sufia 0.0.1.pre2 → 0.0.1

data/Gemfile

@@ -3,21 +3,18 @@ source 'http://rubygems.org'
 # Please see scholarsphere.gemspec for dependency information.
 gemspec
 
-#gem 'hydra-batch-edit', :git=>'git://github.com/psu-stewardship/hydra-batch-edit.git', :ref => 'b753c7aeac'
-
-gem 'mail_form', :git => 'git://github.com/psu-stewardship/mail_form.git', :ref => '50c00f0'
 
+#gem 'mail_form', :git => 'git://github.com/psu-stewardship/mail_form.git', :ref => '50c00f0'
 group :development, :test do
   gem 'sqlite3'
   gem 'unicorn-rails'
   gem "debugger"
   gem 'activerecord-import'
-  gem "rails_indexes", :git => "git://github.com/warpc/rails_indexes.git", :ref => '4a550270'
+#  gem "rails_indexes", :git => "git://github.com/warpc/rails_indexes.git", :ref => '4a550270'
   gem 'selenium-webdriver'
   gem 'headless'
   gem 'rspec-rails', '>= 2.11.0'
   gem 'ruby-prof'
-  gem 'mocha', '0.12.4', :require => false
   gem 'cucumber-rails', '~> 1.0', :require => false
   gem 'database_cleaner'
   gem 'capybara'

data/README.md

@@ -1,37 +1,69 @@
 # Sufia
+## Creating an application
+### Generate base Rails install
+```rails new my_app```
+### Add gems to Gemfile
+```
+gem 'blacklight'
+gem 'hydra-head'
+gem 'sufia'
+gem 'jettywrapper'
+```
+Then `bundle install`
 
-Run the blacklight, hydra and scholarsphere generators
+### Run the blacklight, hydra and sufia generators
 ```
 rails g blacklight --devise
 rails g hydra:head -f
 rails g sufia -f
 ```
 
-Run the migrations
+### Run the migrations
 
 ```
 rake db:migrate
 ```
 
-In your Gemfile add this:
+
+### If you want to use the assets that ship with Sufia...
+#### add the following to application.css
 ```
-gem 'jettywrapper'
+ *= require sufia
 ```
-Then run `bundle install`
+You'll want to ensure you're not loading the blacklight.css, so remove this line ```*= require_tree .```
 
+#### Add the following to application.js
+```
+//= require sufia
+```
 
-If you want to use the assets that ship with Sufia, add the following to application.css
+### Start background workers
 ```
- *= require scholarsphere
+COUNT=4 QUEUE=* rake environment resque:work
 ```
-and add the following to application.js
+See https://github.com/defunkt/resque for more options
+
+### If you want to enable transcoding of video
+#### Installing ffmpeg on a mac
+Use homebrew:
 ```
-//= require scholarsphere
+brew install ffmpeg --with-libvpx --with-libvorbis
 ```
 
-Testing: 
+## Developers:
+This information is for people who want to modify the engine itself, not an application that uses the engine:
+### Create fixtures
 ```
-rake scholarsphere:fixtures:create scholarsphere:fixtures:generate
+# start jetty
+git submodule init && git submodule update
+rake jetty:config
+rake jetty:start
+
+# load sufia fixtures
+rake sufia:fixtures:create sufia:fixtures:generate
 rake fixtures
-rake spec
+
+# run the tests
+rake clean spec
+bundle exec cucumber fixtures
 ```

data/app/controllers/batch_controller.rb

@@ -33,13 +33,12 @@ class BatchController < ApplicationController
   end
 
   def update
-    #ScholarSphere::GenericFile::Permissions.parse_permissions(params)
     authenticate_user!
     @batch =  Batch.find_or_create(params[:id])
     @batch.status="processing"
     @batch.save
-    Resque.enqueue(BatchUpdateJob, current_user.user_key, params, params[:generic_file])
+    Sufia.queue.push(BatchUpdateJob.new(current_user.user_key, params))
     flash[:notice] = 'Your files are being processed by ScholarSphere in the background. The metadata and access controls you specified are being applied. Files will be marked <span class="label label-important" title="Private">Private</span> until this process is complete (shouldn\'t take too long, hang in there!). You may need to refresh your dashboard to see these updates.'
-    redirect_to sufia.dashboard_path
+    redirect_to sufia.dashboard_index_path
   end
 end

data/app/controllers/batch_edits_controller.rb

@@ -36,19 +36,19 @@ class BatchEditsController < ApplicationController
    end
 
    def after_update 
-     redirect_to dashboard_path unless request.xhr?
+     redirect_to dashboard_index_path unless request.xhr?
    end
    
   def update_document(obj)
       super
       obj.date_modified = Time.now.ctime
-      obj.set_visibility(params)
+      obj.set_visibility(params[:visibility])
   end
     
    def update
       # keep the batch around if we are doing ajax calls
       batch_sav = batch.dup if request.xhr?        
-      catalog_index_path = dashboard_path
+      catalog_index_path = dashboard_index_path
       type = params["update_type"]
       if (type == "update")
         #params["generic_file"].reject! {|k,v| (v.blank? || (v.respond_to?(:length) && v.length==1 && v.first.blank?))}
@@ -74,4 +74,4 @@ class BatchEditsController < ApplicationController
         render :update_edit
       end        
    end
-end   
+end   

data/app/controllers/dashboard_controller.rb

@@ -19,18 +19,20 @@ class DashboardController < ApplicationController
   include Blacklight::Configurable # comply with BL 3.7
   include Hydra::Controller::ControllerBehavior
   include ActionView::Helpers::DateHelper
+  include BlacklightAdvancedSearch::ParseBasicQ
+  include BlacklightAdvancedSearch::Controller
 
   # This is needed as of BL 3.7
   self.copy_blacklight_config_from(CatalogController)
 
   before_filter :authenticate_user!
-  before_filter :enforce_access_controls
+  before_filter :enforce_show_permissions, :only=>:show
   before_filter :enforce_viewing_context_for_show_requests, :only=>:show
 
   # This applies appropriate access controls to all solr queries (the internal method of this is overidden bellow to only include edit files)
-  DashboardController.solr_search_params_logic << :add_access_controls_to_solr_params
+  DashboardController.solr_search_params_logic += [:add_access_controls_to_solr_params]
   # This filters out objects that you want to exclude from search results, like FileAssets
-  DashboardController.solr_search_params_logic << :exclude_unwanted_models
+  DashboardController.solr_search_params_logic += [:exclude_unwanted_models]
 
   def index
     extra_head_content << view_context.auto_discovery_link_tag(:rss, sufia.url_for(params.merge(:format => 'rss')), :title => "RSS for results")

data/app/controllers/generic_files_controller.rb

@@ -63,12 +63,8 @@ class GenericFilesController < ApplicationController
   def destroy
     pid = @generic_file.noid
     @generic_file.delete
-    begin
-      Resque.enqueue(ContentDeleteEventJob, pid, current_user.user_key)
-    rescue Redis::CannotConnectError
-      logger.error "Redis is down!"
-    end
-    redirect_to sufia.dashboard_path, :notice => render_to_string(:partial=>'generic_files/asset_deleted_flash', :locals => { :generic_file => @generic_file })
+    Sufia.queue.push(ContentDeleteEventJob.new(pid, current_user.user_key))
+    redirect_to sufia.dashboard_index_path, :notice => render_to_string(:partial=>'generic_files/asset_deleted_flash', :locals => { :generic_file => @generic_file })
   end
 
   # routed to /files (POST)
@@ -93,11 +89,7 @@ class GenericFilesController < ApplicationController
       else
         create_and_save_generic_file
         if @generic_file
-          begin
-            Resque.enqueue(ContentDepositEventJob, @generic_file.pid, current_user.user_key)
-          rescue Redis::CannotConnectError
-            logger.error "Redis is down!"
-          end
+          Sufia.queue.push(ContentDepositEventJob.new(@generic_file.pid, current_user.user_key))
           respond_to do |format|
             format.html {
               retval = render :json => [@generic_file.to_jq_upload].to_json,
@@ -153,47 +145,26 @@ class GenericFilesController < ApplicationController
       revision = @generic_file.content.get_version(params[:revision])
       @generic_file.add_file_datastream(revision.content, :dsid => 'content')
       version_event = true
-      begin
-        Resque.enqueue(ContentRestoredVersionEventJob, @generic_file.pid, current_user.user_key, params[:revision])
-      rescue Redis::CannotConnectError
-        logger.error "Redis is down!"
-      end
+      Sufia.queue.push(ContentRestoredVersionEventJob.new(@generic_file.pid, current_user.user_key, params[:revision]))
     end
 
     if params.has_key?(:filedata)
       return unless virus_check(params[:filedata]) == 0
       add_posted_blob_to_asset(@generic_file, params[:filedata])
       version_event = true
-      begin
-        Resque.enqueue(ContentNewVersionEventJob, @generic_file.pid, current_user.user_key)
-      rescue Redis::CannotConnectError
-        logger.error "Redis is down!"
-      end
+      Sufia.queue.push(ContentNewVersionEventJob.new(@generic_file.pid, current_user.user_key))
     end
     @generic_file.update_attributes(params[:generic_file].reject { |k,v| %w{ Filedata Filename revision part_of date_modified date_uploaded format }.include? k})
-    @generic_file.set_visibility(params)
+    @generic_file.set_visibility(params[:visibility])
     @generic_file.date_modified = Time.now.ctime
     @generic_file.save
     # do not trigger an update event if a version event has already been triggered
-    begin
-      Resque.enqueue(ContentUpdateEventJob, @generic_file.pid, current_user.user_key) unless version_event
-    rescue Redis::CannotConnectError
-      logger.error "Redis is down!"
-    end
+    Sufia.queue.push(ContentUpdateEventJob.new(@generic_file.pid, current_user.user_key)) unless version_event
     record_version_committer(@generic_file, current_user)
     redirect_to sufia.edit_generic_file_path(:tab => params[:redirect_tab]), :notice => render_to_string(:partial=>'generic_files/asset_updated_flash', :locals => { :generic_file => @generic_file })
 
   end
 
-  # routed to /files/:id/permissions (POST)
-  def permissions
-    Sufia::GenericFile::Permissions.parse_permissions(params)
-    @generic_file.update_attributes(params[:generic_file].reject { |k,v| %w{ Filedata Filename revision}.include? k})
-    @generic_file.save
-    Resque.enqueue(ContentUpdateEventJob, @generic_file.pid, current_user.user_key)
-    redirect_to sufia.edit_generic_file_path, :notice => render_to_string(:partial=>'generic_files/asset_updated_flash', :locals => { :generic_file => @generic_file })
-  end
-
   protected
   def record_version_committer(generic_file, user)
     version = generic_file.content.latest_version
@@ -267,11 +238,76 @@ class GenericFilesController < ApplicationController
     end
 
