Persist permissions by passing arg to save_acl step

samvera · Sep 23, 2022 · 33528ce · 33528ce
1 parent b6726a2
commit 33528ce
Show file tree

Hide file tree

Showing 4 changed files with 38 additions and 3 deletions.
diff --git a/app/controllers/concerns/hyrax/works_controller_behavior.rb b/app/controllers/concerns/hyrax/works_controller_behavior.rb
@@ -189,7 +189,8 @@ def create_valkyrie_work
           'work_resource.add_to_parent' => { parent_id: params[:parent_id], user: current_user },
           'work_resource.add_file_sets' => { uploaded_files: uploaded_files, file_set_params: params[hash_key_for_curation_concern][:file_set] },
           'change_set.set_user_as_depositor' => { user: current_user },
-          'work_resource.change_depositor' => { user: ::User.find_by_user_key(form.on_behalf_of) }
+          'work_resource.change_depositor' => { user: ::User.find_by_user_key(form.on_behalf_of) },
+          'work_resource.save_acl' => { permissions_params: form.input_params["permissions"] }
         )
         .call(form)
       @curation_concern = result.value_or { return after_create_error(transaction_err_msg(result)) }
@@ -202,7 +203,8 @@ def update_valkyrie_work
       result =
         transactions['change_set.update_work']
         .with_step_args('work_resource.add_file_sets' => { uploaded_files: uploaded_files, file_set_params: params[hash_key_for_curation_concern][:file_set] },
-                        'work_resource.update_work_members' => { work_members_attributes: work_members_attributes })
+                        'work_resource.update_work_members' => { work_members_attributes: work_members_attributes },
+                        'work_resource.save_acl' => { permissions_params: form.input_params["permissions"] })
         .call(form)
       @curation_concern = result.value_or { return after_update_error(transaction_err_msg(result)) }
       after_update_response

diff --git a/lib/hyrax/transactions/steps/save_access_control.rb b/lib/hyrax/transactions/steps/save_access_control.rb
@@ -22,7 +22,8 @@ def call(obj, permissions_params: [])
           acl = obj.permission_manager&.acl
           # Translate step args into Hyrax::Permission objects before saving
           Array(permissions_params).each do |param|
-            acl << param_to_permission(obj, param)
+            permission = param_to_permission(obj, param)
+            acl << permission if permission
           end
 
           acl&.save || (return Failure[:failed_to_save_acl, acl])
@@ -33,6 +34,7 @@ def call(obj, permissions_params: [])
         private
 
         def param_to_permission(obj, param)
+          return nil unless param["access"] && param["type"] && param["name"]
           mode = param["access"].to_sym
           agent = param["type"] == "group" ? "group/#{param['name']}" : param["name"]
           Hyrax::Permission.new(access_to: obj.id, mode: mode, agent: agent)

diff --git a/spec/controllers/concerns/hyrax/works_controller_behavior_spec.rb b/spec/controllers/concerns/hyrax/works_controller_behavior_spec.rb
@@ -123,6 +123,17 @@
         end
       end
 
+      context 'when granting additional permissions' do
+        let(:create_params) { { title: 'comet in moominland', permissions_attributes: { "0" => { type: 'person', access: 'read', name: 'foo@bar.com' } } } }
+
+        it 'saves the visibility' do
+          post :create, params: { test_simple_work: create_params }
+
+          expect(Hyrax::AccessControlList(assigns[:curation_concern]).permissions)
+            .to include(have_attributes(mode: :read, agent: 'foo@bar.com'))
+        end
+      end
+
       context 'when adding a collection' do
         let(:collection) { FactoryBot.valkyrie_create(:pcdm_collection) }
 
@@ -566,6 +577,17 @@
         end
       end
 
+      context 'and granting additional permissions' do
+        let(:update_params) { { title: 'comet in moominland', permissions_attributes: { "0" => { type: 'person', access: 'read', name: 'foo@bar.com' } } } }
+
+        it 'saves the visibility' do
+          post :update, params: { id: id, test_simple_work: update_params }
+
+          expect(Hyrax::AccessControlList(assigns[:curation_concern]).permissions)
+            .to include(have_attributes(mode: :read, agent: 'foo@bar.com'))
+        end
+      end
+
       context 'and error occurs' do
         let(:update_params) { { title: 'new title', visibility: 'open' } }
 

diff --git a/spec/hyrax/transactions/steps/save_access_control_spec.rb b/spec/hyrax/transactions/steps/save_access_control_spec.rb
@@ -42,6 +42,15 @@
                                     have_attributes(mode: :edit, agent: user.user_key),
                                     have_attributes(mode: :read, agent: 'group/admin'))
       end
+
+      context 'with invalid params' do
+        let(:params) { [{ "access" => "read", "type" => "group" }, { "type" => "person", "name" => "foo@bar.com" }, { "access" => "edit", "name" => "foo@bar.com" }] }
+
+        it 'does not persist the params' do
+          step.call(work, permissions_params: params)
+          expect(Hyrax::AccessControlList.new(resource: work).permissions).to contain_exactly(have_attributes(mode: :read, agent: user.user_key))
+        end
+      end
     end
   end