hydra-access-controls 6.5.2 → 7.0.0.pre1

data/lib/hydra/datastream/inheritable_rights_metadata.rb

@@ -7,13 +7,11 @@ module Hydra
       @terminology = Hydra::Datastream::RightsMetadata.terminology
   
       def to_solr(solr_doc=Hash.new)
-        solr_doc[ActiveFedora::SolrService.solr_name('inheritable_discover_access_group', indexer)] = discover_access.machine.group
-        solr_doc[ActiveFedora::SolrService.solr_name('inheritable_discover_access_person', indexer)] = discover_access.machine.person
-        solr_doc[ActiveFedora::SolrService.solr_name('inheritable_read_access_group', indexer)] = read_access.machine.group
-        solr_doc[ActiveFedora::SolrService.solr_name('inheritable_read_access_person', indexer)] = read_access.machine.person
-        solr_doc[ActiveFedora::SolrService.solr_name('inheritable_edit_access_group', indexer)] = edit_access.machine.group
-        solr_doc[ActiveFedora::SolrService.solr_name('inheritable_edit_access_person', indexer)] = edit_access.machine.person
-        solr_doc[ActiveFedora::SolrService.solr_name('inheritable_embargo_release_date', date_indexer)] = embargo_release_date
+        [:discover, :read, :edit].each do |access|
+          solr_doc[Hydra.config[:permissions][:inheritable][access][:group]] = send("#{access}_access").machine.group
+          solr_doc[Hydra.config[:permissions][:inheritable][access][:individual]] = send("#{access}_access").machine.person
+        end
+        solr_doc[Hydra.config[:permissions][:inheritable][:embargo_release_date]] = embargo_release_date
         return solr_doc
       end
     end

data/lib/hydra/datastream/rights_metadata.rb

@@ -3,6 +3,7 @@ module Hydra
   module Datastream
     # Implements Hydra RightsMetadata XML terminology for asserting access permissions
     class RightsMetadata < ActiveFedora::OmDatastream       
+      extend Deprecation
       
       set_terminology do |t|
         t.root(:path=>"rightsMetadata", :xmlns=>"http://hydra-collab.stanford.edu/schemas/rightsMetadata/v1", :schema=>"http://github.com/projecthydra/schemas/tree/v1/rightsMetadata.xsd") 
@@ -125,9 +126,14 @@ module Hydra
         return quick_search_by_type(:group)
       end
       
-      # Reports on which groups have which permissions
-      # @return Hash in format {person_name => person_permissions, person_name => person_permissions}
       def individuals
+        Deprecation.warn(RightsMetadata, "The method `individuals' is deprecated and will be removed from Hydra::Datastream::RightsMetadata in hydra-head 8.0.  Use `users' instead.", caller)
+        users
+      end
+
+      # Reports on which users have which permissions
+      # @return Hash in format {user_name => user_permissions, user_name => user_permissions}
+      def users
         return quick_search_by_type(:person)
       end
       
@@ -147,7 +153,7 @@ module Hydra
         group_ids = groups.keys | groups_for_update
         group_ids.each {|group_id| self.permissions({"group"=>group_id}, params['group'].fetch(group_id, 'none'))}
         users_for_update = params['person'] ? params['person'].keys : []
-        user_ids = individuals.keys | users_for_update
+        user_ids = users.keys | users_for_update
         user_ids.each {|person_id| self.permissions({"person"=>person_id}, params['person'].fetch(person_id, 'none'))}
       end
       
@@ -170,7 +176,7 @@ module Hydra
       def embargo_release_date=(release_date)
         release_date = release_date.to_s if release_date.is_a? Date
         begin
-          release_date.nil? || Date.parse(release_date)
+          Date.parse(release_date)
         rescue 
           return "INVALID DATE"
         end
@@ -189,22 +195,14 @@ module Hydra
 
       def to_solr(solr_doc=Hash.new)
         super(solr_doc)
-        vals = edit_access.machine.group
-        solr_doc[ActiveFedora::SolrService.solr_name('edit_access_group', indexer)] = vals unless vals.empty?
-        vals = discover_access.machine.group
-        solr_doc[ActiveFedora::SolrService.solr_name('discover_access_group', indexer)] = vals unless vals.empty?
-        vals = read_access.machine.group
-        solr_doc[ActiveFedora::SolrService.solr_name('read_access_group', indexer)] = vals unless vals.empty?
-        vals = edit_access.machine.person
-        solr_doc[ActiveFedora::SolrService.solr_name('edit_access_person', indexer)] = vals unless vals.empty?
-        vals = discover_access.machine.person
-        solr_doc[ActiveFedora::SolrService.solr_name('discover_access_person', indexer)] = vals unless vals.empty?
-        vals = read_access.machine.person
-        solr_doc[ActiveFedora::SolrService.solr_name('read_access_person', indexer)] = vals unless vals.empty?
-
+        [:discover, :read, :edit].each do |access|
+          vals = send("#{access}_access").machine.group
+          solr_doc[Hydra.config[:permissions][access][:group]] = vals unless vals.empty?
+          vals = send("#{access}_access").machine.person
+          solr_doc[Hydra.config[:permissions][access][:individual]] = vals unless vals.empty?
+        end
         if embargo_release_date
-          embargo_release_date_solr_key_name = ActiveFedora::SolrService.solr_name("embargo_release_date", date_indexer)
-          ::Solrizer::Extractor.insert_solr_field_value(solr_doc, embargo_release_date_solr_key_name , embargo_release_date(:format=>:solr_date))
+          ::Solrizer::Extractor.insert_solr_field_value(solr_doc, Hydra.config[:permissions][:embargo_release_date], embargo_release_date(:format=>:solr_date))
         end
         solr_doc
       end

data/lib/hydra/permissions_query.rb

@@ -24,8 +24,10 @@ module Hydra
     # @param [Hash] extra_controller_params (optional)
     def get_permissions_solr_response_for_doc_id(id=nil, extra_controller_params={})
       raise Blacklight::Exceptions::InvalidSolrID.new("The application is trying to retrieve permissions without specifying an asset id") if id.nil?
+      #solr_response = Blacklight.solr.get permissions_solr_doc_params(id).merge(extra_controller_params)
+      #path = blacklight_config.solr_path
       solr_opts = permissions_solr_doc_params(id).merge(extra_controller_params)
-      response = ActiveFedora::SolrService.instance.conn.get('select', :params=>solr_opts)
+      response = Blacklight.solr.get('select', :params=> solr_opts)
       solr_response = Blacklight::SolrResponse.new(force_to_utf8(response), solr_opts)
 
       raise Blacklight::Exceptions::InvalidSolrID.new("The solr permissions search handler didn't return anything for id \"#{id}\"") if solr_response.docs.empty?

data/lib/hydra/policy_aware_ability.rb

@@ -1,6 +1,7 @@
 # Repeats access controls evaluation methods, but checks against a governing "Policy" object (or "Collection" object) that provides inherited access controls.
 module Hydra::PolicyAwareAbility
   extend ActiveSupport::Concern
+  extend Deprecation
   include Hydra::Ability
   
   # Extends Hydra::Ability.test_edit to try policy controls if object-level controls deny access
@@ -54,7 +55,7 @@ module Hydra::PolicyAwareAbility
     else
       logger.debug("[CANCAN] -policy- Does the POLICY #{policy_pid} provide EDIT permissions for #{current_user.user_key}?")
       group_intersection = user_groups & edit_groups_from_policy( policy_pid )
-      result = !group_intersection.empty? || edit_persons_from_policy( policy_pid ).include?(current_user.user_key)
+      result = !group_intersection.empty? || edit_users_from_policy( policy_pid ).include?(current_user.user_key)
       logger.debug("[CANCAN] -policy- decision: #{result}")
       return result
     end
@@ -68,7 +69,7 @@ module Hydra::PolicyAwareAbility
     else
       logger.debug("[CANCAN] -policy- Does the POLICY #{policy_pid} provide READ permissions for #{current_user.user_key}?")
       group_intersection = user_groups & read_groups_from_policy( policy_pid )
-      result = !group_intersection.empty? || read_persons_from_policy( policy_pid ).include?(current_user.user_key)
+      result = !group_intersection.empty? || read_users_from_policy( policy_pid ).include?(current_user.user_key)
       logger.debug("[CANCAN] -policy- decision: #{result}")
       result
     end
@@ -93,23 +94,33 @@ module Hydra::PolicyAwareAbility
     return rg
   end
 
