hyrax 2.1.0.rc2 → 2.1.0.rc3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/app/assets/stylesheets/hyrax/_work-show.scss +11 -2
- data/app/controllers/hyrax/admin/admin_sets_controller.rb +22 -1
- data/app/jobs/import_url_job.rb +50 -18
- data/app/models/concerns/hyrax/ability/admin_set_ability.rb +1 -1
- data/app/presenters/hyrax/file_set_presenter.rb +4 -0
- data/app/presenters/hyrax/work_show_presenter.rb +2 -2
- data/app/services/hyrax/collections/permissions_create_service.rb +23 -0
- data/app/services/hyrax/collections/permissions_service.rb +17 -11
- data/app/views/hyrax/base/_items.html.erb +3 -1
- data/app/views/hyrax/collections/_show_document_list_row.html.erb +0 -19
- data/app/views/hyrax/file_sets/_actions.html.erb +38 -36
- data/app/views/hyrax/file_sets/media_display/_image.html.erb +1 -1
- data/config/features.rb +2 -2
- data/config/locales/hyrax.de.yml +13 -1
- data/config/locales/hyrax.en.yml +12 -0
- data/config/locales/hyrax.es.yml +12 -0
- data/config/locales/hyrax.fr.yml +12 -0
- data/config/locales/hyrax.it.yml +12 -0
- data/config/locales/hyrax.pt-BR.yml +12 -0
- data/config/locales/hyrax.zh.yml +12 -0
- data/lib/hyrax/version.rb +1 -1
- data/spec/abilities/admin_set_ability_spec.rb +5 -0
- data/spec/controllers/hyrax/admin/admin_sets_controller_spec.rb +71 -2
- data/spec/jobs/import_url_job_spec.rb +53 -0
- data/spec/models/flipflop_spec.rb +2 -2
- data/spec/presenters/hyrax/file_set_presenter_spec.rb +24 -0
- data/spec/presenters/hyrax/work_show_presenter_spec.rb +10 -0
- data/spec/services/hyrax/collections/permissions_create_service_spec.rb +23 -0
- data/spec/services/hyrax/collections/permissions_service_spec.rb +92 -8
- data/spec/views/hyrax/base/_items.html.erb_spec.rb +23 -45
- data/spec/views/hyrax/base/_member.html.erb_spec.rb +1 -1
- data/spec/views/hyrax/collections/_show_document_list_row.html.erb_spec.rb +1 -0
- data/spec/views/hyrax/dashboard/collections/_show_document_list_row.html.erb_spec.rb +1 -0
- data/spec/views/hyrax/file_sets/_actions.html.erb_spec.rb +30 -9
- data/template.rb +1 -1
- metadata +2 -2
@@ -224,6 +224,16 @@ RSpec.describe Hyrax::WorkShowPresenter do
|
|
224
224
|
end
|
225
225
|
end
|
226
226
|
|
227
|
+
describe "exclude_unauthorized_members" do
|
228
|
+
let(:obj) { create(:work_with_file_and_work) }
|
229
|
+
let(:attributes) { obj.to_solr }
|
230
|
+
let(:ability) { double Ability, can?: false }
|
231
|
+
|
232
|
+
it 'filters out unauthorized members' do
|
233
|
+
expect(presenter.exclude_unauthorized_members.count).to eq 0
|
234
|
+
end
|
235
|
+
end
|
236
|
+
|
227
237
|
describe "#file_set_presenters" do
|
228
238
|
let(:obj) { create(:work_with_ordered_files) }
|
229
239
|
let(:attributes) { obj.to_solr }
|
@@ -38,4 +38,27 @@ RSpec.describe Hyrax::Collections::PermissionsCreateService do
|
|
38
38
|
expect(Hyrax::PermissionTemplate.find_by_source_id(collection.id).access_grants.count).to eq 4
|
39
39
|
end
|
40
40
|
end
|
41
|
+
|
42
|
+
describe ".add_access" do
|
43
|
+
subject { described_class.add_access(collection_id: collection.id, grants: grants) }
|
44
|
+
let(:collection) { build(:collection_lw, id: 'test_collection', with_permission_template: true) }
|
45
|
+
let(:grants) do
|
46
|
+
[{ agent_type: Hyrax::PermissionTemplateAccess::GROUP,
|
47
|
+
agent_id: 'archivist',
|
48
|
+
access: Hyrax::PermissionTemplateAccess::DEPOSIT }]
|
49
|
+
end
|
50
|
+
let(:depositor_grants) { collection.permission_template.access_grants.deposit }
|
51
|
+
let(:array) { [] }
|
52
|
+
|
53
|
+
before do
|
54
|
+
allow(ActiveFedora::Base).to receive(:find).with(collection.id).and_return(collection)
|
55
|
+
allow(collection).to receive(:reset_access_controls!).and_return true
|
56
|
+
subject
|
57
|
+
depositor_grants.each { |agent| array << agent.agent_id }
|
58
|
+
end
|
59
|
+
|
60
|
+
it 'gives deposit access to archivist group' do
|
61
|
+
expect(array.include?("archivist")).to eq true
|
62
|
+
end
|
63
|
+
end
|
41
64
|
end
|
@@ -26,10 +26,10 @@ RSpec.describe Hyrax::Collections::PermissionsService do
|
|
26
26
|
|
27
27
|
subject { described_class }
|
28
28
|
|
29
|
-
it
|
29
|
+
it '.can_deposit_in_collection? returns true' do
|
30
30
|
expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be true
|
31
31
|
end
|
32
|
-
it
|
32
|
+
it '.can_view_admin_show_for_collection? returns true' do
|
33
33
|
expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be true
|
34
34
|
end
|
35
35
|
end
|
@@ -46,10 +46,10 @@ RSpec.describe Hyrax::Collections::PermissionsService do
|
|
46
46
|
|
47
47
|
subject { described_class }
|
48
48
|
|
49
|
-
it
|
49
|
+
it '.can_deposit_in_collection? returns true' do
|
50
50
|
expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be true
|
51
51
|
end
|
52
|
-
it
|
52
|
+
it '.can_view_admin_show_for_collection? returns true' do
|
53
53
|
expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be true
|
54
54
|
end
|
55
55
|
end
|
@@ -66,21 +66,105 @@ RSpec.describe Hyrax::Collections::PermissionsService do
|
|
66
66
|
|
67
67
|
subject { described_class }
|
68
68
|
|
69
|
-
it
|
69
|
+
it '.can_deposit_in_collection? returns false' do
|
70
70
|
expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be false
|
71
71
|
end
|
72
|
-
it
|
72
|
+
it '.can_view_admin_show_for_collection? returns true' do
|
73
73
|
expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be true
|
74
74
|
end
|
75
75
|
end
|
76
76
|
|
77
|
+
context 'when deposit user' do
|
78
|
+
context 'thru membership in public group' do
|
79
|
+
before do
|
80
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'manage').and_return([])
|
81
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'deposit').and_return([])
|
82
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'view').and_return([])
|
83
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'manage').and_return([])
|
84
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'deposit').and_return(['public'])
|
85
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'view').and_return([])
|
86
|
+
end
|
87
|
+
|
88
|
+
subject { described_class }
|
89
|
+
|
90
|
+
it '.can_deposit_in_collection? returns true' do
|
91
|
+
expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be true
|
92
|
+
end
|
93
|
+
it '.can_view_admin_show_for_collection? returns false' do
|
94
|
+
expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be false
|
95
|
+
end
|
96
|
+
end
|
97
|
+
|
98
|
+
context 'thru membership in registered group' do
|
99
|
+
before do
|
100
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'manage').and_return([])
|
101
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'deposit').and_return([])
|
102
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'view').and_return([])
|
103
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'manage').and_return([])
|
104
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'deposit').and_return(['registered'])
|
105
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'view').and_return([])
|
106
|
+
end
|
107
|
+
|
108
|
+
subject { described_class }
|
109
|
+
|
110
|
+
it '.can_deposit_in_collection? returns true' do
|
111
|
+
expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be true
|
112
|
+
end
|
113
|
+
it '.can_view_admin_show_for_collection? returns false' do
|
114
|
+
expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be false
|
115
|
+
end
|
116
|
+
end
|
117
|
+
end
|
118
|
+
|
119
|
+
context 'when view user' do
|
120
|
+
context 'thru membership in public group' do
|
121
|
+
before do
|
122
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'manage').and_return([])
|
123
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'deposit').and_return([])
|
124
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'view').and_return([])
|
125
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'manage').and_return([])
|
126
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'deposit').and_return([])
|
127
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'view').and_return(['public'])
|
128
|
+
end
|
129
|
+
|
130
|
+
subject { described_class }
|
131
|
+
|
132
|
+
it '.can_deposit_in_collection? returns false' do
|
133
|
+
expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be false
|
134
|
+
end
|
135
|
+
it '.can_view_admin_show_for_collection? returns false' do
|
136
|
+
expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be false
|
137
|
+
end
|
138
|
+
end
|
139
|
+
|
140
|
+
context 'thru membership in registered group' do
|
141
|
+
before do
|
142
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'manage').and_return([])
|
143
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'deposit').and_return([])
|
144
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'user', access: 'view').and_return([])
|
145
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'manage').and_return([])
|
146
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'deposit').and_return([])
|
147
|
+
allow(col_permission_template).to receive(:agent_ids_for).with(agent_type: 'group', access: 'view').and_return(['registered'])
|
148
|
+
end
|
149
|
+
|
150
|
+
subject { described_class }
|
151
|
+
|
152
|
+
it '.can_deposit_in_collection? returns false' do
|
153
|
+
expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be false
|
154
|
+
end
|
155
|
+
it '.can_view_admin_show_for_collection? returns false' do
|
156
|
+
expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be false
|
157
|
+
end
|
158
|
+
end
|
159
|
+
end
|
160
|
+
|
77
161
|
context 'when user without access' do
|
78
162
|
subject { described_class }
|
79
163
|
|
80
|
-
it
|
164
|
+
it '.can_deposit_in_collection? returns false' do
|
81
165
|
expect(subject.can_deposit_in_collection?(collection_id: collection.id, ability: ability)).to be false
|
82
166
|
end
|
83
|
-
it
|
167
|
+
it '.can_view_admin_show_for_collection? returns false' do
|
84
168
|
expect(subject.can_view_admin_show_for_collection?(collection_id: collection.id, ability: ability)).to be false
|
85
169
|
end
|
86
170
|
end
|
@@ -9,72 +9,50 @@ RSpec.describe 'hyrax/base/_items.html.erb', type: :view do
|
|
9
9
|
it 'renders an alert' do
|
10
10
|
expect(view).to receive(:can?).with(:edit, presenter.id).and_return(true)
|
11
11
|
render 'hyrax/base/items', presenter: presenter
|
12
|
-
expect(rendered).to have_css('.alert-warning[role=alert]')
|
12
|
+
expect(rendered).to have_css('.alert-warning[role=alert]', text: 'This Thing has no files associated with it. Click "edit" to add more files.')
|
13
13
|
end
|
14
14
|
end
|
15
15
|
context 'and the current user cannot edit the presenter' do
|
16
|
-
it '
|
16
|
+
it 'renders an alert' do
|
17
17
|
expect(view).to receive(:can?).with(:edit, presenter.id).and_return(false)
|
18
18
|
render 'hyrax/base/items', presenter: presenter
|
19
|
-
expect(rendered).
|
19
|
+
expect(rendered).to have_css('.alert-warning[role=alert]', text: "There are no publicly available items in this Thing.")
|
20
20
|
end
|
21
21
|
end
|
22
22
|
end
|
23
23
|
|
24
|
-
context
|
25
|
-
let(:
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
render 'hyrax/base/items', presenter: presenter
|
32
|
-
expect(rendered).to have_css('tbody', text: member_presenters.join)
|
33
|
-
end
|
34
|
-
end
|
35
|
-
|
36
|
-
context "when file set members are present" do
|
37
|
-
let(:user) { create(:user) }
|
38
|
-
let(:ability) { Ability.new(user) }
|
39
|
-
let(:file1) { create(:file_set, :public) }
|
40
|
-
let(:file2) { create(:file_set) }
|
41
|
-
|
42
|
-
let(:solr_document) { SolrDocument.new(attributes) }
|
24
|
+
context 'when children are present' do
|
25
|
+
let(:child1) { double('Thing1', id: 'Thing 1', title: 'Title 1') }
|
26
|
+
let(:child2) { double('Thing2', id: 'Thing 2', title: 'Title 2') }
|
27
|
+
let(:child3) { double('Thing3', id: 'Thing 3', title: 'Title 3') }
|
28
|
+
let(:member_presenters) { [child1, child2, child3] }
|
29
|
+
let(:authorized_presenters) { [child1, child3] }
|
30
|
+
let(:solr_document) { double('Solr Doc', id: 'the-id') }
|
43
31
|
let(:presenter) { Hyrax::WorkShowPresenter.new(solr_document, ability, request) }
|
44
32
|
|
45
33
|
before do
|
46
34
|
stub_template 'hyrax/base/_member.html.erb' => '<%= member %>'
|
35
|
+
expect(Flipflop).to receive(:hide_private_items?).and_return(:flipflop)
|
36
|
+
expect(presenter).to receive(:member_presenters).and_return(member_presenters)
|
37
|
+
expect(ability).to receive(:can?).with(:read, child1.id).and_return true
|
38
|
+
expect(ability).to receive(:can?).with(:read, child2.id).and_return false
|
39
|
+
expect(ability).to receive(:can?).with(:read, child3.id).and_return true
|
47
40
|
end
|
48
41
|
|
49
|
-
context
|
50
|
-
let(:
|
51
|
-
|
52
|
-
it "show the link for the file set" do
|
53
|
-
expect(Flipflop).to receive(:hide_private_files?).and_return(true)
|
54
|
-
render 'hyrax/base/items', presenter: presenter
|
55
|
-
expect(rendered).to have_content presenter.member_presenters.first.link_name
|
56
|
-
end
|
57
|
-
end
|
58
|
-
|
59
|
-
context "and a private file set" do
|
60
|
-
let(:attributes) { create(:public_work, ordered_members: [file2]).to_solr }
|
42
|
+
context 'and hide_private_items is on' do
|
43
|
+
let(:flip_flop) { true }
|
61
44
|
|
62
|
-
it "
|
63
|
-
expect(Flipflop).to receive(:hide_private_files?).and_return(true)
|
64
|
-
expect(view).to receive(:can?).with(:edit, presenter.id).and_return(false)
|
45
|
+
it "displays only authorized children" do
|
65
46
|
render 'hyrax/base/items', presenter: presenter
|
66
|
-
expect(rendered).
|
47
|
+
expect(rendered).to have_css('tbody', text: authorized_presenters.join)
|
67
48
|
end
|
68
49
|
end
|
50
|
+
context 'and hide_private_items is off' do
|
51
|
+
let(:flip_flop) { false }
|
69
52
|
|
70
|
-
|
71
|
-
let(:attributes) { create(:public_work, ordered_members: [file1, file2]).to_solr }
|
72
|
-
|
73
|
-
it "only show the link to the file set that users have permission to see" do
|
74
|
-
expect(Flipflop).to receive(:hide_private_files?).and_return(true)
|
53
|
+
it "displays all children" do
|
75
54
|
render 'hyrax/base/items', presenter: presenter
|
76
|
-
expect(rendered).to
|
77
|
-
expect(rendered).not_to have_content presenter.member_presenters[1].link_name
|
55
|
+
expect(rendered).to have_css('tbody', text: member_presenters.join)
|
78
56
|
end
|
79
57
|
end
|
80
58
|
end
|
@@ -38,6 +38,6 @@ RSpec.describe 'hyrax/base/_member.html.erb' do
|
|
38
38
|
expect(rendered).to have_selector "a[title=\"Edit My File\"][href='#{edit_polymorphic_path(presenter)}']", text: 'Edit'
|
39
39
|
expect(rendered).to have_selector "a[title=\"Delete My File\"][data-method='delete'][href='#{polymorphic_path(presenter)}']", text: 'Delete'
|
40
40
|
expect(rendered).to have_link('Download')
|
41
|
-
expect(rendered).to have_selector "a[title='Download
|
41
|
+
expect(rendered).to have_selector "a[title='Download My File'][href='#{hyrax.download_path(presenter)}']", text: 'Download'
|
42
42
|
end
|
43
43
|
end
|
@@ -24,6 +24,7 @@ RSpec.describe 'hyrax/collections/_show_document_list_row.html.erb', type: :view
|
|
24
24
|
it "renders works" do
|
25
25
|
render('hyrax/collections/show_document_list_row.html.erb', document: work)
|
26
26
|
expect(rendered).to have_content 'One Hundred Years of Solitude'
|
27
|
+
expect(rendered).not_to have_content('Edit Access:')
|
27
28
|
end
|
28
29
|
end
|
29
30
|
end
|
@@ -24,6 +24,7 @@ RSpec.describe 'hyrax/dashboard/collections/_show_document_list_row.html.erb', t
|
|
24
24
|
it "renders works" do
|
25
25
|
render('show_document_list_row', document: work)
|
26
26
|
expect(rendered).to have_content 'One Hundred Years of Solitude'
|
27
|
+
expect(rendered).to have_content('Edit Access:')
|
27
28
|
end
|
28
29
|
end
|
29
30
|
end
|
@@ -1,15 +1,36 @@
|
|
1
1
|
RSpec.describe 'hyrax/file_sets/_actions.html.erb', type: :view do
|
2
|
-
let(:
|
2
|
+
let(:solr_document) { double("Solr Doc", id: 'file_set_id') }
|
3
|
+
let(:user) { build(:user) }
|
4
|
+
let(:ability) { Ability.new(user) }
|
5
|
+
let(:file_set) { Hyrax::FileSetPresenter.new(solr_document, ability) }
|
3
6
|
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
7
|
+
context 'with download permission' do
|
8
|
+
before do
|
9
|
+
allow(file_set).to receive(:user_can_perform_any_action?).and_return(true)
|
10
|
+
allow(view).to receive(:can?).with(:edit, file_set.id).and_return(false)
|
11
|
+
allow(view).to receive(:can?).with(:destroy, file_set.id).and_return(false)
|
12
|
+
allow(view).to receive(:can?).with(:download, file_set.id).and_return(true)
|
13
|
+
render 'hyrax/file_sets/actions', file_set: file_set
|
14
|
+
end
|
15
|
+
|
16
|
+
it "includes google analytics data in the download link" do
|
17
|
+
expect(rendered).to have_css('a#file_download')
|
18
|
+
expect(rendered).to have_selector("a[data-label=\"#{file_set.id}\"]")
|
19
|
+
end
|
9
20
|
end
|
10
21
|
|
11
|
-
|
12
|
-
|
13
|
-
|
22
|
+
context 'with no permission' do
|
23
|
+
let(:current_ability) { ability }
|
24
|
+
|
25
|
+
before do
|
26
|
+
allow(current_ability).to receive(:can?).with(:edit, file_set.id).and_return(false)
|
27
|
+
allow(current_ability).to receive(:can?).with(:destroy, file_set.id).and_return(false)
|
28
|
+
allow(current_ability).to receive(:can?).with(:download, file_set.id).and_return(false)
|
29
|
+
render 'hyrax/file_sets/actions', file_set: file_set
|
30
|
+
end
|
31
|
+
|
32
|
+
it "renders nothing" do
|
33
|
+
expect(rendered).to eq('')
|
34
|
+
end
|
14
35
|
end
|
15
36
|
end
|
data/template.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hyrax
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.1.0.
|
4
|
+
version: 2.1.0.rc3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Justin Coyne
|
@@ -14,7 +14,7 @@ authors:
|
|
14
14
|
autorequire:
|
15
15
|
bindir: bin
|
16
16
|
cert_chain: []
|
17
|
-
date: 2018-05-
|
17
|
+
date: 2018-05-15 00:00:00.000000000 Z
|
18
18
|
dependencies:
|
19
19
|
- !ruby/object:Gem::Dependency
|
20
20
|
name: rails
|