search

samvera / hyrax

Hyrax is a Ruby on Rails Engine built by the Samvera community. Hyrax provides a foundation for creating many different digital repository applications.
http://hyrax.samvera.org/
Apache License 2.0
185 stars 124 forks source link

Transfer work: permissions not retained when granted by the receiving user #6882

Closed eporter23 closed 2 months ago

eporter23 commented 3 months ago

Descriptive summary

In Sirenia, if a user transfers their work, and the receiving user accepts the transfer and selects the option to allow the original depositor to retain access, the access is not granted.

Steps to reproduce the behavior in User Interface (UI)

See also QA testing steps for W_1.14

  1. Login as basic_user (non-Admin)
  2. Go to the Dashboard > Works
  3. Click on the Actions menu, and select Transfer ownership of work
  4. Complete the steps to transfer the work to another user (admin user)
  5. Login as the admin user
  6. Go to Your Activity > Transfers
  7. Accept the transfer, and select the option to allow the original depositor to retain access
  8. Login as the basic_user
  9. Go to Your Activity > Transfers
  10. Click on the work you just transferred
  11. See "Unauthorized - the page you have tried to access is private" message

Actual behavior (include screenshots if available)

Sirenia docker image (Hyrax 5.0.1)

Acceptance Criteria/Expected Behavior

Rationale (for feature request only)

Provide the rationale or user story that describes "why" this issue should be addressed. Especially if this is a new feature or significant change to the existing implementation.

Work transfers should continue to function as expected across all versions of Hyrax.

Related work

Link to related issues or prior related work here.

rjkati commented 2 months ago

This is no longer able to be reproduced in the valkyrie_fedora_fix branch