RubyGems - hydra-access-controls - Versions diffs - 6.5.2 → 7.0.0.pre1 - Mend

hydra-access-controls 6.5.2 → 7.0.0.pre1

Files changed (28) hide show

checksums.yaml +4 -4
data/app/models/concerns/hydra/access_controls/permissions.rb +18 -13
data/hydra-access-controls.gemspec +2 -2
data/lib/hydra-access-controls.rb +13 -7
data/lib/hydra/ability.rb +35 -18
data/lib/hydra/access_controls/permission.rb +1 -6
data/lib/hydra/access_controls_enforcement.rb +8 -9
data/lib/hydra/admin_policy.rb +3 -3
data/lib/hydra/config.rb +152 -0
data/lib/hydra/datastream/inheritable_rights_metadata.rb +5 -7
data/lib/hydra/datastream/rights_metadata.rb +17 -19
data/lib/hydra/permissions_query.rb +3 -1
data/lib/hydra/policy_aware_ability.rb +24 -13
data/lib/hydra/policy_aware_access_controls_enforcement.rb +19 -11
data/spec/spec_helper.rb +0 -8
data/spec/support/mods_asset.rb +1 -2
data/spec/support/solr_document.rb +6 -1
data/spec/unit/ability_spec.rb +67 -85
data/spec/unit/access_controls_enforcement_spec.rb +3 -3
data/spec/unit/admin_policy_spec.rb +0 -17
data/spec/unit/config_spec.rb +48 -0
data/spec/unit/hydra_rights_metadata_persistence_spec.rb +1 -1
data/spec/unit/hydra_rights_metadata_spec.rb +0 -5
data/spec/unit/permissions_spec.rb +80 -72
metadata +12 -14
data/lib/hydra/model_mixins/rights_metadata.rb +0 -27
data/spec/unit/permission_spec.rb +0 -28
data/spec/unit/rights_metadata_spec.rb +0 -104

data/spec/unit/rights_metadata_spec.rb DELETED

@@ -1,104 +0,0 @@
-require 'spec_helper'
-describe Hydra::ModelMixins::RightsMetadata do
-  subject { ModsAsset.new }
-  it "should have a set of permissions" do
-    subject.discover_groups=['group1', 'group2']
-    subject.edit_users=['user1']
-    subject.read_users=['user2', 'user3']
-    subject.permissions.should include(Hydra::AccessControls::Permission.new({:type=>"group", :access=>"discover", :name=>"group1"}),
-        Hydra::AccessControls::Permission.new({:type=>"group", :access=>"discover", :name=>"group2"}),
-        Hydra::AccessControls::Permission.new({:type=>"user", :access=>"read", :name=>"user2"}),
-        Hydra::AccessControls::Permission.new({:type=>"user", :access=>"read", :name=>"user3"}),
-        Hydra::AccessControls::Permission.new({:type=>"user", :access=>"edit", :name=>"user1"}))
-  end
-  describe "updating permissions" do
-    it "should create new group permissions" do
-      subject.permissions_attributes = [{:name=>'group1', :access=>'discover', :type=>'group'}]
-      subject.permissions.should == [Hydra::AccessControls::Permission.new({:type=>'group', :access=>'discover', :name=>'group1'})]
-    end
-    it "should create new user permissions" do
-      subject.permissions_attributes = [{:name=>'user1', :access=>'discover', :type=>'user'}]
-      subject.permissions.should == [Hydra::AccessControls::Permission.new({:type=>'user', :access=>'discover', :name=>'user1'})]
-    end
-    it "should not replace existing groups" do
-      subject.permissions_attributes = [{:name=>'group1', :access=>'discover', :type=>'group'}]
-      subject.permissions_attributes = [{:name=>'group2', :access=>'discover', :type=>'group'}]
-      subject.permissions.should == [Hydra::AccessControls::Permission.new({:type=>'group', :access=>'discover', :name=>'group1'}),
-                                   Hydra::AccessControls::Permission.new({:type=>'group', :access=>'discover', :name=>'group2'})]
-    end
-    it "should not replace existing users" do
-      subject.permissions_attributes = [{:name=>'user1', :access=>'discover', :type=>'user'}]
-      subject.permissions_attributes = [{:name=>'user2', :access=>'discover', :type=>'user'}]
-      subject.permissions.should == [Hydra::AccessControls::Permission.new({:type=>'user', :access=>'discover', :name=>'user1'}),
-                                   Hydra::AccessControls::Permission.new({:type=>'user', :access=>'discover', :name=>'user2'})]
-    end
-    it "should update permissions on existing users" do
-      subject.permissions_attributes = [{:name=>'user1', :access=>'discover', :type=>'user'}]
-      subject.permissions_attributes = [{:name=>'user1', :access=>'edit', :type=>'user'}]
-      subject.permissions.should == [Hydra::AccessControls::Permission.new({:type=>'user', :access=>'edit', :name=>'user1'})]
-    end
-    it "should update permissions on existing groups" do
-      subject.permissions_attributes = [{:name=>'group1', :access=>'discover', :type=>'group'}]
-      subject.permissions_attributes = [{:name=>'group1', :access=>'edit', :type=>'group'}]
-      subject.permissions.should == [Hydra::AccessControls::Permission.new({:type=>'group', :access=>'edit', :name=>'group1'})]
-    end
-    it "should assign user permissions when :type == 'person'" do
-      subject.permissions_attributes = [{:name=>'user1', :access=>'discover', :type=>'person'}]
-      subject.permissions.should == [Hydra::AccessControls::Permission.new({:type=>'user', :access=>'discover', :name=>'user1'})]
-    end
-    it "should raise an ArgumentError when the :type hashkey is invalid" do
-      expect{subject.permissions_attributes = [{:name=>'user1', :access=>'read', :type=>'foo'}]}.to raise_error(ArgumentError)
-    end
-  end
-  context "to_solr" do
-    let(:embargo_release_date) { "2010-12-01" }
-    before do
-      subject.rightsMetadata.embargo_release_date = embargo_release_date
-      subject.rightsMetadata.update_permissions("person"=>{"person1"=>"read","person2"=>"discover"}, "group"=>{'group-6' => 'read', "group-7"=>'read', 'group-8'=>'edit'})
-    end
-    it "should produce a solr document" do
-      result = subject.rightsMetadata.to_solr
-      result.size.should == 5
-      ## Wrote the test in this way, because the implementation uses a hash, and the hash order is not deterministic (especially in ruby 1.8.7)
-      result['read_access_group_ssim'].size.should == 2
-      result['read_access_group_ssim'].should include('group-6', 'group-7')
-      result['edit_access_group_ssim'].should == ['group-8']
-      result['discover_access_person_ssim'].should == ['person2']
-      result['read_access_person_ssim'].should == ['person1']
-      result['embargo_release_date_dtsi'].should == subject.rightsMetadata.embargo_release_date(:format => :solr_date)
-    end
-  end
-  context "with rightsMetadata" do
-    before do
-      subject.rightsMetadata.update_permissions("person"=>{"person1"=>"read","person2"=>"discover"}, "group"=>{'group-6' => 'read', "group-7"=>'read', 'group-8'=>'edit'})
-    end
-    it "should have read groups accessor" do
-      subject.read_groups.should == ['group-6', 'group-7']
-    end
-    it "should have read groups string accessor" do
-      subject.read_groups_string.should == 'group-6, group-7'
-    end
-    it "should have read groups writer" do
-      subject.read_groups = ['group-2', 'group-3']
-      subject.rightsMetadata.groups.should == {'group-2' => 'read', 'group-3'=>'read', 'group-8' => 'edit'}
-      subject.rightsMetadata.individuals.should == {"person1"=>"read","person2"=>"discover"}
-    end
-    it "should have read groups string writer" do
-      subject.read_groups_string = 'umg/up.dlt.staff, group-3'
-      subject.rightsMetadata.groups.should == {'umg/up.dlt.staff' => 'read', 'group-3'=>'read', 'group-8' => 'edit'}
-      subject.rightsMetadata.individuals.should == {"person1"=>"read","person2"=>"discover"}
-    end
-    it "should only revoke eligible groups" do
-      subject.set_read_groups(['group-2', 'group-3'], ['group-6'])
-      # 'group-7' is not eligible to be revoked
-      subject.rightsMetadata.groups.should == {'group-2' => 'read', 'group-3'=>'read', 'group-7' => 'read', 'group-8' => 'edit'}
-      subject.rightsMetadata.individuals.should == {"person1"=>"read","person2"=>"discover"}
-    end
-  end
-end