Hide drafts in full Trieview mode

[Miquel Àngel Serra]

Hello, in our institution we have created a custom group that should be able only to access an specific part of the fond. The fond is currently in draft mode, and we would like that, in the treeview, the members of this group could only see the path to the section of the fond they have to manage.

I thought that a possible solution would be to publish this particular serie and the path to it and set on Deny the View Draft permission of the group. We have done it this way and the result is that for non authenticated users we have the outcome we expected (you can see it in the attached file NonAuthenticated.png) but when a member of the group logs in, they can see the whole tree (as in group.png). Is there any way to show them just the part that we want? (We are using AtoM 2.4.1) 

Thanks in advance

[Dan Gillean]

Hi Miquel, 

I'm not sure that this level of granularity will be supported in AtoM. However, one thing you could try would be denying "View draft" permissions to the authenticated group, and then adding them back to each other group that needs to see them - for this custom group, just for the target fonds or series, by using the "Permissions by archival description" option. See: 

• https://www.accesstomemory.org/docs/latest/user-manual/administer/edit-permissions/#description-permissions
  

A couple important things to note, however: 

First, I'm not sure this will work. All other groups inherit base permissions from the authenticated group, so you may have problems if you deny View Draft permissions there. You can try manually adding back View Draft permissions to other groups, but you will need to do so for all of them, even the default groups like Administrators. Even then, there may be problems. 

As to why there may be problems - AtoM's permissions module is very old, and was first implemented in 2008 or 2009 when web-based technologies were far less mature, AtoM was in its infancy, and its primary use case was small institutions with simple permissions needs and small collections. Currently there are many known issues with the module, all of which are related and difficult to fix individually - but so far we have not found community sponsors willing to fund an overhaul of the permissions module to make it more scalable and performant. 

I have previously described some of these issues in the following threads: 

• https://groups.google.com/g/ica-atom-users/c/ot8ufFi-ZWY/m/0t2fPuBNAwAJ
  
• https://groups.google.com/g/ica-atom-users/c/Vq4fv8Vkr1M/m/i_e8ogk1AwAJ
  

The second one in particular describes some issues that can happen when you start trying to selectively deny "View Draft" permissions. 

We would very much like to replace AtoM's current permissions module with a modern Identity and Access Management library, but this will require major development, and as such, will need support from our community. If you would like to learn more about how we maintain and develop AtoM, please see: 

• https://wiki.accesstomemory.org/Development/Philosophy
  

In the meantime, good luck, and let us know how it goes. 

Cheers, 

Dan Gillean, MAS, MLIS
AtoM Program Manager
Artefactual Systems, Inc.
604-527-2056

@accesstomemory

he / him

--
You received this message because you are subscribed to the Google Groups "AtoM Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ica-atom-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ica-atom-users/886554f4-6d8a-44ee-81b0-b0d70175661cn%40googlegroups.com.