At UC San Diego we have a few use cases that require us to make a distinction between access control on a source file (original file) and derivatives. Most of these are related to traditonal digitized library collections where there is a donor or content provider agreement that the source files cannot be made publicly available for view/download.
Our discussion started with a post on Samvera Tech [1]. Essentially the core use case is as follows:
- upload a source file (tiff, wav, etc.)
- mark that object with the visibility of "public"
- mark the source file with visibility of "private" does not exist
Current Behavior:
- Public/end users CAN download the source file including any derivatives
- Curators/admins CAN download the source file including any derivatives
Expected Behavior:
- Public/end users CANNOT download the source file, but they can for any derivatives
- Curators/admins CAN download the source file including any derivatives
On the 08-09-2017 tech call [2] the issue was discussed more and it was agreed that we (UCSD) would write up a ticket in Hyrax.
After spending a little time looking at the Hyrax codebase, it is not clear to us what the best path forward would be. It looks like several parts of the code would need to be updated/taught to look at File ACL's instead of always assuming all files in a Fileset have the same ACL.
We've created a local PR [3] which adds some initial support for this, as well as support for other File(set) use cases we have such as preservation source files.
We had intended to create this ticket with a proposed solution, but since we do not have one we are curious if there are any folks within the community willing to work with us on a solution.