sat01a
commented
1 year ago Bruce is looking in to this.
Open sat01a opened 1 year ago
sat01a
commented
1 year ago Bruce is looking in to this.
brucehyslop
commented
1 year ago What SDS role does the user have?
In order to access the sensitive data for record https://biocache.ala.org.au/occurrences/6f987032-aa50-4be2-aa5c-0ec34fa4ac96 the user would need ROLE_SDS_WA
Below is the Location data with ROLE_SDS_WA which contains lat to 5 decimal places and long to 6.
peggynewman
commented
1 year ago Thanks for looking at that Bruce, I've got it with that role - I didn't have the WA role and didn't think to check a different state. I thought that ALA admin users were able to see everything. It's better if it's this way though. Can close this.
sughics
commented
1 year ago Thanks for looking at that Bruce, I've got it with that role - I didn't have the WA role and didn't think to check a different state. I thought that ALA admin users were able to see everything. It's better if it's this way though. Can close this.
Reading the contents of Bruce's screenshot above, it looks like the page needs to be in view Club View as well AND have the correct SDS role... Club view AFIK is only available for ROLE_ADMIN users. So people outside of ALA who don't have that admin role probably still can't see it? Is this correct @brucehyslop ?
peggynewman
commented
1 year ago Ah yes, I don't have a spare non-admin user to test that with
brucehyslop
commented
1 year ago The club view in bicache-hub is trigger based on the role defined in the application config property clubRoleForHub, which is ROLE_ADMIN by default.
The sensitive data is returned from biocache-service for authenticated users.
A check of the user role is performed against config sensitiveAccessRoles20 mapping of roles to solr facet query that is used to check if an occurrence record can expose sensitive data.
eg.
ROLE_SDS_ACT: sensitive:"generalised" AND (cl927:"Australian Captial Territory" OR cl927:"Jervis Bay Territory") AND -(dataResourceUid:dr359 OR dataResourceUid:dr571 OR dataResourceUid:dr570)if the occurrence matched this then sensitive data is display.
Currently ROLE_ADMIN does not have access to sensitive data, but does get Club View access via Biocache-hub.
It may be possible to add an extra mapping to biocache-service sensitiveAccessRoles20 to allow return sensitive data properties.
eg.
ROLE_ADMIN: sensitive:"generalised"should allow access to all sensitive data
peggynewman
commented
1 year ago Just for my reference and FYI @TaniaGLaity dr359=Birdlife Birdata dr571=Birdlife First Atlas dr570=Historical Bird Atlas
Sorry Bruce, don't understand this?
Currently ROLE_ADMIN does not have access to sensitive data, but does get Club View access via Biocache-hub.
So ROLE_ADMIN has Club View But Club View can't see sensitive data? I thought the whole point was that ROLE_ADMIN could see sensitive data. Does Club View have a different function?
peggynewman
commented
1 year ago Found another issue around SDS views: the occurrenceRemarks field should be hidden in sensitive views. It looks like in this record, the SDS has wiped the value from the occurrenceRemarks field in the processed value, but the raw value is still publicly exposed. https://biocache.ala.org.au/occurrences/94c43c08-9ea0-4c39-8039-32dbc1f0562e
adam-collins
commented
8 months ago Add occurrenceRemarks as a sensitive field in pipelines and biocache-service
In both biocache-test and biocache, I can't see the correct raw (preprocessed sensitive) values for the location. Concern that people with SDS role acceess to records can't access them.
Same record in biocache and biocache-databox https://biocache-databox.ala.org.au/occurrences/81e82216-7b31-4af1-b840-9a6cbc784d83 https://biocache.ala.org.au/occurrences/6f987032-aa50-4be2-aa5c-0ec34fa4ac96
Reported by @peggynewman (cc: @sughics and @brucehyslop )