ddr-models 3.0.0.alpha.4 → 3.0.0.beta.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile +0 -2
- data/app/models/collection.rb +6 -2
- data/config/initializers/active_fedora_base.rb +3 -4
- data/ddr-models.gemspec +4 -3
- data/lib/ddr/auth/effective_roles.rb +1 -5
- data/lib/ddr/auth/inherited_roles.rb +2 -5
- data/lib/ddr/auth/resource_roles.rb +1 -4
- data/lib/ddr/auth/roles.rb +3 -3
- data/lib/ddr/auth/roles/role.rb +54 -101
- data/lib/ddr/auth/roles/role_attribute.rb +16 -0
- data/lib/ddr/auth/roles/role_set.rb +19 -72
- data/lib/ddr/auth/roles/role_set_manager.rb +68 -0
- data/lib/ddr/auth/roles/role_set_query.rb +10 -22
- data/lib/ddr/auth/roles/role_type.rb +1 -0
- data/lib/ddr/auth/roles/role_validator.rb +11 -0
- data/lib/ddr/models.rb +2 -1
- data/lib/ddr/models/base.rb +78 -17
- data/lib/ddr/models/has_admin_metadata.rb +6 -4
- data/lib/ddr/models/has_content.rb +0 -10
- data/lib/ddr/models/solr_document.rb +6 -2
- data/lib/ddr/models/validatable.rb +20 -0
- data/lib/ddr/models/validator.rb +8 -0
- data/lib/ddr/models/version.rb +1 -1
- data/lib/ddr/vocab/roles.rb +14 -10
- data/spec/auth/effective_permissions_spec.rb +1 -1
- data/spec/auth/effective_roles_spec.rb +5 -5
- data/spec/auth/roles/role_set_manager_spec.rb +86 -0
- data/spec/auth/roles/role_set_query_spec.rb +50 -67
- data/spec/auth/roles/role_set_spec.rb +41 -0
- data/spec/auth/roles/role_spec.rb +45 -42
- data/spec/models/collection_spec.rb +1 -1
- data/spec/models/has_admin_metadata_spec.rb +2 -2
- data/spec/models/indexing_spec.rb +2 -2
- data/spec/models/search_builder_spec.rb +3 -3
- data/spec/models/solr_document_spec.rb +3 -3
- data/spec/support/shared_examples_for_non_collection_models.rb +1 -1
- metadata +33 -18
- data/lib/ddr/auth/roles/detached_role_set.rb +0 -59
- data/lib/ddr/auth/roles/property_role_set.rb +0 -46
- data/lib/ddr/auth/roles/roles_datastream.rb +0 -9
- data/lib/ddr/models/describable.rb +0 -79
- data/spec/auth/roles/detached_role_set_spec.rb +0 -50
- data/spec/auth/roles/property_role_set_spec.rb +0 -32
@@ -2,9 +2,9 @@ module Ddr::Auth
|
|
2
2
|
RSpec.describe EffectiveRoles do
|
3
3
|
|
4
4
|
let(:resource) { FactoryGirl.build(:item) }
|
5
|
-
let(:policy) { Collection.new(
|
5
|
+
let(:policy) { Collection.new(id: "coll-1") }
|
6
6
|
let(:agents) { [ "Editors", "bob@example.com", "public" ] }
|
7
|
-
let(:editor) { Roles::Role.build
|
7
|
+
let(:editor) { Roles::Role.build role_type: "Editor", agent: "Editors", scope: "policy" }
|
8
8
|
let(:downloader) { FactoryGirl.build(:role, :downloader, :public) }
|
9
9
|
|
10
10
|
before do
|
@@ -13,9 +13,9 @@ module Ddr::Auth
|
|
13
13
|
policy.roles.grant editor
|
14
14
|
end
|
15
15
|
|
16
|
-
it "
|
17
|
-
expect(described_class.call(resource, agents)
|
18
|
-
.to eq(Roles::
|
16
|
+
it "returns the list of roles granted to the agents on the resource in resource scope, plus the roles granted to the agents on the resource's policy in policy scope" do
|
17
|
+
expect(described_class.call(resource, agents))
|
18
|
+
.to eq(Roles::RoleSet.new(roles: [downloader, editor]))
|
19
19
|
end
|
20
20
|
|
21
21
|
end
|
@@ -0,0 +1,86 @@
|
|
1
|
+
module Ddr::Auth
|
2
|
+
module Roles
|
3
|
+
RSpec.describe RoleSetManager do
|
4
|
+
|
5
|
+
subject { described_class.new(object) }
|
6
|
+
|
7
|
+
let(:object) { Item.new }
|
8
|
+
|
9
|
+
let(:role1) { FactoryGirl.build(:role, :editor, :person, :resource) }
|
10
|
+
let(:role2) { FactoryGirl.build(:role, :curator, :group, :policy) }
|
11
|
+
let(:role3) { FactoryGirl.build(:role, :viewer, :public) }
|
12
|
+
|
13
|
+
describe "#grant" do
|
14
|
+
describe "by attributes" do
|
15
|
+
it "can grant a role" do
|
16
|
+
subject.grant role1.to_h
|
17
|
+
expect(object.roles.granted?(role1)).to be true
|
18
|
+
end
|
19
|
+
it "can grant multiple roles" do
|
20
|
+
subject.grant role1.to_h, role2.to_h
|
21
|
+
expect(object.roles.granted?(role1)).to be true
|
22
|
+
expect(object.roles.granted?(role2)).to be true
|
23
|
+
end
|
24
|
+
end
|
25
|
+
describe "by resource" do
|
26
|
+
it "can grant a role by role instance" do
|
27
|
+
subject.grant role1
|
28
|
+
expect(object.roles.granted?(role1)).to be true
|
29
|
+
end
|
30
|
+
it "can grant multiple roles" do
|
31
|
+
subject.grant role1, role2
|
32
|
+
expect(object.roles.granted?(role1)).to be true
|
33
|
+
expect(object.roles.granted?(role2)).to be true
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
describe "#revoke" do
|
39
|
+
before { subject.grant role1, role2 }
|
40
|
+
it "can revoke a role by type, agent name and (optionally) scope" do
|
41
|
+
subject.revoke role1.to_h
|
42
|
+
expect(object.roles.granted?(role1)).to be false
|
43
|
+
end
|
44
|
+
it "can revoke a role by role instance" do
|
45
|
+
subject.revoke role1
|
46
|
+
expect(object.roles.granted?(role1)).to be false
|
47
|
+
end
|
48
|
+
it "can revoke multiple roles" do
|
49
|
+
subject.revoke role1, role2
|
50
|
+
expect(object.roles.granted?(role1)).to be false
|
51
|
+
expect(object.roles.granted?(role2)).to be false
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
describe "#revoke_all" do
|
56
|
+
before { subject.grant role1, role2 }
|
57
|
+
it "revokes all roles" do
|
58
|
+
subject.revoke_all
|
59
|
+
expect(object.roles).to be_empty
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
describe "#replace" do
|
64
|
+
before { subject.grant role1, role2 }
|
65
|
+
it "replaces the current role(s) with the new role(s)" do
|
66
|
+
expect { subject.replace(role3) }.to change(subject, :to_a).from([role1, role2]).to([role3])
|
67
|
+
end
|
68
|
+
end
|
69
|
+
|
70
|
+
describe "#granted?" do
|
71
|
+
before { subject.grant role1 }
|
72
|
+
it "returns true if an equivalent role has been granted" do
|
73
|
+
expect(subject.granted?(role1.dup)).to be true
|
74
|
+
end
|
75
|
+
it "returns false if no equivalent role has been granted" do
|
76
|
+
expect(subject.granted?(role2)).to be false
|
77
|
+
end
|
78
|
+
it "returns true if a role matching the arguments has been granted" do
|
79
|
+
expect(subject.granted?(role1.to_h)).to be true
|
80
|
+
expect(subject.granted?(role2.to_h)).to be false
|
81
|
+
end
|
82
|
+
end
|
83
|
+
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
@@ -2,86 +2,69 @@ module Ddr::Auth
|
|
2
2
|
module Roles
|
3
3
|
RSpec.describe RoleSetQuery do
|
4
4
|
|
5
|
-
|
5
|
+
subject { described_class.new(role_set) }
|
6
6
|
|
7
|
-
|
7
|
+
let(:role_set) { RoleSet.new }
|
8
|
+
let(:curator) { "curator@example.com" }
|
9
|
+
let(:editor) { "editor@example.com" }
|
10
|
+
let(:other_person) { "other@example.com" }
|
11
|
+
let(:other_group) { "Others" }
|
12
|
+
let(:contributor_group) { "Contributors" }
|
13
|
+
let(:downloader_group) { "Downloaders" }
|
14
|
+
let(:viewer_group) { "Viewers" }
|
15
|
+
let(:contributor_role) { Role.build(role_type: "Contributor", agent: contributor_group, scope: "resource") }
|
16
|
+
let(:downloader_role) { Role.build(role_type: "Downloader", agent: downloader_group, scope: "resource") }
|
17
|
+
let(:editor_role) { Role.build(role_type: "Editor", agent: editor, scope: "resource") }
|
18
|
+
let(:curator_role) { Role.build(role_type: "Curator", agent: curator, scope: "policy") }
|
19
|
+
let(:viewer_role) { Role.build(role_type: "Viewer", agent: viewer_group, scope: "policy") }
|
20
|
+
let(:policy_roles) { [curator_role, viewer_role] }
|
21
|
+
let(:resource_roles) { [contributor_role, downloader_role, editor_role] }
|
8
22
|
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
let(:other_group) { "Others" }
|
13
|
-
let(:contributor_group) { "Contributors" }
|
14
|
-
let(:downloader_group) { "Downloaders" }
|
15
|
-
let(:viewer_group) { "Viewers" }
|
16
|
-
let(:contributor_role) { Role.build(type: "Contributor", agent: contributor_group, scope: "resource") }
|
17
|
-
let(:downloader_role) { Role.build(type: "Downloader", agent: downloader_group, scope: "resource") }
|
18
|
-
let(:editor_role) { Role.build(type: "Editor", agent: editor, scope: "resource") }
|
19
|
-
let(:curator_role) { Role.build(type: "Curator", agent: curator, scope: "policy") }
|
20
|
-
let(:viewer_role) { Role.build(type: "Viewer", agent: viewer_group, scope: "policy") }
|
21
|
-
let(:policy_roles) { [curator_role, viewer_role] }
|
22
|
-
let(:resource_roles) { [contributor_role, downloader_role, editor_role] }
|
23
|
+
before do
|
24
|
+
role_set.roles = [contributor_role, downloader_role, editor_role, curator_role, viewer_role]
|
25
|
+
end
|
23
26
|
|
24
|
-
|
25
|
-
|
27
|
+
describe "filtering by role type" do
|
28
|
+
it "should filter by a type" do
|
29
|
+
expect(subject.where(role_type: "Contributor").to_a).to eq([contributor_role])
|
30
|
+
expect(subject.role_type("Contributor").to_a).to eq([contributor_role])
|
31
|
+
expect(subject.type("Contributor").to_a).to eq([contributor_role])
|
26
32
|
end
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
it "should filter by a list of types" do
|
35
|
-
expect(subject.where(role_type: ["Contributor", "Curator", "MetadataEditor"]).to_a)
|
36
|
-
.to eq([contributor_role, curator_role])
|
37
|
-
expect(subject.role_type(["Contributor", "Curator", "MetadataEditor"]).to_a)
|
38
|
-
.to eq([contributor_role, curator_role])
|
39
|
-
expect(subject.type(["Contributor", "Curator", "MetadataEditor"]).to_a)
|
40
|
-
.to eq([contributor_role, curator_role])
|
41
|
-
end
|
33
|
+
it "should filter by a list of types" do
|
34
|
+
expect(subject.where(role_type: ["Contributor", "Curator", "MetadataEditor"]).to_a)
|
35
|
+
.to eq([contributor_role, curator_role])
|
36
|
+
expect(subject.role_type(["Contributor", "Curator", "MetadataEditor"]).to_a)
|
37
|
+
.to eq([contributor_role, curator_role])
|
38
|
+
expect(subject.type(["Contributor", "Curator", "MetadataEditor"]).to_a)
|
39
|
+
.to eq([contributor_role, curator_role])
|
42
40
|
end
|
41
|
+
end
|
43
42
|
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
end
|
49
|
-
it "should filter by a list of agents" do
|
50
|
-
expect(subject.where(agent: [curator, other_person, downloader_group]).to_a)
|
51
|
-
.to eq([downloader_role, curator_role])
|
52
|
-
expect(subject.agent([curator, other_person, downloader_group]).to_a)
|
53
|
-
.to eq([downloader_role, curator_role])
|
54
|
-
end
|
43
|
+
describe "filtering by agent" do
|
44
|
+
it "should filter by an agent" do
|
45
|
+
expect(subject.where(agent: curator).to_a).to eq([curator_role])
|
46
|
+
expect(subject.agent(curator).to_a).to eq([curator_role])
|
55
47
|
end
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
end
|
62
|
-
it "should filter by the resource scope" do
|
63
|
-
expect(subject.where(scope: "resource").to_a).to eq(resource_roles)
|
64
|
-
expect(subject.scope("resource").to_a).to eq(resource_roles)
|
65
|
-
end
|
48
|
+
it "should filter by a list of agents" do
|
49
|
+
expect(subject.where(agent: [curator, other_person, downloader_group]).to_a)
|
50
|
+
.to eq([downloader_role, curator_role])
|
51
|
+
expect(subject.agent([curator, other_person, downloader_group]).to_a)
|
52
|
+
.to eq([downloader_role, curator_role])
|
66
53
|
end
|
67
|
-
|
68
54
|
end
|
69
55
|
|
70
|
-
describe "
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
56
|
+
describe "filtering by scope" do
|
57
|
+
it "should filter by the policy scope" do
|
58
|
+
expect(subject.where(scope: "policy").to_a).to eq(policy_roles)
|
59
|
+
expect(subject.scope("policy").to_a).to eq(policy_roles)
|
60
|
+
end
|
61
|
+
it "should filter by the resource scope" do
|
62
|
+
expect(subject.where(scope: "resource").to_a).to eq(resource_roles)
|
63
|
+
expect(subject.scope("resource").to_a).to eq(resource_roles)
|
75
64
|
end
|
76
|
-
let(:role_set) { PropertyRoleSet.new(role_assignable.new.role) }
|
77
|
-
it_behaves_like "a role set query"
|
78
|
-
end
|
79
|
-
|
80
|
-
describe "with a DetachedRoleSet" do
|
81
|
-
let(:role_set) { DetachedRoleSet.new }
|
82
|
-
it_behaves_like "a role set query"
|
83
65
|
end
|
84
66
|
|
85
67
|
end
|
68
|
+
|
86
69
|
end
|
87
70
|
end
|
@@ -0,0 +1,41 @@
|
|
1
|
+
module Ddr::Auth
|
2
|
+
module Roles
|
3
|
+
RSpec.describe RoleSet do
|
4
|
+
|
5
|
+
describe "JSON serialization / deserialization" do
|
6
|
+
subject { described_class.new roles: [role1, role2] }
|
7
|
+
|
8
|
+
let(:role1) { {role_type: "Editor", agent: "bob@example.com", scope: "resource"} }
|
9
|
+
let(:role2) { {role_type: "Curator", agent: "sue@example.com", scope: "policy"} }
|
10
|
+
let(:json) { "{\"roles\":[{\"agent\":\"bob@example.com\",\"role_type\":\"Editor\",\"scope\":\"resource\"},{\"agent\":\"sue@example.com\",\"role_type\":\"Curator\",\"scope\":\"policy\"}]}" }
|
11
|
+
|
12
|
+
its(:to_json) { is_expected.to eq(json) }
|
13
|
+
it "loads data from JSON" do
|
14
|
+
expect(described_class.from_json(json).roles).to eq(Set.new([Role.new(role1), Role.new(role2)]))
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
describe "conversion to array" do
|
19
|
+
subject { described_class.new roles: roles }
|
20
|
+
|
21
|
+
let(:roles) { FactoryGirl.build_list(:role, 3, :contributor, :person, :resource) }
|
22
|
+
|
23
|
+
its(:to_a) { is_expected.to be_a(Array) }
|
24
|
+
it { is_expected.to contain_exactly(*roles) }
|
25
|
+
end
|
26
|
+
|
27
|
+
describe "equality" do
|
28
|
+
subject { described_class.new roles: [role1, role2] }
|
29
|
+
|
30
|
+
let(:role1) { FactoryGirl.build(:role, :curator, :person, :policy) }
|
31
|
+
let(:role2) { FactoryGirl.build(:role, :editor, :group, :resource) }
|
32
|
+
let(:other) { described_class.new roles: [role2, role1] }
|
33
|
+
|
34
|
+
it "is equal to another role set if it has the same roles, regardless of order" do
|
35
|
+
expect(subject).to eq(other)
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
@@ -2,81 +2,84 @@ module Ddr::Auth
|
|
2
2
|
module Roles
|
3
3
|
RSpec.describe Role do
|
4
4
|
|
5
|
-
let(:agent) { "bob@example.com" }
|
6
|
-
|
7
|
-
describe "equality" do
|
8
|
-
subject { described_class.build(type: "Viewer", agent: "public", scope: "policy") }
|
9
|
-
describe "when two roles have the same type, agent and scope" do
|
10
|
-
let(:other) { described_class.build(type: "Viewer", agent: "public", scope: "policy") }
|
11
|
-
it { should eq(other) }
|
12
|
-
it { should eql(other) }
|
13
|
-
end
|
14
|
-
end
|
15
|
-
|
16
5
|
describe "scope" do
|
17
6
|
describe "default scope" do
|
18
|
-
subject { described_class.
|
19
|
-
its(:scope) {
|
7
|
+
subject { described_class.new(role_type: "Curator", agent: "bob") }
|
8
|
+
its(:scope) { is_expected.to eq(described_class::DEFAULT_SCOPE) }
|
20
9
|
end
|
21
10
|
describe "#in_resource_scope?" do
|
22
11
|
describe "when scope == 'resource'" do
|
23
|
-
subject { described_class.
|
24
|
-
it {
|
12
|
+
subject { described_class.new(role_type: "Curator", agent: "bob", scope: "resource") }
|
13
|
+
it { is_expected.to be_in_resource_scope }
|
25
14
|
end
|
26
15
|
describe "when scope != 'resource'" do
|
27
|
-
subject { described_class.
|
28
|
-
it {
|
16
|
+
subject { described_class.new(role_type: "Curator", agent: "bob", scope: "policy") }
|
17
|
+
it { is_expected.to_not be_in_resource_scope }
|
29
18
|
end
|
30
19
|
end
|
31
20
|
describe "#in_policy_scope?" do
|
32
21
|
describe "when scope != 'policy'" do
|
33
|
-
subject { described_class.
|
34
|
-
it {
|
22
|
+
subject { described_class.new(role_type: "Curator", agent: "bob", scope: "resource") }
|
23
|
+
it { is_expected.to_not be_in_policy_scope }
|
35
24
|
end
|
36
25
|
describe "when scope == 'policy'" do
|
37
|
-
subject { described_class.
|
38
|
-
it {
|
26
|
+
subject { described_class.new(role_type: "Curator", agent: "bob", scope: "policy") }
|
27
|
+
it { is_expected.to be_in_policy_scope }
|
39
28
|
end
|
40
29
|
end
|
41
30
|
end
|
42
31
|
|
43
32
|
describe "validation" do
|
44
|
-
it "
|
45
|
-
expect { described_class.
|
46
|
-
|
47
|
-
expect { described_class.
|
33
|
+
it "requires the presence of an agent" do
|
34
|
+
expect { described_class.new(role_type: "Curator", scope: "resource") }
|
35
|
+
.to raise_error(Ddr::Models::Error)
|
36
|
+
expect { described_class.new(role_type: "Curator", agent: nil, scope: "resource") }
|
37
|
+
.to raise_error(Ddr::Models::Error)
|
38
|
+
expect { described_class.new(role_type: "Curator", agent: "", scope: "resource") }
|
39
|
+
.to raise_error(Ddr::Models::Error)
|
48
40
|
end
|
49
|
-
it "
|
50
|
-
expect { described_class.
|
51
|
-
|
41
|
+
it "requires a valid scope" do
|
42
|
+
expect { described_class.new(role_type: "Curator", agent: "bob", scope: "") }
|
43
|
+
.to raise_error(Ddr::Models::Error)
|
44
|
+
expect { described_class.new(role_type: "Curator", agent: "bob", scope: "other") }
|
45
|
+
.to raise_error(Ddr::Models::Error)
|
52
46
|
end
|
53
|
-
it "
|
54
|
-
expect { described_class.
|
55
|
-
|
56
|
-
expect { described_class.
|
57
|
-
|
47
|
+
it "requires a valid type" do
|
48
|
+
expect { described_class.new(agent: "bob", scope: "policy") }
|
49
|
+
.to raise_error(Ddr::Models::Error)
|
50
|
+
expect { described_class.new(role_type: nil, agent: "bob", scope: "policy") }
|
51
|
+
.to raise_error(Ddr::Models::Error)
|
52
|
+
expect { described_class.new(role_type: "", agent: "bob", scope: "policy") }
|
53
|
+
.to raise_error(Ddr::Models::Error)
|
54
|
+
expect { described_class.new(role_type: "Invalid", agent: "bob", scope: "policy") }
|
55
|
+
.to raise_error(Ddr::Models::Error)
|
58
56
|
end
|
59
57
|
end
|
60
58
|
|
61
59
|
describe "serialization / deserialization" do
|
62
60
|
subject { FactoryGirl.build(:role, :curator, :person, :resource) }
|
63
|
-
it {
|
64
|
-
|
61
|
+
it { is_expected.to eq(described_class.from_json(subject.to_json)) }
|
62
|
+
end
|
63
|
+
|
64
|
+
describe "attribute value coercion" do
|
65
|
+
subject { described_class.new(role_type: ["Curator"], agent: user, scope: :resource) }
|
66
|
+
let(:user) { ::User.new(username: "bob") }
|
67
|
+
its(:role_type) { is_expected.to eq("Curator") }
|
68
|
+
its(:agent) { is_expected.to eq("bob") }
|
69
|
+
its(:scope) { is_expected.to eq("resource") }
|
65
70
|
end
|
66
71
|
|
67
72
|
Roles.type_map.each_key do |type|
|
68
73
|
describe "#{type} role type" do
|
69
74
|
Roles::SCOPES.each do |scope|
|
70
75
|
describe "#{scope} scope" do
|
71
|
-
subject { described_class.
|
76
|
+
subject { described_class.new(role_type: type, agent: "bob", scope: scope) }
|
72
77
|
it { is_expected.to be_valid }
|
73
|
-
its(:
|
74
|
-
its(:agent) { is_expected.to eq([agent]) }
|
75
|
-
its(:scope) { is_expected.to eq([scope]) }
|
76
|
-
its(:to_h) { is_expected.to eq({"role_type"=>[type], "agent"=>[agent], "scope"=>[scope]}) }
|
78
|
+
its(:to_h) { is_expected.to eq({role_type: type, agent: "bob", scope: scope}) }
|
77
79
|
its(:permissions) { is_expected.to eq(Roles.type_map[type].permissions) }
|
78
|
-
it "
|
79
|
-
expect(subject).to eq(described_class.
|
80
|
+
it "is a value object" do
|
81
|
+
expect(subject).to eq(described_class.new(role_type: type, agent: "bob", scope: scope))
|
82
|
+
expect(subject).to eql(described_class.new(role_type: type, agent: "bob", scope: scope))
|
80
83
|
end
|
81
84
|
end
|
82
85
|
end
|
@@ -35,7 +35,7 @@ RSpec.describe Collection, type: :model do
|
|
35
35
|
let(:user) { FactoryGirl.build(:user) }
|
36
36
|
before { subject.grant_roles_to_creator(user) }
|
37
37
|
it "should include Curator roles in both resource abd policy scopes" do
|
38
|
-
expect(subject.roles.to_a).to eq([Ddr::Auth::Roles::Role.build(
|
38
|
+
expect(subject.roles.to_a).to eq([Ddr::Auth::Roles::Role.build(role_type: "Curator", agent: user.agent, scope: "resource"), Ddr::Auth::Roles::Role.build(role_type: "Curator", agent: user.agent, scope: "policy")])
|
39
39
|
end
|
40
40
|
end
|
41
41
|
|
@@ -163,7 +163,7 @@ module Ddr::Models
|
|
163
163
|
describe "#grant_roles_to_creator" do
|
164
164
|
let(:user) { FactoryGirl.build(:user) }
|
165
165
|
before { subject.grant_roles_to_creator(user) }
|
166
|
-
its(:roles) { should include(Ddr::Auth::Roles::Role.build(
|
166
|
+
its(:roles) { should include(Ddr::Auth::Roles::Role.build(role_type: "Editor", agent: user.agent, scope: "resource")) }
|
167
167
|
end
|
168
168
|
|
169
169
|
describe "persistence" do
|
@@ -172,7 +172,7 @@ module Ddr::Models
|
|
172
172
|
subject.roles.grant role
|
173
173
|
subject.save!
|
174
174
|
subject.reload
|
175
|
-
expect(subject.roles).to contain_exactly(role)
|
175
|
+
expect(subject.roles.role_set).to contain_exactly(role)
|
176
176
|
end
|
177
177
|
end
|
178
178
|
|
@@ -27,8 +27,8 @@ module Ddr::Models
|
|
27
27
|
its([Indexing::PERMANENT_URL]) { is_expected.to eq("http://id.library.duke.edu/ark:/99999/fk4zzz") }
|
28
28
|
its([Indexing::DISPLAY_FORMAT]) { is_expected.to eq("Image") }
|
29
29
|
its([Indexing::ACCESS_ROLE]) { is_expected.to eq(obj.roles.to_json) }
|
30
|
-
its([Indexing::POLICY_ROLE]) { is_expected.to contain_exactly(role2.agent
|
31
|
-
its([Indexing::RESOURCE_ROLE]) { is_expected.to contain_exactly(role1.agent
|
30
|
+
its([Indexing::POLICY_ROLE]) { is_expected.to contain_exactly(role2.agent, role3.agent, role4.agent) }
|
31
|
+
its([Indexing::RESOURCE_ROLE]) { is_expected.to contain_exactly(role1.agent) }
|
32
32
|
|
33
33
|
end
|
34
34
|
end
|