[EP-tech] permission for "manage records"

[J.Salter at leeds.ac.uk (John Salter)]

CAUTION: This e-mail originated outside the University of Southampton.
Hi Tomasz,
I think the screen you mean is EPrints::Plugin::Screen::DataSets*.

In that case, there is the 'datasets' permission:
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Feprints%2Feprints3.4%2Fblob%2F00cf55a8de6193528ee50b55dd9db04b36245b78%2Fperl_lib%2FEPrints%2FPlugin%2FScreen%2FDataSets.pm%23L34&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C92ad91a0e87040a5e13d08dadd380e49%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C638065530066726908%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=BQrZHNp0lSvcrgc0G4p10GRzj2%2BiJwUf2pclZ3nQ%2BJk%3D&reserved=0

This is included in the 'editor' role by default:
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Feprints%2Feprints3.4%2Fblob%2F00cf55a8de6193528ee50b55dd9db04b36245b78%2Fperl_lib%2FEPrints%2FDataObj%2FUser.pm%23L390&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C92ad91a0e87040a5e13d08dadd380e49%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C638065530066726908%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=RYnBu%2Bp5f4es2oPWjG94K4LV8GpqpFDLWawzf%2BG4hp8%3D&reserved=0

The DataSets screen checks to see if the logged-in user has the rights to view the various datasets:
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Feprints%2Feprints3.4%2Fblob%2F00cf55a8de6193528ee50b55dd9db04b36245b78%2Fperl_lib%2FEPrints%2FPlugin%2FScreen%2FDataSets.pm%23L73-L97&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7C92ad91a0e87040a5e13d08dadd380e49%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C638065530066726908%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=B7QxyGdHcuhBibQ6Xv6McgIuBfEyf2S9GRjr9a9ASZw%3D&reserved=0
So you might want to give (or take away) some of those e.g. '-user/view'

Does that help a bit more?

Cheers,
John

* grep -r 'Manage records' lib/lang/
lib/lang/en/phrases/system.xml: <epp:phrase id="Plugin/Screen/DataSets:title">Manage records</epp:phrase>

From: Tomasz Neugebauer [mailto:Tomasz.Neugebauer at concordia.ca]
Sent: 13 December 2022 18:07
To: John Salter <J.Salter at leeds.ac.uk>; eprints-tech at ecs.soton.ac.uk
Subject: Re: permission for "manage records"

Hi John,

Yes, thank you, I was hoping I can do this in this way, but I don't see which actual permission I would need to add for the ability to "Manage Records"?

Tomasz



________________________________
From: John Salter <J.Salter at leeds.ac.uk<mailto:J.Salter at leeds.ac.uk>>
Sent: Tuesday, December 13, 2022 12:33 PM
To: eprints-tech at ecs.soton.ac.uk<mailto:eprints-tech at ecs.soton.ac.uk> <eprints-tech at ecs.soton.ac.uk<mailto:eprints-tech at ecs.soton.ac.uk>>; Tomasz Neugebauer <Tomasz.Neugebauer at concordia.ca<mailto:Tomasz.Neugebauer at concordia.ca>>
Subject: RE: permission for "manage records"


Attention This email originates from outside the concordia.ca domain. // Ce courriel provient de l'ext?rieur du domaine de concordia.ca



Hi Tomasz,

Not sure if this is the sort of thing you're looking for?

It defines a new user type (research_office) who can look at things in review (the 'staff-view' and 'editor' roles), but removes certain abilities from those roles.



If you want to apply this to one individual user, you can add the specific '+eprint/buffer/view:editor' privileges to their profile.

The '+' allows them to do something; the '-' prevents them doing something.



$c->{user_roles}->{'research_office'} = [qw{

        general

        edit-own-record

        saved-searches

        set-password

        change-email

        staff-view

        editor

        +eprint/buffer/view:editor

        +eprint/buffer/move_inbox:editor

        -eprint/buffer/move_archive:editor

        -eprint/buffer/edit:editor

        -eprint/buffer/remove:editor

        -eprint/buffer/move_dark_archive:editor

        -eprint/buffer/remove_with_email:editor

}];



Cheers,

John



From: eprints-tech-bounces at ecs.soton.ac.uk<mailto:eprints-tech-bounces at ecs.soton.ac.uk> [mailto:eprints-tech-bounces at ecs.soton.ac.uk] On Behalf Of Tomasz Neugebauer via Eprints-tech
Sent: 13 December 2022 17:05
To: eprints-tech at ecs.soton.ac.uk<mailto:eprints-tech at ecs.soton.ac.uk>
Subject: [EP-tech] permission for "manage records"



CAUTION: This e-mail originated outside the University of Southampton.

Is there a specific permission I could add to a user account so that they can view records through the "Manage Records" interface?  Is there a way to give this permission without giving them full administrator access?



Tomasz


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/eprints-tech/attachments/20221213/f54f3c24/attachment-0001.html