Hello, Matjaz...
Attached to this email is a sample policy file that you can use to
enable local file uploads.
Edit this file, validate it with the validate-policies.sh shell script
in the Fedora server/bin directory, and put it in your
fedora-xacml-policies/repository-policies directory. Move
fedora-xacml-policies/repository-policies/default/deny
-unallowed-file-resolution.xml to another location outside the
repository-policies tree.
Here's a snippet of FOXML that uploads managed datastream data from a file:
<foxml:datastream ID="TEST_M" STATE="A" CONTROL_GROUP="M"
VERSIONABLE="true">
<foxml:datastreamVersion ID="TEST_M.0" LABEL="MTestManaged"
MIMETYPE="image/jpeg">
<foxml:contentLocation TYPE="URL"
REF="file:///absolute/path/to/your/file.jpg"/>
</foxml:datastreamVersion>
</foxml:datastream>
-- Scott
Matjaž Kragelj wrote:
Hello everybody,
I still have one problem regarding ingestion.
After helping me last time, we don't create 800mb+ FOXML files with datastreams
inside.
You need approx 20gm RAM for 600mb FOXML...
Now, we would like to put a relation in FOXML to several datastreams (hundreds
of them) for every object.
Since the number of objects of this kind exceeds several hundred thousands
(500.000+) we would like to avoid moving all of the stuff in web server.
The question is next:
How to set the rule in >deny-unallowed-file-resplution.xml< (the rule below)
<Rule RuleId="2" Effect="Permit">
<Condition FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
<Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:regexp-string-match">
<AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string";>^file:/fedora/.*$</AttributeValue>
<Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
<ResourceAttributeDesignator
AttributeId="urn:fedora:names:fedora:2.1:resource:datastream:fileUri"
DataType="http://www.w3.org/2001/XMLSchema#string"/>
</Apply>
</Apply>
<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-is-in">
<AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string";>administrator</AttributeValue>
<SubjectAttributeDesignator AttributeId="fedoraRole"
DataType="http://www.w3.org/2001/XMLSchema#string"/>
</Apply>
</Condition>
</Rule>
And what to put in string
<foxml:contentLocation> REF="file:/myfilesystem/something.mp3" TYPE="URL" />
Is type= >URL< - correct?
What is the REF=<file:......< syntax
And what does it mean ^file:/fedora/.*$< (in rule above)
So, how to set correct above rule and string REF to set the path for upload
datastream to harddisk x:\ (for example)
We are using Windows server 2008... don't ask me why....
Thanx in advance
Matjaz
------------------------------------------------------------------------
------------------------------------------------------------------------------
Centralized Desktop Delivery: Dell and VMware Reference Architecture
Simplifying enterprise desktop deployment and management using
Dell EqualLogic storage and VMware View: A highly scalable, end-to-end
client virtualization framework. Read more!
http://p.sf.net/sfu/dell-eql-dev2dev
------------------------------------------------------------------------
_______________________________________________
Fedora-commons-users mailing list
Fedora-commons-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
--
Scott Prater
Library, Instructional, and Research Applications (LIRA)
Division of Information Technology (DoIT)
University of Wisconsin - Madison
pra...@wisc.edu
<?xml version="1.0" encoding="UTF-8"?>
<Policy xmlns="urn:oasis:names:tc:xacml:1.0:policy"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
PolicyId="deny-file-resolve-if-not-allowed-dir"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable">
<Description>deny any file datastream resolution if not in allowed file patterns</Description>
<Target>
<Subjects>
<Subject>
<SubjectMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>fedoraFileUser</AttributeValue>
<SubjectAttributeDesignator AttributeId="urn:fedora:names:fedora:2.1:subject:loginId" DataType="http://www.w3.org/2001/XMLSchema#string"/>
</SubjectMatch>
</Subject>
</Subjects>
<Resources>
<AnyResource/>
</Resources>
<Actions>
<Action>
<ActionMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>urn:fedora:names:fedora:2.1:action:id-getDatastreamDissemination</AttributeValue>
<ActionAttributeDesignator DataType="http://www.w3.org/2001/XMLSchema#string"; AttributeId="urn:fedora:names:fedora:2.1:action:id"/>
</ActionMatch>
</Action>
</Actions>
</Target>
<Rule RuleId="1" Effect="Permit">
<Condition FunctionId="urn:oasis:names:tc:xacml:1.0:function:regexp-string-match">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string";>^.*$</AttributeValue>
<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
<ResourceAttributeDesignator AttributeId="urn:fedora:names:fedora:2.1:resource:object:pid"
DataType="http://www.w3.org/2001/XMLSchema#string"/>
</Apply>
</Condition>
</Rule>
<Rule RuleId="2" Effect="Deny">
</Rule>
</Policy>
------------------------------------------------------------------------------
Centralized Desktop Delivery: Dell and VMware Reference Architecture
Simplifying enterprise desktop deployment and management using
Dell EqualLogic storage and VMware View: A highly scalable, end-to-end
client virtualization framework. Read more!
http://p.sf.net/sfu/dell-eql-dev2dev
_______________________________________________
Fedora-commons-users mailing list
Fedora-commons-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
