Project

General

Profile

Task #2614

Ignore EML access control blocks that use denyFirst permOrder

Added by Ben Leinfelder over 8 years ago. Updated over 8 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Ben Leinfelder
Category:
Metacat
Target version:
-
Start date:
2012-04-17
Due date:
% Done:

100%

Milestone:
CCI-1.0.0
Product Version:
*
Story Points:
Sprint:

Description

Because DataONE access control only uses "allow" rules (and implicitly "allowFirst" processing), we have decided not to support EML-defined "denyFirst" access blocks.
Existing denyFirst rules will be converted to use allowFirst (see related task) and new EML documents that use the denyFirst permOrder will not have access control set on them other than full control by the owner.


Related issues

Related to Infrastructure - Task #2613: Convert existing deny/denyFirst rules to allowFirst rules Closed 2012-04-17

History

#1 Updated by Ben Leinfelder over 8 years ago

  • Status changed from New to Closed

When an access block in EML has a "denyFirst" permOrder we ignore it and do not record it in the Metacat DB.
Also modified the AccessControlTest to reflect this change in Metacat behavior.
Unfortunately we cannot raise an error when these documents are parsed since existing EML documents housed in Metacat deployments still need to be replicated to other Metacat instances.

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 14.8 MB)