#725: BibEdit: more flexible collection check
--------------------------+----------------------
Reporter: simko | Owner: jmartinm
Type: enhancement | Status: assigned
Priority: major | Milestone:
Component: BibEdit | Version:
Resolution: | Keywords:
--------------------------+----------------------
Changes (by simko):
* status: in_merge => assigned
Comment:
1) This would not work as expected. If you check editing authorisations
via `get_all_collections_of_a_record()`, then for example the demo record
103 belongs to:
{{{
In [2]: get_all_collections_of_a_record(103)
Out[2]:
['Atlantis Times News',
'Atlantis Times',
'Atlantis Institute of Fictive Science',
'Multimedia & Arts']
}}}
Now if you check all these collections without paying attention to
mother/daughter relations, then this would lead to a problem: if we had
granted editing rights for "Atlantis Times" to somebody, he/she should not
be required to hold cataloguing rights for all of "Multimedia & Arts" too;
he/she is the editor of "Atlantis Times" part of the tree only.
The other way round should be granted, of course: if somebody has rights
to edit "Multimedia and Arts", he/she should be having editing rights on
"Atlantis Times" too. (Which was the topic of my ticket.)
Note that we have test cases, see Juliet with the photo curation role,
that would fail with the branch.
2) When you shall be amending the branch, please don't use function name
like `authorize_all_collections()`, but rather rename it to
`authorize_editing_in_all_collections()`, because we are wondering about
authorising editing only, not other operations. (Abstracting away for a
moment from the fact that we should not check //all// collections, as
described in the point above.)
--
Ticket URL: <http://invenio-software.org/ticket/725#comment:4>
Invenio <http://invenio-software.org>
