On Tue, Jan 21, 2014 at 11:38:58AM -0600, Tim Donohue wrote:
[snip]
> So, Access Rights Awareness is probably something we need to better 
> document & also better document how to disable it if you favor exposing 
> *all* metadata as publicly searchable/browsable.

I will certainly never argue against documenting the behavior of
code.  But from another posting, it sounds to me that the problem is
one of granting the proper rights to express your institution's
policy:  grant READ on the Item to users and groups who should be able
to see the metadata, and READ on a Bitstream to users and groups who
should be able to see the bitstream data.

We may need to improve the administrative UI to make crafting
access-control lists more convenient.  At the least we need to provide
that the default ACL on each object type is adjustable, so that the
policy a site usually wants can be the default at that site.  (This
may need to be a property of the Community or Collection.)  The
"default default" ACL should then express the most restrictive
reasonable policy, which might very well be "no access by anyone".

-- 
Mark H. Wood, Lead System Programmer   mw...@iupui.edu
Machines should not be friendly.  Machines should be obedient.

Attachment: signature.asc
Description: Digital signature

------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today. 
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
DSpace-tech mailing list
DSpace-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-tech
List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette

Reply via email to