[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[EP-tech] Re: How to create a private archive ?



Very useful, indeed...
It does pretty much what we wanted.

I hope I'll be able to customize it to match all of our requirements, 
but it is already pretty close.
Thanks !

Cheers,
Gilles

Le 18/11/2015 13:06, John Salter a ?crit :
> Not sure what this http://bazaar.eprints.org/230/ does - may or may not be useful (or contain useful clues)!
>
> Cheers,
> John
>
> ________________________________________
> From: eprints-tech-bounces at ecs.soton.ac.uk <eprints-tech-bounces at ecs.soton.ac.uk> on behalf of Gilles Fourni? <gilles.fournie at cirad.fr>
> Sent: 18 November 2015 10:29
> To: eprints-tech at ecs.soton.ac.uk
> Subject: [EP-tech] Re: How to create a private archive ?
>
> Hi George and John,
>
> Thanks for your ideas.
>
> We will first try to restrict access through network config. It's a
> little more difficult than adding a "Deny from All; Allow from cirad.fr"
> because all of our researchers are not 'on site'. Many are abroad hosted
> by partner institutions. But, we hope our technical staff will be able
> to protect the site this way.
>
> About roles, I think that our public_roles has default rights and none
> of them seem to be about reading archive. Anyway, I didn't try to remove
> any right to public-roles. I will do that to see if it may help...
>
> $c->{public_roles} = [qw{
>           +eprint/archive/rest/get
>           +subject/rest/get
>           +user/public_saved_search/view
> }];
>
> As for minuser, I thought it was an "example" role to show how to create
> users with minimal rights. And as such i thought it should be assigned
> to some user to be taken into account. I will try to disable it also.
>
> I didn't know about template/default.xml. I will have a look !
>
> Thanks again,
>
> Cheers
> Gilles
>
>
>
> Le 18/11/2015 10:49, John Salter a ?crit :
>> Possible alternative approach:
>> When you say 'employees only', do you have any form of 'on site' IP address, or VPN that could be used to control access?
>>
>> As each archive runs in its own vhost, you can restrict access at the Apache layer by adding rules into ~/cfg/apache/ARCHIVEID.conf
>>
>> Cheers,
>> John
>>
>> -----Original Message-----
>> From: eprints-tech-bounces at ecs.soton.ac.uk [mailto:eprints-tech-bounces at ecs.soton.ac.uk] On Behalf Of George Mamalakis
>> Sent: 18 November 2015 09:22
>> To: eprints-tech at ecs.soton.ac.uk
>> Subject: [EP-tech] Re: How to create a private archive ?
>>
>> Hi Gilles,
>>
>> I think that if you played with cfg.d/user_roles.pl you'd accomplish
>> want you want. I think that if you removed any read privileges from the
>> default role (I'm not sure which one it is, but it could be
>> $c->{public_roles} or probably $c->{user_roles}->{minuser}), or even if
>> you removed this role (minuser) totally from the archive it maybe could
>> do the job. But I tried it in one of my repos, and it didn't work, so
>> maybe I'm doing something wrong. Maybe it would be wiser if I removed
>> some privileges from these roles instead of removing the roles totally.
>>
>> Maybe another approach would be to alter cfg/templates/default.xml to
>> conditionally allow to view items (which would allow access to
>> hand-coded urls to views, which you wouldn't disire), or to change views
>> and searches to return results only on authenticated users (somehow).
>>
>> I know I didn't help enough, but I'm trying to give you some ideas where
>> to start from.
>>
>> Good luck!
>>
>> On 16/11/2015 06:52 ??, Gilles Fourni? wrote:
>>> Hi,
>>>
>>> We would like to use EPrints to manage a database of items not related
>>> to publications nor documents.
>>>
>>> For practical reasons, we would like to install this eprints
>>> pseudo-archive on the same server used for our open archive repository.
>>> So, it would be accessible from internet.
>>>
>>> But we need to control access (even for reading) to our employees only.
>>>
>>> I have found no way to prevent visitors to access views or even to view
>>> eprints.
>>> I hoped that overriding EPrints::Repository::allow_anybody to make it
>>> always return 0 would work, but it doesn't.
>>>
>>> Any advices or suggestions on how to make this "close archive" would be
>>> greatly appreciated.
>>>
>>> Best regards,
>>> Gilles
>>>
>>> *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
>>> *** Archive: http://www.eprints.org/tech.php/
>>> *** EPrints community wiki: http://wiki.eprints.org/
>>> *** EPrints developers Forum: http://forum.eprints.org/
>
> *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
> *** Archive: http://www.eprints.org/tech.php/
> *** EPrints community wiki: http://wiki.eprints.org/
> *** EPrints developers Forum: http://forum.eprints.org/
>
> *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
> *** Archive: http://www.eprints.org/tech.php/
> *** EPrints community wiki: http://wiki.eprints.org/
> *** EPrints developers Forum: http://forum.eprints.org/