[Dspace-tech] Adding and removing bitstreams

Tue, 23 Sep 2008 02:35:34 -0700 

Hi, i face a problem on adding and removing bitstreams in both dspace 
1.4 and 1.5 and would like to ask the community and the
developers of dspace for it.

There is a defined Group containing some users. In the policies for a 
specific collection, this Group has all available permissions
(DEFAULT_ITEM_READ,DEFAULT_BITSTREAM_READ,READ,WRITE,COLLECTION_ADMIN,REMOVE,ADD).
 


But, for a user of this Group is impossible to delete a bitstream and 
add a new one. When  trying to delete, there is no message and the
page is reloaded without any change. When trying to upload, a message 
"authorization required" is prompted.

On deletion, the problem exists in EditItemServlet.java.
When the user choose to delete a bitstream there is the following check 
in line 506

// only process bitstreams if admin
else if (p.startsWith("bitstream_name")
                    *&& AuthorizeManager.isAdmin(context)* )
  
Why only administrators have the rights to delete bitstreams?

Even if, we comment this extra check, there are points in Bundle.java 
and Bitstream.java that request to authorize the action with

// Check authorisation
AuthorizeManager.authorizeAction(ourContext, this, *Constants.WRITE*);

But the users of the Group does not have permissions to perform the WRITE.

Could anyone from the community give me any advice or comment?
Furthermore, could anyone from the developers of security policies of 
dspace explain what is the proper policy that a
group must have to add or remove bitstreams. I find out that the changes 
in authorization using wildcard policy admin tool
don't add any lines in policies that are displayed in communities or 
collections. Moreover, there are a lot more choices in drop down
menus when setting a policy using wildcard admin tool than using 
collection policy manager. Why?

Thanks,
Any comment would be helpful
Ilias Stavrakis

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
DSpace-tech mailing list
DSpace-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-tech

Reply via email to