You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For an AccessControlList for a Hyrax::AdministrativeSet, which is a Valkyrie::Resource, that has grants and is persisted, when you try to retrieve the permissions, the permissions set is empty.
Expected behavior
When creating an ACL with grants and saving, ...
the ACL should have the grants in the permissions set prior to saving
the ACL should have the grants in the permissions set after saving
have the same permissions when a new ACL for the AdministrativeSet is created
Actual behavior
When creating an ACL with grants and saving, ...
the ACL DOES have the grants in the permissions set prior to saving
the ACL DOES NOT have the grants in the permissions set after saving
DOES NOT have the same permissions when a new ACL for the AdministrativeSet is created
Steps to reproduce the behavior
In rails console...
user = ::User.create(email: 'me@example.com', password: 'password')
group = Hyrax::Group.new('my_group')
as = Hyrax::AdministrativeSet.new(title: "My AdminSet")
as = Hyrax.persister.save(resource: as)
as.permission_manager.edit_users = [user.user_key]
as.permission_manager.edit_groups = [group]
as.permission_manager.acl.permissions
=> #<Set: {#<Hyrax::Permission access_to=#<Valkyrie::ID:..@id="m039k4882"> agent="me@example.com" mode=:edit>, #<Hyrax::Permission access_to=#<Valkyrie::ID:...@id="m039k4882"> agent="group/#<Hyrax::Group:0x00007fa2100ac788>" mode=:edit>}
as.permission_manager.acl.save
as.permission_manager.acl.permissions #<Set: {}>
as = Hyrax.persister.save(resource: as)
as.permission_manager.acl.permissions #<Set: {}>
NOTE: Using this same process with collections maintains the permissions after the final persisting of the collection.
I believe that something is not working in the ActiveFedoraConverter process. I can confirm that…
the admin set is created in Fedora and Solr
the ACL is created in Fedora and Solr
the ACL in Fedora correctly assigns accessTo
the admin set object in Fedora does NOT have accessControl assigned
the Solr doc for the ACL looks the same as the Solr doc for a collection ACL
the Solr doc for the admin set does NOT include accessControl_ssim (which is included in collection solr docs)
As a result, admin_set.permission_manager.edit_users.to_set is always empty. I can confirm that before the call to persister.save(resource: change_set.resource) in Hyrax::AccessControlList #save that the permissions are correctly assigned in the change_set.
It looks like the admin set doesn't have access_control_id assigned at any point in the process. For collections, access_control_id is assigned after the first persister.save call.
In wings persister, before calling af_object.save!access_control_id is nil for both collections and admin sets. After calling af_object.save!, collections have an id assigned for access_control_id, but admin sets have nil.
Descriptive summary
For an AccessControlList for a Hyrax::AdministrativeSet, which is a Valkyrie::Resource, that has grants and is persisted, when you try to retrieve the permissions, the permissions set is empty.
Expected behavior
When creating an ACL with grants and saving, ...
Actual behavior
When creating an ACL with grants and saving, ...
Steps to reproduce the behavior
In rails console...
NOTE: Using this same process with collections maintains the permissions after the final persisting of the collection.
Related work
Blocker for PR #5083
The text was updated successfully, but these errors were encountered: