Difference between revisions of "SUNScholar/Resource Permissions"
Jump to navigation
Jump to search
m (→YouTube Videos) |
|||
| (60 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
<center> | <center> | ||
| − | '''[[SUNScholar/ | + | '''[[SUNScholar/Access_Control|BACK TO ACCESS CONTROL]]''' |
</center> | </center> | ||
| − | + | ==Introduction== | |
| − | DSpace has | + | Since version 1.7.2 , DSpace has enabled, by default, permissions on resources. The control of resource permissions is called policy management in DSpace terminology. |
| − | + | <font color="red">'''*** You can only define resource policies when logged in as the [[SUNScholar/Install_DSpace/S07|super-administrator]]''' ***</font> | |
| − | + | ''It is possible to delegate the administration of Communities and Collections.'' | |
| − | + | This functionality eliminates the need for an Administrator Superuser account for these purposes. An EPerson that will be attributed Delegate Admin rights for a certain community or collection will also "inherit" the rights for underlying collections and items. As a result, a community admin will also be collection admin for all underlying collections. Likewise, a collection admin will also gain admin rights for all the items owned by the collection. | |
| + | |||
| + | Authorization to execute the functions that are allowed to a user with WRITE permission on an object will be attributed to be the ADMIN of the object (e.g. community/collection/admin will be always allowed to edit metadata of the object). The default will be "true" for all the configurations. | ||
| + | ==Default config== | ||
<pre> | <pre> | ||
##### Authorization system configuration - Delegate ADMIN ##### | ##### Authorization system configuration - Delegate ADMIN ##### | ||
| Line 60: | Line 63: | ||
</pre> | </pre> | ||
| − | + | ==References== | |
| + | *https://github.com/DSpace/DSpace/blob/master/dspace/config/dspace.cfg#L253-L292 | ||
| + | *https://wiki.duraspace.org/display/DSDOC5x/Configuration+Reference#ConfigurationReference-DelegationAdministration:AuthorizationSystemConfiguration | ||
| + | *https://wiki.duraspace.org/display/DSDOC4x/Configuration+Reference#ConfigurationReference-DelegationAdministration:AuthorizationSystemConfiguration | ||
*https://wiki.duraspace.org/display/DSDOC3x/Configuration#Configuration-DelegationAdministration:AuthorizationSystemConfiguration | *https://wiki.duraspace.org/display/DSDOC3x/Configuration#Configuration-DelegationAdministration:AuthorizationSystemConfiguration | ||
| − | + | [[Category:Operations]] | |
| − | |||
| − | |||
| − | |||
Latest revision as of 10:09, 20 June 2016
BACK TO ACCESS CONTROL
Introduction
Since version 1.7.2 , DSpace has enabled, by default, permissions on resources. The control of resource permissions is called policy management in DSpace terminology.
*** You can only define resource policies when logged in as the super-administrator ***
It is possible to delegate the administration of Communities and Collections.
This functionality eliminates the need for an Administrator Superuser account for these purposes. An EPerson that will be attributed Delegate Admin rights for a certain community or collection will also "inherit" the rights for underlying collections and items. As a result, a community admin will also be collection admin for all underlying collections. Likewise, a collection admin will also gain admin rights for all the items owned by the collection.
Authorization to execute the functions that are allowed to a user with WRITE permission on an object will be attributed to be the ADMIN of the object (e.g. community/collection/admin will be always allowed to edit metadata of the object). The default will be "true" for all the configurations.
Default config
##### Authorization system configuration - Delegate ADMIN ##### # COMMUNITY ADMIN configuration # subcommunities and collections #core.authorization.community-admin.create-subelement = true #core.authorization.community-admin.delete-subelement = true # his community #core.authorization.community-admin.policies = true #core.authorization.community-admin.admin-group = true # collections in his community #core.authorization.community-admin.collection.policies = true #core.authorization.community-admin.collection.template-item = true #core.authorization.community-admin.collection.submitters = true #core.authorization.community-admin.collection.workflows = true #core.authorization.community-admin.collection.admin-group = true # item owned by collections in his community #core.authorization.community-admin.item.delete = true #core.authorization.community-admin.item.withdraw = true #core.authorization.community-admin.item.reinstatiate = true #core.authorization.community-admin.item.policies = true # also bundle... #core.authorization.community-admin.item.create-bitstream = true #core.authorization.community-admin.item.delete-bitstream = true #core.authorization.community-admin.item-admin.cc-license = true # COLLECTION ADMIN #core.authorization.collection-admin.policies = true #core.authorization.collection-admin.template-item = true #core.authorization.collection-admin.submitters = true #core.authorization.collection-admin.workflows = true #core.authorization.collection-admin.admin-group = true # item owned by his collection #core.authorization.collection-admin.item.delete = true #core.authorization.collection-admin.item.withdraw = true #core.authorization.collection-admin.item.reinstatiate = true #core.authorization.collection-admin.item.policies = true # also bundle... #core.authorization.collection-admin.item.create-bitstream = true #core.authorization.collection-admin.item.delete-bitstream = true #core.authorization.collection-admin.item-admin.cc-license = true # ITEM ADMIN #core.authorization.item-admin.policies = true # also bundle... #core.authorization.item-admin.create-bitstream = true #core.authorization.item-admin.delete-bitstream = true #core.authorization.item-admin.cc-license = true
References
- https://github.com/DSpace/DSpace/blob/master/dspace/config/dspace.cfg#L253-L292
- https://wiki.duraspace.org/display/DSDOC5x/Configuration+Reference#ConfigurationReference-DelegationAdministration:AuthorizationSystemConfiguration
- https://wiki.duraspace.org/display/DSDOC4x/Configuration+Reference#ConfigurationReference-DelegationAdministration:AuthorizationSystemConfiguration
- https://wiki.duraspace.org/display/DSDOC3x/Configuration#Configuration-DelegationAdministration:AuthorizationSystemConfiguration
