Hyrax - Check that RIIIF requests comply with access control #32

cudevmaxwell · 2019-01-09T14:40:51Z

For example, if an image is locked down to institutional or private access, the image should not be available through RIIIF to the public.

cudevmaxwell · 2019-03-05T15:20:10Z

I'd like confirmation from @orangewolf that this is resolved. I'll also double check.

orangewolf · 2019-03-06T06:51:12Z

@cudevmaxwell yes, a double check is always a good idea. I know the product owner for Hyku (some bloke named @orangewolf) and we'd consider it a pretty big bug if permissions were not checked in RIIIF ;-)

orangewolf · 2019-04-01T16:57:31Z

I've confirmed this by trying to access private images by accessing their full path. Neither manifests or images can be accessed

cudevmaxwell added bug Something isn't working needs testing labels Jan 9, 2019

cudevmaxwell added this to the Beta Release milestone Jan 9, 2019

cudevmaxwell added the notch8-todo-low label Jan 10, 2019

orangewolf mentioned this issue Mar 5, 2019

Ansiblestrano deploy #50

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Hyrax - Check that RIIIF requests comply with access control #32

Hyrax - Check that RIIIF requests comply with access control #32

cudevmaxwell commented Jan 9, 2019

cudevmaxwell commented Mar 5, 2019

orangewolf commented Mar 6, 2019

orangewolf commented Apr 1, 2019

Hyrax - Check that RIIIF requests comply with access control #32

Hyrax - Check that RIIIF requests comply with access control #32

Comments

cudevmaxwell commented Jan 9, 2019

cudevmaxwell commented Mar 5, 2019

orangewolf commented Mar 6, 2019

orangewolf commented Apr 1, 2019