819740be-c56e-4036-85dc-7cab1fcd6c0a

Committed 06 Nov 2025 08:20PM UTC coverage: 91.166% (-0.04%) from 91.201%

Build # 819740be-c56e-4036-85dc-7cab1fcd6c0a

Build Type

Pull #2164

circleci

Committed by

hectorcorrea

Commit Message

Fixes bug in check for user_has_access for data users

Pull Request Pull Request #2164: Fixes bug in check for user_has_access for data users

Run Details

0 of 2 new or added lines in 1 file covered. (0.0%)

937 existing lines in 35 files now uncovered.

2838 of 3113 relevant lines covered (91.17%)

544.72 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

92.03

/app/models/project.rb

# frozen_string_literal: true
class Project < ApplicationRecord

  validates_with ProjectValidator
  has_many :provenance_events, dependent: :destroy
  before_save do |project|
    # Ensure that the metadata JSONB postgres field is persisted properly
    project.metadata = project.metadata_model
  end

  # Valid project status described in ADR 7
  # See `architecture-decisions/0007-valid-project-statuses.md`
  APPROVED_STATUS = "approved"
  ACTIVE_STATUS = "active"

  delegate :to_json, to: :metadata_json # field in the database

  def create!(initial_metadata:, user:)
    self.metadata_model = initial_metadata
    if self.valid?
      if initial_metadata.project_id == ProjectMetadata::DOI_NOT_MINTED
        self.draft_doi(user: user)
        self.save!
        ProvenanceEvent.generate_submission_events(project: self, user: user)
      else
        self.save!
      end
      # return doi
      self.metadata_model.project_id
    else
      nil
    end
  end

  def activate(current_user:)
    raise StandardError.new("Only approved projects can be activated") if self.status != Project::APPROVED_STATUS
    metadata_request = Mediaflux::AssetMetadataRequest.new(session_token: current_user.mediaflux_session, id: self.mediaflux_id)
    metadata_request.resolve
    raise metadata_request.response_error if metadata_request.error?
    if self.title == metadata_request.metadata[:title]
      self.metadata_model.status = Project::ACTIVE_STATUS
      self.save!
    else
      raise StandardError.new("Title mismatch: #{self.title} != #{metadata_request.metadata[:title]}")
    end
  end

  def draft_doi(user: nil)
    puldatacite = PULDatacite.new
    self.metadata_model.project_id = puldatacite.draft_doi
  end

  # Ideally this method should return a ProjectMetadata object (like `metadata_model` does)
  # but we'll keep them both while we are refactoring the code so that we don't break
  # everything at once since `metadata` is used everywhere.
  def metadata
    @metadata_hash = (metadata_json || {}).with_indifferent_access
  end

  def metadata_model
    @metadata_model ||= ProjectMetadata.new_from_hash(self.metadata)
  end

  def metadata_model=(new_metadata_model)
    @metadata_model = new_metadata_model
  end

  def metadata=(metadata_model)
    # Convert our metadata to a hash so it can be saved on our JSONB field
    metadata_hash = JSON.parse(metadata_model.to_json)
    self.metadata_json = metadata_hash
  end

  def title
    self.metadata_model.title
  end

  def departments
    unsorted = metadata_model.departments || []
    unsorted.sort
  end

  def project_directory
    metadata_model.project_directory || ""
  end

  def project_directory_short
    project_directory
  end

  def status
    metadata_model.status
  end

  def in_mediaflux?
    mediaflux_id.present?
  end

  # This method narrows the list down returned by `all_projects` to only those projects where the user has
  # been given a role (e.g. sponsor, manager, or data user.) For most users `all_projects` and `user_projects`
  # are identical, but for administrators the lists can be very different since they are not part of most
  # projects even though they have access to them in Mediaflux.
  def self.users_projects(user)
    all_projects(user).select do |project|
      project[:data_manager] == user.uid || project[:data_sponsor] == user.uid || project[:data_users].include?(user.uid)
    end
  end

