Skip to content

Contract for findItemsWithEdit search method #210

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Contract for findItemsWithEdit search method #210

wants to merge 2 commits into from

Conversation

@ybnd
Copy link
Member

@ybnd ybnd commented Dec 23, 2022

This search method was added in DSpace/DSpace#8616 to support the edit Item modal.

@KoenP KoenP mentioned this pull request Jan 3, 2023
Open
8 tasks
@tdonohue tdonohue self-requested a review January 5, 2023 15:32
abollini
abollini reviewed Jan 19, 2023
View reviewed changes
Copy link
Member

@abollini abollini left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks it almost aligns with other search methods in the collection endpoint, just a small comment to restrict it to authenticated user

tdonohue
tdonohue requested changes Jan 23, 2023
View reviewed changes
Copy link
Member

@tdonohue tdonohue left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ybnd and @KoenP : This looks good overall, but the new endpoint needs to be only available to logged in Users. See @abollini 's comment & mine below.

@ybnd
Copy link
Member Author

ybnd commented Jan 24, 2023

@tdonohue @abollini added the HTTP 401 response, REST PR will be updated soon.

Note that the very similar Collection findSubmitAuthorized* methods aren't limited to authenticated users either. Maybe they should be too?

tdonohue
tdonohue approved these changes Jan 24, 2023
View reviewed changes
Copy link
Member

@tdonohue tdonohue left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 Thanks @ybnd ! This looks good now.

(Regarding the other similar methods, I'd anticipate they likely also should require authentication. So, that would sound like a bug to me, unless there's a documented reason why they are public endpoints. It's likely not a real security issue, since they should always return no permissions for anonymous users, but it does sound like a bug.)

@tdonohue tdonohue added this to the 7.5 milestone Jan 24, 2023
@tdonohue tdonohue removed this from the 7.5 milestone Feb 21, 2023
@tdonohue tdonohue added the work in progress PR is still being worked on & is not currently ready for review label Apr 5, 2023
abollini
abollini approved these changes May 7, 2023
View reviewed changes
Copy link
Member

@abollini abollini left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks @ybnd my feedback as been addressed.
@tdonohue the discussion about the collection endpoint is of course out-of-scope of this PR but I like to anticipate that imho it is not a bug. We have had a use case some year ago where an institution allow anonymous deposit, it may be not supported out-of-box right now but it could be valid. Of course in a such scenario the Institution should have a validation workflow inplace

@github-actions github-actions bot added the merge conflict PR has a merge conflict that needs resolution label Mar 4, 2024
@github-actions
Copy link

github-actions bot commented Mar 4, 2024

Hi @ybnd,
Conflicts have been detected against the base branch.
Please resolve these conflicts as soon as you can. Thanks!

@github-actions github-actions bot removed the merge conflict PR has a merge conflict that needs resolution label May 9, 2024
@tdonohue tdonohue moved this to ❓ Stalled/On Hold in DSpace 10.0 Release May 16, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tdonohue tdonohue tdonohue approved these changes

@abollini abollini abollini approved these changes

Assignees

@ybnd ybnd

Labels

work in progress PR is still being worked on & is not currently ready for review

Projects

DSpace 10.0 Release
Status: ❓ Stalled/On Hold

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ybnd @tdonohue @abollini