= Proposal number : Proposal title =

|| '''Date''' || 2008/06/20 ||
|| '''Contact(s)''' || Simon Pigot, Stefano Giaccio ||
|| '''Last edited''' || [[Timestamp]] ||
|| '''Status''' || draft ||
|| '''Assigned to release''' || 2.3 ||
|| '''Resources''' || Available ||

== Overview ==
 
Apply permissions to metadata elements (not just records).[[BR]]

Stage 1 – elements are not group related – apply to internet/public/intranet groups only[[BR]]
Stage 2 – add additional granularity via interface (component 2)[[BR]]

=== Proposal Type ===
 * '''Type''': GUI Change, Core Change, Module Change
 * '''App''': !GeoNetwork
 * '''Module''': Data Manager

=== Links ===
 
 * '''Email discussions''': John Hockaday, Geoscience Australia suggested this on geonetwork-devel

=== Voting History ===
 * None as yet

----

== Motivations ==
Move access/permissions control down to element level.

== Proposal == 
5 components to deal with:

'''1.''' Template editor: additional controls for selecting elements that are to be hidden. Selected elements written to database on save/save and close.[[BR]]
'''2.''' Need an additional permissions interface to associate groups with XPaths (stage 2 – more sophisticated users)[[BR]]
'''3.''' Database changes: additional dependent table on OperationAllowed – OperationAllowedElements – schema: MetadataId, Xpath – related to OperationAllowed by MetadataId and GroupId[[BR]]
'''4.''' Query table and retrieve XPaths based on GroupId of UserSession, apply XPaths to JDOM tree before record returned from service – add ISO attribute (gco:nilReason=”concealed”) for ISO records only – track down all locations where this can happen – could be possible to apply this in DataManager getMetadata[[BR]]
'''5.''' Lucene index – concealed elements cannot be indexed because the index can be searched by anyone – the permissions systems is not applied until the record is displayed. The interesting outcome of leaving concealed info in the index is that a user could search and get a result on the concealed info but would not be able to see it when the record was displayed. [[BR]]



=== Backwards Compatibility Issues ===

Previous installations (2.2 and earlier) will need to migrate to a new database if they want to use this – the implementation could be made to tolerate the missing table if necessary.

Harvesting from versions < 2.2 – filter is applied to conceal elements regardless of group.

== Risks ==

== Participants ==
 * As above