If you are granted by an access right by being a member of a group then some issues with ACL start. But if you are given access (own/write/read) as normal user then all permissions are working as normal on Metalnx. For example, you cannot see a file content by using preview tab if you are given read/write/own access only by a group. Or you cannot delete a data object if you are only given access (write/own) as a group. Since the first level "Action" drop-down menu is disabled, we cannot select any operations like "Delete", "Copy" etc. By the way the second level (view/Action/Delete) Action drop-down menu works.
However all these are working normal (as expected) through iCommands.
To be able to reproduce:
Upload a simple file to your home (I preferred a .txt file to test easily the preview tab too)
Create a group like "group_test" by being a rodsadmin by iCommands, iadmin mkgroup group-test
Add your user account to the "group_test" group (you can add more users), iadmin atg group_test vsc33586
Go to the permission tab of the file that you uploaded and, click on "Permissions" to add a group,
Choose the group that you are member of (group_test) and set the permission to the highest - "own",
Modify your user permission to the "none" on Metalnx or do this bu iCommands.
You will immediately realize that your group permission field is disabled on Meatlnx and you are not authorized to see the preview.
Also if you go back to the your home collection and after you choose the same file and you cant activate the disabled "Action" drop-down menu.
Please see relevant screen shots bellows to the steps.
Step 1: Check the uploaded file permission
Step 2: Check the group to see your name
Step 3: Add the group to the data object's permission
Step 4: Remove your user name from the permissions tab of the data object
Step 5: Check the permissions of the data object to see your group has the "own" permission but it is not enabled like you had by user permission
Step 6: Check the review tab of the data object to see you are not authorized anymore
Step 7: Check "Action" drop-down menu together with the data object to see it is disabled anymore
So we cannot manage permissions by groups via Metalnx.
Could you please check this whether you can see the same behaviors? Or we are missing something here?
Thanks.
Tested both in 4.2.8 - 2.4.0 and in 4.2.9 - 2.4.0. And ICAT is MySQL.
If you are granted by an access right by being a member of a group then some issues with ACL start. But if you are given access (own/write/read) as normal user then all permissions are working as normal on Metalnx. For example, you cannot see a file content by using preview tab if you are given read/write/own access only by a group. Or you cannot delete a data object if you are only given access (write/own) as a group. Since the first level "Action" drop-down menu is disabled, we cannot select any operations like "Delete", "Copy" etc. By the way the second level (view/Action/Delete) Action drop-down menu works. However all these are working normal (as expected) through iCommands.
To be able to reproduce:
iadmin mkgroup group-testiadmin atg group_test vsc33586Please see relevant screen shots bellows to the steps.
Step 1: Check the uploaded file permission
Step 2: Check the group to see your name
Step 3: Add the group to the data object's permission
Step 4: Remove your user name from the permissions tab of the data object
Step 5: Check the permissions of the data object to see your group has the "own" permission but it is not enabled like you had by user permission
Step 6: Check the review tab of the data object to see you are not authorized anymore
Step 7: Check "Action" drop-down menu together with the data object to see it is disabled anymore
So we cannot manage permissions by groups via Metalnx. Could you please check this whether you can see the same behaviors? Or we are missing something here?
Thanks.
Tested both in 4.2.8 - 2.4.0 and in 4.2.9 - 2.4.0. And ICAT is MySQL.