RubyGems - hydra-access-controls - Versions diffs - 6.2.0 → 6.2.1 - Mend

hydra-access-controls 6.2.0 → 6.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/hydra/policy_aware_access_controls_enforcement.rb +5 -4
data/spec/unit/policy_aware_access_controls_enforcement_spec.rb +42 -18
metadata +2 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 8aa9a9ba62eeb9030329ff121f35ea64ce5833b6
-  data.tar.gz: 3801bd2b2a23ce8e62a7af0d522b16a7f49f7794
+  metadata.gz: 5d7ec1b3adb389dc48bd7289d972644827be5eb2
+  data.tar.gz: 9f8137ca800cfa87d14ab4eeebe68d1a55b9280d
 SHA512:
-  metadata.gz: 71123bf8489eca05d1eb124a7b815b7e97148cd6bac7e9886dbc1613cba2735312fae40c90129cc297f47032b65fccc896d63d1233c3077ceccbb869a8885197
-  data.tar.gz: fcea17d03eae35064878aa41691c5d923d65f3765d8175ce16ae207512e5f10a09a8fa2e7916ec168b510566f8e8f3c462e8325a070a4f9a0eeaa8e902a5a1a4
+  metadata.gz: cbdbde25b685579b8f9685d65c9f6ef9d84669ff1db988c1ca5eac3a6d66f6a271e9fbf686856de5292c122d0a5538617133591f78c1de4ef4d85ae1918831a6
+  data.tar.gz: 37e07d96b2fe872966d00eb2fda3e87c7d7b30be1e664ac23e07a0760cae70bf05303da96eec601b96706141e86494b392502427a497a7e90d5bbb0477d5f631

data/lib/hydra/policy_aware_access_controls_enforcement.rb CHANGED

@@ -23,7 +23,6 @@ module Hydra::PolicyAwareAccessControlsEnforcement
   # find all the policies that grant discover/read/edit permissions to this user or any of it's groups
   def policies_with_access
     #### TODO -- Memoize this and put it in the session?
-    return [] unless current_user
     user_access_filters = []
     # Grant access based on user id & role
     user_access_filters += apply_policy_role_permissions(discovery_permissions)
@@ -46,12 +45,14 @@ module Hydra::PolicyAwareAccessControlsEnforcement
   end
   def apply_policy_individual_permissions(permission_types)
-      # for individual person access
-      user_access_filters = []
+    # for individual person access
+    user_access_filters = []
+    if current_user
       discovery_permissions.each do |type|
         user_access_filters << ActiveFedora::SolrService.solr_name("inheritable_#{type}_access_person", Hydra::Datastream::RightsMetadata.indexer ) + ":#{current_user.user_key}"
       end
-      user_access_filters
+    end
+    user_access_filters
   end
   # Returns the Model used for AdminPolicy objects.

data/spec/unit/policy_aware_access_controls_enforcement_spec.rb CHANGED

@@ -53,11 +53,23 @@ describe Hydra::PolicyAwareAccessControlsEnforcement do
     policy6.save
     @sample_policies << policy6
-    # no access
-    policy7 = Hydra::AdminPolicy.create(:pid=>"test:policy7")
+    # public discover
+    policy7 = Hydra::AdminPolicy.create(:pid => "test:policy7")
+    policy7.default_permissions = [{:type=>"group", :access=>"discover", :name=>"public"}]
+    policy7.save
     @sample_policies << policy7
-    @policies_with_access = @sample_policies.select { |p| p.pid != policy7.pid }
+    # public read
+    policy8 = Hydra::AdminPolicy.create(:pid => "test:policy8")
+    policy8.default_permissions = [{:type=>"group", :access=>"read", :name=>"public"}]
+    policy8.save
+    @sample_policies << policy8
+    # no access
+    policy_no_access = Hydra::AdminPolicy.create(:pid=>"test:policy_no_access")
+    @sample_policies << policy_no_access
+    @policies_with_access = @sample_policies.select { |p| p.pid != policy_no_access.pid }
   end
   after(:all) do
@@ -70,38 +82,50 @@ describe Hydra::PolicyAwareAccessControlsEnforcement do
     @solr_parameters = {}
     @user_parameters = {}
     @user = FactoryGirl.build(:sara_student)
-    RoleMapper.stub(:roles).with(@user.user_key).and_return(@user.roles)
-    subject.stub(:current_user).and_return(@user)
   end
   describe "policies_with_access" do
-    it "should return the policies that provide discover permissions" do
-      @policies_with_access.map {|p| p.pid }.each do |p|
-        subject.policies_with_access.should include(p)
+    context "Authenticated user" do
+      before do
+        RoleMapper.stub(:roles).with(@user.user_key).and_return(@user.roles)
+        subject.stub(:current_user).and_return(@user)
+      end
+      it "should return the policies that provide discover permissions" do
+        @policies_with_access.map {|p| p.pid }.each do |p|
+          subject.policies_with_access.should include(p)
+        end
+        subject.policies_with_access.should_not include("test:policy_no_access")
+      end
+      it "should allow you to configure which model to use for policies" do
+        Hydra.stub(:config).and_return( {:permissions=>{:policy_class => ModsAsset}} )
+        ModsAsset.should_receive(:find_with_conditions).and_return([])
+        subject.policies_with_access
       end
     end
-    it "should return the policies that provide discover permissions" do
-        subject.policies_with_access.should_not include("test:policy7")
-    end
-    it "should allow you to configure which model to use for policies" do
-      Hydra.stub(:config).and_return( {:permissions=>{:policy_class => ModsAsset}} )
-      ModsAsset.should_receive(:find_with_conditions).and_return([])
-      subject.policies_with_access
+    context "Anonymous user" do
+      before { subject.stub(:current_user).and_return(nil) }
+      it "should return the policies that provide discover permissions" do
+        subject.policies_with_access.should == ["test:policy7", "test:policy8"]
+      end
     end
   end
   describe "apply_gated_discovery" do
+    before do
+      RoleMapper.stub(:roles).with(@user.user_key).and_return(@user.roles)
+      subject.stub(:current_user).and_return(@user)
+    end
     it "should include policy-aware query" do
       # stubbing out policies_with_access because solr doesn't always return them in the same order.
-      policy_pids = (1..6).map {|n| "test:policy#{n}"}
+      policy_pids = (1..8).map {|n| "test:policy#{n}"}
       subject.should_receive(:policies_with_access).and_return(policy_pids)
       subject.apply_gated_discovery(@solr_parameters, @user_parameters)
-      @solr_parameters[:fq].first.should include(" OR (#{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy1 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy2 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy3 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy4 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy5 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy6)")
+      @solr_parameters[:fq].first.should include(" OR (#{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy1 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy2 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy3 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy4 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy5 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy6 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy7 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy8)")
     end
     it "should not change anything if there are no clauses to add" do
       subject.stub(:policy_clauses).and_return(nil)
       subject.apply_gated_discovery(@solr_parameters, @user_parameters)
-      @solr_parameters[:fq].first.should_not include(" OR (#{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy1 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy2 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy3 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy4 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy5 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy6)")
+      @solr_parameters[:fq].first.should_not include(" OR (#{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy1 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy2 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy3 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy4 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy5 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy6 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy7 OR #{ActiveFedora::SolrService.solr_name('is_governed_by', :symbol)}:info\\:fedora\\/test\\:policy8)")
     end
   end
 end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: hydra-access-controls
 version: !ruby/object:Gem::Version
-  version: 6.2.0
+  version: 6.2.1
 platform: ruby
 authors:
 - Chris Beer
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-05-23 00:00:00.000000000 Z
+date: 2013-06-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport