Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Policies on bitstreams created or updated by SAF import (created using GUI and command line) do not have a type which causes issues with other functionality (eg Access Management). #9290

Closed
peter975 opened this issue Jan 26, 2024 · 0 comments · Fixed by #9296
Closed

Policies on bitstreams created or updated by SAF import (created using GUI and command line) do not have a type which causes issues with other functionality (eg Access Management). #9290

peter975 opened this issue Jan 26, 2024 · 0 comments · Fixed by #9296
Labels
authorization Related to user authorization / permissions bug high priority tools: import Related to import of data into the system
Milestone
7.6.2

Comments

@peter975
Copy link

peter975 commented Jan 26, 2024
edited by tdonohue

DSpace 7.6.1

Describe the bug
Policies on bitstreams in items created or updated via SAF (created through GUI or import command, updated via itemupdate command)) do not have a policy type (either TYPE_CUSTOM or TYPE_INHERITED). This causes issues with functionality which expects a policy type to be present (eg using Access Management - policies without a type are not cleared by this function, which can result in bitstreams remaining open even when embargoes or admin policies are set).

To Reproduce
Steps to reproduce the behavior:

  1. Create an item in a collection by importing a SAF (either through the Import --> Batch Import (Zip) or the command line 'import' command).
  2. Add a bitstream to an existing item by running itemupdate command on a SAF.
  3. In both cases be sure to add the bitstream to the ORIGINAL bundle and specify anonymous read on the bitstream in the SAF contents file.
    • NOTE: It's ONLY reproducible if you add permissions to the contents file like permissions:-r 'Anonymous'
  4. Once the item is archived or updated, examine the bitstream authorisation policies through Edit Item --> Status --> Authorizations...

Expected behavior
The authorisation policy on the bitstream where the item is sent through workflow should have the following property - type: TYPE_SUBMISSION.

For items not sent through workflow the authorisation policy on the bitstream should be set to TYPE_INHERITED.

This would be consistent with the default no workflow parameter when you import Batch(Zip) through the UI and also when adding a new bitstream to an archived item through Edit Item --> Bitstreams --> Upload.

Also see the attached screenshot from https://demo.dspace.org/home in which the last bitstream has an Anonymous read policy with no type set.
dspace_policy_types

Many functions in DSpace 7.6.1 rely on authorisations policies having a type (eg Access Management, inherit policies on moving items between collections) and not having a type set can cause issues.

Policies without a type are not removed by Access Management, meaning, for example, Anonymous read can be left on a bitstream even when a more restrictive policy is set by the repository manager.
@peter975 peter975 added bug needs triage New issue needs triage and/or scheduling labels Jan 26, 2024
@tdonohue tdonohue added high priority authorization Related to user authorization / permissions tools: import Related to import of data into the system help wanted Needs a volunteer to claim to move forward and removed needs triage New issue needs triage and/or scheduling labels Jan 26, 2024
@amgciadev amgciadev mentioned this issue Jan 29, 2024
Merged
8 tasks
@tdonohue tdonohue added this to the 7.6.2 milestone Jan 29, 2024
@tdonohue tdonohue removed the help wanted Needs a volunteer to claim to move forward label Jan 29, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
authorization Related to user authorization / permissions bug high priority tools: import Related to import of data into the system
Projects
DSpace 7.6.x Maintenance
Status: Done
Milestone
7.6.2
Development

Successfully merging a pull request may close this issue.

Fix resource policy type not set for bitstreams when importing items amgciadev/DSpace
2 participants
@tdonohue @peter975