select
roleassignment.definitionpoint_id,
roleassignment.assigneeidentifier
from
roleassignment
where
definitionpoint_id in (‘datasetID1’, ‘datasetID2’)
The username in the roleassignment table is prepended with an @ sign.
If your installation has any custom roles that don't have the "file download" permission, you would have to find out those roles' role_ids in the roleassignment table and exclude them from the query. The dataverserole table has the role_ids and their names. That table's permissionbits column looks like it shows which permissions those roles have. Not sure if those numbers could be used somehow to figure out which users have certain permissions on datasets...
To replace the dataset_id with the title of the dataset, I combined that query with another query to get metadata values. This is where three other tables join:
datasetfieldvalue.value,roleassignment.assigneeidentifier
datasetfieldvalue
datasetfield.datasetfieldtype_id = 1and datasetfield.template_id is nulland definitionpoint_id in (‘datasetID1’, ‘datasetID2’)
and datasetversion.createtime in
(
select max(datasetversion.createtime) as maxfrom datasetversiongroup by datasetversion.dataset_id)
--
You received this message because you are subscribed to the Google Groups "Dataverse Users Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dataverse-commu...@googlegroups.com.
To post to this group, send email to dataverse...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dataverse-community/4d68f932-0db4-4a1f-8d70-0be95ba8cf97%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
To unsubscribe from this group and stop receiving emails from it, send an email to dataverse-community+unsub...@googlegroups.com.
To post to this group, send email to dataverse-community@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dataverse-community/4d68f932-0db4-4a1f-8d70-0be95ba8cf97%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
To post to this group, send email to dataverse...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dataverse-community/4d68f932-0db4-4a1f-8d70-0be95ba8cf97%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
The second query returns the list of categories (not sure if there is a simpler way of specifying the categories of datasetid's) and the list order is expected to be the same as that specified in the first source query (or so I believe).
--
You received this message because you are subscribed to the Google Groups "Dataverse Users Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dataverse-commu...@googlegroups.com.
To post to this group, send email to dataverse...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dataverse-community/4ea9b836-c26d-4ae2-948d-4c87b79af94c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Hi Julian - ADA has government departments as data owners and many of ADA's requirements (including the request access details at request access instead of download, and reporting issues such as this one wrt permissions) are a result of their requirements although we were surprised more people wouldn't be interested in who has access permission to their data?
I am not sure if it needs to be a github issue but maybe adding a query to the record of queries in the google community is enough? I rewrote the query to simplify it, btw, as I just sort of hacked at the previous one by adding joins until I got the result I wanted. I'll post the simplified version when I have a moment.
I did think of looking at the actionlogrecord table over the weekend (I keep forgetting that table exists) and maybe that is a simpler solution although string matching on tens of (hundreds of?) thousands of rows may be an issue (or maybe not) if the authenticateduser details are required. Do you think that would be a big hit on database performance?
Thanks!
M.
I did think of looking at the actionlogrecord table over the weekend (I keep forgetting that table exists) and maybe that is a simpler solution although string matching on tens of (hundreds of?) thousands of rows may be an issue (or maybe not) if the authenticateduser details are required. Do you think that would be a big hit on database performance?
Thanks Marina! I added those three queries to the list we've been collecting. I'd like to make the headings a little more user friendly (#perm = 1 for count(*) > 1) but can't run these to see what they're doing (I won't be getting crosstab). Would you have a minute to prosify the headings a little? I can give you edit access if you have a minute.