[Archivesspace_Users_Group] Creating location records - how?
Nick Butler
npwb2 at cam.ac.uk
Fri Oct 11 05:53:18 EDT 2019
Hi all,
Looking at this a little bit more, it seems to be the case that the "update_location_record" permission is given globally whilst the "manage_repository" permission is set at repository level. This means that if a user has managerial level permissions at repository A but only very basic level permissions at repository B, they are still able to create, amend and delete locations at both A and B.
Is there any reason that "update_location_record" isn't a repository level permission? We will have quite a number of repositories and a fair few staff members who will be given different permission levels in more than one of them. It just seems bizarre that someone who is merely in the "repository-viewers" group at a repository should be allowed to delete said repository's locations, purely because another repository has put them in the "repository-managers" group.
Best wishes,
Nick
-----Original Message-----
From: Nick Butler <npwb2 at cam.ac.uk<mailto:Nick%20Butler%20%3cnpwb2 at cam.ac.uk%3e>>
Reply-To: Archivesspace Users Group <archivesspace_users_group at lyralists.lyrasis.org<mailto:Archivesspace%20Users%20Group%20%3carchivesspace_users_group at lyralists.lyrasis.org%3e>>
To: archivesspace_users_group at lyralists.lyrasis.org <archivesspace_users_group at lyralists.lyrasis.org<mailto:%22archivesspace_users_group at lyralists.lyrasis.org%22%20%3carchivesspace_users_group at lyralists.lyrasis.org%3e>>
Subject: Re: [Archivesspace_Users_Group] Creating location records - how?
Date: Thu, 10 Oct 2019 15:06:43 +0000
Hi Trevor,
Thank you very much for your speedy and helpful response - giving the user the manage_repository permission did indeed fix the issue. I don't think I'd have found that file otherwise, and it looks like a useful point of reference.
Many thanks,
Nick
-----Original Message-----
From: Trevor Thornton <trthorn2 at ncsu.edu<mailto:Trevor%20Thornton%20%3ctrthorn2 at ncsu.edu%3e>>
Reply-To: Archivesspace Users Group <archivesspace_users_group at lyralists.lyrasis.org<mailto:Archivesspace%20Users%20Group%20%3carchivesspace_users_group at lyralists.lyrasis.org%3e>>
To: Archivesspace Users Group <archivesspace_users_group at lyralists.lyrasis.org<mailto:Archivesspace%20Users%20Group%20%3carchivesspace_users_group at lyralists.lyrasis.org%3e>>
Subject: Re: [Archivesspace_Users_Group] Creating location records - how?
Date: Thu, 10 Oct 2019 11:01:19 -0400
We just ran into this issue last week. From what I can tell, the permission to update location records is tied to the permission to manage the repository ("manage this repository (change groups and other settings)"). I couldn't find any documentation to back this up but found this setting in the code:
https://github.com/archivesspace/archivesspace/blob/8ffdb952cce8c8804392c229772ae68a00065bcc/backend/app/lib/bootstrap_access_control.rb#L209-L212
On Thu, Oct 10, 2019 at 10:51 AM Nick Butler <npwb2 at cam.ac.uk<mailto:npwb2 at cam.ac.uk>> wrote:
Hi all,
We're currently running v2.5.2 on our development system (we aren't live yet) and we're running into a peculiar problem with the permission "update_location_record".
As far as we can tell, two users have been set up with the same level of permissions yet only one can create and edit location records. Pulling their records via the [:GET] /users/:id API endpoint shows that one has the "update_location_record" for all their repositories and also for the "_archivesspace" global repository, yet the other doesn't have this permission anywhere. The full list of permissions acquired via the [:GET] /permissions endpoint doesn't even include this permission; nor does the permission table of our underlying database. I tried adding it to the other user's record by POSTing a modified user object to the [:POST] /users/:id endpoint but this seems to have had no effect.
Basically, how does one go about getting this permission? And is there a reason it doesn't show up in either the database or [:GET] /permissions? Could this be something that's resolved by upgrading from v2.5.2? Any advice would be very welcome, as this will become quite a pressing issue for us soon.
Many thanks,
Nick
--
Nick Butler
Software Developer
Digital Services
Cambridge University Library
West Road
Cambridge CB3 9DR, UK
npwb2 at cam.ac.uk<mailto:npwb2 at cam.ac.uk>
Internal tel: 33067
_______________________________________________
Archivesspace_Users_Group mailing list
Archivesspace_Users_Group at lyralists.lyrasis.org<mailto:Archivesspace_Users_Group at lyralists.lyrasis.org>
http://lyralists.lyrasis.org/mailman/listinfo/archivesspace_users_group
_______________________________________________
Archivesspace_Users_Group mailing list
Archivesspace_Users_Group at lyralists.lyrasis.org<mailto:Archivesspace_Users_Group at lyralists.lyrasis.org>
http://lyralists.lyrasis.org/mailman/listinfo/archivesspace_users_group
--
Nick Butler
Software Developer
Digital Services
Cambridge University Library
West Road
Cambridge CB3 9DR, UK
npwb2 at cam.ac.uk<mailto:npwb2 at cam.ac.uk>
Internal tel: 33067
_______________________________________________
Archivesspace_Users_Group mailing list
Archivesspace_Users_Group at lyralists.lyrasis.org<mailto:Archivesspace_Users_Group at lyralists.lyrasis.org>
http://lyralists.lyrasis.org/mailman/listinfo/archivesspace_users_group
--
Nick Butler
Software Developer
Digital Services
Cambridge University Library
West Road
Cambridge CB3 9DR, UK
npwb2 at cam.ac.uk<mailto:npwb2 at cam.ac.uk>
Internal tel: 33067
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lyralists.lyrasis.org/pipermail/archivesspace_users_group/attachments/20191011/c992297e/attachment.html>
More information about the Archivesspace_Users_Group
mailing list