Bug #13419: User group permissions for Authority Record digital objects don't exist
Authorty record digital objects have broken hyperlink for Master records
|Assignee:||Douglas Cerna||% Done:|
|Target version:||Release 2.7.0|
|Google Code Legacy ID:||Tested version:|
On the Authority Record view template, any digital objects that are linked to it use the path "<base domain URL>/?" for the Master file.
"As an unauthenticated user I can't view the master digital object (correct behaviour), but the Digital object metadata > File name displays as a hyperlink, with an "href" of "http://10.10.10.10/?"."
"The default Read permission of the anonymous group on authority records is Grant. This is what likely protects access to actor related DOs.
But after looking at some of the parts involved:
link creation: [[https://github.com/artefactual/atom/blob/3fd98a458c973d52473c11b00c7076289ddd0182/lib/model/QubitActor.php#L838]]
It looks like we might need to change https://github.com/artefactual/atom/blob/3fd98a458c973d52473c11b00c7076289ddd0182/apps/qubit/modules/digitalobject/actions/metadataComponent.class.php#L67 to:
$this->canAccessMasterFile = sfContext::getInstance()->user->isAuthenticated();