In DSpace7, the actions that a logged in user may perform seem not be contextualized according to the admin groups to which they belong, for instance:
When logged in as an eperson with any community admin capacity, that user has the options Edit -> Community, Collection, or Items. The resulting search option is not restricted to the community they have permissions for and instead displays everything, so it appears that they have permission to edit any community, collection, or item, only to receive a 403 permissions error if they try to proceed. Similarly, an EPerson with community admin rights will see the option to Create a New Item/Collection/Community/Process when logged in. The Create New Collection/Community search will list all collections/communities (including creating a new top-level community) and will let the EPerson fill out the form for creating a new community/collection even if the EPerson does not actually have permission to do so in the selected community. It is not until the EPerson tries to save that new community/collection that DSpace indicates that an access error has occurred, and calls it a "server error" rather than a permissions error. Finally, users with no admin permissions see the option to Edit Item, with the ability to choose seemingly any item. Selecting the item will then show a 403 permissions error. Is this correct? Or have I made an error in my dspace.cfg's authorization system configuration? (This seems to be the behavior on the demo site as well. I would appear to be able to edit any item there, only to be denied if I attempt to do so). Essentially I want to know if I have some mis-configuration, or if this is the expected behavior. Thanks for any advice! ~~Bill -- Human wheels spin round and round While the clock keeps the pace... -- John Mellencamp ________________________________________________________________ Bill Tantzen University of Minnesota Libraries 612-626-9949 (U of M) 612-325-1777 (cell) -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx --- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/CADgrb7FAyai4xia8f1dFcD46nnSBehgLG%2BtXsk2nJqGqeq5%2BiA%40mail.gmail.com.
