EPrints Technical Mailing List Archive
See the EPrints wiki for instructions on how to join this mailing list and related information.
Message: #05127
< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First
[EP-tech] Re: How to create a private archive ?
- To: eprints-tech@ecs.soton.ac.uk
- Subject: [EP-tech] Re: How to create a private archive ?
- From: Gilles Fournié <gilles.fournie@cirad.fr>
- Date: Wed, 18 Nov 2015 11:29:42 +0100
Hi George and John, Thanks for your ideas.We will first try to restrict access through network config. It's a little more difficult than adding a "Deny from All; Allow from cirad.fr" because all of our researchers are not 'on site'. Many are abroad hosted by partner institutions. But, we hope our technical staff will be able to protect the site this way.
About roles, I think that our public_roles has default rights and none of them seem to be about reading archive. Anyway, I didn't try to remove any right to public-roles. I will do that to see if it may help...
$c->{public_roles} = [qw{ +eprint/archive/rest/get +subject/rest/get +user/public_saved_search/view }];As for minuser, I thought it was an "example" role to show how to create users with minimal rights. And as such i thought it should be assigned to some user to be taken into account. I will try to disable it also.
I didn't know about template/default.xml. I will have a look ! Thanks again, Cheers Gilles Le 18/11/2015 10:49, John Salter a écrit :
Possible alternative approach: When you say 'employees only', do you have any form of 'on site' IP address, or VPN that could be used to control access? As each archive runs in its own vhost, you can restrict access at the Apache layer by adding rules into ~/cfg/apache/ARCHIVEID.conf Cheers, John -----Original Message----- From: eprints-tech-bounces@ecs.soton.ac.uk [mailto:eprints-tech-bounces@ecs.soton.ac.uk] On Behalf Of George Mamalakis Sent: 18 November 2015 09:22 To: eprints-tech@ecs.soton.ac.uk Subject: [EP-tech] Re: How to create a private archive ? Hi Gilles, I think that if you played with cfg.d/user_roles.pl you'd accomplish want you want. I think that if you removed any read privileges from the default role (I'm not sure which one it is, but it could be $c->{public_roles} or probably $c->{user_roles}->{minuser}), or even if you removed this role (minuser) totally from the archive it maybe could do the job. But I tried it in one of my repos, and it didn't work, so maybe I'm doing something wrong. Maybe it would be wiser if I removed some privileges from these roles instead of removing the roles totally. Maybe another approach would be to alter cfg/templates/default.xml to conditionally allow to view items (which would allow access to hand-coded urls to views, which you wouldn't disire), or to change views and searches to return results only on authenticated users (somehow). I know I didn't help enough, but I'm trying to give you some ideas where to start from. Good luck! On 16/11/2015 06:52 μμ, Gilles Fournié wrote:Hi, We would like to use EPrints to manage a database of items not related to publications nor documents. For practical reasons, we would like to install this eprints pseudo-archive on the same server used for our open archive repository. So, it would be accessible from internet. But we need to control access (even for reading) to our employees only. I have found no way to prevent visitors to access views or even to view eprints. I hoped that overriding EPrints::Repository::allow_anybody to make it always return 0 would work, but it doesn't. Any advices or suggestions on how to make this "close archive" would be greatly appreciated. Best regards, Gilles *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech *** Archive: http://www.eprints.org/tech.php/ *** EPrints community wiki: http://wiki.eprints.org/ *** EPrints developers Forum: http://forum.eprints.org/
- References:
- [EP-tech] How to create a private archive ?
- From: Gilles Fournié <gilles.fournie@cirad.fr>
- [EP-tech] Re: How to create a private archive ?
- From: George Mamalakis <mamalos@eng.auth.gr>
- [EP-tech] Re: How to create a private archive ?
- From: John Salter <J.Salter@leeds.ac.uk>
- [EP-tech] How to create a private archive ?
- Prev by Date: [EP-tech] Today: EPrints Community Contributions Day
- Next by Date: [EP-tech] Re: How to create a private archive ?
- Previous by thread: [EP-tech] Re: How to create a private archive ?
- Next by thread: [EP-tech] Re: How to create a private archive ?
- Index(es):