Hi Ferran, In data lunedì 6 maggio 2013 09:04:23, Lars Holm Nielsen ha scritto: > I'm not completely sure about this, but AFAIK you will have to run > webcoll to assign the new record to a collection before the system knows > the restrictions of the record. Until then, only the superuser have > access. How it was prior to 1.1 I don't know but I think Raquel was > working on some updates to restricted collections, so I'll try to ask her. > > Note that if you define collections purely from 980__a/b (e.g. > 980__a:identifier) instead of using the collection index > (collection:identifier) then you can avoid having to run bibindex prior > to webcoll. > > On 30/04/13 13:27, Ferran Jorba wrote: > > Hi all, > > > > now that we've (finally!) migrated our two Invenios to 1.1, I have some > > issues that I don't know how to solve. > > > > The first one is that, after submitting a new record, the submitter > > cannot access the record until it is indexed and assigned to a > > collection. Meanwhile, (s)he gets a message telling that the access of > > this record is restricted until it is indexed and so. Only the webadmin > > can access it, with a red flag labeling it as restricted. > > > > I've tried to fiddle with roles and actions, like assigning the > > viewrestrcoll to cataloguers, but then, the result is that the whole > > assigned collection becomes restricted to everybody. > > > > In my case, in both instances, any cataloguer could (should) access any > > record from any collection, in case it helps to find a simple solution. > > > > Your help is appreciated.
Indeed I confirm what Lars just replied you. In: [...] commit befb8c141fbea99bed7ae19e80bfb572302dedad Author: Samuele Kaplun <[email protected]> Date: Wed Jun 16 09:06:24 2010 +0200 WebSearch: protect new records * New records, i.e. records just inserted and not yet assigned to a collection by webcoll, are now automatically protected, and only the superadmin or the corresponding author(s) (as indicated in the MARC) are allowed to access them. * Streaming of attached files is also authorized only to superadmin and the authors. * Streaming of attached files is now always authorized to authors, no matters the protection of the file (unless the file is hidden). [...] we have added this additional security steps to protect brand new records which a priory could be potentially restricted, by virtue of their potential membership to a restricted collection, before such membership has been already computed by webcoll. Regarding the workaround, I think that we can propose a patch so that, if you authorize your cataloguers role to run action “viewrestrcoll” with collection “*”, this should allow them to see any temporary restricted record too. I’ll prepare a quick patch. Cheers! Sam -- Samuele Kaplun Invenio Developer ** <http://invenio-software.org/> INSPIRE Service Manager ** <http://inspirehep.net/>
