Open csjx opened 3 years ago
I think this is great. Some feedback:
What if there are individual file-level ACLs?
read
(can view
) or write
(can edit
) permission. Because those people don't have changePermission
permission, they cannot edit the access policy, so it seems odd to show them the access policy here. But maybe there are some use cases for this that I'm not thinking of. But overall I think this is a very doable task
We currently include a permissions section in the XSLT-rendered view of EML documents when there is an
/eml/access
section in the metadata, which is of course deprecated, but still present in older EML documents. TheSystemMetadata.rightsHolder
andSystemMetadata.AccessPolicy
entries are currently not shown in the metadata view. Feedback from ESS-DIVE scientists and their UX?UI specialist (Sarah) was that it would be helpful for research groups to see this metadata prominently below the Data Package Table, but conditionally only for those that havewrite
orchangePermission
permission on the dataset. This would help managers have a quick look at who currently has access without entering edit mode. Sarah provided a mockup:For review: Should the rendered data package permissions metadata prominence be configurable (it may bump the abstract "below the fold)"? What if there are individual file-level ACLs? Do we link to them lower in the rendered metadata?
This relates to https://github.com/NCEAS/metacatui/issues/1640 and should be considered with the wider permissions management challenges described there.
This ticket is derived from the ESS-DIVE private repo ticket https://github.com/ess-dive/ess-dive-catalog/issues/493