...
ACT visits user's page, opens up submission which shows submitted info, email addresses, documentation, date approved and by whom.
ACT reviews and clicks "Rescind Suspend verification."
Users page now shows "Verification rescinded suspended on xx/xx/20xx."
Future: Need TOU AR gated on being certified and verified.
...
- Ability for ACT to "grant access". This command needs to prompt for a user id, and then find an ACT terms of use for the currently shown entity. If successful, then it should create an access approval using this pair.
These are the states that a Verification Submission can take on and the transitions it can make:
Services
| Description | Restrictions | Intended User / Authorization | Notification sent to | URI | Method | Request Parameters | Request Body | Response Body |
|---|---|---|---|---|---|---|---|---|
Request verification.
| Can only request if there isn't already a pending request. Content must match user profile, emails, ORCID in system at the time the request is made. Rejected if required fields are blank. | any authorized user | ACT | /verificationSubmission | POST | -- | VerificationSubmission | VerificationSubmission |
| Get a list of verification submissions. | ACT | -- | /verificationSubmission | GET | limit, offset, userId, state | -- | VerificationSubmissionPaginatedResults | |
| Delete verification request | creator | user who requested verification | /verificationSubmission/{id} | DELETE | reason | -- | -- | |
Approve verification submission
| (Must be in 'submitted' state.) There cannot already be an approved V.S. | ACT | user who requested verification | /verificationSubmission/{id}/approval | PUT | -- | -- | -- |
Reject verification submission
| (Must be in 'submitted' state.) | ACT | user who requested verification | /verificationSubmission/{id}/rejection | PUT | -- | -- | -- |
Suspend verification submission
| (Must be in approved state.) | ACT | user who requested verification | /verificationSubmission/{id}/suspension | PUT | |||
Get UserBundle If not self or ACT then private fields are cleared. | Public | -- | /user/{id}/userBundle | GET | -- | -- | UserBundle | |
| Link the user ID given by an oauth2 provider to a Synapse account. | any authorized user | -- | /oauth2/alias | POST | -- | OAuthValidationRequest | PrincipalAlias | |
| Download attachment from verification submission. | ACT | -- | /file/{id} | GET | fileAssociateType *(required) fileAssociateId (required) redirect (optional) *Note we introduce a new fileAssociateType, "VerificationSubmission". | download URL | ||
| Update UserProfile | If user is verified or there's a submitted verification request then if this request changes the verified fields this will nullify the verification submission. | user who owns the profile | user who owns profile | /userProfile/{id} | PUT | -- | UserProfile | UserProfile |
...