     record_version_committer(@generic_file, current_user)
-    begin
-      Resque.enqueue(UnzipJob, @generic_file.pid) if file.content_type == 'application/zip'
-    rescue Redis::CannotConnectError
-      logger.error "Redis is down!"
-    end
+    Sufia.queue.push(UnzipJob.new(@generic_file.pid)) if file.content_type == 'application/zip'
     return @generic_file
   end
+  
+  
+  
+  ############################ to get rid of deprication warnings.  Need to fix #################
+  # Controller "before" filter that delegates enforcement based on the controller action
+  # Action-specific implementations are enforce_index_permissions, enforce_show_permissions, etc.
+  # @param [Hash] opts (optional, not currently used)
+  #
+  # @example
+  #   class CatalogController < ApplicationController  
+  #     before_filter :enforce_access_controls
+  #   end
+  #
+  # @deprecated HYDRA-886 Blacklight is now using Catalog#update to store pagination info, so we don't want to enforce_edit_permissions on it. Instead just call before_filter :enforce_show_permissions, :only=>:show. Move all Edit/Update/Delete methods into non-catalog backed controllers.
+  def enforce_access_controls(opts={})
+    controller_action = params[:action].to_s
+    delegate_method = "enforce_#{controller_action}_permissions"
+    if self.respond_to?(delegate_method.to_sym, true)
+      self.send(delegate_method.to_sym)
+    else
+      true
+    end
+  end
+  
+ 
+  # Controller "before" filter for enforcing access controls on edit actions
+  # @param [Hash] opts (optional, not currently used)
+  def enforce_edit_permissions(opts={})
+    logger.debug("Enforcing edit permissions")
+    load_permissions_from_solr
+    if !can? :edit, params[:id]
+      session[:viewing_context] = "browse"
+      raise Hydra::AccessDenied.new("You do not have sufficient privileges to edit this document. You have been redirected to the read-only view.", :edit, params[:id])
+    else
+      session[:viewing_context] = "edit"
+    end
+  end
+ 
+  ##  This method is here for you to override
+  def enforce_create_permissions(opts={})
+    logger.debug("Enforcing create permissions")
+    if !can? :create, ActiveFedora::Base.new
+      raise Hydra::AccessDenied.new "You do not have sufficient privileges to create a new document."
+    end
+  end
+ 
+  ## proxies to enforce_edit_permssions.  This method is here for you to override
+  def enforce_update_permissions(opts={})
+    enforce_edit_permissions(opts)
+  end
+
+  ## proxies to enforce_edit_permssions.  This method is here for you to override
+  def enforce_destroy_permissions(opts={})
+    enforce_edit_permissions(opts)
+  end
+
+  ## proxies to enforce_edit_permssions.  This method is here for you to override
+  def enforce_new_permissions(opts={})
+    enforce_create_permissions(opts)
+  end
+
+  # Controller "before" filter for enforcing access controls on index actions
+  # Currently does nothing, instead relies on 
+  # @param [Hash] opts (optional, not currently used)
+  def enforce_index_permissions(opts={})
+    # Do nothing. Relies on enforce_search_permissions being included in the Controller's solr_search_params_logic
+    return true
+  end
+  
 end

data/app/controllers/users_controller.rb

@@ -50,41 +50,29 @@ class UsersController < ApplicationController
     @user.populate_attributes if params[:update_directory]
     @user.avatar = nil if params[:delete_avatar]
     unless @user.save
-      redirect_to sufia.edit_profile_path(@user.to_s), alert: @user.errors.full_messages
+      redirect_to sufia.edit_profile_path(URI.escape(@user.to_s,'@.')), alert: @user.errors.full_messages
       return
     end
-    begin
-      Resque.enqueue(UserEditProfileEventJob, @user.user_key)
-    rescue Redis::CannotConnectError
-      logger.error "Redis is down!"
-    end
-    redirect_to sufia.profile_path(@user.to_s), notice: "Your profile has been updated"
+    Sufia.queue.push(UserEditProfileEventJob.new(@user.user_key))
+    redirect_to sufia.profile_path(URI.escape(@user.to_s,'@.')), notice: "Your profile has been updated"
   end
 
   # Follow a user
   def follow
     unless current_user.following?(@user)
       current_user.follow(@user)
-      begin
-        Resque.enqueue(UserFollowEventJob, current_user.user_key, @user.user_key)
-      rescue Redis::CannotConnectError
-        logger.error "Redis is down!"
-      end
+      Sufia.queue.push(UserFollowEventJob.new(current_user.user_key, @user.user_key))
     end
-    redirect_to sufia.profile_path(@user.to_s), notice: "You are following #{@user.to_s}"
+    redirect_to sufia.profile_path(URI.escape(@user.to_s,'@.')), notice: "You are following #{@user.to_s}"
   end
 
   # Unfollow a user
   def unfollow
     if current_user.following?(@user)
       current_user.stop_following(@user)
-      begin
-        Resque.enqueue(UserUnfollowEventJob, current_user.user_key, @user.user_key)
-      rescue Redis::CannotConnectError
-        logger.error "Redis is down!"
-      end
+      Sufia.queue.push(UserUnfollowEventJob.new(current_user.user_key, @user.user_key))
     end
-    redirect_to sufia.profile_path(@user.to_s), notice: "You are no longer following #{@user.to_s}"
+    redirect_to sufia.profile_path(URI.escape(@user.to_s,'@.')), notice: "You are no longer following #{@user.to_s}"
   end
 
   private
@@ -94,11 +82,11 @@ class UsersController < ApplicationController
   end
 
   def user_is_current_user
-    redirect_to sufia.profile_path(@user.to_s), alert: "You cannot edit #{@user.to_s}\'s profile" unless @user == current_user
+    redirect_to sufia.profile_path(URI.escape(@user.to_s,'@.')), alert: "You cannot edit #{@user.to_s}\'s profile" unless @user == current_user
   end
 
   def user_not_current_user
-    redirect_to sufia.profile_path(@user.to_s), alert: "You cannot follow or unfollow yourself" if @user == current_user
+    redirect_to sufia.profile_path(URI.escape(@user.to_s,'@.')), alert: "You cannot follow or unfollow yourself" if @user == current_user
   end
 
   def get_sort

data/app/helpers/blacklight/render_constraints_helper_behavior.rb

@@ -33,7 +33,7 @@ module Blacklight::RenderConstraintsHelperBehavior
         render_constraint_element(label,
             localized_params[:q], 
             :classes => ["query"], 
-            :remove => dashboard_path(localized_params.merge(:q=>nil, :action=>'index')))
+            :remove => dashboard_index_path(localized_params.merge(:q=>nil, :action=>'index')))
       else
         render_constraint_element(label,
             localized_params[:q], 
@@ -60,7 +60,7 @@ module Blacklight::RenderConstraintsHelperBehavior
       if params[:controller] == 'dashboard'       
         render_constraint_element( facet_field_labels[facet],
                   val, 
-                  :remove => dashboard_path(remove_facet_params(facet, val, localized_params)),
+                  :remove => dashboard_index_path(remove_facet_params(facet, val, localized_params)),
                   :classes => ["filter", "filter-" + facet.parameterize] 
                 ) + "\n"    
       else

data/app/helpers/sufia_helper.rb

@@ -12,6 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+
 module SufiaHelper
 
   # link_back_to_dashboard(:label=>'Back to Search')
@@ -20,7 +21,7 @@ module SufiaHelper
     query_params = session[:search] ? session[:search].dup : {}
     query_params.delete :counter
     query_params.delete :total
-    link_url = dashboard_path + "?" + query_params.to_query
+    link_url = dashboard_index_path + "?" + query_params.to_query
     link_to opts[:label], link_url
   end
 
@@ -29,7 +30,7 @@ module SufiaHelper
     p.delete :page
     p.delete :action
     p[:q]=query
-    link_url = dashboard_path(p)
+    link_url = dashboard_index_path(p)
     link_to(query, link_url)
   end
 
@@ -81,4 +82,24 @@ module SufiaHelper
       chat_id
     end
   end
+
+  # Override to remove the label class (easier integration with bootstrap)
+  # and handles arrays
+  def render_facet_value(facet_solr_field, item, options ={})    
+    if item.is_a? Array
+      render_array_facet_value(facet_solr_field, item, options)
+    end
+    path =sufia.url_for(add_facet_params_and_redirect(facet_solr_field, item.value).merge(:only_path=>true))
+    (link_to_unless(options[:suppress_link], item.value, path, :class=>"facet_select") + " " + render_facet_count(item.hits)).html_safe
+  end
+
+    # link_back_to_catalog(:label=>'Back to Search')
+  # Create a link back to the index screen, keeping the user's facet, query and paging choices intact by using session.
+  def link_back_to_catalog(opts={:label=>t('blacklight.back_to_search')})
+    query_params = session[:search] ? session[:search].dup : {}
+    query_params.delete :counter
+    query_params.delete :total
+    link_url = sufia.url_for(query_params)
+    link_to opts[:label], link_url
+  end
 end