EPrints Technical Mailing List Archive

See the EPrints wiki for instructions on how to join this mailing list and related information.

Message: #07634


< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

Re: [EP-tech] Error whilst depositing via SWORD


Hi John / Fran,

I believe I have made the appropriate tweaks needed in EPrints 3.4's perl_lib/EPrints/Apache/CRUD.pm and this seems to fix the issue from my testing.  You will need to set an extra role for the user that is going to submit "on behalf of" other users.  This permission is:

+user/mediate

I will endeavour to post the updated version to GitHub soon, assuming it is not too different to the version I was working against.  However, if you want to make the changes yourself, there are only three places in CRUD.pm that need fixed (see below).  I am assuming this is on a development instance you are working on, as I would not be 100% confident this will not have any side effects.  John thoughts?

Regards

David Newman

# 1. sub handler
- my( $rc, $owner ) = on_behalf_of( $repo, $r, $user );
+ my( $rc, $owner ) = $self->on_behalf_of( $user );


# 2. sub on_behalf_of
- my( $repo, $r, $user ) = @_;
+ my( $self, $user ) = @_;
 
- my $err = {
- status => HTTP_FORBIDDEN,
- summary => "Target user unknown or no permission to act on-behalf-of",
- };
+ my $r = $self->request;
+       my $repo = $self->repository;
 
  my $_on_behalf_of_ =
  $r->headers_in->{'On-Behalf-Of'} || # SWORD 2.0
$r->headers_in->{'X-On-Behalf-Of'}; # SWORD 1.3
 
        return( OK, $user ) if !$on_behalf_of;

  my $owner = $repo->user_by_username( $on_behalf_of );
 
- return sword_error($repo, $r, %$err )
+ return ( HTTP_FORBIDDEN, undef )
  if !defined $owner;
- return sword_error($repo, $r, %$err ) 
+ return ( HTTP_FORBIDDEN, undef )
  if !$user->allow( "user/mediate", $owner );
 
  return( OK, $owner );


# 3. sub servicedocument
  my $user = $repo->current_user;
  EPrints->abort( "unprotected" ) if !defined $user; # Rewrite foobar
- my $_on_behalf_of_ = on_behalf_of( $repo, $r, $user );
- if( $on_behalf_of->{status} != OK )
+ my ( $status, $on_behalf_of ) = $self->on_behalf_of( $user );
+ if( $status != OK )
  {
- return sword_error( $repo, $r, %$on_behalf_of );
+ return $self->sword_error( 
+ status => HTTP_FORBIDDEN,
+                        summary => "Target user unknown or no permission to act on-behalf-of",
+ );
  }
- $_on_behalf_of_ = $on_behalf_of->{on_behalf_of};



On Mon, 2019-01-07 at 16:30 +0000, John Salter via Eprints-tech wrote:
Hi Fran,
It would depend on the CRIS system, and local policy: is knowing who the depositing author is from within EPrints important?
 
You could create a 'CRIS' account - and all deposits would be made by this account (if the CRIS system allows this).
 
I think both the Pure and the Symplectic connectors can do something similar to this - so it might be worth pursuing.
 
If I get a chance I'll take a look at the module tonight.
Would you be in a position to test a proposed update to the file this week?
 
Cheers,
John
From: eprints-tech-bounces@ecs.soton.ac.uk [mailto:eprints-tech-bounces@ecs.soton.ac.uk] On Behalf Of Fran Callaghan via Eprints-tech
Sent: 07 January 2019 16:08
Subject: Re: [EP-tech] Error whilst depositing via SWORD
 
Hi John,
 
The depositing system is our CRIS. Would this make sense in so far as it would be making deposits "on behalf of" genuine researchers? Does the depositing system need to make this explicit in the first place? Can't it just deposit with a different author name?
 
Thanks all,

Fran Callaghan
 
 
On Mon, 7 Jan 2019 at 15:38, John Salter <J.Salter@leeds.ac.uk> wrote:
Hi Fran,
Taking a quick look at the code, I think the issue is that in the CRUD module, there are a couple of instances where the 'sword_error' is called as a raw function , rather than an object method e.g.:
Normal working:
https://github.com/eprints/eprints/blob/3.3/perl_lib/EPrints/Apache/CRUD.pm#L432-L436
 
Function call in servicedocument function:
https://github.com/eprints/eprints/blob/3.3/perl_lib/EPrints/Apache/CRUD.pm#L1742-L1745
and 'on_behalf_of' function:
https://github.com/eprints/eprints/blob/3.3/perl_lib/EPrints/Apache/CRUD.pm#L1838-L1862
 
This issue will only become apparent when you're doing a SWORD deposit using the 'on-behalf-of' header.
I think it may have been present for ~7 years, when the first line of the sword_error function was changed from
my( $repo, $r, %opts ) = @_;
to
my( $self, %opts ) = @_;
 
I think it's more than a 5-minute job to fix properly - I need to get into the code a bit more to understand what was changed - and how to resolve it.
 
I'll log it in GitHub and let you know try and come up with a solution - unless anyone else fancies having a  go..?
 
Cheers,
John
 
 
From: eprints-tech-bounces@ecs.soton.ac.uk [mailto:eprints-tech-bounces@ecs.soton.ac.uk] On Behalf Of Fran Callaghan via Eprints-tech
Sent: 07 January 2019 14:50
Subject: [EP-tech] Error whilst depositing via SWORD
 
Hi All,
 
We have a third party depositing via SWORD. They're getting a generic 500 message back but when I lookup the error_log corresponding to the time of the test I can see this message...
 
[Mon Jan 07 13:46:18.179171 2019] [perl:error] [pid 10713] [client X.X.X.X] Can't locate object method "repository" via package "EPrints::Repository" at /opt/eprints3/perl_lib/EPrints/Apache/CRUD.pm line 1977.\n
 
Any ideas what's wrong with CRUD.pm? Or is it a problem with the syntax of the deposit? I had expected SWORD to be pretty much plug and play (actually not even 'plug' since the documentation says it is configured by default).
 
**NOTE: I have X'd out the client IP address, it's a genuine IP in the original message
 
Thanks all,
Fran Callaghan
 
 
Séanadh Ríomhphoist/Email Disclaimer
Tá an ríomhphost seo agus aon chomhad a sheoltar leis faoi rún agus is lena úsáid ag an seolaí agus sin amháin é. Is féidir tuilleadh a léamh anseo. 
This e-mail and any files transmitted with it are confidential and are intended solely for use by the addressee. Read more here.
 
 



 
Séanadh Ríomhphoist/Email Disclaimer
Tá an ríomhphost seo agus aon chomhad a sheoltar leis faoi rún agus is lena úsáid ag an seolaí agus sin amháin é. Is féidir tuilleadh a léamh anseo. 
This e-mail and any files transmitted with it are confidential and are intended solely for use by the addressee. Read more here.
 
 



*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
*** EPrints community wiki: http://wiki.eprints.org/
*** EPrints developers Forum: http://forum.eprints.org/