Re: Access rights for files
On 29/4/2013 9:37 πμ, Alexander Wagner wrote:
## Eg:
## [('', 'No restriction'), ('restr', 'Restricted')]
CFG_BIBDOCFILE_DOCUMENT_FILE_MANAGER_RESTRICTIONS = [
('', 'Public'),
('restricted', 'Restricted')]
If this could learn something like "6-month embargo" and "12-month
embargo" e.g. by reading a field like Lars' OpenAIRE setting we would
already have a 99% solution and the rest could be done easily by hand.
It would fall back to some time calculations, but well. Probably one
could merge it with the 942-aproach of OpenAIRE?
This type of embargo is what we also needed in the past. Back in the
0.99.x days I had it solved -partly- with a custom "Upload_Files.py"
websumbit function, but nowadays you could do even more with a custom
Websubmit Element of type "Response". You can check "Upload_Files"
websubmit element in the demo site where you may call the
create_file_upload_interface python function with all the parameters you
need.
Since you could calculate the exact date in a "12 months-from-now
embargo restriction", you could create a semi-dynamic embargo firerole
restriction in the response element! The downside is that you could not
easily edit the end of embargo date at a later stage using the gui. But
it's a start...
Sam could correct me if I'm wrong...
Best regards,
Theodoros
Re: Access rights for files
On 29.04.2013 08:53, Theodoros Theodoropoulos wrote:
Hi!
So we encourage all our users to upload a full text and only give access
at the library if we are allowed to. So this might be very well two
distinct tasks.
Your scenario is not uncommon i think...
Definitely not. I have at least 5 identical cases already. But I also
know that it's common procedure at most universities here in Germany.
And it seems not that difficult to implement!
Even with the existing Create_Upload_Files_Interface, you could define a
custom 'static' restriction -as Sam said- that "allows librarian group
and submitter and denies everyone else".
This is done upon websubmit. It's a bit more involved but in principle
that's what's happening. A semistatic rule who can access the file upon
inital upload.
IF user chooses to 'restrict'
the document this will be applied. The added bonus is that with invenio
1.1 you could CHANGE this restriction afterwards with Document File
Management. OR, even with earlier versions you could probably implement
the same functionality with Submit Revised Version ('SRV') action.
As I mentioned, I can solve many areas with the static solution. E.g.
free on campus and stuff like that. I just wasn't aware what this
"restriced" refers to. The only thing I think that's still lacking is
embargoed stuff.
I even know how to do that in principle but I didn't want to invent
something that exists already. IMHO, as pointed out in my other mail, if
one marries the OpenAIRE 942 fielded solution for embargos with the
invenio 1.1 static stuff 99% of all (our) cases are covered.
--
Kind regards,
Alexander Wagner
Subject Specialist
Central Library
52425 Juelich
mail : a.wag...@fz-juelich.de
phone: +49 2461 61-1586
Fax : +49 2461 61-6103
www.fz-juelich.de/zb/DE/zb-fi
Forschungszentrum Juelich GmbH
52425 Juelich
Sitz der Gesellschaft: Juelich
Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher
Geschaeftsfuehrung: Prof. Dr. Achim Bachem (Vorsitzender),
Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt,
Prof. Dr. Sebastian M. Schmidt
Re: Access rights for files
So we encourage all our users to upload a full text and only give access
at the library if we are allowed to. So this might be very well two
distinct tasks.
Your scenario is not uncommon i think... And it seems not that difficult
to implement!
Even with the existing Create_Upload_Files_Interface, you could define a
custom 'static' restriction -as Sam said- that "allows librarian group
and submitter and denies everyone else". IF user chooses to 'restrict'
the document this will be applied. The added bonus is that with invenio
1.1 you could CHANGE this restriction afterwards with Document File
Management. OR, even with earlier versions you could probably implement
the same functionality with Submit Revised Version ('SRV') action.
Re: Access rights for files
On 26.04.2013 16:50, Samuele Kaplun wrote:
Hello Sam!
A common use case arises here due to embargoed open access. We get the
file for OA from our authors, but it has an embargo for say 12 months.
Afterwards, we can enable access to the file. Easy to accomplish, by use
of firerules in principle.
In maint-1.1, the Document File Manager (which is actually the same interface
that can be displayed in WebSubmit with the combo
Create_Upload_Files_Interface + Move_Uploaded_Files_to_Storage) can be
actually tuned to many use cases by playing with the config variables
CFG_BIBDOCFILE_DOCUMENT_FILE_MANAGER_MISC,
CFG_BIBDOCFILE_DOCUMENT_FILE_MANAGER_DOCTYPES and in particular
CFG_BIBDOCFILE_DOCUMENT_FILE_MANAGER_RESTRICTIONS:
Ah. This will solve most of our issues already.
