Hello,
Thanks for your reply.
Is that possible to create new endpoint to store that policy in resource
policy table for the normal user, or
is that possible to create policy for the normal user with with admin
credentials (username and password)
Or else I want to create multiple tables like 1. Administrator- has all
access
2. Anonymous- has read permissions
3. group3 - only have access to read for particular community/collection etc
4.group4 - only have permission to write in particular
community/collection/item etc
here for admin, anonymous we have all permissions, policies now i have
added 2 fields in new user registration(front-end) 1. grouptype - here it
fetches the available group from db 2. community type- here it fetches the
stored community from db so when a new user register if they select group 3
in grouptype and community type it has to create an policy respect to that
group and store that in resource policy table
On Mon, Oct 23, 2023 at 9:15 PM DSpace Technical Support <
dspace-tech@googlegroups.com> wrote:
> Hi,
>
> That "/api/authz/resourcepolicies" endpoint is only available to accounts
> with Administrator permissions (and always requires authentication to
> access even basic information). Normal users or anonymous users cannot
> use that endpoint to add new or modify existing ones policies. This is for
> security reasons, as allowing other users to use this endpoint would also
> allow them to change the permissions of *any object within DSpace *(as
> that "resourcepolicies" endpoint can be potentially used to manage every
> object in the system)
>
> So, I suspect you'd need to either create a new REST endpoint or customize
> the backend to do what you need to do. But, be very careful about security
> when creating new endpoints. DSpace purposefully locks down endpoints to
> Admin-only (or applies other security protections) when it is dangerous to
> make them publicly callable... this is a security feature.
>
> Tim
>
> On Friday, October 20, 2023 at 12:27:10 AM UTC-5 geethanj...@gmail.com
> wrote:
>
>> Hi,
>>
>> i have added an drop-down field called community in the new user
>> registration page. In here it fetches the available communities from
>> database and shown in the drop down.
>>
>> Now i want to create an read permission for the user who registered for
>> the selected community.
>> (example: if John is a new user who try to register through their email,
>> In registration form John select Community1 so when he submit the for the
>> read policy has to create for John uuid with community1 uuid)
>>
>> I have try this but it shows error like :
>>
>> An error occurred: Object { headers: {…}, status: 401, statusText: "OK",
>> url: "http://localhost:8080/server/api/authz/resourcepolicies";, ok:
>> false, name: "HttpErrorResponse", message: "Http failure response for
>> http://localhost:8080/server/api/authz/resourcepolicies: 401 OK", error:
>> {…} } error: Object { timestamp: "2023-10-18T07:01:13.751+00:00", status:
>> 401, error: "Unauthorized", … } error: "Unauthorized" message:
>> "Authentication is required" path: "/server/api/authz/resourcepolicies"
>> status: 401 timestamp: "2023-10-18T07:01:13.751+00:00"
>> <prototype>: Object { … } headers: Object { normalizedNames: Map(5),
>> lazyUpdate: null, lazyInit: null, … } message: "Http failure response for
>> http://localhost:8080/server/api/authz/resourcepolicies: 401 OK" name:
>> "HttpErrorResponse" ok: false status: 401 statusText: "OK" url: "
>> http://localhost:8080/server/api/authz/resourcepolicies";
>>
>> can anyone know how to resolve this error or else how can i get the admin
>> access token
>>
> --
> All messages to this mailing list should adhere to the Code of Conduct:
> https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx
> ---
> You received this message because you are subscribed to the Google Groups
> "DSpace Technical Support" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to dspace-tech+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/dspace-tech/1b19e2d7-6233-4bcf-b269-e82fb63260bfn%40googlegroups.com
> <https://groups.google.com/d/msgid/dspace-tech/1b19e2d7-6233-4bcf-b269-e82fb63260bfn%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>
--
All messages to this mailing list should adhere to the Code of Conduct:
https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx
---
You received this message because you are subscribed to the Google Groups
"DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to dspace-tech+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/dspace-tech/CAFsX1oUGn8i0%2BF0roZjrQxGT58HR7sx-XVXjVbA1CuDXv0hjew%40mail.gmail.com.
