You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm running Hyku v5.1.0 and I've run into an issue granting collection creation permission to a group.
I created a group to manage a Collection Type and the group has been added as Creators under the Participants tab on that collection type. I created a test user and put them in the group which causes the "Add New Collection" button to appear on the Collections dashboard as expected, but when I click the button I get directed to the home page with an error message: "You are not authorized to access this page."
- Samvera Slack
Expected behavior
If I am given Creator permissions to a CollectionType (via either direct user access or through a group), I should be able to create Collections of that type
Actual behavior
If I am given Creator permissions to a CollectionType via a group, I cannot create Collections of that type
Steps to reproduce the behavior
Login as an admin
Navigate to Dashboard > Manage Groups
Click "Create New Group"
Give the group a name and click Save
Navigate to Dashboard > Settings > Collection Types
Click "Create new collection type"
Give the new Collection Type a name and click Save
Click the "Participants" tab
Under the "Add Participants" section, select the group from Step 4 and the "Creator" role
Click "Add"
Navigate to Dashboard > Manage Groups and edit the group from Step 4
Click the "Users" tab and add a non-admin user to the group
Login as the user from Step 12
Navigate to Dashboard > Collections
Click "Add New Collection"
Observe the behavior detailed above
Related work
This was likely first introduced into Hyku with the Groups with Roles feature:
In short, two things are required to be able to create a Collection:
A Hyrax::CollectionTypeParticipant record representing the level of access the "agent" (i.e. group) has to the CollectionType
A CanCanCan rule that says "this user has the ability to create Collections"
In the specific scenario detailed in this issue, the first requirement is met but the second isn't.
Code should be added the the CollectionAbility that grants the :create ability to users who have a Hyrax::CollectionTypeParticipant record.
In addition, a Hyrax::CollectionTypes::PermissionsService.can_create_collection_of_type? check should be added to Hyrax::Dashboard::CollectionsController#new to validate that the user has access to the create the specific CollectionType they are attempting to create.
The text was updated successfully, but these errors were encountered:
Descriptive summary
Expected behavior
If I am given Creator permissions to a CollectionType (via either direct user access or through a group), I should be able to create Collections of that type
Actual behavior
If I am given Creator permissions to a CollectionType via a group, I cannot create Collections of that type
Steps to reproduce the behavior
Related work
This was likely first introduced into Hyku with the Groups with Roles feature:
Technical details
In short, two things are required to be able to create a Collection:
Hyrax::CollectionTypeParticipantrecord representing the level of access the "agent" (i.e. group) has to the CollectionTypeIn the specific scenario detailed in this issue, the first requirement is met but the second isn't.
Code should be added the the
CollectionAbilitythat grants the:createability to users who have aHyrax::CollectionTypeParticipantrecord.In addition, a
Hyrax::CollectionTypes::PermissionsService.can_create_collection_of_type?check should be added toHyrax::Dashboard::CollectionsController#newto validate that the user has access to the create the specific CollectionType they are attempting to create.The text was updated successfully, but these errors were encountered: