Table of Contents

Overview

How permissions work for files?

Visibility Levels:

Private - creator only (how does proxy play into this?)
Institution - users at an institution
Public - all users including non-logged in user

Sharing with specific users/groups abilities:

Visibility/Download - specific users and members of identified groups can see the files in search results, but not in the Dashboard -> Files Shared with Me
Edit - specific users and members of identified groups can edit the files and see in search results. File are listed under Dashboard -> Files Shared with Me

NOTE: I am not clear how proxies are work. I am leaving the discussion of proxies off for now, but would assume that proxies can manipulate collections in the same way they can files. Perhaps we can elaborate on this if needed.

Proposal for permissions for collections

It is proposed that collections work similarly. The rest of this document describes the impact of having permissions for collections and asks design questions that need to be resolved prior to implementation.

Private Visibility

Who can manipulate this collection?

	Shared user/group	Institution users	Other logged-in users	General Public
See collection in Dashboard -> My Files/Collections
See collection in Dashboard -> Files Shared with Me
See collection in search results
View collection detail page
Upload works/files to collection	if shared with edits
Add existing works/files to collection	if shared with edits
Remove works/files from collection	if shared with edits
See works/files from private collection in search results		depends on work/file permissions	depends on work/file permissions	depends on work/file permissions
View works/file detail page for file from private collection		depends on work/file permissions	depends on work/file permissions	depends on work/file permissions

* If work/file permissions allow the user to see the detail page, but not to see the collection, then the collection will not be listed in the set of collections for the file on the detail page.

What happens to work/file permission when...

... a work/file is uploaded to a collection with private visibility?

Does the visibility permission default to private when new works/files are uploaded?
Is the visibility permission specifically set on the works/files or do they inherit from the collection?
Does the IR enforce the most restrictive visibility permission, thus if the collection is private, then all works/files are private? Perhaps unless specifically set to have its own permission.
Can you add an existing institutional or public work/file to a private collection?
If an existing work/file is added, does it bring with it the current permission settings? (I assume yes for this.)
Is the user allowed to set a institutional or public permission for specific works/files?

... a private collection changes visibility to institution or public?

Do private works/files become visible to institutions or the public by inheriting the visibility permissions from the collection?
- Do the permissions change if they weren't set individually for a work/file?
- Do the permissions change if they were set individually for a work/file?
Do works/files have to have their visibility permissions updated separately from the collection visibility?

Use Case

User Collections as described in User Collections, Admin Sets, Display Sets

Institution Visibility

Who can manipulate this collection?

	Shared user/group	Other logged-in users	General Public
See collection in Dashboard -> My Files/Collections
See collection in Dashboard -> Files Shared with Me
See collection in search results
View collection detail page
Upload works/files to collection	if shared with edits
Add existing works/files to collection	if shared with edits
Remove works/files from collection	if shared with edits
See works/files from private collection in search results		depends on work/file permissions	depends on work/file permissions
View works/file detail page for file from private collection *		depends on work/file permissions	depends on work/file permissions

* If work/file permissions allow the user to see the detail page, but not to see the collection, then the collection will not be listed in the set of collections for the file on the detail page.

What happens to work/file permission when...

... a work/file is uploaded to a collection with institution visibility?

Does the visibility permission default to institution when new works/files are uploaded?
Is the visibility permission specifically set on the works/files or do they inherit from the collection?
Does the IR enforce the most restrictive visibility permission, thus if the collection is institution, then all works/files also have visibility set to institution unless the work/file has a more restrictive visibility setting of private?
Can you add an existing private work/file to a collection with institution visibility?
Can you add an existing public work/file to a collection with institution visibility?
If an existing work/file is added, does it bring with it the current permission settings? (I assume yes for this.)
Is the user allowed to set a public permission for specific works/files?
Is the user allowed to set a private permission for specific works/files?

... an institution collection changes visibility to public?

Do institution works/files become visible to the public by inheriting the visibility permissions from the collection?
- Do the permissions change if they weren't set individually for a work/file?
- Do the permissions change if they were set individually for a work/file?
Do works/files have to have their visibility permissions updated separately from the collection visibility?

... an institution collection changes visibility to private?

Do institution works/files become private by inheriting the visibility permissions from the collection?
- Do the permissions change if they weren't set individually for a work/file?
- Do the permissions change if they were set individually for a work/file?
Do works/files have to have their permissions updated separate from the change in permission to the collection?

Use Case

Admin Sets as described in User Collections, Admin Sets, Display Sets

Public Visibility

Who can manipulate this collection?

	Creator	Shared user/group	Institution users	Other logged-in users	General Public
See collection in Dashboard -> My Files/Collections
See collection in Dashboard -> Files Shared with Me
See collection in search results
View collection detail page
Upload works/files to collection		if shared with edits
Add existing works/files to collection		if shared with edits
Remove works/files from collection		if shared with edits
See works/files from private collection in search results
View works/file detail page for file from private collection

What happens to work/file permission when...

... a work/file is uploaded to a collection with public visibility?

Does the visibility permission default to public when new works/files are uploaded?
Is the visibility permission specifically set on the works/files or do they inherit from the collection?
Does the IR enforce the most restrictive visibility permission, thus if the collection is public, then all works/files also have visibility set to public unless the work/file has a more restrictive visibility setting of institution or private?
Can you add an existing private work/file to a collection with public visibility?
Can you add an existing institution work/file to a collection with public visibility?
If an existing work/file is added, does it bring with it the current permission settings? (I assume yes for this.)
Is the user allowed to set an institution permission for specific works/files?
Is the user allowed to set a private permission for specific works/files?

... a public collection changes visibility to institution?

Do public works/files become visible to the institution by inheriting the visibility permissions from the collection?
- Do the permissions change if they weren't set individually for a work/file?
- Do the permissions change if they were set individually for a work/file?
Do works/files have to have their visibility permissions updated separately from the collection visibility?

... a public collection changes visibility to private?

Do public works/files become private by inheriting the visibility permissions from the collection?
- Do the permissions change if they weren't set individually for a work/file?
- Do the permissions change if they were set individually for a work/file?
Do works/files have to have their permissions updated separate from the change in permission to the collection?

Use Case

Display Sets as described in User Collections, Admin Sets, Display Sets

Browser not supported