  # Returns the projects that the current user has access in Mediaflux given their credentials
  def self.all_projects(user)
    request = Mediaflux::ProjectListRequest.new(session_token: user.mediaflux_session, aql_query: "xpath(tigerdata:project/ProjectID) has value")
    request.results
  end

  def created_by_user
    User.find_by(uid: metadata_model.created_by)
  end

  # @return [String] XML representation of the <meta> element
  def mediaflux_meta_xml(user:)
    doc = ProjectMediaflux.document(project: self, user: user)
    doc.xpath("/response/reply/result/asset/meta").to_s
  end

  def mediaflux_metadata(session_id:)
    @mediaflux_metadata ||= begin
      metadata_request = Mediaflux::AssetMetadataRequest.new(session_token: session_id, id: mediaflux_id)
      metadata_request.metadata
    end
    @mediaflux_metadata
  end

  def asset_count(session_id:)
    values = mediaflux_metadata(session_id:)
    values.fetch(:total_file_count, 0)
  end

  def self.default_storage_unit
    "KB"
  end

  def self.default_storage_usage
    "0 #{default_storage_unit}"
  end

  def storage_usage(session_id:)
    values = mediaflux_metadata(session_id:)
    values.fetch(:quota_used, self.class.default_storage_usage) # if the storage is empty use the default
  end

  def storage_usage_raw(session_id:)
    values = mediaflux_metadata(session_id:)
    values.fetch(:quota_used_raw, 0) # if the storage raw is empty use zero
  end

  def self.default_storage_capacity
    "0 GB"
  end

  def storage_capacity(session_id:)
    values = mediaflux_metadata(session_id:)
    quota_value = values.fetch(:quota_allocation, '') #if quota does not exist, set value to an empty string
    if quota_value.blank?
      return self.class.default_storage_capacity
    else
      return quota_value
    end
  end

  def storage_capacity_raw(session_id:)
    values = mediaflux_metadata(session_id:)
    quota_value = values.fetch(:quota_allocation_raw, 0) #if quota does not exist, set value to 0
    quota_value
  end

  # Fetches the first n files
  def file_list(session_id:, size: 10)
    return { files: [] } if mediaflux_id.nil?

    query_req = Mediaflux::QueryRequest.new(session_token: session_id, collection: mediaflux_id, deep_search: true, aql_query: "type!='application/arc-asset-collection'")
    iterator_id = query_req.result

    iterator_req = Mediaflux::IteratorRequest.new(session_token: session_id, iterator: iterator_id, size: size)
    results = iterator_req.result

    # Destroy _after_ fetching the first set of results from iterator_req.
    # This call is required since it possible that we have read less assets than
    # what the collection has but we are done with the iterator.
    Mediaflux::IteratorDestroyRequest.new(session_token: session_id, iterator: iterator_id).resolve

    results
  end

  # Fetches the entire file list to a file
  def file_list_to_file(session_id:, filename:)
    return { files: [] } if mediaflux_id.nil?

    query_req = Mediaflux::QueryRequest.new(session_token: session_id, collection: mediaflux_id, deep_search: true,  aql_query: "type!='application/arc-asset-collection'")
    iterator_id = query_req.result

    start_time = Time.zone.now
    prefix = "file_list_to_file #{session_id[0..7]} #{self.metadata_model.project_id}"
    log_elapsed(start_time, prefix, "STARTED")

    File.open(filename, "w") do |file|
      page_number = 0
      # file header
      file.write("ID, PATH, NAME, COLLECTION?, LAST_MODIFIED, SIZE\r\n")
      loop do
        iterator_start_time = Time.zone.now
        page_number += 1
        iterator_req = Mediaflux::IteratorRequest.new(session_token: session_id, iterator: iterator_id, size: 1000)
        iterator_resp = iterator_req.result
        log_elapsed(iterator_start_time, prefix, "FETCHED page #{page_number} from iterator")
        lines = files_from_iterator(iterator_resp)
        file.write(lines.join("\r\n") + "\r\n")
        break if iterator_resp[:complete] || iterator_req.error?
      end
      log_elapsed(start_time, prefix, "ENDED")
    end

    # Destroy _after_ fetching the results from iterator_req
    # This call is technically not necessary since Mediaflux automatically deletes the iterator
    # once we have ran through it and by now we have. But it does not hurt either.
    Mediaflux::IteratorDestroyRequest.new(session_token: session_id, iterator: iterator_id).resolve
  end


  private

    def files_from_iterator(iterator_resp)
      lines = []
      iterator_resp[:files].each do |asset|
        lines << "#{asset.id}, #{asset.path_only}, #{asset.name}, #{asset.collection}, #{asset.last_modified}, #{asset.size}"
      end
      lines
    end

    def project_directory_pathname
      # allow the directory to be modified by changes in the metadata_json
      @project_directory_pathname = nil if @original_directory.present? && @original_directory != metadata_model.project_directory

      @project_directory_pathname ||= begin
        @original_directory = metadata_model.project_directory
        Pathname.new(@original_directory)
      end
    end

    # Ensure that the project directory is a valid path
    def safe_directory(directory)
      Project.safe_directory(directory)
    end

    def log_elapsed(start_time, prefix, message)
      elapsed_time = Time.zone.now - start_time
      timing_info = "#{format('%.2f', elapsed_time)} s"
      Rails.logger.info "#{prefix}: #{message}, #{timing_info}"
    end
end

1	# frozen_string_literal: true
2	class Project < ApplicationRecord	5✔
3
4	validates_with ProjectValidator	5✔
5	has_many :provenance_events, dependent: :destroy	5✔
6	before_save do \|project\|	5✔
7	# Ensure that the metadata JSONB postgres field is persisted properly
8	project.metadata = project.metadata_model	1,283✔
9	end
10
11	# Valid project status described in ADR 7
12	# See `architecture-decisions/0007-valid-project-statuses.md`
13	APPROVED_STATUS = "approved"	5✔
14	ACTIVE_STATUS = "active"	5✔
15
16	delegate :to_json, to: :metadata_json # field in the database	5✔
17
18	def create!(initial_metadata:, user:)	5✔
19	self.metadata_model = initial_metadata	5✔
20	if self.valid?	5✔
21	if initial_metadata.project_id == ProjectMetadata::DOI_NOT_MINTED	3✔
22	self.draft_doi(user: user)	2✔
23	self.save!	2✔
24	ProvenanceEvent.generate_submission_events(project: self, user: user)	2✔
25	else
26	self.save!	1✔
27	end
28	# return doi
29	self.metadata_model.project_id	3✔
30	else
31	nil
32	end
33	end
34
35	def activate(current_user:)	5✔
36	raise StandardError.new("Only approved projects can be activated") if self.status != Project::APPROVED_STATUS	283✔
37	metadata_request = Mediaflux::AssetMetadataRequest.new(session_token: current_user.mediaflux_session, id: self.mediaflux_id)	283✔
38	metadata_request.resolve	283✔
39	raise metadata_request.response_error if metadata_request.error?	283✔
40	if self.title == metadata_request.metadata[:title]	283✔
41	self.metadata_model.status = Project::ACTIVE_STATUS	283✔
42	self.save!	283✔
43	else
44	raise StandardError.new("Title mismatch: #{self.title} != #{metadata_request.metadata[:title]}")	×
45	end
46	end
47
48	def draft_doi(user: nil)	5✔
49	puldatacite = PULDatacite.new	291✔
50	self.metadata_model.project_id = puldatacite.draft_doi	291✔
51	end
52
53	# Ideally this method should return a ProjectMetadata object (like `metadata_model` does)
54	# but we'll keep them both while we are refactoring the code so that we don't break
55	# everything at once since `metadata` is used everywhere.
56	def metadata	5✔
57	@metadata_hash = (metadata_json \|\| {}).with_indifferent_access	528✔
58	end
59
60	def metadata_model	5✔
61	@metadata_model \|\|= ProjectMetadata.new_from_hash(self.metadata)	15,422✔
62	end
63
64	def metadata_model=(new_metadata_model)	5✔
65	@metadata_model = new_metadata_model	109✔
66	end
67
68	def metadata=(metadata_model)	5✔
69	# Convert our metadata to a hash so it can be saved on our JSONB field
70	metadata_hash = JSON.parse(metadata_model.to_json)	2,628✔
71	self.metadata_json = metadata_hash	2,628✔
72	end
73
74	def title	5✔
75	self.metadata_model.title	432✔
76	end
77
78	def departments	5✔
79	unsorted = metadata_model.departments \|\| []	×
80	unsorted.sort	×
81	end
82
83	def project_directory	5✔
84	metadata_model.project_directory \|\| ""	166✔
85	end
86
87	def project_directory_short	5✔
88	project_directory	10✔
89	end
90
91	def status	5✔
92	metadata_model.status	643✔
93	end
94
95	def in_mediaflux?	5✔
96	mediaflux_id.present?	24✔
97	end
98
99	# This method narrows the list down returned by `all_projects` to only those projects where the user has
100	# been given a role (e.g. sponsor, manager, or data user.) For most users `all_projects` and `user_projects`
101	# are identical, but for administrators the lists can be very different since they are not part of most
102	# projects even though they have access to them in Mediaflux.
103	def self.users_projects(user)	5✔
104	all_projects(user).select do \|project\|	69✔
105	project[:data_manager] == user.uid \|\| project[:data_sponsor] == user.uid \|\| project[:data_users].include?(user.uid)	4,654✔
106	end
107	end
108
109	# Returns the projects that the current user has access in Mediaflux given their credentials
110	def self.all_projects(user)	5✔
111	request = Mediaflux::ProjectListRequest.new(session_token: user.mediaflux_session, aql_query: "xpath(tigerdata:project/ProjectID) has value")	73✔
112	request.results	73✔
113	end
114
115	def created_by_user	5✔
116	User.find_by(uid: metadata_model.created_by)	×
117	end
118
119	# @return [String] XML representation of the <meta> element
120	def mediaflux_meta_xml(user:)	5✔
UNCOV 121	doc = ProjectMediaflux.document(project: self, user: user)	3✔
UNCOV 122	doc.xpath("/response/reply/result/asset/meta").to_s	3✔
123	end
124
125	def mediaflux_metadata(session_id:)	5✔
126	@mediaflux_metadata \|\|= begin	879✔
127	metadata_request = Mediaflux::AssetMetadataRequest.new(session_token: session_id, id: mediaflux_id)	166✔
128	metadata_request.metadata	166✔
129	end
130	@mediaflux_metadata	875✔
131	end
132
133	def asset_count(session_id:)	5✔
UNCOV 134	values = mediaflux_metadata(session_id:)	30✔
UNCOV 135	values.fetch(:total_file_count, 0)	30✔
136	end
137
138	def self.default_storage_unit	5✔
UNCOV 139	"KB"	219✔
140	end
141
142	def self.default_storage_usage	5✔
UNCOV 143	"0 #{default_storage_unit}"	218✔
