The overall intent of this policy is datastream hiding, meaning that raw datastreams must not be accessible to anyone except very privileged users, but service-mediated disseminations are accessible by a broader audience. The key point is that students can access disseminations of the object, but not the raw datastreams. This is might typically be done in cases where lesser privleged users are given a derivation of the main datastream, or a lesser quality view, or a less complete view of the raw datastream content. Given that an object is of a certain content model (in this case UVA_STD_IMAGE), this policy will DENY datastream access to users who do NOT have the ROLE of 'administrator' or 'professor.' It will also DENY dissemination access to users who do NOT have the ROLE of 'student,' 'administrator,' or 'professor.' UVA_STD_IMAGE urn:fedora:names:fedora:2.1:action:id-getDatastreamDissemination urn:fedora:names:fedora:2.1:action:id-getDissemination UVA_STD_IMAGE urn:fedora:names:fedora:2.1:action:id-getDatastreamDissemination administrator professor UVA_STD_IMAGE urn:fedora:names:fedora:2.1:action:id-getDissemination student administrator professor