hydra-access-controls 7.1.0 → 7.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d571199bff2f9ddd36d310d407cf91ca6ae8ee39
-  data.tar.gz: f0b1fbb7e08b80ca95f65f7482b88a4663d845ee
+  metadata.gz: 44aafdf338a4b52e0e6167731b143c972e0128a2
+  data.tar.gz: 7b38311e025e77f318acc5e5b8e5bcb150a7d841
 SHA512:
-  metadata.gz: ff1a99172103f63cb660eec1df2b1cce4e9b5b69fac5c3a76d6c26dd3c1db95726a4f3b7125b8a1361d8a60042169bc0e91d45ac6ddddda978d58a603eafebec
-  data.tar.gz: f28021dffed759533327bc3a360d1f5b208779fa639f4137b27258154b9afcb2b831dbc1b1dd9e10bf0ed87bf8a8d0b39af7b898f86d12a39f2ce717045ec7ab
+  metadata.gz: fa1f2d942f030d3a3bd4b2d9cc004fc7f6b34503ae10b93f9c75f770ec24571e0a821185eb293ca594409bf70333d35c178f42f8a1de9aef825c79425845e79b
+  data.tar.gz: b2cf0122a5823a1321f3c0df3a0726c36449dcd78a566377cf1c203df892b4925da19a64159e672384edbaa0e04e1b92617f27497dfac1ff5be944cf49428eec

data/app/models/concerns/hydra/access_controls/embargoable.rb

@@ -43,6 +43,7 @@ module Hydra
       end
 
       def deactivate_embargo!
+        return unless embargo_release_date
         embargo_state = under_embargo? ? "active" : "expired"
         embargo_record = embargo_history_message(embargo_state, Date.today, embargo_release_date, visibility_during_embargo, visibility_after_embargo)
         self.embargo_release_date = nil
@@ -114,6 +115,7 @@ module Hydra
       end
 
       def deactivate_lease!
+        return unless lease_expiration_date
         lease_state = active_lease? ? "active" : "expired"
         lease_record = lease_history_message(lease_state, Date.today, lease_expiration_date, visibility_during_lease, visibility_after_lease)
         self.lease_expiration_date = nil

data/hydra-access-controls.gemspec

@@ -19,7 +19,7 @@ Gem::Specification.new do |gem|
   gem.required_ruby_version = '>= 1.9.3'
 
   gem.add_dependency 'activesupport'
-  gem.add_dependency "active-fedora", '~> 7.0.0'
+  gem.add_dependency "active-fedora", '~> 7.0'
   gem.add_dependency "om", '~> 3.0', '>= 3.0.7'
   gem.add_dependency 'cancancan'
   gem.add_dependency 'deprecation'

data/lib/hydra/ability.rb

@@ -48,7 +48,7 @@ module Hydra
     
 
     def hydra_default_permissions
-      logger.debug("Usergroups are " + user_groups.inspect)
+      Rails.logger.debug("Usergroups are " + user_groups.inspect)
       self.ability_logic.each do |method|
         send(method)
       end
@@ -102,15 +102,15 @@ module Hydra
     protected
 
     def test_edit(pid)
-      logger.debug("[CANCAN] Checking edit permissions for user: #{current_user.user_key} with groups: #{user_groups.inspect}")
+      Rails.logger.debug("[CANCAN] Checking edit permissions for user: #{current_user.user_key} with groups: #{user_groups.inspect}")
       group_intersection = user_groups & edit_groups(pid)
       result = !group_intersection.empty? || edit_users(pid).include?(current_user.user_key)
-      logger.debug("[CANCAN] decision: #{result}")
+      Rails.logger.debug("[CANCAN] decision: #{result}")
       result
     end   
     
     def test_read(pid)
-      logger.debug("[CANCAN] Checking read permissions for user: #{current_user.user_key} with groups: #{user_groups.inspect}")
+      Rails.logger.debug("[CANCAN] Checking read permissions for user: #{current_user.user_key} with groups: #{user_groups.inspect}")
       group_intersection = user_groups & read_groups(pid)
       result = !group_intersection.empty? || read_users(pid).include?(current_user.user_key)
       result
@@ -120,7 +120,7 @@ module Hydra
       doc = permissions_doc(pid)
       return [] if doc.nil?
       eg = doc[self.class.edit_group_field] || []
-      logger.debug("[CANCAN] edit_groups: #{eg.inspect}")
+      Rails.logger.debug("[CANCAN] edit_groups: #{eg.inspect}")
       return eg
     end
 
