hydra-access-controls 6.0.0.rc2 → 6.0.0.rc3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. data/lib/hydra/ability.rb +4 -3
  2. data/lib/hydra/access_controls_enforcement.rb +1 -2
  3. data/lib/hydra/permissions_cache.rb +10 -8
  4. data/lib/hydra/permissions_query.rb +2 -2
  5. data/spec/unit/access_controls_enforcement_spec.rb +2 -3
  6. metadata +2 -2
data/lib/hydra/ability.rb CHANGED
@@ -20,12 +20,13 @@ module Hydra
20
20
  Hydra.config[:user_model] ? Hydra.config[:user_model].constantize : ::User
21
21
  end
22
22
 
23
- attr_reader :current_user, :session
23
+ attr_reader :current_user, :session, :cache
24
24
 
25
25
  def initialize(user, session=nil)
26
26
  @current_user = user || Hydra::Ability.user_class.new # guest user (not logged in)
27
27
  @user = @current_user # just in case someone was using this in an override. Just don't.
28
28
  @session = session
29
+ @cache = Hydra::PermissionsCache.new
29
30
  hydra_default_permissions()
30
31
  end
31
32
 
@@ -66,7 +67,7 @@ module Hydra
66
67
  end
67
68
 
68
69
  can :edit, SolrDocument do |obj|
69
- PermissionsCache.put(obj.id, obj)
70
+ cache.put(obj.id, obj)
70
71
  test_edit(obj.id)
71
72
  end
72
73
  end
@@ -81,7 +82,7 @@ module Hydra
81
82
  end
82
83
 
83
84
  can :read, SolrDocument do |obj|
84
- PermissionsCache.put(obj.id, obj)
85
+ cache.put(obj.id, obj)
85
86
  test_read(obj.id)
86
87
  end
87
88
  end
data/lib/hydra/access_controls_enforcement.rb CHANGED
@@ -3,7 +3,6 @@ module Hydra::AccessControlsEnforcement
3
3
 
4
4
  included do
5
5
  include Hydra::AccessControlsEvaluation
6
- include Hydra::PermissionsQuery
7
6
  class_attribute :solr_access_filters_logic
8
7
 
9
8
  # Set defaults. Each symbol identifies a _method_ that must be in
@@ -58,7 +57,7 @@ module Hydra::AccessControlsEnforcement
58
57
  # Controller "before" filter for enforcing access controls on show actions
59
58
  # @param [Hash] opts (optional, not currently used)
60
59
  def enforce_show_permissions(opts={})
61
- permissions = permissions_doc(params[:id])
60
+ permissions = current_ability.permissions_doc(params[:id])
62
61
  unless permissions.is_public?
63
62
  #its not 'public'
64
63
  if permissions.under_embargo? && !can?(:edit, permissions)
data/lib/hydra/permissions_cache.rb CHANGED
@@ -1,16 +1,18 @@
1
- module Hydra::PermissionsCache
2
- @@cache = {}
1
+ class Hydra::PermissionsCache
2
+ def initialize
3
+ clear
4
+ end
3
5
 
4
- def self.get(pid)
5
- @@cache[pid]
6
+ def get(pid)
7
+ @cache[pid]
6
8
  end
7
9
 
8
- def self.put(pid, doc)
9
- @@cache[pid] = doc
10
+ def put(pid, doc)
11
+ @cache[pid] = doc
10
12
  end
11
13
 
12
- def self.clear
13
- @@cache = {}
14
+ def clear
15
+ @cache = {}
14
16
  end
15
17
 
16
18
  end
data/lib/hydra/permissions_query.rb CHANGED
@@ -6,10 +6,10 @@ module Hydra
6
6
  end
7
7
 
8
8
  def permissions_doc(pid)
9
- doc = Hydra::PermissionsCache.get(pid)
9
+ doc = cache.get(pid)
10
10
  unless doc
11
11
  doc = get_permissions_solr_response_for_doc_id(pid)
12
- Hydra::PermissionsCache.put(pid, doc)
12
+ cache.put(pid, doc)
13
13
  end
14
14
  doc
15
15
  end
data/spec/unit/access_controls_enforcement_spec.rb CHANGED
@@ -77,19 +77,18 @@ describe Hydra::AccessControlsEnforcement do
77
77
 
78
78
  subject.params = {}
79
79
  subject.should_receive(:can?).with(:edit, stub_doc).and_return(true)
80
- subject.should_receive(:get_permissions_solr_response_for_doc_id).and_return(stub_doc)
80
+ subject.current_ability.should_receive(:get_permissions_solr_response_for_doc_id).and_return(stub_doc)
81
81
  lambda {subject.send(:enforce_show_permissions, {}) }.should_not raise_error Hydra::AccessDenied
82
82
  end
83
83
  it "should prevent a user w/o edit permissions from viewing an embargoed object" do
84
- Hydra::PermissionsCache.clear()
85
84
  user = User.new :uid=>'testuser@example.com'
86
85
  RoleMapper.stub(:roles).with(user.user_key).and_return([])
87
86
  subject.stub(:current_user).and_return(user)
88
87
  subject.stub(:can?).with(:read, nil).and_return(true)
89
88
  subject.params = {}
90
89
  stub_doc = Hydra::PermissionsSolrDocument.new({"edit_access_person_ssim"=>["testuser@example.com"], "embargo_release_date_dtsi"=>(Date.parse(Time.now.to_s)+2).to_s})
90
+ subject.current_ability.should_receive(:get_permissions_solr_response_for_doc_id).and_return(stub_doc)
91
91
  subject.should_receive(:can?).with(:edit, stub_doc).and_return(false)
92
- subject.should_receive(:get_permissions_solr_response_for_doc_id).and_return(stub_doc)
93
92
  lambda {subject.send(:enforce_show_permissions, {})}.should raise_error Hydra::AccessDenied, "This item is under embargo. You do not have sufficient access privileges to read this document."
94
93
  end
95
94
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: hydra-access-controls
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.0.0.rc2
4
+ version: 6.0.0.rc3
5
5
  prerelease: 6
6
6
  platform: ruby
7
7
  authors:
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2013-02-19 00:00:00.000000000 Z
14
+ date: 2013-02-20 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: activesupport