[GeoNetwork-devel] Harvested metadata ownership

Hi,

This may be a "stupid" mail, but I want to make sure I am not breaking
something bigger I cannot see.

I know that harvesters in GeoNetwork are pretty chaotic and each has a
different approach. But sometimes the functionality is too
inconsistent. Now I am trying to fix the ownership of the harvested
metadata.

The situation is this:
You can setup the owner and the group the metadata is going to be
owned by, which is the user that creates/owns the harvester and one of
his groups. Good up to this point.

But then, some harvesters just set up this relation on the metadata
creation. So if the owner (can be changed?) or the group owner of the
harvester is changed, the metadata updated will not update the
ownership. You will have to remove manually all the data to have this
change.

And then, some harvesters have a special usecase (CSW harvester on
this case) so if the harvester is run manually, the harvested metadata
will belong to the user that clicked on the "Run" button.

Can we agree on a common approach? Or is there any reason to have
special usecases?

Does it make sense that the person who runs the harvester is the one
who owns the metadata? Because then, after the next run, all those
metadata records will belong to another person.

Does it make sense that the ownership is only setup on the creation of
metadata? Or is it clearly a bug I should fix?

To me it should work like this:
On creation and update, the owner and groupowner should be the one
defined on the harvester settings at the moment of the harvester run.
If this settings change, you have to wait until next run to update
privileges (as happens if you update other settings on the harvester,
you have to run it again to see the changes).

I am missing something?

Kind regards,

María Arias de Reyna Domínguez

Veenderweg 13
6721 WD Bennekom
The Netherlands
T: +31 (0)318 416664

Please consider the environment before printing this email.

Hi Maria, thanks for this research. Interesting findings.

···

2016-11-30 16:43 GMT+01:00 Maria Arias de Reyna <maria.arias@anonymised.com>:

Hi,

This may be a “stupid” mail, but I want to make sure I am not breaking
something bigger I cannot see.

I know that harvesters in GeoNetwork are pretty chaotic and each has a
different approach. But sometimes the functionality is too
inconsistent. Now I am trying to fix the ownership of the harvested
metadata.

The situation is this:
You can setup the owner and the group the metadata is going to be
owned by, which is the user that creates/owns the harvester and one of
his groups. Good up to this point.

But then, some harvesters just set up this relation on the metadata
creation. So if the owner (can be changed?) or the group owner of the
harvester is changed, the metadata updated will not update the
ownership. You will have to remove manually all the data to have this
change.

And then, some harvesters have a special usecase (CSW harvester on
this case) so if the harvester is run manually, the harvested metadata
will belong to the user that clicked on the “Run” button.

Can we agree on a common approach? Or is there any reason to have
special usecases?

Does it make sense that the person who runs the harvester is the one
who owns the metadata? Because then, after the next run, all those
metadata records will belong to another person.

Does it make sense that the ownership is only setup on the creation of
metadata? Or is it clearly a bug I should fix?

To me it should work like this:
On creation and update, the owner and groupowner should be the one
defined on the harvester settings at the moment of the harvester run.
If this settings change, you have to wait until next run to update
privileges (as happens if you update other settings on the harvester,
you have to run it again to see the changes).

I am missing something?

Kind regards,

María Arias de Reyna Domínguez

Veenderweg 13
6721 WD Bennekom
The Netherlands
T: +31 (0)318 416664

Please consider the environment before printing this email.

Hi Paul,

The group owner is selected when creating the harvester (see
attachment). My question is more focused to make sure I am not missing
any feature that may be broken because changing how some harvesters
work.

On Wed, Nov 30, 2016 at 4:53 PM, Paul van Genuchten
<paul.vangenuchten@anonymised.com> wrote:

Hi Maria, thanks for this research. Interesting findings.
From my perspective the user that creates a harvester should be able to
select an owner-group for the harvester (only useradmins from that group are
allowed to change the harvester) any metadata created by that harvester
should also recieve that ownergroup. Selecting an ownergroup is relevant for
2 cases: if you take one of the groups of the user by default, the user may
belong to multiple groups, which group to take? And it also happens quite a
lot that a system administrator creates a harvester, which should later be
managed (owned) by one of the users.

2016-11-30 16:43 GMT+01:00 Maria Arias de Reyna <maria.arias@anonymised.com>:

Hi,

This may be a "stupid" mail, but I want to make sure I am not breaking
something bigger I cannot see.

I know that harvesters in GeoNetwork are pretty chaotic and each has a
different approach. But sometimes the functionality is too
inconsistent. Now I am trying to fix the ownership of the harvested
metadata.

The situation is this:
You can setup the owner and the group the metadata is going to be
owned by, which is the user that creates/owns the harvester and one of
his groups. Good up to this point.

But then, some harvesters just set up this relation on the metadata
creation. So if the owner (can be changed?) or the group owner of the
harvester is changed, the metadata updated will not update the
ownership. You will have to remove manually all the data to have this
change.

And then, some harvesters have a special usecase (CSW harvester on
this case) so if the harvester is run manually, the harvested metadata
will belong to the user that clicked on the "Run" button.

Can we agree on a common approach? Or is there any reason to have
special usecases?

Does it make sense that the person who runs the harvester is the one
who owns the metadata? Because then, after the next run, all those
metadata records will belong to another person.

Does it make sense that the ownership is only setup on the creation of
metadata? Or is it clearly a bug I should fix?

To me it should work like this:
On creation and update, the owner and groupowner should be the one
defined on the harvester settings at the moment of the harvester run.
If this settings change, you have to wait until next run to update
privileges (as happens if you update other settings on the harvester,
you have to run it again to see the changes).

I am missing something?

Kind regards,

María Arias de Reyna Domínguez

Veenderweg 13
6721 WD Bennekom
The Netherlands
T: +31 (0)318 416664

Please consider the environment before printing this email.

------------------------------------------------------------------------------

_______________________________________________
GeoNetwork-devel mailing list
GeoNetwork-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geonetwork-devel
GeoNetwork OpenSource is maintained at
http://sourceforge.net/projects/geonetwork

(attachments)

Captura de pantalla de 2016-11-30 16:58:43.png

Hi,

In the different harvesters, I think we have 2 cases :

  • the harvester have no info about users/groups/privileges eg. CSW and most of the others
  • the harvester can have info about users/groups/privileges eg. GN protocol which uses MEF and has the info.xml that provides those info

About owner and ownergroup, I’m not sure we should even set it when harvesting records (some GN version even does not allow to change that). What is mainly important is the privileges.

Cheers.

Francois

···

2016-11-30 16:53 GMT+01:00 Paul van Genuchten <paul.vangenuchten@anonymised.com>:

Hi Maria, thanks for this research. Interesting findings.
From my perspective the user that creates a harvester should be able to select an owner-group for the harvester (only useradmins from that group are allowed to change the harvester) any metadata created by that harvester should also recieve that ownergroup. Selecting an ownergroup is relevant for 2 cases: if you take one of the groups of the user by default, the user may belong to multiple groups, which group to take? And it also happens quite a lot that a system administrator creates a harvester, which should later be managed (owned) by one of the users.



GeoNetwork-devel mailing list
GeoNetwork-devel@…537…sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geonetwork-devel
GeoNetwork OpenSource is maintained at http://sourceforge.net/projects/geonetwork

2016-11-30 16:43 GMT+01:00 Maria Arias de Reyna <maria.arias@anonymised.com>:

Hi,

This may be a “stupid” mail, but I want to make sure I am not breaking
something bigger I cannot see.

I know that harvesters in GeoNetwork are pretty chaotic and each has a
different approach. But sometimes the functionality is too
inconsistent. Now I am trying to fix the ownership of the harvested
metadata.

The situation is this:
You can setup the owner and the group the metadata is going to be
owned by, which is the user that creates/owns the harvester and one of
his groups. Good up to this point.

But then, some harvesters just set up this relation on the metadata
creation. So if the owner (can be changed?) or the group owner of the
harvester is changed, the metadata updated will not update the
ownership. You will have to remove manually all the data to have this
change.

