ESciDoc Institutional visibility

Requirement:[edit]

Access to content of a component should be restricted to users that may

• retrieve the item

and

• belong to an organizational unit or child-org-unit of a list of Org units that is defined for the component.

The requirement should be extendable so that it is possible to restrict the access also to certain user groups or certain ip-ranges.

Proposal:[edit]

• Invent possibility to attach XACML-Policies to Objects + to attach Attributes to these ObjectPolicies (eg a list of OrgUnit-Ids).

• • Dont store the XACML-Policies + Attributes within the Object but outside in a database.
    • One Database-Table that stores all possible ObjectPolicies (eg OrgUnitContentRestrictionPolicy)
    • One Database-Table that brings together the object and the policy.
      • Fields:
        • objectId
        • policyId (reference to Policies-DB-Table)
        • list of Attributes

• • Mark certain Methods (eg retrieveContent) as Method where ObjectPolicies have to get evaluated.

• • Invent new Handler-Methods into the AA-Component that enable creating, updating, deleting and retrieval of ObjectPolicies + Attributes for one Object.

• Evaluate these Policies in addition to the RolePolicies the user has. If the RolePolicies return a Permit and the ObjectPolicies return a Permit, then the user is allowed to access the Method (eg retrieveContent).Vice-Versa: If one of the Policies returns a Deny, then the user is not allowed to access the Method.

• If no object-policy is attached to the object, only the role-policies are evaluated.