[Bug 1132] - fix access control rule ambiguities
bugzilla-daemon@ecoinformatics.org
bugzilla-daemon at ecoinformatics.org
Fri Jul 9 11:42:19 PDT 2004
http://bugzilla.ecoinformatics.org/show_bug.cgi?id=1132
------- Additional Comments From sgarg at nceas.ucsb.edu 2004-07-09 11:42 -------
An issue that came up during implementation of access rules in metacat based on
eml 2.0.1.
If a user is given read/write permission for inline data but no read/write
permission for metadata, what should be sent back when he requests the eml
document. So assuming we have the following eml document.
<eml>
<dataset> <- User NOT given permission to access
.
<inline>first</inline> <- User given permission to access
.
<inline>second</inline> <- User given permission to access
.
<inline>third</inline> <- User given permission to access
</dataset>
</eml>
So when the user tries to read the document, should metacat:
1. Reject the request
2. Send back inline data as following:
first
second
third
or maybe:
<inline>first</inline>
<inline>second</inline>
<inline>third</inline>
Second issue, when he tries to write back to the document, how should the data
be parsed. For metacat to be able to write, there should be a defined schema
for parsing and identifying different inline datas.
Another issue, once data is updated, the metadata would also need to be updated
with new identifiers for data. But this cannot happen as user doesnt have write
access for metadata. Hence the problem.
More information about the Eml-dev
mailing list