Remove tests for impossible SDR rights combinations

sul-dlss · Nov 7, 2023 · 754c97a · 754c97a
1 parent 561e51e
commit 754c97a
Showing 1 changed file with 33 additions and 179 deletions.
diff --git a/spec/abilities/ability_spec.rb b/spec/abilities/ability_spec.rb
@@ -435,190 +435,44 @@
     end
   end
 
-  describe 'for multiple read access declarations' do
-    context 'with stanford read access and location based read access with download restriction' do
-      let(:rights_xml) do
-        <<-EOF.strip_heredoc
-        <rightsMetadata>
-          <access type="read">
-            <machine>
-              <group>Stanford</group>
-            </machine>
-            <machine>
-              <location rule="no-download">location1</location>
-            </machine>
-          </access>
-        </rightsMetadata>
-        EOF
-      end
-
-      context 'for a stanford webauth user at an unknown location' do
-        let(:user) { User.new(id: 'a', webauth_user: true, ldap_groups: %w(stanford:stanford)) }
-
-        it { is_expected.to be_able_to(:download, file) }
-        it { is_expected.to be_able_to(:download, image) }
-        it { is_expected.to be_able_to(:read, tile) }
-        it { is_expected.to be_able_to(:stream, media) }
-        it { is_expected.to be_able_to(:access, file) }
-        it { is_expected.to be_able_to(:read_metadata, image) }
-        it { is_expected.to be_able_to(:read, thumbnail) }
-        it { is_expected.to be_able_to(:read, square_thumbnail) }
-      end
-
-      context 'for an anonymous user from a configured location' do
-        let(:user) { User.new(ip_address: 'ip.address1') }
-
-        it { is_expected.not_to be_able_to(:download, file) }
-        it { is_expected.not_to be_able_to(:download, image) }
-        it { is_expected.to be_able_to(:read, tile) }
-        it { is_expected.to be_able_to(:stream, media) }
-        it { is_expected.to be_able_to(:access, file) }
-        it { is_expected.to be_able_to(:read_metadata, image) }
-        it { is_expected.to be_able_to(:read, thumbnail) }
-        it { is_expected.to be_able_to(:read, square_thumbnail) }
-      end
-
-      context 'for a stanford webauth user from a configured location' do
-        let(:user) do
-          User.new(id: 'a', webauth_user: true, ldap_groups: %w(stanford:stanford), ip_address: 'ip.address1')
-        end
-
-        it { is_expected.to be_able_to(:download, file) }
-        it { is_expected.to be_able_to(:download, image) }
-        it { is_expected.to be_able_to(:read, tile) }
-        it { is_expected.to be_able_to(:stream, media) }
-        it { is_expected.to be_able_to(:access, file) }
-        it { is_expected.to be_able_to(:read_metadata, image) }
-        it { is_expected.to be_able_to(:read, thumbnail) }
-        it { is_expected.to be_able_to(:read, square_thumbnail) }
-      end
-
-      context 'for a non-stanford webauth user from a configured location' do
-        let(:user) do
-          User.new(id: 'a', webauth_user: true, ldap_groups: %w(stanford:sponsored), ip_address: 'ip.address1')
-        end
-
-        it { is_expected.not_to be_able_to(:download, file) }
-        it { is_expected.not_to be_able_to(:download, image) }
-        it { is_expected.to be_able_to(:read, tile) }
-        it { is_expected.to be_able_to(:stream, media) }
-        it { is_expected.to be_able_to(:access, file) }
-        it { is_expected.to be_able_to(:read_metadata, image) }
-        it { is_expected.to be_able_to(:read, thumbnail) }
-        it { is_expected.to be_able_to(:read, square_thumbnail) }
-      end
-
-      context 'for a non-stanford webauth user from an unknown location' do
-        let(:user) do
-          User.new(id: 'a', webauth_user: true, ldap_groups: %w(stanford:sponsored), ip_address: 'another.unknown.ip')
-        end
-
-        it { is_expected.not_to be_able_to(:download, file) }
-        it { is_expected.not_to be_able_to(:download, image) }
-        it { is_expected.not_to be_able_to(:read, tile) }
-        it { is_expected.not_to be_able_to(:stream, media) }
-        it { is_expected.not_to be_able_to(:access, file) }
-        it { is_expected.to be_able_to(:read_metadata, image) }
-        it { is_expected.to be_able_to(:read, thumbnail) }
-        it { is_expected.to be_able_to(:read, square_thumbnail) }
-      end
+  context 'with world (no-download), and full access for stanford users' do
+    let(:rights_xml) do
+      <<-EOF.strip_heredoc
+      <rightsMetadata>
+        <access type="read">
+          <machine>
+            <world rule="no-download"/>
+          </machine>
+          <machine>
+            <group>Stanford</group>
+          </machine>
+        </access>
+      </rightsMetadata>
+      EOF
     end
 
-    context 'with two locations configured for read access, including one with a no-download rule' do
-      let(:rights_xml) do
-        <<-EOF.strip_heredoc
-        <rightsMetadata>
-          <access type="read">
-            <machine>
-              <location rule="no-download">location1</location>
-            </machine>
-            <machine>
-              <location>location2</location>
-            </machine>
-          </access>
-        </rightsMetadata>
-        EOF
-      end
-
-      context 'for an anonymous user user from the first configured location' do
-        let(:user) { User.new(ip_address: 'ip.address2') }
-
-        it { is_expected.not_to be_able_to(:download, file) }
-        it { is_expected.not_to be_able_to(:download, image) }
-        it { is_expected.to be_able_to(:read, tile) }
-        it { is_expected.to be_able_to(:stream, media) }
-        it { is_expected.to be_able_to(:access, file) }
-        it { is_expected.to be_able_to(:read_metadata, image) }
-        it { is_expected.to be_able_to(:read, thumbnail) }
-        it { is_expected.to be_able_to(:read, square_thumbnail) }
-      end
-
-      context 'for an anonymous user user from the second configured location' do
-        let(:user) { User.new(ip_address: 'ip.address4') }
-
-        it { is_expected.to be_able_to(:download, file) }
-        it { is_expected.to be_able_to(:download, image) }
-        it { is_expected.to be_able_to(:read, tile) }
-        it { is_expected.to be_able_to(:stream, media) }
-        it { is_expected.to be_able_to(:access, file) }
-        it { is_expected.to be_able_to(:read_metadata, image) }
-        it { is_expected.to be_able_to(:read, thumbnail) }
-        it { is_expected.to be_able_to(:read, square_thumbnail) }
-      end
-
-      context 'for an anonymous user user from an unrecognized location' do
-        let(:user) { User.new(ip_address: 'another.unknown.ip') }
-
-        it { is_expected.not_to be_able_to(:download, file) }
-        it { is_expected.not_to be_able_to(:download, image) }
-        it { is_expected.not_to be_able_to(:read, tile) }
-        it { is_expected.not_to be_able_to(:stream, media) }
-        it { is_expected.not_to be_able_to(:access, file) }
-        it { is_expected.to be_able_to(:read_metadata, image) }
-        it { is_expected.to be_able_to(:read, thumbnail) }
-        it { is_expected.to be_able_to(:read, square_thumbnail) }
-      end
+    context 'for an anonymous user' do
+      it { is_expected.not_to be_able_to(:download, file) }
+      it { is_expected.not_to be_able_to(:download, image) }
+      it { is_expected.to be_able_to(:read, tile) }
+      it { is_expected.to be_able_to(:stream, media) }
+      it { is_expected.to be_able_to(:access, file) }
+      it { is_expected.to be_able_to(:read_metadata, image) }
+      it { is_expected.to be_able_to(:read, thumbnail) }
+      it { is_expected.to be_able_to(:read, square_thumbnail) }
     end
 
-    context 'with world (no-download), and full access for stanford users' do
-      let(:rights_xml) do
-        <<-EOF.strip_heredoc
-        <rightsMetadata>
-          <access type="read">
-            <machine>
-              <world rule="no-download"/>
-            </machine>
-            <machine>
-              <group>Stanford</group>
-            </machine>
-          </access>
-        </rightsMetadata>
-        EOF
-      end
-
-      context 'for an anonymous user' do
-        it { is_expected.not_to be_able_to(:download, file) }
-        it { is_expected.not_to be_able_to(:download, image) }
-        it { is_expected.to be_able_to(:read, tile) }
-        it { is_expected.to be_able_to(:stream, media) }
-        it { is_expected.to be_able_to(:access, file) }
-        it { is_expected.to be_able_to(:read_metadata, image) }
-        it { is_expected.to be_able_to(:read, thumbnail) }
-        it { is_expected.to be_able_to(:read, square_thumbnail) }
-      end
-
-      context 'for a stanford webauth user' do
-        let(:user) { User.new(id: 'a', webauth_user: true, ldap_groups: %w(stanford:stanford)) }
+    context 'for a stanford webauth user' do
+      let(:user) { User.new(id: 'a', webauth_user: true, ldap_groups: %w(stanford:stanford)) }
 
-        it { is_expected.to be_able_to(:download, file) }
-        it { is_expected.to be_able_to(:download, image) }
-        it { is_expected.to be_able_to(:read, tile) }
-        it { is_expected.to be_able_to(:stream, media) }
-        it { is_expected.to be_able_to(:access, file) }
-        it { is_expected.to be_able_to(:read_metadata, image) }
-        it { is_expected.to be_able_to(:read, thumbnail) }
-        it { is_expected.to be_able_to(:read, square_thumbnail) }
-      end
+      it { is_expected.to be_able_to(:download, file) }
+      it { is_expected.to be_able_to(:download, image) }
+      it { is_expected.to be_able_to(:read, tile) }
+      it { is_expected.to be_able_to(:stream, media) }
+      it { is_expected.to be_able_to(:access, file) }
+      it { is_expected.to be_able_to(:read_metadata, image) }
+      it { is_expected.to be_able_to(:read, thumbnail) }
+      it { is_expected.to be_able_to(:read, square_thumbnail) }
     end
   end