diff --git a/app/services/hyrax/collections/migration_service.rb b/app/services/hyrax/collections/migration_service.rb deleted file mode 100644 index 55c8088a45..0000000000 --- a/app/services/hyrax/collections/migration_service.rb +++ /dev/null @@ -1,113 +0,0 @@ -# frozen_string_literal: true -module Hyrax - module Collections - ## - # @deprecated this migration tool should no longer be useful after Hyrax 2.1.0; Removal is planned for 4.0 - # Responsible for migrating legacy collections. Legacy collections are those created before Hyrax 2.1.0 and - # are identified by the lack of the collection having a collection type gid. - class MigrationService - # @api public - # - # Migrate all legacy collections to extended collections with collection type assigned. Legacy collections are those - # created before Hyrax 2.1.0 and are identified by the lack of the collection having a collection type gid. - def self.migrate_all_collections - Deprecation.warn('This migration tool will be removed in Hyrax 4.0.0.') - - Hyrax.logger.info "*** Migrating #{::Collection.count} collections" - ::Collection.all.each do |col| - migrate_collection(col) - Hyrax.logger.info " migrating collection - id: #{col.id}, title: #{col.title}" - end - - AdminSet.all.each do |adminset| - migrate_adminset(adminset) - Hyrax.logger.info " migrating adminset - id: #{adminset.id}, title: #{adminset.title}" - end - Hyrax.logger.info "--- Migration Complete" - end - - # @api private - # - # Migrate a single legacy collection to extended collections with collection type assigned. Legacy collections are those - # created before Hyrax 2.1.0 and are identified by the lack of the collection having a collection type gid. - # - # @param collection [::Collection] collection object to be migrated - def self.migrate_collection(collection) - return if collection.collection_type_gid.present? # already migrated - collection.collection_type_gid = Hyrax::CollectionType.find_or_create_default_collection_type.to_global_id - create_permissions(collection) - collection.save - end - private_class_method :migrate_collection - - ## - # @api private - # - # Migrate a single adminset to grant depositors and viewers read access to the admin set unless the grant is for - # registered (authenticated users) or public (anyone) groups. The adjustment is being made to adminsets created - # before Hyrax 2.1.0. Migrating twice will not adversely impact the adminset. - # - # @param adminset [AdminSet] adminset object to be migrated - def self.migrate_adminset(adminset) - Hyrax::PermissionTemplateAccess.find_or_create_by(permission_template_id: adminset.permission_template.id, - agent_type: "group", agent_id: "admin", access: "manage") - - adminset.permission_template.reset_access_controls_for(collection: adminset) - end - private_class_method :migrate_adminset - - # @api public - # - # Validate that migrated collections have both the collection type gid assigned and the permission template with - # access created and associated with the collection. Any collection without collection type gid as nil or assigned - # the default collection type are ignored. - def self.repair_migrated_collections - Deprecation.warn('This migration tool will be removed in Hyrax 4.0.0.') - - Hyrax.logger.info "*** Repairing migrated collections" - ::Collection.all.each do |col| - repair_migrated_collection(col) - Hyrax.logger.info " repairing collection - id: #{col.id}, title: #{col.title}" - end - AdminSet.all.each do |adminset| - migrate_adminset(adminset) - Hyrax.logger.info " repairing adminset - id: #{adminset.id}, title: #{adminset.title}" - end - Hyrax.logger.info "--- Repairing Complete" - end - - # @api private - # - # Validate and repair a migrated collection if needed. - # - # @param collection [::Collection] collection object to be migrated/repaired - def self.repair_migrated_collection(collection) - return if collection.collection_type_gid.present? && collection.collection_type_gid != Hyrax::CollectionType.find_or_create_default_collection_type.to_global_id - collection.collection_type_gid = Hyrax::CollectionType.find_or_create_default_collection_type.to_global_id - permission_template = Hyrax::PermissionTemplate.find_by(source_id: collection.id) - if permission_template.present? - permission_template.reset_access_controls_for(collection: collection, interpret_visibility: true) - else - create_permissions(collection) - end - collection.save - end - private_class_method :repair_migrated_collection - - # @api private - # - # Determine if collection was already migrated. - # - # @param [Collection] collection object to be validated - def self.create_permissions(collection) - grants = [] - collection.edit_groups.each { |g| grants << { agent_type: 'group', agent_id: g, access: Hyrax::PermissionTemplateAccess::MANAGE } } - collection.edit_users.each { |u| grants << { agent_type: 'user', agent_id: u, access: Hyrax::PermissionTemplateAccess::MANAGE } } - collection.read_groups.each { |g| grants << { agent_type: 'group', agent_id: g, access: Hyrax::PermissionTemplateAccess::VIEW } } - collection.read_users.each { |u| grants << { agent_type: 'user', agent_id: u, access: Hyrax::PermissionTemplateAccess::VIEW } } - Hyrax::Collections::PermissionsCreateService.create_default(collection: collection, creating_user: ::User.find_by_user_key(collection.depositor), grants: grants) - end - private_class_method :create_permissions - end - end -end diff --git a/spec/services/hyrax/collections/migration_service_spec.rb b/spec/services/hyrax/collections/migration_service_spec.rb deleted file mode 100644 index 0f1f2ac0c3..0000000000 --- a/spec/services/hyrax/collections/migration_service_spec.rb +++ /dev/null @@ -1,470 +0,0 @@ -# frozen_string_literal: true - -# DON'T EVEN LOOK AT THESE TESTS! -# the service tested here is deprecated for removal and is only called from a -# rake task no one should be using after the 2.1.0 upgrade. if you're looking -# at these# tests, save yourself the trouble and move on -RSpec.describe Hyrax::Collections::MigrationService, clean_repo: true do - let(:user) { FactoryBot.create(:user) } - let(:editor1) { FactoryBot.create(:user) } - let(:editor2) { FactoryBot.create(:user) } - let(:reader1) { FactoryBot.create(:user) } - let(:reader2) { FactoryBot.create(:user) } - let(:manager1) { FactoryBot.create(:user) } - let(:manager2) { FactoryBot.create(:user) } - let(:depositor1) { FactoryBot.create(:user) } - let(:depositor2) { FactoryBot.create(:user) } - let(:viewer1) { FactoryBot.create(:user) } - let(:viewer2) { FactoryBot.create(:user) } - let(:default_gid) { FactoryBot.create(:user_collection_type).gid } - - describe ".migrate_all_collections" do - context 'when legacy collections are found (e.g. collections created before Hyrax 2.1.0)' do - let(:col_none) { FactoryBot.build(:typeless_collection, user: user, edit_users: [user.user_key], do_save: true) } - let(:col_vu) { FactoryBot.build(:typeless_collection, user: user, edit_users: [user.user_key], read_users: [reader1.user_key, reader2.user_key], do_save: true) } - let(:col_vg) { FactoryBot.build(:typeless_collection, user: user, edit_users: [user.user_key], read_groups: ['read_group_1', 'read_group_2'], do_save: true) } - let(:col_mu) { FactoryBot.build(:typeless_collection, user: user, edit_users: [user.user_key, editor1.user_key, editor2.user_key], do_save: true) } - let(:col_mg) { FactoryBot.build(:typeless_collection, user: user, edit_users: [user.user_key], edit_groups: ['edit_group_1', 'edit_group_2'], do_save: true) } - - it 'sets gid and adds permissions' do # rubocop:disable RSpec/ExampleLength - ::Collection.all.each do |col| - expect(col.collection_type_gid).to be_nil - expect { Hyrax::PermissionTemplate.find_by!(source_id: col.id) }.to raise_error ActiveRecord::RecordNotFound - end - - described_class.migrate_all_collections - - ::Collection.all.each do |col| - expect(col.collection_type_gid).to eq default_gid - pt_id = Hyrax::PermissionTemplate.find_by!(source_id: col.id) - expect(pt_id).not_to be_nil - expect_access(pt_id, 'user', :manage, col.edit_users) - expect_access(pt_id, 'group', :manage, col.edit_groups) - expect_access(pt_id, 'user', :deposit, []) - expect_access(pt_id, 'group', :deposit, []) - expect_access(pt_id, 'user', :view, col.read_users) - expect_access(pt_id, 'group', :view, col.read_groups) - end - end - end - - context 'when newer collections are found (e.g. collections created at or after Hyrax 2.1.0)' do - let(:collection) do - FactoryBot.create(:collection_lw, - id: 'col_newer', user: user, - with_permission_template: { manage_users: [manager1.user_key] }, - with_solr_document: true) - end - let(:permission_template) { collection.permission_template } - let(:collection_type_gid) { collection.collection_type_gid } - let(:edit_users) { collection.edit_users } - - it "doesn't change the collection" do - expect(collection.collection_type_gid).to eq collection_type_gid - expect(Hyrax::PermissionTemplate.find_by!(source_id: collection.id).id).to eq permission_template.id - expect_access(permission_template.id, 'user', :manage, [user.user_key, manager1.user_key]) - - described_class.migrate_all_collections - - expect(collection.collection_type_gid).to eq collection_type_gid - expect(Hyrax::PermissionTemplate.find_by!(source_id: collection.id).id).to eq permission_template.id - expect_access(permission_template.id, 'user', :manage, [user.user_key, manager1.user_key]) - end - end - - context 'when legacy adminsets are found (e.g. adminsets created before Hyrax 2.1.0)' do - let(:as_none) { FactoryBot.build(:no_solr_grants_adminset, id: 'as_none', user: user) } - let(:as_vu) { FactoryBot.build(:no_solr_grants_adminset, id: 'as_vu', user: user, with_permission_template: { view_users: [reader1.user_key, reader2.user_key] }) } - let(:as_vg) { FactoryBot.build(:no_solr_grants_adminset, id: 'as_vg', user: user, with_permission_template: { view_groups: ['read_group_1', 'read_group_2'] }) } - let(:as_du) { FactoryBot.build(:no_solr_grants_adminset, id: 'as_du', user: user, with_permission_template: { deposit_users: [depositor1.user_key, depositor2.user_key] }) } - let(:as_dg) { FactoryBot.build(:no_solr_grants_adminset, id: 'as_dg', user: user, with_permission_template: { deposit_groups: ['deposit_group_1', 'deposit_group_2'] }) } - let(:as_mu) { FactoryBot.build(:no_solr_grants_adminset, id: 'as_mu', user: user, with_permission_template: { manage_users: [editor1.user_key, editor2.user_key] }) } - let(:as_mg) { FactoryBot.build(:no_solr_grants_adminset, id: 'as_mg', user: user, with_permission_template: { manage_groups: ['edit_group_1', 'edit_group_2'] }) } - - before do - allow(AdminSet).to receive(:all).and_return([as_none, as_vu, as_vg, as_du, as_dg, as_mu, as_mg]) - end - - it 'sets read and edit access in solr doc' do # rubocop:disable RSpec/ExampleLength - AdminSet.all.each do |adminset| - expect(adminset.edit_users).to include(user.user_key) - expect(adminset.read_users).to eq [] - end - - described_class.migrate_all_collections - - AdminSet.all.each do |adminset| - pt_id = Hyrax::PermissionTemplate.find_by!(source_id: adminset.id) - expect(pt_id).not_to be_nil - expect_solr_access(pt_id, 'user', :manage, adminset.edit_users) - expect_solr_access(pt_id, 'group', :manage, adminset.edit_groups) - expect_solr_access(pt_id, 'user', :deposit, adminset.read_users) - expect_solr_access(pt_id, 'group', :deposit, adminset.read_groups) - expect_solr_access(pt_id, 'user', :view, adminset.read_users) - expect_solr_access(pt_id, 'group', :view, adminset.read_groups) - end - end - end - - context 'when newer adminsets are found (e.g. adminsets created at or after Hyrax 2.1.0)' do - let(:adminset) do - FactoryBot.build(:adminset_lw, - id: 'as_newer', user: user, - with_permission_template: { - manage_users: [editor1.user_key, editor2.user_key], - deposit_users: [depositor1.user_key, depositor2.user_key], - view_users: [viewer1.user_key, viewer2.user_key], - manage_groups: ['manage_group_1', 'manage_group_2'], - deposit_groups: ['deposit_group_1', 'deposit_group_2'], - view_groups: ['view_group_1', 'view_group_2'] - }, - with_solr_document: true) - end - let(:permission_template) { adminset.permission_template } - let(:edit_users) { adminset.edit_users } - - before do - allow(AdminSet).to receive(:all).and_return([adminset]) - end - - it "doesn't change the adminset" do # rubocop:disable RSpec/ExampleLength - pt_id = Hyrax::PermissionTemplate.find_by!(source_id: adminset.id).id - expect(pt_id).to eq permission_template.id - expect_solr_access(pt_id, 'user', :manage, adminset.edit_users) - expect_solr_access(pt_id, 'group', :manage, adminset.edit_groups) - expect_solr_access(pt_id, 'user', :deposit, adminset.read_users) - expect_solr_access(pt_id, 'group', :deposit, adminset.read_groups) - expect_solr_access(pt_id, 'user', :view, adminset.read_users) - expect_solr_access(pt_id, 'group', :view, adminset.read_groups) - - described_class.migrate_all_collections - - pt_id = Hyrax::PermissionTemplate.find_by!(source_id: adminset.id).id - expect(pt_id).to eq permission_template.id - expect_solr_access(pt_id, 'user', :manage, adminset.edit_users) - expect_solr_access(pt_id, 'group', :manage, adminset.edit_groups) - expect_solr_access(pt_id, 'user', :deposit, adminset.read_users) - expect_solr_access(pt_id, 'group', :deposit, adminset.read_groups) - expect_solr_access(pt_id, 'user', :view, adminset.read_users) - expect_solr_access(pt_id, 'group', :view, adminset.read_groups) - end - end - end - - describe ".repair_migrated_collections" do - context 'when legacy collections are found (e.g. collections created before Hyrax 2.1.0)' do - let(:col_none) { FactoryBot.build(:typeless_collection, id: 'col_none', user: user, edit_users: [user.user_key], do_save: true) } - let(:col_vu) { FactoryBot.build(:typeless_collection, id: 'col_vu', user: user, edit_users: [user.user_key], read_users: [reader1.user_key, reader2.user_key], do_save: true) } - let(:col_vg) { FactoryBot.build(:typeless_collection, id: 'col_vg', user: user, edit_users: [user.user_key], read_groups: ['read_group_1', 'read_group_2'], do_save: true) } - let(:col_mu) { FactoryBot.build(:typeless_collection, id: 'col_mu', user: user, edit_users: [user.user_key, editor1.user_key, editor2.user_key], do_save: true) } - let(:col_mg) { FactoryBot.build(:typeless_collection, id: 'col_mg', user: user, edit_users: [user.user_key], edit_groups: ['edit_group_1', 'edit_group_2'], do_save: true) } - - context "and collection wasn't migrated at all" do - let(:col_none) { FactoryBot.build(:typeless_collection_lw, user: user, edit_users: [user.user_key], read_users: [], do_save: true) } - let(:col_vu) { FactoryBot.build(:typeless_collection_lw, user: user, edit_users: [user.user_key], read_users: [reader1.user_key, reader2.user_key], do_save: true) } - let(:col_vg) { FactoryBot.build(:typeless_collection_lw, user: user, edit_users: [user.user_key], read_groups: ['read_group_1', 'read_group_2'], do_save: true) } - let(:col_mu) { FactoryBot.build(:typeless_collection_lw, user: user, edit_users: [user.user_key, editor1.user_key, editor2.user_key], do_save: true) } - let(:col_mg) { FactoryBot.build(:typeless_collection_lw, user: user, edit_users: [user.user_key], edit_groups: ['edit_group_1', 'edit_group_2'], do_save: true) } - - it 'sets gid and adds permissions' do # rubocop:disable RSpec/ExampleLength - ::Collection.all.each do |col| - expect(col.collection_type_gid).to be_nil - expect { Hyrax::PermissionTemplate.find_by!(source_id: col.id) }.to raise_error ActiveRecord::RecordNotFound - end - - described_class.repair_migrated_collections - - ::Collection.all.each do |col| - expect(col.collection_type_gid).to eq default_gid - pt_id = Hyrax::PermissionTemplate.find_by!(source_id: col.id) - expect(pt_id).not_to be_nil - expect_access(pt_id, 'user', :manage, col.edit_users) - expect_access(pt_id, 'group', :manage, col.edit_groups) - expect_access(pt_id, 'user', :view, col.read_users) - expect_access(pt_id, 'group', :view, col.read_groups) - end - end - end - - context "and collection type gid is set but permission template doesn't exist" do - let(:col_none) do - FactoryBot.build(:user_collection_lw, id: 'col_none', user: user, edit_users: [user.user_key], collection_type_gid: default_gid) - end - - let(:col_vu) do - FactoryBot.build(:user_collection_lw, id: 'col_vu', user: user, edit_users: [user.user_key], read_users: [reader1.user_key, reader2.user_key], collection_type_gid: default_gid) - end - - let(:col_vg) do - FactoryBot.build(:user_collection_lw, id: 'col_vg', user: user, edit_users: [user.user_key], read_groups: ['read_group_1', 'read_group_2'], collection_type_gid: default_gid) - end - - let(:col_mu) do - FactoryBot.build(:user_collection_lw, id: 'col_mu', user: user, edit_users: [user.user_key, editor1.user_key, editor2.user_key], collection_type_gid: default_gid) - end - - let(:col_mg) do - FactoryBot.build(:user_collection_lw, id: 'col_mg', user: user, edit_users: [user.user_key], edit_groups: ['edit_group_1', 'edit_group_2'], collection_type_gid: default_gid) - end - - it 'sets gid and adds permissions' do # rubocop:disable RSpec/ExampleLength - Collection.all.each do |col| - expect(col.collection_type_gid).to eq default_gid - expect { Hyrax::PermissionTemplate.find_by!(source_id: col.id) }.to raise_error ActiveRecord::RecordNotFound - end - - described_class.repair_migrated_collections - - Collection.all.each do |col| - expect(col.collection_type_gid).to eq default_gid - pt_id = Hyrax::PermissionTemplate.find_by!(source_id: col.id) - expect(pt_id).not_to be_nil - expect_access(pt_id, 'user', :manage, col.edit_users) - expect_access(pt_id, 'group', :manage, col.edit_groups) - expect_access(pt_id, 'user', :view, col.read_users) - expect_access(pt_id, 'group', :view, col.read_groups) - end - end - end - - context "and collection type gid isn't set but permission template exists with access set" do - let(:col_none) { FactoryBot.build(:typeless_collection, user: user, edit_users: [user.user_key], do_save: true, with_permission_template: true) } - - let(:col_vu) do - FactoryBot.build(:typeless_collection, user: user, edit_users: [user.user_key], read_users: [reader1.user_key, reader2.user_key], do_save: true, with_permission_template: true) - end - - let(:col_vg) do - FactoryBot.build(:typeless_collection, user: user, edit_users: [user.user_key], read_groups: ['read_group_1', 'read_group_2'], do_save: true, with_permission_template: true) - end - - let(:col_mu) do - FactoryBot.build(:typeless_collection, user: user, edit_users: [user.user_key, editor1.user_key, editor2.user_key], do_save: true, with_permission_template: true) - end - - let(:col_mg) do - FactoryBot.build(:typeless_collection, user: user, edit_users: [user.user_key], edit_groups: ['edit_group_1', 'edit_group_2'], do_save: true, with_permission_template: true) - end - - before do - pt_id = Hyrax::PermissionTemplate.find_by!(source_id: col_none.id) - create_access(pt_id, 'user', :manage, [user.user_key]) - - pt_id = Hyrax::PermissionTemplate.find_by!(source_id: col_vu.id) - create_access(pt_id, 'user', :manage, [user.user_key]) - create_access(pt_id, 'user', :view, col_vu.read_users) - - pt_id = Hyrax::PermissionTemplate.find_by!(source_id: col_vg.id) - create_access(pt_id, 'user', :manage, [user.user_key]) - create_access(pt_id, 'group', :view, col_vg.read_groups) - - pt_id = Hyrax::PermissionTemplate.find_by!(source_id: col_mu.id) - create_access(pt_id, 'user', :manage, col_mu.edit_users) - - pt_id = Hyrax::PermissionTemplate.find_by!(source_id: col_mg.id) - create_access(pt_id, 'user', :manage, [user.user_key]) - create_access(pt_id, 'group', :manage, col_mg.edit_groups) - end - - it 'sets gid' do # rubocop:disable RSpec/ExampleLength - ::Collection.all.each do |col| - expect(col.collection_type_gid).to be_nil - pt_id = Hyrax::PermissionTemplate.find_by!(source_id: col.id) - expect(pt_id).not_to be_nil - expect_access(pt_id, 'user', :manage, col.edit_users) - expect_access(pt_id, 'group', :manage, col.edit_groups) - expect_access(pt_id, 'user', :view, col.read_users) - expect_access(pt_id, 'group', :view, col.read_groups) - end - - described_class.repair_migrated_collections - - ::Collection.all.each do |col| - expect(col.collection_type_gid).to eq default_gid - pt_id = Hyrax::PermissionTemplate.find_by!(source_id: col.id) - expect(pt_id).not_to be_nil - expect_access(pt_id, 'user', :manage, col.edit_users) - expect_access(pt_id, 'group', :manage, col.edit_groups) - expect_access(pt_id, 'user', :view, col.read_users) - expect_access(pt_id, 'group', :view, col.read_groups) - end - end - end - - context "and collection type gid isn't set and permission template exists with access not set" do - let(:col_none) { FactoryBot.build(:typeless_collection, user: user, edit_users: [user.user_key], do_save: true, with_permission_template: true) } - - let(:col_vu) do - FactoryBot.build(:typeless_collection, user: user, edit_users: [user.user_key], read_users: [reader1.user_key, reader2.user_key], do_save: true, with_permission_template: true) - end - - let(:col_vg) do - FactoryBot.build(:typeless_collection, user: user, edit_users: [user.user_key], read_groups: ['read_group_1', 'read_group_2'], do_save: true, with_permission_template: true) - end - - let(:col_mu) do - FactoryBot.build(:typeless_collection, user: user, edit_users: [user.user_key, editor1.user_key, editor2.user_key], do_save: true, with_permission_template: true) - end - - let(:col_mg) do - FactoryBot.build(:typeless_collection, user: user, edit_users: [user.user_key], edit_groups: ['edit_group_1', 'edit_group_2'], do_save: true, with_permission_template: true) - end - - it 'sets gid and adds access permissions' do # rubocop:disable RSpec/ExampleLength - ::Collection.all.each do |col| - expect(col.collection_type_gid).to be_nil - pt_id = Hyrax::PermissionTemplate.find_by!(source_id: col.id) - expect(pt_id).not_to be_nil - expect_no_access(pt_id, 'user', :manage, col.edit_users) - expect_no_access(pt_id, 'group', :manage, col.edit_groups) - expect_no_access(pt_id, 'user', :view, col.read_users) - expect_no_access(pt_id, 'group', :view, col.read_groups) - end - - described_class.repair_migrated_collections - - Collection.all.each do |col| - expect(col.collection_type_gid).to eq default_gid - pt_id = Hyrax::PermissionTemplate.find_by!(source_id: col.id) - expect(pt_id).not_to be_nil - expect_access(pt_id, 'user', :manage, col.edit_users) - expect_access(pt_id, 'group', :manage, col.edit_groups) - expect_access(pt_id, 'user', :view, col.read_users) - expect_access(pt_id, 'group', :view, col.read_groups) - end - end - end - end - - context 'when newer collections are found (e.g. collections created at or after Hyrax 2.1.0)' do - let(:collection) do - FactoryBot.build(:collection_lw, id: 'col_newer', user: user, with_permission_template: true, collection_type_settings: [:discoverable], edit_users: [user.user_key]) - end - - let(:permission_template) { collection.permission_template } - let(:collection_type_gid) { collection.collection_type_gid } - let(:edit_users) { collection.edit_users } - - it "doesn't change the collection" do - expect(collection.collection_type_gid).to eq collection_type_gid - expect(Hyrax::PermissionTemplate.find_by!(source_id: collection.id).id).to eq permission_template.id - expect_access(permission_template.id, 'user', :manage, edit_users) - - described_class.repair_migrated_collections - - expect(collection.collection_type_gid).to eq collection_type_gid - expect(Hyrax::PermissionTemplate.find_by!(source_id: collection.id).id).to eq permission_template.id - expect_access(permission_template.id, 'user', :manage, edit_users) - end - end - - context 'when legacy adminsets are found (e.g. adminsets created before Hyrax 2.1.0)' do - let(:as_none) { FactoryBot.build(:no_solr_grants_adminset, id: 'as_none', user: user) } - let(:as_vu) { FactoryBot.build(:no_solr_grants_adminset, id: 'as_vu', user: user, with_permission_template: { view_users: [reader1.user_key, reader2.user_key] }) } - let(:as_vg) { FactoryBot.build(:no_solr_grants_adminset, id: 'as_vg', user: user, with_permission_template: { view_groups: ['read_group_1', 'read_group_2'] }) } - let(:as_du) { FactoryBot.build(:no_solr_grants_adminset, id: 'as_du', user: user, with_permission_template: { deposit_users: [depositor1.user_key, depositor2.user_key] }) } - let(:as_dg) { FactoryBot.build(:no_solr_grants_adminset, id: 'as_dg', user: user, with_permission_template: { deposit_groups: ['deposit_group_1', 'deposit_group_2'] }) } - let(:as_mu) { FactoryBot.build(:no_solr_grants_adminset, id: 'as_mu', user: user, with_permission_template: { manage_users: [editor1.user_key, editor2.user_key] }) } - let(:as_mg) { FactoryBot.build(:no_solr_grants_adminset, id: 'as_mg', user: user, with_permission_template: { manage_groups: ['edit_group_1', 'edit_group_2'] }) } - - before do - allow(AdminSet).to receive(:all).and_return([as_none, as_vu, as_vg, as_du, as_dg, as_mu, as_mg]) - end - - it 'sets read and edit access in solr doc' do # rubocop:disable RSpec/ExampleLength - AdminSet.all.each do |adminset| - expect(adminset.edit_users).to include(user.user_key) - expect(adminset.read_users).to eq [] - end - - described_class.repair_migrated_collections - - AdminSet.all.each do |adminset| - pt_id = Hyrax::PermissionTemplate.find_by!(source_id: adminset.id) - expect(pt_id).not_to be_nil - expect_solr_access(pt_id, 'user', :manage, adminset.edit_users) - expect_solr_access(pt_id, 'group', :manage, adminset.edit_groups) - expect_solr_access(pt_id, 'user', :deposit, adminset.read_users) - expect_solr_access(pt_id, 'group', :deposit, adminset.read_groups) - expect_solr_access(pt_id, 'user', :view, adminset.read_users) - expect_solr_access(pt_id, 'group', :view, adminset.read_groups) - end - end - end - - context 'when newer adminsets are found (e.g. adminsets created at or after Hyrax 2.1.0)' do - let(:adminset) do - FactoryBot.create(:adminset_lw, - id: 'as_newer', user: user, - with_permission_template: { - manage_users: [editor1.user_key, editor2.user_key], - deposit_users: [depositor1.user_key, depositor2.user_key], - view_users: [viewer1.user_key, viewer2.user_key], - manage_groups: ['manage_group_1', 'manage_group_2'], - deposit_groups: ['deposit_group_1', 'deposit_group_2'], - view_groups: ['view_group_1', 'view_group_2'] - }, - with_solr_document: true) - end - let(:permission_template) { adminset.permission_template } - let(:edit_users) { adminset.edit_users } - - before do - allow(AdminSet).to receive(:all).and_return([adminset]) - end - - it "doesn't change the adminset" do # rubocop:disable RSpec/ExampleLength - pt_id = Hyrax::PermissionTemplate.find_by!(source_id: adminset.id).id - expect(pt_id).to eq permission_template.id - expect_solr_access(pt_id, 'user', :manage, adminset.edit_users) - expect_solr_access(pt_id, 'group', :manage, adminset.edit_groups) - expect_solr_access(pt_id, 'user', :deposit, adminset.read_users) - expect_solr_access(pt_id, 'group', :deposit, adminset.read_groups) - expect_solr_access(pt_id, 'user', :view, adminset.read_users) - expect_solr_access(pt_id, 'group', :view, adminset.read_groups) - - described_class.repair_migrated_collections - - pt_id = Hyrax::PermissionTemplate.find_by!(source_id: adminset.id).id - expect(pt_id).to eq permission_template.id - expect_solr_access(pt_id, 'user', :manage, adminset.edit_users) - expect_solr_access(pt_id, 'group', :manage, adminset.edit_groups) - expect_solr_access(pt_id, 'user', :deposit, adminset.read_users) - expect_solr_access(pt_id, 'group', :deposit, adminset.read_groups) - expect_solr_access(pt_id, 'user', :view, adminset.read_users) - expect_solr_access(pt_id, 'group', :view, adminset.read_groups) - end - end - end - - def create_access(permission_template_id, agent_type, access, agent_ids) - agent_ids.each do |agent_id| - FactoryBot.create(:permission_template_access, - access, - permission_template: permission_template_id, - agent_type: agent_type, - agent_id: agent_id) - end - end - - def expect_access(permission_template_id, agent_type, access, agent_ids) - agent_ids.each do |agent_id| - pta = Hyrax::PermissionTemplateAccess.where(permission_template_id: permission_template_id, agent_type: agent_type, - access: access, agent_id: agent_id) - expect(pta).not_to be_empty - end - end - - def expect_no_access(permission_template_id, agent_type, access, agent_ids) - agent_ids.each do |agent_id| - pta = Hyrax::PermissionTemplateAccess.where(permission_template_id: permission_template_id, agent_type: agent_type, - access: access, agent_id: agent_id) - expect(pta).to be_empty - end - end - - def expect_solr_access(permission_template_id, pt_agent_type, pt_access, solrdoc_access) - ptas = Hyrax::PermissionTemplateAccess.where(permission_template_id: permission_template_id, agent_type: pt_agent_type, access: pt_access) - expect(solrdoc_access).to include(*ptas.map(&:agent_id)) - end -end