...
- Ability for ACT to "grant access". This command needs to prompt for a user id, and then find an ACT terms of use for the currently shown entity. If successful, then it should create an access approval using this pair.
Services
| Description | Restrictions | Intended User / Authorization | Notification sent to | URI | Method | Request Parameters | Request Body | Response Body |
|---|---|---|---|---|---|---|---|---|
Request verification.
| Can only request if there isn't already a pending request. Content must match user profile, emails, ORCID in system at the time the request is made. Rejected if required fields are blank. | any authorized user | ACT | /verificationSubmission | POST | -- | VerificationSubmission | VerificationSubmission |
| Get a list of verification submissions. | ACT | -- | /verificationSubmission | GET | limit, offset, userId, state | -- | VerificationSubmissionPaginatedResults | |
| Delete verification request | creator | user who requested verification | /verificationSubmission/{id} | DELETE | reason | -- | -- | |
Approve verification submission
| (Must be in 'submitted' state.) There cannot already be an approved V.S. | ACT | user who requested verification | /verificationSubmission/{id}/approval | PUT | -- | -- | -- |
Reject verification submission
| (Must be in 'submitted' state.) | ACT | user who requested verification | /verificationSubmission/{id}/rejection | PUT | -- | -- | -- |
Suspend verification submission
| (Must be in approved state.) | ACT | user who requested verification | /verificationSubmission/{id}/suspension | ||||
Retract verification
| (Must be in approved or suspended state.) | ACT | user who requested verification | /verificationSubmission/{id}/retraction | PUT | -- | -- | -- |
Get UserBundle If not self or ACT then private fields are cleared. | Public | -- | /user/{id}/userBundle | GET | -- | -- | UserBundle | |
| Link the user ID given by an oauth2 provider to a Synapse account. | any authorized user | -- | /oauth2/alias | POST | -- | OAuthValidationRequest | PrincipalAlias | |
| Download attachment from verification submission. | ACT | -- | /file/ownerType/{ownerType*}/{id}/fileHandleId/{fileHandleId}
*Note we introduce a new ownerType, "VerificationSubmission". | GET | redirect | download URL | ||
| Update UserProfile | If user is verified then cannot change verified fields. | user who owns the profile | -- | /userProfile/{id} | PUT | -- | UserProfile | UserProfile |
VerificationSubmission:
- id
- userId
- createdOn
- first name
- last name
- organization ("affiliation"?)
- location
- ORCID
- email list
- attachments (fileHandleIds)
- state (one of submitted, approved, rejected, suspended, retracted)
- verificationApproval
- verificationRetraction
...