Open amoeba opened 2 years ago
When I query the private object through DataONE api with the CN certificate, it works. This morning we used tokens and it didn't work. I am thinking that after we switched to tokens, we haven't touched the cn query part yet.
It looks like objects without public-read permission aren't being returned by the CN index when requests are made with a token that (1) is valid and (2) should have read permission. It's not clear how long this has been the case.
The package below is an example. We can see it fine on arctica but not on the CN:
urn:uuid:ebcb68d6-45c1-4440-b214-bb5b8eca1d6c
resource_map_urn:uuid:5aff3115-ff3d-446a-90ed-94057bbb9348
Note: The metadata does not have public read permission but the resource map does. This is actually what led us to discover things weren't working.
Since discovering, we haven't seen a case here we are able to see a non-public-read object. We know this used to work. We've confirmed the Solr document is in the index by querying Solr directly so it's something to do with the interaction of the API and Solr.