Address key length issue with refworks/bookmarks after ruby upgrade (#…

…1562) Monkey patch BookmarksController#export_secret_token to use AS::KeyGenerator and set a 32 bit key Also add some bookmark feature tests so that we can catch regressions of this feature. Consistant style of bookmarks actions
ualbertalib · Mar 29, 2019 · 209ac57 · 209ac57
1 parent 8dfbb16
commit 209ac57
Show file tree

Hide file tree

Showing 6 changed files with 154 additions and 6 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,7 @@ and releases in Discovery project adheres to [Semantic Versioning](http://semver
 
 ### Fixed
 - use safe navigation operator fixes nil error in Symphony Service summary holdings [#1571](https://github.com/ualbertalib/discovery/issues/1571)
+- refworks export with encrypted user behavior restored [#1549](https://github.com/ualbertalib/discovery/issues/1549)
 
 ## [3.0.104] - 2019-03-27
 ### Fixed

diff --git a/app/controllers/bookmarks_controller.rb b/app/controllers/bookmarks_controller.rb
@@ -1,8 +1,21 @@
-
 class BookmarksController < CatalogController
   include Blacklight::Bookmarks
 
   def action_success_redirect_path
     bookmarks_path
   end
+
+  # monkey patch this method which is throwing `key must be 32 bytes` error after upgrading to Ruby 2.5
+  def export_secret_token(salt)
+    secret_key_generator.generate_key(salt)[0..(ActiveSupport::MessageEncryptor.key_len - 1)]
+  end
+
+  # cribbed from https://github.com/projectblacklight/blacklight/blob/8b9041544553ce0dd0d979f9f39f78d94b30b46d/app/controllers/concerns/blacklight/token_based_user.rb#L46-L76
+  def secret_key_generator
+    @secret_key_generator ||= begin
+      # TODO: this is appropriate for Rails <= 5.1
+      # update to Rails.application.credentials.secret_key_base for Rails 5.2+
+      ActiveSupport::KeyGenerator.new(Rails.application.secrets.secret_key_base)
+    end
+  end
 end
diff --git a/app/views/bookmarks/_refworks.html.erb b/app/views/bookmarks/_refworks.html.erb
@@ -1,5 +1,5 @@
 <% if @document_list.any? {|d| d.exports_as? :refworks_marc_txt } %>
-  <li class="refworks">
+  <li class="nav-item">
     <%= link_to t('blacklight.tools.refworks'), refworks_export_url(url: bookmarks_export_url(:refworks_marc_txt, params_for_search)), class: 'btn btn-default', id: 'refworksLink', target: '_blank' %>
   </li>
 <% end %>
diff --git a/app/views/bookmarks/_tools.html.erb b/app/views/bookmarks/_tools.html.erb
@@ -1,10 +1,8 @@
   <ul class="<%= controller_name %>Tools nav nav-pills">
   <%= render_show_doc_actions document_list, document: nil, document_list: @document_list, url_opts: sanitize_search_params(params) do |config, inner| %>
     <li class="nav-item">
-      <%= inner %>
+      <%= inner.insert(3, 'class="btn btn-default"') %>
     </li>
   <% end %>
-
-  <%# March 20 2019: Issue 1549: after the ruby upgdate to 2.5.3, refworks export with encrypted user behavior is broken, we temporarily removed the refwork export to recover the bookmark feature. TO-DO: find a permanent fix for this issue %>
-  <%# = render_marc_tools %> 
+  <%= render_marc_tools %>
 </ul>
diff --git a/spec/features/bookmarks_spec.rb b/spec/features/bookmarks_spec.rb
@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+RSpec.describe 'Bookmarks', type: :feature do
+  describe 'navigating from the homepage' do
+    it 'has a link to the history page' do
+      visit '/'
+      fill_in 'q', with: 'Shakespeare'
+      click_button 'search'
+      click_link 'Go to bookmarks'
+      expect(page).to have_content 'You have no bookmarks'
+    end
+  end
+
+  it 'add and remove bookmarks from search results' do
+    visit '/'
+    fill_in 'q', with: 'Shakespeare'
+    click_button 'search'
+    within first('div.document') do
+      check 'Bookmark'
+      expect(page).to have_content 'In Bookmarks'
+    end
+
+    fill_in 'q', with: 'Shakespeare'
+    click_button 'search'
+    within first('div.document') do
+      uncheck 'In Bookmarks'
+      expect(page).to have_content 'Bookmark'
+    end
+  end
+
+  it 'adds and delete bookmarks from the show page' do
+    VCR.use_cassette('item_result') do
+      visit 'catalog/1001523'
+      expect(page).to have_content 'Bookmark'
+      check 'Bookmark'
+      expect(page).to have_content 'In Bookmarks'
+      uncheck 'In Bookmarks'
+      expect(page).to have_content 'Bookmark'
+    end
+  end
+
+  it 'cites items in current bookmarks page' do
+    VCR.use_cassette('item_result') do
+      visit 'catalog/1001523' # Shakespeare : a historical and critical study with annotated texts of twenty-one plays
+      check 'Bookmark'
+    end
+
+    VCR.use_cassette('item to bookmark') do
+      visit 'catalog/1002481' # Shakespeare at the Globe : 1599-1609 / Bernard Beckerman
+      check 'Bookmark'
+    end
+
+    visit '/bookmarks?per_page=1'
+    expect(page).to have_content 'Shakespeare at the Globe'
+    expect(page).not_to have_content 'Shakespeare : a historical and critical study with annotated texts of twenty-one plays'
+  end
+end
diff --git a/spec/fixtures/vcr_cassettes/item_to_bookmark.yml b/spec/fixtures/vcr_cassettes/item_to_bookmark.yml