sufia 6.6.1 → 6.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 75ebe5a7ba6376387d3c17bfa1f4faaf98d43bb5
-  data.tar.gz: 313535cd837f9640ad3d5c0b2b1d26157d006c0b
+  metadata.gz: f55c1c825e448527062e1b637aa4e0db095b8d49
+  data.tar.gz: 5eb9af1ef450202b09bb95a9c5057b5b5a9766c4
 SHA512:
-  metadata.gz: dccece1330a5ee29a1232710a63e31188f306ee4f6e1552e5e8522fa59a7bf420d2215f4b8a6ec3f96be5f8c53109fa9f01167a7a842d2967a517cfdab935bcf
-  data.tar.gz: e489a1d9a56ad351fb46106e30e8818ce8d8930b703ea01efad2eb22afa870dcd7e0449de36563f8f6771d00a76a55cc5f743dd5d6ebe100f92cb1f754da0c54
+  metadata.gz: 6d733e7eb0f715bd7a630bd025667072ade7dda69603ad2ee619c78987230c35319ccce80776326bef2d2d1aa952cd1e0ed7e2ac8790110eb79ced13b28aff0e
+  data.tar.gz: d138503996cb6e03019bf20d988bba1ae0f13464d9255567bd99141c12041ba36ac229cb949c00d201a4d1f22b775051adc841bcaf2e85a1e231d7b87450c61a

data/.hound.yml

@@ -0,0 +1,2 @@
+ruby:
+  enabled: false

data/.rubocop.yml

@@ -51,6 +51,7 @@ Metrics/ModuleLength:
   Exclude:
     - 'app/controllers/concerns/sufia/users_controller_behavior.rb'
     - 'app/controllers/concerns/sufia/files_controller_behavior.rb'
+    - 'app/controllers/concerns/sufia/collections_controller_behavior.rb'
     - 'app/helpers/sufia/sufia_helper_behavior.rb'
 
 Style/BlockDelimiters:

data/History.md

@@ -1,12 +1,25 @@
 # History of Sufia releases
-## 6.6.1
+
+## 6.7.0
+* Allow users and groups to share collections [E. Lynette Rayle]
+* Don’t run hound on ruby code [E. Lynette Rayle]
+* Add ability to set visibility for collections [E. Lynette Rayle]
+* Adding executable to run surveyor from the command line. Changing surveyor to not recreate survey items for existing items when you run the executable multiple times. [Carolyn Cole]
+* Adding a surveyor to create survey items for an id list And adding enumerator for migration status [Carolyn Cole]
+* Adding FedoraIdService to create a list of all the ids (of classes we care about) in fedora [Carolyn Cole]
+* Adding ActiveRecord class for Sufia::Migration::Survey::item [Carolyn Cole]
+* Moving bin directory to exe to follow new standards [Carolyn Cole]
+* Adding executable to run export actor from the command line [Carolyn Cole]
+* Export Actor which will export ActiveFedora classes to json files [Carolyn Cole]
+* Exporting a Collection's metadata, permissions, and members [Carolyn Cole]* 
+
+## 6.6.1* Export GenericFile metdata, versions, and permissions [Carolyn Cole]
 * Upping the versions for 6.6.1 release [Carolyn Cole]
 * Removing group and login from profile update [Carolyn Cole]
 * Test with Rails 4.2.6 [Justin Coyne]
 * Add auto-fix + exclusions for new Rubocop violations [Michael J. Giarlo]
 * Temporarily pin Rubocop to get past broken 0.38.0 error [Michael J. Giarlo]
 * Hydra-Jetty should be the default service container in 6.x. [Michael J. Giarlo]
-* Escape property values before presenting them with auto_link. [Olli Lyytinen]
 
 ## 6.6.0
 * Update background workers doc [E. Lynette Rayle]

data/README.md

@@ -95,7 +95,7 @@ If you have questions or need help, please email [the Hydra community tech list]
 # Creating a Sufia-based app
 
 This document contains instructions specific to setting up an app with __Sufia
-v6.6.0__. If you are looking for instructions on installing a different
+v6.7.0__. If you are looking for instructions on installing a different
 version, be sure to select the appropriate branch or tag from the drop-down
 menu above.
 
@@ -147,7 +147,7 @@ rails new my_app
 Add the following lines to your application's Gemfile.
 
 ```
-gem 'sufia', '6.6.0'
+gem 'sufia', '6.7.0'
 gem 'kaminari', github: 'jcoyne/kaminari', branch: 'sufia'  # required to handle pagination properly in dashboard. See https://github.com/amatsuda/kaminari/pull/322
 ```
 

data/SUFIA_VERSION

@@ -1 +1 @@
-6.6.1
+6.7.0

data/app/assets/javascripts/sufia/permissions.js

@@ -77,15 +77,27 @@ Blacklight.onLoad(function() {
   // when user clicks on visibility, update potential access levels
   $("input[name='visibility']").on("change", set_access_levels);
 
-	$('#generic_file_permissions_new_group_name').change(function (){
-      var edit_option = $("#generic_file_permissions_new_group_permission option[value='edit']")[0];
-	    if (this.value.toUpperCase() == 'PUBLIC') {
-	       edit_option.disabled =true;
-	    } else {
-           edit_option.disabled =false;
-	    }
-
-	});
+    if (($("[id=new_collection]").length) || ($("[id^=edit_collection]")).length) {
+        $('#collection_permissions_new_group_name').change(function (){
+            var edit_option = $("#collection_permissions_new_group_permission option[value='edit']")[0];
+            if (this.value.toUpperCase() == 'PUBLIC') {
+                edit_option.disabled =true;
+            } else {
+                edit_option.disabled =false;
+            }
+        });
+    }
+    else {
+        $('#generic_file_permissions_new_group_name').change(function () {
+            var edit_option = $("#generic_file_permissions_new_group_permission option[value='edit']")[0];
+            if (this.value.toUpperCase() == 'PUBLIC') {
+                edit_option.disabled = true;
+            } else {
+                edit_option.disabled = false;
+            }
+
+        });
+    }
 
   function addPerm(agent_name, access, access_label, agent_type)
   {
@@ -114,7 +126,11 @@ Blacklight.onLoad(function() {
   }
 
   function addHiddenPermField(element, type, name, access) {
-      var prefix = 'generic_file[permissions_attributes][' + nextIndex() + ']';
+      var prefix = 'generic_file';
+      if (($("[id=new_collection]").length) || ($("[id^=edit_collection]").length)) {
+          prefix = 'collection';
+      }
+      prefix += '[permissions_attributes][' + nextIndex() + ']';
       $('<input>').attr({
           type: 'hidden',
           name: prefix + '[type]',
@@ -145,13 +161,17 @@ Blacklight.onLoad(function() {
   });
 
   function showPermissionNote() {
-     $('#save_perm_note').removeClass('hidden');
+      $('#save_perm_note').removeClass('hidden');
   }
 
   function addDestroyField(element, index) {
+      var prefix = 'generic_file';
+      if (($("[id=new_collection]").length) || ($("[id^=edit_collection]").length)) {
+          prefix = 'collection';
+      }
       $('<input>').attr({
           type: 'hidden',
-          name: 'generic_file[permissions_attributes][' + index + '][_destroy]',
+          name: prefix + '[permissions_attributes][' + index + '][_destroy]',
           value: 'true'
       }).appendTo(element);
   }
@@ -169,6 +189,10 @@ function get_visibility() {
  * visibility of Open or Institution) so disable the Read option
  */
 function set_access_levels() {
+  var permissions_fld = 'generic_file[permissions]';
+  if (($("[id=new_collection]").length) || ($("[id^=edit_collection]").length)) {
+    permissions_fld = 'collection[permissions]';
+  }
   var vis = get_visibility();
   var enabled_disabled = false;
   if (vis == "open" || vis == "psu") {
@@ -176,7 +200,7 @@ function set_access_levels() {
   }
   $('#new_group_permission_skel option[value=read]').attr("disabled", enabled_disabled);
   $('#new_user_permission_skel option[value=read]').attr("disabled", enabled_disabled);
-  var perms_sel = $("select[name^='generic_file[permissions]']");
+  var perms_sel = $("select[name^=permissions_fld]");
   $.each(perms_sel, function(index, sel_obj) {
     $.each(sel_obj, function(j, opt) {
       if( opt.value == "read") {
@@ -192,10 +216,14 @@ function set_access_levels() {
  */
 function is_permission_duplicate(user_or_group_name)
 {
+  var permissions_fld = 'generic_file[permissions]';
+  if (($("[id=new_collection]").length) || ($("[id^=edit_collection]").length)) {
+    permissions_fld = 'collection[permissions]';
+  }
   s = "[" + user_or_group_name + "]";
   var patt = new RegExp(preg_quote(s), 'gi');
-  var perms_input = $("input[name^='generic_file[permissions]']");
-  var perms_sel = $("select[name^='generic_file[permissions]']");
+  var perms_input = $("input[name^=permissions_fld]");
+  var perms_sel = $("select[name^=permissions_fld]");
   var flag = 1;
   perms_input.each(function(index, form_input) {
       // if the name is already being used - return false (not valid)

data/app/controllers/concerns/sufia/collections_controller_behavior.rb

@@ -6,6 +6,18 @@ module Sufia
     included do
       include Sufia::Breadcrumbs
 
+      # Catch permission errors
+      rescue_from Hydra::AccessDenied, CanCan::AccessDenied do |exception|
+        if exception.action == :edit
+          redirect_to(sufia.url_for(action: 'show'), alert: "You do not have sufficient privileges to edit this document")
+        elsif current_user && current_user.persisted?
+          redirect_to root_url, alert: exception.message
+        else
+          session["user_return_to"] = request.url
+          redirect_to new_user_session_url, alert: exception.message
+        end
+      end
+
       before_action :filter_docs_with_read_access!, except: :show
       before_action :has_access?, except: :show
       before_action :build_breadcrumbs, only: [:edit, :show]
@@ -17,6 +29,7 @@ module Sufia
 
     def new
       super
+      @collection.visibility = 'open' # default to open access
       form
     end
 
@@ -56,11 +69,25 @@ module Sufia
 
       def collection_params
         form_class.model_attributes(
-          params.require(:collection).permit(:title, :description, :members, part_of: [],
-                                                                             contributor: [], creator: [], publisher: [], date_created: [], subject: [],
-                                                                             language: [], rights: [], resource_type: [], identifier: [], based_near: [],
-                                                                             tag: [], related_url: [])
-        )
+          params.require(:collection).permit(
+            :title,
+            :description,
+            :members,
+            part_of: [],
+            contributor: [],
+            creator: [],
+            publisher: [],
+            date_created: [],
+            subject: [],
+            language: [],
+            rights: [],
+            resource_type: [],
+            identifier: [],
+            based_near: [],
+            tag: [],
+            related_url: []).merge(params.permit(:visibility)).tap do |whitelisted|
+              whitelisted[:permissions_attributes] = params[:collection][:permissions_attributes]
+            end)
       end
 
       def query_collection_members
@@ -94,5 +121,14 @@ module Sufia
           Sufia.queue.push(ResolrizeGenericFileJob.new(gf))
         end
       end
+
+      def permissions_attributes
+        begin
+          perm_attrs = ActionController::Parameters.new(permissions_attributes: params.require(:collection).require(:permissions_attributes))
+        rescue
+          perm_attrs = ActionController::Parameters.new
+        end
+        perm_attrs
+      end
   end
 end

data/app/controllers/my/shared_collections_controller.rb

@@ -0,0 +1,19 @@
+module My
+  class SharedCollectionsController < MyController
+    self.search_params_logic += [
+      :show_only_shared_collections,
+      :show_only_collections
+    ]
+
+    def index
+      super
+      @selected_tab = :shared_collections
+    end
+
+    protected
+
+      def search_action_url(*args)
+        sufia.dashboard_shared_collections_url(*args)
+      end
+  end
+end

data/app/forms/sufia/forms/collection_edit_form.rb

@@ -2,9 +2,16 @@ module Sufia
   module Forms
     class CollectionEditForm
       include HydraEditor::Form
+      include HydraEditor::Form::Permissions
+
       self.model_class = ::Collection
       self.terms = [:resource_type, :title, :creator, :contributor, :description, :tag, :rights,
-                    :publisher, :date_created, :subject, :language, :identifier, :based_near, :related_url]
+                    :publisher, :date_created, :subject, :language, :identifier, :based_near, :related_url, :visibility]
+
+      # Remove visibility from the set of rendered terms
+      def rendered_terms
+        terms - [:visibility]
+      end
 
       # Test to see if the given field is required
       # @param [Symbol] key a field

data/app/helpers/batch_edits_helper.rb

@@ -6,6 +6,6 @@ module BatchEditsHelper
   end
 
   def render_check_all
-    render partial: 'batch_edits/check_all' unless params[:controller] =~ /my\/collections/
+    render partial: 'batch_edits/check_all' unless params[:controller] =~ /my\/.*collections/
   end
 end

data/app/helpers/collection_helper.rb

@@ -0,0 +1,15 @@
+# -*- coding: utf-8 -*-
+module CollectionHelper
+  def render_collection_visibility_badge
+    if can? :edit, @collection
+      render_collection_visibility_link(@collection)
+    else
+      render_visibility_label(@collection)
+    end
+  end
+
+  def render_collection_visibility_link(collection)
+    link_to render_visibility_label(collection), collections.edit_collection_path(collection, anchor: "permissions_display"),
+            id: "permission_" + collection.id, class: "visibility-link"
+  end
+end

data/app/helpers/sufia/dashboard_helper_behavior.rb

@@ -40,6 +40,10 @@ module Sufia
       params[:controller].match(/^my\/files/)
     end
 
+    def on_my_shared_files?
+      params[:controller].match(/^my\/shares/)
+    end
+
     def number_of_files(user = current_user)
       ::GenericFile.where(Solrizer.solr_name('depositor', :symbol) => user.user_key).count
     end

data/app/helpers/sufia/permissions_helper.rb

@@ -1,11 +1,11 @@
 module Sufia
   module PermissionsHelper
     def visibility_help
-      help_link('generic_files/visibility', 'Visibility', 'Useage information for visibility')
+      help_link('generic_files/visibility', 'Visibility', 'Usage information for visibility')
     end
 
     def share_with_help
-      help_link('generic_files/share_with', 'Share With', 'Useage information for sharing')
+      help_link('generic_files/share_with', 'Share With', 'Usage information for sharing')
     end
 
     private

data/app/helpers/sufia/sufia_helper_behavior.rb

@@ -209,6 +209,8 @@ module Sufia
           sufia.dashboard_shares_path
         when "my/highlights"
           sufia.dashboard_highlights_path
+        when "my/shared_collections"
+          sufia.dashboard_shared_collections_path
         else
           sufia.dashboard_files_path
         end

data/app/presenters/sufia/collection_presenter.rb

@@ -11,7 +11,7 @@ module Sufia
 
     # Depositor and permissions are not displayed in app/views/collections/_show_descriptions.html.erb
     # so don't include them in `terms'.
-    # delegate :depositor, :permissions, to: :model
+    delegate :depositor, :permissions, to: :model
 
     def terms_with_values
       terms.select { |t| self[t].present? }

data/app/search_builders/sufia/search_builder.rb

@@ -9,6 +9,13 @@ module Sufia::SearchBuilder
     ]
   end
 
+  def show_only_shared_collections(solr_parameters)
+    solr_parameters[:fq] ||= []
+    solr_parameters[:fq] += [
+      "-" + ActiveFedora::SolrQueryBuilder.construct_query_for_rel(depositor: scope.current_user.user_key)
+    ]
+  end
+
   def show_only_resources_deposited_by_current_user(solr_parameters)
     solr_parameters[:fq] ||= []
     solr_parameters[:fq] += [

data/app/views/catalog/_search_form.html.erb

@@ -40,6 +40,10 @@
                   <%= link_to t("sufia.search.form.option.my_shares.label_long"), "#",
                       data: { "search-option" => sufia.dashboard_shares_path, "search-label" => t("sufia.search.form.option.my_shares.label_short") } %>
                 </li>
+                <li>
+                  <%= link_to t("sufia.search.form.option.my_shared_collections.label_long"), "#",
+                              data: { "search-option" => sufia.dashboard_shared_collections_path, "search-label" => t("sufia.search.form.option.my_shared_collections.label_short") } %>
+                </li>
               <% end %>
 
             </ul>

data/app/views/collections/_form.html.erb

@@ -2,7 +2,7 @@
   <div id="descriptions_display">
     <h2 class="non lower">Descriptions <small class="pull-right"><span class="error">*</span> indicates required fields</small> </h2>
     <div class="well">
-      <% f.object.terms.each do |term| %>
+      <% f.object.rendered_terms.each do |term| %>
         <%= render_edit_field_partial term, f: f %>
       <% end %>
     </div><!-- /well -->
@@ -14,6 +14,10 @@
     <% end %>
   <% end %>
 
+  <div class="collection_form_visibility">
+    <%= render 'permission_form', f: f.object %>
+  </div>
+
   <div class="primary-actions">
     <% if params[:action] == "new" %>
       <%= f.submit 'Create Collection', class: 'btn btn-primary', onclick: "confirmation_needed = false;", id: "create_submit", name: "create_collection" %>

data/app/views/collections/_permission_form.html.erb

@@ -0,0 +1,111 @@
+<% depositor = f.model.depositor || current_user %>
+
+<div class="alert alert-info hidden" id="save_perm_note">Permissions are <strong>not</strong> saved until the &quot;Save&quot; button is pressed at the bottom of the page.</div>
+<div class="alert alert-warning hidden" id="permissions_error">
+  <a class="close" data-dismiss="alert" href="#">
+    <span class="sr-only">Close this alert</span>
+    <span aria-hidden="true">×</span>
+  </a>
+<span id="permissions_error_text"></span></div>
+
+<div class="well">
+
+  <h3>Visibility - <small>who should have the ability to read and download</small>
+    <span id="visibility_tooltip" class="h5"><%= visibility_help %></span>
+  </h3>
+  <div class="radio">
+    <label>
+      <input type="radio" id="visibility_open" name="visibility" value="<%=Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_PUBLIC %>" <% if f.model.public? %> checked="true"<% end %>/> <span class="label label-success">Open Access</span> Visible to the world.
+    </label>
+    <label>
+      <input type="radio" id="visibility_psu" name="visibility" value="<%=Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_AUTHENTICATED %>" <% if f.model.registered? %> checked="true"<% end %> /><span class="label label-info"><%=t('sufia.institution_name') %></span> Visible to all <%=t('sufia.institution_name') %> users.
+    </label>
+    <label>
+      <input type="radio" id="visibility_restricted" name="visibility" value="<%=Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_PRIVATE %>"<% if f.model.private? %> checked="true"<% end %> /> <span class="label label-danger">Private</span> Visible to users/groups specified below, if any.
+    </label>
+  </div>
+
+  <!-- Share With -->
+  <div class="row">
+    <h3 class="col-sm-12">Share With <small>(optional)</small>
+      <span id="share_with_tooltip" class="h5"><%= share_with_help %></span>
+    </h3>
+  </div>
+
+  <div class="form-group row">
+    <div id="new-user">
+      <p class="col-sm-12">Enter <%=t('sufia.account_label') %> (one at a time)</p>
+      <p class="sr-only">Use the add button to give access to one <%=t('sufia.account_label') %> at a time (it will be added to the list below).  Select the user, by name or <%=t('sufia.account_label') %>. Then select the access level you wish to grant and click on Add this <%= t('sufia.account_label') %> to complete adding the permission.</p>
+      <div class="col-sm-5">
+        <label for="new_user_name_skel" class="sr-only"><%= t('sufia.account_label') %> (without the <%= t('sufia.directory.suffix') %> part)</label>
+        <%= text_field_tag 'new_user_name_skel', nil %>
+      </div>
+      <div class="col-sm-4">
+        <label for="new_user_permission_skel" class="sr-only">Access type to grant</label>
+        <%= select_tag 'new_user_permission_skel', options_for_select(Sufia.config.permission_levels), class: 'form-control' %>
+      </div>
+      <div class="col-sm-3">
+        <button class="btn btn-mini btn-inverse" id="add_new_user_skel">
+          <span class="sr-only">Add this <%= t('sufia.account_label') %></span>
+          <span aria-hidden="true"><i class="glyphicon glyphicon-plus"></i></span>
+        </button>
+        <br /> <span id="directory_user_result"></span>
+      </div>
+    </div>
+  </div>
+
+  <div class="form-group row">
+    <div id="new-group" >
+      <p class="sr-only">Use the add button to give access to one group at a time (it will be added to the list below).</p>
+      <div class="col-sm-5">
+        <label for="new_group_name_skel" class="sr-only">Group</label>
+        <%= select_tag 'new_group_name_skel', options_for_select(["Select a group"] + current_user.groups), class: 'form-control' %>
+      </div>
+      <div class="col-sm-4">
+        <label for="new_group_permission_skel" class="sr-only">Access type to grant</label>
+        <%= select_tag 'new_group_permission_skel', options_for_select(Sufia.config.permission_levels), class: 'form-control' %>
+      </div>
+      <div class="col-sm-3">
+        <span class="sr-only">Add this group</span>
+        <button class="btn btn-mini btn-inverse" id="add_new_group_skel"><i class="glyphicon glyphicon-plus"></i></button>
+        <br /><span id="directory_group_result"></span>
+      </div>
+    </div>
+  </div>
+
+</div><!-- /.well -->
+
+<table class="table table-bordered">
+  <tr>
+    <th width="60%">Person/Group</th>
+    <th width="40%">Access Level</th>
+  </tr>
+  <tr id="file_permissions">
+    <td>
+      <%= label_tag :owner_access, class: "control-label" do %>
+        Depositor (<span id="file_owner" data-depositor="<%= depositor %>"><%= link_to_profile depositor %></span>)
+      <% end %>
+    </td>
+    <td>
+      <%= Sufia.config.owner_permission_levels.keys[0] %>
+    </td>
+  </tr>
+  <% x=1 %>
+  <% f.model.permissions.each do |permission_fields| %>
+    <%# skip the public, penn state (aka registered), and depositor perms as they are displayed first at the top %>
+    <% next if ['public', 'registered', depositor].include? permission_fields.agent_name.downcase %>
+    <tr>
+      <td><%= label_tag :owner_access, class: "control-label" do %>
+        <%= user_display_name_and_key(permission_fields.agent_name) %>
+      <% end %></td>
+      <td>
+        <div class="col-sm-8">
+          <%= select_tag "collection[permissions_attributes][#{x}][access]", options_for_select(Sufia.config.permission_levels, permission_fields.access), class: 'form-control select_perm', id: "collection_permission_attributes_#{x}_access" %>
+        </div>
+        <button class="btn close remove_perm" data-index="<%= x %>">X</button>
+      </td>
+    </tr>
+    <%= hidden_field_tag "collection[permissions_attributes][#{x}][id]", permission_fields.id, id: "collection_permission_attributes_#{x}_id" %>
+    <% x+=1 %>
+  <% end %>
+</table>