...
https://docs.google.com/presentation/d/1SKSzfWaOBAPdN87ivTXnLxV3ItuY7VoWANcXWeglxN0/edit?usp=sharing
Additional Requirements/Suggestions (from March 3 meeting):
- need a 'batch mode' to allow a list of email addresses to be specified
- forget the fname, lname fields
- if a given email is already an alias in Synapse, invisibly convert into a membership invitation
- after some expiration date, using the invitation-link should generate a membership invitation request
Client Responsibilities
The client is responsible for the sequence:
...
The client must ensure Synapse is logged out before the sequence begins.
Services
| URI | Request Method | Request Param's | Request Body | Response Body | Description | Authority |
|---|---|---|---|---|---|---|
| /userPrecursor | POST | email, fname, lname, invitation message | ID, token | Create a user precursor for the given email address. Sends email to invited user. 400 response if email has been used before. | authenticated users | |
| /userPrecursor | GET | limit, offset | PaginatedResults of precursor | Returns all precursors created by the user. (Ordered by creation time stamp?) | Precursor creator. | |
| /userPrecursor/{id} | GET | -- | -- | ID, token, principalID (or null), email, fname, lname | Precursor creator. | |
| /userPrecursor/{id} | DELETE | -- | -- | -- | Delete user precursor. 403 status if precursor is already bound to an entity. | Precursor creator. |
/userPrecursor/{id}/principal Q: Is this the best URI? | POST | token | -- | -- | Bind a precursor to the principal of the currently authenticated user. Any entity access records for the precursor become ACL records. | Authenticated users. |
| /userPrecursor/{id}/access/entity | POST | -- | entity ID, access type | ? | Adds the given access type to the given entity to the given precursor. 403 status if precursor is already bound to an entity. | CHANGE_PERMISSION access to the entity. |
| /userPrecursor/{id}/access/entity/{entityId} | DELETE | -- | -- | -- | Remove all access to the given entity for the given precursor. 403 status if precursor is already bound to an entity. | CHANGE_PERMISSION access to the entity. |
| /userPrecursor/{id}/openInvitation | GET | teamId, limit, offset | -- | PaginatedResults<MembershipInvitation> | Get a paginated list of all the open membership invitations extended to a user, optionally filtering by teamId. | PUBLIC |
Note: The MembershipInvtnSubmission object is extended to accept either a principal ID or a precursor ID. So all the CRUD operations on this object now support user precursors.
TODO:
Database
...
Tables:
table columns: ID, token, first, last, email, principalId (initially null)
USER_PRECURSOR
- ID
- TOKEN
- PRINCIPAL_ID (can be null)
- USER_PROFILE
ACL_PRECURSOR
- ID
- ACL_ID
- USER_PRECURSOR_ID
ACL_PRECURSOR_ACCESS_TYPE
- ID
- ACL_PRECURSOR_ID
- ACCESS_TYPE