"Easy Xacml": Preset policies that can be applied from a select list

[rosiel]

The XACML editor is complicated. Many sites have use cases with a limited number of "states" that objects can be in, e.g.:

• object is invisible to everyone except admin and the object's owner
• object is invisible to everyone except logged in users
• metadata is visible to everyone, but OBJ locked down to logged in users or a specific user
• object and all datastreams are visible to the world.

Why not let a technical site admin configure these policies, then have them accessible to apply to each object from a drop-down list?

This would be similar in concept to the Embargo module, which applies a template XACML datastream, only with more configuration available.

[rosiel]

@whikloj pointed out the islandora_restricted module, which does a similar thing, though using a RELS-EXT relationship instead of XACML and for a hard-coded set of states.
https://github.com/discoverygarden/islandora_restricted

[whikloj]

@rosiel we at the U Manitoba use this for a specific collection where you can find the images but can't see them or their metadata without appropriate privileges. It does the job but (as you mention) is not super flexible. (I've made some slight modifications here). If you are interested in it, I can see about getting it released to the community.