Hi Folks,
I'm working on an issue that I have here to do with ingesting complex
content into DSpace via SWORD. The hard problem I need to solve is that
the incoming object contains administrative content as well as public
content, and the admin content is stored in bundles which are to be secured
via the DSpace authorisation mechanism from public access.
I can set resource policies on the bundles when the item is first ingested,
but this happens when the item is still in the workspace. When the deposit
is complete the item is injected into the workflow and ultimately into the
archive. The problem arising is that InstallItem overwrites all
permissions on the item with the collection's default policies, which - in
this case - is making all those files open again. I need to find a
solution to this, and it would be ideal if that solution avoided patching
the DSpace core; here are some things that I've been thinking about:
1/ Collection default policy set up: this seems like the intended approach
in DSpace, but I don't have a single set of policies which I can apply to
the item as a whole. For example, I need the ORIGINAL and LICENSE bundles
to be Anonymous READ, but require the SWORD and METADATA bundles to be
Administrator READ only. Perhaps there are more cunning ways that I can
set up the collection policies so that they cascade appropriately onto my
item?
2/ Adding an event consumer which listens for the Item+Install event and
sets the policies explicitly. This looks very promising, although I notice
that the event itself is constructed and added to the context's event list
before the collection's policies are applied. I'm new to the event system,
and I don't know whether this means the synchronous event will run before
the collection policies are set (making everything that I do in my consumer
irrelevant) or whether it will run at the very end of the request.
Any tips on the best way to push access privileges through InstallItem
would be very helpful.
Cheers,
Richard
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Dspace-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-devel
