Merge pull request #1013 from sul-dlss/remove-read

app/controllers/file_controller.rb

@@ -10,7 +10,7 @@ class FileController < ApplicationController
   def show
     return unless stale?(**cache_headers)
 
-    authorize! :read, current_file
+    authorize! :download, current_file
     expires_in 10.minutes
     response.headers['Accept-Ranges'] = 'bytes'
     response.headers['Content-Length'] = current_file.content_length
@@ -55,7 +55,7 @@ def cache_headers
     {
       etag: [current_file.etag, current_user.try(:etag)],
       last_modified: current_file.mtime,
-      public: anonymous_ability.can?(:read, current_file),
+      public: anonymous_ability.can?(:download, current_file),
       template: false
     }
   end

app/models/ability.rb

@@ -43,7 +43,7 @@ def initialize(user)
 
     models = [StacksFile, StacksImage, StacksMediaStream]
 
-    can [:download, :read], models do |f|
+    can :download, models do |f|
       value, rule = f.rights.world_rights_for_file f.file_name
 
       value && (rule.nil? || rule != Dor::RightsAuth::NO_DOWNLOAD_RULE)
@@ -56,7 +56,7 @@ def initialize(user)
     end
 
     if user.stanford?
-      can [:download, :read], models do |f|
+      can :download, models do |f|
         value, rule = f.rights.stanford_only_rights_for_file f.file_name
 
         value && (rule.nil? || rule != Dor::RightsAuth::NO_DOWNLOAD_RULE)
@@ -70,7 +70,7 @@ def initialize(user)
     end
 
     if user.app_user?
-      can [:download, :read], models do |f|
+      can :download, models do |f|
         value, rule = f.rights.agent_rights_for_file f.file_name, user.id
 
         value && (rule.nil? || rule != Dor::RightsAuth::NO_DOWNLOAD_RULE)
@@ -84,7 +84,7 @@ def initialize(user)
     end
 
     if user.locations.present?
-      can [:download, :read], models do |f|
+      can :download, models do |f|
         user.locations.any? do |location|
           value, rule = f.rights.location_rights_for_file(f.file_name, location)
           value && (rule.nil? || rule != Dor::RightsAuth::NO_DOWNLOAD_RULE)