Title (goal) | Access Contingent Upon Workflow Metadata |
|---|---|
| Primary Actor | Repository Manager |
| Scope | |
| Level | |
| Story | Repositories define all kinds of metadata fields/properties that constitute workflow metadata, such as publication status or embargo date. These properties will vary by application. In an extensible authorization mechanism, we will be able to make our permissions contingent upon arbitrary metadata linked to the object in some way. In some cases these may even be properties that are indirectly linked, such as work flow metadata on a container or parent object. In the UNC case, we use a publication boolean property that is inherited through the repository tree. We also have embargo dates that are inherited. This gives us powerful management features for whole collections or complex objects. |
Overview
Content Tools
All content on the LYRASIS Wiki is licensed under the CC BY (Attribution) license
, unless otherwise noted.
3 Comments
David Wilcox
As of 4.0-Alpha-4, Fedora (via ModeShape) provides a pluggable authorization framework. So to address this use case, a plugin could be written to scan the properties/metadata of an object and apply certain permissions when particular values are present.
The rules of any given implementation would be institution-specific, so we would welcome contributions from anyone who would like to work on an example implementation for a particular institution.
Andrew Woods
Thoughts, Greg Jansen?
David Wilcox
Greg Jansen do you have any thoughts on this use case?