Versions Compared

Version Old Version 6 New Version 7
Changes made by

Bruce Hoff

Bruce Hoff

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • User's home page (profile) will indicate that user is not verified, and have a link to a wiki that describes why users may want to become verified, and instructions on how to become verified (including for them to email ACT with relevant documents, SynapseAccessandComplianceTeam@synapse.org).
  • User profile will have additional fields (ORCID, anything else?) OR (TODO) there will be a separate page for ACT to see containing verification information like email address and ORCID.
  • Other information will be included in the email.
  • After reviewing information, ACT clicks "Verify Identity" on applicant's home page or (TODO) on special approval page.
  • Synapse stores a snapshot of the user profile (OR (TODO) the VerificationRecord) at the time of verification.
  • User's home page will show if the user has been verified.

...

  • User visits Synapse page for sensitive data.
  • User sees that data is Controlled.
  • User opens dialog, showing text for the access restriction, e.g. "Please become 'verified' (following instructions on your home page), and send a description of how you intend to use this data along with the Synapse ID of this data to SynapseAccessandComplianceTeam@synapse.org".
  • User visits home page.
  • User clicks link "Become Verified" which displays instructions, "Complete your user profile including name, organization and ORCID, then email SynapseAccessandComplianceTeam@synapse.org, including a completed ID verification document." TODO adding ORCID may be separate from editing profile.
  • User completes user profile and emails ACT, including ID verification document and data use statement.
  • ACT receives email.  From the user's Synapse user name (the prefix of the 'from' email address) ACT member determines user's home page.  ACT member can go to https://www.synapse.org/#!PeopleSearch:<username> to quickly find the user's home page.
  • ACT reviews ID verification document and user profile.  TODO:  Should the page be the user profile or a special page constructed for the ACT having specific info?
  • ACT member clicks 'Verify Identity' on user's home page.
  • Synapse captures snapshot of user profile (VerificationRecord, below), records that user is verified, sends notification to user.
  • "Verified" now appears on user's page.  "Verify Identity" changes to "Remove ID Verification."  
  • User receives verification notification.  
  • ACT visits page for sensitive data, clicks "Grant access", finds the user based on their user name, and clicks "OK".
  • User is notified that they are now granted access.

...

- isCertified
- isVerified
- hasSignedTOU
- isACTMember
- isAdmin

- userProfile

- ORCID

 

 

VerificationRecord:

- isCertified
- isVerified
- hasSignedTOU

- first name

- last name

- organization

- email addresses

- ORCID

...