Hi Paul, There are a lot of relationships in the authorization policies, to handle all of that complexity, I think you could build some custom java code to walk through all of them, and join all of the resources, and all of the epersons and epersongroups.
Here's an inaccurate query that would give you some of the information: SELECT * FROM public.handle, public.resourcepolicy, public.epersongroup WHERE resourcepolicy.resource_type_id = handle.resource_type_id AND resourcepolicy.resource_id = handle.resource_id AND resourcepolicy.epersongroup_id = epersongroup.eperson_group_id; This would show you what objects with handles (community, collection, item), have an authorization policy to an eperson-group. You would have to make other queries to find policies that map to an eperson (as opposed to eperson group). And also, this only connects to things with handles, which misses bundles and bitstreams. Since this is for an audit, your probably more concerned with finding users with irregular permissions, so maybe you could work backwords. Start with all the eperson, and see which one's are members of groups or resourcepolicy's. Because it's likely that you'll find that 99% of users have essentially nothing interesting in terms of policies/memberships, and then just investigate the dozen or so users with permissions. Good luck! If you end up creating any interesting java code (such as a query tool to look at all of this information), or just a series of SQL queries it might be helpful to share back your eventual findings. ________________ Peter Dietz Longsight www.longsight.com [email protected] p: 740-599-5005 x809 On Mon, Nov 10, 2014 at 12:44 PM, Paul Go <[email protected]> wrote: > Is there a way to export the entirety of the authorization policies so > that we can audit them in bulk rather than one by one? > > > Paul Go > > Systems Librarian / > Library Technology Manager / > CS and ITM Liaison > Paul V. Galvin Library > Illinois Institute of Technology > 35 West 33rd Street > Chicago, IL 60616 > 312.567.7997 > [email protected] > > *Driving Innovation through Knowledge and Scholarship* > > > ------------------------------------------------------------------------------ > > _______________________________________________ > DSpace-tech mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/dspace-tech > List Etiquette: > https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette >
------------------------------------------------------------------------------
_______________________________________________ Dspace-general mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dspace-general
