Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Indexing: Allow authorized users other than creator to search and browse draft and deaccessioned users. #734

Closed
kcondon opened this issue Jul 15, 2014 · 7 comments
Closed

Indexing: Allow authorized users other than creator to search and browse draft and deaccessioned users. #734

kcondon opened this issue Jul 15, 2014 · 7 comments
Assignees
@esotiri
Labels
Feature: Search/Browse Type: Bug a defect UX & UI: Design This issue needs input on the design of the UI and from the product owner
Milestone
Beta 10 - Dataver...

Comments

@kcondon
Copy link
Contributor

kcondon commented Jul 15, 2014

Currently only creators can see draft and deaccessioned versions when the requirements allow for authorized users to see them.

I believe in this context authorized= edit perms.
@kcondon kcondon added this to the Dataverse 4.0: Beta 2 milestone Jul 15, 2014
@pdurbin
Copy link
Member

pdurbin commented Jul 15, 2014

#57 (Implement discoverability rules for search/browse) is the ticket I've kept open until we get away from the idea that only the creator can see unpublished and deaccessioned things. That ticket is actually broader since it has to do with dataverses as well.

I believe in this context authorized= edit perms.

This is a fairly critical question. I plan to look at the Object/Permission Matrix at https://docs.google.com/spreadsheet/ccc?key=0AmFIRWc1bL0QdFRLbTVORUNyVENac1EwUHBfSTBtRmc&usp=sharing for guidance on what permissions to check. Also, I'll ask @sekmiller to show me what permissions he's checking that lead to @kcondon noticing the mismatch.

At index time, I think I'm going to need methods at the dataset level (for example) to retrieve a list of groups and users that have the appropriate (edit?) permission. Perhaps these groups and users will actually be RoleAssigneeRecords depending on how @michbarsinai and I implement groups. As of this writing, the way we hide non-public things is by doing a Solr JOIN on per-user groups:

dataverse/src/main/java/edu/harvard/iq/dataverse/SearchServiceBean.java

Line 139 in 157cf23

* Unless you're part of some special group, you get the "User

pdurbin added a commit that referenced this issue Jul 16, 2014
@pdurbin
noted approaches for indexing based on permissions #734
88ef0fe
@pdurbin pdurbin mentioned this issue Aug 14, 2014
Closed
pdurbin added a commit that referenced this issue Sep 8, 2014
@pdurbin
started fixing indexing (dv and ds only) #734
7a53c3c 
- can't fix file indexing until dataset page works or sword auth works
@pdurbin pdurbin modified the milestones: Beta 10 - Dataverse 4.0, Long Term Issues-Dataverse 4.0 Nov 4, 2014
@pdurbin pdurbin mentioned this issue Nov 14, 2014
Closed
@pdurbin pdurbin removed their assignment Dec 2, 2014
@pdurbin
Copy link
Member

pdurbin commented Dec 2, 2014

Moving to QA. Please see #57 (comment) for specifics about expected behavior for Beta 9, especially with regard to inheritance of search permissions.

@esotiri esotiri self-assigned this Dec 2, 2014
@esotiri
Copy link
Contributor

esotiri commented Dec 3, 2014

I am going to test rules Phil nicely wrote on https://cloud.githubusercontent.com/assets/21006/5267845/72605d02-7a22-11e4-9a3e-5bcf376b1608.png
and here
https://cloud.githubusercontent.com/assets/21006/5286666/65fb3906-7af4-11e4-9c58-f931eec20221.png

@esotiri
Copy link
Contributor

esotiri commented Dec 3, 2014

Authenticated user with ViewUnpublishedDataset and ViewUnpublishedDV permission can see respective objects.
Working for ViewUnpublishedDataset drafts DS.

@esotiri esotiri closed this as completed Dec 3, 2014
@esotiri esotiri reopened this Dec 3, 2014
@esotiri
Copy link
Contributor

esotiri commented Dec 3, 2014

Can not test search perms for deaccession DS due to #1207
Changing to milestone 10 for this specific issue.

@pdurbin
Copy link
Member

pdurbin commented Dec 11, 2014

65fb3906-7af4-11e4-9c58-f931eec20221

screenshot from #57 (comment)

@esotiri
Copy link
Contributor

esotiri commented Dec 19, 2014

authenticated users with view unpublished dataverse and dataset roles can view draft and deaccessioned datasets.
If first version is deaccessioned, user can still see higher versions.

@esotiri esotiri closed this as completed Dec 19, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@esotiri esotiri

Labels
Feature: Search/Browse Type: Bug a defect UX & UI: Design This issue needs input on the design of the UI and from the product owner
Projects
None yet
Milestone
Beta 10 - Dataverse 4.0
Development

No branches or pull requests
5 participants
@pdurbin @esotiri @scolapasta @kcondon @eaquigley