Support self editor profile matching by using External Auth ID
- Other Relevant Links (Mailing list discussion, related pull requests, etc.) Vitro PR
What does this pull request do?
Fixes broken profile linking made by using External Auth ID.
What's new?
- Refactored PolicyHelper and AuthorizationRequest to use UserAccount instead of of IdentifierBundle.
- Modified SparqlSelectQueryResultsChecker to support queries that contain externalAuthId and matchingPropertyUri
- Modified existing policies to find related profiles by using External Auth ID
How should this be tested?
- Reproduce the problem described in the issue
- Apply Vitro PR and this PR, build VIVO
- Create a self editor user account and 2 profiles, link user account with one of created profiles by using External Auth ID
- In both profiles add/create one new publication.
- Log in as a self edtor, check that user can edit his own profile and can't edit not related profile
- As a self editor check that publication related to owned profile is editable and publication not related to the profile is not editable
- As a root user on Property Editing Form of the property that is used to show publication in the profile click checkbox "Suppress Display for this property in unrelated individuals".
- As a self editor check that property is still visible in owned profile and not visible in not related profile
- As a root user on Class Editing Form of the publication class click checkbox "Suppress Display for not related individual pages of class".
- As a self editor check that related publication profile is still accessible and editable and not related publication profile is not accessible (redirects to home page)
Interested parties
@VIVO-project/vivo-committers