Hi Mark, Nestor,
Just to clarify the authorization system is turned off because when an
eperson completes his task he loses the rights to modify the item (in the
old DSpace workflow these rights are not removed & are granted when the
workflow starts & remain present until the item is installed). Since the
workflow system needs to support internal steps in which the actions modify
the item we need the authorization to do this.
I hope this clarifies things.
Kind regards,
Kevin Van de Velde
@mire
Esperantolaan 4 - 3001 Heverlee - Belgium
2888 Loker Avenue East, Suite 305 - Carlsbad, CA 92010 - USA
atmire.com - Institutional Repository Solutions
On 27 June 2012 16:39, Nestor Oviedo <[email protected]> wrote:
> Hi Mark. Thanks a lot for your answer.
> I knew about the Group API. Actually I needed to check if the current user
> is admin in one specific collection, and the class AuthorizeManager has
> everything I need for this, but in the method isAdmin(Context c,
> DSpaceObject o), the first thing it does is to check if the user is a site
> admin.
>
> Anyway, I think the question is if it makes sense to turn the
> authorization system off as a default ... Now I has it turned on in order
> for this isAdmin() method to behave as expected.
>
> Regards
> Nestor
>
>
> On Wed, Jun 27, 2012 at 5:00 AM, Mark Diggory <[email protected]> wrote:
>
>> Nestor,
>>
>> I would need to review the code further to validate if it would make
>> sense to turn the authorization on as a default. However, I would
>> recommend that you can also easily determine if the user is an
>> administrator by querying the Group API directly.
>>
>> Group.isMember(c, 1);
>>
>> where "1" is the administrator group.
>>
>> Regards,
>> Mark
>>
>> On Mon, Jun 25, 2012 at 12:04 PM, Nestor Oviedo
>> <[email protected]>wrote:
>>
>>> Hi all.
>>> I'm writing a very simple custom user selection action (extending from
>>> ClaimAction) which overrides the isValidUserSelection() method in
>>> order to return false when the current user is an admin.
>>> The problem is that the XmlWorkflowManager->start() method always
>>> invokes the context.turnOffAuthorisationSystem(), which means the
>>> AuthorizeManager.isAdmin() method will always return true.
>>>
>>> I wonder: why the XmlWorkflowManager always turns the authorization
>>> system off ? Is it there any known risk in avoiding this behavior ?
>>>
>>> Thanks
>>> Nestor
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Live Security Virtual Conference
>>> Exclusive live event will cover all the ways today's security and
>>> threat landscape has changed and how IT managers can respond. Discussions
>>> will include endpoint security, mobile security and the latest in malware
>>> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>>> _______________________________________________
>>> Dspace-devel mailing list
>>> [email protected]
>>> https://lists.sourceforge.net/lists/listinfo/dspace-devel
>>>
>>
>>
>>
>> --
>> [image: @mire Inc.]
>> *Mark Diggory *(Schedule a Meeting <https://tungle.me/markdiggory>)
>> *2888 Loker Avenue East, Suite 305, Carlsbad, CA. 92010*
>> *Esperantolaan 4, Heverlee 3001, Belgium*
>> http://www.atmire.com
>>
>>
>>
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Dspace-devel mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/dspace-devel
>
>
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Dspace-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-devel
