hydra-access-controls 9.5.0 → 9.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 124bb44e71c185a51d708ad4c7a368ff767315fd
-  data.tar.gz: 41fd3af3306eb3f9cf8943a048cba3eddde884a9
+  metadata.gz: d858683ef55ada03ab8db4ae2236c36b842895cf
+  data.tar.gz: 1607be72ddad76b1f526ca62181d50a7724950bc
 SHA512:
-  metadata.gz: 4fc4407250c8593de0233f270cf3d1bbe638916713dab4b1e8e9462dcb3ebfbd52162fce9037e03af7ccfcaba8ce227f9c662f0c6c487d41e5ee836c2e0a8d3a
-  data.tar.gz: 5ea74853a2c5782822c74640bfb7197b2e45950e25677eab3072720c0dad2b7ac77c55a2879d5f7c771fd36f2fa452aa6f8f36a760ccea1550c4c21545d6d190
+  metadata.gz: 74f0875cd669674a81eecc48586fdb10ec1c900ece56e76611ec7258acb4d2411c2b46a2ee08c637fa06b177f9f8f149f626dcf933101f3b6ad1a94fe6115009
+  data.tar.gz: 41d8e8afbcc05366e4116e808b99f3c4d4c693754652426e258c72cd3357a4018bea46981d2f913ea0ec831d45cbe051ca0a1fc665a4fc98beebf43f88e74cea

data/app/models/concerns/hydra/access_controls/embargoable.rb

@@ -74,6 +74,8 @@ module Hydra
         visibility_will_change! if embargo.changed?
       end
 
+      # Deactivates the embargo and logs a message to the embargo object.
+      # Marks this record as dirty so that it will get reindexed.
       def deactivate_embargo!
         embargo && embargo.deactivate!
         visibility_will_change!

data/app/models/hydra/access_controls/embargo.rb

@@ -17,6 +17,7 @@ module Hydra::AccessControls
       (embargo_release_date.present? && Date.today < embargo_release_date)
     end
 
+    # Deactivates the embargo and logs a message to the embargo_history property
     def deactivate!
       return unless embargo_release_date
       embargo_state = active? ? "active" : "expired"

data/app/models/hydra/access_controls/permission.rb

@@ -61,9 +61,6 @@ module Hydra::AccessControls
                        Agent.new(::RDF::URI.new("#{GROUP_AGENT_URL_PREFIX}##{name}"))
                      when "person"
                        Agent.new(::RDF::URI.new("#{PERSON_AGENT_URL_PREFIX}##{name}"))
-                     when "user"
-                       Deprecation.warn Permission, "Passing \"user\" as the type to Permission is deprecated. Use \"person\" instead. This will be an error in ActiveFedora 9."
-                       Agent.new(::RDF::URI.new("#{PERSON_AGENT_URL_PREFIX}##{name}"))
                      else
                        raise ArgumentError, "Unknown agent type #{type.inspect}"
                      end

data/hydra-access-controls.gemspec

@@ -22,13 +22,8 @@ Gem::Specification.new do |gem|
   gem.add_dependency "active-fedora", '~> 9.0'
   gem.add_dependency 'cancancan', '~> 1.8'
   gem.add_dependency 'deprecation', '~> 0.2'
-  gem.add_dependency "blacklight", '~> 5.16'
-
-  # sass-rails is typically generated into the app's gemfile by `rails new`
-  # In rails 3 it's put into the "assets" group and thus not available to the
-  # app. Blacklight 5.3 requires bootstrap-sass which requires (but does not
-  # declare a dependency on) sass-rails
-  gem.add_dependency 'sass-rails'
+  gem.add_dependency "blacklight", '>= 5.16'
+  gem.add_dependency "blacklight-access_controls", '~> 0.1'
 
   gem.add_development_dependency "rake", '~> 10.1'
   gem.add_development_dependency 'rspec', '~> 3.1'

data/lib/hydra-access-controls.rb

@@ -3,6 +3,7 @@ require 'active-fedora'
 require 'blacklight'
 require 'cancan'
 require "deprecation"
+require 'blacklight-access_controls'
 
 module Hydra
   extend ActiveSupport::Autoload

data/lib/hydra/ability.rb

@@ -1,18 +1,19 @@
 # Code for [CANCAN] access to Hydra models
-require 'cancan'
+
 module Hydra
   module Ability
     extend ActiveSupport::Concern
 
