[
https://jira.duraspace.org/browse/DS-655?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18761#action_18761
]
Robin Taylor commented on DS-655:
---------------------------------
There appear to be two relevant Java classes -
MetadataExposure - Checks to see if a metadata element has been flagged as
'hidden' in the dspace config and if so then doesn't display it unless the
user is in the administrator group.
AuthorizeManager - Roughly speaking, checks to see if a user is authorised to
perform a particular action on a resource.
I would argue that there is no need for MetadataExposure since AuthorizeManager
could/should perform the same function, and it would be better design to only
have one place to go to for any authorisation needs.
What development would need done to allow this ?
Firstly change DCValue to extend DSpaceObject so that it can be passed as a
parameter to AuthorizeManager. Then there are a number of options...
1. Hack Authorizemanager to check on the type of the DSpaceObject and if it is
a DCValue then look up dspace.cfg as MetadataExposure currently does.
Note :- by passing as a parameter to AuthorizeManager an Action that is only
avail to Admins and community/collection admins we could satisy this Jira issue.
2. Same as 1 but get rid of the lookup of dspace.cfg by storing the 'isHidden'
values in the metadata registry in the database. This is Claudia's request
"https://jira.duraspace.org/browse/DS-800 - Manage visibilty of metadata fields
as field attribute rather than in dspace.cfg".
3. Store Resource Policies for each DCValue. On the face of it this appears to
be the best solution as it would allow for different levels of metadata
visibility for item/collection/community/site, plus it would remove the need to
consider DCValue objects differently with AuthorizeManager, but it would
require a lot more development.
Realistically I would aim to do number 2. Any objections ?
Cheers, Robin.
> MetadataExposure hides fields except for System Admins - this should extend
> to Community and Collection Admins
> --------------------------------------------------------------------------------------------------------------
>
> Key: DS-655
> URL: https://jira.duraspace.org/browse/DS-655
> Project: DSpace
> Issue Type: Improvement
> Components: DSpace API
> Affects Versions: 1.6.0, 1.6.1, 1.6.2
> Reporter: Bill Hays
> Assignee: Robin Taylor
> Original Estimate: 16 hours
> Remaining Estimate: 16 hours
>
> MetadataExposure provides an exclusion for SystemAdmins but not Community and
> Collection admins who are actually more likely to need access to metadata
> that is restricted to public view. For instance, the default metadata field
> for hiding is dc.description.provenance which is in the purview of Community
> and Collection admins at my location.
> Caveat: The comments in the class state that it is important to have a very
> efficient mechanism and to extend the class by calling
> AuthorizeManager.isAdmin(context, dso) would have a much greater overhead
> than the current AuthorizeManager.isAdmin(context). And for OAI this
> recommendation is not applicable.
> The hidden metadata is still available to all admins using the EditMetadata
> capability, yet this is a burden with the provenance field since it can be
> quite large.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.duraspace.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
------------------------------------------------------------------------------
Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
Finally, a world-class log management solution at an even better price-free!
Download using promo code Free_Logger_4_Dev2Dev. Offer expires
February 28th, so secure your free ArcSight Logger TODAY!
http://p.sf.net/sfu/arcsight-sfd2d
_______________________________________________
Dspace-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-devel