And then, some harvesters have a special usecase (CSW harvester on
this case) so if the harvester is run manually, the harvested metadata
will belong to the user that clicked on the “Run” button.

Can we agree on a common approach? Or is there any reason to have
special usecases?

Does it make sense that the person who runs the harvester is the one
who owns the metadata? Because then, after the next run, all those
metadata records will belong to another person.

Does it make sense that the ownership is only setup on the creation of
metadata? Or is it clearly a bug I should fix?

To me it should work like this:
On creation and update, the owner and groupowner should be the one
defined on the harvester settings at the moment of the harvester run.
If this settings change, you have to wait until next run to update
privileges (as happens if you update other settings on the harvester,
you have to run it again to see the changes).

I am missing something?

Kind regards,

María Arias de Reyna Domínguez

Veenderweg 13
6721 WD Bennekom
The Netherlands
T: +31 (0)318 416664

Please consider the environment before printing this email.

Hi,

On Wed, Nov 30, 2016 at 5:02 PM, Francois Prunayre
<fx.prunayre@anonymised.com> wrote:

Hi,

In the different harvesters, I think we have 2 cases :
* the harvester have no info about users/groups/privileges eg. CSW and most
of the others
* the harvester can have info about users/groups/privileges eg. GN protocol
which uses MEF and has the info.xml that provides those info

So we are asuming that the owner and group owner of the harvested
metadata should be the same as in the remote server? That we will have
the same users and groups meaning the same? A bit risky... but if
that's how it is used, ok.

About owner and ownergroup, I'm not sure we should even set it when
harvesting records (some GN version even does not allow to change that).

Not sure what you mean. A metadata has to have an owner and a group
owner. Even if it is harvested and shouldn't be edited. Does
GeoNetwork allow a metadata with no owner and/or group owner? Wouldn't
it break other stuff if we leave it null?

What is mainly important is the privileges.

Agree on that

Hi

About owner and ownergroup, I’m not sure we should even set it when
harvesting records (some GN version even does not allow to change that).

Not really sure, in old versions I remember some code assigning owneruser =1 and groupowner=2 (sample group) to the harvested metadata. The main issue for me is that never clear the usage of these fields along with the privileges.

I think even if no privileges are set the owneruser can always view/edit the metadata, but no clear about what really does the groupowner.

I agree should use a unified criteria, except possibly as Francois indicates for the GN harvester, but not sure what side effects can have.

Regards,
Jose García

···

On Wed, Nov 30, 2016 at 5:07 PM, María Arias de Reyna <delawen@anonymised.com> wrote:

Hi,

On Wed, Nov 30, 2016 at 5:02 PM, Francois Prunayre
<fx.prunayre@anonymised.com> wrote:

Hi,

In the different harvesters, I think we have 2 cases :

  • the harvester have no info about users/groups/privileges eg. CSW and most
    of the others
  • the harvester can have info about users/groups/privileges eg. GN protocol
    which uses MEF and has the info.xml that provides those info

So we are asuming that the owner and group owner of the harvested
metadata should be the same as in the remote server? That we will have
the same users and groups meaning the same? A bit risky… but if
that’s how it is used, ok.

About owner and ownergroup, I’m not sure we should even set it when
harvesting records (some GN version even does not allow to change that).

Not sure what you mean. A metadata has to have an owner and a group
owner. Even if it is harvested and shouldn’t be edited. Does
GeoNetwork allow a metadata with no owner and/or group owner? Wouldn’t
it break other stuff if we leave it null?

What is mainly important is the privileges.

Agree on that



GeoNetwork-devel mailing list
GeoNetwork-devel@…537…sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geonetwork-devel
GeoNetwork OpenSource is maintained at http://sourceforge.net/projects/geonetwork

Vriendelijke groeten / Kind regards,

Jose García


Veenderweg 13
6721 WD Bennekom
The Netherlands
T: +31 (0)318 416664

Please consider the environment before printing this email.

On Wed, Nov 30, 2016 at 5:15 PM, Jose Garcia <jose.garcia@anonymised.com> wrote:

Hi

> About owner and ownergroup, I'm not sure we should even set it when
> harvesting records (some GN version even does not allow to change that).

Not really sure, in old versions I remember some code assigning owneruser =1
and groupowner=2 (sample group) to the harvested metadata. The main issue
for me is that never clear the usage of these fields along with the
privileges.

Yes, very very old ancient legacy code:

https://github.com/geonetwork/core-geonetwork/blob/develop/harvesters/src/main/java/org/fao/geonet/kernel/harvest/harvester/csw/Aligner.java#L272

I think even if no privileges are set the owneruser can always view/edit
the metadata, but no clear about what really does the groupowner.

The groupowner is also used to see who can administer the harvester.

I agree should use a unified criteria, except possibly as Francois
indicates for the GN harvester, but not sure what side effects can have.

Regards,
Jose García

On Wed, Nov 30, 2016 at 5:07 PM, María Arias de Reyna <delawen@anonymised.com...>
wrote:

Hi,

On Wed, Nov 30, 2016 at 5:02 PM, Francois Prunayre
<fx.prunayre@anonymised.com> wrote:
> Hi,
>
> In the different harvesters, I think we have 2 cases :
> * the harvester have no info about users/groups/privileges eg. CSW and
most
> of the others
> * the harvester can have info about users/groups/privileges eg. GN
protocol
> which uses MEF and has the info.xml that provides those info

So we are asuming that the owner and group owner of the harvested
metadata should be the same as in the remote server? That we will have
the same users and groups meaning the same? A bit risky... but if
that's how it is used, ok.

> About owner and ownergroup, I'm not sure we should even set it when
> harvesting records (some GN version even does not allow to change that).

Not sure what you mean. A metadata has to have an owner and a group
owner. Even if it is harvested and shouldn't be edited. Does
GeoNetwork allow a metadata with no owner and/or group owner? Wouldn't
it break other stuff if we leave it null?

> What is mainly important is the privileges.

Agree on that

------------------------------------------------------------
------------------
_______________________________________________
GeoNetwork-devel mailing list
GeoNetwork-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geonetwork-devel
GeoNetwork OpenSource is maintained at http://sourceforge.net/project
s/geonetwork

--

*Vriendelijke groeten / Kind regards,Jose García
<http://www.geocat.net/&gt;Veenderweg 136721 WD BennekomThe NetherlandsT: +31
(0)318 416664 <+31318416664> <https://www.facebook.com/geocatbv&gt;
<https://twitter.com/geocat_bv&gt;
<https://plus.google.com/u/1/+GeocatNetbv/posts&gt;Please consider the
environment before printing this email.*

2016-11-30 17:07 GMT+01:00 María Arias de Reyna <delawen@anonymised.com>:

Hi,

On Wed, Nov 30, 2016 at 5:02 PM, Francois Prunayre
<fx.prunayre@anonymised.com> wrote:
> Hi,
>
> In the different harvesters, I think we have 2 cases :
> * the harvester have no info about users/groups/privileges eg. CSW and
most
> of the others
> * the harvester can have info about users/groups/privileges eg. GN
protocol
> which uses MEF and has the info.xml that provides those info

So we are asuming that the owner and group owner of the harvested
metadata should be the same as in the remote server? That we will have
the same users and groups meaning the same? A bit risky... but if
that's how it is used, ok.

I think at the beginning, there was the idea to also share groups between
catalogs so privileges set in one catalog will be transferred to the one
harvesting if having the same groups. Which could be useful in some case.

> About owner and ownergroup, I'm not sure we should even set it when
> harvesting records (some GN version even does not allow to change that).

Not sure what you mean. A metadata has to have an owner and a group
owner. Even if it is harvested

Yep we have that db constraints I think, even if it's maybe not relevant
for harvested records.

and shouldn't be edited.

Shouldn't but can (if enabled in the admin).

Francois

Does
GeoNetwork allow a metadata with no owner and/or group owner? Wouldn't
it break other stuff if we leave it null?

> What is mainly important is the privileges.

Agree on that

In any case, I made a a pull request regarding this. Maybe we can move
the discussion there:

https://github.com/geonetwork/core-geonetwork/pull/1786