-  # Returns the list of individuals granted edit access by the policy object identified by policy_pid
   def edit_persons_from_policy(policy_pid)
+    Deprecation.warn(Hydra::PolicyAwareAbility, "The edit_persons_from_policy method is deprecated and will be removed from Hydra::PolicyAwareAbility in hydra-head 8.0.  Use edit_users_from_policy instead.", caller)
+    edit_users_from_policy(policy_pid)
+  end
+
+  # Returns the list of users granted edit access by the policy object identified by policy_pid
+  def edit_users_from_policy(policy_pid)
     policy_permissions = policy_permissions_doc(policy_pid)
-    edit_person_field = Hydra.config[:permissions][:inheritable][:edit][:individual]
-    ep = ((policy_permissions == nil || policy_permissions.fetch(edit_person_field,nil) == nil) ? [] : policy_permissions.fetch(edit_person_field,nil))
-    logger.debug("[CANCAN] -policy- edit_persons: #{ep.inspect}")
-    return ep
+    edit_user_field = Hydra.config[:permissions][:inheritable][:edit][:individual]
+    eu = ((policy_permissions == nil || policy_permissions.fetch(edit_user_field,nil) == nil) ? [] : policy_permissions.fetch(edit_user_field,nil))
+    logger.debug("[CANCAN] -policy- edit_users: #{eu.inspect}")
+    return eu
   end
 
-  # Returns the list of individuals granted read access by the policy object identified by policy_pid
-  # Noate: edit implies read, so read_persons is the union of edit and read persons
   def read_persons_from_policy(policy_pid)
+    Deprecation.warn(Hydra::PolicyAwareAbility, "The read_persons_from_policy method is deprecated and will be removed from Hydra::PolicyAwareAbility in hydra-head 8.0.  Use read_users_from_policy instead.", caller)
+    read_users_from_policy(policy_pid)
+  end
+
+  # Returns the list of users granted read access by the policy object identified by policy_pid
+  # Note: edit implies read, so read_users is the union of edit and read users
+  def read_users_from_policy(policy_pid)
     policy_permissions = policy_permissions_doc(policy_pid)
-    read_individual_field = Hydra.config[:permissions][:inheritable][:read][:individual]
-    rp = edit_persons_from_policy(policy_pid) | ((policy_permissions == nil || policy_permissions.fetch(read_individual_field,nil) == nil) ? [] : policy_permissions.fetch(read_individual_field,nil))
-    logger.debug("[CANCAN] -policy- read_persons: #{rp.inspect}")
-    return rp
+    read_user_field = Hydra.config[:permissions][:inheritable][:read][:individual]
+    ru = edit_users_from_policy(policy_pid) | ((policy_permissions == nil || policy_permissions.fetch(read_user_field, nil) == nil) ? [] : policy_permissions.fetch(read_user_field, nil))
+    logger.debug("[CANCAN] -policy- read_users: #{ru.inspect}")
+    return ru
   end
   
   private

data/lib/hydra/policy_aware_access_controls_enforcement.rb

@@ -1,5 +1,6 @@
 # Repeats access controls evaluation methods, but checks against a governing "Policy" object (or "Collection" object) that provides inherited access controls.
 module Hydra::PolicyAwareAccessControlsEnforcement
+  extend Deprecation
   
   # Extends Hydra::AccessControlsEnforcement.apply_gated_discovery to reflect policy-provided access
   # appends the result of policy_clauses into the :fq
@@ -11,7 +12,6 @@ module Hydra::PolicyAwareAccessControlsEnforcement
     logger.debug("POLICY-aware Solr parameters: #{ solr_parameters.inspect }")
   end
 
-
   # returns solr query for finding all objects whose policies grant discover access to current_user
   def policy_clauses 
     policy_pids = policies_with_access
@@ -19,33 +19,41 @@ module Hydra::PolicyAwareAccessControlsEnforcement
     '(' + policy_pids.map {|pid| ActiveFedora::SolrService.construct_query_for_rel(is_governed_by: "info:fedora/#{pid}")}.join(' OR ') + ')'
   end
   
-  
-  # find all the policies that grant discover/read/edit permissions to this user or any of it's groups
+  # find all the policies that grant discover/read/edit permissions to this user or any of its groups
   def policies_with_access
     #### TODO -- Memoize this and put it in the session?
     user_access_filters = []
-    # Grant access based on user id & role
-    user_access_filters += apply_policy_role_permissions(discovery_permissions)
-    user_access_filters += apply_policy_individual_permissions(discovery_permissions)
+    # Grant access based on user id & group
+    user_access_filters += apply_policy_group_permissions(discovery_permissions)
+    user_access_filters += apply_policy_user_permissions(discovery_permissions)
     result = policy_class.find_with_conditions( user_access_filters.join(" OR "), :fl => "id", :rows => policy_class.count )
     logger.debug "get policies: #{result}\n\n"
     result.map {|h| h['id']}
   end
   
-  
   def apply_policy_role_permissions(permission_types = discovery_permissions)
-      # for roles
+    Deprecation.warn(Hydra::PolicyAwareAccessControlsEnforcement, "The method apply_policy_role_permissions is deprecated and will be removed from Hydra::PolicyAwareAccessControlsEnforcement in hydra-head 8.0.  Use apply_policy_group_permissions instead.", caller)
+    apply_policy_group_permissions(permission_types)
+  end
+
+  def apply_policy_group_permissions(permission_types = discovery_permissions)
+      # for groups
       user_access_filters = []
-      current_ability.user_groups.each_with_index do |role, i|
+      current_ability.user_groups.each_with_index do |group, i|
         permission_types.each do |type|
-          user_access_filters << escape_filter(ActiveFedora::SolrService.solr_name("inheritable_#{type}_access_group", Hydra::Datastream::RightsMetadata.indexer ), role)
+          user_access_filters << escape_filter(ActiveFedora::SolrService.solr_name("inheritable_#{type}_access_group", Hydra::Datastream::RightsMetadata.indexer ), group)
         end
       end
       user_access_filters
   end
 
   def apply_policy_individual_permissions(permission_types = discovery_permissions)
-    # for individual person access
+    Deprecation.warn(Hydra::PolicyAwareAccessControlsEnforcement, "The method apply_policy_individual_permissions is deprecated and will be removed from Hydra::PolicyAwareAccessControlsEnforcement in hydra-head 8.0.  Use apply_policy_user_permissions instead.", caller)
+    apply_policy_user_permissions(permission_types)
+  end
+
+  def apply_policy_user_permissions(permission_types = discovery_permissions)
+    # for individual user access
     user_access_filters = []
     if current_user
       permission_types.each do |type|

data/spec/spec_helper.rb

@@ -4,14 +4,6 @@ require 'rspec/mocks'
 require 'rspec/autorun'
 require 'hydra-access-controls'
 
-module Hydra
-  # Stubbing Hydra.config[:policy_aware] so Hydra::PolicyAwareAbility will be loaded for tests.
-  def self.config
-    {:permissions=>{:policy_aware => true}}
-  end
-end
-
-
 $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
 $LOAD_PATH.unshift(File.dirname(__FILE__))
 Hydra::Engine.config.autoload_paths.each { |path| $LOAD_PATH.unshift path }

data/spec/support/mods_asset.rb

@@ -1,8 +1,7 @@
 require 'active-fedora'
-
 class ModsAsset < ActiveFedora::Base
   include Hydra::AccessControls::Permissions
- 
+  
   # This is how we're associating admin policies with assets.  
   # You can associate them however you want, just use the :is_governed_by relationship
   belongs_to :admin_policy, :class_name=> "Hydra::AdminPolicy", :property=>:is_governed_by

data/spec/support/solr_document.rb

@@ -2,7 +2,12 @@ class SolrDocument
   def initialize(source_doc={}, solr_response=nil)
     @source_doc = source_doc
   end
-  def fetch(field, default)
+
+  def id
+    fetch(:id)
+  end
+
+  def fetch(field, default = nil)
     @source_doc[field]
   end
 

data/spec/unit/ability_spec.rb

@@ -1,31 +1,13 @@
 require 'spec_helper'
+require 'cancan/matchers'
 
 describe Ability do
-  before do
-    Hydra.stub(:config).and_return({
-      :permissions=>{
-        :discover => {:group =>"discover_access_group_ssim", :individual=>"discover_access_person_ssim"},
-        :read => {:group =>"read_access_group_ssim", :individual=>"read_access_person_ssim"},
-        :edit => {:group =>"edit_access_group_ssim", :individual=>"edit_access_person_ssim"},
-        :owner => "depositor_t",
-        :embargo_release_date => "embargo_release_date_dtsi",
-      
-        :inheritable => {
-          :discover => {:group =>"inheritable_discover_access_group_ssim", :individual=>"inheritable_discover_access_person_ssim"},
-          :read => {:group =>"inheritable_read_access_group_ssim", :individual=>"inheritable_read_access_person_ssim"},
-          :edit => {:group =>"inheritable_edit_access_group_ssim", :individual=>"inheritable_edit_access_person_ssim"},
-          :owner => "inheritable_depositor_ssim",
-          :embargo_release_date => "inheritable_embargo_release_date_dtsi"
-        }
-    }})
-  end
-
   describe "class methods" do
     subject { Ability }
     its(:read_group_field) { should == 'read_access_group_ssim'}
-    its(:read_person_field) { should == 'read_access_person_ssim'}
+    its(:read_user_field) { should == 'read_access_person_ssim'}
     its(:edit_group_field) { should == 'edit_access_group_ssim'}
-    its(:edit_person_field) { should == 'edit_access_person_ssim'}
+    its(:edit_user_field) { should == 'edit_access_person_ssim'}
   end
 
   context "for a not-signed in user" do
@@ -38,17 +20,18 @@ describe Ability do
       Ability.any_instance.should_receive(:custom_permissions)
       subject.can?(:delete, 7)
     end
-    it "should not be able to create objects" do
-      subject.can?(:create, :any).should be_false
+    it "should not be able to create ActiveFedora::Base objects" do
+      subject.should_not be_able_to(:create, ActiveFedora::Base)
     end
   end
+
   context "for a signed in user" do
     before do
       @user = FactoryGirl.build(:registered_user)
     end
     subject { Ability.new(@user) }
-    it "should be able to create objects" do
-      subject.can?(:create, :any).should be_true
+    it "should not be able to create ActiveFedora::Base objects" do
+      subject.should_not be_able_to(:create, ActiveFedora::Base)
     end
   end
 
@@ -94,56 +77,33 @@ describe Ability do
   end
   
   describe "Given an asset with no custom access set" do
-    before do
-      @asset = FactoryGirl.build(:default_access_asset)
-      @asset.save
-    end
+    let(:asset) { FactoryGirl.create(:default_access_asset) }
+    let(:solr_doc) { SolrDocument.new(asset.rightsMetadata.to_solr.merge(id: asset.pid)) }
     context "Then a not-signed-in user" do
-      before do
-        @user = User.new
-        @user.new_record = true
-      end
-      subject { Ability.new(@user) }
-      it "should not be able to view the asset" do
-        subject.can?(:read, @asset).should be_false
-      end
-      it "should not be able to edit, update and destroy the asset" do
-        subject.can?(:edit, @asset).should be_false
-        subject.can?(:update, @asset).should be_false
-        subject.can?(:destroy, @asset).should be_false
-      end
+      let(:user) { User.new.tap {|u| u.new_record = true } }
+      subject { Ability.new(user) }
+      it { should_not be_able_to(:read, asset) }
+      it { should_not be_able_to(:edit, asset) }
+      it { should_not be_able_to(:update, asset) }
+      it { should_not be_able_to(:destroy, asset) }
     end
     context "Then a registered user" do
-      before do
-        @user = FactoryGirl.build(:registered_user)
-      end
-      subject { Ability.new(@user) }
-      it "should not be able to view the asset" do
-        subject.can?(:read, @asset).should be_false
-      end
-      it "should not be able to edit, update and destroy the asset" do
-        subject.can?(:edit, @asset).should be_false
-        subject.can?(:update, @asset).should be_false
-        subject.can?(:destroy, @asset).should be_false
-      end
+      subject { Ability.new(FactoryGirl.build(:registered_user)) }
+      it { should_not be_able_to(:read, asset) }
+      it { should_not be_able_to(:edit, asset) }
+      it { should_not be_able_to(:update, asset) }
+      it { should_not be_able_to(:destroy, asset) }
     end
     context "Then the Creator" do
-      before do
-        @user = FactoryGirl.build(:joe_creator)
-      end
-      subject { Ability.new(@user) }
-
-      it "should be able to view the asset" do
-        subject.can?(:read, @asset).should be_true
-      end
-      it "should be able to edit, update and destroy the asset" do
-        subject.can?(:edit, @asset).should be_true
-        subject.can?(:update, @asset).should be_true
-        subject.can?(:destroy, @asset).should be_true
-      end
-      it "should not be able to see the admin view of the asset" do
-        subject.can?(:admin, @asset).should be_false
-      end
+      subject { Ability.new(FactoryGirl.build(:joe_creator)) }
+      it { should     be_able_to(:read, asset) }
+      it { should     be_able_to(:edit, asset) }
+      it { should     be_able_to(:edit, solr_doc) }
+      it { should     be_able_to(:update, asset) }
+      it { should     be_able_to(:update, solr_doc) }
+      it { should     be_able_to(:destroy, asset) }
+      it { should     be_able_to(:destroy, solr_doc) }
+      it { should_not be_able_to(:admin, asset) }
     end
   end
 
@@ -173,9 +133,8 @@ describe Ability do
   end
 
   describe "Given an asset with collaborator" do
-    before do
-      @asset = FactoryGirl.create(:group_edit_asset)
-    end
+    before { @asset = FactoryGirl.create(:group_edit_asset) }
+    after { @asset.destroy }
     context "Then a collaborator with edit access (user permision)" do
       before do
         @user = FactoryGirl.build(:calvin_collaborator)
@@ -251,17 +210,6 @@ describe Ability do
     end
   end
 
-  describe "a user" do
-    before do
-      @user = FactoryGirl.create(:staff)
-    end
-    subject { Ability.new(@user) }
-
-    it "should be able to create admin policies" do
-      subject.can?(:create, Hydra::AdminPolicy).should be_true
-    end
-
-  end
 
   describe "custom method" do
     before do
@@ -273,13 +221,14 @@ describe Ability do
           can :accept, ActiveFedora::Base
         end
       end
+      @user = FactoryGirl.create(:staff)
     end
 
     after do
       Object.send(:remove_const, :MyAbility)
     end
 
-    subject { MyAbility.new(FactoryGirl.create(:staff)) }
+    subject { MyAbility.new(@user) }
 
     it "should be set the custom permission" do
       subject.can?(:accept, ActiveFedora::Base).should be_true
@@ -293,6 +242,10 @@ describe Ability do
       @asset2 = FactoryGirl.create(:asset)
       @user = FactoryGirl.build(:calvin_collaborator) # has access to @asset1, but not @asset2
     end
+    after do
+      @asset1.destroy
+      @asset2.destroy
+    end
     subject { Ability.new(@user) }
     it "should be readable in the first instance and not in the second instance" do
       # We had a bug around this where it keeps returning the access for the first object queried
@@ -301,4 +254,33 @@ describe Ability do
     end
   end
 
+  describe "download permissions" do
+    subject { Ability.new(@user) }
+    before do
+      @asset = FactoryGirl.create(:asset)
+      @user = FactoryGirl.build(:user)
+    end
+    after { @asset.destroy }
+    context "user has read permission on the object" do
+      before do
+        @asset.read_users = [@user.user_key]
+        @asset.save
+      end
+      it "should permit the user to download the object's datastreams" do
+        subject.can?(:read, @asset).should be_true
+        @asset.datastreams.each_value do |ds|
+          subject.can?(:download, ds).should be_true
+        end
+      end
+    end
+    context "user lacks read permission on the object" do
+      it "should not permit the user to download the object's datastreams" do
+        subject.can?(:read, @asset).should be_false
+        @asset.datastreams.each_value do |ds|
+          subject.can?(:download, ds).should be_false
+        end
+      end
+    end
+  end
+
 end