@@ -129,7 +129,7 @@ module Hydra
       doc = permissions_doc(pid)
       return [] if doc.nil?
       rg = edit_groups(pid) | (doc[self.class.read_group_field] || [])
-      logger.debug("[CANCAN] read_groups: #{rg.inspect}")
+      Rails.logger.debug("[CANCAN] read_groups: #{rg.inspect}")
       return rg
     end
 
@@ -137,7 +137,7 @@ module Hydra
       doc = permissions_doc(pid)
       return [] if doc.nil?
       ep = doc[self.class.edit_user_field] ||  []
-      logger.debug("[CANCAN] edit_users: #{ep.inspect}")
+      Rails.logger.debug("[CANCAN] edit_users: #{ep.inspect}")
       return ep
     end
 
@@ -146,7 +146,7 @@ module Hydra
       doc = permissions_doc(pid)
       return [] if doc.nil?
       rp = edit_users(pid) | (doc[self.class.read_user_field] || [])
-      logger.debug("[CANCAN] read_users: #{rp.inspect}")
+      Rails.logger.debug("[CANCAN] read_users: #{rp.inspect}")
       return rp
     end
 

data/lib/hydra/config.rb

@@ -68,7 +68,7 @@ module Hydra
           when :policy_class
             self.policy_class = value
           when :owner
-            logger.warn "':owner' is no longer a valid configuration for Hydra. Please remove it from your configuration."
+            Rails.logger.warn "':owner' is no longer a valid configuration for Hydra. Please remove it from your configuration."
           else
             raise "Unknown key `#{key.inspect}`"
         end

data/lib/hydra/datastream/rights_metadata.rb

@@ -97,11 +97,9 @@ module Hydra
               xml.machine
             }
             xml.embargo{
-              xml.human
               xml.machine
             }
             xml.lease{
-              xml.human
               xml.machine
             }
           }

data/lib/hydra/policy_aware_ability.rb

@@ -53,10 +53,10 @@ module Hydra::PolicyAwareAbility
     if policy_pid.nil?
       return false
     else
-      logger.debug("[CANCAN] -policy- Does the POLICY #{policy_pid} provide EDIT permissions for #{current_user.user_key}?")
+      Rails.logger.debug("[CANCAN] -policy- Does the POLICY #{policy_pid} provide EDIT permissions for #{current_user.user_key}?")
       group_intersection = user_groups & edit_groups_from_policy( policy_pid )
       result = !group_intersection.empty? || edit_users_from_policy( policy_pid ).include?(current_user.user_key)
-      logger.debug("[CANCAN] -policy- decision: #{result}")
+      Rails.logger.debug("[CANCAN] -policy- decision: #{result}")
       return result
     end
   end   
@@ -67,10 +67,10 @@ module Hydra::PolicyAwareAbility
     if policy_pid.nil?
       return false
     else
-      logger.debug("[CANCAN] -policy- Does the POLICY #{policy_pid} provide READ permissions for #{current_user.user_key}?")
+      Rails.logger.debug("[CANCAN] -policy- Does the POLICY #{policy_pid} provide READ permissions for #{current_user.user_key}?")
       group_intersection = user_groups & read_groups_from_policy( policy_pid )
       result = !group_intersection.empty? || read_users_from_policy( policy_pid ).include?(current_user.user_key)
-      logger.debug("[CANCAN] -policy- decision: #{result}")
+      Rails.logger.debug("[CANCAN] -policy- decision: #{result}")
       result
     end
   end 
@@ -80,7 +80,7 @@ module Hydra::PolicyAwareAbility
     policy_permissions = policy_permissions_doc(policy_pid)
     edit_group_field = Hydra.config[:permissions][:inheritable][:edit][:group]
     eg = ((policy_permissions == nil || policy_permissions.fetch(edit_group_field,nil) == nil) ? [] : policy_permissions.fetch(edit_group_field,nil))
-    logger.debug("[CANCAN] -policy- edit_groups: #{eg.inspect}")
+    Rails.logger.debug("[CANCAN] -policy- edit_groups: #{eg.inspect}")
     return eg
   end
 
@@ -90,7 +90,7 @@ module Hydra::PolicyAwareAbility
     policy_permissions = policy_permissions_doc(policy_pid)
     read_group_field = Hydra.config[:permissions][:inheritable][:read][:group]
     rg = edit_groups_from_policy(policy_pid) | ((policy_permissions == nil || policy_permissions.fetch(read_group_field,nil) == nil) ? [] : policy_permissions.fetch(read_group_field,nil))
-    logger.debug("[CANCAN] -policy- read_groups: #{rg.inspect}")
+    Rails.logger.debug("[CANCAN] -policy- read_groups: #{rg.inspect}")
     return rg
   end
 
@@ -104,7 +104,7 @@ module Hydra::PolicyAwareAbility
     policy_permissions = policy_permissions_doc(policy_pid)
     edit_user_field = Hydra.config[:permissions][:inheritable][:edit][:individual]
     eu = ((policy_permissions == nil || policy_permissions.fetch(edit_user_field,nil) == nil) ? [] : policy_permissions.fetch(edit_user_field,nil))
-    logger.debug("[CANCAN] -policy- edit_users: #{eu.inspect}")
+    Rails.logger.debug("[CANCAN] -policy- edit_users: #{eu.inspect}")
     return eu
   end
 
@@ -119,7 +119,7 @@ module Hydra::PolicyAwareAbility
     policy_permissions = policy_permissions_doc(policy_pid)
     read_user_field = Hydra.config[:permissions][:inheritable][:read][:individual]
     ru = edit_users_from_policy(policy_pid) | ((policy_permissions == nil || policy_permissions.fetch(read_user_field, nil) == nil) ? [] : policy_permissions.fetch(read_user_field, nil))
-    logger.debug("[CANCAN] -policy- read_users: #{ru.inspect}")
+    Rails.logger.debug("[CANCAN] -policy- read_users: #{ru.inspect}")
     return ru
   end
   

data/spec/spec_helper.rb

@@ -18,7 +18,6 @@ end
 
 
 require 'support/rails'
-Object.logger = Logger.new(File.expand_path('../test.log', __FILE__))
 
 # Since we're not doing a Rails Engine test, we have to load these classes manually:
 require_relative '../app/models/role_mapper'

data/spec/support/rails.rb

@@ -2,15 +2,22 @@
 I18n.load_path << 'config/locales/hydra-access-controls.en.yml'
 
 module Rails
-  def self.env
-    ENV['environment']
-  end
+  class << self
+    def env
+      ENV['environment']
+    end
 
-  def self.version
-    "0.0.0"
-    #"hydra-access-controls mock rails"
-  end
-  def self.root
-    'spec/support'
+    def version
+      "0.0.0"
+      #"hydra-access-controls mock rails"
+    end
+
+    def root
+      'spec/support'
+    end
+
+    def logger
+      @@logger ||= Logger.new(File.expand_path('../../test.log', __FILE__)).tap { |logger| logger.level = Logger::WARN }
+    end
   end
 end

data/spec/unit/access_controls_enforcement_spec.rb

@@ -12,6 +12,8 @@ describe Hydra::AccessControlsEnforcement do
 
       def session
       end
+
+      delegate :logger, to: :Rails
     end
   end
   subject { MockController.new }
@@ -23,14 +25,14 @@ describe Hydra::AccessControlsEnforcement do
     end
     context "Given I am not logged in" do
       before do
-        subject.stub(:current_user).and_return(User.new(:new_record=>true))
+        allow(subject).to receive(:current_user).and_return(User.new(:new_record=>true))
         subject.send(:apply_gated_discovery, @solr_parameters, @user_parameters)
       end
       it "Then I should be treated as a member of the 'public' group" do
         expect(@solr_parameters[:fq].first).to eq 'edit_access_group_ssim:public OR discover_access_group_ssim:public OR read_access_group_ssim:public'
       end
       it "Then I should not be treated as a member of the 'registered' group" do
-        @solr_parameters[:fq].first.should_not match(/registered/) 
+        expect(@solr_parameters[:fq].first).to_not match(/registered/) 
       end
       it "Then I should not have individual or group permissions"
       it "Should changed based on the discovery_perissions" do
@@ -38,7 +40,7 @@ describe Hydra::AccessControlsEnforcement do
         discovery_permissions = ["read","edit"]
         subject.send(:apply_gated_discovery, @solr_parameters, @user_parameters)
         ["edit","read"].each do |type|
-          @solr_parameters[:fq].first.should match(/#{type}_access_group_ssim\:public/)      
+          expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:public/)      
         end
       end
     end
@@ -46,27 +48,27 @@ describe Hydra::AccessControlsEnforcement do
       before do
         @user = FactoryGirl.build(:martia_morocco)
         @user.new_record = false
-        User.stub(:find_by_user_key).and_return(@user)
+        allow(User).to receive(:find_by_user_key).and_return(@user)
         # This is a pretty fragile way to stub it...
-        RoleMapper.stub(:byname).and_return(@user.user_key=>["faculty", "africana-faculty"])
-        subject.stub(:current_user).and_return(@user)
+        allow(RoleMapper).to receive(:byname).and_return(@user.user_key=>["faculty", "africana-faculty"])
+        allow(subject).to receive(:current_user).and_return(@user)
         subject.send(:apply_gated_discovery, @solr_parameters, @user_parameters)
       end
       it "Then I should be treated as a member of the 'public' and 'registered' groups" do
         ["discover","edit","read"].each do |type|
-          @solr_parameters[:fq].first.should match(/#{type}_access_group_ssim\:public/)  
-          @solr_parameters[:fq].first.should match(/#{type}_access_group_ssim\:registered/)      
+          expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:public/)  
+          expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:registered/)      
         end
       end
       it "Then I should see assets that I have discover, read, or edit access to" do
         ["discover","edit","read"].each do |type|
-          @solr_parameters[:fq].first.should match(/#{type}_access_person_ssim\:#{@user.user_key}/)      
+          expect(@solr_parameters[:fq].first).to match(/#{type}_access_person_ssim\:#{@user.user_key}/)      
         end
       end
       it "Then I should see assets that my groups have discover, read, or edit access to" do
         ["faculty", "africana-faculty"].each do |group_id|
           ["discover","edit","read"].each do |type|
-            @solr_parameters[:fq].first.should match(/#{type}_access_group_ssim\:#{group_id}/)      
+            expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:#{group_id}/)      
           end
         end
       end
@@ -76,7 +78,7 @@ describe Hydra::AccessControlsEnforcement do
         subject.send(:apply_gated_discovery, @solr_parameters, @user_parameters)
         ["faculty", "africana-faculty"].each do |group_id|
           ["edit","read"].each do |type|
-            @solr_parameters[:fq].first.should match(/#{type}_access_group_ssim\:#{group_id}/)      
+            expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:#{group_id}/)      
           end
         end
       end
@@ -86,72 +88,73 @@ describe Hydra::AccessControlsEnforcement do
   describe "enforce_show_permissions" do
     it "should allow a user w/ edit permissions to view an embargoed object" do
       user = User.new :uid=>'testuser@example.com'
-      RoleMapper.stub(:roles).with(user).and_return(["archivist"])
-      subject.stub(:current_user).and_return(user)
-      subject.stub(:can?).with(:read, nil).and_return(true)
+      allow(RoleMapper).to receive(:roles).with(user).and_return(["archivist"])
+      allow(subject).to receive(:current_user).and_return(user)
+      allow(subject).to receive(:can?).with(:read, nil).and_return(true)
       stub_doc = Hydra::PermissionsSolrDocument.new({"edit_access_person_ssim"=>["testuser@example.com"], "embargo_release_date_dtsi"=>(Date.parse(Time.now.to_s)+2).to_s})
 
