Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Embargo databases #89

Closed
tsufz opened this issue Aug 7, 2017 · 8 comments
Closed

Embargo databases #89

tsufz opened this issue Aug 7, 2017 · 8 comments

Comments

@tsufz
Copy link
Member

tsufz commented Aug 7, 2017

I could be worth to think about something like embargo databases which are only viewable with tokens or passwords. The idea is that only reviewers or people from a project can access the DB.

@sneumann
Copy link
Member

sneumann commented Aug 8, 2017

I would strongly try to avoid having to create a password system. That would imply to also protect the SVN, include/exclude from searches etc.

A user who has records he or she wants as supplemental information and passed to the reviewers, but not (yet) in MassBank could instead use a record to HTML converter (i.e. exactly the HTML that would be visible in the Browser) and add that to the paper submission.

Additional benefit: Users can preview their records before sending the recdata.zip to the MassBank admins. The SVG is already empedded and should display offline, but the SpecTackle doesn't work yet. You can

wget --mirror --convert-links --adjust-extension --page-requisites --no-parent "https://msbi.ipb-halle.de/MassBank/jsp/RecordDisplay.jsp?id=PB006042&dsn=IPB"

and view the resulting file:///tmp/msbi.ipb-halle.de/MassBank/jsp/RecordDisplay.jsp%3Fid=PB006042&dsn=IPB.html but while the structure is there, the spectrum is not.

@sneumann
Copy link
Member

sneumann commented Aug 8, 2017

This file (it is HTML, but github insists I have to call it *.txt, please save link as *.html)
(+--) Salsolinol Mass Spectrum (2017-08-08 4-37-42 PM).htm.txt
and contains the static SVG of the spectrum generated by SpeckTackle.

It was saved with the chrome extension
https://chrome.google.com/webstore/detail/singlefile/mpiodijhokgodhhofbcjdecpffjipkle https://github.com/gildas-lormeau/SingleFile
but this is not easily scriptable.

@meowcat
Copy link
Contributor

meowcat commented Aug 11, 2017

How hard would it be to run separate instances of MassBank for these cases? The HTML export solution would be a bit limited in terms of comfort and what you can do with it. For my own projects, we have an in-house MassBank instance running that worked well. For projects needing sharing across labs, one could think of a passworded (e.g. .htaccess) instance on an Amazon server or such? (Since IT departments typically make it complicated to open in-house servers to the public.)

@tsufz
Copy link
Member Author

tsufz commented Aug 11, 2017

I will checkout. Should be no problem to run a secondary instance on massbank.eu with a virtual server under massbank.eu/project or so. Needs some adjustment of the installation files and a secondary MariaDB in order to avoid conflicts. I will check on my test server.

@Treutler
Copy link
Contributor

Solution is to create private instances of MassBank. Hence, closing

@tsufz tsufz reopened this Jun 12, 2018
@tsufz
Copy link
Member Author

tsufz commented Jun 12, 2018

This is not solved yet. Just running a server clone is not that what DMZ admins like... New wholes in the FW...

@sneumann
Copy link
Member

Hi, I am afraid that a full-fledged secure user management plus record access management, secure SOAP/REST API implemented inside MassBank is out of scope, hence we closed this.

It should be possible to use some protection on the http(s) layer around a MassBank instance, and create one (set of) docker containers per such protected instance, all on one VM so just one FW ruleset would be required. User management would then be on the basis of some kind of .htaccess or whatever the http server redirecting to the instances supports. Yours, Steffen

@tsufz
Copy link
Member Author

tsufz commented Jun 12, 2018

Sure, a full service is out of scope by now and creates new problems such as user data management which we outsourced to github by now :-). However, the implemenation of additional virtual webservers with .htaccess protection should be feasible. So far, not implemented, I need to in the next days... We may add some tutoral how to do so and then we can close the issue...

@tsufz tsufz closed this as completed Apr 3, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants