Module: Hydra::AccessControls::Permissions

Extended by:

ActiveSupport::Concern, Deprecation

Includes:

Visibility

Included in:

Hydra::AdminPolicy, ModelMixins::RightsMetadata

Defined in:

app/models/concerns/hydra/access_controls/permissions.rb

Instance Method Summary

• #discover_groups ⇒ Object

  Return a list of groups that have discover permission.

• #discover_groups=(groups) ⇒ Object

  Grant discover permissions to the groups specified.

• #discover_groups_string ⇒ Object

  Display the groups a comma delimeted string.

• #discover_groups_string=(groups) ⇒ Object

  Grant discover permissions to the groups specified.

• #discover_users ⇒ Object
• #discover_users=(users) ⇒ Object

  Grant discover permissions to the users specified.

• #discover_users_string ⇒ Object

  Display the users as a comma delimeted string.

• #discover_users_string=(users) ⇒ Object

  Grant discover permissions to the groups specified.

• #edit_groups ⇒ Object

  Return a list of groups that have edit permission.

• #edit_groups=(groups) ⇒ Object

  Grant edit permissions to the groups specified.

• #edit_groups_string ⇒ Object

  Display the groups a comma delimeted string.

• #edit_groups_string=(groups) ⇒ Object

  Grant edit permissions to the groups specified.

• #edit_users ⇒ Object
• #edit_users=(users) ⇒ Object

  Grant edit permissions to the groups specified.

• #permissions ⇒ Object

  Returns a list with all the permissions on the object.

• #permissions=(attributes_collection) ⇒ Object

  permissions= added for backward compatibility of Hydra::AdminPolicy for hydra-head < 6.4.

• #permissions_attributes=(attributes_collection) ⇒ Object

  Updates those permissions that are provided to it.

• #read_groups ⇒ Object

  Return a list of groups that have discover permission.

• #read_groups=(groups) ⇒ Object

  Grant read permissions to the groups specified.

• #read_groups_string ⇒ Object

  Display the groups a comma delimeted string.

• #read_groups_string=(groups) ⇒ Object

  Grant read permissions to the groups specified.

• #read_users ⇒ Object
• #read_users=(users) ⇒ Object

  Grant read permissions to the users specified.

• #read_users_string ⇒ Object

  Display the users as a comma delimeted string.

• #read_users_string=(users) ⇒ Object

  Grant read permissions to the groups specified.

• #set_discover_groups(groups, eligible_groups) ⇒ Object

  Grant discover permissions to the groups specified.

• #set_discover_users(users, eligible_users) ⇒ Object

  Grant discover permissions to the users specified.

• #set_edit_groups(groups, eligible_groups) ⇒ Object

  Grant edit permissions to the groups specified.

• #set_edit_users(users, eligible_users) ⇒ Object

  Grant edit permissions to the users specified.

• #set_read_groups(groups, eligible_groups) ⇒ Object

  Grant read permissions to the groups specified.

• #set_read_users(users, eligible_users) ⇒ Object

  Grant read permissions to the users specified.

Methods included from Visibility

#visibility, #visibility=, #visibility_changed?

Instance Method Details

#discover_groups ⇒ Object

Return a list of groups that have discover permission

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 59

def discover_groups
  rightsMetadata.groups.map {|k, v| k if v == 'discover'}.compact
end

#discover_groups=(groups) ⇒ Object

Grant discover permissions to the groups specified. Revokes discover permission for all other groups. @param groups a list of group names

Examples:

r.discover_groups= ['one', 'two', 'three']
r.discover_groups 
=> ['one', 'two', 'three']

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 70

def discover_groups=(groups)
  set_discover_groups(groups, discover_groups)
end

#discover_groups_string ⇒ Object

Display the groups a comma delimeted string

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 86

def discover_groups_string
  self.discover_groups.join(', ')
end

#discover_groups_string=(groups) ⇒ Object

Grant discover permissions to the groups specified. Revokes discover permission for all other groups. @param groups a list of group names

Examples:

r.discover_groups_string= 'one, two, three'
r.discover_groups 
=> ['one', 'two', 'three']

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 81

def discover_groups_string=(groups)
  self.discover_groups=groups.split(/[\s,]+/)
end

#discover_users ⇒ Object

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 109

def discover_users
  rightsMetadata.individuals.map {|k, v| k if v == 'discover'}.compact
end

#discover_users=(users) ⇒ Object

Grant discover permissions to the users specified. Revokes discover permission for all other users. @param users a list of usernames

Examples:

r.discover_users= ['one', 'two', 'three']
r.discover_users 
=> ['one', 'two', 'three']

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 120

def discover_users=(users)
  set_discover_users(users, discover_users)
end

#discover_users_string ⇒ Object

Display the users as a comma delimeted string

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 136

def discover_users_string
  self.discover_users.join(', ')
end

#discover_users_string=(users) ⇒ Object

Grant discover permissions to the groups specified. Revokes discover permission for all other users. @param users a list of usernames

Examples:

r.discover_users_string= 'one, two, three'
r.discover_users 
=> ['one', 'two', 'three']

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 131

def discover_users_string=(users)
  self.discover_users=users.split(/[\s,]+/)
end

#edit_groups ⇒ Object

Return a list of groups that have edit permission

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 262

def edit_groups
  rightsMetadata.groups.map {|k, v| k if v == 'edit'}.compact
end

#edit_groups=(groups) ⇒ Object

Grant edit permissions to the groups specified. Revokes edit permission for all other groups. @param groups a list of group names

Examples:

r.edit_groups= ['one', 'two', 'three']
r.edit_groups 
=> ['one', 'two', 'three']

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 273

def edit_groups=(groups)
  set_edit_groups(groups, edit_groups)
end

#edit_groups_string ⇒ Object

Display the groups a comma delimeted string

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 289

def edit_groups_string
  self.edit_groups.join(', ')
end

#edit_groups_string=(groups) ⇒ Object

Grant edit permissions to the groups specified. Revokes edit permission for all other groups. @param groups a list of group names

Examples:

r.edit_groups_string= 'one, two, three'
r.edit_groups 
=> ['one', 'two', 'three']

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 284

def edit_groups_string=(groups)
  self.edit_groups=groups.split(/[\s,]+/)
end

#edit_users ⇒ Object

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 312

def edit_users
  rightsMetadata.individuals.map {|k, v| k if v == 'edit'}.compact
end

#edit_users=(users) ⇒ Object

Grant edit permissions to the groups specified. Revokes edit permission for all other groups. @param users a list of usernames

Examples:

r.edit_users= ['one', 'two', 'three']
r.edit_users 
=> ['one', 'two', 'three']

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 323

def edit_users=(users)
  set_edit_users(users, edit_users)
end

#permissions ⇒ Object

Returns a list with all the permissions on the object.

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 53

def permissions
  (rightsMetadata.groups.map {|x| Permission.new(type: 'group', access: x[1], name: x[0] )} + 
    rightsMetadata.individuals.map {|x|  Permission.new(type: 'user', access: x[1], name: x[0] )})
end

#permissions=(attributes_collection) ⇒ Object

permissions= added for backward compatibility of Hydra::AdminPolicy for hydra-head < 6.4

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 13

def permissions= attributes_collection
  Deprecation.warn(Permissions, "The permissions= method is deprecated and will be removed from Hydra::AccessControls::Permissions in hydra-head 7.0", caller)
  self.permissions_attributes = attributes_collection
end

#permissions_attributes=(attributes_collection) ⇒ Object

Updates those permissions that are provided to it. Does not replace any permissions unless they are provided

Examples:

obj.permissions_attributes= [{:name=>"group1", :access=>"discover", :type=>'group'},
{:name=>"group2", :access=>"discover", :type=>'group'}]

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 22

def permissions_attributes= attributes_collection
  perm_hash = {'person' => rightsMetadata.individuals, 'group'=> rightsMetadata.groups}

  if attributes_collection.is_a? Hash
    attributes_collection = attributes_collection.sort_by { |i, _| i.to_i }.map { |_, attributes| attributes }
  end

  attributes_collection.each do |row|
    row = row.with_indifferent_access
    if row[:type] == 'user' || row[:type] == 'person'
      if has_destroy_flag? row
        perm_hash['person'].delete(row[:name])
      else
        perm_hash['person'][row[:name]] = row[:access]
      end
    elsif row[:type] == 'group'
      perm_hash['group'][row[:name]] = row[:access]
      if has_destroy_flag? row
        perm_hash['group'].delete(row[:name])
      else
        perm_hash['group'][row[:name]] = row[:access]
      end
    else
      raise ArgumentError, "Permission type must be 'user', 'person' (alias for 'user'), or 'group'"
    end
  end
  
  rightsMetadata.permissions = perm_hash
end

#read_groups ⇒ Object

Return a list of groups that have discover permission

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 160

def read_groups
  rightsMetadata.groups.map {|k, v| k if v == 'read'}.compact
end

#read_groups=(groups) ⇒ Object

Grant read permissions to the groups specified. Revokes read permission for all other groups. @param groups a list of group names

Examples:

r.read_groups= ['one', 'two', 'three']
r.read_groups 
=> ['one', 'two', 'three']

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 171

def read_groups=(groups)
  set_read_groups(groups, read_groups)
end

#read_groups_string ⇒ Object

Display the groups a comma delimeted string

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 187

def read_groups_string
  self.read_groups.join(', ')
end

#read_groups_string=(groups) ⇒ Object

Grant read permissions to the groups specified. Revokes read permission for all other groups. @param groups a list of group names

Examples:

r.read_groups_string= 'one, two, three'
r.read_groups 
=> ['one', 'two', 'three']

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 182

def read_groups_string=(groups)
  self.read_groups=groups.split(/[\s,]+/)
end

#read_users ⇒ Object

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 210

def read_users
  rightsMetadata.individuals.map {|k, v| k if v == 'read'}.compact
end

#read_users=(users) ⇒ Object

Grant read permissions to the users specified. Revokes read permission for all other users. @param users a list of usernames

Examples:

r.read_users= ['one', 'two', 'three']
r.read_users 
=> ['one', 'two', 'three']

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 221

def read_users=(users)
  set_read_users(users, read_users)
end

#read_users_string ⇒ Object

Display the users as a comma delimeted string

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 237

def read_users_string
  self.read_users.join(', ')
end

#read_users_string=(users) ⇒ Object

Grant read permissions to the groups specified. Revokes read permission for all other users. @param users a list of usernames

Examples:

r.read_users_string= 'one, two, three'
r.read_users 
=> ['one', 'two', 'three']

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 232

def read_users_string=(users)
  self.read_users=users.split(/[\s,]+/)
end

#set_discover_groups(groups, eligible_groups) ⇒ Object

Grant discover permissions to the groups specified. Revokes discover permission for any of the eligible_groups that are not in groups. This may be used when different users are responsible for setting different groups. Supply the groups the current user is responsible for as the ‘eligible_groups’ @param groups a list of groups @param eligible_groups the groups that are eligible to have their discover permssion revoked.

Examples:

r.discover_groups = ['one', 'two', 'three']
r.discover_groups 
=> ['one', 'two', 'three']
r.set_discover_groups(['one'], ['three'])
r.discover_groups
=> ['one', 'two']  ## 'two' was not eligible to be removed

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 105

def set_discover_groups(groups, eligible_groups)
  set_entities(:discover, :group, groups, eligible_groups)
end

#set_discover_users(users, eligible_users) ⇒ Object

Grant discover permissions to the users specified. Revokes discover permission for any of the eligible_users that are not in users. This may be used when different users are responsible for setting different users. Supply the users the current user is responsible for as the ‘eligible_users’ @param users a list of users @param eligible_users the users that are eligible to have their discover permssion revoked.

Examples:

r.discover_users = ['one', 'two', 'three']
r.discover_users 
=> ['one', 'two', 'three']
r.set_discover_users(['one'], ['three'])
r.discover_users
=> ['one', 'two']  ## 'two' was not eligible to be removed

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 155

def set_discover_users(users, eligible_users)
  set_entities(:discover, :person, users, eligible_users)
end

#set_edit_groups(groups, eligible_groups) ⇒ Object

Grant edit permissions to the groups specified. Revokes edit permission for any of the eligible_groups that are not in groups. This may be used when different users are responsible for setting different groups. Supply the groups the current user is responsible for as the ‘eligible_groups’ @param groups a list of groups @param eligible_groups the groups that are eligible to have their edit permssion revoked.

Examples:

r.edit_groups = ['one', 'two', 'three']
r.edit_groups 
=> ['one', 'two', 'three']
r.set_edit_groups(['one'], ['three'])
r.edit_groups
=> ['one', 'two']  ## 'two' was not eligible to be removed

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 308

def set_edit_groups(groups, eligible_groups)
  set_entities(:edit, :group, groups, eligible_groups)
end

#set_edit_users(users, eligible_users) ⇒ Object

Grant edit permissions to the users specified. Revokes edit permission for any of the eligible_users that are not in users. This may be used when different users are responsible for setting different users. Supply the users the current user is responsible for as the ‘eligible_users’ @param users a list of users @param eligible_users the users that are eligible to have their edit permssion revoked.

Examples:

r.edit_users = ['one', 'two', 'three']
r.edit_users 
=> ['one', 'two', 'three']
r.set_edit_users(['one'], ['three'])
r.edit_users
=> ['one', 'two']  ## 'two' was not eligible to be removed

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 342

def set_edit_users(users, eligible_users)
  set_entities(:edit, :person, users, eligible_users)
end

#set_read_groups(groups, eligible_groups) ⇒ Object

Grant read permissions to the groups specified. Revokes read permission for any of the eligible_groups that are not in groups. This may be used when different users are responsible for setting different groups. Supply the groups the current user is responsible for as the ‘eligible_groups’ @param groups a list of groups @param eligible_groups the groups that are eligible to have their read permssion revoked.

Examples:

r.read_groups = ['one', 'two', 'three']
r.read_groups 
=> ['one', 'two', 'three']
r.set_read_groups(['one'], ['three'])
r.read_groups
=> ['one', 'two']  ## 'two' was not eligible to be removed

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 206

def set_read_groups(groups, eligible_groups)
  set_entities(:read, :group, groups, eligible_groups)
end

#set_read_users(users, eligible_users) ⇒ Object

Grant read permissions to the users specified. Revokes read permission for any of the eligible_users that are not in users. This may be used when different users are responsible for setting different users. Supply the users the current user is responsible for as the ‘eligible_users’ @param users a list of users @param eligible_users the users that are eligible to have their read permssion revoked.

Examples:

r.read_users = ['one', 'two', 'three']
r.read_users 
=> ['one', 'two', 'three']
r.set_read_users(['one'], ['three'])
r.read_users
=> ['one', 'two']  ## 'two' was not eligible to be removed

# File 'app/models/concerns/hydra/access_controls/permissions.rb', line 256

def set_read_users(users, eligible_users)
  set_entities(:read, :person, users, eligible_users)
end