From 3ccb12d55d972adb008af8e3307522f062e55f22 Mon Sep 17 00:00:00 2001
From: Derek Leadbetter <dleadbetter55@gmail.com>
Date: Tue, 25 Apr 2023 14:03:37 -0400
Subject: [PATCH 1/4] IIIF #30 - Adding /public/resources/:id/manifest API
 endpoint

---
 app/controllers/public/resources_controller.rb | 7 ++++++-
 config/routes.rb                               | 6 +++++-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/app/controllers/public/resources_controller.rb b/app/controllers/public/resources_controller.rb
index b9dbce3..7ad8ee8 100644
--- a/app/controllers/public/resources_controller.rb
+++ b/app/controllers/public/resources_controller.rb
@@ -1,7 +1,12 @@
 class Public::ResourcesController < Api::ResourcesController
   # Actions
   prepend_before_action :set_project, only: [:create, :update]
-  prepend_before_action :set_resource, only: [:show, :destroy, :update]
+  prepend_before_action :set_resource, only: [:show, :destroy, :update, :manifest]
+
+  def manifest
+    resource = Resource.find(params[:id])
+    render json: JSON.parse(resource.manifest)
+  end
 
   protected
 
diff --git a/config/routes.rb b/config/routes.rb
index c04ab82..f2eebe6 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -14,7 +14,11 @@
   end
 
   namespace :public do
-    resources :resources, only: [:create, :show, :destroy, :update]
+    resources :resources, only: [:create, :show, :destroy, :update] do
+      member do
+        get :manifest
+      end
+    end
   end
 
   # Default route for static front-end

From 154d7b0a8b323062707036e0fe8b7132ff27a943 Mon Sep 17 00:00:00 2001
From: Derek Leadbetter <dleadbetter55@gmail.com>
Date: Tue, 25 Apr 2023 14:04:09 -0400
Subject: [PATCH 2/4] IIIF #30 - Adding CORS configuration to allow GET
 requests to /public/resources/:id/manifest

---
 config/initializers/cors.rb | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
index e5a82f1..0c44eef 100644
--- a/config/initializers/cors.rb
+++ b/config/initializers/cors.rb
@@ -5,12 +5,9 @@
 
 # Read more: https://github.com/cyu/rack-cors
 
-# Rails.application.config.middleware.insert_before 0, Rack::Cors do
-#   allow do
-#     origins "example.com"
-#
-#     resource "*",
-#       headers: :any,
-#       methods: [:get, :post, :put, :patch, :delete, :options, :head]
-#   end
-# end
+Rails.application.config.middleware.insert_before 0, Rack::Cors do
+  allow do
+    origins '*'
+    resource '/public/resources/:id/manifest', headers: :any, methods: :get
+  end
+end

From 6b64e3c3b71109d482225fa4c026e5e66ab274e2 Mon Sep 17 00:00:00 2001
From: Derek Leadbetter <dleadbetter55@gmail.com>
Date: Tue, 25 Apr 2023 14:11:30 -0400
Subject: [PATCH 3/4] IIIF #30 - Adding unique identifier field to resources
 list and resource edit pages

---
 client/src/components/ReadOnlyField.js | 31 ++++++++++++++++++++++++++
 client/src/i18n/en.json                |  3 ++-
 client/src/pages/Project.js            | 21 +++++------------
 client/src/pages/Resource.js           |  5 +++++
 client/src/pages/Resources.js          |  2 +-
 5 files changed, 44 insertions(+), 18 deletions(-)
 create mode 100644 client/src/components/ReadOnlyField.js

diff --git a/client/src/components/ReadOnlyField.js b/client/src/components/ReadOnlyField.js
new file mode 100644
index 0000000..f2bc282
--- /dev/null
+++ b/client/src/components/ReadOnlyField.js
@@ -0,0 +1,31 @@
+// @flow
+
+import React from 'react';
+
+type Props = {
+  label?: string,
+  value: string
+};
+
+const ReadOnlyField = (props: Props) => (
+  <div
+    className='field'
+  >
+    { props.label && (
+      <label
+        htmlFor='read-only-element'
+      >
+        { props.label }
+      </label>
+    )}
+    <div
+      id='read-only-element'
+      className='ui input'
+      role='textbox'
+    >
+      { props.value }
+    </div>
+  </div>
+);
+
+export default ReadOnlyField;
diff --git a/client/src/i18n/en.json b/client/src/i18n/en.json
index 96a73a5..618101b 100644
--- a/client/src/i18n/en.json
+++ b/client/src/i18n/en.json
@@ -108,7 +108,8 @@
       "exif": "View Info"
     },
     "labels": {
-      "content": "Content"
+      "content": "Content",
+      "uuid": "Unique identifier"
     }
   },
   "ResourceExifModal": {
diff --git a/client/src/pages/Project.js b/client/src/pages/Project.js
index f275e29..118da87 100644
--- a/client/src/pages/Project.js
+++ b/client/src/pages/Project.js
@@ -10,6 +10,7 @@ import AuthenticationService from '../services/Authentication';
 import Organization from '../transforms/Organization';
 import OrganizationsService from '../services/Organizations';
 import ProjectsService from '../services/Projects';
+import ReadOnlyField from '../components/ReadOnlyField';
 import SimpleEditPage from '../components/SimpleEditPage';
 import withEditPage from '../hooks/EditPage';
 
@@ -97,22 +98,10 @@ const ProjectForm = withTranslation()((props) => {
           required={props.isRequired('description')}
           value={props.item.description}
         />
-        <div
-          className='field'
-        >
-          <label
-            htmlFor='uuid-element'
-          >
-            { props.t('Project.labels.uuid') }
-          </label>
-          <div
-            id='uuid-element'
-            className='ui input'
-            role='textbox'
-          >
-            { props.item.uuid }
-          </div>
-        </div>
+        <ReadOnlyField
+          label={props.t('Project.labels.uuid')}
+          value={props.item.uuid}
+        />
       </SimpleEditPage.Tab>
       <SimpleEditPage.Tab
         key='fields'
diff --git a/client/src/pages/Resource.js b/client/src/pages/Resource.js
index 8814020..6b7b7f7 100644
--- a/client/src/pages/Resource.js
+++ b/client/src/pages/Resource.js
@@ -13,6 +13,7 @@ import { withTranslation } from 'react-i18next';
 import { useParams } from 'react-router-dom';
 import { Button, Form } from 'semantic-ui-react';
 import ProjectsService from '../services/Projects';
+import ReadOnlyField from '../components/ReadOnlyField';
 import ResourceExifModal from '../components/ResourceExifModal';
 import ResourcesService from '../services/Resources';
 import SimpleEditPage from '../components/SimpleEditPage';
@@ -110,6 +111,10 @@ const ResourceForm = withTranslation()((props) => {
           required={props.isRequired('name')}
           value={props.item.name}
         />
+        <ReadOnlyField
+          label={props.t('Resource.labels.uuid')}
+          value={props.item.uuid}
+        />
         <UserDefinedFieldsForm
           data={props.item.user_defined}
           defineableId={projectId}
diff --git a/client/src/pages/Resources.js b/client/src/pages/Resources.js
index 11df0d8..e01cd2e 100644
--- a/client/src/pages/Resources.js
+++ b/client/src/pages/Resources.js
@@ -48,7 +48,7 @@ const Resources: ComponentType<any> = () => {
             preview={resource.content_thumbnail_url}
           />
         )}
-        renderMeta={() => ''}
+        renderMeta={(resource) => resource.uuid}
         saved={location.state && location.state.saved}
         sort={[{
           key: 'name',

From a23a9dc1fc13809622ae9d168b2c68c7f6f9329e Mon Sep 17 00:00:00 2001
From: Derek Leadbetter <dleadbetter55@gmail.com>
Date: Tue, 25 Apr 2023 15:10:58 -0400
Subject: [PATCH 4/4] IIIF #30 - Enabling /public/resources route with required
 "project_id" parameter

---
 app/controllers/api/resources_controller.rb    |  6 ++++++
 app/controllers/public/resources_controller.rb | 12 ++++++++++++
 config/routes.rb                               |  2 +-
 3 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/app/controllers/api/resources_controller.rb b/app/controllers/api/resources_controller.rb
index a1dc7d9..b83db12 100644
--- a/app/controllers/api/resources_controller.rb
+++ b/app/controllers/api/resources_controller.rb
@@ -13,6 +13,7 @@ class Api::ResourcesController < Api::BaseController
   before_action :set_defineable_params, only: :index
   before_action :validate_new_resource, unless: -> { current_user.admin? }, only: :create
   before_action :validate_resource, unless: -> { current_user.admin? }, only: [:update, :destroy]
+  before_action :validate_resources, unless: -> { current_user.admin? }, only: :index
 
   protected
 
@@ -48,4 +49,9 @@ def validate_resource
     resource = Resource.find(params[:id])
     check_authorization resource.project.organization_id
   end
+
+  def validate_resources
+    project = Project.find(params[:project_id])
+    check_authorization project.organization_id
+  end
 end
diff --git a/app/controllers/public/resources_controller.rb b/app/controllers/public/resources_controller.rb
index 7ad8ee8..aeeee79 100644
--- a/app/controllers/public/resources_controller.rb
+++ b/app/controllers/public/resources_controller.rb
@@ -1,6 +1,7 @@
 class Public::ResourcesController < Api::ResourcesController
   # Actions
   prepend_before_action :set_project, only: [:create, :update]
+  prepend_before_action :set_project_id, only: :index
   prepend_before_action :set_resource, only: [:show, :destroy, :update, :manifest]
 
   def manifest
@@ -29,11 +30,22 @@ def render_unauthorized(errors)
 
   def set_project
     project = Project.find_by_uuid(params[:resource][:project_id])
+    render_unauthorized I18n.t('errors.unauthorized') and return if project.nil?
+
     params[:resource][:project_id] = project.id
   end
 
+  def set_project_id
+    project = Project.find_by_uuid(params[:project_id])
+    render_unauthorized I18n.t('errors.unauthorized') and return if project.nil?
+
+    params[:project_id] = project.id
+  end
+
   def set_resource
     resource = Resource.find_by_uuid(params[:id])
+    render_unauthorized I18n.t('errors.unauthorized') and return if resource.nil?
+
     params[:id] = resource.id
   end
 end
diff --git a/config/routes.rb b/config/routes.rb
index f2eebe6..ac21d94 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -14,7 +14,7 @@
   end
 
   namespace :public do
-    resources :resources, only: [:create, :show, :destroy, :update] do
+    resources :resources, only: [:index, :create, :show, :destroy, :update] do
       member do
         get :manifest
       end