Versions Compared

Old Version 4

changes.mady.by.user Jaime Pinto

Saved on

compared with

New Version 5

changes.mady.by.user Robin Dean

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The Islandora XACML Editor provides a graphical user interface to edit XACML policies for objects in a repository or collection. It adds a new section in the Manage tab to for each object and collection called Child Policy and a tab to each item called Item Policy, Object Policy where permissions can be set on a per User or per Role basis forgranted to Drupal users or roles for the following:

  • Object Management: Controls who can set XACML policies for an object/collectionability to view the options on the Manage tab for objects or collections.

  • Object Viewing: Controls who can ability to view an the object /collectionor collection in Islandora browse and search results.
  • Datastreams and MIME types: Controls who can ability to view specific datastreams by DSID and ID or MIME type.

Dependencies

...

In order to comply with XACML restrictions placed on objects, a hook is used to filter results that do not conform to a searching user's roles and name. This hook will not function correctly if the Solr fields for ViewableByUser and ViewableByRole are not defined correctly as they are set in the XSLT. These values can be set through the admin page for the module.

Notes

...

Module Configuration

Configuration options for the Islandora XACML Editor and Islandora XACML API are available at admin/islandora/tools/xacml

  • Islandora XACML API - Define which fields in the RELS-EXT hold access restriction information so they can be indexed by Solr
  • Islandora XACML Editor - Configure default settings and options in the XACML editor for collections and objects

Notes

  • When an object is added to a collection through the interface, the

...

  • collection's POLICY will be

...

  • automatically applied to the new object.

...

  • Editing XACML policies

...

Troubleshooting/Issues

Having problems or solved a problem? Check out the Islandora google groups for a solution.

...

  • outside of Islandora and adding them through the interface or directly to Fedora objects may result in POLICY datastreams that can't be used by Islandora. Use the XACML editor in the interface to make changes to XACML policies whenever possible.