Permissions and Access Control
The permissions system in Metavus determines who can create, edit, and view items.
In Metavus, Authoring refers to the creation of new items, Editing refers to the modification of existing items, and Viewing refers to the display of items.
How Permissions are Applied
This system works in two levels: Schema permissions and field permissions. The schema permissions establish minimum requirements that apply to all fields. Field permissions can be used to provide additional restrictions for specific fields beyond what the schema requires. Note that for each field, Metavus first evaluates the schema permissions and only if those requirements are satisfied does it proceed to check the field permissions.
For your reference, schema permissions are repeated on the Editing page for each metadata field, along with an 'edit' button to modify the schema permissions. Any changes to schema permissions will apply to all fields from that schema, not just to the field you were editing when the 'edit' button was clicked.
Conditions Used in Permissions
Each authoring/editing/viewing permission is made up of a series of conditions, combined with a logical operator, which must be satisfied to perform the corresponding action. Each condition may be either a check against item field values, a check of user privilege flags, or a condition subgroup containing its own logical operator.
In contexts where no one specific item can provide values for evaluating conditions, checks against item field values will be considered satisfied if the collection contains any items that could satisfy them. For example, on the Advanced Search page, no items are displayed. Therefore, there is no one specific item to use for privilege checks on that page. So, a condition like "Language is English" will be satisfied if the collection contains any items where the Language is "English".
Example Viewing Permissions
An examination of the default Viewing permissions illustrates how the system works:
| Top level logic: OR | Conditions will all be ORed together (satisfying any one of them is sufficient to satisfy the requirements). |
| Current user has Master Resource Administrator privilege | All users having 'Master Resource Administrator' are able to view all fields, unless the field specifies further restrictions. |
| Record Status contains "Published" | All fields on any item marked Published should be viewable, unless the field specifies further restrictions. Note that this check is skipped when there is not a specific item to check (e.g., on the Advanced Search page). |
| ( Top level logic: AND | Begin a new privilege subgroup where conditions are ANDed together (all conditions are required in order to satisfy the subgroup). This subgroup allows all users having Personal Resource Administrator to view any field on items for which their user account is the value of the 'Added By Id' metadata field. |
| Added By Id is Current User | |
| ) | End the privilege subgroup. |
Advanced Example: sub-collections
Suppose you manage a collection to be used for both public items and private instructional materials. There are two kinds of private instructional materials, assignments and answer keys, along with three kinds of users: students, teaching assistants, and instructors. Students should only be able to view the assignments, teaching assistants should be able to view both types, and instructors should be able to edit answer keys and assignments but not public items.
To accomplish this, you'll first create Custom Privilege Flags for each of your three user types. Then, you'll use Edit Option Lists to update Resource Type to include your material types (i.e. assignment and answer key) along with 'Public'.
Then, configure the following Schema-level viewing privileges:
(
(
(
Current User has Student privilege
OR
(
(
Current User has Instructor privilege
The corresponding schema-level editing privileges would then be:
(
Release Flag is true AND
(
Resource Type is Answer Key