From 7ddc80b705bb1cb75b6238104b26b76634442b8b Mon Sep 17 00:00:00 2001 From: lfarrell Date: Wed, 22 Nov 2023 11:06:18 -0500 Subject: [PATCH] Don't show download button to users without download access --- static/js/vue-cdr-access/package-lock.json | 47 ++++++++++--------- static/js/vue-cdr-access/package.json | 2 +- .../full_record/aggregateRecord.vue | 1 + .../src/components/full_record/fileList.vue | 34 ++++++++++---- .../src/mixins/fileDownloadUtils.js | 6 +-- .../tests/unit/fileList.spec.js | 24 ++-------- 6 files changed, 56 insertions(+), 58 deletions(-) diff --git a/static/js/vue-cdr-access/package-lock.json b/static/js/vue-cdr-access/package-lock.json index e6c6d2b304..d05061ff38 100644 --- a/static/js/vue-cdr-access/package-lock.json +++ b/static/js/vue-cdr-access/package-lock.json @@ -41,7 +41,7 @@ "@vue/test-utils": "2.3.2", "@vue/vue3-jest": "^29.2.3", "babel-jest": "^29.5.0", - "caniuse-lite": "^1.0.30001474", + "caniuse-lite": "^1.0.30001564", "jest-environment-jsdom": "^29.5.0", "jest-localstorage-mock": "^2.4.26", "moxios": "^0.4.0", @@ -51,9 +51,9 @@ } }, "node_modules/@adobe/css-tools": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@adobe/css-tools/-/css-tools-4.0.1.tgz", - "integrity": "sha512-+u76oB43nOHrF4DDWRLWDCtci7f3QJoEBigemIdIeTi1ODqjx6Tad9NCVnPRwewWlKkVab5PlK8DCtPTyX7S8g==", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/@adobe/css-tools/-/css-tools-4.3.1.tgz", + "integrity": "sha512-/62yikz7NLScCGAAST5SHdnjaDJQBDq0M2muyRTpf2VQhw6StBg2ALiu73zSJQ4fMVLA+0uBhBHAle7Wg+2kSg==", "dev": true }, "node_modules/@antfu/utils": { @@ -3548,9 +3548,9 @@ "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" }, "node_modules/axios": { - "version": "1.3.4", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.3.4.tgz", - "integrity": "sha512-toYm+Bsyl6VC5wSkfkbbNB6ROv7KY93PEBBL6xyDczaIHasAiv4wPqQ/c4RjoQzipxRD2W5g21cOqQulZ7rHwQ==", + "version": "1.6.2", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.2.tgz", + "integrity": "sha512-7i24Ri4pmDRfJTR7LDBhsOTtcm+9kjX5WiY1X3wIisx6G9So3pfMkEiU7emUBe46oceVImccTEM3k6C5dbVW8A==", "dependencies": { "follow-redirects": "^1.15.0", "form-data": "^4.0.0", @@ -3879,9 +3879,9 @@ } }, "node_modules/caniuse-lite": { - "version": "1.0.30001474", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001474.tgz", - "integrity": "sha512-iaIZ8gVrWfemh5DG3T9/YqarVZoYf0r188IjaGwx68j4Pf0SGY6CQkmJUIE+NZHkkecQGohzXmBGEwWDr9aM3Q==", + "version": "1.0.30001564", + "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001564.tgz", + "integrity": "sha512-DqAOf+rhof+6GVx1y+xzbFPeOumfQnhYzVnZD6LAXijR77yPtm9mfOcqOnT3mpnJiZVT+kwLAFnRlZcIz+c6bg==", "dev": true, "funding": [ { @@ -4287,9 +4287,10 @@ } }, "node_modules/debug": { - "version": "4.2.0", + "version": "4.3.4", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", + "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", "dev": true, - "license": "MIT", "dependencies": { "ms": "2.1.2" }, @@ -10260,9 +10261,9 @@ }, "dependencies": { "@adobe/css-tools": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@adobe/css-tools/-/css-tools-4.0.1.tgz", - "integrity": "sha512-+u76oB43nOHrF4DDWRLWDCtci7f3QJoEBigemIdIeTi1ODqjx6Tad9NCVnPRwewWlKkVab5PlK8DCtPTyX7S8g==", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/@adobe/css-tools/-/css-tools-4.3.1.tgz", + "integrity": "sha512-/62yikz7NLScCGAAST5SHdnjaDJQBDq0M2muyRTpf2VQhw6StBg2ALiu73zSJQ4fMVLA+0uBhBHAle7Wg+2kSg==", "dev": true }, "@antfu/utils": { @@ -12838,9 +12839,9 @@ "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" }, "axios": { - "version": "1.3.4", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.3.4.tgz", - "integrity": "sha512-toYm+Bsyl6VC5wSkfkbbNB6ROv7KY93PEBBL6xyDczaIHasAiv4wPqQ/c4RjoQzipxRD2W5g21cOqQulZ7rHwQ==", + "version": "1.6.2", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.2.tgz", + "integrity": "sha512-7i24Ri4pmDRfJTR7LDBhsOTtcm+9kjX5WiY1X3wIisx6G9So3pfMkEiU7emUBe46oceVImccTEM3k6C5dbVW8A==", "requires": { "follow-redirects": "^1.15.0", "form-data": "^4.0.0", @@ -13085,9 +13086,9 @@ "dev": true }, "caniuse-lite": { - "version": "1.0.30001474", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001474.tgz", - "integrity": "sha512-iaIZ8gVrWfemh5DG3T9/YqarVZoYf0r188IjaGwx68j4Pf0SGY6CQkmJUIE+NZHkkecQGohzXmBGEwWDr9aM3Q==", + "version": "1.0.30001564", + "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001564.tgz", + "integrity": "sha512-DqAOf+rhof+6GVx1y+xzbFPeOumfQnhYzVnZD6LAXijR77yPtm9mfOcqOnT3mpnJiZVT+kwLAFnRlZcIz+c6bg==", "dev": true }, "canvas": { @@ -13398,7 +13399,9 @@ "requires": {} }, "debug": { - "version": "4.2.0", + "version": "4.3.4", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", + "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", "dev": true, "requires": { "ms": "2.1.2" diff --git a/static/js/vue-cdr-access/package.json b/static/js/vue-cdr-access/package.json index eef2ddce19..efdb43c90a 100644 --- a/static/js/vue-cdr-access/package.json +++ b/static/js/vue-cdr-access/package.json @@ -43,7 +43,7 @@ "@vue/test-utils": "2.3.2", "@vue/vue3-jest": "^29.2.3", "babel-jest": "^29.5.0", - "caniuse-lite": "^1.0.30001474", + "caniuse-lite": "^1.0.30001564", "jest-environment-jsdom": "^29.5.0", "jest-localstorage-mock": "^2.4.26", "moxios": "^0.4.0", diff --git a/static/js/vue-cdr-access/src/components/full_record/aggregateRecord.vue b/static/js/vue-cdr-access/src/components/full_record/aggregateRecord.vue index 3a78fc0408..b6fa39bb57 100644 --- a/static/js/vue-cdr-access/src/components/full_record/aggregateRecord.vue +++ b/static/js/vue-cdr-access/src/components/full_record/aggregateRecord.vue @@ -75,6 +75,7 @@ {{ $t('full_record.file_type') }} {{ $t('full_record.filesize') }} {{ $t('full_record.view_file') }} - {{ $t('full_record.download_file') }} + {{ $t('full_record.download_file') }} {{ $t('full_record.mods') }} @@ -45,6 +45,10 @@ export default { props: { childCount: Number, + downloadAccess: { + default: false, + type: Boolean + }, editAccess: { default: false, type: Boolean @@ -63,8 +67,7 @@ export default { { data: this.$t('full_record.title') }, { data: this.$t('full_record.file_type') }, { data: this.$t('full_record.filesize') }, - { data: this.$t('full_record.view_file') }, - { data: this.$t('full_record.download_file') } + { data: this.$t('full_record.view_file') } ] } }, @@ -122,7 +125,7 @@ export default { }, columnDefs() { - const excluded_columns = [0, 4, 5]; + const excluded_columns = [0, 4]; let column_defs = [ { orderable: false, targets: excluded_columns }, @@ -187,18 +190,29 @@ export default { ` `; }, targets: 4 - }, - { + } + ]; + + if (this.downloadAccess) { + this.columns.push({ data: this.$t('full_record.download_file') }); + excluded_columns.push(5); // download button + + // Add to orderable, searchable exclusions + [0, 1].forEach((d) => column_defs[d].targets = excluded_columns); + + column_defs.push({ render: (data, type, row) => { return this.downloadButtonHtml(row); }, targets: 5 - } - ]; + }); + } if (this.editAccess) { + // Check for the correct column number, in the unlikely event a user has edit access, but not download access + const column_number = (this.downloadAccess) ? 6 : 5; this.columns.push({ data: this.$t('full_record.mods') }); - excluded_columns.push(6); // edit button + excluded_columns.push(column_number); // edit button // Add to orderable, searchable exclusions [0, 1].forEach((d) => column_defs[d].targets = excluded_columns); @@ -209,7 +223,7 @@ export default { return `` + '' }, - targets: 6 + targets: column_number } ); } diff --git a/static/js/vue-cdr-access/src/mixins/fileDownloadUtils.js b/static/js/vue-cdr-access/src/mixins/fileDownloadUtils.js index 40ccc73dd2..0773a0ab7f 100644 --- a/static/js/vue-cdr-access/src/mixins/fileDownloadUtils.js +++ b/static/js/vue-cdr-access/src/mixins/fileDownloadUtils.js @@ -72,11 +72,7 @@ export default { return html; } else { - return ``; + return ''; } }, diff --git a/static/js/vue-cdr-access/tests/unit/fileList.spec.js b/static/js/vue-cdr-access/tests/unit/fileList.spec.js index 1f1ad8bff6..905266c704 100644 --- a/static/js/vue-cdr-access/tests/unit/fileList.spec.js +++ b/static/js/vue-cdr-access/tests/unit/fileList.spec.js @@ -95,18 +95,6 @@ describe('fileList.vue', () => { expect(wrapper.vm.showBadge({ status: [''] })).toEqual({ markDeleted: false, restricted: true }); }); - // @TODO TDB whether viewAccessCopies allows a user to download anything - /* it("sets download button html for image files with canViewAccess permission", () => { - const download = wrapper.vm.downloadButtonHtml(briefObject); - // Download button - expect(download).toEqual(expect.stringContaining('button id="dcr-download-4db695c0-5fd5-4abf-9248-2e115d43f57d"')); - // Options - expect(download).toEqual(expect.stringContaining('Small JPG (800px)')); - expect(download).toEqual(expect.stringContaining('Medium JPG (1600px)')); - expect(download).toEqual(expect.not.stringContaining('Full Size JPG')); - expect(download).toEqual(expect.not.stringContaining('Original File')); - });*/ - it("sets download button html for image files with canViewOriginal permission", async () => { let updatedBriefObj = cloneDeep(briefObject); updatedBriefObj.permissions = [ @@ -149,25 +137,21 @@ describe('fileList.vue', () => { expect(download).toEqual(expect.stringContaining(' { + it("does not show a button for non-image files without viewOriginal permission", () => { let updatedBriefObj = cloneDeep(briefObject); updatedBriefObj.fileType = ['application/pdf'] updatedBriefObj.format = ['Text'] updatedBriefObj.datastream = ['original_file|application/pdf|pdf file||416330|urn:sha1:4945153c9f5ce152ef8eda495deba043f536f388||']; - const download = wrapper.vm.downloadButtonHtml(updatedBriefObj); - // Disabled download button - expect(download).toEqual(expect.stringContaining('button class="button download-images" title="Download Unavailable" disabled')); + expect(wrapper.find('div.download').exists()).toBe(false); }); - it("sets a disabled download button for image files without viewAccessCopies permission", () => { + it("does not show a button for image files without viewOriginal permission", () => { let updatedBriefObj = cloneDeep(briefObject); updatedBriefObj.permissions = [ "viewMetadata" ]; - const download = wrapper.vm.downloadButtonHtml(updatedBriefObj); - // Disabled download button - expect(download).toEqual(expect.stringContaining('button class="button download-images" title="Download Unavailable" disabled')); + expect(wrapper.find('div.image-download-options').exists()).toBe(false); }); }); \ No newline at end of file