Hello, after upgrading our 5.9 to version 6.3 we have discovered the following situation.
We have several item's bitstreams where a group has been added to them as a policy. These groups contain the group 'Anonymous' as the only sub-group of them. In the 5.9 era, an un-authenticated user was able to see these bitstreams but after the upgrade these remained restricted to see. We are using the XMLUI frontend. We have discovered that this is the case *only* when we add the group 'Anonymous' to an existing group as a sub-group. After a little investigation we found that the function 'isMember' <https://github.com/DSpace/DSpace/blob/acf16ebe6dc69e5d8c823797a8da402ef932cc18/dspace-api/src/main/java/org/dspace/eperson/GroupServiceImpl.java#L171> never handles the above situation. If the item contains the 'Anonymous' group directly then it returns true (line 178) but there are no any other place to check whether the given group contains the 'Anonymous' or not. A fix has been found by adding an 'isParentOf' call to the else if statement like this: else if (StringUtils.equals(group.getName(), Group.ANONYMOUS) || isParentOf( context, group, findByName(context, Group.ANONYMOUS))) Even if this fix solved our issue temporarily I have got questions. Is this issue a feature or a bug? I mean was it a business decision to skip checking the Anonymous group as a sub-group within the authorization process? If yes, what do you guys recommend in these situations? But if this is a bug, can you please let me know how can I open a ticket and offer a fix to it? Thanks and have a nice day, Istvan -- All messages to this mailing list should adhere to the DuraSpace Code of Conduct: https://duraspace.org/about/policies/code-of-conduct/ --- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/d1b55926-e967-4b22-b0fa-905ca3d7e0b7o%40googlegroups.com.
