Closed KyndallH closed 2 years ago
See also:
https://github.com/ArctosDB/arctos/issues/3561
https://github.com/ArctosDB/arctos/issues/2616
https://github.com/ArctosDB/arctos/issues/2577
And some others I'm sure.
This is a common request, I don't quite know how to do it. Requests would need to somehow pull from one node (which contains encumbered data) for "your" records, and another (which contains only public data) for other records, somehow allow edit access only to "yours," etc. None of that seems technically implausible, but I think it's significant development. Maybe a more API-centric approach (https://github.com/ArctosDB/arctos/issues/2745) will open up possibilities.
I think we should consult with PG experts, maybe as part of TACC audit? or even a specific consultation for issues potentially impacted by or on VPD
Some outside consultation would be extremely useful, but I'm not sure database folks will have what we're looking for - RLS in PG is pretty straightforward, defining or using (or maybe something I haven't even thought of) is where I think the complexity lies.
I definitely won't say "no" to any consultation, even if it ultimately doesn't lead where we hoped!
Backing WAY up and thinking hard about how (perhaps even if) we cache, what the default Arctos UI looks like, whether the public and curatorial UIs share any code, etc., seems the ideal place to start this conversation, but that may also be more than we can handle at the moment.
Treat this the same way we do agents. You can see that other colls have records associated with the project, but you will only see details for those that you have edit access for.
A realistic possibility:
So for example from projects a user could query as themselves to find records they can control, or select (via some widget somewhere in the page) a different user to see what the public sees without ending their operator session.
Issue Documentation is http://handbook.arctosdb.org/how_to/How-to-Use-Issues-in-Arctos.html
Is your feature request related to a problem? Please describe. I shouldn't be getting LESS information when I'm logged in than when I'm not logged in.
I shouldn't have to check everything to see if there is more information if I'm not logged in. If the public can see it, I should be able to see it when I'm logged in.
Describe what you're trying to accomplish
There are several places where this occurs. Currently, I ran into this issue when viewing projects.
When I'm viewing projects as a logged in Arctos user, all I see is me.
Yet, if I open an incognito window and view as the public would - there is much more information!
Describe the solution you'd like Fancy computer code.
Describe alternatives you've considered Open EVERYTHING I do in Arctos in an Incognito window to double check I'm not missing something.
Priority Today, middle of the road.