From: Rebecca S. K. <reb...@em...> - 2007-06-05 20:37:43
|
Following up with some notes based on my progress today. On Tuesday June 05, 2007 at 01:25 PM, Rebecca Sutton Koeser wrote: > But there's another issue that concerns me more. As an unprivileged > user, I can view the record and the restricted file is not listed, > which is the desired behavior. However, the record with the > restricted file no longer shows up in browse lists for the > unprivileged user. >=20 > Is this a known issue? Is there some mis-configuration or option I > might have mis-understood that could be causing this? I worked with this some more, and I think there was an error in the datastreams' FezACML, probably because of the broken function call I had to fix. In any case, it looks like the record is picking up the permissions of the first datastream with permission settings - my record is listed but not linked (i.e., permissions say it is not viewable). When I go directly to the record url, it displays the way I expect based on my settings (the record is fully visible, one datastream is listed but not linked, another is hidden entirely). I tried manually adding a datastream FezACML in Fedora to see if Fez would pick it up, but it doesn't seem to-- even on reindexing. (It gets the values when I edit the datastream security, but otherwise=20 not.) What is the magic that tells Fez a datastream has a FezACML to consult?=20 Can someone explain, or is it documented anywhere, how the auth db tables work? I have a rough idea, but it's not enough for what I need. In particular, how are datastream permissions differentiated =66rom record permissions? I can't see anywhere in the auth_index2 table that it's storing a datastream id in addition to the record id. --=20 Rebecca Sutton Koeser, Ph.D. Digital Programs & Systems - Woodruff Library, Emory University |