Fix visibility prompt bug

[abelemlih]

Fixes

Fixes #6537

Summary

When saving a work in Sirenia, users consistently receive a prompt to verify changes to visibility, even when they did not make any edits to visibility. This is due to an underlying bug in comparing saved permissions with new permissions.

Guidance for testing, such as acceptance criteria or new user interface behaviors:

1. Login as an Admin user
2. Go to Dashboard > Works > All Works
3. Edit a work deposited by a different user OR a work you deposited
4. Make a minor metadata-only edit somewhere in the Description tab (do not adjust Visibility)
5. Save the changes
6. Verify that you cannot see the prompt to "Apply changes to contents? You have changed the access level..."

Type of change (for release notes)

• notes-bugfix Bug Fixes

Detailed Description

the underlying problem is in this method in app/controllers/concerns/hyrax/works_controller_behavior.rb:

def permissions_changed?
      @saved_permissions !=
        case curation_concern
        when ActiveFedora::Base
          curation_concern.permissions.map(&:to_hash)
        else
          Hyrax::AccessControl.for(resource: curation_concern).permissions
        end
end

when using Valkyrie, the array comparison between @saved_permissions and Hyrax::AccessControl.for(resource: curation_concern).permissions is always returning false even when permissions are exactly the same, because order in the two arrays is not always the same.

Changes proposed in this pull request:

• Replace comparing arrays with comparing array sizes and checking that each permission in the new permissions array exists in the saved permissions set

@samvera/hyrax-code-reviewers

[github-actions]

Test Results

    9 files  ±0      9 suites  ±0   16m 48s ⏱️ +7s
4 759 tests ±0  4 696 ✅ ±0  63 💤 ±0  0 ❌ ±0 
6 491 runs  ±0  6 428 ✅ ±0  63 💤 ±0  0 ❌ ±0 

Results for commit a81a2ba. ± Comparison against base commit 4d2c654.

This pull request removes 100 and adds 100 tests. Note that renamed tests count towards both.

spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates a user without edit access is expected not to be able to create #<Hyrax::PermissionTemplate:0x00007f3499610150>
spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates a user without edit access is expected not to be able to create #<Hyrax::PermissionTemplateAccess:0x00007f349045ec48>
spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates a user without edit access is expected not to be able to destroy Hyrax::AdministrativeSet: 9591d9c7-9508-4ffd-b2be-f57a55ae9895
spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates a user without edit access is expected not to be able to edit Hyrax::AdministrativeSet: efbb557d-140f-4a84-bab1-216093f8aca0
spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates a user without edit access is expected not to be able to update Hyrax::AdministrativeSet: 476c198b-b1ef-41f1-b058-74449b22d305
spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates as admin behaves like A user with additional access is expected to be able to create #<Hyrax::PermissionTemplate:0x00007f349961b2d0>
spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates as admin behaves like A user with additional access is expected to be able to create #<Hyrax::PermissionTemplateAccess:0x00007f34904c67d0>
spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates as admin behaves like A user with additional access is expected to be able to destroy Hyrax::AdministrativeSet: 38c0fa8d-3525-43af-bd71-457c16642117
spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates as admin behaves like A user with additional access is expected to be able to edit Hyrax::AdministrativeSet: 691e909d-0a0a-448e-82fe-24e1b880f739
spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates as admin behaves like A user with additional access is expected to be able to update Hyrax::AdministrativeSet: f73f65f0-254b-4db1-a5aa-40bd3c27b016
…

spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates a user without edit access is expected not to be able to create #<Hyrax::PermissionTemplate:0x00007f13ea369610>
spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates a user without edit access is expected not to be able to create #<Hyrax::PermissionTemplateAccess:0x00007f13eaa4be10>
spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates a user without edit access is expected not to be able to destroy Hyrax::AdministrativeSet: 3b5a0870-3b1d-4c58-bcf4-701f957505fd
spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates a user without edit access is expected not to be able to edit Hyrax::AdministrativeSet: 3ab4cf1e-2fb6-4be1-be80-4264573175cb
spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates a user without edit access is expected not to be able to update Hyrax::AdministrativeSet: 2238db2b-9fbe-4bfd-b774-8349f266c806
spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates as admin behaves like A user with additional access is expected to be able to create #<Hyrax::PermissionTemplate:0x00007f13eab98840>
spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates as admin behaves like A user with additional access is expected to be able to create #<Hyrax::PermissionTemplateAccess:0x00007f13eac43858>
spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates as admin behaves like A user with additional access is expected to be able to destroy Hyrax::AdministrativeSet: 31a2ea8d-9466-41be-a5e8-a7d8b1be03d7
spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates as admin behaves like A user with additional access is expected to be able to edit Hyrax::AdministrativeSet: 32f7698a-bf44-42e1-98b9-8a2bae0d2c05
spec.abilities.ability_spec ‑ Hyrax::Ability AdminSets and PermissionTemplates as admin behaves like A user with additional access is expected to be able to update Hyrax::AdministrativeSet: d5a61a91-a218-466b-9140-fa2cf891aae9
…

♻️ This comment has been updated with latest results.