1.0.1 Authenticated / role based restrictions in default NSI plugin for both Live and Point-in-time data
From ABS:
Authenticated / role based restrictions on who can see and action data before it is released in both the design and disseminate spaces
- A quick code review suggests that the ability to protect pre-release PIT data from unauthorised access or actions has not yet been implemented
- No permission types that mention embargo data and the authorisation code in the data access module is commented out
Proposed behaviour:
Access to reading PIT data (the authorisation of a request to mapping sets with a validity date in the future) should only have users with either:
- CanImportData and CanReadData permissions or
- CanReadPitData permission (new permission type to be created)
This solution allows thus for viewers of PIT release data that are not identical to the editors.
The authorisation validation should be done in the default NSI data retrieval as implemented in https://gitlab.com/sis-cc/.stat-suite/dotstatsuite-core-common/-/issues/35, and not in the legacy .Stat Core plugin.
This ticket includes also the proper handling of the access rights for current live data.
Tasos:
“*I created the following ticket https://citnet.tech.ec.europa.eu/CITnet/jira/browse/SDMXRI-1336 and included the preferable solution
If/When it is ok I will create the corresponding tickets for MSDB and Java* ”
Details from discussion below:
@ZsoltLenart: "As of now the CanReadData permission is sufficient to retrieve data of PIT release. A workaround/solution could be to extend the authorization validation to require CanImportData permission to access PIT data. Something like this:
_targetVersion == TargetVersion.Live ? PermissionType.CanReadData : PermissionType.CanImportData
By implementing this change, the access to PIT release in data plugin would be restricted to those people how can anyhow deal with PIT release, as in transfer service the required permission is also CanImportData for importing PIT data or managing PIT release including retrieving PIT information. At the same time, it would be less complicated than to introduce a new permission type."