Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add rake task to assign access permissions for an organisation #2422

Merged
merged 6 commits into from
Nov 27, 2024
Merged

Add rake task to assign access permissions for an organisation #2422

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
d1e2825
Add rake task to assign access permissions for an organisation
Tetrino Oct 22, 2024
2279393
Change to find to fetch singular Artefact
ellohez Nov 18, 2024
24337a4
omit validation to apply permissions to all editions, additionally co…
baisa Nov 19, 2024
40d9f35
Add tests
baisa Nov 21, 2024
26a3320
Add logging to file and exception handling
ellohez Nov 21, 2024
06a376e
Log org id with log messages and fix rescue blocks
ellohez Nov 21, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
53 changes: 53 additions & 0 deletions lib/tasks/access_and_permissions.rake
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
require "csv"

namespace :permissions do
desc "Add an organisation to a document's access permissions list"
task :add_organisation_access, %i[document_content_id org_content_id log_file] => :environment do |_, args|
document = Artefact.find_by(id: args[:document_content_id])

if document.nil?
message = "Document ID #{args[:document_content_id]} not found, no permissions added for organisation with ID: #{args[:org_content_id]}"
elsif document.latest_edition.owning_org_content_ids.include?(args[:org_content_id])
message = "Organisation with ID: #{args[:org_content_id]} already has permission to access the document with ID: #{document.id}"
else
Edition.where(panopticon_id: document.id).each do |edition|
edition.owning_org_content_ids << args[:org_content_id]
edition.save!(validate: false)
end
document.save_as_task!("PermissionsAddition")
message = "Access permission for organisation ID: #{args[:org_content_id]}, successfully assigned to document with ID: #{document.id}"
end
args[:log_file] ? args[:log_file].puts(message) : puts(message)
rescue Mongoid::Errors::DocumentNotFound => e
error_message = "An error occurred while processing document ID #{args[:document_content_id]}: #{e.message}"
args[:log_file] ? args[:log_file].puts(error_message) : puts(error_message)
end

desc "Bulk process access permissions from CSV of URLs"
task :bulk_process_access_flags, %i[csv_filename organisation_id] => :environment do |_, args|
log_file = File.open("/tmp/permissions_rake_log.txt", "w")
log_file.puts("Adding access permissions for the organisation with ID - #{args[:organisation_id]}")

begin
CSV.foreach(args[:csv_filename], headers: true) do |row|
path = row[1]
path&.slice!("https://www.gov.uk/")
document = Artefact.find_by(slug: path)

if document.nil?
log_file.puts "Document with slug '#{path}' not found. Skipping..."
next
end

Rake::Task["permissions:add_organisation_access"].reenable
mtaylorgds marked this conversation as resolved.
Show resolved Hide resolved
Rake::Task["permissions:add_organisation_access"].invoke(document.id, args[:organisation_id], log_file)
rescue StandardError => e
log_file.puts "--- Error occurred ---"
log_file.puts e.detailed_message
log_file.puts "------"
end
ensure
log_file.close
end
end
end
55 changes: 55 additions & 0 deletions test/unit/tasks/access_and_permissions_test.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
require "test_helper"
require "rake"

class AccessAndPermissionsTaskTest < ActiveSupport::TestCase
setup do
@add_organisation_access_task = Rake::Task["permissions:add_organisation_access"]
@bulk_process_task = Rake::Task["permissions:bulk_process_access_flags"]

@add_organisation_access_task.reenable
@bulk_process_task.reenable

@artefact1 = FactoryBot.create(:artefact, slug: "example-slug-1")
@artefact2 = FactoryBot.create(:artefact, slug: "example-slug-2")
@edition1 = FactoryBot.create(:edition, panopticon_id: @artefact1.id, owning_org_content_ids: [])
@edition2 = FactoryBot.create(:edition, panopticon_id: @artefact2.id, owning_org_content_ids: [])
@csv_file_path = Rails.root.join("tmp/test_bulk_access.csv")
CSV.open(@csv_file_path, "w") do |csv|
csv << %w[Header1 URL]
csv << ["Row1", "https://www.gov.uk/example-slug-1"]
csv << ["Row2", "https://www.gov.uk/example-slug-2"]
end
end

test "add_organisation_access assigns permissions correctly" do
organisation_id = "test-org-id"

@add_organisation_access_task.invoke(@artefact1.id, organisation_id)
@edition1.reload

assert_includes @edition1.owning_org_content_ids, organisation_id
assert_not_includes @edition2.owning_org_content_ids, organisation_id
end

test "add_organisation_access does not duplicate access" do
organisation_id = "test-org-id"
@edition1.update!(owning_org_content_ids: [organisation_id])

@add_organisation_access_task.invoke(@artefact1.id, organisation_id)
@edition1.reload

assert_equal(1, @edition1.owning_org_content_ids.count { |id| id == organisation_id })
end

test "bulk_process_access_flags processes all rows in CSV" do
organisation_id = "test-org-id"

@bulk_process_task.invoke(@csv_file_path.to_s, organisation_id)

@edition1.reload
@edition2.reload

assert_includes @edition1.owning_org_content_ids, organisation_id
assert_includes @edition2.owning_org_content_ids, organisation_id
end
end
Loading