hyrax 2.1.0.rc2 → 2.1.0.rc3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (38) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -2
  3. data/app/assets/stylesheets/hyrax/_work-show.scss +11 -2
  4. data/app/controllers/hyrax/admin/admin_sets_controller.rb +22 -1
  5. data/app/jobs/import_url_job.rb +50 -18
  6. data/app/models/concerns/hyrax/ability/admin_set_ability.rb +1 -1
  7. data/app/presenters/hyrax/file_set_presenter.rb +4 -0
  8. data/app/presenters/hyrax/work_show_presenter.rb +2 -2
  9. data/app/services/hyrax/collections/permissions_create_service.rb +23 -0
  10. data/app/services/hyrax/collections/permissions_service.rb +17 -11
  11. data/app/views/hyrax/base/_items.html.erb +3 -1
  12. data/app/views/hyrax/collections/_show_document_list_row.html.erb +0 -19
  13. data/app/views/hyrax/file_sets/_actions.html.erb +38 -36
  14. data/app/views/hyrax/file_sets/media_display/_image.html.erb +1 -1
  15. data/config/features.rb +2 -2
  16. data/config/locales/hyrax.de.yml +13 -1
  17. data/config/locales/hyrax.en.yml +12 -0
  18. data/config/locales/hyrax.es.yml +12 -0
  19. data/config/locales/hyrax.fr.yml +12 -0
  20. data/config/locales/hyrax.it.yml +12 -0
  21. data/config/locales/hyrax.pt-BR.yml +12 -0
  22. data/config/locales/hyrax.zh.yml +12 -0
  23. data/lib/hyrax/version.rb +1 -1
  24. data/spec/abilities/admin_set_ability_spec.rb +5 -0
  25. data/spec/controllers/hyrax/admin/admin_sets_controller_spec.rb +71 -2
  26. data/spec/jobs/import_url_job_spec.rb +53 -0
  27. data/spec/models/flipflop_spec.rb +2 -2
  28. data/spec/presenters/hyrax/file_set_presenter_spec.rb +24 -0
  29. data/spec/presenters/hyrax/work_show_presenter_spec.rb +10 -0
  30. data/spec/services/hyrax/collections/permissions_create_service_spec.rb +23 -0
  31. data/spec/services/hyrax/collections/permissions_service_spec.rb +92 -8
  32. data/spec/views/hyrax/base/_items.html.erb_spec.rb +23 -45
  33. data/spec/views/hyrax/base/_member.html.erb_spec.rb +1 -1
  34. data/spec/views/hyrax/collections/_show_document_list_row.html.erb_spec.rb +1 -0
  35. data/spec/views/hyrax/dashboard/collections/_show_document_list_row.html.erb_spec.rb +1 -0
  36. data/spec/views/hyrax/file_sets/_actions.html.erb_spec.rb +30 -9
  37. data/template.rb +1 -1
  38. metadata +2 -2
@@ -224,6 +224,16 @@ RSpec.describe Hyrax::WorkShowPresenter do
224
224
  end
225
225
  end
226
226
 
227
+ describe "exclude_unauthorized_members" do
228
+ let(:obj) { create(:work_with_file_and_work) }
229
+ let(:attributes) { obj.to_solr }
230
+ let(:ability) { double Ability, can?: false }
231
+
232
+ it 'filters out unauthorized members' do
233
+ expect(presenter.exclude_unauthorized_members.count).to eq 0
234
+ end
235
+ end
236
+
227
237
  describe "#file_set_presenters" do
228
238
  let(:obj) { create(:work_with_ordered_files) }
229
239
  let(:attributes) { obj.to_solr }
@@ -38,4 +38,27 @@ RSpec.describe Hyrax::Collections::PermissionsCreateService do
38
38
  expect(Hyrax::PermissionTemplate.find_by_source_id(collection.id).access_grants.count).to eq 4
39
39
  end
40
40
  end
41
+
42
+ describe ".add_access" do
43
+ subject { described_class.add_access(collection_id: collection.id, grants: grants) }
44
+ let(:collection) { build(:collection_lw, id: 'test_collection', with_permission_template: true) }
45
+ let(:grants) do
46
+ [{ agent_type: Hyrax::PermissionTemplateAccess::GROUP,
47
+ agent_id: 'archivist',
48
+ access: Hyrax::PermissionTemplateAccess::DEPOSIT }]
49
+ end
50
+ let(:depositor_grants) { collection.permission_template.access_grants.deposit }
51
+ let(:array) { [] }
52
+
53
+ before do
54
+ allow(ActiveFedora::Base).to receive(:find).with(collection.id).and_return(collection)
55
+ allow(collection).to receive(:reset_access_controls!).and_return true
56
+ subject
57
+ depositor_grants.each { |agent| array << agent.agent_id }
58
+ end
59
+
60
+ it 'gives deposit access to archivist group' do
61
+ expect(array.include?("archivist")).to eq true
62
+ end
63
+ end
41
64
  end
@@ -26,10 +26,10 @@ RSpec.describe Hyrax::Collections::PermissionsService do
26
26
 
27
27
  subject { described_class }
28
28
 
29
- it ".can_deposit_in_collection? returns true" do
29
+ it '.can_deposit_in_collection? returns true' do
30
30
  expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be true
31
31
  end
32
- it ".can_view_admin_show_for_collection? returns true" do
32
+ it '.can_view_admin_show_for_collection? returns true' do
33
33
  expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be true
34
34
  end
35
35
  end
@@ -46,10 +46,10 @@ RSpec.describe Hyrax::Collections::PermissionsService do
46
46
 
47
47
  subject { described_class }
48
48
 
49
- it ".can_deposit_in_collection? returns true" do
49
+ it '.can_deposit_in_collection? returns true' do
50
50
  expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be true
51
51
  end
52
- it ".can_view_admin_show_for_collection? returns true" do
52
+ it '.can_view_admin_show_for_collection? returns true' do
53
53
  expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be true
54
54
  end
55
55
  end
@@ -66,21 +66,105 @@ RSpec.describe Hyrax::Collections::PermissionsService do
66
66
 
67
67
  subject { described_class }
68
68
 
69
- it ".can_deposit_in_collection? returns true" do
69
+ it '.can_deposit_in_collection? returns false' do
70
70
  expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be false
71
71
  end
72
- it ".can_view_admin_show_for_collection? returns true" do
72
+ it '.can_view_admin_show_for_collection? returns true' do
73
73
  expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be true
74
74
  end
75
75
  end
76
76
 
77
+ context 'when deposit user' do
78
+ context 'thru membership in public group' do
79
+ before do
80
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'manage').and_return([])
81
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'deposit').and_return([])
82
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'view').and_return([])
83
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'manage').and_return([])
84
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'deposit').and_return(['public'])
85
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'view').and_return([])
86
+ end
87
+
88
+ subject { described_class }
89
+
90
+ it '.can_deposit_in_collection? returns true' do
91
+ expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be true
92
+ end
93
+ it '.can_view_admin_show_for_collection? returns false' do
94
+ expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be false
95
+ end
96
+ end
97
+
98
+ context 'thru membership in registered group' do
99
+ before do
100
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'manage').and_return([])
101
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'deposit').and_return([])
102
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'view').and_return([])
103
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'manage').and_return([])
104
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'deposit').and_return(['registered'])
105
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'view').and_return([])
106
+ end
107
+
108
+ subject { described_class }
109
+
110
+ it '.can_deposit_in_collection? returns true' do
111
+ expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be true
112
+ end
113
+ it '.can_view_admin_show_for_collection? returns false' do
114
+ expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be false
115
+ end
116
+ end
117
+ end
118
+
119
+ context 'when view user' do
120
+ context 'thru membership in public group' do
121
+ before do
122
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'manage').and_return([])
123
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'deposit').and_return([])
124
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'view').and_return([])
125
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'manage').and_return([])
126
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'deposit').and_return([])
127
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'view').and_return(['public'])
128
+ end
129
+
130
+ subject { described_class }
131
+
132
+ it '.can_deposit_in_collection? returns false' do
133
+ expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be false
134
+ end
135
+ it '.can_view_admin_show_for_collection? returns false' do
136
+ expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be false
137
+ end
138
+ end
139
+
140
+ context 'thru membership in registered group' do
141
+ before do
142
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'manage').and_return([])
143
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'deposit').and_return([])
144
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'view').and_return([])
145
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'manage').and_return([])
146
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'deposit').and_return([])
147
+ allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'view').and_return(['registered'])
148
+ end
149
+
150
+ subject { described_class }
151
+
152
+ it '.can_deposit_in_collection? returns false' do
153
+ expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be false
154
+ end
155
+ it '.can_view_admin_show_for_collection? returns false' do
156
+ expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be false
157
+ end
158
+ end
159
+ end
160
+
77
161
  context 'when user without access' do
78
162
  subject { described_class }
79
163
 
80
- it ".can_deposit_in_collection? returns true" do
164
+ it '.can_deposit_in_collection? returns false' do
81
165
  expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be false
82
166
  end
83
- it ".can_view_admin_show_for_collection? returns true" do
167
+ it '.can_view_admin_show_for_collection? returns false' do
84
168
  expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be false
85
169
  end
86
170
  end
@@ -9,72 +9,50 @@ RSpec.describe 'hyrax/base/_items.html.erb', type: :view do
9
9
  it 'renders an alert' do
10
10
  expect(view).to receive(:can?).with(:edit, presenter.id).and_return(true)
11
11
  render 'hyrax/base/items', presenter: presenter
12
- expect(rendered).to have_css('.alert-warning[role=alert]')
12
+ expect(rendered).to have_css('.alert-warning[role=alert]', text: 'This Thing has no files associated with it. Click "edit" to add more files.')
13
13
  end
14
14
  end
15
15
  context 'and the current user cannot edit the presenter' do
16
- it 'does not render an alert' do
16
+ it 'renders an alert' do
17
17
  expect(view).to receive(:can?).with(:edit, presenter.id).and_return(false)
18
18
  render 'hyrax/base/items', presenter: presenter
19
- expect(rendered).not_to have_css('.alert-warning[role=alert]')
19
+ expect(rendered).to have_css('.alert-warning[role=alert]', text: "There are no publicly available items in this Thing.")
20
20
  end
21
21
  end
22
22
  end
23
23
 
24
- context "when children are present" do
25
- let(:member_presenters) { ['Thing One', 'Thing Two'] }
26
-
27
- before do
28
- stub_template 'hyrax/base/_member.html.erb' => '<%= member %>'
29
- end
30
- it "links to child work" do
31
- render 'hyrax/base/items', presenter: presenter
32
- expect(rendered).to have_css('tbody', text: member_presenters.join)
33
- end
34
- end
35
-
36
- context "when file set members are present" do
37
- let(:user) { create(:user) }
38
- let(:ability) { Ability.new(user) }
39
- let(:file1) { create(:file_set, :public) }
40
- let(:file2) { create(:file_set) }
41
-
42
- let(:solr_document) { SolrDocument.new(attributes) }
24
+ context 'when children are present' do
25
+ let(:child1) { double('Thing1', id: 'Thing 1', title: 'Title 1') }
26
+ let(:child2) { double('Thing2', id: 'Thing 2', title: 'Title 2') }
27
+ let(:child3) { double('Thing3', id: 'Thing 3', title: 'Title 3') }
28
+ let(:member_presenters) { [child1, child2, child3] }
29
+ let(:authorized_presenters) { [child1, child3] }
30
+ let(:solr_document) { double('Solr Doc', id: 'the-id') }
43
31
  let(:presenter) { Hyrax::WorkShowPresenter.new(solr_document, ability, request) }
44
32
 
45
33
  before do
46
34
  stub_template 'hyrax/base/_member.html.erb' => '<%= member %>'
35
+ expect(Flipflop).to receive(:hide_private_items?).and_return(:flipflop)
36
+ expect(presenter).to receive(:member_presenters).and_return(member_presenters)
37
+ expect(ability).to receive(:can?).with(:read, child1.id).and_return true
38
+ expect(ability).to receive(:can?).with(:read, child2.id).and_return false
39
+ expect(ability).to receive(:can?).with(:read, child3.id).and_return true
47
40
  end
48
41
 
49
- context "and a public file set" do
50
- let(:attributes) { create(:public_work, ordered_members: [file1]).to_solr }
51
-
52
- it "show the link for the file set" do
53
- expect(Flipflop).to receive(:hide_private_files?).and_return(true)
54
- render 'hyrax/base/items', presenter: presenter
55
- expect(rendered).to have_content presenter.member_presenters.first.link_name
56
- end
57
- end
58
-
59
- context "and a private file set" do
60
- let(:attributes) { create(:public_work, ordered_members: [file2]).to_solr }
42
+ context 'and hide_private_items is on' do
43
+ let(:flip_flop) { true }
61
44
 
62
- it "won't show the link to the file set" do
63
- expect(Flipflop).to receive(:hide_private_files?).and_return(true)
64
- expect(view).to receive(:can?).with(:edit, presenter.id).and_return(false)
45
+ it "displays only authorized children" do
65
46
  render 'hyrax/base/items', presenter: presenter
66
- expect(rendered).not_to have_content presenter.member_presenters.first.link_name
47
+ expect(rendered).to have_css('tbody', text: authorized_presenters.join)
67
48
  end
68
49
  end
50
+ context 'and hide_private_items is off' do
51
+ let(:flip_flop) { false }
69
52
 
