0472845a-eeb8-4039-9976-1e3b969bb5f1

Committed 04 May 2026 02:54PM UTC coverage: 97.444%. Remained the same

Build # 0472845a-eeb8-4039-9976-1e3b969bb5f1

Build Type

Pull #2489

circleci

Committed by

web-flow

Commit Message

Bump lodash from 4.17.23 to 4.18.1

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.23 to 4.18.1.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.23...4.18.1)

---
updated-dependencies:
- dependency-name: lodash
  dependency-version: 4.18.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Pull Request Pull Request #2489: Bump lodash from 4.17.23 to 4.18.1

Coverage Stats

2783 of 2856 relevant lines covered (97.44%)

49.78 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

100.0

/lib/workflow_setup.rb

# Set up the AdminSets and Workflow for Laevigata
require File.expand_path('../../config/environment', __FILE__)
require 'yaml'

# Set up the application's initial state: load required roles, create required AdminSets, load appropriate users and workflows
class WorkflowSetup
  include SemanticLogger::Loggable

  attr_reader :admin_set_owner
  attr_reader :admin_sets_config
  attr_accessor :superusers_config
  ADMIN_SET_OWNER = "admin_set_owner".freeze
  NOTIFICATION_OWNER = "notification_owner".freeze
  DEFAULT_SUPERUSERS_CONFIG = "#{::Rails.root}/config/emory/superusers.yml".freeze
  DEFAULT_ADMIN_SETS_CONFIG = "#{::Rails.root}/config/emory/admin_sets.yml".freeze

  # Set up the parameters for
  # @param [String] superusers_config a file containing the email addresses of the application's superusers
  # @param [String] config_file_dir the directory where the config files reside
  # @param [String] schools_config
  # @param [String] log_location where should the log files write? Default is STDOUT. /dev/null is also an option for CI builds
  def initialize(superusers_config = DEFAULT_SUPERUSERS_CONFIG, admin_sets_config = DEFAULT_ADMIN_SETS_CONFIG, _log_location = STDOUT)
    raise "File #{superusers_config} does not exist" unless File.exist?(superusers_config)
    @superusers_config = YAML.safe_load(File.read(superusers_config))
    raise "File #{admin_sets_config} does not exist" unless File.exist?(admin_sets_config)
    @admin_sets_config = YAML.safe_load(File.read(admin_sets_config))
    logger.info "Initializing new workflow setup with superusers file #{superusers_config} and admin_sets_config files from #{admin_sets_config}"
    Hyrax::RoleRegistry.new.persist_registered_roles! # Ensure we have a managing and a depositing role
    @admin_set_owner = make_superuser(ADMIN_SET_OWNER)
  end

  # Load the superusers
  # Make an AdminSet for each school, with the proper workflow
  # Allow any registered user to deposit into any of the AdminSets
  # Give superusers every available role in all workflows in all AdminSets
  def setup
    make_notification_owner
    load_superusers
    admin_sets.each do |as|
      logger.debug "Attempting to make admin set for #{as}"
      make_admin_set_from_config(as)
    end
    everyone_can_deposit_everywhere
    give_superusers_superpowers
  end

  # A ::User to own notifications
  def make_notification_owner
    u = ::User.find_or_create_by(uid: NOTIFICATION_OWNER)
    u.ppid = NOTIFICATION_OWNER
    u.display_name = "ETD Notification System"
    u.save
  end

  # Make an AdminSet and assign it a one step mediated deposit workflow
  # @param [String] admin_set_title The title of the admin set to create
  # @param [String] workflow_name The name of the mediated deposit workflow to enable
  def make_mediated_deposit_admin_set(admin_set_title, workflow_name = "emory_one_step_approval")
    a = make_admin_set(admin_set_title)
    activate_mediated_deposit(a, workflow_name)
    a
  end

  # Given an admin set and a role, return relevant Array of Sipity::Users for the
  # currently active workflow
  # @param [AdminSet] admin_set
  # @param [String|Sipity::Role] role e.g., "approving" "depositing" "managing"
  # @return [Array<Sipity::Agent>] An array of Sipity::Agent objects
  def users_in_role(admin_set, role)
    return [] unless admin_set.permission_template.available_workflows.exists?(active: true)

    role     = Sipity::Role.find_by!(name: role) unless role.is_a?(Sipity::Role)
    workflow = admin_set.permission_template.available_workflows.find_by(active: true)
    wf_role  = Sipity::WorkflowRole.find_by(workflow: workflow, role_id: role)
    return [] unless wf_role

    Sipity::Agent.where(id: wf_role.workflow_responsibilities.pluck(:agent_id),
                        proxy_for_type: 'User').to_a
  end

  # Read a config file to figure out what workflow to enable and how to grant approving_role
  # @param [String] admin_set_title
  # @return [AdminSet]
  def make_admin_set_from_config(admin_set_title)
    config = admin_set_config(admin_set_title)
    config["workflow"] || config["workflow"] = "emory_one_step_approval"
    admin_set = make_mediated_deposit_admin_set(admin_set_title, config["workflow"])
    approving_users = []
    config["approving"].each do |approver_uid|
      u = ::User.find_or_create_by(uid: approver_uid)
      u.password = "123456" if set_default_password?
      u.provider = "shibboleth"
      u.ppid = approver_uid # temporary ppid, will get replaced when user signs in with shibboleth
      u.save
      approving_users << u.to_sipity_agent
    end
    approval_role = Sipity::Role.find_by!(name: 'approving')
    workflow = admin_set.active_workflow
    workflow.update_responsibilities(role: approval_role, agents: (approving_users.concat users_in_role(admin_set, "approving")))
    if workflow.workflow_roles.map { |workflow_role| workflow_role.role.name }.include?("reviewing")
      reviewing_role = Sipity::Role.find_by!(name: 'reviewing')
      workflow.update_responsibilities(role: reviewing_role, agents: (approving_users.concat users_in_role(admin_set, "reviewing")))
    end
    admin_set
  end

  # Create the admin role, or find it if it exists already
  # @return [Role] the admin Role
  def admin_role
    Role.find_or_create_by(name: "admin")
  end

  # Load the superusers from a config file
  def load_superusers
    admin_role.users = [] # Remove all the admin users every time you reload
    admin_role.save
    @superusers_config["superusers"].each_key do |provider|
      @superusers_config["superusers"][provider].each do |s|
        make_superuser(s, provider)
      end
    end
  end

  # Make a superuser
  # @param [String] the uid of the superuser
  # @return [User] the superuser who was just created
  def make_superuser(uid, provider = "database")
    logger.debug "Making superuser #{uid}"
    admin_user = ::User.find_or_create_by(uid: uid)
    admin_user.password = "123456" if set_default_password?
    admin_user.ppid = uid # temporary ppid, will get replaced when user signs in with shibboleth
    admin_user.provider = provider
    admin_user.save
    admin_role.users << admin_user
    admin_role.save
    admin_user
  end

  # Don't set default passwords in production mode
  def set_default_password?
    AuthConfig.use_database_auth? && !Rails.env.production?
  end

  # return an array of all current superusers
  # @return [Array(User)]
  def superusers
    raise "No superusers are defined" unless admin_role.users.count > 0
    admin_role.users
  end

  # Allow anyone with a registered account to deposit into any of the AdminSets
  def everyone_can_deposit_everywhere
    AdminSet.all.each do |admin_set|
      next if Hyrax::PermissionTemplateAccess
                .find_by(permission_template_id: admin_set.permission_template.id,
                         agent_id:   'registered',
                         access:     'deposit',
                         agent_type: 'group')

      admin_set.permission_template.access_grants.create(agent_type: 'group', agent_id: 'registered', access: 'deposit')
      deposit = Sipity::Role.find_by!(name: 'depositing')
      admin_set.permission_template.available_workflows.each do |workflow|
        workflow.update_responsibilities(role: deposit, agents: Hyrax::Group.new('registered'))
      end
    end
  end

  # Give superusers the managing role in all AdminSets
  # Also give them all workflow roles for all AdminSets
  def give_superusers_superpowers
    logger.info "Giving superuser powers to #{superusers.pluck(:ppid)}"
    give_superusers_managing_role
    give_superusers_workflow_roles
  end

  def superusers_as_sipity_agents
    superusers.map(&:to_sipity_agent)
  end

  # Give all superusers the managing role all workflows
  def give_superusers_managing_role
    AdminSet.all.each do |admin_set|
      admin_set.permission_template.available_workflows.each do |workflow| # .where(active: true) ?
        workflow.update_responsibilities(role: Sipity::Role.where(name: "managing").first, agents: superusers_as_sipity_agents)
      end
    end
  end

  def give_superusers_workflow_roles
    AdminSet.all.each do |admin_set|
      admin_set.permission_template.available_workflows.where(active: true).each do |workflow|
        workflow_roles = Sipity::WorkflowRole.where(workflow_id: workflow.id)
        workflow_roles.each do |workflow_role|
          workflow_role_name = Sipity::Role.where(id: workflow_role.role_id).first.name
          next if workflow_role_name == "depositing" || workflow_role_name == "managing"
          union_of_users = superusers_as_sipity_agents.concat(users_in_role(admin_set, workflow_role_name)).uniq
          logger.debug "Granting #{workflow_role_name} to #{union_of_users.map { |u| User.where(id: u.proxy_for_id).first.ppid }.to_sentence}"
          workflow.update_responsibilities(role: Sipity::Role.where(id: workflow_role.role_id), agents: union_of_users)
        end
      end
    end
  end

  # Make an AdminSet with the given title, belonging to the @admin_set_owner
  # @return [AdminSet] the admin set that was just created, or the one that existed already
  def make_admin_set(admin_set_title)
    if AdminSet.where(title_sim: admin_set_title).count > 0
      logger.debug "AdminSet #{admin_set_title} already exists."
      return AdminSet.where(title_sim: admin_set_title).first
    end
    a = AdminSet.create(title: [admin_set_title])
    Hyrax::AdminSetCreateService.call(admin_set: a, creating_user: @admin_set_owner)
    a
  end

  # Activate a mediated deposit workflow for the given admin_set.
  # Default is emory_one_step_approval, but a different value can be passed in.
  # The activate! method will DEactivate it if it was already active, so be careful.
  # @return [Boolean] true if successful
  def activate_mediated_deposit(admin_set, workflow_name = "emory_one_step_approval")
    osmd = admin_set.permission_template.available_workflows.where(name: workflow_name).first
    if osmd.active == true
      logger.debug "AdminSet #{admin_set.title.first} already had workflow #{admin_set.permission_template.available_workflows.where(active: true).first.name}. Not making any changes."
      return true
    end
    Sipity::Workflow.activate!(
      permission_template: admin_set.permission_template,
      workflow_id: osmd.id
    )
    logger.debug "AdminSet #{admin_set.title.first} has workflow #{admin_set.permission_template.available_workflows.where(active: true).first.name}"
    true
  end

  # Return an array of AdminSets that should be set up for the initial workflow
  # @return [Array(String)]
  def admin_sets
    @admin_sets_config.keys
  end

  # Given the name of a school, read its config into a Hash
  # @param [String] the name of an admin_set
  # @return [Hash] a Hash containing approvers and (optionally) workflow for this school
  def admin_set_config(school_name)
    raise "Couldn't find expected config for #{school_name}" unless @admin_sets_config[school_name]
    @admin_sets_config[school_name]
  end
end

1	# Set up the AdminSets and Workflow for Laevigata
2	require File.expand_path('../../config/environment', __FILE__)	4✔
3	require 'yaml'	4✔
4
5	# Set up the application's initial state: load required roles, create required AdminSets, load appropriate users and workflows
6	class WorkflowSetup	4✔
7	include SemanticLogger::Loggable	4✔
8
9	attr_reader :admin_set_owner	4✔
10	attr_reader :admin_sets_config	4✔
11	attr_accessor :superusers_config	4✔
12	ADMIN_SET_OWNER = "admin_set_owner".freeze	4✔
13	NOTIFICATION_OWNER = "notification_owner".freeze	4✔
14	DEFAULT_SUPERUSERS_CONFIG = "#{::Rails.root}/config/emory/superusers.yml".freeze	4✔
15	DEFAULT_ADMIN_SETS_CONFIG = "#{::Rails.root}/config/emory/admin_sets.yml".freeze	4✔
16
17	# Set up the parameters for
18	# @param [String] superusers_config a file containing the email addresses of the application's superusers
19	# @param [String] config_file_dir the directory where the config files reside
20	# @param [String] schools_config
21	# @param [String] log_location where should the log files write? Default is STDOUT. /dev/null is also an option for CI builds
22	def initialize(superusers_config = DEFAULT_SUPERUSERS_CONFIG, admin_sets_config = DEFAULT_ADMIN_SETS_CONFIG, _log_location = STDOUT)	4✔
23	raise "File #{superusers_config} does not exist" unless File.exist?(superusers_config)	60✔
24	@superusers_config = YAML.safe_load(File.read(superusers_config))	60✔
25	raise "File #{admin_sets_config} does not exist" unless File.exist?(admin_sets_config)	60✔
26	@admin_sets_config = YAML.safe_load(File.read(admin_sets_config))	60✔
27	logger.info "Initializing new workflow setup with superusers file #{superusers_config} and admin_sets_config files from #{admin_sets_config}"	60✔
28	Hyrax::RoleRegistry.new.persist_registered_roles! # Ensure we have a managing and a depositing role	60✔
29	@admin_set_owner = make_superuser(ADMIN_SET_OWNER)	60✔
30	end
31
32	# Load the superusers
33	# Make an AdminSet for each school, with the proper workflow
34	# Allow any registered user to deposit into any of the AdminSets
35	# Give superusers every available role in all workflows in all AdminSets
36	def setup	4✔
37	make_notification_owner	38✔
38	load_superusers	38✔
39	admin_sets.each do \|as\|	38✔
40	logger.debug "Attempting to make admin set for #{as}"	47✔
41	make_admin_set_from_config(as)	47✔
42	end
43	everyone_can_deposit_everywhere	38✔
44	give_superusers_superpowers	38✔
45	end
46
47	# A ::User to own notifications
48	def make_notification_owner	4✔
49	u = ::User.find_or_create_by(uid: NOTIFICATION_OWNER)	39✔
50	u.ppid = NOTIFICATION_OWNER	39✔
51	u.display_name = "ETD Notification System"	39✔
52	u.save	39✔
53	end
54
55	# Make an AdminSet and assign it a one step mediated deposit workflow
56	# @param [String] admin_set_title The title of the admin set to create
57	# @param [String] workflow_name The name of the mediated deposit workflow to enable
58	def make_mediated_deposit_admin_set(admin_set_title, workflow_name = "emory_one_step_approval")	4✔
59	a = make_admin_set(admin_set_title)	55✔
60	activate_mediated_deposit(a, workflow_name)	55✔
61	a	55✔
62	end
63
64	# Given an admin set and a role, return relevant Array of Sipity::Users for the
65	# currently active workflow
66	# @param [AdminSet] admin_set
67	# @param [String\|Sipity::Role] role e.g., "approving" "depositing" "managing"
68	# @return [Array<Sipity::Agent>] An array of Sipity::Agent objects
69	def users_in_role(admin_set, role)	4✔
70	return [] unless admin_set.permission_template.available_workflows.exists?(active: true)	203✔
71
72	role = Sipity::Role.find_by!(name: role) unless role.is_a?(Sipity::Role)	203✔
73	workflow = admin_set.permission_template.available_workflows.find_by(active: true)	203✔
74	wf_role = Sipity::WorkflowRole.find_by(workflow: workflow, role_id: role)	203✔
75	return [] unless wf_role	203✔
76
77	Sipity::Agent.where(id: wf_role.workflow_responsibilities.pluck(:agent_id),	203✔
78	proxy_for_type: 'User').to_a
79	end
80
81	# Read a config file to figure out what workflow to enable and how to grant approving_role
82	# @param [String] admin_set_title
83	# @return [AdminSet]
84	def make_admin_set_from_config(admin_set_title)	4✔
85	config = admin_set_config(admin_set_title)	52✔
86	config["workflow"] \|\| config["workflow"] = "emory_one_step_approval"	52✔
87	admin_set = make_mediated_deposit_admin_set(admin_set_title, config["workflow"])	52✔
88	approving_users = []	52✔
89	config["approving"].each do \|approver_uid\|	52✔
90	u = ::User.find_or_create_by(uid: approver_uid)	92✔
91	u.password = "123456" if set_default_password?	92✔
92	u.provider = "shibboleth"	92✔
93	u.ppid = approver_uid # temporary ppid, will get replaced when user signs in with shibboleth	92✔
94	u.save	92✔
95	approving_users << u.to_sipity_agent	92✔
96	end
97	approval_role = Sipity::Role.find_by!(name: 'approving')	52✔
98	workflow = admin_set.active_workflow	52✔
99	workflow.update_responsibilities(role: approval_role, agents: (approving_users.concat users_in_role(admin_set, "approving")))	52✔
100	if workflow.workflow_roles.map { \|workflow_role\| workflow_role.role.name }.include?("reviewing")	260✔
101	reviewing_role = Sipity::Role.find_by!(name: 'reviewing')	52✔
102	workflow.update_responsibilities(role: reviewing_role, agents: (approving_users.concat users_in_role(admin_set, "reviewing")))	52✔
103	end
104	admin_set	52✔
105	end
106
107	# Create the admin role, or find it if it exists already
108	# @return [Role] the admin Role
109	def admin_role	4✔
110	Role.find_or_create_by(name: "admin")	1,025✔
111	end
112
113	# Load the superusers from a config file
114	def load_superusers	4✔
115	admin_role.users = [] # Remove all the admin users every time you reload	49✔
116	admin_role.save	49✔
117	@superusers_config["superusers"].each_key do \|provider\|	49✔
118	@superusers_config["superusers"][provider].each do \|s\|	97✔
119	make_superuser(s, provider)	145✔
120	end
121	end
122	end
123
124	# Make a superuser
125	# @param [String] the uid of the superuser
126	# @return [User] the superuser who was just created
127	def make_superuser(uid, provider = "database")	4✔
128	logger.debug "Making superuser #{uid}"	211✔
129	admin_user = ::User.find_or_create_by(uid: uid)	211✔
130	admin_user.password = "123456" if set_default_password?	211✔
131	admin_user.ppid = uid # temporary ppid, will get replaced when user signs in with shibboleth	211✔
132	admin_user.provider = provider	211✔
133	admin_user.save	211✔
134	admin_role.users << admin_user	211✔
135	admin_role.save	211✔
136	admin_user	211✔
137	end
138
139	# Don't set default passwords in production mode
140	def set_default_password?	4✔
141	AuthConfig.use_database_auth? && !Rails.env.production?	303✔
142	end
143
144	# return an array of all current superusers
145	# @return [Array(User)]
146	def superusers	4✔
147	raise "No superusers are defined" unless admin_role.users.count > 0	251✔
148	admin_role.users	251✔
149	end
150
151	# Allow anyone with a registered account to deposit into any of the AdminSets
152	def everyone_can_deposit_everywhere	4✔
153	AdminSet.all.each do \|admin_set\|	39✔
154	next if Hyrax::PermissionTemplateAccess	48✔
155	.find_by(permission_template_id: admin_set.permission_template.id,
156	agent_id: 'registered',
157	access: 'deposit',
158	agent_type: 'group')
159
160	admin_set.permission_template.access_grants.create(agent_type: 'group', agent_id: 'registered', access: 'deposit')	48✔
161	deposit = Sipity::Role.find_by!(name: 'depositing')	48✔
162	admin_set.permission_template.available_workflows.each do \|workflow\|	48✔
163	workflow.update_responsibilities(role: deposit, agents: Hyrax::Group.new('registered'))	94✔
164	end
165	end
166	end
167
168	# Give superusers the managing role in all AdminSets
169	# Also give them all workflow roles for all AdminSets
170	def give_superusers_superpowers	4✔
171	logger.info "Giving superuser powers to #{superusers.pluck(:ppid)}"	40✔
172	give_superusers_managing_role	40✔
173	give_superusers_workflow_roles	40✔
174	end
175
176	def superusers_as_sipity_agents	4✔
177	superusers.map(&:to_sipity_agent)	194✔
178	end
179
180	# Give all superusers the managing role all workflows
181	def give_superusers_managing_role	4✔
182	AdminSet.all.each do \|admin_set\|	40✔
183	admin_set.permission_template.available_workflows.each do \|workflow\| # .where(active: true) ?	49✔
184	workflow.update_responsibilities(role: Sipity::Role.where(name: "managing").first, agents: superusers_as_sipity_agents)	96✔
185	end
186	end
187	end
188
189	def give_superusers_workflow_roles	4✔
190	AdminSet.all.each do \|admin_set\|	40✔
191	admin_set.permission_template.available_workflows.where(active: true).each do \|workflow\|	49✔
192	workflow_roles = Sipity::WorkflowRole.where(workflow_id: workflow.id)	49✔
193	workflow_roles.each do \|workflow_role\|	49✔
194	workflow_role_name = Sipity::Role.where(id: workflow_role.role_id).first.name	196✔
195	next if workflow_role_name == "depositing" \|\| workflow_role_name == "managing"	196✔
196	union_of_users = superusers_as_sipity_agents.concat(users_in_role(admin_set, workflow_role_name)).uniq	98✔
197	logger.debug "Granting #{workflow_role_name} to #{union_of_users.map { \|u\| User.where(id: u.proxy_for_id).first.ppid }.to_sentence}"	650✔
198	workflow.update_responsibilities(role: Sipity::Role.where(id: workflow_role.role_id), agents: union_of_users)	98✔
199	end
200	end
201	end
202	end
203
204	# Make an AdminSet with the given title, belonging to the @admin_set_owner
205	# @return [AdminSet] the admin set that was just created, or the one that existed already
206	def make_admin_set(admin_set_title)	4✔
207	if AdminSet.where(title_sim: admin_set_title).count > 0	59✔
208	logger.debug "AdminSet #{admin_set_title} already exists."	1✔
209	return AdminSet.where(title_sim: admin_set_title).first	1✔
210	end
211	a = AdminSet.create(title: [admin_set_title])	58✔
212	Hyrax::AdminSetCreateService.call(admin_set: a, creating_user: @admin_set_owner)	58✔
213	a	58✔
214	end
215
216	# Activate a mediated deposit workflow for the given admin_set.
217	# Default is emory_one_step_approval, but a different value can be passed in.
218	# The activate! method will DEactivate it if it was already active, so be careful.
219	# @return [Boolean] true if successful
220	def activate_mediated_deposit(admin_set, workflow_name = "emory_one_step_approval")	4✔
221	osmd = admin_set.permission_template.available_workflows.where(name: workflow_name).first	56✔
222	if osmd.active == true	56✔
223	logger.debug "AdminSet #{admin_set.title.first} already had workflow #{admin_set.permission_template.available_workflows.where(active: true).first.name}. Not making any changes."	49✔
224	return true	49✔
225	end
226	Sipity::Workflow.activate!(	7✔
227	permission_template: admin_set.permission_template,
228	workflow_id: osmd.id
229	)
230	logger.debug "AdminSet #{admin_set.title.first} has workflow #{admin_set.permission_template.available_workflows.where(active: true).first.name}"	7✔
231	true	7✔
232	end
233
234	# Return an array of AdminSets that should be set up for the initial workflow
235	# @return [Array(String)]
236	def admin_sets	4✔
237	@admin_sets_config.keys	46✔
238	end
239
240	# Given the name of a school, read its config into a Hash
241	# @param [String] the name of an admin_set
242	# @return [Hash] a Hash containing approvers and (optionally) workflow for this school
243	def admin_set_config(school_name)	4✔
244	raise "Couldn't find expected config for #{school_name}" unless @admin_sets_config[school_name]	54✔
245	@admin_sets_config[school_name]	53✔
246	end
247	end

curationexperts / laevigata / 0472845a-eeb8-4039-9976-1e3b969bb5f1

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous