You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For reasons of simplicity, we make use of RecordServices to create and update records and drafts.
For permission checks, these services require the identity of the user making the changes.
Currently, the provided identity is hard-coded as an arbitrary value and the permission checks are bypassed.
Improvements
Since this is hardly optimal, some thoughts should be given on how to improve the situation.
It should be noted however that the impact of this is very likely relatively small, and the solution approaches should be kept as simple as possible.
Specification of an maDMP Record Creator
One idea would be to (optionally) allow a specific user to be marked as the "maDMP record creator", who will be set as the creator of all new records/drafts created by the maDMP integration.
If this user is not set (i.e. no user is marked), the first relevant contributor (as parsed from the DMP) could still be used as the record's owner.
Either way, the creator's identity could be used for permission checks.
The text was updated successfully, but these errors were encountered:
Current Situation
For reasons of simplicity, we make use of RecordServices to create and update records and drafts.
For permission checks, these services require the identity of the user making the changes.
Currently, the provided identity is hard-coded as an arbitrary value and the permission checks are bypassed.
Improvements
Since this is hardly optimal, some thoughts should be given on how to improve the situation.
It should be noted however that the impact of this is very likely relatively small, and the solution approaches should be kept as simple as possible.
Specification of an maDMP Record Creator
One idea would be to (optionally) allow a specific user to be marked as the "maDMP record creator", who will be set as the creator of all new records/drafts created by the maDMP integration.
If this user is not set (i.e. no user is marked), the first relevant contributor (as parsed from the DMP) could still be used as the record's owner.
Either way, the creator's identity could be used for permission checks.
The text was updated successfully, but these errors were encountered: