From 2f0481e94e23985d42301835ecf1286874b784ad Mon Sep 17 00:00:00 2001 From: nruest Date: Wed, 14 May 2014 20:48:57 -0400 Subject: [PATCH] 7.x-ISLANDORA-955 --- README.md | 4 +-- policies/permit-apim-to-anonymous-user.xml | 31 ------------------- .../permit-apim-to-authenticated-user.xml | 31 ------------------- .../permit-getDatastream-unrestricted.xml | 25 --------------- ...rmit-getDatastreamHistory-unrestricted.xml | 25 --------------- policies/permit-upload-to-anonymous-user.xml | 31 ------------------- .../permit-upload-to-authenticated-user.xml | 31 ------------------- 7 files changed, 2 insertions(+), 176 deletions(-) delete mode 100644 policies/permit-apim-to-anonymous-user.xml delete mode 100644 policies/permit-apim-to-authenticated-user.xml delete mode 100644 policies/permit-getDatastream-unrestricted.xml delete mode 100644 policies/permit-getDatastreamHistory-unrestricted.xml delete mode 100644 policies/permit-upload-to-anonymous-user.xml delete mode 100644 policies/permit-upload-to-authenticated-user.xml diff --git a/README.md b/README.md index c20adcc7..fc292fa7 100644 --- a/README.md +++ b/README.md @@ -28,13 +28,13 @@ If you want to support languages other than English download and enable [String ## Installation -Before installing Islandora the XACML policies located in the policies folder should be copied into the Fedora global XACML policies folder. This will allow "authenticated users" in Drupal to access Fedora API-M functions. It is to be noted that the `permit-upload-to-anonymous-user.xml` and `permit-apim-to-anonymous-user.xml` files do not need to be present unless requirements for anonymous ingesting are present. +Before installing Islandora the XACML policies located [here](https://github.com/Islandora/islandora-xacml-policies) should be copied into the Fedora global XACML policies folder. This will allow "authenticated users" in Drupal to access Fedora API-M functions. It is to be noted that the `permit-upload-to-anonymous-user.xml` and `permit-apim-to-anonymous-user.xml` files do not need to be present unless requirements for anonymous ingesting are present. You will also have to remove some default policies if you want full functionality as well. Remove deny-purge-datastream-if-active-or-inactive.xml to allow for purging of datastream versions. -More detailed information can be found in the 'Set XACML Policies' in the [Installing Fedora](https://wiki.duraspace.org/display/ISLANDORA712/Installing+Fedora) chapter of the documentation. +More detailed information can be found in the 'Set XACML Policies' in the [Installing Fedora](https://wiki.duraspace.org/display/ISLANDORA713/Installing+Fedora) chapter of the documentation. ## Configuration diff --git a/policies/permit-apim-to-anonymous-user.xml b/policies/permit-apim-to-anonymous-user.xml deleted file mode 100644 index 4fc711f5..00000000 --- a/policies/permit-apim-to-anonymous-user.xml +++ /dev/null @@ -1,31 +0,0 @@ - - - note that other policies may provide exceptions to this broad policy. This policy assumes api-m users have to be authenticated - - - - - anonymous user - - - - - - - - - - - urn:fedora:names:fedora:2.1:action:api-m - - - - - - - diff --git a/policies/permit-apim-to-authenticated-user.xml b/policies/permit-apim-to-authenticated-user.xml deleted file mode 100644 index b6ecea1b..00000000 --- a/policies/permit-apim-to-authenticated-user.xml +++ /dev/null @@ -1,31 +0,0 @@ - - - note that other policies may provide exceptions to this broad policy. This policy assumes api-m users have to be authenticated - - - - - authenticated user - - - - - - - - - - - urn:fedora:names:fedora:2.1:action:api-m - - - - - - - diff --git a/policies/permit-getDatastream-unrestricted.xml b/policies/permit-getDatastream-unrestricted.xml deleted file mode 100644 index 7483cbb3..00000000 --- a/policies/permit-getDatastream-unrestricted.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - Note that other policies may provide exceptions to this broad policy. This policy assumes api-m users have to be authenticated - - - - - - - - - - - urn:fedora:names:fedora:2.1:action:id-getDatastream - - - - - - - diff --git a/policies/permit-getDatastreamHistory-unrestricted.xml b/policies/permit-getDatastreamHistory-unrestricted.xml deleted file mode 100644 index f7662eb0..00000000 --- a/policies/permit-getDatastreamHistory-unrestricted.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - Note that other policies may provide exceptions to this broad policy. This policy assumes api-m users have to be authenticated - - - - - - - - - - - urn:fedora:names:fedora:2.1:action:id-getDatastreamHistory - - - - - - - diff --git a/policies/permit-upload-to-anonymous-user.xml b/policies/permit-upload-to-anonymous-user.xml deleted file mode 100644 index bebcd37b..00000000 --- a/policies/permit-upload-to-anonymous-user.xml +++ /dev/null @@ -1,31 +0,0 @@ - - - - - - - - anonymous user - - - - - - - - - - - urn:fedora:names:fedora:2.1:action:id-upload - - - - - - - diff --git a/policies/permit-upload-to-authenticated-user.xml b/policies/permit-upload-to-authenticated-user.xml deleted file mode 100644 index c69d63c6..00000000 --- a/policies/permit-upload-to-authenticated-user.xml +++ /dev/null @@ -1,31 +0,0 @@ - - - - - - - - authenticated user - - - - - - - - - - - urn:fedora:names:fedora:2.1:action:id-upload - - - - - - -