[CST-5347] Researcher profile rest contract #180
Conversation
|
@LucaGiamminonni : If possible, could you write up a high level summary of how a Profile is planned to be implemented? I tried to review this PR today, but I came away with a number of high level questions:
Overall, I'm not against the general idea of having a Researcher Profile. But, I need to better understand the proposed high-level design here before I can accurately review this REST Contract. Currently, I see a large amount of overlap with Person Entities in this REST Contract -- and I'm wanting to better understand how these two are related. |
|
Hi @tdonohue,
|
There was a problem hiding this comment.
@LucaGiamminonni : Thanks for your answers to my questions. I've given this a more thorough review now based on the assumptions that this /profile endpoint is really just an easier way to determine which Person Entity (Item) is linked up with a given EPerson. Overall, the idea here is good, but I have a lot of suggested changes, and a few questions inline as well.
If necessary, we also could find time to discuss the design here in a future DevMtg. Just let me know if you feel that'd be appropriate.
|
Hi @tdonohue, thanks for your feedbacks. I have updated the contract, let me know if it is ok for you now. Thanks again. |
profiles.md
Outdated
|
|
||
| Attributes: | ||
| * id: the UUID of the EPerson who owns the profile. This also corresponds to the ID of the profile. | ||
| * visible: indicates whether the profile is public (visible: true) or private (otherwise). If private only |
There was a problem hiding this comment.
Can the visible property be dropped?
Permissions are handled by item resource policies, and having a boolean can make it behave strangely and hard to keep in sync (especially if the resource policies make it neither public or private, but a permission in between (e.g. staff group read)
There was a problem hiding this comment.
I agree with @benbosman 's feedback here. I did also want to add that we do have a concept of a "discoverable" or "non-discoverable" Item as well which is also similar, but that's about whether the Item is indexed or not.
So, I agree this "visible" attribute is a bit confusing after looking at it again. It should likely either be replaced by "discoverable / non-discoverable" or resource policies...we shouldn't be building a different way to access restrict a profile.
There was a problem hiding this comment.
The visible attribute indicates only whether the profile (ie the item that models it) is visible or not to anonymous users. Internally, the visibility of the item is already managed with the resource policies, and in fact this value is true if the Anonymous group has the permissions to read on the anonymous user and false if it does not. A patch in which the visibility is set to true therefore means to add the read policy to the anonymous group while setting the value to false means to remove it.
The posibility to change the profile visibility using this attribute is not strictly necessary for orcid, so if you are not convinced we can also not bring it to dspace. As you prefer.
There was a problem hiding this comment.
@LucaGiamminonni : I'd like to hear @benbosman's thoughts on this as well, but one approach here could be to make it clearer what the "visible" property does. If it's just a quick way to add/remove an Anonymous READ resource policy, then we should say that in the description in this REST Contract. Currently, it implies it does more than that, as it says setting it to "false" makes it Administrator Only (But that's not entirely true, as removing the Anonymous READ policy just means it's no longer available anonymously, but other policies might specify a different permission level than Admin-only)
So, in my opinion...
- Either, we need to fix this REST Contract description to say something like
visible: This property provides a quick way to add/remove the Anonymous READ policy. When set to "true", then the Anonymous READ Policy is added (and the profile becomes accessible to anonymous users). When set to "false", then the Anonymous READ policy is removed (and the profile is no longer accessible anonymously). - Or, we should just remove it entirely and require that you add/remove policies on the Item using the
/api/authz/resourcepoliciesendpoint.
There was a problem hiding this comment.
I would prefer to remove it entirely, but I think the alternative from @tdonohue can work, assuming it's renamed to public and it only adjusts the Anonymous READ policy (while leaving the other policies unchanged)
There was a problem hiding this comment.
I can change the description of the visible attribute but I prefer to keep visible instead of public, even cause "public" is a reserved word.
There was a problem hiding this comment.
@LucaGiamminonni it's good you removed the wording which claims to know who has permissions if not visible.
If we'd have to keep this, I would recommend to further clarify this since this is a very atypical property. This can be done by stating the permissions are unknown if visible=false. It may be accessible to many users, or admins only, or also the EPerson itself (if they're granted READ permissions), …. The only thing that's known is whether there's an Anonymous READ policy without start/end date
| --data ${dspace-url}/api/core/items/cec6ee1b-7730-44da-a224-a7c5af63f821 | ||
| ``` | ||
|
|
||
| ## Hide/unhide a profile |
There was a problem hiding this comment.
Similar as mentioned above, permissions are handled by resource policies
| "name": null, | ||
| "handle": "123456789/511", | ||
| "metadata": { | ||
| "dspace.object.owner": [{ |
There was a problem hiding this comment.
Will it be required to restrict edits to this field from all endpoints?
Wouldn't it also be better to use the UUID in the value, as the value can otherwise deviate from the EPerson name (if the latter is updated)
There was a problem hiding this comment.
No for us it is not necessary to restrict the edit on this metadata. Regarding the value, it contains the name of the eperson and the authority contains the uuid of the eperson itself.
There was a problem hiding this comment.
My questions here are primarily:
- how will it handle issues with
dspace.object.ownernot being valid - how will it handle a change to the eperson's name, will this metadata value be updated as well. I see duplication of names which is hard to keep in sync
There was a problem hiding this comment.
- The dspace.object.owner can be set manually only with the administrative edit; this metadata can therefore be corrupted as can all the others. We don't think specific management is necessary.
- I don't think it's a relevant problem (it is a common situation for all relations via authority). If we really want to manage a possible update we can modify the logic that changes the name of the eperson to also update a possible connected profile.
There was a problem hiding this comment.
@LucaGiamminonni what I'm mainly pointing out here is that you're duplicating the name, and I don't see any reason for it. Unless you have a reason to duplicate the name, I would recommend to use the UUID in the value, which ensures there's no risk in the name being outdated
There was a problem hiding this comment.
@benbosman the eperson name must be on the metadata because it could be shown. There cannot be the id which instead must be used to set the authority.
There was a problem hiding this comment.
@LucaGiamminonni : Overall, this is looking better to me now. I do have a few more minor requests inline below. I think the contract itself is making sense though, and the remaining feedback that I have is all very minor in nature.
There was a problem hiding this comment.
@LucaGiamminonni : I re-reviewed this after submitting my review of DSpace/DSpace#8232 (review) Now that I've seen the code, I think this Contract mostly makes sense. However, I do have a few inline comments below that I've added based on what I saw in the code itself.
|
I changed the contract for:
|
There was a problem hiding this comment.
👍 Thanks @LucaGiamminonni ! All my prior feedback has been addressed. This looks good to me. However, obviously I think we should wait to merge this until we complete the review of the REST API PR, just in case minor changes there affect the contract.
|
Documentation about the ORCID functionalities is available in the DSpace-CRIS technical documentation pp 76-89 of pdf https://github.com/4Science/DSpace/releases/download/dspace-cris-2022.01.01/dspace-cris-2022.01.01.pdf |
There was a problem hiding this comment.
@LucaGiamminonni I've copied the feedback which was not handled yet
The remainder looks ok
profiles.md
Outdated
|
|
||
| Attributes: | ||
| * id: the UUID of the EPerson who owns the profile. This also corresponds to the ID of the profile. | ||
| * visible: this property provides a quick way to add/remove the Anonymous READ policy. When set to "true", then the Anonymous READ Policy is added (and the profile becomes accessible to anonymous users). When set to "false", then the Anonymous READ policy is removed (and the profile is no longer accessible anonymously). |
There was a problem hiding this comment.
It seems my previous feedback is no longer associated with this line, and not very visible anymore
I would recommend to further clarify this since this is a very atypical property. This can be done by stating the permissions are unknown if visible=false. It may be accessible to many users, or admins only, or also the EPerson itself (if they're granted READ permissions), …. The only thing that's known is whether there's an Anonymous READ policy without start/end date
There was a problem hiding this comment.
@benbosman : To resolve this, maybe we add a bit of clarification on the end of the existing description?
So, for example, right after:
When set to "false", then the Anonymous READ policy is removed (and the profile is no longer accessible anonymously).
Maybe we clarify it with:
Keep in mind, this setting only impacts the Anonymous READ policy. So, if other custom READ policies exist on the profile, those policies will take effect when "visible=false".
|
@LucaGiamminonni : Could you add the one minor change to this REST Contract that was suggested above? #180 (comment) This is ready to merge except for that minor change |
|
Hi @tdonohue, I made the minor change. |
|
Thanks @LucaGiamminonni ! This now looks good. I gave approval previously & with this change, @benbosman 's final feedback above has been addressed. Merging this immediately. If we find other small changes are needed they can be done in a separate PR. |
These changes concern the introduction of a rest repository for researcher profiles. It is part of the migration issue of ORCID from cris (DSpace/DSpace#8157).
The researcher profile, modeled as an item of a specific type (such as Person), is associated with a specific ePerson. An ePerson can only have one profile.