Implemented the file use model with access control for file downloads. #129
Conversation
There was a problem hiding this comment.
Added some comments/questions. I think my only overall concern is the number of upstream classes that we seem to be overriding. So my questions are largely targeted around trying to understand the large set of overrides.
Perhaps there isn't an alternative, but I admittedly worry a bit about the sustainability/upgrade path. Hoping @VivianChu and @hweng can take a look as well.
This is not to discount the work on this, really great job @lsitu 👍
| @@ -0,0 +1,33 @@ | |||
| # Actions are decoupled from controller logic so that they may be called from a controller or a background job. | |||
| class FileSetAttachFilesActor < Hyrax::Actors::FileSetActor | |||
There was a problem hiding this comment.
What change was needed here that required us overriding the (presumably) upstream FileSetAttachFilesActor?
There was a problem hiding this comment.
I think we just extend/override the Hyrax::Actors::FileSetActor to accept a relation/file use parameter.
| module Hyrax | ||
| module Actors | ||
| # Creates a work and attaches files to the work | ||
| class CreateWithFilesActor < Hyrax::Actors::AbstractActor |
There was a problem hiding this comment.
What change was needed here that required us overriding the (presumably) upstream CreateWithFilesActor ?
There was a problem hiding this comment.
I think we need to override it to extract file uses attributes from the object metadata and extend method attach_files(files, env, file_uses) to accept the file uses parameter for ingest.
| module Hyrax | ||
| module Actors | ||
| # Attaches remote files to the work | ||
| class CreateWithRemoteFilesActor < Hyrax::Actors::AbstractActor |
There was a problem hiding this comment.
What change was needed here that required us overriding the (presumably) upstream CreateWithRemoteFilesActor?
There was a problem hiding this comment.
The same as above to extract file uses from object metadata and extend it to accept the file uses properties for ingest.
| # return [binary] | ||
| def relation_content(relation) | ||
| case relation | ||
| when 'preservation_master_file' |
There was a problem hiding this comment.
Could preservation_master_file be a constant instead of a plain string? Perhaps available via the new ExtendedContainedFiles
There was a problem hiding this comment.
Done in commit e8696d3. Thanks.
| when 'preservation_master_file' | ||
| preservation_master_file = asset.attached_files.base.preservation_master_file | ||
| return preservation_master_file if preservation_master_file | ||
| when 'transcript' |
There was a problem hiding this comment.
Could transcript be a constant instead of a plain string? Perhaps available via the new ExtendedContainedFiles
There was a problem hiding this comment.
Also done in commit e8696d3. Thanks.
| @@ -0,0 +1,75 @@ | |||
| # Converts UploadedFiles into FileSets and attaches them to works. | |||
| class AttachFilesToFileSetJob < AttachFilesToWorkJob | |||
There was a problem hiding this comment.
What change was needed here that required us overriding the (presumably) upstream AttachFilesToFileSetJob?
There was a problem hiding this comment.
I think we need to extend the functionality to accept the file use parameter and perform ingest files with those files use properties provided as well.
|
|
||
| def download_file_permission | ||
| can :read, ActiveFedora::File do |file| | ||
| file.mime_type == 'image/tiff' ? false : true |
There was a problem hiding this comment.
Why is this check specifically targeting image/tiff? What are we trying to prevent here? The download of source/master files?
There was a problem hiding this comment.
This is implemented because Ryan's comment for not allowing public users to download the TIFF files, see #111 (comment),.
There was a problem hiding this comment.
I see. So is this the primarily place where we're ensuring original_file's aren't downloaded by non-curators?
Because if so, it seems like we have far more file types than tiff which would fall under this check. My reading of Ryan's comment is tiff was just a (common) example. Not the sole use case or instance where we have this use case. And, it also seems like it would be nice if we could check the file_use instead of the mime_type to determine download-ability? Should we clarify with Ryan?
There was a problem hiding this comment.
@mcritchlow Yes, this is one and there could be the videos/audios as well. But it will require deeper and tricker overriding in the derivative creative and technical metadata extraction layer if we change the strategic to ingest a primary file with File Use other than the OriginalFile, which will make it harder for us to maintain our codes over time. So it seems like checking for mime_type la cleaner solution for us at the moment.
| @@ -2,4 +2,54 @@ | |||
|
|
|||
| class FileSetIndexer < Hyrax::FileSetIndexer | |||
| self.thumbnail_path_service = ::ThumbnailPathService | |||
|
|
|||
| def generate_solr_document | |||
There was a problem hiding this comment.
was there previously no Solr document content generated for FileSets? Or are we overriding what was there and generating our own here?
There was a problem hiding this comment.
I think hyrax does have solr document generate for FileSets but unfortunately it won't support ingest/store multiples files in one fileset at this time. And there are no strategic to store technical metadata for other files other than the original file in the same fileset. So we need to extend it to include technical metadata for all other files in Solr document so that we can expose them for UI displaying.
There was a problem hiding this comment.
Ok, that makes sense. Thanks for clarifying 👍
| # download that file and put it into Fedora | ||
| # Called by AttachFilesToWorkJob (when files are uploaded to s3) | ||
| # and CreateWithRemoteFilesActor when files are located in some other service. | ||
| class ImportUrlWithFileUseJob < ::ImportUrlJob |
There was a problem hiding this comment.
What change was needed here that required us overriding the (presumably) upstream ImportUrlWithFileUseJob?
There was a problem hiding this comment.
I think the main purpose for overriding here is also to extend the functionality to accept the file_use/relation parameter and ingest the file with the file use specified
lsitu
force-pushed
the
feature/file_uses
branch
from
a7ccba9 to
e8696d3
Compare
TIFF with curator only access restriction.
|
👍 |
|
Noting @lsitu 's post on samvera google group which finally got some discussion going. I'm going to attend the tech call tomorrow to get more feedback from folks. Then we can circle back and discuss next steps with this. So let's hold the merge for now, please. |
Fixes #111 ; refs #111
Implemented the file use model with access control for file downloads.
Changes proposed in this pull request:
@ucsdlib/developers - please review