...
- Ability for ACT to "grant access". This command needs to prompt for a user id, and then find an ACT terms of use for the currently shown entity. If successful, then it should create an access approval using this pair.
Services NOTE THE FOLLOWING NEED TO BE UPDATED
| Description | Intended User / Authorization | Notification sent to | URI | Method | Request Parameters | Request Body | Response Body | ||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Request verification. Can only request if there isn't already a pending request. Content must match user profile, emails, ORCID in system at the time the request is made. Rejected if required fields are blank. | any authorized user | ACT | /verificationSubmission | POST | -- | VerificationSubmission | VerificationSubmission | ||||
| Get a list of pending (not yet approved) verificationsverification submissions. | ACT | -- | /pendingVerificationsverificationSubmission | GET | limit, offset, userId, state | -- | VerificationSubmissionPaginatedResults | ||||
| Get a single verification submission. | ACT | --Delete verification request | creator | user who requested verification | /verificationSubmission/{id} | DELETE | GETreason | -- | -- | VerificationSubmission | Reject verification request |
Approve verification submission (Must be in 'submitted' state.) There cannot already be an approved V.S. | ACT | user who requested verification | /verificationSubmission/{id}/approval | DELETEPUT | reason-- | -- | -- | ||||
| Approve Reject verification submission (Must be in 'submitted' state.) | ACT | user who requested verification | /verificationSubmission/{id}/approvalrejection | PUT | -- | -- | -- | ||||
Suspend verification submission (Must be in approved state.) | ACT | user who requested verification | /verificationSubmission/{id}/suspension | ||||||||
Retract verification (submission must Must be in approved or suspended state.) | ACT | user who requested verification | /verificationSubmission/{id}/retraction | PUT | -- | -- | -- | ||||
Get UserBundle If not self or ACT then private fields are cleared. | Public | -- | /user/{id}/userBundle | GET | -- | -- | UserBundle | ||||
| Link the user ID given by an oauth2 provider to a Synapse account. | any authorized user | -- | /oauth2/alias | POST | -- | OAuthValidationRequest | PrincipalAlias | ||||
| Download attachment from verification submission. | ACT | -- | /verificationSubmission /file/ownerType/{ownerType*}/{id}/ filefileHandleId/{fileHandleId}
*Note we introduce a new ownerType, "VerificationSubmission". | GET | redirect | download URL |
...
- id
- userId
- createdOn
- first name
- last name
- organization ("affiliation"?)
- location
- ORCID
- email list
- attachments (fileHandleIds)
- state (one of submitted, approved, rejected, suspended, retracted)
- verificationApproval
- verificationRetraction
...
- createdBy
- createdOn
- reason
UserBundle:
- isCertified
- isVerified
- hasSignedTOU
- isACTMember
- isAdmin
- userProfile (public fields for public, private fields for owner)
- ORCIDverificationSubmission (the one that's passed the pending state)
...
- verificationState* (submitted, approved, rejected, suspended, retracted, shown only for owner or ACT)
- approvedVerificationSubmission (if any, only show public fields)
'* This is complicated as we have to consider multiple verification submissions to determine the state.