ESciDoc Institutional visibility

From MPDLMediaWiki
Jump to navigation Jump to search

Requirement:[edit]

Access to content of a component should be restricted to users that may

  • retrieve the item

and

  • belong to an organizational unit or child-org-unit of a list of Org units that is defined for the component.

The requirement should be extendable so that it is possible to restrict the access also to certain user groups or certain ip-ranges.

Proposal:[edit]

  • Invent possibility to attach XACML-Policies to Objects + to attach Attributes to these ObjectPolicies (eg a list of OrgUnit-Ids).
    • Dont store the XACML-Policies + Attributes within the Object but outside in a database.
      • One Database-Table that stores all possible ObjectPolicies (eg OrgUnitContentRestrictionPolicy)
      • One Database-Table that brings together the object and the policy.
        • Fields:
          • objectId
          • policyId (reference to Policies-DB-Table)
          • list of Attributes
    • Mark certain Methods (eg retrieveContent) as Method where ObjectPolicies have to get evaluated.
--Natasa 10:50, 29 August 2008 (UTC)
  • for files / locators: object policies should be certainly evaluated when retrieving the content
  • we should have information provided with component-level properties/metadata on component-level visibility. If the visibility is a "policy" then in addition id of the policy that needs to be evaluated


    • Invent new Handler-Methods into the AA-Component that enable creating, updating, deleting and retrieval of ObjectPolicies + Attributes for one Object.
in addition evaluating the policy? --Natasa 10:50, 29 August 2008 (UTC)
  • Evaluate these Policies in addition to the RolePolicies the user has. If the RolePolicies return a Permit and the ObjectPolicies return a Permit, then the user is allowed to access the Method (eg retrieveContent).Vice-Versa: If one of the Policies returns a Deny, then the user is not allowed to access the Method.
  • If no object-policy is attached to the object, only the role-policies are evaluated.
  • Element visibility in component-properties is not used anymore
element visibility may be used as a short-cut to tell: it's public, private or a policy should be evaluated (so that system does not go always to the XACML policy store)--Natasa 10:50, 29 August 2008 (UTC)