deposit: various corrections

* Adds styles for ngx-toastr.
* Avoids error on PDF extraction when forename is not existing.
* Gives access to deposit for users with role user.

Co-Authored-by: Sébastien Délèze <sebastien.deleze@rero.ch>

sonar/modules/ext.py

@@ -21,14 +21,16 @@
 
 from flask_assets import Bundle, Environment
 
-from sonar.modules.permissions import has_admin_access, has_super_admin_access
+from sonar.modules.permissions import has_admin_access, \
+    has_super_admin_access, has_user_access
 
 from . import config
 
 
 def utility_processor():
     """Dictionary for passing data to templates."""
-    return dict(has_admin_access=has_admin_access,
+    return dict(has_user_access=has_user_access,
+                has_admin_access=has_admin_access,
                 has_super_admin_access=has_super_admin_access,
                 ui_version=config.SONAR_APP_UI_VERSION)
 

sonar/modules/pdf_extractor/utils.py

@@ -49,11 +49,13 @@ def extract_text_from_file(file):
 
 
 def format_extracted_data(data):
-    """Format the extracted metadata from PDF."""
+    """Format the metadata extracted by Grobid service."""
     formatted_data = {}
-    if '#text' in data['teiHeader']['fileDesc']['titleStmt']['title']:
-        formatted_data['title'] = data['teiHeader']['fileDesc']['titleStmt'][
-            'title']['#text']
+
+    # Get title
+    title = data['teiHeader']['fileDesc']['titleStmt']['title'].get('#text')
+    if title:
+        formatted_data['title'] = title
 
     if data['text']['@xml:lang']:
         language = pycountry.languages.get(alpha_2=data['text']['@xml:lang'])
@@ -63,43 +65,36 @@ def format_extracted_data(data):
             else:
                 formatted_data['languages'] = [language.alpha_3]
 
-    if 'analytic' in data['teiHeader']['fileDesc']['sourceDesc'][
-            'biblStruct'] and data['teiHeader']['fileDesc']['sourceDesc'][
-                'biblStruct']['analytic'] and 'author' in data['teiHeader'][
-                    'fileDesc']['sourceDesc']['biblStruct']['analytic']:
-        authors = data['teiHeader']['fileDesc']['sourceDesc']['biblStruct'][
-            'analytic']['author']
-        if not isinstance(authors, list):
-            authors = [authors]
+    authors = data['teiHeader']['fileDesc']['sourceDesc']['biblStruct'].get(
+        'analytic', {}).get('author')
+
+    if authors:
+        authors = force_list(authors)
 
-        formatted_data['authors'] = []
         for author in authors:
-            if 'persName' in author:
-                new_author = {}
+            if author.get('persName'):
+                name = []
+                surname = author['persName'].get('surname')
+
+                if surname:
+                    name.append(surname)
 
-                if 'surname' in author['persName']:
-                    new_author['name'] = author['persName']['surname']
+                forenames = author['persName'].get('forename', [])
+                forenames = force_list(forenames)
 
-                if not isinstance(author['persName']['forename'], list):
-                    author['persName']['forename'] = [
-                        author['persName']['forename']
-                    ]
+                name = name + [forename['#text'] for forename in forenames]
 
-                for forename in author['persName']['forename']:
-                    new_author[
-                        'name'] = forename['#text'] + ' ' + new_author['name']
+                formatted_data.setdefault('authors',
+                                          []).append({'name': ' '.join(name)})
 
-                formatted_data['authors'].append(new_author)
+    imprint = data['teiHeader']['fileDesc']['sourceDesc']['biblStruct'][
+        'monogr'].get('imprint', {})
 
-    if data['teiHeader']['fileDesc']['sourceDesc']['biblStruct']['monogr'][
-            'imprint']:
-        imprint = data['teiHeader']['fileDesc']['sourceDesc']['biblStruct'][
-            'monogr']['imprint']
-        if 'publisher' in imprint:
+    if imprint:
+        if imprint.get('publisher'):
             formatted_data['journal'] = {'name': imprint['publisher']}
 
-            if not isinstance(imprint['biblScope'], list):
-                imprint['biblScope'] = [imprint['biblScope']]
+            imprint['biblScope'] = force_list(imprint['biblScope'])
 
             for item in imprint['biblScope']:
                 if item['@unit'] in ['page', 'volume', 'number']:
@@ -111,9 +106,16 @@ def format_extracted_data(data):
                         key] = item['#text'] if '#text' in item else item[
                             '@from'] + '-' + item['@to']
 
-    if 'abstract' in data['teiHeader']['profileDesc'] and data['teiHeader'][
-            'profileDesc']['abstract']:
-        formatted_data['abstract'] = data['teiHeader']['profileDesc'][
-            'abstract']['p']
+    abstract = data['teiHeader']['profileDesc'].get('abstract')
+    if abstract:
+        formatted_data['abstract'] = abstract['p']
 
     return formatted_data
+
+
+def force_list(data):
+    """Force input data to be a list."""
+    if not isinstance(data, list):
+        return [data]
+
+    return data

sonar/modules/permissions.py

@@ -35,6 +35,17 @@
 allow_access = type('Allow', (), {'can': lambda self: True})()
 
 
+def has_user_access():
+    """Check if current user has at least role user.
+
+    This function is used in app context and can be called in all templates.
+    """
+    if current_app.config.get('SONAR_APP_DISABLE_PERMISSION_CHECKS'):
+        return True
+
+    return user_access_permission.can()
+
+
 def has_admin_access():
     """Check if current user has access to admin panel.
 
@@ -72,23 +83,23 @@ def can_create_record_factory(**kwargs):
     if current_app.config.get('SONAR_APP_DISABLE_PERMISSION_CHECKS'):
         return allow_access
 
-    return admin_access_permission
+    return user_access_permission
 
 
 def can_update_record_factory(**kwargs):
     """Factory to check if a record can be updated."""
     if current_app.config.get('SONAR_APP_DISABLE_PERMISSION_CHECKS'):
         return allow_access
 
-    return admin_access_permission
+    return user_access_permission
 
 
 def can_delete_record_factory(**kwargs):
     """Factory to check if a record can be deleted."""
     if current_app.config.get('SONAR_APP_DISABLE_PERMISSION_CHECKS'):
         return allow_access
 
-    return admin_access_permission
+    return user_access_permission
 
 
 def can_access_manage_view(func):
@@ -98,7 +109,7 @@ def decorated_view(*args, **kwargs):
         if not current_user.is_authenticated:
             abort(401)
         else:
-            if has_admin_access():
+            if has_user_access():
                 return func(*args, **kwargs)
 
             abort(403)

sonar/theme/assets/scss/common/_theme.scss

@@ -17,6 +17,7 @@
 
 @import '~font-awesome/scss/font-awesome.scss';
 @import "~bootstrap/scss/bootstrap";
+@import '~ngx-toastr/toastr-bs4-alert';
 
 /* roboto-condensed-regular - latin */
 @font-face {
@@ -62,4 +63,4 @@ ng\:form {
 
 .ng-anchor {
   position:absolute;
-}
+}

sonar/theme/templates/sonar/partial/dropdown_user.html

@@ -27,11 +27,11 @@ <h6 class="dropdown-header">{{current_user.email}}</h6>
         {{_('Super administration')}}
     </a>
     {% endif %}
-    {% if has_admin_access() %}
+    {% if has_user_access() %}
     <a class="dropdown-item" href="{{ url_for('sonar.manage')}}">
         {{_('Administration')}}
     </a>
     {% endif %}
 
     <a class="dropdown-item" href="{{url_for_security('logout')}}">{{_('Logout')}}</a>
-</div>
+</div>

sonar/theme/webpack.py

@@ -36,6 +36,7 @@
         'jquery': '^3.2',
         'bootstrap': '^4.3',
         'font-awesome': '^4.0',
+        'ngx-toastr': '^10.2.0',
         '@rero/sonar-ui': SONAR_APP_UI_VERSION
     }
 )

tests/ui/test_permissions.py

@@ -17,18 +17,38 @@
 
 """Test SONAR permissions."""
 
-from flask import url_for
 from invenio_accounts.testutils import login_user_via_view
 
 from sonar.modules.documents.api import DocumentRecord
 from sonar.modules.permissions import admin_permission_factory, \
     can_create_record_factory, can_delete_record_factory, \
     can_list_record_factory, can_read_record_factory, \
     can_update_record_factory, files_permission_factory, has_admin_access, \
-    has_super_admin_access
+    has_super_admin_access, has_user_access
 
 
-def test_has_admin_access(app, db, client, user_without_role_fixture,
+def test_has_user_access(app, client, user_without_role_fixture,
+                         user_fixture):
+    """Test if user has an admin access."""
+
+    app.config.update(SONAR_APP_DISABLE_PERMISSION_CHECKS=True)
+    assert has_user_access()
+
+    app.config.update(SONAR_APP_DISABLE_PERMISSION_CHECKS=False)
+    login_user_via_view(client,
+                        email=user_without_role_fixture.email,
+                        password='123456')
+
+    assert not has_user_access()
+
+    login_user_via_view(client,
+                        email=user_fixture.email,
+                        password='123456')
+
+    assert not has_user_access()
+
+
+def test_has_admin_access(app, client, user_without_role_fixture,
                           admin_user_fixture):
     """Test if user has an admin access."""
 
@@ -49,7 +69,7 @@ def test_has_admin_access(app, db, client, user_without_role_fixture,
     assert not has_admin_access()
 
 
-def test_has_super_admin_access(app, db, client, user_without_role_fixture,
+def test_has_super_admin_access(app, client, user_without_role_fixture,
                                 superadmin_user_fixture):
     """Test if user has a super admin access."""
     app.config.update(SONAR_APP_DISABLE_PERMISSION_CHECKS=True)
@@ -69,8 +89,7 @@ def test_has_super_admin_access(app, db, client, user_without_role_fixture,
     assert not has_super_admin_access()
 
 
-def test_permissions_factories(app, client, user_without_role_fixture,
-                               admin_user_fixture):
+def test_permissions_factories(app, client, admin_user_fixture):
     """Test is user can list record."""
     app.config.update(SONAR_APP_DISABLE_PERMISSION_CHECKS=True)