hydra-access-controls 8.2.0 → 9.0.0.beta1

data/app/models/concerns/hydra/access_controls/permissions.rb

@@ -2,75 +2,64 @@ module Hydra
   module AccessControls
     module Permissions
       extend ActiveSupport::Concern
+      include Hydra::AccessControls::Visibility
 
       included do
-        include Hydra::AccessControls::Visibility
-        has_metadata "rightsMetadata", type: Hydra::Datastream::RightsMetadata
+        has_many :permissions, predicate: ::ACL.accessTo, class_name: 'Hydra::AccessControls::Permission', inverse_of: :access_to
+        accepts_nested_attributes_for :permissions, allow_destroy: true
+        alias_method :permissions_attributes_without_uniqueness=, :permissions_attributes=
+        alias_method :permissions_attributes=, :permissions_attributes_with_uniqueness=
+      end
+
+      def to_solr(solr_doc = {})
+        super.tap do |doc|
+          [:discover, :read, :edit].each do |access|
+            vals = send("#{access}_groups")
+            doc[Hydra.config.permissions[access].group] = vals unless vals.empty?
+            vals = send("#{access}_users")
+            doc[Hydra.config.permissions[access].individual] = vals unless vals.empty?
+          end
+        end
       end
 
-      ## Updates those permissions that are provided to it. Does not replace any permissions unless they are provided
-      # @example
-      #  obj.permissions_attributes= [{:name=>"group1", :access=>"discover", :type=>'group'},
-      #  {:name=>"group2", :access=>"discover", :type=>'group'}]
-      def permissions_attributes= attributes_collection
-        perm_hash = {'person' => rightsMetadata.users, 'group'=> rightsMetadata.groups}
-
+      # When chaging a permission for an object/user, ensure an update is done, not a duplicate
+      def permissions_attributes_with_uniqueness=(attributes_collection)
         if attributes_collection.is_a? Hash
-          attributes_collection = attributes_collection.sort_by { |i, _| i.to_i }.map { |_, attributes| attributes }
-        end
-
-        attributes_collection.each do |row|
-          row = row.with_indifferent_access
-          if row[:type] == 'user' || row[:type] == 'person'
-            if has_destroy_flag? row
-              perm_hash['person'].delete(row[:name])
-            else
-              perm_hash['person'][row[:name]] = row[:access]
-            end
-          elsif row[:type] == 'group'
-            perm_hash['group'][row[:name]] = row[:access]
-            if has_destroy_flag? row
-              perm_hash['group'].delete(row[:name])
-            else
-              perm_hash['group'][row[:name]] = row[:access]
-            end
+          keys = attributes_collection.keys
+          attributes_collection = if keys.include?('id') || keys.include?(:id)
+            Array(attributes_collection)
           else
-            raise ArgumentError, "Permission type must be 'user', 'person' (alias for 'user'), or 'group'"
+            attributes_collection.sort_by { |i, _| i.to_i }.map { |_, attributes| attributes }
           end
         end
-        
-        rightsMetadata.permissions = perm_hash
-      end
 
-      ## Returns a list with all the permissions on the object.
-      def permissions
-        (rightsMetadata.groups.map {|x| Permission.new(type: 'group', access: x[1], name: x[0] )} + 
-          rightsMetadata.users.map {|x|  Permission.new(type: 'user', access: x[1], name: x[0] )})
-      end
-
-      # @param values [Array<Permission>] a list of permission objects to set
-      def permissions= values
-        perm_hash = {'person' => {}, 'group'=> {}}
-        values.each do |perm|
-          if perm.type == 'user'
-            perm_hash['person'][perm.name] = perm.access
-          else
-            perm_hash['group'][perm.name] = perm.access
+        attributes_collection.each do |prop|
+          existing = case prop[:type]
+          when 'group'
+            search_by_type(:group)
+          when 'person'
+            search_by_type(:person)
           end
+
+          next unless existing
+          selected = existing.find { |perm| perm.agent_name == prop[:name] }
+          prop['id'] = selected.id if selected
         end
-        rightsMetadata.permissions = perm_hash
+
+        self.permissions_attributes_without_uniqueness=attributes_collection
       end
 
+
       # Return a list of groups that have discover permission
       def discover_groups
-        rightsMetadata.groups.map {|k, v| k if v == 'discover'}.compact
+        search_by_type_and_mode(:group, Hydra::ACL.Discover).map { |p| p.agent_name }
       end
 
       # Grant discover permissions to the groups specified. Revokes discover permission for all other groups.
       # @param[Array] groups a list of group names
       # @example
       #  r.discover_groups= ['one', 'two', 'three']
-      #  r.discover_groups 
+      #  r.discover_groups
       #  => ['one', 'two', 'three']
       #
       def discover_groups=(groups)
@@ -81,7 +70,7 @@ module Hydra
       # @param[String] groups a list of group names
       # @example
       #  r.discover_groups_string= 'one, two, three'
-      #  r.discover_groups 
+      #  r.discover_groups
       #  => ['one', 'two', 'three']
       #
       def discover_groups_string=(groups)
@@ -96,13 +85,13 @@ module Hydra
       # Grant discover permissions to the groups specified. Revokes discover permission for
       # any of the eligible_groups that are not in groups.
       # This may be used when different users are responsible for setting different
-      # groups.  Supply the groups the current user is responsible for as the 
+      # groups.  Supply the groups the current user is responsible for as the
       # 'eligible_groups'
       # @param[Array] groups a list of groups
-      # @param[Array] eligible_groups the groups that are eligible to have their discover permssion revoked. 
+      # @param[Array] eligible_groups the groups that are eligible to have their discover permssion revoked.
       # @example
       #  r.discover_groups = ['one', 'two', 'three']
-      #  r.discover_groups 
+      #  r.discover_groups
       #  => ['one', 'two', 'three']
       #  r.set_discover_groups(['one'], ['three'])
       #  r.discover_groups
@@ -113,14 +102,14 @@ module Hydra
       end
 
       def discover_users
-        rightsMetadata.users.map {|k, v| k if v == 'discover'}.compact
+        search_by_type_and_mode(:person, Hydra::ACL.Discover).map { |p| p.agent_name }
       end
 
       # Grant discover permissions to the users specified. Revokes discover permission for all other users.
       # @param[Array] users a list of usernames
       # @example
       #  r.discover_users= ['one', 'two', 'three']
-      #  r.discover_users 
+      #  r.discover_users
       #  => ['one', 'two', 'three']
       #
       def discover_users=(users)
@@ -131,7 +120,7 @@ module Hydra
       # @param[String] users a list of usernames
       # @example
       #  r.discover_users_string= 'one, two, three'
-      #  r.discover_users 
+      #  r.discover_users
       #  => ['one', 'two', 'three']
       #
       def discover_users_string=(users)
@@ -146,13 +135,13 @@ module Hydra
       # Grant discover permissions to the users specified. Revokes discover permission for
       # any of the eligible_users that are not in users.
       # This may be used when different users are responsible for setting different
-      # users.  Supply the users the current user is responsible for as the 
+      # users.  Supply the users the current user is responsible for as the
       # 'eligible_users'
       # @param[Array] users a list of users
-      # @param[Array] eligible_users the users that are eligible to have their discover permssion revoked. 
+      # @param[Array] eligible_users the users that are eligible to have their discover permssion revoked.
       # @example
       #  r.discover_users = ['one', 'two', 'three']
-      #  r.discover_users 
+      #  r.discover_users
       #  => ['one', 'two', 'three']
       #  r.set_discover_users(['one'], ['three'])
       #  r.discover_users
@@ -164,14 +153,14 @@ module Hydra
 
