New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Embargo databases #89
Comments
I would strongly try to avoid having to create a password system. That would imply to also protect the SVN, include/exclude from searches etc. A user who has records he or she wants as supplemental information and passed to the reviewers, but not (yet) in MassBank could instead use a record to HTML converter (i.e. exactly the HTML that would be visible in the Browser) and add that to the paper submission. Additional benefit: Users can preview their records before sending the recdata.zip to the MassBank admins. The SVG is already empedded and should display offline, but the SpecTackle doesn't work yet. You can
and view the resulting file:///tmp/msbi.ipb-halle.de/MassBank/jsp/RecordDisplay.jsp%3Fid=PB006042&dsn=IPB.html but while the structure is there, the spectrum is not. |
This file (it is HTML, but github insists I have to call it *.txt, please save link as *.html) It was saved with the chrome extension |
How hard would it be to run separate instances of MassBank for these cases? The HTML export solution would be a bit limited in terms of comfort and what you can do with it. For my own projects, we have an in-house MassBank instance running that worked well. For projects needing sharing across labs, one could think of a passworded (e.g. .htaccess) instance on an Amazon server or such? (Since IT departments typically make it complicated to open in-house servers to the public.) |
I will checkout. Should be no problem to run a secondary instance on massbank.eu with a virtual server under massbank.eu/project or so. Needs some adjustment of the installation files and a secondary MariaDB in order to avoid conflicts. I will check on my test server. |
Solution is to create private instances of MassBank. Hence, closing |
This is not solved yet. Just running a server clone is not that what DMZ admins like... New wholes in the FW... |
Hi, I am afraid that a full-fledged secure user management plus record access management, secure SOAP/REST API implemented inside MassBank is out of scope, hence we closed this. It should be possible to use some protection on the http(s) layer around a MassBank instance, and create one (set of) docker containers per such protected instance, all on one VM so just one FW ruleset would be required. User management would then be on the basis of some kind of .htaccess or whatever the http server redirecting to the instances supports. Yours, Steffen |
Sure, a full service is out of scope by now and creates new problems such as user data management which we outsourced to github by now :-). However, the implemenation of additional virtual webservers with .htaccess protection should be feasible. So far, not implemented, I need to in the next days... We may add some tutoral how to do so and then we can close the issue... |
I could be worth to think about something like embargo databases which are only viewable with tokens or passwords. The idea is that only reviewers or people from a project can access the DB.
The text was updated successfully, but these errors were encountered: