SUNScholar/Item and Collection Permissions

From Libopedia
Jump to: navigation, search
Back to Customisation
Introduction

Since version 1.7.2 , DSpace has very fine-gained control for permissions on communities, collections and items. One can control access to whole communities or collections or one can control access to an individual bitstream only. The level of access you grant is up to you as the administrator.

The control of permissions is called policy management in DSpace terminology.

Basic Permissions

Using the XMLUI interface, policies are managed by clicking on "Click here to add a new policy" when logged in as an Administrator and have selected to edit a community, collection or item.

See screenshot below.

Collection-policy-management.png

Advanced Policies

In addition you can use the wildcard policy tool to implement policies that are inherited by descendant communities/collections/items in order to delegate administrative tasks.

See screenshots below.

Step 1 - Click on: "Authorizations" Ap.png

Step 2 - Click on: "Advanced authorizations tool" Ap-1.png

Step 3 - Setup and apply advanced authorization Advanced-policies.png

References
Default config
##### Authorization system configuration - Delegate ADMIN #####

# COMMUNITY ADMIN configuration
# subcommunities and collections
#core.authorization.community-admin.create-subelement = true
#core.authorization.community-admin.delete-subelement = true
# his community
#core.authorization.community-admin.policies = true
#core.authorization.community-admin.admin-group = true
# collections in his community
#core.authorization.community-admin.collection.policies = true
#core.authorization.community-admin.collection.template-item = true
#core.authorization.community-admin.collection.submitters = true
#core.authorization.community-admin.collection.workflows = true
#core.authorization.community-admin.collection.admin-group = true
# item owned by collections in his community
#core.authorization.community-admin.item.delete = true
#core.authorization.community-admin.item.withdraw = true
#core.authorization.community-admin.item.reinstatiate = true
#core.authorization.community-admin.item.policies = true
# also bundle...
#core.authorization.community-admin.item.create-bitstream = true
#core.authorization.community-admin.item.delete-bitstream = true
#core.authorization.community-admin.item-admin.cc-license = true

# COLLECTION ADMIN
#core.authorization.collection-admin.policies = true
#core.authorization.collection-admin.template-item = true
#core.authorization.collection-admin.submitters = true
#core.authorization.collection-admin.workflows = true
#core.authorization.collection-admin.admin-group = true
# item owned by his collection
#core.authorization.collection-admin.item.delete = true
#core.authorization.collection-admin.item.withdraw = true
#core.authorization.collection-admin.item.reinstatiate = true
#core.authorization.collection-admin.item.policies = true
# also bundle...
#core.authorization.collection-admin.item.create-bitstream = true
#core.authorization.collection-admin.item.delete-bitstream = true
#core.authorization.collection-admin.item-admin.cc-license = true

# ITEM ADMIN
#core.authorization.item-admin.policies = true
# also bundle...
#core.authorization.item-admin.create-bitstream = true
#core.authorization.item-admin.delete-bitstream = true
#core.authorization.item-admin.cc-license = true