Uploaded image for project: 'Fedora Repository Project'
  1. Fedora Repository Project
  2. FCREPO-776

Allow externally-managed content referring to a file URI to be readable by unauthenticated users

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: Fedora 3.3, Fedora 3.4, Fedora 3.4.1
    • Fix Version/s: Fedora 3.6
    • Component/s: legacy - Fedora
    • Labels:
      None
    • Roadmap Theme:
      Security: Authorization

      Description

      When policy enforcement is turned on, and there is a policy in place to allow file uploads from specified paths, only an authenticated user is allowed to see the created externally-managed datastream. Attached is a transcript of what takes place, but in summary, I'm allowed, as fedoraAdmin, to create objects with M and E datastreams whose content is uploaded via the file URI; however, when I attempt to view the Externally Managed datastreams (E) as an unauthenticated anonymous user, I get a "Policy blocked datastream resolution" exception in the logs, caused by a "AuthzDeniedException":

      Caused by: org.fcrepo.server.errors.authorization.AuthzDeniedException:
      at org.fcrepo.server.security.PolicyEnforcementPoint.enforce(PolicyEnforcementPoint.java:422) [fcrepo-server-3.4-SNAPSHOT.jar:na]
      at org.fcrepo.server.security.DefaultAuthorization.enforceRetrieveFile(DefaultAuthorization.java:1660) [fcrepo-server-3.4-SNAPSHOT.jar:na]
      at org.fcrepo.server.storage.DefaultExternalContentManager.getFromFilesystem(DefaultExternalContentManager.java:242) [fcrepo-server-3.4-SNAPSHOT.jar:na]

      If I retrieve the E datastream authenticated as the fedoraAdmin, then I can see it. Datastreams of other types within the same object are visible to the world, as expected.

      Creation of externally-managed datatstreams that use a file URI should be controlled by the file-resolution policies, but once the datastreams are created, they should be visible to the world according to the same rules that apply to M, R, and X datastreams in an object.

      See attachments for a transcript of a test showing this behavior, and a sample policy file that replaces deny-unallowed-file-resolution.xml.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              barmintor Benjamin Armintor
              Reporter:
              sprater Scott Prater
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: