hyrax 2.1.0.rc2 → 2.1.0.rc3

data/app/views/hyrax/file_sets/media_display/_image.html.erb

@@ -1,4 +1,4 @@
-<% if Hyrax.config.display_media_download_link? %>
+<% if Hyrax.config.display_media_download_link? && can?(:download, file_set.id) %>
     <div>
       <h2 class="sr-only"><%= t('hyrax.file_set.show.downloadable_content.heading') %></h2>
       <%= image_tag thumbnail_url(file_set),

data/config/features.rb

@@ -35,7 +35,7 @@ Flipflop.configure do
           default: false,
           description: "Display new reporting features. *Very Experimental*"
 
-  feature :hide_private_files,
+  feature :hide_private_items,
           default: false,
-          description: "Do not show the private files."
+          description: "Do not show the private items."
 end

data/config/locales/hyrax.de.yml

@@ -414,6 +414,7 @@ de:
         header: Artikel
         thumbnail: Miniaturansicht
         title: Titel
+        unauthorized: Es gibt keine öffentlich verfügbaren Elemente in diesem %{type}.
         visibility: Sichtbarkeit
       relationships:
         empty: Diese %{type} ist derzeit noch keiner Sammlung zugeordnet.
@@ -698,7 +699,7 @@ de:
           select_none: Nichts ausgewählt
           transfer: Besitz der Arbeit übertragen
           unhighlight: Hervorhebung der Arbeit entfernen
-          view_admin_set: Admin-Set anzeigen
+          view_admin_set: Sammlung anzeigen
           view_collection: Sammlung anzeigen
           work_confirmation: Das Löschen einer Arbeit aus %{application_name} ist dauerhaft. Klicken Sie auf OK, um diese Arbeit aus %{application_name} zu löschen, oder auf Abbrechen, um diesen Vorgang abzubrechen
         collection_list:
@@ -831,6 +832,17 @@ de:
           pdf_link: PDF Herunterladen
           video_link: Video herunterladen
     file_sets:
+      actions:
+        delete: Löschen
+        delete_confirm: Das Löschen von %{file_set} aus %{application_name} ist permanent. Klicken Sie auf OK, um dies aus %{application_name} zu löschen, oder auf Abbrechen, um diesen Vorgang abzubrechen
+        delete_title: Löschen Sie %{file_set}
+        download: Herunterladen
+        download_title: Laden Sie %{file_set} herunter
+        edit: Bearbeiten
+        edit_title: Bearbeite %{file_set}
+        header: Wählen Sie eine Aktion
+        versions: Versionen
+        versions_title: Vorherige Versionen anzeigen
       groups_description:
         description_html: Die Liste der Gruppen in der Auswahlliste mit der Bezeichnung „ Wählen Sie eine Gruppe aus „ zeigt ihnen jene Benutzer administrierten Gruppen an, bei denen Sie Mitglied sind. Sie können eine bestimmte Gruppe auswählen und eine Zugriffsebene für eine Datei innerhalb von %{application_name} zuweisen, ähnlich wie das Hinzufügen von Benutzerzugriffsebenen.
     help:

data/config/locales/hyrax.en.yml

@@ -413,6 +413,7 @@ en:
         header: Items
         thumbnail: Thumbnail
         title: Title
+        unauthorized: There are no publicly available items in this %{type}.
         visibility: Visibility
       relationships:
         empty: This %{type} is not currently in any collections.
@@ -830,6 +831,17 @@ en:
           pdf_link: Download PDF
           video_link: Download video
     file_sets:
+      actions:
+        delete: Delete
+        delete_confirm: Deleting %{file_set} from %{application_name} is permanent. Click OK to delete this from %{application_name}, or Cancel to cancel this operation
+        delete_title: Delete %{file_set}
+        download: Download
+        download_title: Download %{file_set}
+        edit: Edit
+        edit_title: Edit %{file_set}
+        header: Select an action
+        versions: Versions
+        versions_title: Display previous versions
       groups_description:
         description_html: The list of groups in the drop-down marked "Select a group" is a list of User Managed Groups that you are a member of.  You may select a specific group and assign an access level for a file within %{application_name}, similarly to adding user access levels.
     help:

data/config/locales/hyrax.es.yml

@@ -412,6 +412,7 @@ es:
         header: Elementos
         thumbnail: Miniatura
         title: Título
+        unauthorized: No hay elementos disponibles públicamente en este %{type}.
         visibility: Visibilidad
       relationships:
         empty: Este %{type} no está actualmente disponible en ninguna colección.
@@ -829,6 +830,17 @@ es:
           pdf_link: Descargar PDF
           video_link: Descargar video
     file_sets:
+      actions:
+        delete: Borrar
+        delete_confirm: Eliminar %{file_set} de %{application_name} es permanente. Haga clic en Aceptar para eliminar esto de %{application_name}, o en Cancelar para cancelar esta operación
+        delete_title: Eliminar %{file_set}
+        download: Descargar
+        download_title: Descargar %{file_set}
+        edit: Editar
+        edit_title: Editar %{file_set}
+        header: Selecciona una acción
+        versions: Versiones
+        versions_title: Mostrar versiones anteriores
       groups_description:
         description_html: 'La lista de grupos del listado "Seleccionar un grupo" es una lista de Grupos Administrados por el Usuario de la que que es miembro. Puede seleccionar un grupo específico y asignar un nivel de acceso por archivo dentro de %{application_name}, y del mismo modo puede agregar niveles de acceso de usuarios.
 

data/config/locales/hyrax.fr.yml

@@ -413,6 +413,7 @@ fr:
         header: Articles
         thumbnail: La vignette
         title: Titre
+        unauthorized: Il n'y a pas d'objets disponibles publiquement dans ce %{type}.
         visibility: Visibilité
       relationships:
         empty: Ce %{type} ne se trouve actuellement dans aucune collection.
@@ -830,6 +831,17 @@ fr:
           pdf_link: Télécharger le fichier PDF
           video_link: Télécharger la video
     file_sets:
+      actions:
+        delete: Effacer
+        delete_confirm: La suppression de %{file_set} à partir de %{application_name} est permanente. Cliquez sur OK pour le supprimer de %{application_name}, ou sur Annuler pour annuler cette opération
+        delete_title: Supprimer %{file_set}
+        download: Télécharger
+        download_title: Télécharger %{file_set}
+        edit: modifier
+        edit_title: Modifier %{file_set}
+        header: Sélectionnez une action
+        versions: Versions
+        versions_title: Afficher les versions précédentes
       groups_description:
         description_html: La liste des groupes dans le menu déroulant intitulé «Sélectionner un groupe» est une liste des groupes gérés par l'utilisateur dont vous êtes membre. Vous pouvez sélectionner un groupe spécifique et attribuer un niveau d'accès pour un fichier dans %{application_name}, de même que l'ajout de niveaux d'accès utilisateur.
     help:

data/config/locales/hyrax.it.yml

@@ -412,6 +412,7 @@ it:
         header: Elementi
         thumbnail: Thumbnail
         title: Titolo
+        unauthorized: Non ci sono articoli disponibili pubblicamente in questo %{type}.
         visibility: Visibilità
       relationships:
         empty: Questo %{type} non è in una raccolta.
@@ -829,6 +830,17 @@ it:
           pdf_link: Scarica il pdf
           video_link: Scarica video
     file_sets:
+      actions:
+        delete: Elimina
+        delete_confirm: L'eliminazione di %{file_set} da %{application_name} è permanente. Fare clic su OK per eliminare questo da %{application_name}, o Annulla per annullare questa operazione
+        delete_title: Elimina %{file_set}
+        download: Scaricare
+        download_title: Scarica %{file_set}
+        edit: modificare
+        edit_title: Modifica %{file_set}
+        header: Seleziona un'azione
+        versions: versioni
+        versions_title: Mostra le versioni precedenti
       groups_description:
         description_html: L'elenco dei gruppi nel menu a discesa contrassegnato con "Seleziona un gruppo" è un elenco di Gruppi gestiti utente di cui sei membro. È possibile selezionare un gruppo specifico e assegnare un livello di accesso per un file all'interno di %{application_name}, analogamente ad aggiungere livelli di accesso utente.
     help:

data/config/locales/hyrax.pt-BR.yml

@@ -407,6 +407,7 @@ pt-BR:
         header: Unid
         thumbnail: Miniatura
         title: Título
+        unauthorized: Não há itens publicamente disponíveis neste %{type}.
         visibility: Visibilidade
       relationships:
         empty: Este %{type} atualmente não está em nenhuma coleção.
@@ -824,6 +825,17 @@ pt-BR:
           pdf_link: baixar PDF
           video_link: Baixar video
     file_sets:
+      actions:
+        delete: Excluir
+        delete_confirm: A exclusão de %{file_set} de %{application_name} é permanente. Clique em OK para excluir isso do %{application_name} ou Cancelar para cancelar esta operação
+        delete_title: Excluir %{file_set}
+        download: Baixar
+        download_title: Baixar %{file_set}
+        edit: Editar
+        edit_title: Editar %{file_set}
+        header: Selecione uma ação
+        versions: Versões
+        versions_title: Exibir versões anteriores
       groups_description:
         description_html: A lista de grupos no menu suspenso marcado como "Selecionar um grupo" é uma lista de Grupos Gerenciados pelo Usuário de que você é membro. Você pode selecionar um grupo específico e atribuir um nível de acesso para um arquivo dentro do %{application_name}, de forma semelhante à adição de níveis de acesso ao usuário.
     help:

data/config/locales/hyrax.zh.yml

@@ -410,6 +410,7 @@ zh:
         header: 单件
         thumbnail: 缩略图
         title: 标题
+        unauthorized: 这个%{type}中没有公开可用的项目。
         visibility: 公开度
       relationships:
         empty: 该 %{type} 目前未纳入任何收藏集内。
@@ -827,6 +828,17 @@ zh:
           pdf_link: 下载PDF文件
           video_link: 下载视频
     file_sets:
+      actions:
+        delete: 删除
+        delete_confirm: 从%{application_name}删除%{file_set}是永久性的。单击确定从%{application_name}中删除此项，或单击取消取消此操作
+        delete_title: 删除%{file_set}
+        download: 下载
+        download_title: 下载%{file_set}
+        edit: 编辑
+        edit_title: 编辑%{file_set}
+        header: 选择一个动作
+        versions: 版本
+        versions_title: 显示以前的版本
       groups_description:
         description_html: 标有"选择一个群"的下拉框内是您所属的一组用户管理群的清单。您可以选择一个特定的群，指定对%{application_name}中文件的访问级别，类似于添加用户访问级别。
     help:

data/lib/hyrax/version.rb

@@ -1,3 +1,3 @@
 module Hyrax
-  VERSION = '2.1.0.rc2'.freeze
+  VERSION = '2.1.0.rc3'.freeze
 end

data/spec/abilities/admin_set_ability_spec.rb

@@ -23,6 +23,7 @@ RSpec.describe 'AdminSetAbility' do
       is_expected.to be_able_to(:manage, AdminSet)
       is_expected.to be_able_to(:manage_any, AdminSet)
       is_expected.to be_able_to(:create_any, AdminSet)
+      is_expected.to be_able_to(:create, AdminSet)
       is_expected.to be_able_to(:view_admin_show_any, AdminSet)
       is_expected.to be_able_to(:edit, admin_set)
       is_expected.to be_able_to(:edit, solr_document) # defined in solr_document_ability.rb
@@ -72,6 +73,7 @@ RSpec.describe 'AdminSetAbility' do
     it 'denies manage ability' do
       is_expected.not_to be_able_to(:manage, AdminSet)
       is_expected.not_to be_able_to(:create_any, AdminSet) # granted by collection type, not collection
+      is_expected.not_to be_able_to(:create, AdminSet)
     end
   end
 
@@ -100,6 +102,7 @@ RSpec.describe 'AdminSetAbility' do
       is_expected.not_to be_able_to(:manage, AdminSet)
       is_expected.not_to be_able_to(:manage_any, AdminSet)
       is_expected.not_to be_able_to(:create_any, AdminSet) # granted by collection type, not collection
+      is_expected.not_to be_able_to(:create, AdminSet)
       is_expected.not_to be_able_to(:edit, admin_set)
       is_expected.not_to be_able_to(:edit, solr_document) # defined in solr_document_ability.rb
       is_expected.not_to be_able_to(:update, admin_set)
@@ -133,6 +136,7 @@ RSpec.describe 'AdminSetAbility' do
       is_expected.not_to be_able_to(:manage, AdminSet)
       is_expected.not_to be_able_to(:manage_any, AdminSet)
       is_expected.not_to be_able_to(:create_any, AdminSet) # granted by collection type, not collection
+      is_expected.not_to be_able_to(:create, AdminSet)
       is_expected.not_to be_able_to(:edit, admin_set)
       is_expected.not_to be_able_to(:edit, solr_document) # defined in solr_document_ability.rb
       is_expected.not_to be_able_to(:update, admin_set)
@@ -154,6 +158,7 @@ RSpec.describe 'AdminSetAbility' do
       is_expected.not_to be_able_to(:manage, AdminSet)
       is_expected.not_to be_able_to(:manage_any, AdminSet)
       is_expected.not_to be_able_to(:create_any, AdminSet) # granted by collection type, not collection
+      is_expected.not_to be_able_to(:create, AdminSet)
       is_expected.not_to be_able_to(:view_admin_show_any, AdminSet)
       is_expected.not_to be_able_to(:edit, admin_set)
       is_expected.not_to be_able_to(:edit, solr_document) # defined in solr_document_ability.rb

data/spec/controllers/hyrax/admin/admin_sets_controller_spec.rb

@@ -18,16 +18,85 @@ RSpec.describe Hyrax::Admin::AdminSetsController do
     end
 
     describe "#show" do
-      context "a public admin set" do
+      before do
+        sign_in user
+        controller.instance_variable_set(:@admin_set, admin_set)
+      end
+
+      context "when user has access through public group" do
+        # Even though the user can view this admin set, they should not be able to view
+        # it on the admin page.
+        let(:admin_set) { create(:adminset_lw, with_solr_document: true, with_permission_template: { view_groups: ['public'] }) }
+
+        it 'is unauthorized' do
+          get :show, params: { id: admin_set }
+          expect(response).to be_redirect
+        end
+      end
+
+      context "when user has access through registered group" do
         # Even though the user can view this admin set, the should not be able to view
         # it on the admin page.
-        let(:admin_set) { create(:admin_set, read_groups: ['public']) }
+        let(:admin_set) { create(:adminset_lw, with_solr_document: true, with_permission_template: { view_groups: ['registered'] }) }
 
         it 'is unauthorized' do
           get :show, params: { id: admin_set }
           expect(response).to be_redirect
         end
       end
+
+      context "when user is directly granted view access" do
+        # Even though the user can view this admin set, the should not be able to view
+        # it on the admin page.
+        let(:admin_set) { create(:adminset_lw, with_solr_document: true, with_permission_template: { view_users: [user.user_key] }) }
+
+        before do
+          create(:work, :public, admin_set: admin_set)
+        end
+
+        it 'defines a presenter' do
+          get :show, params: { id: admin_set }
+          expect(response).to be_success
+          expect(assigns[:presenter]).to be_kind_of Hyrax::AdminSetPresenter
+          expect(assigns[:presenter].id).to eq admin_set.id
+        end
+      end
+    end
+
+    describe "#edit" do
+      before do
+        sign_in user
+      end
+
+      context "when user is directly granted manage access" do
+        # Even though the user can view this admin set, the should not be able to view
+        # it on the admin page.
+        let(:admin_set) { create(:adminset_lw, with_solr_document: true, with_permission_template: { manage_users: [user.user_key] }) }
+        let(:admin_set2) { create(:adminset_lw, with_solr_document: true, with_permission_template: true) }
+
+        context 'and user is accessing the managed set' do
+          before do
+            controller.instance_variable_set(:@admin_set, admin_set)
+          end
+
+          it 'defines a form' do
+            get :edit, params: { id: admin_set }
+            expect(response).to be_success
+            expect(assigns[:form]).to be_kind_of Hyrax::Forms::AdminSetForm
+          end
+        end
+
+        context 'and user attempts to access another admin set' do
+          before do
+            controller.instance_variable_set(:@admin_set, admin_set2)
+          end
+
+          it 'is unauthorized' do
+            get :edit, params: { id: admin_set2 }
+            expect(response).to be_redirect
+          end
+        end
+      end
     end
 
     describe "#files" do

data/spec/jobs/import_url_job_spec.rb

@@ -14,6 +14,9 @@ RSpec.describe ImportUrlJob do
   let(:operation) { create(:operation) }
   let(:actor) { instance_double(Hyrax::Actors::FileSetActor, create_content: true) }
 
+  let(:mock_retriever) { double }
+  let(:inbox) { user.mailbox.inbox }
+
   before do
     allow(Hyrax::Actors::FileSetActor).to receive(:new).with(file_set, user).and_return(actor)
 
@@ -26,6 +29,22 @@ RSpec.describe ImportUrlJob do
     stub_request(:get, "http://example.org#{file_hash}").to_return(
       body: File.open(File.expand_path(file_path, __FILE__)).read, status: 200, headers: response_headers
     )
+
+    allow(BrowseEverything::Retriever).to receive(:new).and_return(mock_retriever)
+    allow(mock_retriever).to receive(:retrieve)
+  end
+
+  context 'before enqueueing the job' do
+    before do
+      file_set.id = 'fsid123'
+    end
+
+    describe '.operation' do
+      it 'fetches the operation' do
+        described_class.perform_later(file_set, operation)
+        expect { subject.operation.to eq Hyrax::Operation }
+      end
+    end
   end
 
   context 'after running the job' do
@@ -75,4 +94,38 @@ RSpec.describe ImportUrlJob do
       expect(file.title).to eq(['File One'])
     end
   end
+
+  context 'when the remote file is unavailable' do
+    before do
+      response_headers = { 'Content-Type' => 'image/png', 'Content-Length' => File.size(File.expand_path(file_path, __FILE__)) }
+
+      stub_request(:head, "http://example.org#{file_hash}").to_return(
+        body: "", status: 404, headers: response_headers
+      )
+    end
+
+    it 'sends error message' do
+      expect(operation).to receive(:fail!)
+      expect(file_set.original_file).to be_nil
+      described_class.perform_now(file_set, operation)
+      expect(inbox.count).to eq(1)
+      last_message = inbox[0].last_message
+      expect(last_message.subject).to eq('File Import Error')
+      expect(last_message.body).to eq("Error: Expired URL")
+    end
+  end
+
+  context 'when retrieval fails' do
+    before { allow(mock_retriever).to receive(:retrieve).and_raise(StandardError, 'Timeout') }
+
+    it 'sends error message' do
+      expect(operation).to receive(:fail!)
+      expect(file_set.original_file).to be_nil
+      described_class.perform_now(file_set, operation)
+      expect(inbox.count).to eq(1)
+      last_message = inbox[0].last_message
+      expect(last_message.subject).to eq('File Import Error')
+      expect(last_message.body).to eq("Error: Timeout")
+    end
+  end
 end

data/spec/models/flipflop_spec.rb

@@ -31,8 +31,8 @@ RSpec.describe Flipflop do
     end
   end
 
-  describe "hide_private_files?" do
-    subject { described_class.hide_private_files? }
+  describe "hide_private_items?" do
+    subject { described_class.hide_private_items? }
 
     it "defaults to false" do
       is_expected.to be false

data/spec/presenters/hyrax/file_set_presenter_spec.rb

@@ -55,6 +55,30 @@ RSpec.describe Hyrax::FileSetPresenter do
     it { is_expected.to be false }
   end
 
+  describe "#user_can_perform_any_action?" do
+    subject { presenter.user_can_perform_any_action? }
+    let(:current_ability) { ability }
+
+    context 'when user can perform at least 1 action' do
+      before do
+        expect(current_ability).to receive(:can?).with(:edit, presenter.id).and_return false
+        expect(current_ability).to receive(:can?).with(:destroy, presenter.id).and_return false
+        expect(current_ability).to receive(:can?).with(:download, presenter.id).and_return true
+      end
+
+      it { is_expected.to be true }
+    end
+    context 'when user cannot perform any action' do
+      before do
+        expect(current_ability).to receive(:can?).with(:edit, presenter.id).and_return false
+        expect(current_ability).to receive(:can?).with(:destroy, presenter.id).and_return false
+        expect(current_ability).to receive(:can?).with(:download, presenter.id).and_return false
+      end
+
+      it { is_expected.to be false }
+    end
+  end
+
   describe "properties delegated to solr_document" do
     let(:solr_properties) do
       ["date_uploaded", "title_or_label",