scope != 'policy'" do
|
33
|
-
subject { described_class.
|
34
|
-
it {
|
22
|
+
subject { described_class.new(role_type: "Curator", agent: "bob", scope: "resource") }
|
23
|
+
it { is_expected.to_not be_in_policy_scope }
|
35
24
|
end
|
36
25
|
describe "when scope == 'policy'" do
|
37
|
-
subject { described_class.
|
38
|
-
it {
|
26
|
+
subject { described_class.new(role_type: "Curator", agent: "bob", scope: "policy") }
|
27
|
+
it { is_expected.to be_in_policy_scope }
|
39
28
|
end
|
40
29
|
end
|
41
30
|
end
|
42
31
|
|
43
32
|
describe "validation" do
|
44
|
-
it "
|
45
|
-
expect { described_class.
|
46
|
-
|
47
|
-
expect { described_class.
|
33
|
+
it "requires the presence of an agent" do
|
34
|
+
expect { described_class.new(role_type: "Curator", scope: "resource") }
|
35
|
+
.to raise_error(Ddr::Models::Error)
|
36
|
+
expect { described_class.new(role_type: "Curator", agent: nil, scope: "resource") }
|
37
|
+
.to raise_error(Ddr::Models::Error)
|
38
|
+
expect { described_class.new(role_type: "Curator", agent: "", scope: "resource") }
|
39
|
+
.to raise_error(Ddr::Models::Error)
|
48
40
|
end
|
49
|
-
it "
|
50
|
-
expect { described_class.
|
51
|
-
|
41
|
+
it "requires a valid scope" do
|
42
|
+
expect { described_class.new(role_type: "Curator", agent: "bob", scope: "") }
|
43
|
+
.to raise_error(Ddr::Models::Error)
|
44
|
+
expect { described_class.new(role_type: "Curator", agent: "bob", scope: "other") }
|
45
|
+
.to raise_error(Ddr::Models::Error)
|
52
46
|
end
|
53
|
-
it "
|
54
|
-
expect { described_class.
|
55
|
-
|
56
|
-
expect { described_class.
|
57
|
-
|
47
|
+
it "requires a valid type" do
|
48
|
+
expect { described_class.new(agent: "bob", scope: "policy") }
|
49
|
+
.to raise_error(Ddr::Models::Error)
|
50
|
+
expect { described_class.new(role_type: nil, agent: "bob", scope: "policy") }
|
51
|
+
.to raise_error(Ddr::Models::Error)
|
52
|
+
expect { described_class.new(role_type: "", agent: "bob", scope: "policy") }
|
53
|
+
.to raise_error(Ddr::Models::Error)
|
54
|
+
expect { described_class.new(role_type: "Invalid", agent: "bob", scope: "policy") }
|
55
|
+
.to raise_error(Ddr::Models::Error)
|
58
56
|
end
|
59
57
|
end
|
60
58
|
|
61
59
|
describe "serialization / deserialization" do
|
62
60
|
subject { FactoryGirl.build(:role, :curator, :person, :resource) }
|
63
|
-
it {
|
64
|
-
|
61
|
+
it { is_expected.to eq(described_class.from_json(subject.to_json)) }
|
62
|
+
end
|
63
|
+
|
64
|
+
describe "attribute value coercion" do
|
65
|
+
subject { described_class.new(role_type: ["Curator"], agent: user, scope: :resource) }
|
66
|
+
let(:user) { ::User.new(username: "bob") }
|
67
|
+
its(:role_type) { is_expected.to eq("Curator") }
|
68
|
+
its(:agent) { is_expected.to eq("bob") }
|
69
|
+
its(:scope) { is_expected.to eq("resource") }
|
65
70
|
end
|
66
71
|
|
67
72
|
Roles.type_map.each_key do |type|
|
68
73
|
describe "#{type} role type" do
|
69
74
|
Roles::SCOPES.each do |scope|
|
70
75
|
describe "#{scope} scope" do
|
71
|
-
subject { described_class.
|
76
|
+
subject { described_class.new(role_type: type, agent: "bob", scope: scope) }
|
72
77
|
it { is_expected.to be_valid }
|
73
|
-
its(:
|
74
|
-
its(:agent) { is_expected.to eq([agent]) }
|
75
|
-
its(:scope) { is_expected.to eq([scope]) }
|
76
|
-
its(:to_h) { is_expected.to eq({"role_type"=>[type], "agent"=>[agent], "scope"=>[scope]}) }
|
78
|
+
its(:to_h) { is_expected.to eq({role_type: type, agent: "bob", scope: scope}) }
|
77
79
|
its(:permissions) { is_expected.to eq(Roles.type_map[type].permissions) }
|
78
|
-
it "
|
79
|
-
expect(subject).to eq(described_class.
|
80
|
+
it "is a value object" do
|
81
|
+
expect(subject).to eq(described_class.new(role_type: type, agent: "bob", scope: scope))
|
82
|
+
expect(subject).to eql(described_class.new(role_type: type, agent: "bob", scope: scope))
|
80
83
|
end
|
81
84
|
end
|
82
85
|
end
|
@@ -35,7 +35,7 @@ RSpec.describe Collection, type: :model do
|
|
35
35
|
let(:user) { FactoryGirl.build(:user) }
|
36
36
|
before { subject.grant_roles_to_creator(user) }
|
37
37
|
it "should include Curator roles in both resource abd policy scopes" do
|
38
|
-
expect(subject.roles.to_a).to eq([Ddr::Auth::Roles::Role.build(
|
38
|
+
expect(subject.roles.to_a).to eq([Ddr::Auth::Roles::Role.build(role_type: "Curator", agent: user.agent, scope: "resource"), Ddr::Auth::Roles::Role.build(role_type: "Curator", agent: user.agent, scope: "policy")])
|
39
39
|
end
|
40
40
|
end
|
41
41
|
|
@@ -163,7 +163,7 @@ module Ddr::Models
|
|
163
163
|
describe "#grant_roles_to_creator" do
|
164
164
|
let(:user) { FactoryGirl.build(:user) }
|
165
165
|
before { subject.grant_roles_to_creator(user) }
|
166
|
-
its(:roles) { should include(Ddr::Auth::Roles::Role.build(
|
166
|
+
its(:roles) { should include(Ddr::Auth::Roles::Role.build(role_type: "Editor", agent: user.agent, scope: "resource")) }
|
167
167
|
end
|
168
168
|
|
169
169
|
describe "persistence" do
|
@@ -172,7 +172,7 @@ module Ddr::Models
|
|
172
172
|
subject.roles.grant role
|
173
173
|
subject.save!
|
174
174
|
subject.reload
|
175
|
-
expect(subject.roles).to contain_exactly(role)
|
175
|
+
expect(subject.roles.role_set).to contain_exactly(role)
|
176
176
|
end
|
177
177
|
end
|
178
178
|
|
@@ -27,8 +27,8 @@ module Ddr::Models
|
|
27
27
|
its([Indexing::PERMANENT_URL]) { is_expected.to eq("http://id.library.duke.edu/ark:/99999/fk4zzz") }
|
28
28
|
its([Indexing::DISPLAY_FORMAT]) { is_expected.to eq("Image") }
|
29
29
|
its([Indexing::ACCESS_ROLE]) { is_expected.to eq(obj.roles.to_json) }
|
30
|
-
its([Indexing::POLICY_ROLE]) { is_expected.to contain_exactly(role2.agent
|
31
|
-
its([Indexing::RESOURCE_ROLE]) { is_expected.to contain_exactly(role1.agent
|
30
|
+
its([Indexing::POLICY_ROLE]) { is_expected.to contain_exactly(role2.agent, role3.agent, role4.agent) }
|
31
|
+
its([Indexing::RESOURCE_ROLE]) { is_expected.to contain_exactly(role1.agent) }
|
32
32
|
|
33
33
|
end
|
34
34
|
end
|