Dear Theodoros,
Il lunedì 26 gennaio 2009 11:04:16 [email protected] ha scritto:
> Hello Sam,
>
> > you can indeed use webaccess to protect your submissions but currently
> > not with a global deny all and a whitelist.
>
> Hmmm... It could be useful though, to have it as a future enhancement,
> if the rest of the dev team agrees... (maybe a new parameter in the
> invenio.conf file? or a general firewall-like parameter in the submit
> action that looks like 'allow,deny' or 'deny,allow', or...)
Thanks for the suggestion! it's in our TODO list to enhanc webaccess to
support either blacklist vs. whitelist default authorization. We'll try to
come up with a good solution in the near future.
> > * given e.g. a submission named DEMOART, with an action SBI, you can now
> > authorize with WebAccess the DEMOART_SUBMITTERS to submit to DEMOART, by
> > connecting the DEMOART_SUBMITTERS role, to the WebAccess action "submit"
> > specifying doctype=DEMOART, and act=SBI. (see the attachment)
>
> [...]
> This was the first thing I've tried, but (lacking an example in the
> demo site or docs) I used
> act=all,none,deny,allow,"*" etc but NOT SBI,MBI,.... :p
This is a point that we'll try to clarify in the documentation. Thanks for
pointing it out :-)
> Thanks for the clarification!
> It's working like a charm now :)
Glad to hear this!
Best regards,
Sam
--
.O.
..O
OOO
