[
https://jira.duraspace.org/browse/DS-1193?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Tim Donohue updated DS-1193:
----------------------------
Labels: has-pull-request (was: )
Pull Request: https://github.com/DSpace/DSpace/pull/74
> display bitstream read access permissions on item page
> ------------------------------------------------------
>
> Key: DS-1193
> URL: https://jira.duraspace.org/browse/DS-1193
> Project: DSpace
> Issue Type: Improvement
> Components: XMLUI
> Reporter: Ivan Masár
> Assignee: Ivan Masár
> Labels: has-pull-request
> Fix For: 3.0
>
> Attachments: DS-1193-A.png
>
>
> This is an issue to track problems related with displaying accessibility of a
> bitstream on the item page. This is for XMLUI only. JSPUI would benefit from
> the same functionality, but the code would be disjunct, so I'll leave that
> for separate issue.
> Currently, there is no indication on the item page which users have
> permissions to access a bitstream or whether the current user can access a
> bitstream. The user has to try to access it, which will either download the
> bitstream if he has read rights or display an information that he doesn't
> have the permission along with a login form.
> Problem A)
> Currently, the information about access permissions is accessible by adding
> "?rightsMDTypes=METSRIGHTS" to the item's METS URL, which will embed
> permission information from METSRightsCrosswalk to METS. E.g.:
> http://demo.dspace.org/xmlui/metadata/handle/10673/3/mets.xml?rightsMDTypes=METSRIGHTS
> It was pointed out that this might be an unintended feature. For the full
> conversation, see the "bitstream access rights in DRI?" thread:
> http://www.mail-archive.com/[email protected]/msg17312.html
> I suggest that access to this information should be accessible to the XMLUI
> themes, so it should be accessible from localhost and this could possibly be
> configurable to allow access from other hosts, for example for debugging
> reasons. So we could have something like:
> crosswalk.dissemination.METSRightsCrosswalk.accessible-from = 127.0.0.1,
> 1.2.3.4/24
> Can anyone give any pointers how to implement this kind of access restriction?
> I'd hate to see this implemented as an aspect. Like Tim pointed out, this
> information is a very powerful tool for theme developers and I already have
> other uses for it in mind (namely various implementations of DS-1021). So it
> should be accessible from XSLT.
> Problem B)
> Sorting out problem A gives us access to information for all users, so we can
> display the access rights. But it would be useful to display, whether
> bitstream is accessible for _current user_. We currently don't have
> information about current user's group membership in DRI. Including it in DRI
> would of course also be useful for other things.
> This information is provided by the
> org.dspace.app.xmlui.aspect.eperson.EditProfile, currently only for the
> profile page (look at id="aspect.eperson.EditProfile.list.memberships" a the
> /DRI/profile URL while logged in). I suggest to add this information to
> userMeta for all pages.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Dspace-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-devel
