Bxc 4435 add permission (#1678)

sharonluong · Sharon Luong · web-flow · commit 5c6429819d09 · 2024-02-15T17:12:40.000-05:00
* BXC-4435 add new view settings permission and assign it to a user role

* BXC-4435 update terminology

---------

Co-authored-by: Sharon Luong &lt;snluong@email.lib.unc.edu&gt;
diff --git a/auth-api/src/main/java/edu/unc/lib/boxc/auth/api/Permission.java b/auth-api/src/main/java/edu/unc/lib/boxc/auth/api/Permission.java
@@ -27,6 +27,7 @@ public enum Permission {
     changePatronAccess,
     assignStaffRoles,
     editResourceType,
+    editViewSettings,
     runEnhancements,
     reindex;
-}
+}
diff --git a/auth-api/src/main/java/edu/unc/lib/boxc/auth/api/UserRole.java b/auth-api/src/main/java/edu/unc/lib/boxc/auth/api/UserRole.java
@@ -7,6 +7,7 @@
 import static edu.unc.lib.boxc.auth.api.Permission.destroy;
 import static edu.unc.lib.boxc.auth.api.Permission.editDescription;
 import static edu.unc.lib.boxc.auth.api.Permission.editResourceType;
+import static edu.unc.lib.boxc.auth.api.Permission.editViewSettings;
 import static edu.unc.lib.boxc.auth.api.Permission.ingest;
 import static edu.unc.lib.boxc.auth.api.Permission.markForDeletion;
 import static edu.unc.lib.boxc.auth.api.Permission.markForDeletionUnit;
@@ -53,7 +54,8 @@ public enum UserRole {
     // Staff roles
     canAccess("canAccess", true, canViewOriginals, viewHidden),
     canIngest("canIngest", true, canAccess, ingest),
-    canDescribe("canDescribe", true, canAccess, editDescription, bulkUpdateDescription),
+    canDescribe("canDescribe", true, canAccess,
+            editDescription, bulkUpdateDescription, editViewSettings),
     canProcess("canProcess", true, canDescribe,
             move, orderMembers, markForDeletion, changePatronAccess),
     canManage("canManage", true, canProcess,
diff --git a/services-camel-app/src/main/java/edu/unc/lib/boxc/services/camel/viewSettings/ViewSettingRequestProcessor.java b/services-camel-app/src/main/java/edu/unc/lib/boxc/services/camel/viewSettings/ViewSettingRequestProcessor.java
@@ -28,8 +28,8 @@ public void process(Exchange exchange) throws Exception {
         var agent = request.getAgent();
         var pid = PIDs.get(request.getObjectPidString());
 
-        accessControlService.assertHasAccess("User does not have permission to update view behavior",
-                pid, agent.getPrincipals(), Permission.ingest);
+        accessControlService.assertHasAccess("User does not have permission to update view settings",
+                pid, agent.getPrincipals(), Permission.editViewSettings);
 
         var repositoryObject = repositoryObjectLoader.getRepositoryObject(pid);
         var behavior = request.getViewBehavior();
diff --git a/services-camel-app/src/test/java/edu/unc/lib/boxc/services/camel/viewSettings/ViewSettingRequestProcessorTest.java b/services-camel-app/src/test/java/edu/unc/lib/boxc/services/camel/viewSettings/ViewSettingRequestProcessorTest.java
@@ -71,7 +71,7 @@ public void testUpdateViewBehaviorNoPermission() throws Exception {
 
         Assertions.assertThrows(AccessRestrictionException.class, () -> {
             doThrow(new AccessRestrictionException()).when(accessControlService)
-                    .assertHasAccess(any(), any(PID.class), any(), eq(Permission.ingest));
+                    .assertHasAccess(any(), any(PID.class), any(), eq(Permission.editViewSettings));
             processor.process(exchange);
         });
     }

Original file line number	Diff line number	Diff line change
`@@ -71,7 +71,7 @@ public void testUpdateViewBehaviorNoPermission() throws Exception {`
`71`	`71`
`72`	`72`	`Assertions.assertThrows(AccessRestrictionException.class, () -> {`
`73`	`73`	`doThrow(new AccessRestrictionException()).when(accessControlService)`
`74`		`- .assertHasAccess(any(), any(PID.class), any(), eq(Permission.ingest));`
	`74`	`+ .assertHasAccess(any(), any(PID.class), any(), eq(Permission.editViewSettings));`
`75`	`75`	`processor.process(exchange);`
`76`	`76`	`});`
`77`	`77`	`}`