Skip to content

Commit

Permalink
Restrict access to items returned by the AdminSetService
Browse files Browse the repository at this point in the history
  • Loading branch information
@jcoyne
jcoyne committed Aug 19, 2016
1 parent 24961f0 commit fae17e4
Show file tree
Hide file tree
Showing 4 changed files with 41 additions and 9 deletions.
14 changes: 14 additions & 0 deletions app/search_builders/curation_concerns/admin_set_search_builder.rb
View file
@@ -1,8 +1,22 @@
module CurationConcerns
class AdminSetSearchBuilder < ::SearchBuilder
def initialize(context, access)
@access = access
super(context)
end

# This overrides the filter_models in FilterByType
def filter_models(solr_parameters)
solr_parameters[:fq] << ActiveFedora::SolrQueryBuilder.construct_query_for_rel(has_model: ::AdminSet.to_class_uri)
end

# Overrides Hydra::AccessControlsEnforcement
def discovery_permissions
if @access == :edit
@discovery_permissions ||= ["edit"]
else
super
end
end
end
end
10 changes: 6 additions & 4 deletions app/services/curation_concerns/admin_set_service.rb
View file
Expand Up @@ -7,16 +7,18 @@ def initialize(context)
@context = context
end

def select_options
search_results.map do |element|
# @param [Symbol] access :read or :edit
def select_options(access = :read)
search_results(access).map do |element|
[element.to_s, element.id]
end
end

private

def search_results
builder = AdminSetSearchBuilder.new(context)
# @param [Symbol] access :read or :edit
def search_results(access)
builder = AdminSetSearchBuilder.new(context, access)
response = context.repository.search(builder)
response.documents
end
Expand Down
2 changes: 1 addition & 1 deletion spec/search_builders/curation_concerns/admin_set_search_builder_spec.rb
View file
Expand Up @@ -6,7 +6,7 @@
let(:user) { double('user') }
let(:solr_params) { { fq: [] } }

subject { described_class.new(context) }
subject { described_class.new(context, :read) }
describe '#filter_models' do
before { subject.filter_models(solr_params) }

Expand Down
24 changes: 20 additions & 4 deletions spec/services/curation_concerns/admin_set_service_spec.rb
View file
Expand Up @@ -9,13 +9,29 @@
repository: controller.repository,
blacklight_config: controller.blacklight_config)
end

let(:service) { described_class.new(context) }
let(:user) { create(:user) }
let!(:as1) { create(:admin_set, :public, title: ['foo']) }
let!(:as2) { create(:admin_set, :public, title: ['bar']) }
subject { service.select_options }
it { is_expected.to eq [['foo', as1.id],
['bar', as2.id]] }
let!(:as3) { create(:admin_set, edit_users: [user.user_key], title: ['baz']) }

context "with default (read) access" do
subject { service.select_options }
it { is_expected.to eq [['foo', as1.id],
['bar', as2.id],
['baz', as3.id]] }
end

context "with explicit read access" do
subject { service.select_options(:read) }
it { is_expected.to eq [['foo', as1.id],
['bar', as2.id],
['baz', as3.id]] }
end

context "with explicit edit access" do
subject { service.select_options(:edit) }
it { is_expected.to eq [['baz', as3.id]] }
end
end
end

0 comments on commit fae17e4

Please sign in to comment.