Project

General

Profile

Requirement #761

(Requirement) Users can specify authorization rules for data objects, science metadata objects, and process artifacts separately

Added by Matthew Jones over 13 years ago. Updated over 13 years ago.

Status:
New
Priority:
High
Assignee:
Category:
Requirement
Target version:
-
Start date:
Due date:
% Done:

0%


Description

Users might be able to upload data and science metadata as an atomic operation, but each should be identified separately and access control rules should apply to the objects separately. For example, a user could grant public read access to a metadata object but only grant read access to certain colleagues for associated data objects.

Rationale:
Enabling access control at the same level of granularity of objects in the system ensures that complete control over object conglomerations (packages, etc) is available.

Fit Criteria
** All objects in the system have access control rules
** Separate rules can be associated with the elements of a package during operations at the package level (e.g. @@create@@)

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 14.8 MB)