hydra-access-controls 8.2.0 → 9.0.0.beta1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (52) hide show
  1. checksums.yaml +4 -4
  2. data/README.textile +10 -10
  3. data/app/models/concerns/hydra/access_controls/access_right.rb +3 -2
  4. data/app/models/concerns/hydra/access_controls/embargoable.rb +120 -132
  5. data/app/models/concerns/hydra/access_controls/permissions.rb +137 -103
  6. data/app/models/concerns/hydra/access_controls/visibility.rb +3 -5
  7. data/app/models/concerns/hydra/access_controls.rb +0 -1
  8. data/app/models/concerns/hydra/admin_policy_behavior.rb +27 -2
  9. data/app/models/concerns/hydra/rights.rb +15 -0
  10. data/app/models/hydra/access_controls/access_control_list.rb +17 -0
  11. data/app/models/hydra/access_controls/embargo.rb +65 -0
  12. data/app/models/hydra/access_controls/lease.rb +66 -0
  13. data/app/models/hydra/access_controls/permission.rb +85 -0
  14. data/app/vocabularies/acl.rb +12 -0
  15. data/app/vocabularies/hydra/acl.rb +20 -0
  16. data/config/fedora.yml +4 -2
  17. data/hydra-access-controls.gemspec +6 -7
  18. data/lib/hydra/ability.rb +45 -43
  19. data/lib/hydra/access_controls_enforcement.rb +23 -25
  20. data/lib/hydra/admin_policy.rb +34 -11
  21. data/lib/hydra/config.rb +4 -15
  22. data/lib/hydra/permissions_query.rb +2 -2
  23. data/lib/hydra/permissions_solr_document.rb +4 -6
  24. data/lib/hydra/policy_aware_ability.rb +56 -53
  25. data/lib/hydra/policy_aware_access_controls_enforcement.rb +28 -18
  26. data/lib/hydra-access-controls.rb +1 -1
  27. data/spec/factories.rb +15 -15
  28. data/spec/services/embargo_service_spec.rb +6 -6
  29. data/spec/services/lease_service_spec.rb +6 -6
  30. data/spec/spec_helper.rb +20 -13
  31. data/spec/support/mods_asset.rb +3 -3
  32. data/spec/unit/ability_spec.rb +96 -121
  33. data/spec/unit/access_controls_enforcement_spec.rb +29 -27
  34. data/spec/unit/access_right_spec.rb +6 -1
  35. data/spec/unit/accessible_by_spec.rb +14 -5
  36. data/spec/unit/admin_policy_spec.rb +99 -92
  37. data/spec/unit/config_spec.rb +14 -15
  38. data/spec/unit/embargoable_spec.rb +26 -28
  39. data/spec/unit/permission_spec.rb +36 -16
  40. data/spec/unit/permissions_spec.rb +121 -65
  41. data/spec/unit/policy_aware_ability_spec.rb +64 -78
  42. data/spec/unit/policy_aware_access_controls_enforcement_spec.rb +81 -77
  43. data/spec/unit/role_mapper_spec.rb +10 -10
  44. data/spec/unit/with_access_right_spec.rb +1 -1
  45. metadata +29 -51
  46. data/lib/hydra/access_controls/permission.rb +0 -40
  47. data/lib/hydra/datastream/inheritable_rights_metadata.rb +0 -22
  48. data/lib/hydra/datastream/rights_metadata.rb +0 -276
  49. data/lib/hydra/datastream.rb +0 -7
  50. data/spec/unit/hydra_rights_metadata_persistence_spec.rb +0 -71
  51. data/spec/unit/hydra_rights_metadata_spec.rb +0 -301
  52. data/spec/unit/inheritable_rights_metadata_spec.rb +0 -65
@@ -1,83 +1,76 @@
1
1
  # Repeats access controls evaluation methods, but checks against a governing "Policy" object (or "Collection" object) that provides inherited access controls.
2
2
  module Hydra::PolicyAwareAbility
3
3
  extend ActiveSupport::Concern
4
+ extend Deprecation
4
5
  include Hydra::Ability
5
-
6
+
7
+ IS_GOVERNED_BY_SOLR_FIELD = "isGovernedBy_ssim".freeze
8
+
6
9
  # Extends Hydra::Ability.test_edit to try policy controls if object-level controls deny access
7
10
  def test_edit(pid)
8
- result = super
9
- if result
10
- return result
11
- else
12
- return test_edit_from_policy(pid)
13
- end
11
+ super || test_edit_from_policy(pid)
14
12
  end
15
-
13
+
16
14
  # Extends Hydra::Ability.test_read to try policy controls if object-level controls deny access
17
15
  def test_read(pid)
18
- result = super
19
- if result
20
- return result
21
- else
22
- return test_read_from_policy(pid)
23
- end
16
+ super || test_read_from_policy(pid)
24
17
  end
25
-
18
+
26
19
  # Returns the pid of policy object (is_governed_by) for the specified object
27
- # Assumes that the policy object is associated by an is_governed_by relationship
20
+ # Assumes that the policy object is associated by an is_governed_by relationship
28
21
  # (which is stored as "is_governed_by_ssim" in object's solr document)
29
22
  # Returns nil if no policy associated with the object
30
23
  def policy_pid_for(object_pid)
31
24
  policy_pid = policy_pid_cache[object_pid]
32
25
  return policy_pid if policy_pid
33
- solr_result = ActiveFedora::Base.find_with_conditions({:id=>object_pid}, :fl=>ActiveFedora::SolrService.solr_name('is_governed_by', :symbol))
26
+ solr_result = ActiveFedora::Base.find_with_conditions({id: object_pid}, fl: governed_by_solr_field)
34
27
  begin
35
- policy_pid_cache[object_pid] = policy_pid = value_from_solr_field(solr_result, ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)).first.gsub("info:fedora/", "")
28
+ policy_pid_cache[object_pid] = policy_pid = value_from_solr_field(solr_result, governed_by_solr_field).first.gsub("info:fedora/", "")
36
29
  rescue NoMethodError
37
30
  end
38
31
  return policy_pid
39
32
  end
40
-
33
+
34
+ def governed_by_solr_field
35
+ # TODO the solr key could be derived if we knew the class of the object:
36
+ # ModsAsset.reflect_on_association(:admin_policy).solr_key
37
+ IS_GOVERNED_BY_SOLR_FIELD
38
+ end
39
+
41
40
  # Returns the permissions solr document for policy_pid
42
41
  # The document is stored in an instance variable, so calling this multiple times will only query solr once.
43
- # To force reload, set @policy_permissions_solr_cache to {}
42
+ # To force reload, set @policy_permissions_solr_cache to {}
44
43
  def policy_permissions_doc(policy_pid)
45
44
  @policy_permissions_solr_cache ||= {}
46
45
  @policy_permissions_solr_cache[policy_pid] ||= get_permissions_solr_response_for_doc_id(policy_pid)
47
46
  end
48
-
47
+
49
48
  # Tests whether the object's governing policy object grants edit access for the current user
50
49
  def test_edit_from_policy(object_pid)
51
50
  policy_pid = policy_pid_for(object_pid)
52
- if policy_pid.nil?
53
- return false
54
- else
55
- Rails.logger.debug("[CANCAN] -policy- Does the POLICY #{policy_pid} provide EDIT permissions for #{current_user.user_key}?")
56
- group_intersection = user_groups & edit_groups_from_policy( policy_pid )
57
- result = !group_intersection.empty? || edit_users_from_policy( policy_pid ).include?(current_user.user_key)
58
- Rails.logger.debug("[CANCAN] -policy- decision: #{result}")
59
- return result
60
- end
61
- end
62
-
51
+ return false if policy_pid.nil?
52
+ Rails.logger.debug("[CANCAN] -policy- Does the POLICY #{policy_pid} provide EDIT permissions for #{current_user.user_key}?")
53
+ group_intersection = user_groups & edit_groups_from_policy( policy_pid )
54
+ result = !group_intersection.empty? || edit_users_from_policy( policy_pid ).include?(current_user.user_key)
55
+ Rails.logger.debug("[CANCAN] -policy- decision: #{result}")
56
+ result
57
+ end
58
+
63
59
  # Tests whether the object's governing policy object grants read access for the current user
64
60
  def test_read_from_policy(object_pid)
65
61
  policy_pid = policy_pid_for(object_pid)
66
- if policy_pid.nil?
67
- return false
68
- else
69
- Rails.logger.debug("[CANCAN] -policy- Does the POLICY #{policy_pid} provide READ permissions for #{current_user.user_key}?")
70
- group_intersection = user_groups & read_groups_from_policy( policy_pid )
71
- result = !group_intersection.empty? || read_users_from_policy( policy_pid ).include?(current_user.user_key)
72
- Rails.logger.debug("[CANCAN] -policy- decision: #{result}")
73
- result
74
- end
75
- end
76
-
62
+ return false if policy_pid.nil?
63
+ Rails.logger.debug("[CANCAN] -policy- Does the POLICY #{policy_pid} provide READ permissions for #{current_user.user_key}?")
64
+ group_intersection = user_groups & read_groups_from_policy( policy_pid )
65
+ result = !group_intersection.empty? || read_users_from_policy( policy_pid ).include?(current_user.user_key)
66
+ Rails.logger.debug("[CANCAN] -policy- decision: #{result}")
67
+ result
68
+ end
69
+
77
70
  # Returns the list of groups granted edit access by the policy object identified by policy_pid
78
71
  def edit_groups_from_policy(policy_pid)
79
72
  policy_permissions = policy_permissions_doc(policy_pid)
80
- edit_group_field = Hydra.config[:permissions][:inheritable][:edit][:group]
73
+ edit_group_field = Hydra.config.permissions.inheritable[:edit][:group]
81
74
  eg = ((policy_permissions == nil || policy_permissions.fetch(edit_group_field,nil) == nil) ? [] : policy_permissions.fetch(edit_group_field,nil))
82
75
  Rails.logger.debug("[CANCAN] -policy- edit_groups: #{eg.inspect}")
83
76
  return eg
@@ -87,44 +80,54 @@ module Hydra::PolicyAwareAbility
87
80
  # Note: edit implies read, so read_groups is the union of edit and read groups
88
81
  def read_groups_from_policy(policy_pid)
89
82
  policy_permissions = policy_permissions_doc(policy_pid)
90
- read_group_field = Hydra.config[:permissions][:inheritable][:read][:group]
83
+ read_group_field = Hydra.config.permissions.inheritable[:read][:group]
91
84
  rg = edit_groups_from_policy(policy_pid) | ((policy_permissions == nil || policy_permissions.fetch(read_group_field,nil) == nil) ? [] : policy_permissions.fetch(read_group_field,nil))
92
85
  Rails.logger.debug("[CANCAN] -policy- read_groups: #{rg.inspect}")
93
86
  return rg
94
87
  end
95
88
 
89
+ def edit_persons_from_policy(policy_pid)
90
+ Deprecation.warn(Hydra::PolicyAwareAbility, "The edit_persons_from_policy method is deprecated and will be removed from Hydra::PolicyAwareAbility in hydra-head 8.0. Use edit_users_from_policy instead.", caller)
91
+ edit_users_from_policy(policy_pid)
92
+ end
93
+
96
94
  # Returns the list of users granted edit access by the policy object identified by policy_pid
97
95
  def edit_users_from_policy(policy_pid)
98
96
  policy_permissions = policy_permissions_doc(policy_pid)
99
- edit_user_field = Hydra.config[:permissions][:inheritable][:edit][:individual]
97
+ edit_user_field = Hydra.config.permissions.inheritable[:edit][:individual]
100
98
  eu = ((policy_permissions == nil || policy_permissions.fetch(edit_user_field,nil) == nil) ? [] : policy_permissions.fetch(edit_user_field,nil))
101
99
  Rails.logger.debug("[CANCAN] -policy- edit_users: #{eu.inspect}")
102
100
  return eu
103
101
  end
104
102
 
103
+ def read_persons_from_policy(policy_pid)
104
+ Deprecation.warn(Hydra::PolicyAwareAbility, "The read_persons_from_policy method is deprecated and will be removed from Hydra::PolicyAwareAbility in hydra-head 8.0. Use read_users_from_policy instead.", caller)
105
+ read_users_from_policy(policy_pid)
106
+ end
107
+
105
108
  # Returns the list of users granted read access by the policy object identified by policy_pid
106
109
  # Note: edit implies read, so read_users is the union of edit and read users
107
110
  def read_users_from_policy(policy_pid)
108
111
  policy_permissions = policy_permissions_doc(policy_pid)
109
- read_user_field = Hydra.config[:permissions][:inheritable][:read][:individual]
112
+ read_user_field = Hydra.config.permissions.inheritable[:read][:individual]
110
113
  ru = edit_users_from_policy(policy_pid) | ((policy_permissions == nil || policy_permissions.fetch(read_user_field, nil) == nil) ? [] : policy_permissions.fetch(read_user_field, nil))
111
114
  Rails.logger.debug("[CANCAN] -policy- read_users: #{ru.inspect}")
112
115
  return ru
113
116
  end
114
-
117
+
115
118
  private
116
-
119
+
117
120
  # Grabs the value of field_name from solr_result
118
121
  # @example
119
- # solr_result = Multiresimage.find_with_conditions({:id=>object_pid}, :fl=>'is_governed_by_s')
120
- # value_from_solr_field(solr_result, 'is_governed_by_s')
122
+ # solr_result = Multiresimage.find_with_conditions({:id=>object_pid}, :fl=>'is_governed_by_ssim')
123
+ # value_from_solr_field(solr_result, 'is_governed_by_ssim')
121
124
  # => ["info:fedora/changeme:2278"]
122
125
  def value_from_solr_field(solr_result, field_name)
123
126
  field_from_result = solr_result.select {|x| x.has_key?(field_name)}.first
124
127
  if field_from_result.nil?
125
- return nil
128
+ nil
126
129
  else
127
- return field_from_result[field_name]
130
+ field_from_result[field_name]
128
131
  end
129
132
  end
130
133
 
@@ -1,22 +1,24 @@
1
1
  # Repeats access controls evaluation methods, but checks against a governing "Policy" object (or "Collection" object) that provides inherited access controls.
2
2
  module Hydra::PolicyAwareAccessControlsEnforcement
3
-
3
+ extend Deprecation
4
+
4
5
  # Extends Hydra::AccessControlsEnforcement.apply_gated_discovery to reflect policy-provided access
5
6
  # appends the result of policy_clauses into the :fq
6
7
  # @param solr_parameters the current solr parameters
7
- def apply_gated_discovery(solr_parameters)
8
+ # @param user_parameters the current user-subitted parameters
9
+ def apply_gated_discovery(solr_parameters, user_parameters)
8
10
  solr_parameters[:fq] ||= []
9
11
  solr_parameters[:fq] << gated_discovery_filters.join(" OR ")
10
12
  logger.debug("POLICY-aware Solr parameters: #{ solr_parameters.inspect }")
11
13
  end
12
14
 
13
15
  # returns solr query for finding all objects whose policies grant discover access to current_user
14
- def policy_clauses
16
+ def policy_clauses
15
17
  policy_pids = policies_with_access
16
18
  return nil if policy_pids.empty?
17
- '(' + policy_pids.map {|pid| ActiveFedora::SolrService.construct_query_for_rel(is_governed_by: "info:fedora/#{pid}")}.join(' OR ') + ')'
19
+ '(' + policy_pids.map {|pid| ActiveFedora::SolrQueryBuilder.construct_query_for_rel(is_governed_by: "info:fedora/#{pid}")}.join(' OR ') + ')'
18
20
  end
19
-
21
+
20
22
  # find all the policies that grant discover/read/edit permissions to this user or any of its groups
21
23
  def policies_with_access
22
24
  #### TODO -- Memoize this and put it in the session?
@@ -28,39 +30,47 @@ module Hydra::PolicyAwareAccessControlsEnforcement
28
30
  logger.debug "get policies: #{result}\n\n"
29
31
  result.map {|h| h['id']}
30
32
  end
31
-
33
+
34
+ def apply_policy_role_permissions(permission_types = discovery_permissions)
35
+ Deprecation.warn(Hydra::PolicyAwareAccessControlsEnforcement, "The method apply_policy_role_permissions is deprecated and will be removed from Hydra::PolicyAwareAccessControlsEnforcement in hydra-head 8.0. Use apply_policy_group_permissions instead.", caller)
36
+ apply_policy_group_permissions(permission_types)
37
+ end
38
+
32
39
  def apply_policy_group_permissions(permission_types = discovery_permissions)
33
40
  # for groups
34
41
  user_access_filters = []
35
42
  current_ability.user_groups.each_with_index do |group, i|
36
43
  permission_types.each do |type|
37
- user_access_filters << escape_filter(ActiveFedora::SolrService.solr_name("inheritable_#{type}_access_group", Hydra::Datastream::RightsMetadata.indexer ), group)
44
+ user_access_filters << escape_filter(Hydra.config.permissions.inheritable[type.to_sym].group, group)
38
45
  end
39
46
  end
40
47
  user_access_filters
41
48
  end
42
49
 
50
+ def apply_policy_individual_permissions(permission_types = discovery_permissions)
51
+ Deprecation.warn(Hydra::PolicyAwareAccessControlsEnforcement, "The method apply_policy_individual_permissions is deprecated and will be removed from Hydra::PolicyAwareAccessControlsEnforcement in hydra-head 8.0. Use apply_policy_user_permissions instead.", caller)
52
+ apply_policy_user_permissions(permission_types)
53
+ end
54
+
43
55
  def apply_policy_user_permissions(permission_types = discovery_permissions)
44
56
  # for individual user access
45
- user = current_ability.current_user
46
- return [] unless user && user.user_key.present?
47
- permission_types.map do |type|
48
- escape_filter(ActiveFedora::SolrService.solr_name("inheritable_#{type}_access_person", Hydra::Datastream::RightsMetadata.indexer ), user.user_key)
57
+ user_access_filters = []
58
+ if current_user
59
+ permission_types.each do |type|
60
+ user_access_filters << escape_filter(Hydra.config.permissions.inheritable[type.to_sym].individual, current_user.user_key)
61
+ end
49
62
  end
63
+ user_access_filters
50
64
  end
51
65
 
52
66
  # Returns the Model used for AdminPolicy objects.
53
67
  # You can set this by overriding this method or setting Hydra.config[:permissions][:policy_class]
54
68
  # Defults to Hydra::AdminPolicy
55
69
  def policy_class
56
- if Hydra.config[:permissions][:policy_class].nil?
57
- return Hydra::AdminPolicy
58
- else
59
- return Hydra.config[:permissions][:policy_class]
60
- end
70
+ Hydra.config.permissions.policy_class || Hydra::AdminPolicy
61
71
  end
62
72
 
63
- protected
73
+ protected
64
74
 
65
75
  def gated_discovery_filters
66
76
  filters = super
@@ -70,5 +80,5 @@ module Hydra::PolicyAwareAccessControlsEnforcement
70
80
  end
71
81
  filters
72
82
  end
73
-
83
+
74
84
  end
@@ -2,6 +2,7 @@ require 'rails'
2
2
  require 'active-fedora'
3
3
  require 'blacklight'
4
4
  require 'cancan'
5
+ require "deprecation"
5
6
 
6
7
  module Hydra
7
8
  extend ActiveSupport::Autoload
@@ -11,7 +12,6 @@ module Hydra
11
12
  autoload :PolicyAwareAccessControlsEnforcement
12
13
  autoload :Ability
13
14
  autoload :Config
14
- autoload :Datastream
15
15
  autoload :PolicyAwareAbility
16
16
  autoload :AdminPolicy
17
17
  autoload :AdminPolicyBehavior
data/spec/factories.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  FactoryGirl.define do
2
-
2
+
3
3
  # Users
4
-
4
+
5
5
  # Prototype user factory
6
6
  factory :user, :aliases => [:owner] do |u|
7
7
  sequence :uid do |n|
@@ -11,7 +11,7 @@ FactoryGirl.define do
11
11
  password { uid }
12
12
  new_record false
13
13
  end
14
-
14
+
15
15
  factory :archivist, :parent=>:user do |u|
16
16
  uid 'archivist1'
17
17
  password 'archivist1'
@@ -71,34 +71,34 @@ FactoryGirl.define do
71
71
  roles { ["repository-admin"] }
72
72
  end
73
73
 
74
- #
74
+ #
75
75
  # Repository Objects
76
76
  #
77
-
77
+
78
78
  factory :asset, :class => ModsAsset do |o|
79
79
  end
80
-
80
+
81
81
  factory :admin_policy, :class => Hydra::AdminPolicy do |o|
82
82
  end
83
-
83
+
84
84
  factory :default_access_asset, :parent=>:asset do |a|
85
- permissions_attributes [{:name=>"joe_creator", :access=>"edit", :type=>"user"}]
85
+ permissions_attributes [{ name: "joe_creator", access: "edit", type: "person" }]
86
86
  end
87
-
87
+
88
88
  factory :dept_access_asset, :parent=>:asset do |a|
89
- permissions_attributes [{:name=>"africana-faculty", :access=>"read", :type=>"group"}, {:name=>"joe_creator", :access=>"edit", :type=>"user"}]
89
+ permissions_attributes [{ name: "africana-faculty", access: "read", type: "group" }, { name: "joe_creator", access: "edit", type: "person" }]
90
90
  end
91
91
 
92
92
  factory :group_edit_asset, :parent=>:asset do |a|
93
- permissions_attributes [{:name=>"africana-faculty", :access=>"edit", :type=>"group"}, {:name=>"calvin_collaborator", :access=>"edit", :type=>"user"}]
93
+ permissions_attributes [{ name:"africana-faculty", access: "edit", type: "group" }, {name: "calvin_collaborator", access: "edit", type: "person"}]
94
94
  end
95
-
95
+
96
96
  factory :org_read_access_asset, :parent=>:asset do |a|
97
- permissions_attributes [{:name=>"registered", :access=>"read", :type=>"group"}, {:name=>"joe_creator", :access=>"edit", :type=>"user"}, {:name=>"calvin_collaborator", :access=>"edit", :type=>"user"}]
97
+ permissions_attributes [{ name: "registered", access: "read", type: "group" }, { name: "joe_creator", access: "edit", type: "person" }, { name: "calvin_collaborator", access: "edit", type: "person" }]
98
98
  end
99
-
99
+
100
100
  factory :open_access_asset, :parent=>:asset do |a|
101
- permissions_attributes [{:name=>"public", :access=>"read", :type=>"group"}, {:name=>"joe_creator", :access=>"edit", :type=>"user"}, {:name=>"calvin_collaborator", :access=>"edit", :type=>"user"}]
101
+ permissions_attributes [{ name: "public", access: "read", type: "group" }, { name: "joe_creator", access: "edit", type: "person" }, { name: "calvin_collaborator", access: "edit", type: "person" }]
102
102
  end
103
103
 
104
104
  end
@@ -21,18 +21,18 @@ describe Hydra::EmbargoService do
21
21
 
22
22
  describe "#assets_with_expired_embargoes" do
23
23
  it "returns an array of assets with expired embargoes" do
24
- returned_pids = subject.assets_with_expired_embargoes.map {|a| a.pid}
25
- expect(returned_pids).to include work_with_expired_embargo1.pid,work_with_expired_embargo2.pid
26
- expect(returned_pids).to_not include work_with_embargo_in_effect.pid,work_without_embargo.pid
24
+ returned_ids = subject.assets_with_expired_embargoes.map {|a| a.id}
25
+ expect(returned_ids).to include work_with_expired_embargo1.id, work_with_expired_embargo2.id
26
+ expect(returned_ids).to_not include work_with_embargo_in_effect.id, work_without_embargo.id
27
27
  end
28
28
  end
29
29
 
30
30
  describe "#assets_under_embargo" do
31
31
  it "returns all assets with embargo release date set" do
32
32
  result = subject.assets_under_embargo
33
- returned_pids = subject.assets_under_embargo.map {|a| a.pid}
34
- expect(returned_pids).to include work_with_expired_embargo1.pid,work_with_expired_embargo2.pid,work_with_embargo_in_effect.pid
35
- expect(returned_pids).to_not include work_without_embargo.pid
33
+ returned_ids = subject.assets_under_embargo.map {|a| a.id}
34
+ expect(returned_ids).to include work_with_expired_embargo1.id, work_with_expired_embargo2.id, work_with_embargo_in_effect.id
35
+ expect(returned_ids).to_not include work_without_embargo.id
36
36
  end
37
37
  end
38
38
  end
@@ -21,17 +21,17 @@ describe Hydra::LeaseService do
21
21
 
22
22
  describe "#assets_with_expired_leases" do
23
23
  it "returns an array of assets with expired embargoes" do
24
- returned_pids = subject.assets_with_expired_leases.map {|a| a.pid}
25
- expect(returned_pids).to include work_with_expired_lease1.pid,work_with_expired_lease2.pid
26
- expect(returned_pids).to_not include work_with_lease_in_effect.pid,work_without_lease.pid
24
+ returned_ids = subject.assets_with_expired_leases.map {|a| a.id}
25
+ expect(returned_ids).to include work_with_expired_lease1.id, work_with_expired_lease2.id
26
+ expect(returned_ids).to_not include work_with_lease_in_effect.id, work_without_lease.id
27
27
  end
28
28
  end
29
29
 
30
30
  describe "#assets_under_lease" do
31
31
  it "returns an array of assets with expired embargoes" do
32
- returned_pids = subject.assets_under_lease.map {|a| a.pid}
33
- expect(returned_pids).to include work_with_expired_lease1.pid,work_with_expired_lease2.pid,work_with_lease_in_effect.pid
34
- expect(returned_pids).to_not include work_without_lease.pid
32
+ returned_ids = subject.assets_under_lease.map {|a| a.id}
33
+ expect(returned_ids).to include work_with_expired_lease1.id, work_with_expired_lease2.id, work_with_lease_in_effect.id
34
+ expect(returned_ids).to_not include work_without_lease.id
35
35
  end
36
36
  end
37
37
  end
data/spec/spec_helper.rb CHANGED
@@ -20,27 +20,34 @@ end
20
20
  require 'support/rails'
21
21
 
22
22
  # Since we're not doing a Rails Engine test, we have to load these classes manually:
23
- require 'active_support'
24
- require 'active_support/dependencies'
25
- relative_load_paths = ["#{Blacklight.root}/app/controllers/concerns",
26
- "#{Blacklight.root}/app/models",
27
- "app/models",
28
- "app/models/concerns",
29
- "app/indexers",
30
- "app/services",
31
- "app/validators",
32
- "app/vocabularies"]
33
- ActiveSupport::Dependencies.autoload_paths += relative_load_paths
34
-
23
+ require_relative '../app/vocabularies/acl'
24
+ require_relative '../app/vocabularies/hydra/acl'
25
+ require_relative '../app/models/role_mapper'
26
+ require_relative '../app/models/ability'
27
+ require_relative '../app/models/hydra/access_controls/access_control_list'
28
+ require_relative '../app/models/hydra/access_controls/permission'
29
+ require_relative '../app/models/hydra/access_controls/embargo'
30
+ require_relative '../app/models/hydra/access_controls/lease'
31
+ require_relative '../app/services/hydra/lease_service'
32
+ require_relative '../app/services/hydra/embargo_service'
33
+ require_relative '../app/validators/hydra/future_date_validator'
35
34
  require 'support/mods_asset'
36
35
  require 'support/solr_document'
37
36
  require "support/user"
38
37
  require "factory_girl"
39
38
  require "factories"
40
39
 
40
+ # HttpLogger.logger = Logger.new(STDOUT)
41
+ # HttpLogger.ignore = [/localhost:8983\/solr/]
42
+ # HttpLogger.colorize = false
41
43
 
42
- RSpec.configure do |config|
44
+ ActiveFedora::Base.logger = Logger.new(STDOUT)
43
45
 
46
+ require 'active_fedora/cleaner'
47
+ RSpec.configure do |config|
48
+ config.before(:each) do
49
+ ActiveFedora::Cleaner.clean!
50
+ end
44
51
  end
45
52
 
46
53
  # Stubbing Devise
@@ -1,7 +1,7 @@
1
1
  class ModsAsset < ActiveFedora::Base
2
2
  include Hydra::AccessControls::Embargoable
3
-
4
- # This is how we're associating admin policies with assets.
3
+
4
+ # This is how we're associating admin policies with assets.
5
5
  # You can associate them however you want, just use the :is_governed_by relationship
6
- belongs_to :admin_policy, class_name: "Hydra::AdminPolicy", property: :is_governed_by
6
+ belongs_to :admin_policy, class_name: "Hydra::AdminPolicy", predicate: ActiveFedora::Predicates.find_graph_predicate(:is_governed_by)
7
7
  end