[EP-tech] Ask about user roles

[drn at ecs.soton.ac.uk (David R Newman)]

Hi,

If you want to edit the permission of one specific user you can subtract 
a role from within their profile.? In the Account stage of the user 
workflow add this as a new role in the Roles section:

-eprint/inbox/remove:owner

This means the user cannot delete any new EPrint records in their 
inbox.? Default settings for EPrints means regular users (not admin or 
editors) can only delete their own eprint records when they are in their 
inbox, so this settings will prevent them removing an eprint record in 
any scenario (technically you should also add 
-eprint/inbox/destroy:owner as another separate role, so the user's 
credentials cannot be used to delete their eprint records via the REST API).

If you want to prevent all regular users from being able to delete their 
own records when in their user inbox, then you need to make a local copy 
of flavours/pub_lib/cfg.d/user_roles.pl (or lib/cfg.d/user_roles.pl if 
running EPrints 3.3) in your archive's cfg/cfg.d/ directory and add the 
line:

-eprint/inbox/remove:owner

at the bottom of the list of user roles for a user (i.e. 
$c->{user_roles}->{user}).? Once edited your will need to reload you 
webserver for the change to take effect.

I am not exactly sure what you mean by not being able to "to create 
items when the previously created item hasn't finished the review 
process" but I assume that effectively means a user should only be able 
to have one eprint item that is not yet live in the archive.? It is not 
possible, as far as I know, to set conditional permissions like this.? 
You could potentially modify the code to not display the "New Item" 
button (on the Manage deposits page) based on certain conditions like 
this.? However, I would generally advise against this.? As it may have 
unintended side effects or create issues when you want to upgrade.

Regards

David Newman

On 16/02/2021 01:17, Ajunk Pracetio via Eprints-tech wrote:
> *CAUTION:* This e-mail originated outside the University of Southampton.
> Hi,
>
> I want to ask about User Roles. Can the administrator restrict users 
> from deleting items that have already been created? or restrict the 
> user from being able to create items when the previously created item 
> hasn't finished the review process?
>
> Thank you.
>
> Regards,
> Agung Prasetyo Wibowo.
>
>
> *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
> *** Archive: https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.eprints.org%2Ftech.php%2F&data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C926329d8c074422ac70108d8d25300f8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637490601890021985%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=fXpquonnXwuvYcACPP6dku7jL8%2FuVLj04Gzw1bT7WyU%3D&reserved=0
> *** EPrints community wiki: https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwiki.eprints.org%2F&data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C926329d8c074422ac70108d8d25300f8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637490601890021985%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=u1UEpcC0UfUl6XTMtl7zOtN%2B6QKRVXgqYSC1vhXmaqw%3D&reserved=0


-- 
This email has been checked for viruses by AVG.
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.avg.com%2F&data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C926329d8c074422ac70108d8d25300f8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637490601890021985%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=tf9zEmI31FzRUoaMA9%2F%2BYfrrifvpqZdPtqIN8gdfutA%3D&reserved=0
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/eprints-tech/attachments/20210216/c73cb3b9/attachment-0001.html