Closed robertoostenveld closed 7 years ago
This feature has been implemented in the iRODS level and available right away in the CMS. No need for a new user story.
It is done via changes on user's organisationalUnit
attribute. When the value is set to DCX, the user is automatically added to a corresponding iRODS group dcx_user
. This group always has "read" permission on all DCX collection namespaces so that the collection and its attributes are visible to DCX employees. But the "read" permission is not inherited by any files or directories within the collection namespaces so that the collection content (files/directories) remains invisible to DCX employees.
Also this section seems to have been removed from the protocol. @EricMaris, am I right?
as normal user I can see a list of collections in which I mostly have a role (as manager, contributor or viewer). That is what I would expect, i.e. I do not expect to see all centre collections (nor details).
However, in di.dcn_m.DAC_0123456789_979 I can see the attributes. Furthermore, I can access the data through webdav. That seems a bug to me. @hurngchunlee can you investigate?
@robertoostenveld - you are the viewer of di.dcn_m.DAC_0123456789_979. Therefore you see it and can download data from webdav. I can understand your confuse, as now the viewer list is only visible to managers (not contributor nor viewer)
btw, the collection is created for data transfer test.
"I can understand your confuse, as now the viewer list is only visible to managers (not contributor nor viewer)" -> ah yes, I forgot!
That is actually quite confusing. Should we change it(*) such that the viewer can see him/herself that he/she is a viewer (but not see the other viewers)?
*) i.e. submit a low-priority jira issue
issue created.
in section 7. Authorizing Users at the Center Level there is now
"Also, DCX employees can view the metadata of all of a center’s collections."
Is this part of the planned implementation? If so, is there a user story that describes the requirements?