Collection Permissions


Table of Contents


Overview

How permissions work for files?

Visibility Levels:

  • Private - creator only (how does proxy play into this?)
  • Institution - users at an institution
  • Public - all users including non-logged in user

Sharing with specific users/groups abilities:

  • Visibility/Download - specific users and members of identified groups can see the files in search results, but not in the Dashboard -> Files Shared with Me
  • Edit - specific users and members of identified groups can edit the files and see in search results.  File are listed under Dashboard -> Files Shared with Me

NOTE: I am not clear how proxies are work.  I am leaving the discussion of proxies off for now, but would assume that proxies can manipulate collections in the same way they can files.  Perhaps we can elaborate on this if needed.

Proposal for permissions for collections

It is proposed that collections work similarly.  The rest of this document describes the impact of having permissions for collections and asks design questions that need to be resolved prior to implementation.

 


Private Visibility

Who can manipulate this collection?

  Creator Shared user/group Institution users Other logged-in users General Public
See collection in Dashboard -> My Files/Collections          
See collection in Dashboard -> Files Shared with Me          
See collection in search results          
View collection detail page          
Upload works/files to collection   if shared with edits      
Add existing works/files to collection   if shared with edits      
Remove works/files from collection   if shared with edits      
See works/files from private collection in search results     depends on work/file permissions depends on work/file permissions depends on work/file permissions
View works/file detail page for file from private collection     depends on work/file permissions depends on work/file permissions depends on work/file permissions

* If work/file permissions allow the user to see the detail page, but not to see the collection, then the collection will not be listed in the set of collections for the file on the detail page.

What happens to work/file permission when...

... a work/file is uploaded to a collection with private visibility?

  • Does the visibility permission default to private when new works/files are uploaded?
  • Is the visibility permission specifically set on the works/files or do they inherit from the collection?
  • Does the IR enforce the most restrictive visibility permission, thus if the collection is private, then all works/files are private?  Perhaps unless specifically set to have its own permission.
  • Can you add an existing institutional or public work/file to a private collection?
  • If an existing work/file is added, does it bring with it the current permission settings?  (I assume yes for this.)
  • Is the user allowed to set a institutional or public permission for specific works/files?

... a private collection changes visibility to institution or public?

  • Do private works/files become visible to institutions or the public by inheriting the visibility permissions from the collection?
    • Do the permissions change if they weren't set individually for a work/file?
    • Do the permissions change if they were set individually for a work/file?
  • Do works/files have to have their visibility permissions updated separately from the collection visibility?

Use Case

 


Institution Visibility

Who can manipulate this collection?

  Creator Shared user/group Institution users Other logged-in users General Public
See collection in Dashboard -> My Files/Collections          
See collection in Dashboard -> Files Shared with Me          
See collection in search results          
View collection detail page          
Upload works/files to collection   if shared with edits      
Add existing works/files to collection   if shared with edits      
Remove works/files from collection   if shared with edits      
See works/files from private collection in search results       depends on work/file permissions depends on work/file permissions
View works/file detail page for file from private collection *       depends on work/file permissions depends on work/file permissions

* If work/file permissions allow the user to see the detail page, but not to see the collection, then the collection will not be listed in the set of collections for the file on the detail page.

What happens to work/file permission when...

... a work/file is uploaded to a collection with institution visibility?

  • Does the visibility permission default to institution when new works/files are uploaded?
  • Is the visibility permission specifically set on the works/files or do they inherit from the collection?
  • Does the IR enforce the most restrictive visibility permission, thus if the collection is institution, then all works/files also have visibility set to institution unless the work/file has a more restrictive visibility setting of private?
  • Can you add an existing private work/file to a collection with institution visibility?
  • Can you add an existing public work/file to a collection with institution visibility?
  • If an existing work/file is added, does it bring with it the current permission settings?  (I assume yes for this.)
  • Is the user allowed to set a public permission for specific works/files?
  • Is the user allowed to set a private permission for specific works/files?

... an institution collection changes visibility to public?

  • Do institution works/files become visible to the public by inheriting the visibility permissions from the collection?
    • Do the permissions change if they weren't set individually for a work/file?
    • Do the permissions change if they were set individually for a work/file?
  • Do works/files have to have their visibility permissions updated separately from the collection visibility?

... an institution collection changes visibility to private?

  • Do institution works/files become private by inheriting the visibility permissions from the collection?
    • Do the permissions change if they weren't set individually for a work/file?
    • Do the permissions change if they were set individually for a work/file?
  • Do works/files have to have their permissions updated separate from the change in permission to the collection?

Use Case

Admin Sets as described in User Collections, Admin Sets, Display Sets

 

 


Public Visibility

Who can manipulate this collection?

  Creator Shared user/group Institution users Other logged-in users General Public
See collection in Dashboard -> My Files/Collections          
See collection in Dashboard -> Files Shared with Me          
See collection in search results