+    include Blacklight::AccessControls::Ability
+
     # once you include Hydra::Ability you can add custom permission methods by appending to ability_logic like so:
     #
     # self.ability_logic +=[:setup_my_permissions]
 
     included do
-      include CanCan::Ability
       include Hydra::PermissionsQuery
       include Blacklight::SearchHelper
-      class_attribute :ability_logic
+
       self.ability_logic = [:create_permissions, :edit_permissions, :read_permissions, :discover_permissions, :download_permissions, :custom_permissions]
     end
 
@@ -20,37 +21,16 @@ module Hydra
       Hydra.config[:user_model] ?  Hydra.config[:user_model].constantize : ::User
     end
 
-    attr_reader :current_user, :options, :cache
-
     def initialize(user, options = {})
       @current_user = user || Hydra::Ability.user_class.new # guest user (not logged in)
       @user = @current_user # just in case someone was using this in an override. Just don't.
       @options = options
-      @cache = Hydra::PermissionsCache.new
+      @cache = Blacklight::AccessControls::PermissionsCache.new
       hydra_default_permissions()
     end
 
-    ## You can override this method if you are using a different AuthZ (such as LDAP)
-    def user_groups
-      return @user_groups if @user_groups
-
-      @user_groups = default_user_groups
-      @user_groups |= current_user.groups if current_user and current_user.respond_to? :groups
-      @user_groups |= ['registered'] unless current_user.new_record?
-      @user_groups
-    end
-
-    def default_user_groups
-      # # everyone is automatically a member of the group 'public'
-      ['public']
-    end
-
-
     def hydra_default_permissions
-      Rails.logger.debug("Usergroups are " + user_groups.inspect)
-      self.ability_logic.each do |method|
-        send(method)
-      end
+      grant_permissions
     end
 
     def create_permissions
@@ -73,33 +53,19 @@ module Hydra
     end
 
     def read_permissions
-      can :read, String do |id|
-        test_read(id)
-      end
+      super
 
       can :read, ActiveFedora::Base do |obj|
         test_read(obj.id)
       end
-
-      can :read, SolrDocument do |obj|
-        cache.put(obj.id, obj)
-        test_read(obj.id)
-      end
     end
 
     def discover_permissions
-      can :discover, String do |id|
-        test_discover(id)
-      end
+      super
 
       can :discover, ActiveFedora::Base do |obj|
         test_discover(obj.id)
       end
-
-      can :discover, SolrDocument do |obj|
-        cache.put(obj.id, obj)
-        test_discover(obj.id)
-      end
     end
 
     # Download permissions are exercised in Hydra::Controller::DownloadBehavior
@@ -125,20 +91,6 @@ module Hydra
       result
     end
 
-    def test_read(id)
-      Rails.logger.debug("[CANCAN] Checking read permissions for user: #{current_user.user_key} with groups: #{user_groups.inspect}")
-      group_intersection = user_groups & read_groups(id)
-      result = !group_intersection.empty? || read_users(id).include?(current_user.user_key)
-      result
-    end
-
-    def test_discover(id)
-      Rails.logger.debug("[CANCAN] Checking discover permissions for user: #{current_user.user_key} with groups: #{user_groups.inspect}")
-      group_intersection = user_groups & discover_groups(id)
-      result = !group_intersection.empty? || discover_users(id).include?(current_user.user_key)
-      result
-    end
-
     def edit_groups(id)
       doc = permissions_doc(id)
       return [] if doc.nil?
@@ -149,20 +101,10 @@ module Hydra
 
     # edit implies read, so read_groups is the union of edit and read groups
     def read_groups(id)
-      doc = permissions_doc(id)
-      return [] if doc.nil?
-      rg = edit_groups(id) | (doc[self.class.read_group_field] || [])
+      rg = super
+      rg |= edit_groups(id)
       Rails.logger.debug("[CANCAN] read_groups: #{rg.inspect}")
-      return rg
-    end
-
-    # read implies discover, so discover_groups is the union of read and discover groups
-    def discover_groups(id)
-      doc = permissions_doc(id)
-      return [] if doc.nil?
-      dg = read_groups(id) | (doc[self.class.discover_group_field] || [])
-      Rails.logger.debug("[CANCAN] discover_groups: #{dg.inspect}")
-      dg
+      rg
     end
 
     def edit_users(id)
@@ -175,21 +117,12 @@ module Hydra
 
     # edit implies read, so read_users is the union of edit and read users
     def read_users(id)
-      doc = permissions_doc(id)
-      return [] if doc.nil?
-      rp = edit_users(id) | (doc[self.class.read_user_field] || [])
+      rp = super
+      rp |= edit_users(id)
       Rails.logger.debug("[CANCAN] read_users: #{rp.inspect}")
-      return rp
+      rp
     end
 
-    # read implies discover, so discover_users is the union of read and discover users
-    def discover_users(id)
-      doc = permissions_doc(id)
-      return [] if doc.nil?
-      dp = read_users(id) | (doc[self.class.discover_user_field] || [])
-      Rails.logger.debug("[CANCAN] discover_users: #{dp.inspect}")
-      dp
-    end
 
     module ClassMethods
       def read_group_field

data/lib/hydra/access_controls_enforcement.rb

@@ -1,36 +1,9 @@
 module Hydra::AccessControlsEnforcement
   extend ActiveSupport::Concern
-
-  included do |klass|
-    attr_writer :current_ability
-    class_attribute :solr_access_filters_logic
-
-    # Set defaults. Each symbol identifies a _method_ that must be in
-    # this class, taking one parameter (permission_types)
-    # Can be changed in local apps or by plugins, eg:
-    # CatalogController.include ModuleDefiningNewMethod
-    # CatalogController.solr_access_filters_logic += [:new_method]
-    # CatalogController.solr_access_filters_logic.delete(:we_dont_want)
-    self.solr_access_filters_logic = [:apply_group_permissions, :apply_user_permissions]
-
-  end
-
-  def current_ability
-    @current_ability || raise("current_ability has not been set on #{self}")
-  end
+  include Blacklight::AccessControls::Enforcement
 
   protected
 
-  def gated_discovery_filters(permission_types = discovery_permissions, ability = current_ability)
-    user_access_filters = []
-
-    # Grant access based on user id & group
-    solr_access_filters_logic.each do |method_name|
-      user_access_filters += send(method_name, permission_types, ability)
-    end
-    user_access_filters
-  end
-
   def under_embargo?
     load_permissions_from_solr
     embargo_key = Hydra.config.permissions.embargo.release_date
@@ -41,82 +14,18 @@ module Hydra::AccessControlsEnforcement
     false
   end
 
-  #
-  # Action-specific enforcement
-  #
-
-  # Controller "before" filter for enforcing access controls on show actions
-  # @param [Hash] opts (optional, not currently used)
-  def enforce_show_permissions(opts={})
-    permissions = current_ability.permissions_doc(params[:id])
-    if permissions.under_embargo? && !can?(:edit, permissions)
-      raise Hydra::AccessDenied.new("This item is under embargo.  You do not have sufficient access privileges to read this document.", :edit, params[:id])
-    end
-    unless can? :read, permissions
-      raise Hydra::AccessDenied.new("You do not have sufficient access privileges to read this document, which has been marked private.", :read, params[:id])
-    end
-  end
-
-  # Solr query modifications
-  #
-
-  # Set solr_parameters to enforce appropriate permissions
-  # * Applies a lucene query to the solr :q parameter for gated discovery
-  # * Uses public_qt search handler if user does not have "read" permissions
-  # @param solr_parameters the current solr parameters
-  #
-  # @example This method should be added to your CatalogController's search_params_logic
-  #   class CatalogController < ApplicationController
-  #     CatalogController.search_params_logic += [:add_access_controls_to_solr_params]
-  #   end
-  def add_access_controls_to_solr_params(solr_parameters)
-    apply_gated_discovery(solr_parameters)
-  end
-
-
   # Which permission levels (logical OR) will grant you the ability to discover documents in a search.
-
-  # Override this method if you want it to be something other than the default
+  # Overrides blacklight-access_controls method.
   def discovery_permissions
     @discovery_permissions ||= ["edit","discover","read"]
   end
-  def discovery_permissions= (permissions)
-    @discovery_permissions = permissions
-  end
 
-  # Contrller before filter that sets up access-controlled lucene query in order to provide gated discovery behavior
-  # @param solr_parameters the current solr parameters
-  def apply_gated_discovery(solr_parameters)
-    solr_parameters[:fq] ||= []
-    solr_parameters[:fq] << gated_discovery_filters.join(" OR ")
-    Rails.logger.debug("Solr parameters: #{ solr_parameters.inspect }")
+  # Find the name of the solr field for this type of permission.
+  # e.g. "read_access_group_ssim" or "discover_access_person_ssim".
+  # Used by blacklight-access_controls.
+  def solr_field_for(permission_type, permission_category)
+    permissions = Hydra.config.permissions[permission_type.to_sym]
+    permission_category == 'group' ? permissions.group : permissions.individual
   end
 
-
-  def apply_group_permissions(permission_types, ability = current_ability)
-      # for groups
-      user_access_filters = []
-      ability.user_groups.each_with_index do |group, i|
-        permission_types.each do |type|
-          user_access_filters << escape_filter(Hydra.config.permissions[type.to_sym].group, group)
-        end
-      end
-      user_access_filters
-  end
-
-  def escape_filter(key, value)
-    [key, value.gsub(/[ :\/]/, ' ' => '\ ', '/' => '\/', ':' => '\:')].join(':')
-  end
-
-  def apply_user_permissions(permission_types, ability = current_ability)
-      # for individual user access
-      user_access_filters = []
-      user = ability.current_user
-      if user && user.user_key.present?
-        permission_types.each do |type|
-          user_access_filters << escape_filter(Hydra.config.permissions[type.to_sym].individual, user.user_key)
-        end
-      end
-      user_access_filters
-  end
 end

data/lib/hydra/permissions_cache.rb

@@ -1,18 +1,6 @@
-class Hydra::PermissionsCache
-  def initialize
-    clear 
-  end
+class Hydra::PermissionsCache < Blacklight::AccessControls::PermissionsCache
+  extend Deprecation
 
-  def get(pid)
-    @cache[pid]
-  end
-
-  def put(pid, doc)
-    @cache[pid] = doc 
-  end
-
-  def clear
-    @cache = {}
-  end
+  Deprecation.warn Hydra::PermissionsCache, "Hydra::PermissionsCache will be removed in Hydra 10.  Use Blacklight::AccessControls::PermissionsCache instead (from blacklight-access_controls gem)."
 
 end

data/lib/hydra/permissions_query.rb

@@ -2,48 +2,13 @@ module Hydra
   module PermissionsQuery
     extend ActiveSupport::Concern
 
