hyrax 2.1.0.rc2 → 2.1.0.rc3

data/spec/presenters/hyrax/work_show_presenter_spec.rb

@@ -224,6 +224,16 @@ RSpec.describe Hyrax::WorkShowPresenter do
     end
   end
 
+  describe "exclude_unauthorized_members" do
+    let(:obj) { create(:work_with_file_and_work) }
+    let(:attributes) { obj.to_solr }
+    let(:ability) { double Ability, can?: false }
+
+    it 'filters out unauthorized members' do
+      expect(presenter.exclude_unauthorized_members.count).to eq 0
+    end
+  end
+
   describe "#file_set_presenters" do
     let(:obj) { create(:work_with_ordered_files) }
     let(:attributes) { obj.to_solr }

data/spec/services/hyrax/collections/permissions_create_service_spec.rb

@@ -38,4 +38,27 @@ RSpec.describe Hyrax::Collections::PermissionsCreateService do
       expect(Hyrax::PermissionTemplate.find_by_source_id(collection.id).access_grants.count).to eq 4
     end
   end
+
+  describe ".add_access" do
+    subject { described_class.add_access(collection_id: collection.id, grants: grants) }
+    let(:collection) { build(:collection_lw, id: 'test_collection', with_permission_template: true) }
+    let(:grants) do
+      [{ agent_type: Hyrax::PermissionTemplateAccess::GROUP,
+         agent_id: 'archivist',
+         access: Hyrax::PermissionTemplateAccess::DEPOSIT }]
+    end
+    let(:depositor_grants) { collection.permission_template.access_grants.deposit }
+    let(:array) { [] }
+
+    before do
+      allow(ActiveFedora::Base).to receive(:find).with(collection.id).and_return(collection)
+      allow(collection).to receive(:reset_access_controls!).and_return true
+      subject
+      depositor_grants.each { |agent| array << agent.agent_id }
+    end
+
+    it 'gives deposit access to archivist group' do
+      expect(array.include?("archivist")).to eq true
+    end
+  end
 end

data/spec/services/hyrax/collections/permissions_service_spec.rb

@@ -26,10 +26,10 @@ RSpec.describe Hyrax::Collections::PermissionsService do
 
       subject { described_class }
 
-      it ".can_deposit_in_collection? returns true" do
+      it '.can_deposit_in_collection? returns true' do
         expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be true
       end
-      it ".can_view_admin_show_for_collection? returns true" do
+      it '.can_view_admin_show_for_collection? returns true' do
         expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be true
       end
     end
@@ -46,10 +46,10 @@ RSpec.describe Hyrax::Collections::PermissionsService do
 
       subject { described_class }
 
-      it ".can_deposit_in_collection? returns true" do
+      it '.can_deposit_in_collection? returns true' do
         expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be true
       end
-      it ".can_view_admin_show_for_collection? returns true" do
+      it '.can_view_admin_show_for_collection? returns true' do
         expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be true
       end
     end
@@ -66,21 +66,105 @@ RSpec.describe Hyrax::Collections::PermissionsService do
 
       subject { described_class }
 
-      it ".can_deposit_in_collection? returns true" do
+      it '.can_deposit_in_collection? returns false' do
         expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be false
       end
-      it ".can_view_admin_show_for_collection? returns true" do
+      it '.can_view_admin_show_for_collection? returns true' do
         expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be true
       end
     end
 
+    context 'when deposit user' do
+      context 'thru membership in public group' do
+        before do
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'manage').and_return([])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'deposit').and_return([])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'view').and_return([])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'manage').and_return([])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'deposit').and_return(['public'])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'view').and_return([])
+        end
+
+        subject { described_class }
+
+        it '.can_deposit_in_collection? returns true' do
+          expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be true
+        end
+        it '.can_view_admin_show_for_collection? returns false' do
+          expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be false
+        end
+      end
+
+      context 'thru membership in registered group' do
+        before do
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'manage').and_return([])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'deposit').and_return([])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'view').and_return([])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'manage').and_return([])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'deposit').and_return(['registered'])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'view').and_return([])
+        end
+
+        subject { described_class }
+
+        it '.can_deposit_in_collection? returns true' do
+          expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be true
+        end
+        it '.can_view_admin_show_for_collection? returns false' do
+          expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be false
+        end
+      end
+    end
+
+    context 'when view user' do
+      context 'thru membership in public group' do
+        before do
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'manage').and_return([])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'deposit').and_return([])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'view').and_return([])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'manage').and_return([])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'deposit').and_return([])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'view').and_return(['public'])
+        end
+
+        subject { described_class }
+
+        it '.can_deposit_in_collection? returns false' do
+          expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be false
+        end
+        it '.can_view_admin_show_for_collection? returns false' do
+          expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be false
+        end
+      end
+
+      context 'thru membership in registered group' do
+        before do
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'manage').and_return([])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'deposit').and_return([])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'view').and_return([])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'manage').and_return([])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'deposit').and_return([])
+          allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'view').and_return(['registered'])
+        end
+
+        subject { described_class }
+
+        it '.can_deposit_in_collection? returns false' do
+          expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be false
+        end
+        it '.can_view_admin_show_for_collection? returns false' do
+          expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be false
+        end
+      end
+    end
+
     context 'when user without access' do
       subject { described_class }
 
-      it ".can_deposit_in_collection? returns true" do
+      it '.can_deposit_in_collection? returns false' do
         expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be false
       end
-      it ".can_view_admin_show_for_collection? returns true" do
+      it '.can_view_admin_show_for_collection? returns false' do
         expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be false
       end
     end

data/spec/views/hyrax/base/_items.html.erb_spec.rb

@@ -9,72 +9,50 @@ RSpec.describe 'hyrax/base/_items.html.erb', type: :view do
       it 'renders an alert' do
         expect(view).to receive(:can?).with(:edit, presenter.id).and_return(true)
         render 'hyrax/base/items', presenter: presenter
-        expect(rendered).to have_css('.alert-warning[role=alert]')
+        expect(rendered).to have_css('.alert-warning[role=alert]', text: 'This Thing has no files associated with it. Click "edit" to add more files.')
       end
     end
     context 'and the current user cannot edit the presenter' do
-      it 'does not render an alert' do
+      it 'renders an alert' do
         expect(view).to receive(:can?).with(:edit, presenter.id).and_return(false)
         render 'hyrax/base/items', presenter: presenter
-        expect(rendered).not_to have_css('.alert-warning[role=alert]')
+        expect(rendered).to have_css('.alert-warning[role=alert]', text: "There are no publicly available items in this Thing.")
       end
     end
   end
 
-  context "when children are present" do
-    let(:member_presenters) { ['Thing One', 'Thing Two'] }
-
-    before do
-      stub_template 'hyrax/base/_member.html.erb' => '<%= member %>'
-    end
-    it "links to child work" do
-      render 'hyrax/base/items', presenter: presenter
-      expect(rendered).to have_css('tbody', text: member_presenters.join)
-    end
-  end
-
-  context "when file set members are present" do
-    let(:user) { create(:user) }
-    let(:ability) { Ability.new(user) }
-    let(:file1) { create(:file_set, :public) }
-    let(:file2) { create(:file_set) }
-
-    let(:solr_document) { SolrDocument.new(attributes) }
+  context 'when children are present' do
+    let(:child1) { double('Thing1', id: 'Thing 1', title: 'Title 1') }
+    let(:child2) { double('Thing2', id: 'Thing 2', title: 'Title 2') }
+    let(:child3) { double('Thing3', id: 'Thing 3', title: 'Title 3') }
+    let(:member_presenters) { [child1, child2, child3] }
+    let(:authorized_presenters) { [child1, child3] }
+    let(:solr_document) { double('Solr Doc', id: 'the-id') }
     let(:presenter) { Hyrax::WorkShowPresenter.new(solr_document, ability, request) }
 
     before do
       stub_template 'hyrax/base/_member.html.erb' => '<%= member %>'
+      expect(Flipflop).to receive(:hide_private_items?).and_return(:flipflop)
+      expect(presenter).to receive(:member_presenters).and_return(member_presenters)
+      expect(ability).to receive(:can?).with(:read, child1.id).and_return true
+      expect(ability).to receive(:can?).with(:read, child2.id).and_return false
+      expect(ability).to receive(:can?).with(:read, child3.id).and_return true
     end
 
-    context "and a public file set" do
-      let(:attributes) { create(:public_work, ordered_members: [file1]).to_solr }
-
-      it "show the link for the file set" do
-        expect(Flipflop).to receive(:hide_private_files?).and_return(true)
-        render 'hyrax/base/items', presenter: presenter
-        expect(rendered).to have_content presenter.member_presenters.first.link_name
-      end
-    end
-
-    context "and a private file set" do
-      let(:attributes) { create(:public_work, ordered_members: [file2]).to_solr }
+    context 'and hide_private_items is on' do
+      let(:flip_flop) { true }
 
-      it "won't show the link to the file set" do
-        expect(Flipflop).to receive(:hide_private_files?).and_return(true)
-        expect(view).to receive(:can?).with(:edit, presenter.id).and_return(false)
+      it "displays only authorized children" do
         render 'hyrax/base/items', presenter: presenter
-        expect(rendered).not_to have_content presenter.member_presenters.first.link_name
+        expect(rendered).to have_css('tbody', text: authorized_presenters.join)
       end
     end
+    context 'and hide_private_items is off' do
+      let(:flip_flop) { false }
 
-    context "with public and private file sets" do
-      let(:attributes) { create(:public_work, ordered_members: [file1, file2]).to_solr }
-
-      it "only show the link to the file set that users have permission to see" do
-        expect(Flipflop).to receive(:hide_private_files?).and_return(true)
+      it "displays all children" do
         render 'hyrax/base/items', presenter: presenter
-        expect(rendered).to have_content presenter.member_presenters.first.link_name
-        expect(rendered).not_to have_content presenter.member_presenters[1].link_name
+        expect(rendered).to have_css('tbody', text: member_presenters.join)
       end
     end
   end

data/spec/views/hyrax/base/_member.html.erb_spec.rb

@@ -38,6 +38,6 @@ RSpec.describe 'hyrax/base/_member.html.erb' do
     expect(rendered).to have_selector "a[title=\"Edit My File\"][href='#{edit_polymorphic_path(presenter)}']", text: 'Edit'
     expect(rendered).to have_selector "a[title=\"Delete My File\"][data-method='delete'][href='#{polymorphic_path(presenter)}']", text: 'Delete'
     expect(rendered).to have_link('Download')
-    expect(rendered).to have_selector "a[title='Download \"My File\"'][href='#{hyrax.download_path(presenter)}']", text: 'Download'
+    expect(rendered).to have_selector "a[title='Download My File'][href='#{hyrax.download_path(presenter)}']", text: 'Download'
   end
 end

data/spec/views/hyrax/collections/_show_document_list_row.html.erb_spec.rb

@@ -24,6 +24,7 @@ RSpec.describe 'hyrax/collections/_show_document_list_row.html.erb', type: :view
     it "renders works" do
       render('hyrax/collections/show_document_list_row.html.erb', document: work)
       expect(rendered).to have_content 'One Hundred Years of Solitude'
+      expect(rendered).not_to have_content('Edit Access:')
     end
   end
 end

data/spec/views/hyrax/dashboard/collections/_show_document_list_row.html.erb_spec.rb

@@ -24,6 +24,7 @@ RSpec.describe 'hyrax/dashboard/collections/_show_document_list_row.html.erb', t
     it "renders works" do
       render('show_document_list_row', document: work)
       expect(rendered).to have_content 'One Hundred Years of Solitude'
+      expect(rendered).to have_content('Edit Access:')
     end
   end
 end

data/spec/views/hyrax/file_sets/_actions.html.erb_spec.rb

@@ -1,15 +1,36 @@
 RSpec.describe 'hyrax/file_sets/_actions.html.erb', type: :view do
-  let(:file_set) { stub_model(FileSet) }
+  let(:solr_document) { double("Solr Doc", id: 'file_set_id') }
+  let(:user) { build(:user) }
+  let(:ability) { Ability.new(user) }
+  let(:file_set) { Hyrax::FileSetPresenter.new(solr_document, ability) }
 
-  before do
-    allow(view).to receive(:can?).with(:edit, file_set.id).and_return(false)
-    allow(view).to receive(:can?).with(:destroy, file_set.id).and_return(false)
-    allow(view).to receive(:can?).with(:download, file_set.id).and_return(true)
-    render 'hyrax/file_sets/actions', file_set: file_set
+  context 'with download permission' do
+    before do
+      allow(file_set).to receive(:user_can_perform_any_action?).and_return(true)
+      allow(view).to receive(:can?).with(:edit, file_set.id).and_return(false)
+      allow(view).to receive(:can?).with(:destroy, file_set.id).and_return(false)
+      allow(view).to receive(:can?).with(:download, file_set.id).and_return(true)
+      render 'hyrax/file_sets/actions', file_set: file_set
+    end
+
+    it "includes google analytics data in the download link" do
+      expect(rendered).to have_css('a#file_download')
+      expect(rendered).to have_selector("a[data-label=\"#{file_set.id}\"]")
+    end
   end
 
-  it "includes google analytics data in the download link" do
-    expect(rendered).to have_css('a#file_download')
-    expect(rendered).to have_selector("a[data-label=\"#{file_set.id}\"]")
+  context 'with no permission' do
+    let(:current_ability) { ability }
+
+    before do
+      allow(current_ability).to receive(:can?).with(:edit, file_set.id).and_return(false)
+      allow(current_ability).to receive(:can?).with(:destroy, file_set.id).and_return(false)
+      allow(current_ability).to receive(:can?).with(:download, file_set.id).and_return(false)
+      render 'hyrax/file_sets/actions', file_set: file_set
+    end
+
+    it "renders nothing" do
+      expect(rendered).to eq('')
+    end
   end
 end

data/template.rb

@@ -1,4 +1,4 @@
-gem 'hyrax', '2.1.0.rc2'
+gem 'hyrax', '2.1.0.rc3'
 run 'bundle install'
 generate 'hyrax:install', '-f'
 rails_command 'db:migrate'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: hyrax
 version: !ruby/object:Gem::Version
-  version: 2.1.0.rc2
+  version: 2.1.0.rc3
 platform: ruby
 authors:
 - Justin Coyne
@@ -14,7 +14,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-05-08 00:00:00.000000000 Z
+date: 2018-05-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails