Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure or Add Unit Tests for Non-Yale and Not on Campus Users #2919

Closed
2 tasks
K8Sewell opened this issue Aug 15, 2024 · 8 comments
Closed
2 tasks

Ensure or Add Unit Tests for Non-Yale and Not on Campus Users #2919

K8Sewell opened this issue Aug 15, 2024 · 8 comments
Assignees
@K8Sewell
Labels
HIGH PRIORITY
Milestone
Open with Permission

Comments

@K8Sewell
Copy link

K8Sewell commented Aug 15, 2024
edited
Loading

Summary

We need to make sure that we have test coverage that will mock IPs outside of the allowed list and verify that non-Yale / Cognito users do not have access to URLs that should be restricted. See tickets #2911 and #2912 for lists of protected URLs.

Acceptance Criteria

  • Verify that we have test coverage that mocks a variety of users and IPs regarding their access to the protected URLs
  • Add tests if insufficient test coverage is found
@sshetenhelm sshetenhelm added this to the Open with Permission milestone Aug 16, 2024
@K8Sewell K8Sewell self-assigned this Aug 21, 2024
@K8Sewell K8Sewell mentioned this issue Aug 26, 2024
Draft
@K8Sewell
Copy link
Author

K8Sewell commented Sep 3, 2024

PRs in progress:

@K8Sewell K8Sewell mentioned this issue Sep 3, 2024
Closed
@K8Sewell
Copy link
Author

K8Sewell commented Sep 4, 2024
edited
Loading

PR ready for review - yalelibrary/yul-dc-blacklight#1049

Types of users to ensure there is test coverage for in Blacklight:

  • Off Campus
  • Non Yale

Restricted URLs Test Coverage Status:

Management:

  • /management/api/download
    • yul-dc-blacklight/spec/requests/download_original_spec.rb
    • OC - present
    • NY - added
  • /management/api/permission_requests
    • yul-dc-blacklight/spec/requests/open_with_permission/create_permission_requests_request_spec.rb
    • yul-dc-blacklight/spec/system/open_with_permission/permission_request_confirmation_page_spec.rb
    • OC - present
    • NY - added
  • /management/api/permission_sets
    • yul-dc-blacklight/spec/requests/open_with_permission/create_permission_requests_request_spec.rb
    • yul-dc-blacklight/spec/requests/open_with_permission/owp_object_show_page_request_spec.rb
    • yul-dc-blacklight/spec/system/fulltext_search_spec.rb
    • yul-dc-blacklight/spec/system/open_with_permission/permission_request_confirmation_page_spec.rb
    • yul-dc-blacklight/spec/system/open_with_permission/user_requests_table_page_spec.rb
    • OC - present
    • NY - added
  • /management/api/user
    • Did not find this route in management routes.rb - also found no tests for it in management or blacklight
    • OC - N/A
    • NY - N/A
  • /management/agreement_term
    • yul-dc-blacklight/spec/system/open_with_permission/owp_agreement_term_spec.rb
    • OC - added
    • NY - added

Blacklight:

  • /annotation/oid/11781350/canvas/15014414/fulltext?oid=11781350&child_oid=15014414
    • yul-dc-blacklight/spec/requests/annotation_request_spec.rb
    • OC - present
    • NY - added
  • /iiif/2/15239177/full/!200,200/0/default.jpg
    • yul-dc-blacklight/spec/requests/iiif_request_spec.rb
    • OC - present
    • NY - added
  • /manifests/15238597
    • yul-dc-blacklight/spec/requests/manifests_request_spec.rb
    • OC - present
    • NY - added
  • /catalog/2005512/request_form
    • yul-dc-blacklight/spec/requests/open_with_permission/create_permission_requests_request_spec.rb
    • yul-dc-blacklight/spec/requests/open_with_permission/owp_object_show_page_request_spec.rb
    • yul-dc-blacklight/spec/system/show_page_spec.rb
    • yul-dc-blacklight/spec/system/open_with_permission/owp_agreement_term_spec.rb
    • OC - present
    • NY - present
  • /catalog/2005512/terms_and_conditions
    • yul-dc-blacklight/spec/requests/open_with_permission/create_permission_requests_request_spec.rb
    • OC - added
    • NY - added
  • /catalog/2005512/request_confirmation
    • yul-dc-blacklight/spec/system/open_with_permission/permission_request_confirmation_page_spec.rb
    • OC - present
    • NY - present
  • /pdfs/15238597.pdf
    • yul-dc-blacklight/spec/requests/pdfs_request_spec.rb
    • OC - present
    • NY - added
  • /download/tiff/15014414
    • yul-dc-blacklight/spec/requests/download_request_spec.rb
    • OC - present
    • NY - added
  • /download/tiff/15014414/staged
    • yul-dc-blacklight/spec/requests/download_request_spec.rb
    • OC - added
    • NY - added

@K8Sewell K8Sewell mentioned this issue Sep 4, 2024
Merged
@K8Sewell
Copy link
Author

K8Sewell commented Sep 5, 2024

Deployed to Test and Demo with release v1.63.9

@K8Sewell
Copy link
Author

K8Sewell commented Sep 5, 2024

Manual testing of OwP functionality mostly remains functional but I'm unable to view objects in blacklight that are part of a permission set that I am an approver for so taking back to in progress to fix the checking for admin access.

@K8Sewell
Copy link
Author

K8Sewell commented Sep 6, 2024

PR ready for review - yalelibrary/yul-dc-blacklight#1050

@K8Sewell
Copy link
Author

K8Sewell commented Sep 9, 2024

Deployed to Test with release v1.64.0

@K8Sewell
Copy link
Author

Issue with not adhering to approver/admin visibility is resolved. Will promote to UAT.

Image

@sshetenhelm
Copy link

Confirming that I can see all Kissinger OwP objects, as an Admin, and that I still need to request permission for objects from sets I'm not added to.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@K8Sewell K8Sewell

Labels
HIGH PRIORITY
Projects
None yet
Milestone
Open with Permission
Development

No branches or pull requests
2 participants
@K8Sewell @sshetenhelm