Solution

From the use cases that listed in this document, we list the summary of the solution below:

The ACT has a way to manage requests for datasets under ACTAccessRequirement. We need to support the following:
1. Ability to view Submitted requests for a particular dataset. Allowing the ACT to see all information and quickly decide if the request contains the required information.
2. Ability to approve a request and grant access to all accessors.
3. Ability to reject a request, provide the instructions on how to correct/provide the missing information, and send email to requestor.
The ACT has a way to configure the ACTAccessRequirement to indicate the required information, if the data set requires annual renewal, and if the intended data use statement should be public.
A requestor has a way to create a request, save it, and submit it to ask for access to a dataset under ACTAccessRequirement.
A requestor will be able to correct the old request and submit it after the old submission was rejected. They would not need to type/ provide any correct information that they already provided in the old submission.
A requestor will be able to remove an accessor from his/her approved request. This action takes away the accessor's access to the dataset.
The system automatically sends annual review reminder emails to accessors.
An accessor will be able to provide the required information for the annual review process to keep their access to the dataset.
An accessor will be able to provide the final statement of use when they no longer need to access the controlled data.
The system will automatically remove AccessApproval from users who have not submitted a renewal request within a year for dataset that requires renewal.

We recognize the needs to support #1 - #7 in the first phase. From the ACT, we haven't had users come back to us with a final statement of use, so #8 would have low priority. We are not very strict about removing access, so not sure if #9 is necessary.

Object Models

ACTAccessRequirement
(original fields)
Boolean isCertifiedUserRequired
Boolean isValidatedProfileRequired
Boolean isDUCRequired
String ducTemplateFileHandleId
Boolean isIRBApprovalRequired
Boolean areOtherAttachmentsRequired
Boolean isAnnualReviewRequired
Boolean isIDUPublic

ResearchProject
String id
String accessRequirementId
String institution
String projectLead
String intendedDataUseStatement
~~String ownerId~~
String createdBy
Long createdOn
String modifiedBy
Long modifiedOn

Any user can create a ResearchProject. To create a ResearchProject, the following information are required: accessRequirementId, institution, projectLead, intendedDataUseStatement, ownerId, and createdBy. The following fields: id, createdOn, and modifiedOn are set by the system. A user will not be able to change these values.

After a ResearchProject is created, only the creator can make changes to a ResearchProject. The owner can also change the ownership of a ResearchProject by changing the ownerId value to another userId that has been granted access to the dataset under the same ResearchProject. After taking over the ResearchProject, a user would have the same permissions with the DataAccessRequest's creator.

Request implements RequestInterface
String id
String accessRequirementId
String createdBy
Long createdOn
String researchProjectId
List<String> accessors
String ducFileHandleId
String irbFileHandleId
List<String> attachments
String modifiedBy
Long modifiedOn

Any user can create a Request to a given AccessRequirement. To create a Request, the following fields are required: accessRequirementId, and createdBy. The following fields: id, createdOn, and modifiedOn are set by the system. A user cannot change these values.

Only creator of Request can update, and submit the request. To submit a request, it has to meet the requirements specified in the associated AccessRequirement.

Once a request is submitted, a Submission object is created. While there is an Submission with status SUBMITTED, it's associated Request no longer available for update & submit.

Renewal implements RequestInterface extends Request
String publication
String summaryOfUse

Once a Submission is approved and requestor wants to add/ remove accessors, he/she needs to update the request with a Renewal, given the publication and summaryOfUse in addition to editing the existing information from the original Request.

Submitting a Renewal will also result in a Submission being created with status SUBMITTED.

Submission
String id
String dataAccessRequestId
String submittedBy
Long submittedOn
ResearchProject researchProjectSnapshot
List<String> accessors
Boolean isRenewalSubmission
String ducFileHandleId
String irbFileHandleId
List<String> attachments
String publication
String summaryOfUse
SubmissionState state (SUBMITTED, APPROVED, REJECTED, CANCELED)
String reviewerId
Long reviewedOn
String rejectedReason

Once a Submission is created, it will have state SUBMITTED until a reviewer (ACT member) review and update its status.

After a submission is Rejected and a reason is provided, the submission is closed for modification.

When an ACT member approves a submission, multiple AccessApproval are created for each accessor.

When a requestor adds/removes a user, he/she will also need to update the request and create a new submission. An ACT member will review the new submission and make decision to grant/revoke access to the accessor.

Services

	Action	Intended User	URI	Method	Request Params	Request Body	Response Body
1	~~create a ResearchProject~~	~~Synapse User~~	~~/researchProject~~	~~POST~~		~~ResearchProject~~	~~ResearchProject~~
2	~~retrieve a ResearchProject~~	~~creator~~	~~/accessRequirement/{id}/researchProject~~	~~GET~~			~~ResearchProject~~
3	~~update a ResearchProject~~	~~creator~~	~~/researchProject/{id}~~	~~PUT~~		~~ResearchProject~~	~~ResearchProject~~
4	~~transfer ownership of a ResearchProject~~	~~creator, ACT~~	~~/researchProject/{id}/updateOwner~~	~~PUT~~		~~ChangeOwnershipRequest~~	~~ResearchProject~~
	create or update Research Project	Synapse User	/researchProject	POST		ResearchProject	ResearchProject
	get ResearchProject for update	creator	/accessRequirement/{id}/researchProjectForUpdate	GET			ResearchProject
5	~~create a DataAccessRequest~~	~~Synapse User~~	~~/dataAccessRequest~~	~~POST~~		~~DataAccessRequest~~	~~DataAccessRequest~~
6	~~retrieve the current DataAccessRequest~~	~~creator, ResearchProject's owner~~	~~/accessRequirement/{id}/dataAccessRequest~~	~~GET~~			~~DataAccessRequestInterface~~
7	asking the server for a suitable request object to start with	creator	/accessRequirement/{id}/dataAccessRequestForUpdate	GET			RequestInterface
8	~~update a DataAccessRequest~~	~~creator, ResearchProject's owner~~	~~/dataAccessRequest/{id}~~	~~PUT~~		~~DataAccessRequestInterface~~	~~DataAccessRequestInterface~~
	create or update Request	Synapse User	/dataAccessRequest	POST		RequestInterface	RequestInterface
9	submit a Request	creator, ~~ResearchProject's owner~~	/dataAccessRequest/{id}/submission	POST	etag		SubmissionStatus
10	~~retrieve the latest DataAccessSubmission's status~~	~~requestor, ResearchProject's owner, accessors~~	~~/accessRequirement/{id}/submissionStatus~~	~~GET~~			~~DataAccessSubmissionStatus~~
11	cancel a Submission	requestor, ~~ResearchProject's owner~~	/dataAccessSubmission/{id}/cancellation	PUT			SubmissionStatus
12	update a Submission	ACT	/dataAccessSubmission/{id}	PUT		SubmissionStateChangeRequest	SubmissionStatus
13	retrieve a list of Submission	ACT	/accessRequirement/{id}/submissions	GET	nextPageToken, order (SubmissionOrder), filter (SubmissionState), asc		SubmissionPage
14	~~retrieve a list of Approval Status for a given list of AccessRequirement~~	~~SynapseUser~~	~~/accessApprovalStatus~~	~~POST~~		~~AccessApprovalStatusRequest~~	~~AccessApprovalStatusResults~~
15	~~retrieve restriction info for a given entity~~	~~Synapse user~~	~~entity/{id}/restrictionInformation~~	~~GET~~			~~RestrictionInformation~~
	retrieve restriction information	Synapse user	/restrictionInformation	POST		RestrictionInformationRequest	RestrictionInformationResponse
16	retrieve access requirement status	Synapse user	/accessRequirement/{id}/status	GET			AccessRequirementStatus
17	retrieve info about open submissions	ACT	/dataAccessSubmission/openSubmissions	GET	nextPageToken		OpenSubmissionPage
18	~~retrieve approval info for users~~	~~ACT~~	~~/accessApproval/batch~~	~~POST~~		~~BatchAccessApprovalRequest~~	~~BatchAccessApprovalResult~~

BatchAccessApprovalRequest

List<String> userIds

String accessRequirementId

BatchAccessApprovalResult
List<AccessApprovalResult> results

AccessApprovalResult
String userId
String accessRequirementId
Boolean hasAccessApproval

OpenSubmissionPage
List<OpenSubmission> openSubmissionList
String nextPageToken

OpenSubmission
String accessRequirementId
Long numberOfOpenSubmissions

ACTAccessRequirementStatus implements AccessRequirementStatus
String accessRequirementId
Boolean isApproved
SubmissionStatus current submissionStatus

SubmissionStatus
String submittedBy
String submissionId
SubmissionState state
String rejectedReason
Long reviewedOn

SubmissionStateChangeRequest
String submissionId
SubmissionState newState (only APPROVED and REJECTED are valid)
String rejectedReason

RestrictionInformationRequest
String objectId
RestrictableObjectType objectType

RestrictionInformationResponse
RestrictionLevel restrictionLevel (OPEN, RESTRICTED_BY_TERMS_OF_USE, CONTROLLED_BY_ACT)
boolean hasUnmet

TermsOfUseAccessRequirementStatus implements AccessRequirementStatus
String accessRequirementId
boolean isApproved

Notification

Condition

Target User

Notes

1

After a new submission is created

ACT member

Includes link to a page that manages the dataset's access requests

2

After a submission is approved

Requestor

Includes link to view request

3

After a submission is rejected

Requestor

Includes reason

Includes link to create a new request from the rejected one

May Summary

By May 2017, we have completed #1-4, #7 & #8 under Solution. We have implemented all APIs listed under Services. The feature is under alpha in stack-180.

From user's feedback, we still need to provide the following:

Need notifications for ACT when there is a new submission - may only get 1-2 requests a week for old dataset.
Revoking access - when user is removed in an updated request, revoke user access. System should send a message to the people removed (Amy to help with messaging).
Bundle submission together (like Brian suggested) to see latest + history. May be able to work around if we have ability to sort by institution, and filter by Submitted By.
RENEWAL SUPPORT. ACT currently manually revokes user access. We need to help support the existing process in the new system, or automate it. To help support, they need ability to filter by the date granted access, and ability to get the list of emails. Alternatively, system could automatically send out emails at specific reminder dates, and auto-revoke access after expiration.

As a path moving forward, we decided that when we bring the feature out of alpha, an ACT member can continue managing access outside of Synapse, or switch to use the new system. To be able to achieve this, SWC needs to know if an ACTAccessRequirement was configured to use Synapse to keep track of Submission.

After a discussion, we conclude on:

Making AccessRequirement version-able.
An access approval grants a user access to a specific access requirement version.
On download, if a user have access approval for any version of the access requirement, the user meets the conditions specified by that access requirement.
A new API need to be added to retrieve a version of an access requirement.
Retrieving restriction information API needs to be generic (taking an ID and subject type instead of being specific for entity only)
A submission points to a particular access requirement version.
Retrieving Access Requirement Status always include information about whether or not a user have met the conditions specified by the access requirement regardless of version.