Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] FERPA Protected Data

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] FERPA Protected Data

Chronological Thread 
  • From: "Tom Zeller" <>
  • To: "" <>
  • Cc: "Thomas M Goerger" <>, "Kevin J ORourke" <>
  • Subject: Re: [grouper-users] FERPA Protected Data
  • Date: Thu, 11 Sep 2008 17:13:59 -0500
  • Domainkey-signature: a=rsa-sha1; c=nofws;; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version :content-type:references:x-google-sender-auth; b=Mic4ljAYir4NjyVWElp0gmaAHQxmLefSnmHjnVjEGz4AHGuWeNN1rzVv/Uv62W7Rdt e5PoY+vDwe9i4ytY+Hg5sfWxy6PEtdMfUp8/W0UM0NO2s2QVawytOr5xt23gmOUNZmyc 4LJvbgFNokGZyEOxqVF1vRCDjATHUGWmZO4n4=

Perhaps we could mark subjects as hidden or invisible (based on attribute existence or value) so they are not displayed by the UI, e.g. in subject.don't-display.attr=FERPA or subject.hide.attr=FERPA, subject.hide.value=true. Could be applied to a group (e.g. a course) subject to hide all members, or to particular subjects (e.g. a student who has requested FERPA). Maybe only applicable to specific privileges, e.g. not ADMIN.


On Thu, Sep 11, 2008 at 3:56 PM, Chris Hyzer <> wrote:
I don't remember an open Jira issue about this.  It can sort of be done in 1.4 (coming out in Oct/Nov) with hooks.  You could configure your list or regex of folders (in or some config file) such that if a group is created under it (or edited if you like), that it will unassign the EveryEntity read or list privileges.  If there isn't a better way to do this (anyone?) we could consider a grouper-built-in hook like the group attribute validators... shouldn't be too difficult.

I don't know of a way to add a "type" or some flag to folders, so a sysadmin would need to configure which stems or regexes are private.  If you did a regex (substring), then if your stem name has a certain substring then it would match, or maybe some certain substring in the description.  Another way to flag is making a 'marker' group with no members (e.g. called "school:etc:nonPublicRead"), and if that group has a privilege against a folder, it is "marked".  Doesn't sound ideal...  but just trying to think if it can be done without too large of a change (e.g. stem metadata)


> -----Original Message-----
> From: Thomas M Goerger [mailto:]
> Sent: Thursday, September 11, 2008 4:45 PM
> To:
> Cc: Kevin J ORourke
> Subject: [grouper-users] FERPA Protected Data
> Hi,
> We're running into situations where we'd like to be able to restrict
> the
> ability for group members to see FERPA suppressed entries.  We've just
> turned off the read attribute for now, but this is less than ideal, of
> course.  I'm seeing from list archives that you might have been working
> on
> the ability to see a FERPA flag on a directory, and set suppression on
> this entry according to this flag.  Has there been any progress on
> this,
> or if not, when might something like this be available?
> Thanks,
> ***********************************************************************
> **********
> * Tom Goerger                                  Email/Unix System
> Administrator  *
> *
> *
> * University of Minnesota                      Email:  
> *
> * Operations, Infrastructure and Architecture  Phone:  4-5804
> *
> * Internet Services                            Office: 750 University
> Park Plaza*
> *
> *
> ***********************************************************************
> **********

Archive powered by MHonArc 2.6.16.

Top of Page