From: Christiaan K. <c.k...@li...> - 2007-06-06 04:51:01
|
Hi Rebecca Yes I knew about this bug but haven't got around to fixing it. Can you fill me in on what you did to fix it and I'll commit it to trunk (thanks). Fez looks for FEZACML_ then the datastream ID of it is supposed to protect. So and example could be Random.pdf -> FEZACML_Random.pdf. The reindexer has been rewritten lately in the trunk (not by me) and its possible it is not picking up datastream fezacml. I'll take a look soon. Cheers, Christiaan On 6/6/07 6:37 AM, "Rebecca Sutton Koeser" <reb...@em...> wrote: > Following up with some notes based on my progress today. > > On Tuesday June 05, 2007 at 01:25 PM, Rebecca Sutton Koeser wrote: >> But there's another issue that concerns me more. As an unprivileged >> user, I can view the record and the restricted file is not listed, >> which is the desired behavior. However, the record with the >> restricted file no longer shows up in browse lists for the >> unprivileged user. >> >> Is this a known issue? Is there some mis-configuration or option I >> might have mis-understood that could be causing this? > > I worked with this some more, and I think there was an error in the > datastreams' FezACML, probably because of the broken function call I > had to fix. > > In any case, it looks like the record is picking up the permissions of > the first datastream with permission settings - my record is listed > but not linked (i.e., permissions say it is not viewable). When I go > directly to the record url, it displays the way I expect based on my > settings (the record is fully visible, one datastream is listed but > not linked, another is hidden entirely). > > I tried manually adding a datastream FezACML in Fedora to see if Fez > would pick it up, but it doesn't seem to-- even on reindexing. (It > gets the values when I edit the datastream security, but otherwise > not.) What is the magic that tells Fez a datastream has a FezACML to > consult? > > Can someone explain, or is it documented anywhere, how the auth db > tables work? I have a rough idea, but it's not enough for what I > need. In particular, how are datastream permissions differentiated > from record permissions? I can't see anywhere in the auth_index2 table > that it's storing a datastream id in addition to the record id. > > -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Christiaan Kortekaas Senior Library Systems Programmer Library Technology Service The University of Queensland, Australia QLD 4072 Telephone : (+61) (7) 3346 4337 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |