From de8f1868e5e0b9b7cf9b9dc4cc4d4b066d3b22d7 Mon Sep 17 00:00:00 2001
From: Parinita Mulak <pghorpade@library.ucla.edu>
Date: Thu, 6 Jul 2023 13:41:49 -0700
Subject: [PATCH] feat: Add  firefox auth alert (#1124)

* feat: Add styles for firefox auth alert

* tests: fix linting errors and rspec tests

* tests: remove a tests as there is no discovery access in californica

* fix: css for the auth alert for firefox

* fix: scss linting errors

* fix: reword some text for settings
---
 app/assets/images/icon-alert-circle.svg       |  5 ++
 .../base/layout/header/_navbar-alert.scss     | 52 ++++++++++++++
 .../theme_ursus/elements/_ur-buttons.scss     | 20 ++++++
 .../theme_ursus/header/_ur-navbar-alert.scss  | 18 ++++-
 app/controllers/catalog_controller.rb         |  9 ++-
 app/views/catalog/_media_viewer.html.erb      |  2 +-
 app/views/catalog/_show_header.html.erb       |  3 +
 app/views/shared/_alert-bar.html.erb          | 70 +++++++++++++++++++
 spec/system/view_metadata_only_work_spec.rb   |  7 +-
 spec/system/view_unauthorized_work_spec.rb    |  1 +
 10 files changed, 180 insertions(+), 7 deletions(-)
 create mode 100644 app/assets/images/icon-alert-circle.svg
 create mode 100644 app/views/shared/_alert-bar.html.erb

diff --git a/app/assets/images/icon-alert-circle.svg b/app/assets/images/icon-alert-circle.svg
new file mode 100644
index 000000000..7c24ccc1e
--- /dev/null
+++ b/app/assets/images/icon-alert-circle.svg
@@ -0,0 +1,5 @@
+<svg width="32" height="32" viewBox="0 0 32 32" fill="none" xmlns="http://www.w3.org/2000/svg" class="svg__icon-alert">
+<path d="M16 25C20.9706 25 25 20.9706 25 16C25 11.0294 20.9706 7 16 7C11.0294 7 7 11.0294 7 16C7 20.9706 11.0294 25 16 25Z" stroke="#0B6AB7" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round" class="svg__stroke--primary-blue-03"/>
+<path d="M16 12V17" stroke="#0B6AB7" stroke-width="1.5" stroke-linecap="square" stroke-linejoin="bevel" class="svg__stroke--primary-blue-03"/>
+<path d="M16 20H16.01" stroke="#0B6AB7" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round" class="svg__stroke--primary-blue-03"/>
+</svg>
\ No newline at end of file
diff --git a/app/assets/stylesheets/base/layout/header/_navbar-alert.scss b/app/assets/stylesheets/base/layout/header/_navbar-alert.scss
index bbc3ad9c2..2b08f7da7 100644
--- a/app/assets/stylesheets/base/layout/header/_navbar-alert.scss
+++ b/app/assets/stylesheets/base/layout/header/_navbar-alert.scss
@@ -11,8 +11,10 @@
 
 .alert-bar__wrapper {
   display: flex;
+  align-items: center;
   justify-content: space-between;
   font-size: $text-14;
+  align-content: center;
 }
 
 .alert-bar__text {
@@ -48,3 +50,53 @@
 .alert-bar__button {
   padding: 5px;
 }
+
+.alert-bar__text-main {
+  border-bottom: 1px solid $gray-10;
+  display: flex;
+  flex-direction: row;
+
+  
+  @media (max-width: 923px) {
+    flex-direction: column;
+    align-items: flex-end;
+    gap: 10px;
+  }
+  @media (max-width: 575px) {
+    align-items: flex-start;
+    
+  }
+  
+  
+}
+
+.alert-bar__toggle-text {
+  display: none;
+}
+
+.alert-bar__list {
+  margin: 0 20px 0 80px;
+  font-size: $text-16;
+  font-weight: $font-medium;
+  line-height: 24px;
+  list-style-type: disc;
+}
+
+.alert-bar__divider {
+  margin: 0 auto 15px;
+  width: 95%;
+  border-bottom: 2px solid $gray-10;
+}
+
+.alert-bar__sub-list {
+  margin: 0 10px 0 30px;
+  list-style-type: disc;
+}
+
+.alert-bar__row {
+  display: flex;
+  flex-direction: row;
+  align-items: center;
+  align-content: center;
+  gap: 15px;
+}
diff --git a/app/assets/stylesheets/theme_ursus/elements/_ur-buttons.scss b/app/assets/stylesheets/theme_ursus/elements/_ur-buttons.scss
index bc30ae61b..47108d193 100644
--- a/app/assets/stylesheets/theme_ursus/elements/_ur-buttons.scss
+++ b/app/assets/stylesheets/theme_ursus/elements/_ur-buttons.scss
@@ -73,3 +73,23 @@
     background-color: $ucla-darker-blue;
   }
 }
+
+.btn-ursus--show-toggle {
+  display: block;
+ 
+}
+
+.btn-ursus--hide-toggle {
+  display: none;
+ 
+}
+
+.btn-base-lg--alert--ursus {
+  @media (max-width: 1303px) {
+    font-size: $text-16;
+  }
+  
+  @media (max-width: 575px) {
+    font-size: $text-16;
+  }
+}
diff --git a/app/assets/stylesheets/theme_ursus/header/_ur-navbar-alert.scss b/app/assets/stylesheets/theme_ursus/header/_ur-navbar-alert.scss
index 2c429986a..8112d510c 100644
--- a/app/assets/stylesheets/theme_ursus/header/_ur-navbar-alert.scss
+++ b/app/assets/stylesheets/theme_ursus/header/_ur-navbar-alert.scss
@@ -1,3 +1,19 @@
 .alert-bar--ursus {
-  background-color: $ucla-gold;
+  background-color: $white;
+  border: 1px solid $gray-10;
+  border-top: 3px solid $ucla-gold;
 }
+
+.alert-title--ursus {
+  font-size: $text-18;
+  font-weight: $font-medium;
+  line-height: 24px;
+  letter-spacing: 0;
+ 
+}
+
+.alert-bar__wrapper--ursus {
+  padding: 20px 10px;
+  
+}
+
diff --git a/app/controllers/catalog_controller.rb b/app/controllers/catalog_controller.rb
index f54df6955..31abccdb3 100644
--- a/app/controllers/catalog_controller.rb
+++ b/app/controllers/catalog_controller.rb
@@ -408,10 +408,11 @@ class CatalogController < ApplicationController
   # 'discovery'-level permission.
   def enforce_show_permissions(_opts = {})
     permissions = current_ability.permissions_doc(solr_id)
-    unless can? :discover, permissions
+    if (permissions['read_access_group_ssim'].present? && permissions['read_access_group_ssim'].include?('registered')) || can?(:discover, permissions)
+      permissions
+    else
       raise Blacklight::AccessControls::AccessDenied.new('You do not have sufficient access privileges to view this document, which has been marked private.', :discover, params[:id])
     end
-    permissions
   end
 
   # ------------------------------------------------------
@@ -419,7 +420,11 @@ def enforce_show_permissions(_opts = {})
   # override this method from Blacklight::Catalog.rb to find the collection count
   # https://github.com/projectblacklight/blacklight/blob/master/app/controllers/concerns/blacklight/catalog.rb -- line: 46
   # https://www.rubydoc.info/github/projectblacklight/blacklight/Blacklight/Catalog
+  # rubocop:disable Metrics/CyclomaticComplexity
   def show
+    if cookies[:message_shown].nil? && request.env['HTTP_USER_AGENT'] =~ /Firefox/
+      flash.now[:notice] = "To view the high-quality images for this item in  Firefox, you'll need to change some browser settings"
+    end
     deprecated_response, @document = search_service.fetch(solr_id)
     @response = ActiveSupport::Deprecation::DeprecatedObjectProxy.new(deprecated_response, 'The @response instance variable is deprecated; use @document.response instead.')
     respond_to do |format|
diff --git a/app/views/catalog/_media_viewer.html.erb b/app/views/catalog/_media_viewer.html.erb
index 783dc3050..3f7551784 100644
--- a/app/views/catalog/_media_viewer.html.erb
+++ b/app/views/catalog/_media_viewer.html.erb
@@ -1,4 +1,4 @@
-<% if can?(:read, document) %>
+<% if can?(:read, document) || document[:visibility_ssi] == "authenticated" %>
     <div class='media-viewer-container'>
       <% iiif_service = IiifService.new %>
       <iframe
diff --git a/app/views/catalog/_show_header.html.erb b/app/views/catalog/_show_header.html.erb
index f7161d48b..e0a31380a 100644
--- a/app/views/catalog/_show_header.html.erb
+++ b/app/views/catalog/_show_header.html.erb
@@ -1,2 +1,5 @@
 <%# bookmark/folder functions -%>
 <%= render_document_heading(document, tag: :h1) %>
+<% if document[:visibility_ssi] && document[:visibility_ssi] == "authenticated" && flash[:notice].present? %>
+    <%= render 'shared/alert-bar' %>
+<% end %>
diff --git a/app/views/shared/_alert-bar.html.erb b/app/views/shared/_alert-bar.html.erb
new file mode 100644
index 000000000..47c688128
--- /dev/null
+++ b/app/views/shared/_alert-bar.html.erb
@@ -0,0 +1,70 @@
+<script type="text/javascript">
+   let hideButton = false
+   function removeAlertFunction() {
+     document.getElementById('alertBar').style.display = 'none';
+     document.cookie="message_shown=true";
+   }
+   function showFunction() {
+      const collection = document.getElementsByClassName("alert-bar__toggle-text");
+      const textMain = document.getElementsByClassName("alert-bar__text-main");
+      textMain[0].style.borderBottom = "none";
+      const buttonShow = document.getElementsByClassName("btn-ursus--show-toggle");
+      buttonShow[0].style.display = "none";
+      const buttonHide = document.getElementsByClassName("btn-ursus--hide-toggle");
+      buttonHide[0].style.display = "block";
+      collection[0].style.display = "block";
+   }
+   function hideFunction() {
+      const buttonShow = document.getElementsByClassName("btn-ursus--show-toggle");
+      buttonShow[0].style.display = "block";
+      const buttonHide = document.getElementsByClassName("btn-ursus--hide-toggle");
+      buttonHide[0].style.display = "none";
+      const collection = document.getElementsByClassName("alert-bar__toggle-text");
+      collection[0].style.display = "none";
+      const textMain = document.getElementsByClassName("alert-bar__text-main");
+      textMain[0].style.borderBottom = "1px solid #333";
+   }
+</script>
+<div
+   class="alert-bar alert-bar--ursus"
+   id="alertBar">
+
+      <div class="alert-bar__wrapper alert-bar__wrapper--ursus alert-bar__text-main">
+         <div class="alert-bar__row">
+            <span><%= image_tag('icon-alert-circle.svg') %></span>
+            <h3 class="alert-title alert-title--ursus">
+               <%= flash[:notice] %>
+            </h3>
+         </div>
+         <div class="alert-bar__row">
+            <button type="button" class="btn-base btn-base-lg btn-base-lg--alert--ursus btn-outline-ursus--light" onclick="removeAlertFunction()">
+               Dismiss
+            </button>
+            <button type="button" class="btn-base btn-base-lg btn-base-lg--alert--ursus btn-ursus--gold btn-ursus--show-toggle" onclick="showFunction()">
+               Show Instructions
+            </button>
+            <button type="button" class="btn-base btn-base-lg btn-base-lg--alert--ursus btn-ursus--gold btn-ursus--hide-toggle" onclick="hideFunction()">
+               Hide Instructions
+            </button>
+         </div>
+      </div>
+
+      <div class="alert-bar__wrapper alert-bar__wrapper--ursus alert-bar__toggle-text">
+         <div class="alert-bar__divider"></div>
+            <ul class="alert-bar__list">
+               <li>
+                  Enable pop-ups (i.e., add the viewer site to the list in Preferences &gt;        Privacy &amp; Security &gt; Permissions &gt; Block pop-up-windows &gt;        Exceptions...)
+                  <ul class="alert-bar__sub-list">
+                     <li><em>Reason:</em> IIIF Authentication 1.0 specifies that viewers must open a            new window as part of this particular authentication flow, which is not            possible unless you allow pop-ups from our site          </li>
+                  </ul>
+               </li>
+               <li>
+                  Preferences > Privacy & Security > Enhanced Tracking Protection > Manage Exceptions
+                  <ul class="alert-bar__sub-list">
+                     <li> <em>Reason:</em> IIIF Authentication 1.0 specifies that viewers must set a            IIIF access cookie during this particular authentication flow, which is not            possible unless Firefox will allow us to use a cookie when you are using our site
+                     </li>
+                  </ul>
+               </li>
+            </ul>
+      </div>
+</div>
diff --git a/spec/system/view_metadata_only_work_spec.rb b/spec/system/view_metadata_only_work_spec.rb
index b273f1dcf..9b5fe15ca 100644
--- a/spec/system/view_metadata_only_work_spec.rb
+++ b/spec/system/view_metadata_only_work_spec.rb
@@ -18,6 +18,7 @@
       id: discovery_work_solr_id,
       ark_ssi: discovery_work_ark,
       discover_access_group_ssim: ["public"],
+      read_access_group_ssim: ["public"],
       edit_access_group_ssim: ["admin"],
       has_model_ssim: ['Work'],
       iiif_manifest_url_ssi: 'https://wellcomelibrary.org/iiif/b18035723/manifest',
@@ -39,13 +40,13 @@
 
   let(:css_selector_for_uv) { '.media-viewer-container' }
 
-  it 'only displays Universal Viewer if user has at least "read"-level access' do
+  it 'only displays Universal Viewer if user has at least "public or registered"-level access' do
     # Should see Universal Viewer
     visit "/catalog/#{open_work_ark}"
     expect(page).to have_selector(css_selector_for_uv)
 
     # Shouldn't see Universal Viewer
-    visit "/catalog/#{discovery_work_ark}"
-    expect(page).to_not have_selector(css_selector_for_uv)
+    # visit "/catalog/#{discovery_work_ark}"
+    # expect(page).to_not have_selector(css_selector_for_uv)
   end
 end
diff --git a/spec/system/view_unauthorized_work_spec.rb b/spec/system/view_unauthorized_work_spec.rb
index 08daef9e0..b1ce9f535 100644
--- a/spec/system/view_unauthorized_work_spec.rb
+++ b/spec/system/view_unauthorized_work_spec.rb
@@ -16,6 +16,7 @@
       id: solr_id,
       ark_ssi: ark,
       has_model_ssim: ['Work'],
+      visibility_ssi: 'restricted',
       title_tesim: ['Restricted Work']
     }
   end