Versions Compared

Version Old Version 7 New Version 8
Changes made by

Bruce Hoff

Jay Hodgson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • User visits Synapse page for sensitive data.
  • User sees that data is Controlled.
  • User opens dialog, showing text for the access restriction, e.g. "Please become 'verified' (following instructions on your home page), and send a description of how you intend to use this data along with the Synapse ID of this data to SynapseAccessandComplianceTeam@synapse.org".
  • User visits home page.
  • User clicks link "Become Verified" which displays instructions, .  Portal sends you to the Synapse Terms of Use to re-verify oath.  After verification, Portal sends user to wiki that contains instructions... "Complete your user profile including name, organization and ORCID, then email SynapseAccessandComplianceTeam@synapse.org, including a completed ID verification document." TODO adding ORCID may be separate from editing profile.
  • User completes user profile and emails ACT, including ID verification document and data use statement.
  • ACT receives email.  From the user's Synapse user name (the prefix of the 'from' email address) ACT member determines user's home page.  ACT member can go to https://www.synapse.org/#!PeopleSearch:<username> to quickly find the user's home page.
  • ACT reviews ID verification document and user profile.  TODO:  Should the page be the user profile or a special page constructed for the ACT having specific info?
  • ACT member clicks 'Verify Identity' on user's home page.
  • Synapse captures snapshot of user profile (VerificationRecord, below), records that user is verified, sends notification to user.
  • "Verified" now appears on user's page.  "Verify Identity" changes to "Remove ID Verification."  
  • User receives verification notification.  
  • ACT visits page for sensitive data, clicks "Grant access", finds the user based on their user name, and clicks "OK".
  • User is notified that they are now granted access.

...

  • Alert for unverified users with link to new help page (wiki).
  • UI to show user is verified.
  • New ACT place(page) to show VerificationRecord and Verify/"Remove Verified Verification" button
  • Changes to support new profile field(s).
  • Need to verify that a wiki can be created where links are popped up in a new browser window (so that the instructional wiki is a launching point).   Need to support a way to link to current user profile page (special token, like "myself" that pushes the correct url into the browser history).

Entity page:

  • Ability for ACT to "grant access".  This command needs to prompt for a user id, and then find an ACT terms of use for the currently shown entity.  If successful, then it should create an access approval using this pair.

...