Sha256: bdf844db62c17a08491521ef25f7b885336f95f95d6a3cd7446e651d0fce43e6
Contents?: true
Size: 1.13 KB
Versions: 2
Compression:
Stored size: 1.13 KB
Contents
module Ddr
module Auth
#
# Hydra controller mixin for role-based access control
#
# Overrides Hydra::AccessControlsEnforcement#gated_discovery_filters
# to apply role filters instead of permissions filters.
#
module RoleBasedAccessControlsEnforcement
# List of PIDs for policies on which any of the current user's principals has a policy role
def role_policies
filters = current_user.agents.map { |agent| "policy_role_sim:\"#{agent}\"" }.join(" OR ")
query = "#{Ddr::IndexFields::ACTIVE_FEDORA_MODEL}:Collection AND (#{filters})"
results = ActiveFedora::SolrService.query(query, rows: Collection.count, fl: "id")
results.map { |r| r["id"] }
end
def policy_role_filters
rels = role_policies.map { |pid| [:is_governed_by, pid] }
ActiveFedora::SolrService.construct_query_for_rel(rels, "OR")
end
def resource_role_filters
current_user.agents.map { |agent| "resource_role_sim:\"#{agent}\"" }.join(" OR ")
end
def gated_discovery_filters
[resource_role_filters, policy_role_filters]
end
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| ddr-models-1.13.1 | lib/ddr/auth/role_based_access_controls_enforcement.rb |
| ddr-models-1.13.0 | lib/ddr/auth/role_based_access_controls_enforcement.rb |