hydra-access-controls 10.0.0.beta4 → 10.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: abc166652363f95967842a0c5f8918e4a016b867
|
4
|
+
data.tar.gz: 95021128e8573f082257e7ed9a8a2fd2e25e0fe9
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: fab8f81b8dbc2ac92f674d8a5cd266eb3b90e8db09e7a1a61e5e6fa70138bf234ff911b3bf23ed9df2c435366f577c7368c3aea92a10e4c0e8d3aec6514e3adb
|
7
|
+
data.tar.gz: 33e32eadaade2db65b9c71a5ea6f291ae3565254d7759038fd2d1a4e3cbf449cfcb76d522c8e88581c9edd5751f7f84998f3bebd7ec01b191c30e5e92f204a58
|
@@ -23,7 +23,7 @@ Gem::Specification.new do |gem|
|
|
23
23
|
gem.add_dependency 'cancancan', '~> 1.8'
|
24
24
|
gem.add_dependency 'deprecation', '~> 1.0'
|
25
25
|
gem.add_dependency "blacklight", '>= 5.16'
|
26
|
-
gem.add_dependency "blacklight-access_controls", '~> 0.
|
26
|
+
gem.add_dependency "blacklight-access_controls", '~> 0.4'
|
27
27
|
|
28
28
|
gem.add_development_dependency "rake", '~> 10.1'
|
29
29
|
gem.add_development_dependency 'rspec', '~> 3.1'
|
@@ -11,7 +11,8 @@ ActiveFedora::QueryMethods.module_eval do
|
|
11
11
|
when :update, :edit, :create, :new, :destroy then [:edit]
|
12
12
|
end
|
13
13
|
|
14
|
-
|
14
|
+
filters = gated_discovery_filters(permission_types, ability).join(" OR ")
|
15
|
+
spawn.where!(filters)
|
15
16
|
end
|
16
17
|
end
|
17
18
|
|
@@ -1,170 +1,5 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
3
|
describe Hydra::AccessControlsEnforcement do
|
4
|
-
|
5
|
-
allow(Devise).to receive(:authentication_keys).and_return(['uid'])
|
6
|
-
end
|
7
|
-
let(:controller) { MockController.new }
|
8
|
-
let(:method_chain) { MockController.search_params_logic }
|
9
|
-
let(:search_builder) { MockSearchBuilder.new(method_chain, controller) }
|
10
|
-
|
11
|
-
class MockController
|
12
|
-
def self.search_params_logic
|
13
|
-
[:add_access_controls_to_solr_params]
|
14
|
-
end
|
15
|
-
end
|
16
|
-
|
17
|
-
class MockSearchBuilder < Blacklight::SearchBuilder
|
18
|
-
include Blacklight::Solr::SearchBuilderBehavior
|
19
|
-
include Hydra::AccessControlsEnforcement
|
20
|
-
attr_accessor :params
|
21
|
-
|
22
|
-
def current_ability
|
23
|
-
@current_ability ||= Ability.new(current_user)
|
24
|
-
end
|
25
|
-
|
26
|
-
def session
|
27
|
-
end
|
28
|
-
|
29
|
-
delegate :logger, to: :Rails
|
30
|
-
end
|
31
|
-
|
32
|
-
subject { search_builder }
|
33
|
-
|
34
|
-
describe "When I am searching for content" do
|
35
|
-
before do
|
36
|
-
@solr_parameters = {}
|
37
|
-
end
|
38
|
-
context "Given I am not logged in" do
|
39
|
-
before do
|
40
|
-
allow(subject).to receive(:current_user).and_return(User.new(:new_record=>true))
|
41
|
-
subject.send(:apply_gated_discovery, @solr_parameters)
|
42
|
-
end
|
43
|
-
|
44
|
-
it "Then I should be treated as a member of the 'public' group" do
|
45
|
-
expect(@solr_parameters[:fq].first).to eq 'edit_access_group_ssim:public OR discover_access_group_ssim:public OR read_access_group_ssim:public'
|
46
|
-
end
|
47
|
-
it "Then I should not be treated as a member of the 'registered' group" do
|
48
|
-
expect(@solr_parameters[:fq].first).to_not match(/registered/)
|
49
|
-
end
|
50
|
-
it "Should changed based on the discovery_perissions" do
|
51
|
-
@solr_parameters = {}
|
52
|
-
discovery_permissions = ["read","edit"]
|
53
|
-
subject.send(:apply_gated_discovery, @solr_parameters)
|
54
|
-
["edit","read"].each do |type|
|
55
|
-
expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:public/)
|
56
|
-
end
|
57
|
-
end
|
58
|
-
end
|
59
|
-
|
60
|
-
context "Given I am a registered user" do
|
61
|
-
before do
|
62
|
-
@user = FactoryGirl.build(:martia_morocco)
|
63
|
-
@user.new_record = false
|
64
|
-
allow(User).to receive(:find_by_user_key).and_return(@user)
|
65
|
-
# This is a pretty fragile way to stub it...
|
66
|
-
allow(RoleMapper).to receive(:byname).and_return(@user.user_key=>["faculty", "africana-faculty"])
|
67
|
-
allow(subject).to receive(:current_user).and_return(@user)
|
68
|
-
subject.send(:apply_gated_discovery, @solr_parameters)
|
69
|
-
end
|
70
|
-
it "Then I should be treated as a member of the 'public' and 'registered' groups" do
|
71
|
-
["discover","edit","read"].each do |type|
|
72
|
-
expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:public/)
|
73
|
-
expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:registered/)
|
74
|
-
end
|
75
|
-
end
|
76
|
-
it "Then I should see assets that I have discover, read, or edit access to" do
|
77
|
-
["discover","edit","read"].each do |type|
|
78
|
-
expect(@solr_parameters[:fq].first).to match(/#{type}_access_person_ssim\:#{@user.user_key}/)
|
79
|
-
end
|
80
|
-
end
|
81
|
-
it "Then I should see assets that my groups have discover, read, or edit access to" do
|
82
|
-
["faculty", "africana-faculty"].each do |group_id|
|
83
|
-
["discover","edit","read"].each do |type|
|
84
|
-
expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:#{group_id}/)
|
85
|
-
end
|
86
|
-
end
|
87
|
-
end
|
88
|
-
it "Should changed based on the discovery_perissions" do
|
89
|
-
@solr_parameters = {}
|
90
|
-
discovery_permissions = ["read","edit"]
|
91
|
-
subject.send(:apply_gated_discovery, @solr_parameters)
|
92
|
-
["faculty", "africana-faculty"].each do |group_id|
|
93
|
-
["edit","read"].each do |type|
|
94
|
-
expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:#{group_id}/)
|
95
|
-
end
|
96
|
-
end
|
97
|
-
end
|
98
|
-
end
|
99
|
-
end
|
100
|
-
|
101
|
-
describe "apply_gated_discovery" do
|
102
|
-
before(:each) do
|
103
|
-
@stub_user = User.new :uid=>'archivist1@example.com'
|
104
|
-
allow(RoleMapper).to receive(:roles).with(@stub_user).and_return(["archivist","researcher"])
|
105
|
-
allow(subject).to receive(:current_user).and_return(@stub_user)
|
106
|
-
@solr_parameters = {}
|
107
|
-
end
|
108
|
-
it "should set query fields for the user id checking against the discover, access, read fields" do
|
109
|
-
subject.send(:apply_gated_discovery, @solr_parameters)
|
110
|
-
["discover","edit","read"].each do |type|
|
111
|
-
expect(@solr_parameters[:fq].first).to match(/#{type}_access_person_ssim\:#{@stub_user.user_key}/)
|
112
|
-
end
|
113
|
-
end
|
114
|
-
it "should set query fields for all roles the user is a member of checking against the discover, access, read fields" do
|
115
|
-
subject.send(:apply_gated_discovery, @solr_parameters)
|
116
|
-
["discover","edit","read"].each do |type|
|
117
|
-
expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:archivist/)
|
118
|
-
expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:researcher/)
|
119
|
-
end
|
120
|
-
end
|
121
|
-
|
122
|
-
it "should escape slashes in the group names" do
|
123
|
-
allow(RoleMapper).to receive(:roles).with(@stub_user).and_return(["abc/123","cde/567"])
|
124
|
-
subject.send(:apply_gated_discovery, @solr_parameters)
|
125
|
-
["discover","edit","read"].each do |type|
|
126
|
-
expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:abc\\\/123/)
|
127
|
-
expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:cde\\\/567/)
|
128
|
-
end
|
129
|
-
end
|
130
|
-
it "should escape spaces in the group names" do
|
131
|
-
allow(RoleMapper).to receive(:roles).with(@stub_user).and_return(["abc 123","cd/e 567"])
|
132
|
-
subject.send(:apply_gated_discovery, @solr_parameters)
|
133
|
-
["discover","edit","read"].each do |type|
|
134
|
-
expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:abc\\ 123/)
|
135
|
-
expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:cd\\\/e\\ 567/)
|
136
|
-
end
|
137
|
-
end
|
138
|
-
it "should escape colons in the group names" do
|
139
|
-
allow(RoleMapper).to receive(:roles).with(@stub_user).and_return(["abc:123","cde:567"])
|
140
|
-
subject.send(:apply_gated_discovery, @solr_parameters)
|
141
|
-
["discover","edit","read"].each do |type|
|
142
|
-
expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:abc\\:123/)
|
143
|
-
expect(@solr_parameters[:fq].first).to match(/#{type}_access_group_ssim\:cde\\:567/)
|
144
|
-
end
|
145
|
-
end
|
146
|
-
end
|
147
|
-
|
148
|
-
describe "apply_user_permissions" do
|
149
|
-
describe "when the user is a guest user (user key nil)" do
|
150
|
-
before do
|
151
|
-
stub_user = User.new
|
152
|
-
allow(subject).to receive(:current_user).and_return(stub_user)
|
153
|
-
end
|
154
|
-
it "should not create filters" do
|
155
|
-
expect(subject.send(:apply_user_permissions, ["edit","discover","read"])).to eq []
|
156
|
-
end
|
157
|
-
end
|
158
|
-
describe "when the user is a guest user (user key empty string)" do
|
159
|
-
before do
|
160
|
-
stub_user = User.new :uid=>''
|
161
|
-
allow(subject).to receive(:current_user).and_return(stub_user)
|
162
|
-
end
|
163
|
-
it "should not create filters" do
|
164
|
-
expect(subject.send(:apply_user_permissions, ["edit","discover","read"])).to eq []
|
165
|
-
end
|
166
|
-
end
|
167
|
-
end
|
4
|
+
# Contents have moved to blacklight-access_controls
|
168
5
|
end
|
169
|
-
|
170
|
-
|
@@ -7,10 +7,6 @@ describe "active_fedora/accessible_by" do
|
|
7
7
|
let(:public_obj) {FactoryGirl.create(:asset)}
|
8
8
|
let(:editable_obj) {FactoryGirl.create(:asset)}
|
9
9
|
|
10
|
-
# let(:private_obj) {FactoryGirl.create(:default_access_asset)}
|
11
|
-
# let(:public_obj) {FactoryGirl.create(:open_access_asset)}
|
12
|
-
# let(:editable_obj) {FactoryGirl.create(:group_edit_asset)}
|
13
|
-
|
14
10
|
before do
|
15
11
|
private_obj.permissions_attributes = [{ name: "joe_creator", access: "edit", type: "person" }]
|
16
12
|
private_obj.save
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hydra-access-controls
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 10.0.0
|
4
|
+
version: 10.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Chris Beer
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2016-
|
13
|
+
date: 2016-06-08 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: activesupport
|
@@ -94,14 +94,14 @@ dependencies:
|
|
94
94
|
requirements:
|
95
95
|
- - "~>"
|
96
96
|
- !ruby/object:Gem::Version
|
97
|
-
version: '0.
|
97
|
+
version: '0.4'
|
98
98
|
type: :runtime
|
99
99
|
prerelease: false
|
100
100
|
version_requirements: !ruby/object:Gem::Requirement
|
101
101
|
requirements:
|
102
102
|
- - "~>"
|
103
103
|
- !ruby/object:Gem::Version
|
104
|
-
version: '0.
|
104
|
+
version: '0.4'
|
105
105
|
- !ruby/object:Gem::Dependency
|
106
106
|
name: rake
|
107
107
|
requirement: !ruby/object:Gem::Requirement
|
@@ -225,9 +225,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
225
225
|
version: 1.9.3
|
226
226
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
227
227
|
requirements:
|
228
|
-
- - "
|
228
|
+
- - ">="
|
229
229
|
- !ruby/object:Gem::Version
|
230
|
-
version:
|
230
|
+
version: '0'
|
231
231
|
requirements: []
|
232
232
|
rubyforge_project:
|
233
233
|
rubygems_version: 2.5.1
|