...
Do you need to compare the info at the time of verification to the info at the current time? Don't need to do it automatically.
Portal changes
Mockups are available here.
On user profile page:
- Alert for unverified users with link to new help page (wiki).
- UI to show user is verified.
- New ACT place(page) to show VerificationBundle and Verify/"Remove Verification" button
- Changes to support new profile field(s). Use UserBundle in both the user profile page and the new ACT page.
- Need to verify that a wiki can be created where links are popped up in a new browser window (so that the instructional wiki is a launching point). Need to support a way to link to current user profile page (special token, like "myself" that pushes the correct url into the browser history).
...
Description | Restrictions | Intended User / Authorization | Notification sent to | URI | Method | Request Parameters | Request Body | Response Body | ||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Request verification.
| Can only request if there isn't already a submitted or approved request. Content must match user profile, emails, ORCID in system at the time the request is made. Rejected if required fields are blank. | any authorized user | ACT | /verificationSubmission | POST | -- | VerificationSubmission | VerificationSubmission | ||||||
Get a list of verification submissions. | ACT | -- | /verificationSubmission | GET | limit, offset, userId, state | -- | VerificationSubmissionPaginatedResults | Delete verification request | creator | |||||
user who requested verification | /verificationSubmission/{id} | DELETE | -- | -- | -- | Change submission state | Allowed state transitions shown in diagram above. | ACT | user who requested verification | /verificationSubmission/{id}/state | POST | -- | VerificationStateVerificationState | -- |
Get UserBundle If not self or ACT then private fields are cleared. | Public | -- | /user/{id}/userBundle | GET | -- | -- | UserBundle | |||||||
Link the user ID given by an oauth2 provider to a Synapse account. | any authorized user | -- | /oauth2/alias | POST | -- | OAuthValidationRequest | PrincipalAlias | |||||||
Unbind an alias from an account. | owner of the alias | /alias/{aliasType}/{aliasName} | DELETE | -- | -- | -- | ||||||||
Download attachment from verification submission. | ACT | -- | /file/{id}?fileAssociateType=VERIFICATION_SUBMISSION&fileAssociateId=999 | GET | fileAssociateType *(required) fileAssociateId (required) redirect (optional) *Note we introduce a new fileAssociateType, "VerificationSubmission". | download URL | ||||||||
Update UserProfile | If user is verified or there's a submitted verification request then if this request changes the verified fields this will nullify the verification submission. | user who owns the profile | user who owns profile | /userProfile/{id} | PUT | -- | UserProfile | UserProfile |
VerificationSubmission:
- id
- userId
- createdOn
- first name
- last name
- organization
- location
- ORCID
- email list
- attachments (fileHandleIds)
- state (one of submitted, approved, rejected, suspended)
- stateHistory
...
- createdBy (only returned if user is in the ACT)
- createdOn
- state (one of submitted, approved, rejected, suspended)
- reason (e.g. UserProfile changed wrt V.S., OR ACT initiated the state change)
UserBundle:
- isCertified
- isVerified
- hasSignedTOU
- isACTMemberisAdmin
- userProfile (public fields for public, private fields for owner)
- ORCID
- verificationSubmission* (the sole submitted or approved submission, if any. Shown only for owner or ACT): if owner or ACT, will be the latest. Otherwise, will only be included if approved and will be scrubbed of private fields.