[fcrepo-user] policy in POLICY datastream is not working

Tue, 14 Jun 2011 09:12:06 -0700 

Hi to all,

like I wrote in the subject, fedora commons seems do not to take into
account policy in the POLICY datastream.
A policy into a file saved in
"data/fedora-xacml-policies/repository-policies/default" is taken into
account, but if I move the same policy in a datastream POLICY into the
object  interested that policy is ignored.

the policy is this:

<?xml version="1.0" encoding="UTF-8"?>
<Policy xmlns="urn:oasis:names:tc:xacml:1.0:policy"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
PolicyId="PolicyDSPurgeByUserOrRoleOnly"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides">
    <Description>This policy will allow users with the roles listed
below to view and edit objects with this policy</Description>
     <Target>
            <Subjects>
                <AnySubject/>
            </Subjects>
            <Resources>
               <Resource>
        <ResourceMatch
MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
          <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string";>epistemetec:90</AttributeValue>
          <ResourceAttributeDesignator
AttributeId="urn:fedora:names:fedora:2.1:resource:object:pid"
            MustBePresent="false"
            DataType="http://www.w3.org/2001/XMLSchema#string"/>
        </ResourceMatch>
      </Resource>
            </Resources>
            <Actions>

            <Action>
                <ActionMatch
MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
                    <AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string";>urn:fedora:names:fedora:2.1:action:id-purgeObject</AttributeValue>
                    <ActionAttributeDesignator
DataType="http://www.w3.org/2001/XMLSchema#string";
AttributeId="urn:fedora:names:fedora:2.1:action:id"/>
                </ActionMatch>
           </Action>

            </Actions>
        </Target>
  <Rule RuleId="1" Effect="Deny"/>
</Policy>

I need to activate something into fedora to permit it to read POLICY DS?

thanks in advance for you help.
Gian Mario Mereu

------------------------------------------------------------------------------
EditLive Enterprise is the world's most technically advanced content
authoring tool. Experience the power of Track Changes, Inline Image
Editing and ensure content is compliant with Accessibility Checking.
http://p.sf.net/sfu/ephox-dev2dev
_______________________________________________
Fedora-commons-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fedora-commons-users

Reply via email to