|Version 1 (modified by simonp, 5 years ago)|
Proposal number : Proposal title
|Contact(s)||Simon Pigot, Stefano Giaccio|
|Last edited|| |
|Assigned to release||2.3|
Apply permissions to metadata elements (not just records).
Stage 1 – elements are not group related – apply to internet/public/intranet groups only
Stage 2 – add additional granularity via interface (component 2)
- Type: GUI Change, Core Change, Module Change
- App: GeoNetwork
- Module: Data Manager
- Email discussions: John Hockaday, Geoscience Australia suggested this on geonetwork-devel
- None as yet
Move access/permissions control down to element level.
5 components to deal with:
1. Template editor: additional controls for selecting elements that are to be hidden. Selected elements written to database on save/save and close.
2. Need an additional permissions interface to associate groups with XPaths (stage 2 – more sophisticated users)
3. Database changes: additional dependent table on OperationAllowed? – OperationAllowedElements? – schema: MetadataId?, Xpath – related to OperationAllowed? by MetadataId? and GroupId?
4. Query table and retrieve XPaths based on GroupId? of UserSession?, apply XPaths to JDOM tree before record returned from service – add ISO attribute (gco:nilReason=”concealed”) for ISO records only – track down all locations where this can happen – could be possible to apply this in DataManager? getMetadata
5. Lucene index – concealed elements cannot be indexed because the index can be searched by anyone – the permissions systems is not applied until the record is displayed. The interesting outcome of leaving concealed info in the index is that a user could search and get a result on the concealed info but would not be able to see it when the record was displayed.
Backwards Compatibility Issues
Previous installations (2.2 and earlier) will need to migrate to a new database if they want to use this – the implementation could be made to tolerate the missing table if necessary.
Harvesting from versions < 2.2 – filter is applied to conceal elements regardless of group.
- As above