144	end
145
146	def storage_usage(session_id:)	5✔
UNCOV 147	values = mediaflux_metadata(session_id:)	217✔
UNCOV 148	values.fetch(:quota_used, self.class.default_storage_usage) # if the storage is empty use the default	217✔
149	end
150
151	def storage_usage_raw(session_id:)	5✔
UNCOV 152	values = mediaflux_metadata(session_id:)	143✔
UNCOV 153	values.fetch(:quota_used_raw, 0) # if the storage raw is empty use zero	143✔
154	end
155
156	def self.default_storage_capacity	5✔
157	"0 GB"	×
158	end
159
160	def storage_capacity(session_id:)	5✔
UNCOV 161	values = mediaflux_metadata(session_id:)	217✔
UNCOV 162	quota_value = values.fetch(:quota_allocation, '') #if quota does not exist, set value to an empty string	217✔
UNCOV 163	if quota_value.blank?	217✔
164	return self.class.default_storage_capacity	×
165	else
UNCOV 166	return quota_value	217✔
167	end
168	end
169
170	def storage_capacity_raw(session_id:)	5✔
UNCOV 171	values = mediaflux_metadata(session_id:)	176✔
UNCOV 172	quota_value = values.fetch(:quota_allocation_raw, 0) #if quota does not exist, set value to 0	176✔
UNCOV 173	quota_value	176✔
174	end
175
176	# Fetches the first n files
177	def file_list(session_id:, size: 10)	5✔
UNCOV 178	return { files: [] } if mediaflux_id.nil?	33✔
179
UNCOV 180	query_req = Mediaflux::QueryRequest.new(session_token: session_id, collection: mediaflux_id, deep_search: true, aql_query: "type!='application/arc-asset-collection'")	33✔
UNCOV 181	iterator_id = query_req.result	33✔
182
UNCOV 183	iterator_req = Mediaflux::IteratorRequest.new(session_token: session_id, iterator: iterator_id, size: size)	33✔
UNCOV 184	results = iterator_req.result	33✔
185
186	# Destroy _after_ fetching the first set of results from iterator_req.
187	# This call is required since it possible that we have read less assets than
188	# what the collection has but we are done with the iterator.
UNCOV 189	Mediaflux::IteratorDestroyRequest.new(session_token: session_id, iterator: iterator_id).resolve	33✔
190
UNCOV 191	results	33✔
192	end
193
194	# Fetches the entire file list to a file
195	def file_list_to_file(session_id:, filename:)	5✔
196	return { files: [] } if mediaflux_id.nil?	12✔
197
198	query_req = Mediaflux::QueryRequest.new(session_token: session_id, collection: mediaflux_id, deep_search: true, aql_query: "type!='application/arc-asset-collection'")	12✔
199	iterator_id = query_req.result	12✔
200
201	start_time = Time.zone.now	12✔
202	prefix = "file_list_to_file #{session_id[0..7]} #{self.metadata_model.project_id}"	12✔
203	log_elapsed(start_time, prefix, "STARTED")	12✔
204
205	File.open(filename, "w") do \|file\|	12✔
206	page_number = 0	12✔
207	# file header
208	file.write("ID, PATH, NAME, COLLECTION?, LAST_MODIFIED, SIZE\r\n")	12✔
209	loop do	12✔
210	iterator_start_time = Time.zone.now	12✔
211	page_number += 1	12✔
212	iterator_req = Mediaflux::IteratorRequest.new(session_token: session_id, iterator: iterator_id, size: 1000)	12✔
213	iterator_resp = iterator_req.result	12✔
214	log_elapsed(iterator_start_time, prefix, "FETCHED page #{page_number} from iterator")	12✔
215	lines = files_from_iterator(iterator_resp)	12✔
216	file.write(lines.join("\r\n") + "\r\n")	12✔
217	break if iterator_resp[:complete] \|\| iterator_req.error?	12✔
218	end
219	log_elapsed(start_time, prefix, "ENDED")	12✔
220	end
221
222	# Destroy _after_ fetching the results from iterator_req
223	# This call is technically not necessary since Mediaflux automatically deletes the iterator
224	# once we have ran through it and by now we have. But it does not hurt either.
225	Mediaflux::IteratorDestroyRequest.new(session_token: session_id, iterator: iterator_id).resolve	12✔
226	end
227
228
229	private	5✔
230
231	def files_from_iterator(iterator_resp)	5✔
232	lines = []	12✔
233	iterator_resp[:files].each do \|asset\|	12✔
234	lines << "#{asset.id}, #{asset.path_only}, #{asset.name}, #{asset.collection}, #{asset.last_modified}, #{asset.size}"	16✔
235	end
236	lines	12✔
237	end
238
239	def project_directory_pathname	5✔
240	# allow the directory to be modified by changes in the metadata_json
241	@project_directory_pathname = nil if @original_directory.present? && @original_directory != metadata_model.project_directory	×
242
243	@project_directory_pathname \|\|= begin	×
244	@original_directory = metadata_model.project_directory	×
245	Pathname.new(@original_directory)	×
246	end
247	end
248
249	# Ensure that the project directory is a valid path
250	def safe_directory(directory)	5✔
251	Project.safe_directory(directory)	×
252	end
253
254	def log_elapsed(start_time, prefix, message)	5✔
255	elapsed_time = Time.zone.now - start_time	36✔
256	timing_info = "#{format('%.2f', elapsed_time)} s"	36✔
257	Rails.logger.info "#{prefix}: #{message}, #{timing_info}"	36✔
258	end
259	end

pulibrary / tigerdata-app / 819740be-c56e-4036-85dc-7cab1fcd6c0a

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous