Difference between revisions of "ESciDoc Access Rights"
Jump to navigation
Jump to search
| Line 200: | Line 200: | ||
<tr> | <tr> | ||
<th>Item status</th> | <th>Item status</th> | ||
<th>Who may access</th> | <th>Who may access</th> | ||
<th>Where is access level defined</th> | <th>Where is access level defined</th> | ||
| Line 207: | Line 206: | ||
<tr> | <tr> | ||
<td>pending</td> | <td>pending</td> | ||
<td>Depositor (only if owner)<br/>DataAdmin<br/></td> | <td>Depositor (only if owner)<br/>DataAdmin<br/></td> | ||
| Line 215: | Line 213: | ||
<tr> | <tr> | ||
<td>pending</td> | <td>pending</td> | ||
<td>Colaborator</td> | <td>Colaborator</td> | ||
| Line 223: | Line 220: | ||
<tr> | <tr> | ||
<td>submitted, in-revision</td> | |||
<td>submitted, in revision</td> | |||
<td>Depositor (if owner)<br/>DataAdmin<br/>QARole</td> | <td>Depositor (if owner)<br/>DataAdmin<br/>QARole</td> | ||
<td>Context</td> | <td>Context</td> | ||
| Line 232: | Line 228: | ||
<tr> | <tr> | ||
<td>submitted</td> | <td>submitted</td> | ||
<td>Colaborator</td> | <td>Colaborator</td> | ||
<td>Component (thus item implicitly)</td> | <td>Component (thus item implicitly)</td> | ||
| Line 240: | Line 235: | ||
<tr> | <tr> | ||
<td>released</td> | <td>released</td> | ||
<td>Depositor (if owner)<br/>DataAdmin<br/>QARole</td> | <td>Depositor (if owner)<br/>DataAdmin<br/>QARole</td> | ||
<td>Context</td> | <td>Context</td> | ||
| Line 248: | Line 242: | ||
<tr> | <tr> | ||
<td>released</td> | <td>released</td> | ||
<td>Colaborator</td> | <td>Colaborator</td> | ||
<td>Component (thus item implicitly)</td> | <td>Component (thus item implicitly)</td> | ||
| Line 255: | Line 248: | ||
<tr> | <tr> | ||
<td>released</td> | <td>released</td> | ||
<td>Any user</td> | <td>Any user</td> | ||
| Line 264: | Line 256: | ||
<tr> | <tr> | ||
<td>withdrawn</td> | <td>withdrawn</td> | ||
<td>Depositor (if owner)<br/>DataAdmin<br/>QARole</td> | <td>Depositor (if owner)<br/>DataAdmin<br/>QARole</td> | ||
<td>Context</td> | <td>Context</td> | ||
Revision as of 14:26, 19 September 2008
Work in progress
- based on meeting NBU, UTS, MFR
Related discussion[edit]
see ESciDoc Institutional Visibility Discussion
Retrieval of items and components[edit]
- Rule of thumb: a component cannot be retrieved only if the user has no privilege to view it's enclosing item
On item statuses and transitions[edit]
- Transition of item status is never changing the version number
- Below transitions to be reconsidered
Current implementation of transitions[edit]
| Item status FROM | Item version status FROM | Method | Item status TO | Version status TO |
|---|---|---|---|---|
| pending | pending | submit | submitted | submitted |
| submitted | submitted | revise | in-revision | in-revision |
| submitted | submitted | release | released | released |
| in-revision | in-revision | submit | submitted | submitted |
| released | released | update(new version created) | released | pending |
| released | pending | submit | released | submitted |
| released | submitted | release | released | released |
| released | any | withdraw | withdrawn | any |
Alternative A: Possible transitions[edit]
| Item status FROM | Item version status FROM | Method | Item status TO | Version status TO |
|---|---|---|---|---|
| pending | pending | submit | submitted | submitted |
| submitted | submitted | revise | submitted | in-revision |
| submitted | submitted | release | released | released |
| submitted | in-revision | submit | submitted | submitted |
| submitted | in-revision | release | released | released |
| released | released | revise | released | in-revision |
| released | in-revision | release | released | released |
| released | any | release | withdrawn | any(as before) |
Alternative B: Possible transitions[edit]
Description of the access component rules table[edit]
- Item status - the public-status of the item. Item may have different public status then the status of the last version of the item.
- Version status - the status of the last version of the item
- Who may access - Name of the role or group that can access the content associated with the component of the item.
- Where is role defined - The eSciDoc resource type for which the role or group has been associated when granting privilege for access
- Which access level - The access level that the component should have specified in order to be retrievable by the role or group specified in "Who may access" column. (Any is used in case when the access level is not limitation if user is granted with appropriate role)
Description of the roles/groups in the access component rules table[edit]
- Depositor - user who can create items in the repository and manage items (including components and their content) she created in accordance with the overall workflow rules.
- DataAdmin - user who has the possibility to create items and manage items (including components and their content) independently from their ownership and in accordance with the overall workflow rules.
- QARole - placeholder for roles in the system that are responsible for the quality assurance of the data e.g. Metadata editor, Moderator, Authority, Rights checking.
- Collaborator - placeholder for user-groups in the system that can access the content under specified conditions of item and version statuses. Groups that can be authorized as a Collaborator groups via single criteria or combination of:
- List of organizational units (or IP address of the OU)
- List of account users
- Key/Certificate based (unregistered user)
General access level[edit]
Access component rules table[edit]
| Item status | Who may access | Where is access level defined | Which access level |
|---|---|---|---|
| pending | Depositor (only if owner) DataAdmin |
Context | Any |
| pending | Colaborator | Component (thus Item implicitly) | Any |
| submitted, in-revision | Depositor (if owner) DataAdmin QARole |
Context | Any |
| submitted | Colaborator | Component (thus item implicitly) | Any |
| released | Depositor (if owner) DataAdmin QARole |
Context | Any |
| released | Colaborator | Component (thus item implicitly) | Any |
| released | Any user | Component (thus item implicitly) | Public |
| withdrawn | Depositor (if owner) DataAdmin QARole |
Context | Any |