       subject.params = {}
-      subject.should_receive(:can?).with(:edit, stub_doc).and_return(true)
-      subject.current_ability.should_receive(:get_permissions_solr_response_for_doc_id).and_return(stub_doc)
-      expect {subject.send(:enforce_show_permissions, {}) }.not_to raise_error Hydra::AccessDenied
+      expect(subject).to receive(:can?).with(:edit, stub_doc).and_return(true)
+      expect(subject).to receive(:can?).with(:read, stub_doc).and_return(true)
+      expect(subject.current_ability).to receive(:get_permissions_solr_response_for_doc_id).and_return(stub_doc)
+      expect { subject.send(:enforce_show_permissions, {}) }.not_to raise_error
     end
     it "should prevent a user w/o edit permissions from viewing an embargoed object" do
       user = User.new :uid=>'testuser@example.com'
-      RoleMapper.stub(:roles).with(user).and_return([])
-      subject.stub(:current_user).and_return(user)
-      subject.stub(:can?).with(:read, nil).and_return(true)
+      allow(RoleMapper).to receive(:roles).with(user).and_return([])
+      allow(subject).to receive(:current_user).and_return(user)
+      allow(subject).to receive(:can?).with(:read, nil).and_return(true)
       subject.params = {}
       stub_doc = Hydra::PermissionsSolrDocument.new({"edit_access_person_ssim"=>["testuser@example.com"], "embargo_release_date_dtsi"=>(Date.parse(Time.now.to_s)+2).to_s})
-      subject.current_ability.should_receive(:get_permissions_solr_response_for_doc_id).and_return(stub_doc)
-      subject.should_receive(:can?).with(:edit, stub_doc).and_return(false)
-      lambda {subject.send(:enforce_show_permissions, {})}.should raise_error Hydra::AccessDenied, "This item is under embargo.  You do not have sufficient access privileges to read this document."
+      expect(subject.current_ability).to receive(:get_permissions_solr_response_for_doc_id).and_return(stub_doc)
+      expect(subject).to receive(:can?).with(:edit, stub_doc).and_return(false)
+      expect {subject.send(:enforce_show_permissions, {})}.to raise_error Hydra::AccessDenied, "This item is under embargo.  You do not have sufficient access privileges to read this document."
     end
   end
   describe "apply_gated_discovery" do
     before(:each) do
       @stub_user = User.new :uid=>'archivist1@example.com'
-      RoleMapper.stub(:roles).with(@stub_user).and_return(["archivist","researcher"])
-      subject.stub(:current_user).and_return(@stub_user)
+      allow(RoleMapper).to receive(:roles).with(@stub_user).and_return(["archivist","researcher"])
+      allow(subject).to receive(:current_user).and_return(@stub_user)
       @solr_parameters = {}
       @user_parameters = {}
     end
     it "should set query fields for the user id checking against the discover, access, read fields" do
       subject.send(:apply_gated_discovery, @solr_parameters, @user_parameters)
       ["discover","edit","read"].each do |type|
-        @solr_parameters[:fq].first.should match(/#{type}_access_person_ssim\:#{@stub_user.user_key}/)      
+        expect(@solr_parameters[:fq].first).to match(/#{type}_access_person_ssim\:#{@stub_user.user_key}/)      
       end
     end
     it "should set query fields for all roles the user is a member of checking against the discover, access, read fields" do
       subject.send(:apply_gated_discovery, @solr_parameters, @user_parameters)
       ["discover","edit","read"].each do |type|
-        @solr_parameters[:fq].first.should match(/#{type}_access_group_ssim\:archivist/)        
-        @solr_parameters[:fq].first.should match(/#{type}_access_group_ssim\:researcher/)        
+        expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:archivist/)        
+        expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:researcher/)        
       end
     end
 
     it "should escape slashes in the group names" do
-      RoleMapper.stub(:roles).with(@stub_user).and_return(["abc/123","cde/567"])
+      allow(RoleMapper).to receive(:roles).with(@stub_user).and_return(["abc/123","cde/567"])
       subject.send(:apply_gated_discovery, @solr_parameters, @user_parameters)
       ["discover","edit","read"].each do |type|
-        @solr_parameters[:fq].first.should match(/#{type}_access_group_ssim\:abc\\\/123/)        
-        @solr_parameters[:fq].first.should match(/#{type}_access_group_ssim\:cde\\\/567/)        
+        expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:abc\\\/123/)        
+        expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:cde\\\/567/)        
       end
     end
     it "should escape spaces in the group names" do
-      RoleMapper.stub(:roles).with(@stub_user).and_return(["abc 123","cd/e 567"])
+      allow(RoleMapper).to receive(:roles).with(@stub_user).and_return(["abc 123","cd/e 567"])
       subject.send(:apply_gated_discovery, @solr_parameters, @user_parameters)
       ["discover","edit","read"].each do |type|
-        @solr_parameters[:fq].first.should match(/#{type}_access_group_ssim\:abc\\ 123/)
-        @solr_parameters[:fq].first.should match(/#{type}_access_group_ssim\:cd\\\/e\\ 567/)
+        expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:abc\\ 123/)
+        expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:cd\\\/e\\ 567/)
       end
     end
     it "should escape colons in the group names" do
-      RoleMapper.stub(:roles).with(@stub_user).and_return(["abc:123","cde:567"])
+      allow(RoleMapper).to receive(:roles).with(@stub_user).and_return(["abc:123","cde:567"])
       subject.send(:apply_gated_discovery, @solr_parameters, @user_parameters)
       ["discover","edit","read"].each do |type|
-        @solr_parameters[:fq].first.should match(/#{type}_access_group_ssim\:abc\\:123/)
-        @solr_parameters[:fq].first.should match(/#{type}_access_group_ssim\:cde\\:567/)
+        expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:abc\\:123/)
+        expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:cde\\:567/)
       end
     end
   end
@@ -160,19 +163,19 @@ describe Hydra::AccessControlsEnforcement do
     describe "when the user is a guest user (user key nil)" do
       before do
         stub_user = User.new
-        subject.stub(:current_user).and_return(stub_user)
+        allow(subject).to receive(:current_user).and_return(stub_user)
       end
       it "should not create filters" do
-        subject.send(:apply_user_permissions, ["edit","discover","read"]).should == []
+        expect(subject.send(:apply_user_permissions, ["edit","discover","read"])).to eq []
       end
     end
     describe "when the user is a guest user (user key empty string)" do
       before do
         stub_user = User.new :uid=>''
-        subject.stub(:current_user).and_return(stub_user)
+        allow(subject).to receive(:current_user).and_return(stub_user)
       end
       it "should not create filters" do
-        subject.send(:apply_user_permissions, ["edit","discover","read"]).should == []
+        expect(subject.send(:apply_user_permissions, ["edit","discover","read"])).to eq []
       end
     end
   end

data/spec/unit/embargoable_spec.rb

@@ -73,7 +73,8 @@ describe Hydra::AccessControls::Embargoable do
         expect(subject.embargo_release_date).to be_nil
         expect(subject.visibility_during_embargo).to be_nil
         expect(subject.visibility_after_embargo).to be_nil
-        expect(subject.embargo_history.last).to include("An expired embargo was deactivated on #{Date.today}.")
+        expect(subject.embargo_history.size).to eq 1
+        expect(subject.embargo_history.first).to include("An expired embargo was deactivated on #{Date.today}.")
       end
     end
 
@@ -87,7 +88,17 @@ describe Hydra::AccessControls::Embargoable do
         expect(subject.embargo_release_date).to be_nil
         expect(subject.visibility_during_embargo).to be_nil
         expect(subject.visibility_after_embargo).to be_nil
-        expect(subject.embargo_history.last).to include("An active embargo was deactivated on #{Date.today}.")
+        expect(subject.embargo_history.size).to eq 1
+        expect(subject.embargo_history.first).to include("An active embargo was deactivated on #{Date.today}.")
+      end
+    end
+
+    context "when there is no embargo" do
+      let(:release_date) { nil }
+
+      it "should not do anything" do
+        subject.deactivate_embargo!
+        expect(subject.embargo_history).to eq []
       end
     end
   end
@@ -123,9 +134,11 @@ describe Hydra::AccessControls::Embargoable do
         expect(subject.lease_expiration_date).to be_nil
         expect(subject.visibility_during_lease).to be_nil
         expect(subject.visibility_after_lease).to be_nil
-        expect(subject.lease_history.last).to include("An expired lease was deactivated on #{Date.today}.")
+        expect(subject.lease_history.size).to eq 1
+        expect(subject.lease_history.first).to include("An expired lease was deactivated on #{Date.today}.")
       end
     end
+
     context "when the lease is active" do
       let(:expiration_date) { future_date.to_s }
 
@@ -136,7 +149,17 @@ describe Hydra::AccessControls::Embargoable do
         expect(subject.lease_expiration_date).to be_nil
         expect(subject.visibility_during_lease).to be_nil
         expect(subject.visibility_after_lease).to be_nil
-        expect(subject.lease_history.last).to include("An active lease was deactivated on #{Date.today}.")
+        expect(subject.lease_history.size).to eq 1
+        expect(subject.lease_history.first).to include("An active lease was deactivated on #{Date.today}.")
+      end
+    end
+
+    context "when there is no lease" do
+      let(:expiration_date) { nil }
+
+      it "should not do anything" do
+        subject.deactivate_lease!
+        expect(subject.lease_history).to eq []
       end
     end
   end

data/spec/unit/policy_aware_access_controls_enforcement_spec.rb

@@ -13,6 +13,8 @@ describe Hydra::PolicyAwareAccessControlsEnforcement do
 
       def session
       end
+
+      delegate :logger, to: :Rails
     end
     
     @sample_policies = []

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: hydra-access-controls
 version: !ruby/object:Gem::Version
-  version: 7.1.0
+  version: 7.2.0
 platform: ruby
 authors:
 - Chris Beer
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-06-23 00:00:00.000000000 Z
+date: 2014-07-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -32,14 +32,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 7.0.0
+        version: '7.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 7.0.0
+        version: '7.0'
 - !ruby/object:Gem::Dependency
   name: om
   requirement: !ruby/object:Gem::Requirement