Add group permissions to sage articles when ingested

app/services/tasks/sage_new_article_ingester.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 module Tasks
+  require 'tasks/migration_helper'
+
   class SageNewArticleIngester < SageBaseArticleIngester
     attr_accessor :admin_set
 
@@ -11,9 +13,12 @@ def process_package
       # Add PDF file to Article (including FileSets)
       pdf_path = pdf_file_path
 
-      attach_pdf_to_work(art_with_meta, pdf_path)
+      pdf_file = attach_pdf_to_work(art_with_meta, pdf_path)
+      pdf_file.update permissions_attributes: group_permissions
+
       # Add xml metadata file to Article
-      attach_xml_to_work(art_with_meta, @jats_ingest_work.xml_path)
+      xml_file = attach_xml_to_work(art_with_meta, @jats_ingest_work.xml_path)
+      xml_file.update permissions_attributes: group_permissions
       art_with_meta.id
     end
 
@@ -37,9 +42,14 @@ def article_with_metadata
       art.admin_set = @admin_set
       populate_article_metadata(art)
       art.visibility = Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_PUBLIC
+      art.permissions_attributes = group_permissions
       art.save!
       # return the Article object
       art
     end
+
+    def group_permissions
+      @group_permissions ||= MigrationHelper.get_permissions_attributes(@admin_set.id)
+    end
   end
 end

spec/services/tasks/sage_ingest_service_spec.rb

@@ -88,8 +88,26 @@
       let(:updated_creator) { 'Nakayama, Don K.' }
 
       context 'revision with no existing work' do
+        let(:manager) do
+          FactoryBot.create(:user, email: '[email protected]', guest: false, uid: 'manager')
+        end
+        let(:manager_agent) { Sipity::Agent.where(proxy_for_id: 'oa_manager', proxy_for_type: 'Hyrax::Group').first_or_create }
+
         let(:package_name) { 'ASU_2022_88_10_10.1177_00031348221074228.r2022-12-22.zip' }
 
+        before do
+          Article.delete_all
+
+          Hyrax::PermissionTemplateAccess.create(permission_template: permission_template,
+                                             agent_type: 'group',
+                                             agent_id: 'oa_manager',
+                                             access: 'manage')
+          Hyrax::Workflow::PermissionGenerator.call(roles: 'managing', workflow: workflow, agents: manager_agent)
+          manager_role = Role.where(name: 'oa_manager').first_or_create
+          manager_role.users << manager
+          manager_role.save
+        end
+
         it 'creates the work as if it were new' do
           work_id = nil
           expect { work_id = service.process_package("spec/fixtures/sage/revisions/both_changed/#{package_name}") }
@@ -101,6 +119,26 @@
           expect(status['status']).to eq 'In Progress'
           expect(status['error'][0]['message']).to eq "Package #{package_name} indicates that it is a revision, but no existing work with DOI https://doi.org/10.1177/00031348221074228 was found. Creating a new work instead."
           expect(status['error'][0]['trace']).to be_nil
+
+          article = Article.first
+          expect_to_have_manager_permission(article)
+          expect_to_have_public_permission(article)
+
+          article_file_sets = article.file_sets
+          expect(article_file_sets.length).to eq 2
+          expect_to_have_manager_permission(article_file_sets[0])
+          expect_to_have_public_permission(article_file_sets[0])
+          expect_to_have_manager_permission(article_file_sets[1])
+        end
+
+        def expect_to_have_manager_permission(item)
+          manager_perm = item.permissions.to_a.find { |perm| perm.agent.first.id == 'http://projecthydra.org/ns/auth/group#oa_manager' }
+          expect(manager_perm.mode.first.id).to eq 'http://www.w3.org/ns/auth/acl#Write'
+        end
+
+        def expect_to_have_public_permission(item)
+          pub_perm = item.permissions.to_a.find { |perm| perm.agent.first.id == 'http://projecthydra.org/ns/auth/group#public' }
+          expect(pub_perm.mode.first.id).to eq 'http://www.w3.org/ns/auth/acl#Read'
         end
       end