hyrax 2.0.0.beta4 → 2.0.0.beta5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: dce0351f90dab9f83f599f852a0d848cc1a0639d
-  data.tar.gz: 9f887777b8a1c9e0dd4e79396d65e84c45500e51
+  metadata.gz: 66a42f4f84b9b456857d5b5262a5b424eafe3814
+  data.tar.gz: 7b78a9ea6a2d7c304ee49da60282e66489520849
 SHA512:
-  metadata.gz: abc04fb4e67beb79d5e7db29b49ee4b86aa0b0ba1b9287a3f61cc82ef26b115978a716ae1e11f7f4f17f6b19b4dad75f79ff343fcab917f9a1792e151448c058
-  data.tar.gz: 262d51922326d67a601f5f16f28f8f9db4d1a79d1c47e65df1160441962595d862f67a417961e9b4cce1e3a821eba04accc51a53d2fa1a17c79482567fae7ca6
+  metadata.gz: f5cb54d0f8f526b1aa2f6decb4247831a2fc695afb3e3e8cabfc153847ac6029a05d899296070258e4736a397ff37b010ff442b9a961e1672598887f97d34974
+  data.tar.gz: a7dc23482e9c9362d08dd4845824f6bd5b37ffee27d504799c2ea74e56a0ff4fe0f0950b39a8b60b866748d11b7ff14d9b2bfdcc0da52d1c2a78987d8ea72b2e

data/.rubocop_fixme.yml

@@ -159,7 +159,6 @@ RSpec/LetBeforeExamples:
     - 'spec/forms/hyrax/forms/collection_form_spec.rb'
     - 'spec/presenters/hyrax/collection_presenter_spec.rb'
     - 'spec/presenters/hyrax/trophy_presenter_spec.rb'
-    - 'spec/services/hyrax/query_service_spec.rb'
     - 'spec/services/hyrax/workflow/action_taken_service_spec.rb'
     - 'spec/services/hyrax/workflow/notification_service_spec.rb'
 

data/.travis.yml

@@ -13,18 +13,19 @@ before_install:
   - google-chrome-stable --headless --disable-gpu --remote-debugging-port=9222 http://localhost &
 
 rvm:
-  - 2.4.1
+  - 2.4.2
 
 env:
   global:
     - NOKOGIRI_USE_SYSTEM_LIBRARIES=true
+    - ENGINE_CART_RAILS_OPTIONS='--skip-git --skip-bundle --skip-listen --skip-spring --skip-yarn --skip-keeps --skip-action-cable --skip-coffee --skip-puma --skip-test'
   # Travis should check every minor version in a range of supported versions, because
   # rails does not follow sem-ver conventions, see http://guides.rubyonrails.org/maintenance_policy.html
   # It should be sufficient to test only the latest of the patch versions for a minor version, they
   # should be compatible across patch versions (only bug fixes are released in patch versions).
   matrix:
-    - "RAILS_VERSION=5.0.5"
-    - "RAILS_VERSION=5.1.2"
+    - "RAILS_VERSION=5.1.4"
+    - "RAILS_VERSION=5.0.6"
 
 services:
   - redis-server

data/README.md

@@ -63,7 +63,7 @@ The Samvera community is here to help. Please see our [support guide](./.github/
 # Getting started
 
 This document contains instructions specific to setting up an app with __Hyrax
-v2.0.0.beta4__. If you are looking for instructions on installing a different
+v2.0.0.beta5__. If you are looking for instructions on installing a different
 version, be sure to select the appropriate branch or tag from the drop-down
 menu above.
 
@@ -144,7 +144,7 @@ Hyrax requires Rails 5. We recommend the latest Rails 5.0 release.
 
 ```
 # If you don't already have Rails at your disposal...
-gem install rails -v 5.0.5
+gem install rails -v 5.0.6
 ```
 
 ### JavaScript runtime
@@ -160,7 +160,7 @@ NOTE: The steps need to be done in order to create a new Hyrax based app.
 Generate a new Rails application using the template.
 
 ```
-rails _5.0.5_ new my_app -m https://raw.githubusercontent.com/samvera/hyrax/v2.0.0.beta4/template.rb
+rails _5.0.6_ new my_app -m https://raw.githubusercontent.com/samvera/hyrax/v2.0.0.beta5/template.rb
 ```
 
 Generating a new Rails application using Hyrax's template above takes cares of a number of steps for you, including:

data/app/actors/hyrax/actors/create_with_remote_files_actor.rb

@@ -18,12 +18,34 @@ module Hyrax
 
       private
 
+        def whitelisted_ingest_dirs
+          Hyrax.config.whitelisted_ingest_dirs
+        end
+
+        def validate_remote_url(url)
+          uri = URI.parse(URI.encode(url))
+          if uri.scheme == 'file'
+            path = File.absolute_path(URI.decode(uri.path))
+            whitelisted_ingest_dirs.any? do |dir|
+              path.start_with?(dir) && path.length > dir.length
+            end
+          else
+            # TODO: It might be a good idea to validate other URLs as well.
+            #       The server can probably access URLs the user can't.
+            true
+          end
+        end
+
         # @param [HashWithIndifferentAccess] remote_files
         # @return [TrueClass]
         def attach_files(env, remote_files)
           return true unless remote_files
           remote_files.each do |file_info|
             next if file_info.blank? || file_info[:url].blank?
+            unless validate_remote_url(file_info[:url])
+              Rails.logger.error "User #{env.user.user_key} attempted to ingest file from url #{file_info[:url]}, which doesn't pass validation"
+              return false
+            end
             create_file_from_url(env, file_info[:url], file_info[:file_name])
           end
           true

data/app/actors/hyrax/actors/file_set_actor.rb

@@ -28,6 +28,10 @@ module Hyrax
           # hand. Do this because we don't have the underlying UploadedFile instance
           file_actor = build_file_actor(relation)
           file_actor.ingest_file(wrapper!(file: file, relation: relation))
+          # Copy visibility and permissions from parent (work) to
+          # FileSets even if they come in from BrowseEverything
+          VisibilityCopyJob.perform_later(file_set.parent)
+          InheritPermissionsJob.perform_later(file_set.parent)
         else
           IngestJob.perform_later(wrapper!(file: file, relation: relation))
         end

data/app/actors/hyrax/actors/transfer_request_actor.rb

@@ -0,0 +1,23 @@
+module Hyrax
+  module Actors
+    # Notify the provided owner that their proxy wants to make a
+    # deposit on their behalf
+    class TransferRequestActor < AbstractActor
+      # @param [Hyrax::Actors::Environment] env
+      # @return [Boolean] true if create was successful
+      def create(env)
+        next_actor.create(env) && create_proxy_deposit_request(env)
+      end
+
+      private
+
+        def create_proxy_deposit_request(env)
+          proxy = env.curation_concern.on_behalf_of
+          return true if proxy.blank?
+          ContentDepositorChangeEventJob.perform_later(env.curation_concern,
+                                                       ::User.find_by_user_key(proxy))
+          true
+        end
+    end
+  end
+end

data/app/assets/javascripts/hyrax/autocomplete/default.es6

@@ -1,7 +1,8 @@
 export default class Default {
   constructor(element, url) {
     this.url = url;
-    element.autocomplete(this.options(element));
+    if (this.url !== undefined)
+      element.autocomplete(this.options(element))
   }
 
   options(element) {

data/app/assets/stylesheets/hyrax/_file_manager.scss

@@ -69,6 +69,9 @@
       .member_resource_options {
         @extend .col-xs-12;
         float: none;
+        span.radio:first-of-type {
+          margin-top: 50px;
+        }
         input[type=radio] {
           margin-left: 1px;
         }

data/app/controllers/hyrax/dashboard/collections_controller.rb

@@ -46,7 +46,6 @@ module Hyrax
       # The search builder to find the collections' members
       self.member_search_builder_class = Hyrax::CollectionMemberSearchBuilder
 
-      # load_and_authorize_resource except: [:index, :show, :create], instance_name: :collection
       load_and_authorize_resource except: [:index, :create], instance_name: :collection
 
       before_action :ensure_admin!, only: :index # index for All Collections; see also Hyrax::My::CollectionsController #index for My Collections

data/app/controllers/hyrax/my_controller.rb

@@ -22,7 +22,7 @@ module Hyrax
     configure_facets
 
     before_action :authenticate_user!
-    before_action :enforce_show_permissions, only: :show
+    load_and_authorize_resource only: :show, instance_name: :collection
 
     # include the render_check_all view helper method
     helper Hyrax::BatchEditsHelper

data/app/forms/hyrax/forms/work_form.rb

@@ -13,9 +13,10 @@ module Hyrax
       delegate :work_members_attributes=, to: :model
       delegate :human_readable_type, :open_access?, :authenticated_only_access?,
                :open_access_with_embargo_release_date?, :private_access?,
-               :embargo_release_date, :lease_expiration_date, :member_ids,
+               :visibility_during_embargo, :embargo_release_date, :visibility_after_embargo,
+               :visibility_during_lease, :lease_expiration_date, :visibility_after_lease,
                :visibility, :in_works_ids, :depositor, :on_behalf_of, :permissions,
-               :member_of_collection_ids, to: :model
+               :member_ids, :member_of_collection_ids, to: :model
 
       attr_reader :agreement_accepted
 
@@ -104,10 +105,10 @@ module Hyrax
         CollectionOptionsPresenter.new(service).select_options(:edit)
       end
 
-      # Select collection(s) based on passed-in params
+      # Select collection(s) based on passed-in params and existing memberships.
       # @return [Array] a list of collection identifiers
       def member_of_collections(collection_ids)
-        Array.wrap(collection_ids)
+        (member_of_collection_ids + Array.wrap(collection_ids)).uniq
       end
 
       # Sanitize the parameters coming from the form. This ensures that the client

data/app/helpers/hyrax/content_block_helper_behavior.rb

@@ -1,12 +1,12 @@
 module Hyrax
   module ContentBlockHelperBehavior
     def displayable_content_block(content_block, **options)
-      return if content_block.value.blank?
+      return unless display_content_block? content_block
       content_tag :div, raw(content_block.value), options
     end
 
     def display_content_block?(content_block)
-      content_block.value.present?
+      content_block.present? && content_block.value.present?
     end
   end
 end

data/app/helpers/hyrax/hyrax_helper_behavior.rb

@@ -47,13 +47,6 @@ module Hyrax
       "https://www.zotero.org/users/#{zotero_user_id}"
     end
 
-    # Only Chrome supports this
-    # @return [Boolean]
-    # @todo Replace uses with more granular client-side detection (as jQuery-fileuploader already does)
-    def browser_supports_directory_upload?
-      user_agent.include? 'Chrome'
-    end
-
     # @param [User] user
     def render_notifications(user:)
       mailbox = UserMailbox.new(user)

data/app/indexers/hyrax/indexes_workflow.rb

@@ -26,7 +26,7 @@ module Hyrax
       return unless object.persisted?
       entity = PowerConverter.convert_to_sipity_entity(object)
       return if entity.nil?
-      solr_document[workflow_role_field] = workflow_roles(entity).map { |role| "#{entity.workflow.name}-#{role}" }
+      solr_document[workflow_role_field] = workflow_roles(entity).map { |role| "#{entity.workflow.permission_template.admin_set_id}-#{entity.workflow.name}-#{role}" }
       solr_document[workflow_state_name_field] = entity.workflow_state.name if entity.workflow_state
     end
 

data/app/models/admin_set.rb

@@ -40,7 +40,7 @@ class AdminSet < ActiveFedora::Base
   end
 
   has_many :members,
-           predicate: ::RDF::Vocab::DC.isPartOf,
+           predicate:  Hyrax.config.admin_set_predicate,
            class_name: 'ActiveFedora::Base'
 
   before_destroy :check_if_not_default_set, :check_if_empty

data/app/models/concerns/hyrax/basic_metadata.rb

@@ -26,7 +26,7 @@ module Hyrax
       property :subject, predicate: ::RDF::Vocab::DC11.subject
       property :language, predicate: ::RDF::Vocab::DC11.language
       property :identifier, predicate: ::RDF::Vocab::DC.identifier
-      property :based_near, predicate: ::RDF::Vocab::FOAF.based_near, class_name: ControlledVocabularies::Location
+      property :based_near, predicate: ::RDF::Vocab::FOAF.based_near, class_name: Hyrax::ControlledVocabularies::Location
       property :related_url, predicate: ::RDF::RDFS.seeAlso
       property :bibliographic_citation, predicate: ::RDF::Vocab::DC.bibliographicCitation
       property :source, predicate: ::RDF::Vocab::DC.source

data/app/models/concerns/hyrax/in_admin_set.rb

@@ -3,7 +3,7 @@ module Hyrax
     extend ActiveSupport::Concern
 
     included do
-      belongs_to :admin_set, predicate: ::RDF::Vocab::DC.isPartOf
+      belongs_to :admin_set, predicate: Hyrax.config.admin_set_predicate
     end
 
     def active_workflow

data/app/models/concerns/hyrax/proxy_deposit.rb

@@ -11,14 +11,6 @@ module Hyrax
       property :on_behalf_of, predicate: ::RDF::URI.new('http://scholarsphere.psu.edu/ns#onBehalfOf'), multiple: false do |index|
         index.as :symbol
       end
-
-      after_create :create_transfer_request
-    end
-
-    def create_transfer_request
-      return if on_behalf_of.blank?
-      ContentDepositorChangeEventJob.perform_later(self,
-                                                   ::User.find_by_user_key(on_behalf_of))
     end
 
     def request_transfer_to(target)

data/app/models/concerns/hyrax/solr_document_behavior.rb

@@ -99,16 +99,5 @@ module Hyrax
                         Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_PRIVATE
                       end
     end
-
-    # Find the solr documents for the collections this object belongs to
-    # TODO: can we remove this method now?
-    def collections
-      return @collections if @collections
-      query = 'id:' + collection_ids.map { |id| '"' + id + '"' }.join(' OR ')
-      result = Blacklight.default_index.connection.select(params: { q: query })
-      @collections = result['response']['docs'].map do |hash|
-        ::SolrDocument.new(hash)
-      end
-    end
   end
 end

data/app/models/concerns/hyrax/user.rb

@@ -96,9 +96,9 @@ module Hyrax::User
     #   1. validation has already flagged the ORCID as invalid
     #   2. the orcid field is blank
     #   3. the orcid is already in its normalized form
-    return if errors[:orcid].first.present? || orcid.blank? || orcid.starts_with?('http://orcid.org/')
-    bare_orcid = Hyrax::OrcidValidator.match(orcid).string
-    self.orcid = "http://orcid.org/#{bare_orcid}"
+    return if errors[:orcid].first.present? || orcid.blank? || orcid.starts_with?('https://orcid.org/')
+    bare_orcid = Hyrax::OrcidValidator.match(orcid)
+    self.orcid = "https://orcid.org/#{bare_orcid}"
   end
 
   # Format the json for select2 which requires just an id and a field called text.

data/app/models/hyrax/orcid_validator.rb

@@ -6,7 +6,12 @@ module Hyrax
     end
 
     def self.match(string)
-      /\d{4}-\d{4}-\d{4}-\d{3}[\dX]/.match(string)
+      Regexp.new(orcid_regex).match(string) { |m| m[:orcid] }
     end
+
+    def self.orcid_regex
+      '^(?<prefix>https?://orcid.org/)?(?<orcid>\d{4}-\d{4}-\d{4}-\d{3}[\dX])/?$'
+    end
+    private_class_method :orcid_regex
   end
 end

data/app/services/hyrax/admin_set_create_service.rb

@@ -53,7 +53,6 @@ module Hyrax
     # Creates an admin set, setting the creator and the default access controls.
     # @return [TrueClass, FalseClass] true if it was successful
     def create
-      admin_set.read_groups = ['public']
       admin_set.edit_groups = [admin_group_name]
       admin_set.creator = [creating_user.user_key] if creating_user
       admin_set.save.tap do |result|

data/app/services/hyrax/default_middleware_stack.rb

@@ -13,6 +13,7 @@ module Hyrax
         middleware.use Hyrax::Actors::AttachMembersActor
         middleware.use Hyrax::Actors::ApplyOrderActor
         middleware.use Hyrax::Actors::InterpretVisibilityActor
+        middleware.use Hyrax::Actors::TransferRequestActor
         middleware.use Hyrax::Actors::DefaultAdminSetActor
         middleware.use Hyrax::Actors::ApplyPermissionTemplateActor
         middleware.use Hyrax::Actors::CleanupFileSetsActor

data/app/services/hyrax/statistics/depositors/summary.rb

@@ -55,7 +55,11 @@ module Hyrax
           end
 
           def date_query
-            Hyrax::QueryService.new.build_date_query(start_dt, end_dt) if start_dt.present?
+            query_service.build_date_query(start_dt, end_dt) if start_dt.present?
+          end
+
+          def query_service
+            Hyrax::Statistics::QueryService.new
           end
       end
     end

data/app/services/hyrax/statistics/over_time.rb

@@ -35,7 +35,11 @@ module Hyrax
         end
 
         def query(min, max)
-          QueryService.new.build_date_query(min, max)
+          query_service.build_date_query(min, max)
+        end
+
+        def query_service
+          Hyrax::Statistics::QueryService.new
         end
 
         # How many points are in this data set

data/app/services/hyrax/statistics/query_service.rb

@@ -0,0 +1,55 @@
+module Hyrax
+  module Statistics
+    class QueryService
+      # query to find works created during the time range
+      # @param [DateTime] start_datetime starting date time for range query
+      # @param [DateTime] end_datetime ending date time for range query
+      def find_by_date_created(start_datetime, end_datetime = nil)
+        return [] if start_datetime.blank? # no date just return nothing
+        relation.where(build_date_query(start_datetime, end_datetime))
+      end
+
+      def find_registered_in_date_range(start_datetime, end_datetime = nil)
+        find_by_date_created(start_datetime, end_datetime).merge(where_registered)
+      end
+
+      def find_public_in_date_range(start_datetime, end_datetime = nil)
+        find_by_date_created(start_datetime, end_datetime).merge(where_public)
+      end
+
+      def where_public
+        where_access_is 'public'
+      end
+
+      def where_registered
+        where_access_is 'registered'
+      end
+
+      def build_date_query(start_datetime, end_datetime)
+        start_date_str =  start_datetime.utc.strftime(date_format)
+        end_date_str = if end_datetime.blank?
+                         "*"
+                       else
+                         end_datetime.utc.strftime(date_format)
+                       end
+        "system_create_dtsi:[#{start_date_str} TO #{end_date_str}]"
+      end
+
+      delegate :count, to: :relation
+
+      def relation
+        Hyrax::WorkRelation.new
+      end
+
+      private
+
+        def where_access_is(access_level)
+          relation.where Hydra.config.permissions.read.group => access_level
+        end
+
+        def date_format
+          "%Y-%m-%dT%H:%M:%SZ"
+        end
+    end
+  end
+end