Bitstream Security

Status: Completed by @mire, 2009-2.

A bitstream security system will be created to hide certain types of content:
 * 1) embargo for datasets
 * 2) dark copies of article PDFs

Embargo Requirements

 * Embargo is at the level of DSpace items. While an item is under embargo, all of its bitstreams are restricted.
 * Members of a privileged group (e.g., Hidden_Bitstream_Viewers) can view/download bitstreams that are embargoed.
 * Non-members of the privileged group are not able to access embargoed bitstreams in the repository (though they still see the item-level metadata).
 * Metadata is always visible for embargoed items. This applies to search results, item display, and OAI export. (Note: Dryad requires metadata visibility, but it is fine for this to be configurable, to meet the needs of other DSpace users.)
 * For items under embargo, a single metadata field stores the end date of the embargo. The submission system should take responsibility for correctly setting this field (in Dryad, the submission system may automatically calculate this field from other date fields). Once the embargo date has expired, the item should be fully visible to all users.

Dark Content Requirements

 * Dark Content is at the level of DSpace collections. When a collection is designated as having dark content, all items within that collection have all bitstreams restricted.
 * Members of a privileged group (e.g., Hidden_Bitstream_Viewers) can view/download bitstreams that are dark.
 * Non-members of the privileged group are not able to access dark bitstreams in the repository, and are unaware of the existence of the dark bitstreams (though they still see the item-level metadata).
 * Metadata is always visible for hidden items. This applies to search results, item display, and OAI export. (Note: Dryad requires metadata visibility, but it is fine for this to be configurable, to meet the needs of other DSpace users.)