Gather requirements for Embargo feature

[val99erie]

Consider adding enforcement for embargoes and leases into blacklight-access_controls.

We could use the embargo enforcement from hydra-access-controls as an example. In hydra-access-controls, the rules for embargo seem to be:

1. A user who has "read" or "discover" access to a record will be denied access to the record if the record is currently under embargo.
2. A user who has "edit" access to a record will still have full access to the record, even if the record is currently under embargo.

blacklight-access_controls doesn't have "edit" access, so the rules will need to be a little different. What should the rules be?

My suggestion is that if a record is currently under embargo, by default no user should have access. Then a developer can add access for some users from within their Blacklight app (for example, give access to admin users or to the author/creator of the record).

Ping @Cam156 for discussion. How does PSU plan to use embargoes, and which user(s) should be able to view an embargoed record?

[val99erie]

Here are some files from hydra-head that we might look at as an example:

• hydra-access-controls/lib/hydra/access_controls_enforcement.rb
• hydra-access-controls/lib/hydra/permissions_solr_document.rb
• hydra-core/app/controllers/concerns/hydra/catalog.rb
• hydra-core/spec/controllers/catalog_controller_spec.rb