Module: Hydra::AccessControlsEnforcement

Extended by:
ActiveSupport::Concern, Deprecation
Defined in:
lib/hydra/access_controls_enforcement.rb

Instance Method Summary collapse

Instance Method Details

#enforce_access_controls(opts = {}) ⇒ Object

Deprecated.

HYDRA-886 Blacklight is now using Catalog#update to store pagination info, so we don’t want to enforce_edit_permissions on it. Instead just call before_filter :enforce_show_permissions, :only=>:show. Move all Edit/Update/Delete methods into non-catalog backed controllers.

Controller “before” filter that delegates enforcement based on the controller action Action-specific implementations are enforce_index_permissions, enforce_show_permissions, etc.

Examples:

class CatalogController < ApplicationController  
  before_filter :enforce_access_controls
end

Parameters:

  • opts (Hash) (defaults to: {})

    (optional, not currently used)



35
36
37
38
39
40
41
42
43
 
# File 'lib/hydra/access_controls_enforcement.rb', line 35

def enforce_access_controls(opts={})
  controller_action = params[:action].to_s
  delegate_method = "enforce_#{controller_action}_permissions"
  if self.respond_to?(delegate_method.to_sym, true)
    self.send(delegate_method.to_sym)
  else
    true
  end
end

#get_permissions_solr_response_for_doc_id(id = nil, extra_controller_params = {}) ⇒ Object

a solr query method retrieve a solr document, given the doc id Modeled on Blacklight::SolrHelper.get_permissions_solr_response_for_doc_id

Parameters:

  • id (String) (defaults to: nil)

    of the documetn to retrieve

  • extra_controller_params (Hash) (defaults to: {})

    (optional)

Raises:

  • (Blacklight::Exceptions::InvalidSolrID) 


70
71
72
73
74
75
76
77
78
79
80
81
 
# File 'lib/hydra/access_controls_enforcement.rb', line 70

def get_permissions_solr_response_for_doc_id(id=nil, extra_controller_params={})
  raise Blacklight::Exceptions::InvalidSolrID.new("The application is trying to retrieve permissions without specifying an asset id") if id.nil?
  #solr_response = Blacklight.solr.get permissions_solr_doc_params(id).merge(extra_controller_params)
  #path = blacklight_config.solr_path
  solr_opts = permissions_solr_doc_params(id).merge(extra_controller_params)
  response = Blacklight.solr.get('select', :params=> solr_opts)
  solr_response = Blacklight::SolrResponse.new(force_to_utf8(response), solr_opts)

  raise Blacklight::Exceptions::InvalidSolrID.new("The solr permissions search handler didn't return anything for id \"#{id}\"") if solr_response.docs.empty?
  document = SolrDocument.new(solr_response.docs.first, solr_response)
  [solr_response, document]
end

#load_permissions_from_solr(id = , extra_controller_params = {}) ⇒ Object

Loads permissions info into @permissions_solr_response and @permissions_solr_document



84
85
86
87
88
 
# File 'lib/hydra/access_controls_enforcement.rb', line 84

def load_permissions_from_solr(id=params[:id], extra_controller_params={})
  unless !@permissions_solr_document.nil? && !@permissions_solr_response.nil?
    @permissions_solr_response, @permissions_solr_document = get_permissions_solr_response_for_doc_id(id, extra_controller_params)
  end
end

#permissions_solr_doc_params(id = nil) ⇒ Object

returns a params hash with the permissions info for a single solr document If the id arg is nil, then the value is fetched from params This method is primary called by the get_permissions_solr_response_for_doc_id method. Modeled on Blacklight::SolrHelper.solr_doc_params

Parameters:

  • id (String) (defaults to: nil)

    of the documetn to retrieve



56
57
58
59
60
61
62
63
 
# File 'lib/hydra/access_controls_enforcement.rb', line 56

def permissions_solr_doc_params(id=nil)
  id ||= params[:id]
  # just to be consistent with the other solr param methods:
  {
    :qt => :permissions,
    :id => id # this assumes the document request handler will map the 'id' param to the unique key field
  }
end