| Title (Goal) | Extra-repository access control |
|---|---|
| Primary Actor | Information architect, developer |
| Scope | Component |
| Level | Summary |
| Author | Stefano Cossu |
| Story (A paragraph or two describing what happens) | Enable access control across all resources exposed by Fedora and its indexes by means of a set of centralized AC rules |
Access to resources can be controlled by access policies in the Fedora repo but these policies are not honored in a triplestore or Solr index where metadata can be accessed by anyone.
I want to apply access controls to my Fedora repo indexes in order to prevent unauthorized access to metadata by search engines that use those indexes.
Policies should be stored in one place (ideally Fedora) and re-used for both repo and index access.
Example
Resource https://myrepo.edu/rest/boilerplate_contract_draft is a text document only visible by users in the "Legal" group.
If someone in the "Legal" group searches for all text documents in the repository using an external index, the above resource should appear in the search results.
If someone in the "Conservation" group searches for all text documents in the repository using an external index, the above resource should not appear in the search results.
