Class: Hyrax::PermissionTemplate

Inherits:
ActiveRecord::Base
  • Object
show all
Defined in:
app/models/hyrax/permission_template.rb

Overview

TODO:

write up what “default embargo behavior”, when it is applied, and how it interacts with embargoes specified by user input.

Holds policy data about the workflow and permissions applied objects when they are deposited through an Administrative Set or a Collection. Each template record has a #source (through #source_id); the template’s rules inform the behavior of objects deposited through that #source_model.

The PermissionTemplate specifies:

  • an #active_workflow that the object will enter and be processed through.

  • #access_grants that can be applied to each object (especially at deposit time).

  • an embargo configuration (#release_date #release_period) for default embargo behavior.

Additionally, the PermissionTemplate grants authority to perform actions that relate to the Administrative Set/Collection itself. Rules for who can deposit to, view(?!), or manage the admin set are governed by related PermissionTemplateAccess records. Administrat Sets should have a manager granted by some such record.

Examples:

cerating a permission template and manager for an admin set

admin_set = Hyrax::AdministrativeSet.new(title: 'My Admin Set')
admin_set = Hyrax.persister.save(resource: admin_set)

template = PermissionTemplate.create!(source_id: admin_set.id.to_s)
Hyrax::PermissionTemplateAccess.create!(permission_template: template,
                                       agent_type: Hyrax::PermissionTemplateAccess::USER,
                                       agent_id: user.user_key,
                                       access: Hyrax::PermissionTemplateAccess::MANAGE)

See Also:

Constant Summary collapse

RELEASE_TEXT_VALUE_FIXED =

Valid Release Period values

'fixed'
RELEASE_TEXT_VALUE_NO_DELAY = 
'now'
RELEASE_TEXT_VALUE_BEFORE_DATE =

Valid Release Varies sub-options

'before'
RELEASE_TEXT_VALUE_EMBARGO = 
'embargo'
RELEASE_TEXT_VALUE_6_MONTHS = 
'6mos'
RELEASE_TEXT_VALUE_1_YEAR = 
'1yr'
RELEASE_TEXT_VALUE_2_YEARS = 
'2yrs'
RELEASE_TEXT_VALUE_3_YEARS = 
'3yrs'
RELEASE_EMBARGO_PERIODS =

Key/value pair of valid embargo periods. Values are number of months embargoed.

{
  RELEASE_TEXT_VALUE_6_MONTHS => 6,
  RELEASE_TEXT_VALUE_1_YEAR => 12,
  RELEASE_TEXT_VALUE_2_YEARS => 24,
  RELEASE_TEXT_VALUE_3_YEARS => 36
}.freeze

Instance Attribute Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#access_grantsHyrax::PermissionTemplateAccess 



50
 
# File 'app/models/hyrax/permission_template.rb', line 50

has_many :access_grants, class_name: 'Hyrax::PermissionTemplateAccess', dependent: :destroy

#active_workflowSipity::Workflow 



50
 
# File 'app/models/hyrax/permission_template.rb', line 50

has_many :access_grants, class_name: 'Hyrax::PermissionTemplateAccess', dependent: :destroy

#available_workflowsEnumerable<Sipity::Workflow> 



50
 
# File 'app/models/hyrax/permission_template.rb', line 50

has_many :access_grants, class_name: 'Hyrax::PermissionTemplateAccess', dependent: :destroy

#source_idString 



50
 
# File 'app/models/hyrax/permission_template.rb', line 50

has_many :access_grants, class_name: 'Hyrax::PermissionTemplateAccess', dependent: :destroy

Instance Method Details

#admin_setAdminSet

Deprecated.

Use #source_model instead

A bit of an analogue for a ‘belongs_to :admin_set` as it crosses from Fedora to the DB

Raises:



94
95
96
97
98
99
100
 
# File 'app/models/hyrax/permission_template.rb', line 94

def admin_set
  Deprecation.warn('Use #source_model instead')
  return AdminSet.find(source_id) if AdminSet.exists?(source_id)
  raise Hyrax::ObjectNotFoundError
rescue ActiveFedora::ActiveFedoraError # TODO: remove the rescue when active_fedora issue #1276 is fixed
  raise Hyrax::ObjectNotFoundError
end

#agent_ids_for(agent_type:, access:) ⇒ Array<String>

Retrieve the agent_ids associated with the given agent_type and access



68
69
70
 
# File 'app/models/hyrax/permission_template.rb', line 68

def agent_ids_for(agent_type:, access:)
  access_grants.where(agent_type: agent_type, access: access).pluck(:agent_id)
end

#collectionCollection

Deprecated.

Use #source_model instead

A bit of an analogue for a ‘belongs_to :collection` as it crosses from Fedora to the DB

Raises:



106
107
108
109
110
111
112
 
# File 'app/models/hyrax/permission_template.rb', line 106

def collection
  Deprecation.warn('Use #source_model instead')
  return ::Collection.find(source_id) if ::Collection.exists?(source_id)
  raise Hyrax::ObjectNotFoundError
rescue ActiveFedora::ActiveFedoraError # TODO: remove the rescue when active_fedora issue #1276 is fixed
  raise Hyrax::ObjectNotFoundError
end

#edit_groupsArray<String> 



199
200
201
 
# File 'app/models/hyrax/permission_template.rb', line 199

def edit_groups
  agent_ids_for(access: 'manage', agent_type: 'group')
end

#edit_usersArray<String> 



193
194
195
 
# File 'app/models/hyrax/permission_template.rb', line 193

def edit_users
  agent_ids_for(access: 'manage', agent_type: 'user')
end

#read_groupsArray<String> 



212
213
214
215
216
 
# File 'app/models/hyrax/permission_template.rb', line 212

def read_groups
  (agent_ids_for(access: 'view', agent_type: 'group') +
    agent_ids_for(access: 'deposit', agent_type: 'group')).uniq -
    [::Ability.registered_group_name, ::Ability.public_group_name]
end

#read_usersArray<String> 



205
206
207
208
 
# File 'app/models/hyrax/permission_template.rb', line 205

def read_users
  (agent_ids_for(access: 'view', agent_type: 'user') +
    agent_ids_for(access: 'deposit', agent_type: 'user')).uniq
end

#release_before_date?Boolean

Does this permission template require a date (or embargo) that all works are released before NOTE: date will be in release_date



147
148
149
150
 
# File 'app/models/hyrax/permission_template.rb', line 147

def release_before_date?
  # All PermissionTemplate embargoes are dynamically determined release before dates
  release_period == RELEASE_TEXT_VALUE_BEFORE_DATE || release_max_embargo?
end

#release_dateObject

Override release_date getter to return a dynamically calculated date of release based one release requirements. Returns embargo date when release_max_embargo?==true. Returns today’s date when release_no_delay?==true.

See Also:



163
164
165
166
167
168
169
170
171
172
 
# File 'app/models/hyrax/permission_template.rb', line 163

def release_date
  # If no release delays allowed, return today's date as release date
  return Time.zone.today if release_no_delay?

  # If this isn't an embargo, just return release_date from database
  return self[:release_date] unless release_max_embargo?

  # Otherwise (if an embargo), return latest embargo date by adding specified months to today's date
  Time.zone.today + RELEASE_EMBARGO_PERIODS.fetch(release_period).months
end

#release_fixed_date?Boolean

Does this permission template require a specific date of release for all works NOTE: date will be in release_date



136
137
138
 
# File 'app/models/hyrax/permission_template.rb', line 136

def release_fixed_date?
  release_period == RELEASE_TEXT_VALUE_FIXED
end

#release_max_embargo?Boolean

Is there a maximum embargo period specified by this permission template NOTE: latest embargo date returned by release_date, maximum embargo period will be in release_period



154
155
156
157
 
# File 'app/models/hyrax/permission_template.rb', line 154

def release_max_embargo?
  # Is it a release period in one of our valid embargo periods?
  RELEASE_EMBARGO_PERIODS.key?(release_period)
end

#release_no_delay?Boolean

Does this permission template require no release delays (i.e. no embargoes allowed)



141
142
143
 
# File 'app/models/hyrax/permission_template.rb', line 141

def release_no_delay?
  release_period == RELEASE_TEXT_VALUE_NO_DELAY
end

#reset_access_controls(interpret_visibility: false) ⇒ Boolean 



222
223
224
225
 
# File 'app/models/hyrax/permission_template.rb', line 222

def reset_access_controls(interpret_visibility: false)
  reset_access_controls_for(collection: source_model,
                            interpret_visibility: interpret_visibility)
end

#reset_access_controls_for(collection:, interpret_visibility: false) ⇒ Boolean 



232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
 
# File 'app/models/hyrax/permission_template.rb', line 232

def reset_access_controls_for(collection:, interpret_visibility: false) # rubocop:disable Metrics/MethodLength
  interpreted_read_groups = read_groups

  if interpret_visibility
    visibilities = Hyrax::VisibilityMap.instance
    interpreted_read_groups -= visibilities.deletions_for(visibility: collection.visibility)
    interpreted_read_groups += visibilities.additions_for(visibility: collection.visibility)
  end

  case collection
  when Valkyrie::Resource
    collection.permission_manager.edit_groups = edit_groups
    collection.permission_manager.edit_users  = edit_users
    collection.permission_manager.read_groups = interpreted_read_groups
    collection.permission_manager.read_users  = read_users
    collection.permission_manager.acl.save
  else
    collection.update!(edit_users: edit_users,
                       edit_groups: edit_groups,
                       read_users: read_users,
                       read_groups: interpreted_read_groups.uniq)
  end
end

#sourceHyrax::Resource

Note:

this is a convenience method for Hyrax.query_service.find_by(id: template.source_id)

Returns the collection this template is associated with.



76
77
78
 
# File 'app/models/hyrax/permission_template.rb', line 76

def source
  Hyrax.query_service.find_by(id: source_id)
end

#source_modelAdminSet, ::Collection

A bit of an analogue for a ‘belongs_to :source_model` as it crosses from Fedora to the DB

Raises:



84
85
86
87
88
 
# File 'app/models/hyrax/permission_template.rb', line 84

def source_model
  ActiveFedora::Base.find(source_id)
rescue ActiveFedora::ObjectNotFoundError
  raise Hyrax::ObjectNotFoundError
end

#valid_release_date?(date) ⇒ Boolean

Determines whether a given release date is valid based on this template’s requirements



176
177
178
179
 
# File 'app/models/hyrax/permission_template.rb', line 176

def valid_release_date?(date)
  # Validate date against all release date requirements
  check_no_delay_requirements(date) && check_before_date_requirements(date) && check_fixed_date_requirements(date)
end

#valid_visibility?(value) ⇒ Boolean

Determines whether a given visibility setting is valid based on this template’s requirements



183
184
185
186
187
188
189
 
# File 'app/models/hyrax/permission_template.rb', line 183

def valid_visibility?(value)
  # If template doesn't specify a visiblity (i.e. is "varies"), then any visibility is valid
  return true if visibility.blank?

  # Validate that passed in value matches visibility requirement exactly
  visibility == value
end