-    def permissions_doc(pid)
-      doc = cache.get(pid)
-      unless doc
-        doc = get_permissions_solr_response_for_doc_id(pid)
-        cache.put(pid, doc)
-      end
-      doc
-    end
-
-    protected
-
-    # a solr query method
-    # retrieve a solr document, given the doc id
-    # Modeled on Blacklight::SolrHelper.get_permissions_solr_response_for_doc_id
-    # @param [String] id of the documetn to retrieve
-    # @param [Hash] extra_controller_params (optional)
-    def get_permissions_solr_response_for_doc_id(id=nil, extra_controller_params={})
-      raise Blacklight::Exceptions::InvalidSolrID.new("The application is trying to retrieve permissions without specifying an asset id") if id.nil?
-      solr_opts = permissions_solr_doc_params(id).merge(extra_controller_params)
-      response = ActiveFedora::SolrService.instance.conn.get('select', params: solr_opts)
-      solr_response = Blacklight::Solr::Response.new(response, solr_opts)
+    include Blacklight::AccessControls::PermissionsQuery
 
-      raise Blacklight::Exceptions::InvalidSolrID.new("The solr permissions search handler didn't return anything for id \"#{id}\"") if solr_response.docs.empty?
-      Hydra::PermissionsSolrDocument.new(solr_response.docs.first, solr_response)
+    # What type of solr document to create for the
+    # Blacklight::AccessControls::PermissionsQuery.
+    def permissions_document_class
+      Hydra::PermissionsSolrDocument
     end
 
-    #
-    #  Solr integration
-    #
-
-    # returns a params hash with the permissions info for a single solr document
-    # If the id arg is nil, then the value is fetched from params[:id]
-    # This method is primary called by the get_permissions_solr_response_for_doc_id method.
-    # Modeled on Blacklight::SolrHelper.solr_doc_params
-    # @param [String] id of the documetn to retrieve
-    def permissions_solr_doc_params(id=nil)
-      id ||= params[:id]
-      # just to be consistent with the other solr param methods:
-      {
-        qt: :permissions,
-        id: id # this assumes the document request handler will map the 'id' param to the unique key field
-      }
-    end
   end
 end

data/lib/hydra/policy_aware_ability.rb

@@ -1,6 +1,7 @@
 # Repeats access controls evaluation methods, but checks against a governing "Policy" object (or "Collection" object) that provides inherited access controls.
 module Hydra::PolicyAwareAbility
   extend ActiveSupport::Concern
+  include Blacklight::AccessControls::Ability
   include Hydra::Ability
 
   IS_GOVERNED_BY_SOLR_FIELD = "isGovernedBy_ssim".freeze

data/lib/hydra/policy_aware_access_controls_enforcement.rb

@@ -6,8 +6,7 @@ module Hydra::PolicyAwareAccessControlsEnforcement
   # @param solr_parameters the current solr parameters
   # @param user_parameters the current user-subitted parameters
   def apply_gated_discovery(solr_parameters)
-    solr_parameters[:fq] ||= []
-    solr_parameters[:fq] << gated_discovery_filters.join(' OR '.freeze)
+    super
     logger.debug("POLICY-aware Solr parameters: #{ solr_parameters.inspect }")
   end
 
@@ -50,6 +49,11 @@ module Hydra::PolicyAwareAccessControlsEnforcement
     end
   end
 
+  # Override method from blacklight-access_controls
+  def discovery_permissions
+    @discovery_permissions ||= ["edit", "discover", "read"]
+  end
+
   # Returns the Model used for AdminPolicy objects.
   # You can set this by overriding this method or setting Hydra.config[:permissions][:policy_class]
   # Defults to Hydra::AdminPolicy
@@ -68,4 +72,12 @@ module Hydra::PolicyAwareAccessControlsEnforcement
     filters
   end
 
+  # Find the name of the solr field for this type of permission.
+  # e.g. "read_access_group_ssim" or "discover_access_person_ssim".
+  # Used by blacklight-access_controls gem.
+  def solr_field_for(permission_type, permission_category)
+    permissions = Hydra.config.permissions[permission_type.to_sym]
+    permission_category == 'group' ? permissions.group : permissions.individual
+  end
+
 end

data/lib/hydra/user.rb

@@ -2,18 +2,13 @@
 # By default, this module assumes you are using the User model created by Blacklight, which uses Devise.
 # To integrate your own User implementation into Hydra, override this Module or define your own User model in app/models/user.rb within your Hydra head.
 module Hydra::User
+  include Blacklight::AccessControls::User
   
   def self.included(klass)
     # Other modules to auto-include
     klass.extend(ClassMethods)
   end
 
-  # This method should display the unique identifier for this user as defined by devise.
-  # The unique identifier is what access controls will be enforced against. 
-  def user_key
-    send(Devise.authentication_keys.first)
-  end
-
   def groups
     RoleMapper.roles(self)
   end

data/spec/support/config/{solr.yml → blacklight.yml}

@@ -1,4 +1,6 @@
 development:
+  adapter: solr
   url: http://localhost:<%= ENV['TEST_JETTY_PORT'] || 8983 %>/solr/development
-test: 
+test:
+  adapter: solr
   url: http://localhost:<%= ENV['TEST_JETTY_PORT'] || 8983 %>/solr/test

data/spec/unit/ability_spec.rb

@@ -233,6 +233,7 @@ describe Ability do
   describe "custom method" do
     before do
       class MyAbility
+        include Blacklight::AccessControls::Ability
         include Hydra::Ability
         self.ability_logic +=[:setup_my_permissions]
 

data/spec/unit/access_controls_enforcement_spec.rb

@@ -1,22 +1,32 @@
 require 'spec_helper'
 
 describe Hydra::AccessControlsEnforcement do
-  before(:all) do
-    class MockController
-      include Hydra::AccessControlsEnforcement
-      attr_accessor :params
+  let(:controller) { MockController.new }
+  let(:method_chain) { MockController.search_params_logic }
+  let(:search_builder) { MockSearchBuilder.new(method_chain, controller) }
 
-      def current_ability
-        @current_ability ||= Ability.new(current_user)
-      end
+  class MockController
+    def self.search_params_logic
+      [:add_access_controls_to_solr_params]
+    end
+  end
 
-      def session
-      end
+  class MockSearchBuilder < Blacklight::SearchBuilder
+    include Blacklight::Solr::SearchBuilderBehavior
+    include Hydra::AccessControlsEnforcement
+    attr_accessor :params
+
+    def current_ability
+      @current_ability ||= Ability.new(current_user)
+    end
 
-      delegate :logger, to: :Rails
+    def session
     end
+
+    delegate :logger, to: :Rails
   end
-  subject { MockController.new }
+
+  subject { search_builder }
 
   describe "When I am searching for content" do
     before do
@@ -85,32 +95,6 @@ describe Hydra::AccessControlsEnforcement do
     end
   end
 