70
- context "with public and private file sets" do
71
- let(:attributes) { create(:public_work, ordered_members: [file1, file2]).to_solr }
72
-
73
- it "only show the link to the file set that users have permission to see" do
74
- expect(Flipflop).to receive(:hide_private_files?).and_return(true)
53
+ it "displays all children" do
75
54
  render 'hyrax/base/items', presenter: presenter
76
- expect(rendered).to have_content presenter.member_presenters.first.link_name
77
- expect(rendered).not_to have_content presenter.member_presenters[1].link_name
55
+ expect(rendered).to have_css('tbody', text: member_presenters.join)
78
56
  end
79
57
  end
80
58
  end
@@ -38,6 +38,6 @@ RSpec.describe 'hyrax/base/_member.html.erb' do
38
38
  expect(rendered).to have_selector "a[title=\"Edit My File\"][href='#{edit_polymorphic_path(presenter)}']", text: 'Edit'
39
39
  expect(rendered).to have_selector "a[title=\"Delete My File\"][data-method='delete'][href='#{polymorphic_path(presenter)}']", text: 'Delete'
40
40
  expect(rendered).to have_link('Download')
41
- expect(rendered).to have_selector "a[title='Download \"My File\"'][href='#{hyrax.download_path(presenter)}']", text: 'Download'
41
+ expect(rendered).to have_selector "a[title='Download My File'][href='#{hyrax.download_path(presenter)}']", text: 'Download'
42
42
  end
43
43
  end
@@ -24,6 +24,7 @@ RSpec.describe 'hyrax/collections/_show_document_list_row.html.erb', type: :view
24
24
  it "renders works" do
25
25
  render('hyrax/collections/show_document_list_row.html.erb', document: work)
26
26
  expect(rendered).to have_content 'One Hundred Years of Solitude'
27
+ expect(rendered).not_to have_content('Edit Access:')
27
28
  end
28
29
  end
29
30
  end
@@ -24,6 +24,7 @@ RSpec.describe 'hyrax/dashboard/collections/_show_document_list_row.html.erb', t
24
24
  it "renders works" do
25
25
  render('show_document_list_row', document: work)
26
26
  expect(rendered).to have_content 'One Hundred Years of Solitude'
27
+ expect(rendered).to have_content('Edit Access:')
27
28
  end
28
29
  end
29
30
  end
@@ -1,15 +1,36 @@
1
1
  RSpec.describe 'hyrax/file_sets/_actions.html.erb', type: :view do
2
- let(:file_set) { stub_model(FileSet) }
2
+ let(:solr_document) { double("Solr Doc", id: 'file_set_id') }
3
+ let(:user) { build(:user) }
4
+ let(:ability) { Ability.new(user) }
5
+ let(:file_set) { Hyrax::FileSetPresenter.new(solr_document, ability) }
3
6
 
4
- before do
5
- allow(view).to receive(:can?).with(:edit, file_set.id).and_return(false)
6
- allow(view).to receive(:can?).with(:destroy, file_set.id).and_return(false)
7
- allow(view).to receive(:can?).with(:download, file_set.id).and_return(true)
8
- render 'hyrax/file_sets/actions', file_set: file_set
7
+ context 'with download permission' do
8
+ before do
9
+ allow(file_set).to receive(:user_can_perform_any_action?).and_return(true)
10
+ allow(view).to receive(:can?).with(:edit, file_set.id).and_return(false)
11
+ allow(view).to receive(:can?).with(:destroy, file_set.id).and_return(false)
12
+ allow(view).to receive(:can?).with(:download, file_set.id).and_return(true)
13
+ render 'hyrax/file_sets/actions', file_set: file_set
14
+ end
15
+
16
+ it "includes google analytics data in the download link" do
17
+ expect(rendered).to have_css('a#file_download')
18
+ expect(rendered).to have_selector("a[data-label=\"#{file_set.id}\"]")
19
+ end
9
20
  end
10
21
 
11
- it "includes google analytics data in the download link" do
12
- expect(rendered).to have_css('a#file_download')
13
- expect(rendered).to have_selector("a[data-label=\"#{file_set.id}\"]")
22
+ context 'with no permission' do
23
+ let(:current_ability) { ability }
24
+
25
+ before do
26
+ allow(current_ability).to receive(:can?).with(:edit, file_set.id).and_return(false)
27
+ allow(current_ability).to receive(:can?).with(:destroy, file_set.id).and_return(false)
28
+ allow(current_ability).to receive(:can?).with(:download, file_set.id).and_return(false)
29
+ render 'hyrax/file_sets/actions', file_set: file_set
30
+ end
31
+
32
+ it "renders nothing" do
33
+ expect(rendered).to eq('')
34
+ end
14
35
  end
15
36
  end
data/template.rb CHANGED
@@ -1,4 +1,4 @@
1
- gem 'hyrax', '2.1.0.rc2'
1
+ gem 'hyrax', '2.1.0.rc3'
2
2
  run 'bundle install'
3
3
  generate 'hyrax:install', '-f'
4
4
  rails_command 'db:migrate'
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: hyrax
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.0.rc2
4
+ version: 2.1.0.rc3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Justin Coyne
@@ -14,7 +14,7 @@ authors:
14
14
  autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
- date: 2018-05-08 00:00:00.000000000 Z
17
+ date: 2018-05-15 00:00:00.000000000 Z
18
18
  dependencies:
19
19
  - !ruby/object:Gem::Dependency
20
20
  name: rails