Re: [greenstone-users] Using customized DTD for import, user access levels

From Michael Dewsnip
DateTue, 25 Jan 2005 17:05:07 +1300
Subject Re: [greenstone-users] Using customized DTD for import, user access levels
In-Reply-To (41E828E5-70202-univie-ac-at)
Hi Birgit,

> The Librarian Interface is - it seems - not an option for this
> collection because it uses a customized field format in metadata.xml,
> and if I understand things correctly, the Librarian Interface requires
> consistency with the Greenstone DTD.
>
> This is actually another problem: I understand that if I don't use the
> Librarian Interface, I can't let people add data to collections
> remotely, or can I?
> I would need some possibility for people to do this: access a website,
> login, enter metadata through a form, upload a file name, and then
> import the file into a specific collection.
> It seems possible to write a cgi-script that (a) handles login, (b)
> offers a form for entry of metadata, (c) handles file upload into the
> import directory, and (d) calls import.pl and buildcol.pl to carry out
> import processes, but security-wise this entails that the import
> directory would have to be world-writable, and presumably also has
> adverse effects regarding permissions of import.pl and buildcol.pl.

Before discussing this, we need to make sure that the GLI really can't
do what you need it to (below).

> Is there really no way to use the Librarian Interface with a
> customized metadata.xml format? Can't I write my own DTD and have
> Greenstone use it?
> (Oh, and ideally certain users should be allowed only to add data to
> an existing collection, and NOT to import with --removeold.)

What changes do you need to make to the metadata.xml format?

> The second big issue now is user access to the collection itself. The
> user manual mentions that it is in principle possible to restrict user
> access to a collection on a file-to-file basis, but I couldn't find
> any further specifics on how to do this.
>
> At any rate, here is what we plan to do: some files in the collection
> should be public to everyone, whereas others should be available only
> to a certain group of users that ideally should be definable (not
> "administrators" or "colbuilders", but something like "institute
> members"). Of course, non-public files should also not be included in
> search results performed by users that have not logged into the system
> or have no "institute" privileges. Is this doable?

Yes, this functionality is available in Greenstone. One of the
documented example collections, the "authentication and formatting demo"
(http://www.nzdl.org/cgi-bin/library?a=p&p=about&c=authen-e) describes
how this works.

Regards,

Michael