Access control hot fix (#5060)

* Work around access controls that are missing required items

* backport dependencies

* Catch some other deleted items

.github/dependencies.txt

@@ -32,6 +32,7 @@ libxext
 libxml2-dev
 libxrender
 libxslt-dev
+linux-headers
 nodejs
 npm
 nss
@@ -48,4 +49,5 @@ ttf-droid
 ttf-freefont
 ttf-liberation
 tzdata
+yaml-dev
 yarn

app/models/access_control.rb

@@ -92,18 +92,18 @@ class AccessControl < ApplicationRecord
 
   # If all entities are system entities, this is a system Access Control
   def system?
-    [user_group.system?, role.system?, collection.system?].all?
+    [user_group&.system?, role&.system?, collection&.system?].all?
   end
 
   def name
-    "#{role.name} x #{collection.name} x #{user_group.name}"
+    "#{role&.name || 'missing role'} x #{collection&.name || 'missing collection'} x #{user_group&.name || 'missing user group'}"
   end
 
   def name_as_html
     name_parts = [
-      content_tag(:span, role.name, class: 'badge badge-info font-weight-normal'),
-      content_tag(:span, collection.name, class: 'badge badge-info font-weight-normal'),
-      content_tag(:span, user_group.name, class: 'badge badge-info font-weight-normal'),
+      content_tag(:span, role&.name, class: 'badge badge-info font-weight-normal'),
+      content_tag(:span, collection&.name, class: 'badge badge-info font-weight-normal'),
+      content_tag(:span, user_group&.name, class: 'badge badge-info font-weight-normal'),
     ]
 
     content_tag(
@@ -126,8 +126,8 @@ def self.options_for_select(include_health: true, include_homeless: true)
       end
 
       scope.ordered.each do |control|
-        options[control.role.name] ||= []
-        options[control.role.name] << [control.name, control.id]
+        options[control.role&.name] ||= []
+        options[control.role&.name] << [control.name, control.id]
       end
     end
   end

app/views/admin/access_controls/_table.haml

@@ -17,9 +17,15 @@
       %tbody
         - @access_controls.each do |acl|
           %tr
-            %td= link_to_if can_edit_users? && !acl.user_group.system?, acl.user_group.name, edit_admin_user_group_path(acl.user_group), target: :_blank
-            %td= link_to_if can_edit_roles? && !acl.role.system?, acl.role.name, edit_admin_role_path(acl.role), target: :_blank
-            %td= link_to_if can_edit_collections? && !acl.collection.system?, acl.collection.name, edit_admin_collection_path(acl.collection), target: :_blank
+            %td
+              - if acl.user_group
+                = link_to_if can_edit_users? && !acl.user_group.system?, acl.user_group.name, edit_admin_user_group_path(acl.user_group), target: :_blank
+            %td
+              - if acl.role
+                = link_to_if can_edit_roles? && !acl.role.system?, acl.role.name, edit_admin_role_path(acl.role), target: :_blank
+            %td
+              - if acl.collection
+                = link_to_if can_edit_collections? && !acl.collection.system?, acl.collection.name, edit_admin_collection_path(acl.collection), target: :_blank
 
             %td.nobr
               -# Don't let use delete or edit a fully system Access Control
@@ -29,7 +35,7 @@
                   %span.icon-pencil
                   Edit Access Control List
 
-                = link_to admin_access_control_path(acl),  method: :delete, data: {confirm: "Would you really like to delete the access control for collection '#{acl.collection.name}', role '#{acl.role.name}', and user group #{acl.user_group.name}?"}, class: ['btn', 'btn-sm', 'btn-danger', 'ml-2'] do
+                = link_to admin_access_control_path(acl),  method: :delete, data: {confirm: "Would you really like to delete the access control for collection '#{acl.collection&.name}', role '#{acl.role&.name}', and user group #{acl.user_group&.name}?"}, class: ['btn', 'btn-sm', 'btn-danger', 'ml-2'] do
                   %span.icon-cross
                   Delete
   = render 'common/pagination_bottom', item_name: 'access control'

docker/app/Dockerfile

@@ -69,6 +69,7 @@ RUN apk update \
   tzdata \
   git \
   bash \
+  linux-headers \
   freetds-dev \
   icu icu-dev \
   curl libcurl curl-dev \