hydra-head 4.0.0.rc2 → 4.0.0.rc3

data/Gemfile

@@ -3,4 +3,11 @@ source "http://rubygems.org"
 # Specify your gem's dependencies in hydra-head-r3.gemspec
 gemspec
 
-gem 'blacklight', :git=>'git://github.com/projectblacklight/blacklight.git'
+# For rvm users:
+# bundle config build.ruby-debug-base19 --with-ruby-include=$rvm_path/src/ruby-1.9.3-p0
+group :test do
+  # gem 'linecache19',       '>= 0.5.13'
+  # gem 'ruby-debug-base19', '>= 0.11.26'
+  # gem 'ruby-debug19'
+end
+

data/Gemfile.lock

@@ -1,28 +1,13 @@
-GIT
-  remote: git://github.com/projectblacklight/blacklight.git
-  revision: 14d3ab3654245f13348389f4b94cf551034ef725
-  specs:
-    blacklight (3.2.2)
-      compass (>= 0.12.alpha.2)
-      kaminari
-      marc (~> 0.4.3)
-      nokogiri (~> 1.5)
-      rails (~> 3.1)
-      rsolr (~> 1.0.6)
-      rsolr-ext (~> 1.0.3)
-      sass-rails (~> 3.1)
-      unicode
-
 PATH
   remote: .
   specs:
-    hydra-head (4.0.0.rc2)
+    hydra-head (4.0.0.rc3)
       RedCloth (= 4.2.9)
-      active-fedora (~> 4.0.0.rc13)
-      blacklight (~> 3.2.2)
+      active-fedora (~> 4.0.0.rc18)
+      blacklight (~> 3.3.1)
       block_helpers
+      cancan
       devise
-      om (= 1.5.3)
       rails (~> 3.2.1)
       sanitize
       solrizer-fedora (>= 1.2.5)
@@ -44,7 +29,7 @@ GEM
       rack-cache (~> 1.1)
       rack-test (~> 0.6.1)
       sprockets (~> 2.1.2)
-    active-fedora (4.0.0.rc13)
+    active-fedora (4.0.0.rc18)
       activeresource (>= 3.0.0)
       activesupport (>= 3.0.0)
       equivalent-xml
@@ -52,7 +37,7 @@ GEM
       mime-types (>= 1.16)
       multipart-post (= 1.1.2)
       nokogiri
-      om (>= 1.5.3)
+      om (~> 1.6.0.rc3)
       rdf
       rdf-rdfxml (= 0.3.5)
       rsolr
@@ -78,9 +63,21 @@ GEM
       gyoku (>= 0.4.0)
     arel (3.0.2)
     bcrypt-ruby (3.0.1)
+    blacklight (3.3.1)
+      compass-rails (~> 1.0.0)
+      compass-susy-plugin (>= 0.9.0)
+      kaminari
+      marc (~> 0.4.3)
+      nokogiri (~> 1.5)
+      rails (~> 3.1)
+      rsolr (~> 1.0.6)
+      rsolr-ext (~> 1.0.3)
+      sass-rails (~> 3.2.0)
+      unicode
     block_helpers (0.3.3)
       activesupport (>= 2.0)
     builder (3.0.0)
+    cancan (1.6.7)
     capybara (1.1.2)
       mime-types (>= 1.16)
       nokogiri (>= 1.3.3)
@@ -91,10 +88,14 @@ GEM
     childprocess (0.3.1)
       ffi (~> 1.0.6)
     chunky_png (1.2.5)
-    compass (0.12.rc.1)
+    compass (0.12.1)
       chunky_png (~> 1.2)
       fssm (>= 0.2.7)
       sass (~> 3.1)
+    compass-rails (1.0.1)
+      compass (~> 0.12.0)
+    compass-susy-plugin (0.9)
+      compass (>= 0.11.1)
     cucumber (1.1.9)
       builder (>= 2.1.2)
       diff-lcs (>= 1.1.2)
@@ -115,12 +116,12 @@ GEM
     equivalent-xml (0.2.9)
       nokogiri (>= 1.4.3)
     erubis (2.7.0)
-    factory_girl (2.6.1)
+    factory_girl (2.6.4)
       activesupport (>= 2.3.9)
     fastercsv (1.5.4)
     ffi (1.0.11)
     fssm (0.2.8.1)
-    gherkin (2.9.0)
+    gherkin (2.9.1)
       json (>= 1.4.6)
     gyoku (0.4.4)
       builder (>= 2.1.2)
@@ -141,7 +142,7 @@ GEM
       activesupport (>= 3.0.0)
       railties (>= 3.0.0)
     logger (1.2.8)
-    mail (2.4.3)
+    mail (2.4.4)
       i18n (>= 0.4.0)
       mime-types (~> 1.16)
       treetop (~> 1.4.8)
@@ -153,15 +154,15 @@ GEM
       metaclass (~> 0.0.1)
     multi_json (1.1.0)
     multipart-post (1.1.2)
-    nokogiri (1.5.0)
+    nokogiri (1.5.2)
     nori (1.1.0)
-    om (1.5.3)
+    om (1.6.0.rc3)
       mediashelf-loggable
       nokogiri (>= 1.4.2)
-    orm_adapter (0.0.6)
+    orm_adapter (0.0.7)
     polyglot (0.3.3)
     rack (1.4.1)
-    rack-cache (1.1)
+    rack-cache (1.2)
       rack (>= 0.4)
     rack-ssl (1.3.2)
       rack
@@ -196,19 +197,19 @@ GEM
       builder (>= 2.1.2)
     rsolr-ext (1.0.3)
       rsolr (>= 1.0.2)
-    rspec (2.6.0)
-      rspec-core (~> 2.6.0)
-      rspec-expectations (~> 2.6.0)
-      rspec-mocks (~> 2.6.0)
-    rspec-core (2.6.4)
-    rspec-expectations (2.6.0)
-      diff-lcs (~> 1.1.2)
-    rspec-mocks (2.6.0)
-    rspec-rails (2.6.1)
-      actionpack (~> 3.0)
-      activesupport (~> 3.0)
-      railties (~> 3.0)
-      rspec (~> 2.6.0)
+    rspec (2.9.0)
+      rspec-core (~> 2.9.0)
+      rspec-expectations (~> 2.9.0)
+      rspec-mocks (~> 2.9.0)
+    rspec-core (2.9.0)
+    rspec-expectations (2.9.0)
+      diff-lcs (~> 1.1.3)
+    rspec-mocks (2.9.0)
+    rspec-rails (2.9.0)
+      actionpack (>= 3.0)
+      activesupport (>= 3.0)
+      railties (>= 3.0)
+      rspec (~> 2.9.0)
     rubydora (0.5.7)
       activemodel
       activesupport
@@ -221,7 +222,7 @@ GEM
     sanitize (2.0.3)
       nokogiri (>= 1.4.4, < 1.6)
     sass (3.1.15)
-    sass-rails (3.2.4)
+    sass-rails (3.2.5)
       railties (~> 3.2.0)
       sass (>= 3.1.10)
       tilt (~> 1.3)
@@ -260,7 +261,7 @@ GEM
     sqlite3 (1.3.5)
     sqlite3-ruby (1.3.3)
       sqlite3 (>= 1.3.3)
-    stomp (1.2.1)
+    stomp (1.2.2)
     term-ansicolor (1.0.7)
     thor (0.14.6)
     tilt (1.3.3)
@@ -282,12 +283,11 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
-  blacklight!
   cucumber-rails (>= 1.2.0)
   factory_girl
   hydra-head!
   jettywrapper (>= 1.0.4)
   mocha
-  rspec-rails (~> 2.6.0)
+  rspec-rails
   sqlite3-ruby
   yard

data/HISTORY.textile

@@ -1,7 +1,9 @@
 h3. 4.0.0
 * Upgrade to active fedora 4.0.0
+* Upgrade to blacklight 3.3.0 
 * Removed railtie to configure active-fedora
 * Register solr happens automatically
+* Using CanCan gem for authorization
 
 h3. 3.3.0
 * HYDRA-737: fixes to work with Ruby Enterprise Edition 2011.12 and ruby-1.8.7-p357.

data/app/controllers/hydra/application_controller.rb

@@ -0,0 +1,5 @@
+class ApplicationController < ActionController::Base
+  def current_ability
+    @current_ability ||= Ability.new(current_user, session)
+  end
+end

data/app/controllers/hydra/contributors_controller.rb

@@ -2,6 +2,8 @@ class Hydra::ContributorsController < ApplicationController
   include Hydra::RepositoryController
   include Hydra::AssetsControllerHelper
   include Hydra::SubmissionWorkflow
+
+  before_filter :load_document, :only => :update 
   
   # Display form for adding a new Contributor
   # If contributor_type is provided, renders the appropriate "new" form
@@ -42,7 +44,6 @@ class Hydra::ContributorsController < ApplicationController
     if params[:id].nil?  
       params[:id] = params[:asset_id]
     end
-    @document = load_document_from_params
     # generates sanatized params from params hash to update the doc with
     sanitize_update_params
     @response = update_document(@document,@sanitized_params)

data/app/controllers/hydra/permissions_controller.rb

@@ -34,7 +34,7 @@ class Hydra::PermissionsController < ApplicationController
   # Create a new permissions entry
   # expects permission["actor_id"], permission["actor_type"] and permission["access_level"] as params. ie.   :permission=>{"actor_id"=>"_person_id_","actor_type"=>"person","access_level"=>"read"}
   def create
-    @document_fedora=ActiveFedora::Base.find(params[:asset_id])
+    @document_fedora=ActiveFedora::Base.find(params[:asset_id], :cast=>true)
 
     access_actor_type = params["permission"]["actor_type"]
     actor_id = params["permission"]["actor_id"]
@@ -69,7 +69,7 @@ class Hydra::PermissionsController < ApplicationController
       pid = params[:id]
     end
     
-    @document_fedora=ActiveFedora::Base.find(pid)
+    @document_fedora=ActiveFedora::Base.find(pid, :cast=>true)
 
     # update the datastream's values
     result = @document_fedora.rightsMetadata.update_permissions(params[:permission])

data/app/helpers/hydra/hydra_assets_helper_behavior.rb

@@ -39,14 +39,15 @@ module Hydra::HydraAssetsHelperBehavior
 
   def get_file_asset_count(document)
     count = 0
+    ### TODO switch to AF::Base.count
     obj = ActiveFedora::Base.load_instance_from_solr(document['id'], document)
-    #obj = load_af_instance_from_solr(document)
-    count += obj.file_objects.length unless obj.nil?
+    count += obj.parts.length unless obj.nil?
     count
   end
   
   def get_file_asset_description(document)
-    obj = load_af_instance_from_solr(document)
+    #TODO need test coverage
+    obj = ActiveFedora::Base.load_instance_from_solr(document['id'], document)
     if obj.nil? || obj.file_objects.empty?
       return ""
     else

data/app/models/ability.rb

@@ -0,0 +1,97 @@
+class Ability
+  include CanCan::Ability
+  include Hydra::AccessControlsEnforcement
+
+  attr_reader :user, :user_groups
+
+  def initialize(user, session=nil)
+    user ||= User.new # guest user (not logged in)
+    @user = user
+    @user_groups = RoleMapper.roles(@user.email)
+    # everyone is automatically a member of the group 'public'
+    @user_groups.push 'public' unless @user_groups.include?('public')
+    # logged-in users are automatically members of the group "registered"
+    @user_groups.push 'registered' unless (@user.email == '' || @user == "public" || @user_groups.include?('registered') )
+    
+    logger.debug("Usergroups is " + @user_groups.inspect)
+    
+    if @user.is_being_superuser?(session)
+      can :manage, :all
+    else
+      can :edit, String do |pid|
+        @response, @permissions_solr_document = get_permissions_solr_response_for_doc_id(pid)
+        test_edit
+      end 
+
+      can :edit, ActiveFedora::Base do |obj|
+        @response, @permissions_solr_document = get_permissions_solr_response_for_doc_id(obj.pid)
+        test_edit
+      end
+ 
+      can :edit, SolrDocument do |obj|
+        test_edit
+      end       
+
+      can :read, String do |pid|
+        @response, @permissions_solr_document = get_permissions_solr_response_for_doc_id(pid)
+        test_read
+      end
+
+      can :read, ActiveFedora::Base do |obj|
+        @response, @permissions_solr_document = get_permissions_solr_response_for_doc_id(obj.pid)
+        test_read
+      end 
+      
+      can :read, SolrDocument do |obj|
+        test_read
+      end 
+    end
+  end
+  
+  private
+  def test_edit
+    logger.debug("CANCAN Checking edit permissions for user: #{@user}")
+    group_intersection = @user_groups & edit_groups
+    result = !group_intersection.empty? || edit_persons.include?(@user.email)
+    logger.debug("CANCAN decision: #{result}")
+    result
+  end   
+  
+  def test_read
+    logger.debug("CANCAN Checking edit permissions for user: #{@user}")
+    group_intersection = @user_groups & read_groups
+    result = !group_intersection.empty? || read_persons.include?(@user.email)
+    logger.debug("CANCAN decision: #{result}")
+    result
+  end 
+  
+  def edit_groups
+    edit_group_field = Hydra.config[:permissions][:edit][:group]
+    eg = ((@permissions_solr_document == nil || @permissions_solr_document.fetch(edit_group_field,nil) == nil) ? [] : @permissions_solr_document.fetch(edit_group_field,nil))
+    logger.debug("edit_groups: #{eg.inspect}")
+    return eg
+  end
+
+  # edit implies read, so read_groups is the union of edit and read groups
+  def read_groups
+    read_group_field = Hydra.config[:permissions][:read][:group]
+    rg = edit_groups | ((@permissions_solr_document == nil || @permissions_solr_document.fetch(read_group_field,nil) == nil) ? [] : @permissions_solr_document.fetch(read_group_field,nil))
+    logger.debug("read_groups: #{rg.inspect}")
+    return rg
+  end
+
+  def edit_persons
+    edit_person_field = Hydra.config[:permissions][:edit][:individual]
+    ep = ((@permissions_solr_document == nil || @permissions_solr_document.fetch(edit_person_field,nil) == nil) ? [] : @permissions_solr_document.fetch(edit_person_field,nil))
+    logger.debug("edit_persons: #{ep.inspect}")
+    return ep
+  end
+
+  # edit implies read, so read_persons is the union of edit and read persons
+  def read_persons
+    read_individual_field = Hydra.config[:permissions][:read][:individual]
+    rp = edit_persons | ((@permissions_solr_document == nil || @permissions_solr_document.fetch(read_individual_field,nil) == nil) ? [] : @permissions_solr_document.fetch(read_individual_field,nil))
+    logger.debug("read_persons: #{rp.inspect}")
+    return rp
+  end
+end

data/app/models/common_metadata_asset.rb

@@ -1,9 +1,9 @@
 # A Basic Model for Assets that conform to Hydra commonMetadata cModel and have basic MODS metadata (currently "Article" is the MODS exemplar)
 class CommonMetadataAsset < ActiveFedora::Base
   
-  # declares a rightsMetadata datastream with type Hydra::RightsMetadata
+  # declares a rightsMetadata datastream with type Hydra::Datastream::RightsMetadata
   #  basically, it is another expression of
-  #  has_metadata :name => "rightsMetadata", :type => Hydra::RightsMetadata
+  #  has_metadata :name => "rightsMetadata", :type => Hydra::Datastream::RightsMetadata
   include Hydra::ModelMixins::CommonMetadata
   
   # adds helpful methods for basic hydra objects

data/app/models/generic_content.rb

@@ -1,12 +1,10 @@
-require 'hydra'
-
 class GenericContent < ActiveFedora::Base
 
   # Uses the Hydra Rights Metadata Schema for tracking access permissions & copyright
-  has_metadata :name => "rightsMetadata", :type => Hydra::RightsMetadata 
+  has_metadata :name => "rightsMetadata", :type => Hydra::Datastream::RightsMetadata 
 
   include Hydra::GenericContent
-  has_metadata :name => "descMetadata", :type => Hydra::ModsGenericContent
+  has_metadata :name => "descMetadata", :type => Hydra::Datastream::ModsGenericContent
 
   # A place to put extra metadata values
   has_metadata :name => "properties", :type => ActiveFedora::MetadataDatastream do |m|

data/app/models/generic_image.rb

@@ -45,10 +45,10 @@ class GenericImage < ActiveFedora::Base
   include Hydra::ModelMethods
   
   # Uses the Hydra Rights Metadata Schema for tracking access permissions & copyright
-  has_metadata :name => "rightsMetadata", :type => Hydra::RightsMetadata 
+  has_metadata :name => "rightsMetadata", :type => Hydra::Datastream::RightsMetadata 
 
   include Hydra::GenericImage
-  has_metadata :name => "descMetadata", :type => Hydra::ModsImage
+  has_metadata :name => "descMetadata", :type => Hydra::Datastream::ModsImage
   
   # A place to put extra metadata values
   has_metadata :name => "properties", :type => ActiveFedora::MetadataDatastream do |m|
@@ -61,4 +61,4 @@ class GenericImage < ActiveFedora::Base
     super
   end
   
-end
+end

data/app/models/hydra/datastream/common_mods_index_methods.rb

@@ -0,0 +1,45 @@
+# Provides some helper methods for indexing compound or non-standard facets
+#
+# == Methods
+# 
+# extract_person_full_names
+#   This method returns a Hash of person_full_name_facet values which combine Lastname, Firstname
+# extract_person_organizations
+#   This method returns a Hash of person_full_name_facet values which extract the persons affiliation and puts it in an mods_organization_facet
+
+module Hydra
+  module Datastream
+    module CommonModsIndexMethods
+      # Extracts the first and last names of persons and creates Solr::Field objects with for person_full_name_facet
+      #
+      # == Returns:
+      # An array of Solr::Field objects
+      #
+      def extract_person_full_names
+        names = {}
+        self.find_by_terms(:person).each do |person|
+          name_parts = person.children.inject({}) do |hash,child|
+            hash[child.get_attribute(:type)] = child.text if ["family","given"].include? child.get_attribute(:type)
+            hash
+          end
+          ::Solrizer::Extractor.insert_solr_field_value(names,  "person_full_name_facet", [name_parts["family"], name_parts["given"]].join(", ") ) if name_parts.keys.sort == ["family","given"]
+          names
+        end
+        return names
+      end
+
+      # Extracts the affiliations of persons and creates Solr::Field objects for them
+      #
+      # == Returns:
+      # An array of Solr::Field objects
+      #
+      def extract_person_organizations
+        orgs = {}
+        self.find_by_terms(:person,:affiliation).each do |org| 
+          ::Solrizer::Extractor.insert_solr_field_value(orgs, "mods_organization_facet", org.text) 
+        end
+        return orgs
+      end
+    end
+  end
+end