Reorganization of grant_repo_spec and removal of for_uri method

lauth/app/repositories/grant_repo.rb

@@ -32,17 +32,6 @@ def for_user_and_uri(username, uri)
         rel = grants.class.new(ds)
         rel.combine(:user, collections: :locations, institutions: {institution_memberships: :users}).to_a
       end
-
-      def for_uri(uri)
-        ds = grants
-          .dataset
-          .join(collections.name.dataset, uniqueIdentifier: :coll)
-          .join(locations.name.dataset, coll: :uniqueIdentifier)
-          .where(Sequel.ilike(uri, locations[:dlpsPath]))
-
-        rel = grants.class.new(ds)
-        rel.combine(:user, collection: :locations).to_a
-      end
     end
   end
 end

lauth/lib/lauth/ops/authorize.rb

@@ -18,7 +18,7 @@ def call
         else
           "denied"
         end
-        Lauth::Access::Result.new(determination:)
+        Lauth::Access::Result.new(determination: determination)
       end
 
       private

lauth/lib/lauth/persistence/relations/institution_memberships.rb

@@ -5,7 +5,6 @@ class InstitutionMemberships < ROM::Relation[:sql]
         schema(:aa_is_member_of_inst, infer: true, as: :institution_memberships) do
           # attribute :lastModifiedTime, Types::Time.default { Time.now }
           attribute :lastModifiedBy, Types::String.default("root".freeze)
-          # attribute :dlpsExpiryTime, Types::Time.default { Time.now }
           attribute :dlpsDeleted, Types::String.default("f".freeze)
 
           associations do

lauth/spec/repositories/grant_repo_spec.rb

@@ -3,57 +3,41 @@
 RSpec.describe Lauth::Repositories::GrantRepo, type: :database do
   subject(:repo) { Lauth::Repositories::GrantRepo.new }
 
-  context "with a grant for one user to a collection restricted by username" do
-    let!(:collection) { Factory[:collection, :restricted_by_username] }
-    let!(:user) { Factory[:user, userid: "lauth-allowed"] }
-    let!(:grant) { Factory[:grant, :for_user, user: user, collection: collection] }
-
-    # describe #for_uri
-    it "finds the grant for a resource within the collection" do
-      grant = repo.for_uri("/restricted-by-username/").first
-
-      expect(grant.collection.commonName).to match(/Name/)
-      expect(grant.collection.locations.first.dlpsServer).to eq "some.host"
-      expect(grant.collection.locations.first.dlpsPath).to eq "/restricted-by-username%"
-    end
-
-    it "finds no grants for a resource not in the collection" do
-      grants = repo.for_uri("/something-else/")
-
-      expect(grants).to eq []
-    end
+  context "when authorizing locations within a collection using identity-only authentication" do
+    context "with an authorized individual" do
+      let!(:collection) { Factory[:collection, :restricted_by_username] }
+      let!(:user) { Factory[:user, userid: "lauth-allowed"] }
+      let!(:grant) { Factory[:grant, :for_user, user: user, collection: collection] }
 
-    # describe #for_user_and_uri
-    it "finds the grant for user and location within the collection" do
-      grants = repo.for_user_and_uri("lauth-allowed", "/restricted-by-username/")
+      it "finds the grant for authorized individual and location within the collection" do
+        grants = repo.for_user_and_uri("lauth-allowed", "/restricted-by-username/")
 
-      expect(grants.first.uniqueIdentifier).to eq grant.uniqueIdentifier
-    end
+        expect(grants.first.uniqueIdentifier).to eq grant.uniqueIdentifier
+      end
 
-    it "finds no grant for unauthorized user and location within the collection" do
-      grants = repo.for_user_and_uri("lauth-denied", "/restricted-by-username/")
+      it "finds no grant for unauthorized individual and location within the collection" do
+        grants = repo.for_user_and_uri("lauth-denied", "/restricted-by-username/")
 
-      expect(grants).to eq []
-    end
+        expect(grants).to eq []
+      end
 
-    describe "grant association loading" do
-      subject(:found_grant) { repo.for_user_and_uri("lauth-allowed", "/restricted-by-username/").first }
+      describe "grant association loading" do
+        subject(:found_grant) { repo.for_user_and_uri("lauth-allowed", "/restricted-by-username/").first }
 
-      it "loads user" do
-        expect(found_grant.user.userid).to eq grant.user.userid
-      end
+        it "loads user" do
+          expect(found_grant.user.userid).to eq grant.user.userid
+        end
 
-      it "loads collection" do
-        expect(found_grant.collection.uniqueIdentifier).to eq "lauth-by-username"
-      end
+        it "loads collection" do
+          expect(found_grant.collection.uniqueIdentifier).to eq "lauth-by-username"
+        end
 
-      it "loads location" do
-        expect(found_grant.collection.locations.first.dlpsPath).to eq "/restricted-by-username%"
+        it "loads location" do
+          expect(found_grant.collection.locations.first.dlpsPath).to eq "/restricted-by-username%"
+        end
       end
     end
-  end
 
-  context "when authorizing locations within a collection using identity-only authentication" do
     context "with a member of an authorized institution" do
       let!(:collection) { Factory[:collection, :restricted_by_username] }
       let!(:institution) { Factory[:institution] }

lauth/spec/requests/authorized_spec.rb

@@ -9,7 +9,7 @@
   # coll_obj (Location): /restricted-by-username/
   # aa_may_access (Grant): lauth-allowed -> lauth-by-username: GOOD
 
-  context "with an authorized user" do
+  context "with an authorized individual" do
     let!(:user) { Factory[:user, userid: "lauth-allowed"] }
     let!(:collection) { Factory[:collection, :restricted_by_username] }
     let!(:grant) { Factory[:grant, :for_user, user: user, collection: collection] }