-  describe "enforce_show_permissions" do
-    it "should allow a user w/ edit permissions to view an embargoed object" do
-      user = User.new :uid=>'testuser@example.com'
-      allow(RoleMapper).to receive(:roles).with(user).and_return(["archivist"])
-      allow(subject).to receive(:current_user).and_return(user)
-      allow(subject).to receive(:can?).with(:read, nil).and_return(true)
-      stub_doc = Hydra::PermissionsSolrDocument.new({"edit_access_person_ssim"=>["testuser@example.com"], "embargo_release_date_dtsi"=>(Date.parse(Time.now.to_s)+2).to_s})
-
-      subject.params = {}
-      expect(subject).to receive(:can?).with(:edit, stub_doc).and_return(true)
-      expect(subject).to receive(:can?).with(:read, stub_doc).and_return(true)
-      expect(subject.current_ability).to receive(:get_permissions_solr_response_for_doc_id).and_return(stub_doc)
-      expect { subject.send(:enforce_show_permissions, {}) }.not_to raise_error
-    end
-    it "should prevent a user w/o edit permissions from viewing an embargoed object" do
-      user = User.new :uid=>'testuser@example.com'
-      allow(RoleMapper).to receive(:roles).with(user).and_return([])
-      allow(subject).to receive(:current_user).and_return(user)
-      allow(subject).to receive(:can?).with(:read, nil).and_return(true)
-      subject.params = {}
-      stub_doc = Hydra::PermissionsSolrDocument.new({"edit_access_person_ssim"=>["testuser@example.com"], "embargo_release_date_dtsi"=>(Date.parse(Time.now.to_s)+2).to_s})
-      expect(subject.current_ability).to receive(:get_permissions_solr_response_for_doc_id).and_return(stub_doc)
-      expect(subject).to receive(:can?).with(:edit, stub_doc).and_return(false)
-      expect {subject.send(:enforce_show_permissions, {})}.to raise_error Hydra::AccessDenied, "This item is under embargo.  You do not have sufficient access privileges to read this document."
-    end
-  end
   describe "apply_gated_discovery" do
     before(:each) do
       @stub_user = User.new :uid=>'archivist1@example.com'

data/spec/unit/policy_aware_access_controls_enforcement_spec.rb

@@ -2,7 +2,8 @@ require 'spec_helper'
 
 describe Hydra::PolicyAwareAccessControlsEnforcement do
   before do
-    class PolicyMockSearchBuilder
+    class PolicyMockSearchBuilder < Blacklight::SearchBuilder
+      include Blacklight::Solr::SearchBuilderBehavior
       include Hydra::AccessControlsEnforcement
       include Hydra::PolicyAwareAccessControlsEnforcement
       attr_accessor :params
@@ -100,12 +101,14 @@ describe Hydra::PolicyAwareAccessControlsEnforcement do
       before do
         allow(RoleMapper).to receive(:roles).with(user).and_return(user.roles)
       end
+
       it "should return the policies that provide discover permissions" do
         @policies_with_access.map {|p| p.id }.each do |p|
           expect(subject.policies_with_access).to include(p)
         end
         expect(subject.policies_with_access).to_not include("test-policy_no_access")
       end
+
       it "should allow you to configure which model to use for policies" do
         allow(Hydra.config.permissions).to receive(:policy_class).and_return(ModsAsset)
         expect(ModsAsset).to receive(:find_with_conditions).and_return([])

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: hydra-access-controls
 version: !ruby/object:Gem::Version
-  version: 9.5.0
+  version: 9.6.0
 platform: ruby
 authors:
 - Chris Beer
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-11-11 00:00:00.000000000 Z
+date: 2016-01-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -72,30 +72,30 @@ dependencies:
   name: blacklight
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '5.16'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '5.16'
 - !ruby/object:Gem::Dependency
-  name: sass-rails
+  name: blacklight-access_controls
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '0.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '0.1'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -181,9 +181,9 @@ files:
 - spec/services/embargo_service_spec.rb
 - spec/services/lease_service_spec.rb
 - spec/spec_helper.rb
+- spec/support/config/blacklight.yml
 - spec/support/config/hydra_ip_range.yml
 - spec/support/config/role_map.yml
-- spec/support/config/solr.yml
 - spec/support/mods_asset.rb
 - spec/support/rails.rb
 - spec/support/solr_document.rb
@@ -226,7 +226,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.5.1
+rubygems_version: 2.5.1
 signing_key: 
 specification_version: 4
 summary: Access controls for project hydra
@@ -237,9 +237,9 @@ test_files:
 - spec/services/embargo_service_spec.rb
 - spec/services/lease_service_spec.rb
 - spec/spec_helper.rb
+- spec/support/config/blacklight.yml
 - spec/support/config/hydra_ip_range.yml
 - spec/support/config/role_map.yml
-- spec/support/config/solr.yml
 - spec/support/mods_asset.rb
 - spec/support/rails.rb
 - spec/support/solr_document.rb