Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-27387

Record management - Prevent record changes

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Resolved
    • Priority: Major
    • Resolution: Duplicate
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: BlobManager, Retention

      Description

      Context

      SEC-17a-4 (17 CFR § 240.17a-4 - Records to be preserved by certain exchange members, brokers and dealers.) is a US regulatory related to the records preservation.

      The main areas are related to secured storage, retention management, change and deletion prevention, legal hold, and audit trail.

       

      Prerequisite

      For the record documents storage, we will use Amazon S3 capabilities with a bucket with the following parameters:

      • Versioning turned on
      • Compliance mode turned on
      • No default retention in the bucket (or default retention as 0)

      cf. https://github.com/awsdocs/amazon-s3-developer-guide/blob/master/doc_source/object-lock-overview.md

      cf. https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html

       

      User stories

      • As a broker dealer, I want to guarantee that no one can replace the record reference on the Nuxeo document by using the “replace” feature
      • As a broker dealer, I want to guarantee that no one can change the record by restoring a previous version of the document

       

      Description

      Currently, an administrator can edit a document even when the retention period has not expired:

      • He can edit any metadata
      • He can replace the document
      • He can restore an old version

       

      Improvements:

      • Prevent record change on Nuxeo side for a document under retention and/or legal hold
      • Prevent file content change:
        • A granted user can edit any business metadata, including attachment
        • No one can replace the main content or restore a previous version

        

      Acceptance criteria

      • As a user, I can NOT replace the main file content for a document under retention
      • As an administrator,  I can NOT replace the main file content for a document under retention
      • As a user, I can NOT replace the main file content for a document under a legal hold
      • As an administrator, I can NOT replace the main file content for a document under a legal hold
      • As a user, I can NOT restore a previous version of a document under retention
      • As an administrator, I can NOT restore a previous version of a document under retention
      • As a user, I can NOT restore a previous version of a document under a legal hold
      • As an administrator, I can NOT restore a previous version of a document under a legal hold

       

        Attachments

          Issue Links

          depends on

          New Feature - A new feature of the product, which has yet to be developed. NXP-27435 Record, Retention and Hold low-level implementation

          • Major - Major loss of function.
          • Resolved

          Task - A task that needs to be done. NXP-27692 Integrate Retention addon

          • Major - Major loss of function.
          • Resolved
          duplicates

          Task - A task that needs to be done. NXP-27692 Integrate Retention addon

          • Major - Major loss of function.
          • Resolved

            Activity

              People

              • Assignee:
                jaubenque Julien Aubenque
                Reporter:
                jaubenque Julien Aubenque
                Participants:
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: