Open gothub opened 5 years ago
This is similar to the resource.access.anonymous check. Are they the same?
Anonymous access means that a resource is accessed without logging the identity of the person accessing it. And so no, it is not the same. A dataset may be publicly accessible but the provider still logs the identity of the accessor (e.g., its IP address).
The most desirable way to implement this check is to check the access of all or a subset of the entities described by a metadata document. In the current metadig-engine implementation this would require sending a DataONE service call (either getSysmetadata or query (solr)) for each entity.
This check will be added to the suite when a method for doing this efficiently and not putting a large load on DataONE services is possible.
Description
Check if the data accessible to anyone. Check both metadata identifier and data entity identifier system metadata.
Priority
Issues
Procedure
public
subject has read access