Module: Hydra::AccessControlsEnforcement
- Extended by:
- ActiveSupport::Concern, Deprecation
- Defined in:
- lib/hydra/access_controls_enforcement.rb
Instance Method Summary collapse
-
#enforce_access_controls(opts = {}) ⇒ Object
deprecated
Deprecated.
HYDRA-886 Blacklight is now using Catalog#update to store pagination info, so we don’t want to enforce_edit_permissions on it. Instead just call before_filter :enforce_show_permissions, :only=>:show. Move all Edit/Update/Delete methods into non-catalog backed controllers.
-
#get_permissions_solr_response_for_doc_id(id = nil, extra_controller_params = {}) ⇒ Object
a solr query method retrieve a solr document, given the doc id Modeled on Blacklight::SolrHelper.get_permissions_solr_response_for_doc_id.
-
#load_permissions_from_solr(id = , extra_controller_params = {}) ⇒ Object
Loads permissions info into @permissions_solr_response and @permissions_solr_document.
-
#permissions_solr_doc_params(id = nil) ⇒ Object
returns a params hash with the permissions info for a single solr document If the id arg is nil, then the value is fetched from params This method is primary called by the get_permissions_solr_response_for_doc_id method.
Instance Method Details
#enforce_access_controls(opts = {}) ⇒ Object
HYDRA-886 Blacklight is now using Catalog#update to store pagination info, so we don’t want to enforce_edit_permissions on it. Instead just call before_filter :enforce_show_permissions, :only=>:show. Move all Edit/Update/Delete methods into non-catalog backed controllers.
Controller “before” filter that delegates enforcement based on the controller action Action-specific implementations are enforce_index_permissions, enforce_show_permissions, etc.
35 36 37 38 39 40 41 42 43 |
# File 'lib/hydra/access_controls_enforcement.rb', line 35 def enforce_access_controls(opts={}) controller_action = params[:action].to_s delegate_method = "enforce_#{controller_action}_permissions" if self.respond_to?(delegate_method.to_sym, true) self.send(delegate_method.to_sym) else true end end |
#get_permissions_solr_response_for_doc_id(id = nil, extra_controller_params = {}) ⇒ Object
a solr query method retrieve a solr document, given the doc id Modeled on Blacklight::SolrHelper.get_permissions_solr_response_for_doc_id
70 71 72 73 74 75 76 77 78 79 80 81 |
# File 'lib/hydra/access_controls_enforcement.rb', line 70 def (id=nil, extra_controller_params={}) raise Blacklight::Exceptions::InvalidSolrID.new("The application is trying to retrieve permissions without specifying an asset id") if id.nil? #solr_response = Blacklight.solr.get permissions_solr_doc_params(id).merge(extra_controller_params) #path = blacklight_config.solr_path solr_opts = (id).merge(extra_controller_params) response = Blacklight.solr.get('select', :params=> solr_opts) solr_response = Blacklight::SolrResponse.new(force_to_utf8(response), solr_opts) raise Blacklight::Exceptions::InvalidSolrID.new("The solr permissions search handler didn't return anything for id \"#{id}\"") if solr_response.docs.empty? document = SolrDocument.new(solr_response.docs.first, solr_response) [solr_response, document] end |
#load_permissions_from_solr(id = , extra_controller_params = {}) ⇒ Object
Loads permissions info into @permissions_solr_response and @permissions_solr_document
84 85 86 87 88 |
# File 'lib/hydra/access_controls_enforcement.rb', line 84 def (id=params[:id], extra_controller_params={}) unless !@permissions_solr_document.nil? && !@permissions_solr_response.nil? @permissions_solr_response, @permissions_solr_document = (id, extra_controller_params) end end |
#permissions_solr_doc_params(id = nil) ⇒ Object
returns a params hash with the permissions info for a single solr document If the id arg is nil, then the value is fetched from params This method is primary called by the get_permissions_solr_response_for_doc_id method. Modeled on Blacklight::SolrHelper.solr_doc_params
56 57 58 59 60 61 62 63 |
# File 'lib/hydra/access_controls_enforcement.rb', line 56 def (id=nil) id ||= params[:id] # just to be consistent with the other solr param methods: { :qt => :permissions, :id => id # this assumes the document request handler will map the 'id' param to the unique key field } end |