       # Return a list of groups that have discover permission
       def read_groups
-        rightsMetadata.groups.map {|k, v| k if v == 'read'}.compact
+        search_by_type_and_mode(:group, ::ACL.Read).map { |p| p.agent_name }
       end
 
       # Grant read permissions to the groups specified. Revokes read permission for all other groups.
       # @param[Array] groups a list of group names
       # @example
       #  r.read_groups= ['one', 'two', 'three']
-      #  r.read_groups 
+      #  r.read_groups
       #  => ['one', 'two', 'three']
       #
       def read_groups=(groups)
@@ -182,7 +171,7 @@ module Hydra
       # @param[String] groups a list of group names
       # @example
       #  r.read_groups_string= 'one, two, three'
-      #  r.read_groups 
+      #  r.read_groups
       #  => ['one', 'two', 'three']
       #
       def read_groups_string=(groups)
@@ -197,13 +186,13 @@ module Hydra
       # Grant read permissions to the groups specified. Revokes read permission for
       # any of the eligible_groups that are not in groups.
       # This may be used when different users are responsible for setting different
-      # groups.  Supply the groups the current user is responsible for as the 
+      # groups.  Supply the groups the current user is responsible for as the
       # 'eligible_groups'
       # @param[Array] groups a list of groups
-      # @param[Array] eligible_groups the groups that are eligible to have their read permssion revoked. 
+      # @param[Array] eligible_groups the groups that are eligible to have their read permssion revoked.
       # @example
       #  r.read_groups = ['one', 'two', 'three']
-      #  r.read_groups 
+      #  r.read_groups
       #  => ['one', 'two', 'three']
       #  r.set_read_groups(['one'], ['three'])
       #  r.read_groups
@@ -214,14 +203,14 @@ module Hydra
       end
 
       def read_users
-        rightsMetadata.users.map {|k, v| k if v == 'read'}.compact
+        search_by_type_and_mode(:person, ::ACL.Read).map { |p| p.agent_name }
       end
 
       # Grant read permissions to the users specified. Revokes read permission for all other users.
       # @param[Array] users a list of usernames
       # @example
       #  r.read_users= ['one', 'two', 'three']
-      #  r.read_users 
+      #  r.read_users
       #  => ['one', 'two', 'three']
       #
       def read_users=(users)
@@ -232,7 +221,7 @@ module Hydra
       # @param[String] users a list of usernames
       # @example
       #  r.read_users_string= 'one, two, three'
-      #  r.read_users 
+      #  r.read_users
       #  => ['one', 'two', 'three']
       #
       def read_users_string=(users)
@@ -247,13 +236,13 @@ module Hydra
       # Grant read permissions to the users specified. Revokes read permission for
       # any of the eligible_users that are not in users.
       # This may be used when different users are responsible for setting different
-      # users.  Supply the users the current user is responsible for as the 
+      # users.  Supply the users the current user is responsible for as the
       # 'eligible_users'
       # @param[Array] users a list of users
-      # @param[Array] eligible_users the users that are eligible to have their read permssion revoked. 
+      # @param[Array] eligible_users the users that are eligible to have their read permssion revoked.
       # @example
       #  r.read_users = ['one', 'two', 'three']
-      #  r.read_users 
+      #  r.read_users
       #  => ['one', 'two', 'three']
       #  r.set_read_users(['one'], ['three'])
       #  r.read_users
@@ -266,14 +255,14 @@ module Hydra
 
       # Return a list of groups that have edit permission
       def edit_groups
-        rightsMetadata.groups.map {|k, v| k if v == 'edit'}.compact
+        search_by_type_and_mode(:group, ::ACL.Write).map { |p| p.agent_name }
       end
 
       # Grant edit permissions to the groups specified. Revokes edit permission for all other groups.
       # @param[Array] groups a list of group names
       # @example
       #  r.edit_groups= ['one', 'two', 'three']
-      #  r.edit_groups 
+      #  r.edit_groups
       #  => ['one', 'two', 'three']
       #
       def edit_groups=(groups)
@@ -284,7 +273,7 @@ module Hydra
       # @param[String] groups a list of group names
       # @example
       #  r.edit_groups_string= 'one, two, three'
-      #  r.edit_groups 
+      #  r.edit_groups
       #  => ['one', 'two', 'three']
       #
       def edit_groups_string=(groups)
@@ -299,13 +288,13 @@ module Hydra
       # Grant edit permissions to the groups specified. Revokes edit permission for
       # any of the eligible_groups that are not in groups.
       # This may be used when different users are responsible for setting different
-      # groups.  Supply the groups the current user is responsible for as the 
+      # groups.  Supply the groups the current user is responsible for as the
       # 'eligible_groups'
       # @param[Array] groups a list of groups
-      # @param[Array] eligible_groups the groups that are eligible to have their edit permssion revoked. 
+      # @param[Array] eligible_groups the groups that are eligible to have their edit permssion revoked.
       # @example
       #  r.edit_groups = ['one', 'two', 'three']
-      #  r.edit_groups 
+      #  r.edit_groups
       #  => ['one', 'two', 'three']
       #  r.set_edit_groups(['one'], ['three'])
       #  r.edit_groups
@@ -316,14 +305,14 @@ module Hydra
       end
 
       def edit_users
-        rightsMetadata.users.map {|k, v| k if v == 'edit'}.compact
+        search_by_type_and_mode(:person, ::ACL.Write).map { |p| p.agent_name }
       end
 
       # Grant edit permissions to the groups specified. Revokes edit permission for all other groups.
       # @param[Array] users a list of usernames
       # @example
       #  r.edit_users= ['one', 'two', 'three']
-      #  r.edit_users 
+      #  r.edit_users
       #  => ['one', 'two', 'three']
       #
       def edit_users=(users)
@@ -333,13 +322,13 @@ module Hydra
       # Grant edit permissions to the users specified. Revokes edit permission for
       # any of the eligible_users that are not in users.
       # This may be used when different users are responsible for setting different
-      # users.  Supply the users the current user is responsible for as the 
+      # users.  Supply the users the current user is responsible for as the
       # 'eligible_users'
       # @param[Array] users a list of users
-      # @param[Array] eligible_users the users that are eligible to have their edit permssion revoked. 
+      # @param[Array] eligible_users the users that are eligible to have their edit permssion revoked.
       # @example
       #  r.edit_users = ['one', 'two', 'three']
-      #  r.edit_users 
+      #  r.edit_users
       #  => ['one', 'two', 'three']
       #  r.set_edit_users(['one'], ['three'])
       #  r.edit_users
@@ -349,40 +338,85 @@ module Hydra
         set_entities(:edit, :person, users, eligible_users)
       end
 
-      protected 
+      protected
 
       def has_destroy_flag?(hash)
         ["1", "true"].include?(hash['_destroy'].to_s)
       end
 
-      private 
+      private
 
-      # @param  permission either :discover, :read or :edit
-      # @param  type either :person or :group
-      # @param  values  Values to set
-      # @param  changeable Values we are allowed to change
+      # @param [Symbol] permission either :discover, :read or :edit
+      # @param [Symbol] type either :person or :group
+      # @param [Array<String>] values Values to set
+      # @param [Array<String>] changeable Values we are allowed to change
       def set_entities(permission, type, values, changeable)
-        g = preserved(type, permission)
         (changeable - values).each do |entity|
-          #Strip permissions from users not provided
-          g[entity] = 'none'
+          for_destroy = search_by_type_and_mode(type, permission_to_uri(permission)).select { |p| p.agent_name == entity }
+          permissions.delete(for_destroy)
+        end
+
+        values.each do |agent_name|
+          exists = search_by_type_and_mode(type, permission_to_uri(permission)).select { |p| p.agent_name == agent_name }
+          permissions.build(name: agent_name, access: permission.to_s, type: type ) unless exists.present?
+        end
+      end
+
+      def permission_to_uri(permission)
+        case permission.to_s
+        when 'read'
+          ::ACL.Read
+        when 'edit'
+          ::ACL.Write
+        when 'discover'
+          Hydra::ACL.Discover
+        else
+          raise "Invalid permission #{permission.inspect}"
+        end
+      end
+
+      # @param [Symbol] type (either :group or :person)
+      # @return [Array<Permission>]
+      def search_by_type(type)
+        case type
+        when :group
+          permissions.to_a.select { |p| group_agent?(p.agent) }
+        when :person
+          permissions.to_a.select { |p| person_agent?(p.agent) }
         end
-        values.each { |name| g[name] = permission.to_s}
-        rightsMetadata.update_permissions(type.to_s=>g)
-      end
-
-      ## Get those permissions we don't want to change
-      def preserved(type, permission)
-        case permission
-        when :edit
-          g = {}
-        when :read
-          Hash[rightsMetadata.quick_search_by_type(type).select {|k, v| v == 'edit'}]
-        when :discover
-          Hash[rightsMetadata.quick_search_by_type(type).select {|k, v| v == 'discover'}]
+      end
+
+      # @param [Symbol] type either :group or :person
+      # @param [::RDF::URI] mode One of the permissions modes, e.g. ACL.Write, ACL.Read, etc.
+      # @return [Array<Permission>]
+      def search_by_type_and_mode(type, mode)
+        case type
+        when :group
+          permissions.to_a.select { |p| group_agent?(p.agent) && p.mode.first.rdf_subject == mode }
+        when :person
+          permissions.to_a.select { |p| person_agent?(p.agent) && p.mode.first.rdf_subject == mode }
         end
       end
 
+      def person_permissions
+        search_by_type(:person)
+      end
+
+      def group_permissions
+        search_by_type(:group)
+      end
+
+      def group_agent?(agent)
+        raise "no agent" unless agent.present?
+        agent.first.rdf_subject.to_s.start_with?(GROUP_AGENT_URL_PREFIX)
+
+      end
+
+      def person_agent?(agent)
+        raise "no agent" unless agent.present?
+        agent.first.rdf_subject.to_s.start_with?(PERSON_AGENT_URL_PREFIX)
+      end
+
     end
   end
 end

data/app/models/concerns/hydra/access_controls/visibility.rb

@@ -39,19 +39,17 @@ module Hydra
 
       def public_visibility!
         visibility_will_change! unless visibility == Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_PUBLIC
-        self.datastreams["rightsMetadata"].permissions({:group=>Hydra::AccessControls::AccessRight::PERMISSION_TEXT_VALUE_PUBLIC}, "read")
+        set_read_groups([Hydra::AccessControls::AccessRight::PERMISSION_TEXT_VALUE_PUBLIC], [])
       end
 
       def registered_visibility!
         visibility_will_change! unless visibility == Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_AUTHENTICATED
-        self.datastreams["rightsMetadata"].permissions({:group=>Hydra::AccessControls::AccessRight::PERMISSION_TEXT_VALUE_AUTHENTICATED}, "read")
-        self.datastreams["rightsMetadata"].permissions({:group=>Hydra::AccessControls::AccessRight::PERMISSION_TEXT_VALUE_PUBLIC}, "none")
+        set_read_groups([Hydra::AccessControls::AccessRight::PERMISSION_TEXT_VALUE_AUTHENTICATED], [Hydra::AccessControls::AccessRight::PERMISSION_TEXT_VALUE_PUBLIC])
       end
 
       def private_visibility!
         visibility_will_change! unless visibility == Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_PRIVATE
-        self.datastreams["rightsMetadata"].permissions({:group=>Hydra::AccessControls::AccessRight::PERMISSION_TEXT_VALUE_AUTHENTICATED}, "none")
-        self.datastreams["rightsMetadata"].permissions({:group=>Hydra::AccessControls::AccessRight::PERMISSION_TEXT_VALUE_PUBLIC}, "none")
+        set_read_groups([], [Hydra::AccessControls::AccessRight::PERMISSION_TEXT_VALUE_AUTHENTICATED, Hydra::AccessControls::AccessRight::PERMISSION_TEXT_VALUE_PUBLIC])
       end
 
     end

data/app/models/concerns/hydra/access_controls.rb

@@ -5,7 +5,6 @@ module Hydra
     autoload :WithAccessRight
     autoload :Embargoable
     autoload :Visibility
-    autoload :Permission
     autoload :Permissions
   end
 end

data/app/models/concerns/hydra/admin_policy_behavior.rb

@@ -3,9 +3,34 @@ module Hydra
     extend ActiveSupport::Concern
 
     included do
-      has_metadata "defaultRights", type: Hydra::Datastream::InheritableRightsMetadata 
+      has_and_belongs_to_many :default_permissions, predicate: Hydra::ACL.defaultPermissions, class_name: 'Hydra::AccessControls::Permission'
+      belongs_to :default_embargo, predicate: Hydra::ACL.hasEmbargo, class_name: 'Hydra::AccessControls::Embargo'
     end
 
+    def to_solr(solr_doc=Hash.new)
+      f = merged_policies
+      super.tap do |doc|
+        ['discover'.freeze, 'read'.freeze, 'edit'.freeze].each do |access|
+          doc[Hydra.config.permissions.inheritable[access.to_sym][:group]] = f[access]['group'.freeze] if f[access]
+          doc[Hydra.config.permissions.inheritable[access.to_sym][:individual]] = f[access]['person'.freeze] if f[access]
+        end
+        if default_embargo
+          key = Hydra.config.permissions.inheritable.embargo.release_date.sub(/_[^_]+$/, '') #Strip off the suffix
+          ::Solrizer.insert_field(doc, key, default_embargo.embargo_release_date, :stored_sortable)
+        end
+      end
+    end
+
+    def merged_policies
+      default_permissions.each_with_object({}) do |policy, h|
+        args = policy.to_hash
+        h[args[:access]] ||= {}
+        h[args[:access]][args[:type]] ||= []
+        h[args[:access]][args[:type]] << args[:name]
+      end
+    end
+
+
     ## Updates those permissions that are provided to it. Does not replace any permissions unless they are provided
     # @example
     #  obj.default_permissions= [{:name=>"group1", :access=>"discover", :type=>'group'},
@@ -14,7 +39,7 @@ module Hydra
       perm_hash = {'person' => defaultRights.users, 'group'=> defaultRights.groups}
       params.each do |row|
         if row[:type] == 'user' || row[:type] == 'person'
-          perm_hash['person'][row[:name]] = row[:access]        
+          perm_hash['person'][row[:name]] = row[:access]
         elsif row[:type] == 'group'
           perm_hash['group'][row[:name]] = row[:access]
         else

data/app/models/concerns/hydra/rights.rb

@@ -0,0 +1,15 @@
+module Hydra
+  module Rights
+    extend ActiveSupport::Concern
+    included do
+      # Rights
+      property :rights, predicate: ::RDF::DC.rights do |index|
+        index.as :facetable
+      end
+      property :rightsHolder, predicate: ::RDF::URI('http://opaquenamespace.org/rights/rightsHolder') do |index|
+        index.as :searchable, :facetable
+      end
+      property :copyrightClaimant, predicate: ::RDF::URI('http://id.loc.gov/vocabulary/relators/cpc')
+    end
+  end
+end

data/app/models/hydra/access_controls/access_control_list.rb

@@ -0,0 +1,17 @@
+module Hydra::AccessControls
+  class AccessControlList < ActiveFedora::Base
+    belongs_to :access_to, predicate: ::ACL.accessTo, class_name: 'ActiveFedora::Base'
+    # has_many :admin_policies, class_name: 'Hydra::AdminPolicy'
+    property :mode, predicate: ::ACL.mode, class_name: 'Hydra::AccessControls::Mode'
+    property :agent, predicate: ::ACL.agent, class_name: 'Hydra::AccessControls::Agent'
+    # property :agentClass, predicate: ACL.agentClass
+
+    # [acl:accessTo <card>; acl:mode acl:Read; acl:agentClass foaf:Agent].
+    # [acl:accessTo <card>; acl:mode acl:Read, acl:Write;  acl:agent <card#i>].
+  end
+
+  class Mode < ActiveTriples::Resource
+  end
+  class Agent < ActiveTriples::Resource
+  end
+end

data/app/models/hydra/access_controls/embargo.rb

@@ -0,0 +1,65 @@
+module Hydra::AccessControls
+  class Embargo < ActiveFedora::Base
+    property :visibility_during_embargo, predicate: Hydra::ACL.visibilityDuringEmbargo
+    property :visibility_after_embargo, predicate: Hydra::ACL.visibilityAfterEmbargo
+    property :embargo_release_date, predicate: Hydra::ACL.embargoReleaseDate
+    property :embargo_history, predicate: Hydra::ACL.embargoHistory
+
+    # Hack until ActiveFedora supports activeTriples 0.3.0 (then we can just use super)
+    def visibility_during_embargo_with_first
+      visibility_during_embargo_without_first.first
+    end
+    alias_method_chain :visibility_during_embargo, :first
+
+    # Hack until ActiveFedora supports activeTriples 0.3.0 (then we can just use super)
+    def visibility_after_embargo_with_first
+      visibility_after_embargo_without_first.first
+    end
+    alias_method_chain :visibility_after_embargo, :first
+
+    # Hack until ActiveFedora supports activeTriples 0.3.0 (then we can just use super)
+    def embargo_release_date_with_first
+      embargo_release_date_without_first.first
+    end
+    alias_method_chain :embargo_release_date, :first
+
+    # Hack until ActiveFedora supports activeTriples 0.3.0 (then we can just use super)
+    def embargo_release_date_with_casting=(date)
+      date = DateTime.parse(date) if date && date.kind_of?(String)
+      self.embargo_release_date_without_casting = date
+    end
+    alias_method_chain :embargo_release_date=, :casting
+
+    def active?
+      (embargo_release_date.present? && Date.today < embargo_release_date)
+    end
+
+    def deactivate!
+      return unless embargo_release_date
+      embargo_state = active? ? "active" : "expired"
+      embargo_record = embargo_history_message(embargo_state, Date.today, embargo_release_date, visibility_during_embargo, visibility_after_embargo)
+      self.embargo_release_date = nil
+      self.visibility_during_embargo = nil
+      self.visibility_after_embargo = nil
+      self.embargo_history += [embargo_record]
+    end
+
+    def to_hash
+      {}.tap do |doc|
+        date_field_name = Hydra.config.permissions.embargo.release_date.sub(/_dtsi/, '')
+        Solrizer.insert_field(doc, date_field_name, embargo_release_date, :stored_sortable)
+        doc[::Solrizer.solr_name("visibility_during_embargo", :symbol)] = visibility_during_embargo unless visibility_during_embargo.nil?
+        doc[::Solrizer.solr_name("visibility_after_embargo", :symbol)] = visibility_after_embargo unless visibility_after_embargo.nil?
+        doc[::Solrizer.solr_name("embargo_history", :symbol)] = embargo_history unless embargo_history.nil?
+      end
+    end
+    protected
+
+      # Create the log message used when deactivating an embargo
+      # This method may be overriden in order to transform the values of the passed parameters.
+      def embargo_history_message(state, deactivate_date, release_date, visibility_during, visibility_after)
+        I18n.t 'hydra.embargo.history_message', state: state, deactivate_date: deactivate_date, release_date: release_date,
+          visibility_during: visibility_during, visibility_after: visibility_after
+      end
+  end
+end