#11076 Allow User with View Unpublished Dataset Perms to access Preview URL without becoming Preview URL User

[sekmiller]

What this PR does / why we need it:
Going back to 2020 there was a known issue that as a logged in user with permission on the draft version of a dataset, if you accessed a preview url while logged in you would be logged out.

Which issue(s) this PR closes:

• Closes Disable URL Not Working After Accessing Preview URL #11076 Disable Preview URL not working
• Closes Disabling private URL doesn't work if you switch types w/o refreshing the page. #11047 Disabling Preview URL fails if you switch types

Special notes for your reviewer:
Added a test to the Private URL init method

Suggestions on how to test this:
Access Preview URL while logged in with View Unpublished Version Permissions. You should remain logged in and see the full draft version.

If you access a Preview URL while logged in as someone without View Unpublished, you will be logged out (be changed to a Preview URL user)

If not logged in, Preview URL access should be unchanged.

Does this PR introduce a user interface change? If mockups are available, please link/include them here:
No

Is there a release notes update needed for this change?:
Edge case - probably not worth noting

Additional documentation:

[ofahimIQSS]

the continuous-integration/jenkins/pr-merge is failing

ERROR: Ansible run terminated abnormally, failing build.
GitHub has been notified of this commit’s build result
Finished: FAILURE

https://jenkins.dataverse.org/blue/organizations/jenkins/IQSS-Dataverse-Develop-PR/detail/PR-11080/2/pipeline

[qqmyers]

The deleteFile test is flaky (as reported to the core team last week) - depending on the order of returned files which appears to now be random. I restarted the build for now and will look into fixing the test.

[pdurbin]

@ofahimIQSS @sekmiller and I have been discussing.

From my perspective, the bug is not completely fixed in that some users will still be logged out (the ones who don't have permission to the unpublished dataset, which will be most users), but at least the person creating the Preview URL (has permission already, that is) will no longer be logged out. It's definitely an improvement. And Omer likes this better than what's in develop. Approved.

[ofahimIQSS]

An observation I had during testing which is an edge case -

Screen.Recording.2024-12-10.at.1.33.05.PM.mov

[qqmyers]

I think your edge case is #11047

[ofahimIQSS]

I think your edge case is #11047

Indeed it is!

[sekmiller]

This should also fix #11047 - the refresh of the confirmation popup needed some attention.

[github-actions]

📦 Pushed preview images as

ghcr.io/gdcc/dataverse:11076-access-previewUrl-with-perms

ghcr.io/gdcc/configbaker:11076-access-previewUrl-with-perms

🚢 See on GHCR. Use by referencing with full name as printed above, mind the registry name.

[ofahimIQSS]

This should also fix #11047 - the refresh of the confirmation popup needed some attention.

Fix looks good - No issues to report back. Merging PR and proceeding with regression testing v6.5

Screen.Recording.2024-12-10.at.2.55.15.PM.mov