reindexing a record will clear acls and permission groups (#6324)

* reindexing a record will clear acls and permission groups/users in the index * Update permission_indexer.rb remove || that will never be reached * ♻️ Improve acl synchronicity with persistence layer * Appeasing rubocop --------- Co-authored-by: Jeremy Friesen <[email protected]> Co-authored-by: Daniel Pierce <[email protected]>
samvera · Feb 1, 2024 · 1fe4a2f · 1fe4a2f
1 parent 322a30c
commit 1fe4a2f
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 5 deletions.
diff --git a/app/indexers/concerns/hyrax/permission_indexer.rb b/app/indexers/concerns/hyrax/permission_indexer.rb
@@ -13,7 +13,7 @@ module PermissionIndexer
     def to_solr
       super.tap do |index_document|
         config      = Hydra.config.permissions
-        permissions = Hyrax::PermissionManager.new(resource: resource)
+        permissions = resource.permission_manager
 
         index_document[config.edit.group] = permissions.edit_groups.to_a
         index_document[config.edit.individual] = permissions.edit_users.to_a

diff --git a/app/services/hyrax/access_control_list.rb b/app/services/hyrax/access_control_list.rb
@@ -48,14 +48,24 @@ def self.AccessControlList(obj)
   #   # => #<Set: {#<Hyrax::Permission access_to=#<Valkyrie::ID:0x000055628b0ae0b8 @id="my_id"> agent="group/public" mode=:read>}>
   class AccessControlList
     ##
-    # @!attribute [rw] resource
+    # @!attribute [r] resource
     #   @return [Valkyrie::Resource]
     # @!attribute [r] persister
     #   @return [#save]
     # @!attribute [r] query_service
     #   @return [#find_inverse_references_by]
     attr_reader :persister, :query_service
-    attr_accessor :resource
+    attr_reader :resource
+
+    ##
+    # @param value [Valkyrie::Resource]
+    # @return [Valkyrie::Resource]
+    def resource=(value)
+      # We need to remove the memoization as the @resource has changed.
+      @change_set = nil
+      @access_control_model = nil
+      @resource = value
+    end
 
     ##
     # @api public
@@ -167,7 +177,14 @@ def save
       return true unless pending_changes?
 
       change_set.sync
-      persister.save(resource: change_set.resource)
+
+      # change_set.resource is a Hyrax::AccessControl
+      #
+      # We're setting the once fetched access_control_model to what was returned, so as to avoid
+      # a refetch
+      @access_control_model = persister.save(resource: change_set.resource)
+
+      # self.resource is a Hyrax::Resource
       Hyrax.publisher.publish('object.acl.updated', acl: self, result: :success)
       @change_set = nil
 
@@ -251,7 +268,7 @@ def from(user_or_group)
     ##
     # @api private
     def access_control_model
-      AccessControl.for(resource: resource, query_service: query_service)
+      @access_control_model ||= AccessControl.for(resource: resource, query_service: query_service)
     end
 
     ##