Difference between revisions of "Access Control Layer"

From EPrints Documentation
Jump to: navigation, search
Line 13: Line 13:
 
*NO text in citation files or other files - use phrases - a la https://github.com/eprints/eprints/commit/cccfab14e0b6764d7f1d80daf57bf4e308f56dd7
 
*NO text in citation files or other files - use phrases - a la https://github.com/eprints/eprints/commit/cccfab14e0b6764d7f1d80daf57bf4e308f56dd7
  
 +
== Things to do ==
 +
*LogHandler - what do we log an when?
 +
*Check poly-lingual behaviour
 +
*Check behaviour for summary_page and summary_page_denied
 +
*Abstract summary page handler up to dataobj level
 +
*Add config options to enable summary pages for specific dataobjs $c->{summary_pages}->{document} = sub{ get eprint -> is archive} type thing
  
 
== Other thoughts / useful links ==
 
== Other thoughts / useful links ==

Revision as of 16:09, 3 October 2014

This development is designed to allow access restrictions to be placed on EPrints, Documents and other data objects.

The model we're currently work with is:

Authenticating Authority (AA) - a trusted sign-in method that may also provide some knowledge about the person signing in, and offer groupings based on their attributes.

ACLRole - These are configured based on what an AA can offer. When a user signs in, any ACLRoles that the AA can grant to the user are added to their session. A user could sign in via more than one AA at a time.

ACLGroup - A set of ACLRoles that can be applied to an EPrint/Document/?. When access to the item is requested, the session ACLRoles are checked against the allowed ACLRoles. If there is a match, access is granted.

When we make this shizzle, how should it be done?

Things to do

  • LogHandler - what do we log an when?
  • Check poly-lingual behaviour
  • Check behaviour for summary_page and summary_page_denied
  • Abstract summary page handler up to dataobj level
  • Add config options to enable summary pages for specific dataobjs $c->{summary_pages}->{document} = sub{ get eprint -> is archive} type thing

Other thoughts / useful links