Closed harrisj closed 8 years ago
For ATO purposes, I think the important thing is showing the system architecture, e.g. what are the technical components (databases, external APIs), authentication/authorization layers, etc.) Does that make sense?
Yes, I am going to do that as well, thank you for the reminder!
I should note that I'm trying to do a version of this one that was done for Micropurchase https://github.com/18F/micropurchase/issues/93
If you are going to have HTTP Basic Auth in front of the system, that should be represented. Maybe some endpoint-specific info would be helpful (what happens to the data when I submit?, where do I get directed after I submit?)
Also, what is the "admin flow" (how do I create a survey?)
To take a survey, a user must first enter some basic HTTP Authentication credentials (these are shared across all users and would not identify a single user). The credentials are just there to limit access to 18F employees and/or potential hires. The user would also need to know the exact URL of the survey they are invited to take (there is no root-level directory of surveys).
Once the user submits a survey, the complete response is used only to increment counters for various fields and a full record of the survey is not retained. The user is redirected to a screen thanking them for their participation.
Surveys are implemented as YAML configuration files within the config/surveys
directory of the application (here is a sample survey included in the repo). Surveys do not need to be – and probably should not be – checked into the repo.
config/surveys
) must be deployed to production. This limits the ability to create/edit surveys on the system only to the lead developer or anybody else with deploy access to the specific space. If the survey is named SURVEY_NAME.yml
, the new survey form is accessible at /surveys/SURVEY_NAME
inactive
– meaning that it no longer accepts responses – the developer has to edit a field in the survey's YAML configuration to be active: false
and redeploy the survey.To allow admin users to retrieve the count, the system also supports a JSON endpoint for each survey at /surveys/SURVEY_NAME.json
. This is secured with a different HTTP Authentication password than the one used by survey takers that should only be used by personnel and scripts authorized to download the JSON.
While it is the goal to eventually make the JSON for each survey public, this should not be done by copying the JSON to a static file (perhaps on S3) rather than serving it directly from the application
Does each survey create its own set of tables?
No. There is only one table with four columns:
So if I had a survey of ice cream flavors it might look like this.
survey | key | value | count |
---|---|---|---|
ice-cream | flavor | chocolate | 23 |
ice-cream | flavor | vanilla | 8 |
Okay, I have updated the system flow architecture diagram to be less confusing about the DB tables
Much clearer!
This is now part of https://github.com/18F/cg-compliance/pull/33
Is this PDF showing how it works compared to a traditional survey enough?