On 01/09/07, Mark Diggory <[EMAIL PROTECTED]> wrote: > Restricting access to Communites, Collection or Items directly is > certainly not what DSpace was designed to do.
The real issue is more that the DSpace authz model has no notion of 'know of an object's existence' as an action. One of the 'finish 1.0 in a finite amount of time' tradeoffs was not to implement this (for precisely the reasons that Andrea mentioned -- the complexity and expense of evaluating visibility in operations like search, browse and harvest.) >From a design standpoint, I think authz needs an overhaul as I've mentioned many times before; I think introducing the notion of 'know of an objects existence' distinct from the existing READ is the right way to go about this rather than overloading READ. It makes sense to me to have queries evaluated using a particular Context (be they search etc) only return objects that the currently-authenticated e-person can 'see'. The system has not evolved in a way amenable to this, however. Post-query filtering doesn't work because if you ask for 'the first 10 items with titles starting with C', you may end up with only 6 visible results. For a more general solution, either every indexing system needs to be ACL-aware (yuck), or we should create a unified query API whose implementation is ACL-aware, i.e. indexes relevant permissions. Lucene seems the most likely candidate for such an API. Unfortunately things seem to be diversifying rather than unifying in this area. Rob ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ DSpace-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dspace-tech