## Eg:
## [('', 'No restriction'), ('restr', 'Restricted')]
CFG_BIBDOCFILE_DOCUMENT_FILE_MANAGER_RESTRICTIONS = [
('', 'Public'),
('restricted', 'Restricted')]
If this could learn something like "6-month embargo" and "12-month
embargo" e.g. by reading a field like Lars' OpenAIRE setting we would
already have a 99% solution and the rest could be done easily by hand.
It would fall back to some time calculations, but well. Probably one
could merge it with the 942-aproach of OpenAIRE?
Concerning our 1.0.2 vs. 1.1: yes we are working on that upgrade. I
understand that we should definitely go upstream. But as I mentioned
already we are a bit tighter in resources than CERN ;)
--
Kind regards,
Alexander Wagner
Subject Specialist
Central Library
52425 Juelich
mail : a.wag...@fz-juelich.de
phone: +49 2461 61-1586
Fax : +49 2461 61-6103
www.fz-juelich.de/zb/DE/zb-fi
Forschungszentrum Juelich GmbH
52425 Juelich
Sitz der Gesellschaft: Juelich
Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher
Geschaeftsfuehrung: Prof. Dr. Achim Bachem (Vorsitzender),
Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt,
Prof. Dr. Sebastian M. Schmidt
Re: Access rights for files
On 26.04.2013 16:35, Theodoros Theodoropoulos wrote: Hello Theodoros! I too would be interested in such a functionality! :) Personally, I don't think there is an easy way to do it. :( As i see it, a new "Action" (similar to SRV) should be created (along with relevant websubmit functions and elements) that would read and display the current files along with their restrictions. Important note: an update to relevant bibdocfile.py functions would be needed as 'get-restrictions' is not supported! I think one has to be a bit careful here. In general I'm not sure that one can set proper permissions upon initial websubmit. In our case websubmit is done by our scientists and/or their secretaries. They do not want to fiddle with copyright-issues here. On the other hand we'd like to get the full texts anyway as, you know there is a limited period of only 70 years that applies in the worst case. So we encourage all our users to upload a full text and only give access at the library if we are allowed to. So this might be very well two distinct tasks. -- Kind regards, Alexander Wagner Subject Specialist Central Library 52425 Juelich mail : a.wag...@fz-juelich.de phone: +49 2461 61-1586 Fax : +49 2461 61-6103 www.fz-juelich.de/zb/DE/zb-fi Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher Geschaeftsfuehrung: Prof. Dr. Achim Bachem (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Prof. Dr. Sebastian M. Schmidt
Re: Access rights for files
Hello Ludmila, On 26/4/2013 5:51 μμ, Ludmila Marian wrote: The restrictions are stored as the status of the file, so get_status() should do the trick to get the restriction of the file. True, true! I see that you're already using get_status to merge restrictions when merging bibdocs. My suggestion for a 'get_restriction' function was based on the already implemented get_comment, get_description, get_version, etc functions. The functionality as you pointed out is there, the new name would just be more in par with the rest of the function names :) In any case, thanks for the hint! Theodoros
Re: Access rights for files
Hi Alex,
In data venerdì 26 aprile 2013 16:50:09, Samuele Kaplun ha scritto:
> In maint-1.1, the Document File Manager (which is actually the same
> interface that can be displayed in WebSubmit with the combo
> Create_Upload_Files_Interface + Move_Uploaded_Files_to_Storage) can be
> actually tuned to many use cases by playing with the config variables
> CFG_BIBDOCFILE_DOCUMENT_FILE_MANAGER_MISC,
> CFG_BIBDOCFILE_DOCUMENT_FILE_MANAGER_DOCTYPES and in particular
> CFG_BIBDOCFILE_DOCUMENT_FILE_MANAGER_RESTRICTIONS:
>
> ## CFG_BIBDOCFILE_DOCUMENT_FILE_MANAGER_RESTRICTIONS -- this is the
> ## list of restrictions (like 'Restricted' or 'No Restriction') and their
> ## description that admins can choose from when adding or revising files.
> ## Restrictions can then be configured at the level of WebAccess.
> ## - When no value is provided, no restriction is
> ## applied
> ## - When a single value is given, it is used as
> ## default resctriction for all documents.
> ## - The first value of the list is used as default
> ## restriction if the user if not given the
> ## choice of the restriction. Order is relevant
> ##
> ## Eg:
> ## [('', 'No restriction'), ('restr', 'Restricted')]
> CFG_BIBDOCFILE_DOCUMENT_FILE_MANAGER_RESTRICTIONS = [
> ('', 'Public'),
> ('restricted', 'Restricted')]
>
> Where ‘’ and ‘restricted’ would directly go into the $r of a corresponding
> FFT tag.
>
> So to your cataloguers you would be able to let them choose a priori any
> kind of pre-defined *static* values to be put in the corresponding FFT $r.
> So as you see right now there is no way to set an embargo-like restriction,
> since you would have to put a firerole rule that depends on the today date
> and this is not supported right now in the Document File Manager tool.
>
> The current workaround as suggested by Lars and Theodoros is to either use a
> bibtasklet or a dedicated websubmit function (as the Set_Embargo one).
Sorry, I read only now that you are still on 1.0.x. So the above config
variable are indeed available if you include the commit:
commit 47e4a3364a9c84942fe9cddc88530466195663a6
Author: Samuele Kaplun
Date: Wed Aug 22 15:45:19 2012 +0200
WebSubmit: configurable Document File Manager
* Moves configuration of the Document File Manager into
invenio.conf, so that admins can customize e.g. the list
of available doctypes and restrictions.
* Provides transparent fallback to default values for those
v1.0.x versions that do not have these variables in
invenio.conf.
In these case the variables are called CFG_WEBSUBMIT_* instead of
CFG_BIBDOCFILE_* though (just to be aware the day you migrate to 1.1.x or
more).
Cheers!
Sam
--
Samuele Kaplun
Invenio Developer **
Re: Access rights for files
Hi Theodoros, On 04/26/2013 04:35 PM, Theodoros Theodoropoulos wrote: Hello Lars and Alexander! I too would be interested in such a functionality! Personally, I don't think there is an easy way to do it. As i see it, a new "Action" (similar to SRV) should be created (along with relevant websubmit functions and elements) that would read and display the current files along with their restrictions. Important note: an update to relevant bibdocfile.py functions would be needed as 'get-restrictions' is not supported! The restrictions are stored as the status of the file, so get_status() should do the trick to get the restriction of the file. Cheers, Ludmila If you feed the current restrictions to a websubmit form's textarea that is editable, it's easy to ask the bibdocfile library to 're-set' the permissions for each bibdocfile to the new values when the librarian clicks submit. The current Create_Upload_Files_Interface.py functions does not include such functionality, but it could be done... (Having said that, one sould probably have to mess with websubmit_templates.py too) I'm using a custom websubmit_function (based on the 'older' Upload_Files) to perform a similar task but during the initial phase of the submission only where 'set' is only needed. If one needs to 'edit' the relevant data he/she has to contact me so that I would manually run the bibdocfile (in cli) with the new values. Just my two cents, Theodoros -- Ludmila Marian Software Engineer CERN, IT Department, Digital Library Service Section
Re: Access rights for files
Hi Alex,
In data venerdì 26 aprile 2013 14:03:33, Alexander Wagner ha scritto:
> This dialogue offers "restricted" as well, but I have no idea what
> "restricited" actually sets. Nor do I see a away to define which
> restrictions should be applied. (Not even if I allow free form firerule
> writing, which would probably be a bit technical in some cases as well.)
>
> A common use case arises here due to embargoed open access. We get the
> file for OA from our authors, but it has an embargo for say 12 months.
> Afterwards, we can enable access to the file. Easy to accomplish, by use
> of firerules in principle.
In maint-1.1, the Document File Manager (which is actually the same interface
that can be displayed in WebSubmit with the combo
Create_Upload_Files_Interface + Move_Uploaded_Files_to_Storage) can be
actually tuned to many use cases by playing with the config variables
CFG_BIBDOCFILE_DOCUMENT_FILE_MANAGER_MISC,
CFG_BIBDOCFILE_DOCUMENT_FILE_MANAGER_DOCTYPES and in particular
CFG_BIBDOCFILE_DOCUMENT_FILE_MANAGER_RESTRICTIONS:
## CFG_BIBDOCFILE_DOCUMENT_FILE_MANAGER_RESTRICTIONS -- this is the
## list of restrictions (like 'Restricted' or 'No Restriction') and their
## description that admins can choose from when adding or revising files.
## Restrictions can then be configured at the level of WebAccess.
## - When no value is provided, no restriction is
## applied
## - When a single value is given, it is used as
## default resctriction for all documents.
## - The first value of the list is used as default
## restriction if the user if not given the
## choice of the restriction. Order is relevant
##
## Eg:
## [('', 'No restriction'), ('restr', 'Restricted')]
CFG_BIBDOCFILE_DOCUMENT_FILE_MANAGER_RESTRICTIONS = [
('', 'Public'),
('restricted', 'Restricted')]
Where ‘’ and ‘restricted’ would directly go into the $r of a corresponding FFT
tag.
So to your cataloguers you would be able to let them choose a priori any kind
of pre-defined *static* values to be put in the corresponding FFT $r. So as
you see right now there is no way to set an embargo-like restriction, since
you would have to put a firerole rule that depends on the today date and this
is not supported right now in the Document File Manager tool.
The current workaround as suggested by Lars and Theodoros is to either use a
bibtasklet or a dedicated websubmit function (as the Set_Embargo one).
Cheers!
Sam
--
Samuele Kaplun
Invenio Developer **
Re: Access rights for files
The bibtasklet is here
http://invenio-software.org/repo/openaire/tree/bibsched/lib/bibsched_tasklets/bst_openaire_check_rights.py
(it's in OpenAIRE repository, so it will not work out of the box on
standard Invenio.
The access rights are very simple, hence the possiblity to do access
rights in MARC: open, closed/restricted, embargoed stored in 542_l and
embargo date stored in 942__a (
http://openaire.cern.ch/record/5956/export/hm?ln=en)
Cheers,
Lars
On 26/04/13 14:34, Alexander Wagner wrote:
On 26.04.2013 14:09, Lars Holm Nielsen wrote:
Hi!
Unfortunately I don't know of any librarian accessible interfaces to
properly set the file.
In Orphan repository I have a bibtasklet running in the background which
based on what's in the MARC, will ensure that the files has proper
access right. I can share if you are interested, but I'm not sure it
applies in your specific case.
This would be definitely of interest. How do you store the permissions
"in marc"?
IMHO even FFT should probably be exposed to bibedit anyway like a usual
MARC field. ("My librarians" can usually easily handle everything that
is in Marc but python backend is another story.)
--
Kind regards,
Alexander Wagner
Subject Specialist
Central Library
52425 Juelich
mail : a.wag...@fz-juelich.de
phone: +49 2461 61-1586
Fax : +49 2461 61-6103
www.fz-juelich.de/zb/DE/zb-fi
Forschungszentrum Juelich GmbH
52425 Juelich
Sitz der Gesellschaft: Juelich
Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher
Geschaeftsfuehrung: Prof. Dr. Achim Bachem (Vorsitzender),
Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt,
Prof. Dr. Sebastian M. Schmidt
--
Lars Holm Nielsen
Software Engineer
CERN, IT Department, Digital Library Technology Section
Office 513/1-014
Tel: +41 22 76 79182
Cel: +41 76 672 8927
smime.p7s
Description: S/MIME Cryptographic Signature
Re: Access rights for files
Hello Lars and Alexander! I too would be interested in such a functionality! Personally, I don't think there is an easy way to do it. As i see it, a new "Action" (similar to SRV) should be created (along with relevant websubmit functions and elements) that would read and display the current files along with their restrictions. Important note: an update to relevant bibdocfile.py functions would be needed as 'get-restrictions' is not supported! If you feed the current restrictions to a websubmit form's textarea that is editable, it's easy to ask the bibdocfile library to 're-set' the permissions for each bibdocfile to the new values when the librarian clicks submit. The current Create_Upload_Files_Interface.py functions does not include such functionality, but it could be done... (Having said that, one sould probably have to mess with websubmit_templates.py too) I'm using a custom websubmit_function (based on the 'older' Upload_Files) to perform a similar task but during the initial phase of the submission only where 'set' is only needed. If one needs to 'edit' the relevant data he/she has to contact me so that I would manually run the bibdocfile (in cli) with the new values. Just my two cents, Theodoros
Re: Access rights for files
On 26.04.2013 14:09, Lars Holm Nielsen wrote:
Hi!
Unfortunately I don't know of any librarian accessible interfaces to
properly set the file.
In Orphan repository I have a bibtasklet running in the background which
based on what's in the MARC, will ensure that the files has proper
access right. I can share if you are interested, but I'm not sure it
applies in your specific case.
This would be definitely of interest. How do you store the permissions
"in marc"?
IMHO even FFT should probably be exposed to bibedit anyway like a usual
MARC field. ("My librarians" can usually easily handle everything that
is in Marc but python backend is another story.)
--
Kind regards,
Alexander Wagner
Subject Specialist
Central Library
52425 Juelich
mail : a.wag...@fz-juelich.de
phone: +49 2461 61-1586
Fax : +49 2461 61-6103
www.fz-juelich.de/zb/DE/zb-fi
Forschungszentrum Juelich GmbH
52425 Juelich
Sitz der Gesellschaft: Juelich
Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher
Geschaeftsfuehrung: Prof. Dr. Achim Bachem (Vorsitzender),
Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt,
Prof. Dr. Sebastian M. Schmidt
Re: Access rights for files
Hi, Unfortunately I don't know of any librarian accessible interfaces to properly set the file. In Orphan repository I have a bibtasklet running in the background which based on what's in the MARC, will ensure that the files has proper access right. I can share if you are interested, but I'm not sure it applies in your specific case. Cheers, Lars On 26/04/13 14:03, Alexander Wagner wrote: Hi! Upon upload, I can easily set up permissions of a file by means of the fft-tags according to our needs. However, till now I did not find a way to change the rights of a full text file on a higher level than an fft tag in marc xml. Or in other words: where is the interface to adopt access rights that could be accessible for our library staff? It seems that managedocfile does not do the trick. I can "revise" the file therem but the only sensible option for access is public. However, sensible might clash with jurisdiction (as usual ;) This dialogue offers "restricted" as well, but I have no idea what "restricited" actually sets. Nor do I see a away to define which restrictions should be applied. (Not even if I allow free form firerule writing, which would probably be a bit technical in some cases as well.) A common use case arises here due to embargoed open access. We get the file for OA from our authors, but it has an embargo for say 12 months. Afterwards, we can enable access to the file. Easy to accomplish, by use of firerules in principle. But: to get the content in the first place and for some other (legal) reasons within websubmit we set the access permissions for the files quite tightly. This allows us to tell our users: upload the file in case of doubt we check anyway. Restrictions here are only staff and the uploader can see the file itself. Then the library checks the submission and if the file in question can be released to the world our librarian would like to set permissions properly. Probably we would like to set something like "deny until 2014-01-01". But at the moment I see no way how we can do that if the final permission is not "free for world". Thanks for your help! :) Currently still invenio 1.0.2x -- Kind regards, Alexander Wagner Subject Specialist Central Library 52425 Juelich mail : a.wag...@fz-juelich.de phone: +49 2461 61-1586 Fax : +49 2461 61-6103 www.fz-juelich.de/zb/DE/zb-fi Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher Geschaeftsfuehrung: Prof. Dr. Achim Bachem (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Prof. Dr. Sebastian M. Schmidt -- Lars Holm Nielsen Software Engineer CERN, IT Department, Digital Library Technology Section Office 513/1-014 Tel: +41 22 76 79182 Cel: +41 76 672 8927 smime.p7s Description: S/MIME Cryptographic Signature
Access rights for files
Hi! Upon upload, I can easily set up permissions of a file by means of the fft-tags according to our needs. However, till now I did not find a way to change the rights of a full text file on a higher level than an fft tag in marc xml. Or in other words: where is the interface to adopt access rights that could be accessible for our library staff? It seems that managedocfile does not do the trick. I can "revise" the file therem but the only sensible option for access is public. However, sensible might clash with jurisdiction (as usual ;) This dialogue offers "restricted" as well, but I have no idea what "restricited" actually sets. Nor do I see a away to define which restrictions should be applied. (Not even if I allow free form firerule writing, which would probably be a bit technical in some cases as well.) A common use case arises here due to embargoed open access. We get the file for OA from our authors, but it has an embargo for say 12 months. Afterwards, we can enable access to the file. Easy to accomplish, by use of firerules in principle. But: to get the content in the first place and for some other (legal) reasons within websubmit we set the access permissions for the files quite tightly. This allows us to tell our users: upload the file in case of doubt we check anyway. Restrictions here are only staff and the uploader can see the file itself. Then the library checks the submission and if the file in question can be released to the world our librarian would like to set permissions properly. Probably we would like to set something like "deny until 2014-01-01". But at the moment I see no way how we can do that if the final permission is not "free for world". Thanks for your help! :) Currently still invenio 1.0.2x -- Kind regards, Alexander Wagner Subject Specialist Central Library 52425 Juelich mail : a.wag...@fz-juelich.de phone: +49 2461 61-1586 Fax : +49 2461 61-6103 www.fz-juelich.de/zb/DE/zb-fi Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher Geschaeftsfuehrung: Prof. Dr. Achim Bachem (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Prof. Dr. Sebastian M. Schmidt
