Contribute to the DSpace Development Fund

The newly established DSpace Development Fund supports the development of new features prioritized by DSpace Governance. For a list of planned features see the fund wiki page.

update as by community feedback 2023.03.10

The proposal as been updated as by feedback collected in the DSpace 7 working group meeting of the 2023-03-09

The new Bulk Access Control Management will focus on Access Control rather than resource policies. The goal will be to add / replace access condition for a set of objects from a user friendly interface that will abstract from the complexity/internal rules of DSpace’s resource policies and bundles as much as possible.

It should be possible to select the target of the changes to be performed, it could be all the items in specific communities, collections or also individual items or individual bitstreams in a single item.

The general UI to manipulate multiple items at one should use a wizard concept, so

  • a first page or panel should be used to define the target: the search component should be used with the option to select one or all the results in the current page as objects to be processed. The selected objects will appear in a dedicated tab "current selection" from where they can eventually be removed. Only objects for which the user has admin rights will be shown. This component is already used in DSpace to allow to select objects from a search results to make relationship

  • the next panel / step will be configure the changes that need to occur at the item and bitstream level. For each level, individually,

    • it is possible to enable/disable the level so that changes limited to only item or bitstreams can be performed as well

    • it is possible to use radio buttons to say that the specified access condition(s) will replace completely existing policies (default - replace all mode) or to be applied in addition to the existing one (append mode)

    • access condition(s) can be selected using a similar UI to the access step available in the submission or the user can leave them empty in the replace mode to reset the item / bitstream at their initial state inheriting policies from the collection/item.

In the Administer screen of community, collection and item a new tab "access control" will be introduced providing a tailored UI of the above wizard to the specific use case of single community/collection or item change.

The feature will be available to community, collection and item administrator limited to the items that they admin. The administrated items will be discovered via the admin field of the item solr document.

The REST will be implemented as a process so that it can run asynchronous and log can be retrieved later. The process will take a json file listing the involved object and the operations to be performed.

Point of attentions

  • the core.authorization.installitem.inheritance-read.append-mode must be respected, if set to true changes requested with out the append mode flag (i.e. the default “replace all” mode) would imply that the item’s owning collection default policies will be added

  • derived bitstreams created by the filter-media will be updated according to the changes performed to the corresponding original bitstream expect than for bitstreams derived by public filters classes that will stay with their original policies (set to READ Anonymous at the creation time)

  • the access conditions that will be presented in the UI for the item and bitstream level will be configured via a dedicated spring bean that by default will reuse the list of access conditions used by the  accessConditionConfigurationDefault and uploadConfigurationDefault beans. It is possible that some repositories will have different configurations for different collections but the tool will use just a single (broader) configuration and will be rensponsability of the administrator to don’t apply access condition that should be not normally allowed for a specific collection


Wireframe of the proposed solution

General UI to manipulate multiple communities, collections, items

Access control tab in the Edit community (the one for the collection will be equivalent)

Access control tab in the Edit item

The select bitstream option allow to limit the changes to specific bitstreams of the item. A modal will be used to show a paginated list of bitstreams in the ORIGINAL bundle and select which ones need to be processed. The number of selected bitstreams will be reflected in the edit item access condition tab. This is useful when an item has many bitstreams and the admin want to open or restrict some of them

Outdated wireframe

  • No labels

All content on the LYRASIS Wiki is licensed under the CC BY (Attribution) license, unless otherwise noted.