send basic access restriction info along with successful auth check r…

…esponse useful for indicating restrictions that would apply for other users even if current user is logged in
sul-dlss · Nov 21, 2023 · 27bd577 · 27bd577
1 parent f242222
commit 27bd577
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 1 deletion.
diff --git a/app/controllers/media_controller.rb b/app/controllers/media_controller.rb
@@ -48,7 +48,16 @@ def allowed_params
 
   def hash_for_auth_check
     if can? :stream, current_media
-      { status: :success, token: URI.encode_www_form_component(encrypted_token) }
+      {
+        status: :success,
+        token: URI.encode_www_form_component(encrypted_token),
+        access_restrictions: {
+          stanford_restricted: current_media.stanford_restricted?,
+          restricted_by_location: current_media.restricted_by_location?,
+          embargoed: current_media.embargoed?,
+          embargo_release_date: current_media.embargo_release_date
+        }
+      }
     else
       MediaAuthenticationJson.new(
         user: current_user,

diff --git a/spec/controllers/media_controller_spec.rb b/spec/controllers/media_controller_spec.rb
@@ -106,6 +106,17 @@
         expect(body['status']).to eq 'success'
         expect(body['token']).to eq 'sekret-token'
       end
+
+      it 'still returns info about applicable access restrictions' do
+        get :auth_check, params: { id:, file_name:, format: :js }
+        body = JSON.parse(response.body)
+        expect(body['access_restrictions']).to eq({
+                                                    'stanford_restricted' => false,
+                                                    'restricted_by_location' => false,
+                                                    'embargoed' => false,
+                                                    'embargo_release_date' => nil
+                                                  })
+      end
     end
   end
 end
diff --git a/spec/requests/media_auth_request_spec.rb b/spec/requests/media_auth_request_spec.rb
@@ -68,6 +68,11 @@
       expect(response.parsed_body['status']).to eq 'success'
       expect(response.parsed_body['token']).to match(/^[%a-zA-Z0-9]+/)
     end
+
+    it 'still indicates that the object is stanford restricted' do
+      get "/media/#{druid}/file.#{format}/auth_check"
+      expect(response.parsed_body['access_restrictions']['stanford_restricted']).to eq true
+    end
   end
 
   context 'when the user is not authenticated' do