Versions Compared

Old Version 44

changes.mady.by.user Bruce Hoff

Saved on

compared with

New Version Current

changes.mady.by.user Bruce Hoff

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Background

Update:  The API has been extended to apply to Evaluations as well as Entities.

Update:  The API has been extended to apply to Teams.  See Teams

Update:  We allow updating of Access Requirements by the ACT.  We allow Access Requirements to apply to Folders as well as Files.   Entities inherit any access restrictions applies to Folders which contain them.

Update:  We add inheritance of access requirements:  Each entity inherits the access requirements of its ancestors (e.g. the Folder(s) containing a given File).


IRB-approved versions of all of the 'data access documents' :

...

Code Block
CREATE TABLE `ACCESS_REQUIREMENT` (
  `ID` bigint(20) NOT NULL AUTO_INCREMENT,
  `ETAG` bigint(20) NOT NULL,
  `CREATED_BY` bigint(20) NOT NULL,
  `CREATED_ON` bigint(20) NOT NULL,
  `MODIFIED_BY` bigint(20) NOT NULL,
  `MODIFIED_ON` bigint(20) NOT NULL,
  `NODE_ID` bigint(20) NOT NULL,
  `ACCESS_TYPE` varchar(256) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL,
  `ENTITY_TYPE` varchar(256) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL,
  `SERIALIZED_ENTITY` mediumblob
 )

CREATE TABLE `NODE_ACCESS_REQUIREMENT` (
  `NODE_ID` bigint(20) NOT NULL,
  `REQUIREMENT_ID` bigint(20) NOT NULL,
  PRIMARY KEY (`NODE_ID`, `REQUIREMENT_ID`)
)  

CREATE TABLE `EVALAUTION_ACCESS_REQUIREMENT` (
  `EVALUATION_ID` bigint(20) NOT NULL,
  `REQUIREMENT_ID` bigint(20) NOT NULL,
  PRIMARY KEY (`NODE_ID`, `REQUIREMENT_ID`)
)
Code Block
CREATE TABLE `ACCESS_APPROVAL` (
  `ID` bigint(20) NOT NULL AUTO_INCREMENT,
  `ETAG` bigint(20) NOT NULL,
  `CREATED_BY` bigint(20) NOT NULL,
  `CREATED_ON` bigint(20) NOT NULL,
  `MODIFIED_BY` bigint(20) NOT NULL,
  `MODIFIED_ON` bigint(20) NOT NULL,
  `REQUIREMENT_ID` bigint(20) NOT NULL,
  `ACCESSOR_ID`  bigint(20) NOT NULL,
  `ENTITY_TYPE` varchar(256) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL,
  `SERIALIZED_ENTITY` mediumblob
)

...

We introduce JSON schemas for the generic interfaces AccessApproval and AccessRequirement, and schemas for specific types, TermsOfUseAccessRequirement, TermsOfUseAccessApproval (for tier 2 data), ACTAccessRequirement, and ACTAccessApproval (for tier 3 data).

Services

actionuriHTTP methodSchema
ActionURIMethodRequest BodyAuthorization
create AccessRequirement/accessRequirementPOSTextension of AccessRequirement.jsonACT membership; anyone with create or update
create 'lock' Access Requirement/entity/{id}/lockAccessRequirementPOSTN/ACREATE or UPDATE access to the entity(ies) covered by the AccessRequirement*
read paginated list of all AccessRequirement objects for an entity.  This includes both requirements applied directly to the entity and those applied to its ancestors./entity/{entityId}/accessRequirementGETVariableContentPaginatedResults<AccessRequirement>ALL
retrieve read paginated list of all AccessRequirement objects for an evaluation/evaluation/{evaluationId}/accessRequirementGETVariableContentPaginatedResults<AccessRequirement>ALL
read paginated list of all AccessRequirement objects for a team/team/{teamId}/accessRequirementGETVariableContentPaginatedResults<AccessRequirement>ALL
Retrieve paginated list of unfufilled access requirements (of type DOWNLOAD) for an entity.  This includes both requirements applied directly to the entity and those applied to its ancestors./entity/{entityId}/accessRequirementUnfulfilledGETVariableContentPaginatedResults<AccessRequirement>ALL
Retrieve paginated list of unfufilled access requirements (of type DOWNLOAD or PARTICIPATE) for an evaluation./evaluation/{evaluationId}/accessRequirementUnfulfilledGETVariableContentPaginatedResults<AccessRequirement>ALL
Retrieve paginated list of unfufilled access requirements (of type DOWNLOAD or PARTICIPATE) for a Team./team/{teamId}/accessRequirementUnfulfilledGETVariableContentPaginatedResults<AccessRequirement>ALL
update AccessRequirement/accessRequirement/{accessRqmtId}PUTextension of AccessRequirement.jsonACT membership
delete AccessRequirement (along with all approvals granted for the requirement)/accessRequirement/{accessRqmtId}DELETE----ACT membership
create AccessApproval/accessApprovalPOSTTermsOfUseAccessApprovalextension of SelfSignAccessApproval.jsonALL
   ACTAccessApproval.jsonACT membership
read Read all AccessApproval objects for a given entity.  This includes the approvals both for the access requirements applied directly to the entity and those applies to the entity's ancestors./entity/{entityId}/accessApprovalGETVariableContentPaginatedResults<AccessApproval>ACT membership
read all AccessApproval objects for a given evaluation/evaluation/{evaluationId}/accessApprovalGETVariableContentPaginatedResults<AccessApproval>ACT membership
read all AccessApproval objects for a given team/team/{teamId}/accessApprovalGETVariableContentPaginatedResults<AccessApproval>ACT membership
delete AccessApproval/accessApproval/{accessApprovalid}DELETE--

ACT membershi

 

...

membership

 

Web UI

When a user clicks Download on the page for a Data object having a Terms of Use access requirement, they are presented with a dialog showing the text from the access requirement, as shown below.  If they accept the terms, then an access approval is created and the Download link is presented.

...