hydra-access-controls 6.0.0.rc2 → 6.0.0.rc3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. data/lib/hydra/ability.rb +4 -3
  2. data/lib/hydra/access_controls_enforcement.rb +1 -2
  3. data/lib/hydra/permissions_cache.rb +10 -8
  4. data/lib/hydra/permissions_query.rb +2 -2
  5. data/spec/unit/access_controls_enforcement_spec.rb +2 -3
  6. metadata +2 -2
data/lib/hydra/ability.rb CHANGED
@@ -20,12 +20,13 @@ module Hydra
20
20
  Hydra.config[:user_model] ? Hydra.config[:user_model].constantize : ::User
21
21
  end
22
22
 
23
- attr_reader :current_user, :session
23
+ attr_reader :current_user, :session, :cache
24
24
 
25
25
  def initialize(user, session=nil)
26
26
  @current_user = user || Hydra::Ability.user_class.new # guest user (not logged in)
27
27
  @user = @current_user # just in case someone was using this in an override. Just don't.
28
28
  @session = session
29
+ @cache = Hydra::PermissionsCache.new
29
30
  hydra_default_permissions()
30
31
  end
31
32
 
@@ -66,7 +67,7 @@ module Hydra
66
67
  end
67
68
 
68
69
  can :edit, SolrDocument do |obj|
69
- PermissionsCache.put(obj.id, obj)
70
+ cache.put(obj.id, obj)
70
71
  test_edit(obj.id)
71
72
  end
72
73
  end
@@ -81,7 +82,7 @@ module Hydra
81
82
  end
82
83
 
83
84
  can :read, SolrDocument do |obj|
84
- PermissionsCache.put(obj.id, obj)
85
+ cache.put(obj.id, obj)
85
86
  test_read(obj.id)
86
87
  end
87
88
  end
data/lib/hydra/access_controls_enforcement.rb CHANGED
@@ -3,7 +3,6 @@ module Hydra::AccessControlsEnforcement
3
3
 
4
4
  included do
5
5
  include Hydra::AccessControlsEvaluation
6
- include Hydra::PermissionsQuery
7
6
  class_attribute :solr_access_filters_logic
8
7
 
9
8
  # Set defaults. Each symbol identifies a _method_ that must be in
@@ -58,7 +57,7 @@ module Hydra::AccessControlsEnforcement
58
57
  # Controller "before" filter for enforcing access controls on show actions
59
58
  # @param [Hash] opts (optional, not currently used)
60
59
  def enforce_show_permissions(opts={})
61
- permissions = permissions_doc(params[:id])
60
+ permissions = current_ability.permissions_doc(params[:id])
62
61
  unless permissions.is_public?
63
62
  #its not 'public'
64
63
  if permissions.under_embargo? && !can?(:edit, permissions)
data/lib/hydra/permissions_cache.rb CHANGED
@@ -1,16 +1,18 @@
1
- module Hydra::PermissionsCache
2
- @@cache = {}
1
+ class Hydra::PermissionsCache
2
+ def initialize
3
+ clear
4
+ end
3
5
 
4
- def self.get(pid)
5
- @@cache[pid]
6
+ def get(pid)
7
+ @cache[pid]
6
8
  end
7
9
 
8
- def self.put(pid, doc)
9
- @@cache[pid] = doc
10
+ def put(pid, doc)
11
+ @cache[pid] = doc
10
12
  end
11
13
 
12
- def self.clear
13
- @@cache = {}
14
+ def clear
15
+ @cache = {}
14
16
  end
15
17
 
16
18
  end
data/lib/hydra/permissions_query.rb CHANGED
@@ -6,10 +6,10 @@ module Hydra
6
6
  end
7
7
 
8
8
  def permissions_doc(pid)
9
- doc = Hydra::PermissionsCache.get(pid)
9
+ doc = cache.get(pid)
10
10
  unless doc
11
11
  doc = get_permissions_solr_response_for_doc_id(pid)
12
- Hydra::PermissionsCache.put(pid, doc)
12
+ cache.put(pid, doc)
13
13
  end
14
14
  doc
15
15
  end
data/spec/unit/access_controls_enforcement_spec.rb CHANGED
@@ -77,19 +77,18 @@ describe Hydra::AccessControlsEnforcement do
77
77
 
78
78
  subject.params = {}
79
79
  subject.should_receive(:can?).with(:edit, stub_doc).and_return(true)
80
- subject.should_receive(:get_permissions_solr_response_for_doc_id).and_return(stub_doc)
80
+ subject.current_ability.should_receive(:get_permissions_solr_response_for_doc_id).and_return(stub_doc)
81
81
  lambda {subject.send(:enforce_show_permissions, {}) }.should_not raise_error Hydra::AccessDenied
82
82
  end
83
83
  it "should prevent a user w/o edit permissions from viewing an embargoed object" do
84
- Hydra::PermissionsCache.clear()
85
84
  user = User.new :uid=>'testuser@example.com'
86
85
  RoleMapper.stub(:roles).with(user.user_key).and_return([])
87
86
  subject.stub(:current_user).and_return(user)
88
87
  subject.stub(:can?).with(:read, nil).and_return(true)
89
88
  subject.params = {}
90
89
  stub_doc = Hydra::PermissionsSolrDocument.new({"edit_access_person_ssim"=>["testuser@example.com"], "embargo_release_date_dtsi"=>(Date.parse(Time.now.to_s)+2).to_s})
90
+ subject.current_ability.should_receive(:get_permissions_solr_response_for_doc_id).and_return(stub_doc)
91
91
  subject.should_receive(:can?).with(:edit, stub_doc).and_return(false)
92
- subject.should_receive(:get_permissions_solr_response_for_doc_id).and_return(stub_doc)
93
92
  lambda {subject.send(:enforce_show_permissions, {})}.should raise_error Hydra::AccessDenied, "This item is under embargo. You do not have sufficient access privileges to read this document."
94
93
  end
95
94
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: hydra-access-controls
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.0.0.rc2
4
+ version: 6.0.0.rc3
5
5
  prerelease: 6
6
6
  platform: ruby
7
7
  authors:
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2013-02-19 00:00:00.000000000 Z
14
+ date: 2013-02-20 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: activesupport