Remote access: additional information on web dashboard

[Tom-Willemsen]

As a user working remotely, I would like to be able to monitor my experiment at ISIS.

To do this, I would like the web dashboard to provide more information

Remote access requirements satisfied:

Note: this list is the requirements which I consider possible/reasonable. Each one of these could be implemented separately:

• "View hidden items on the web dashboard, but these items remain hidden from public display"
  • Need some form of access control to distinguish between "the user" and "the public"
• "View the historic values of blocks (e.g. as a graph)"
  • Could link in to a grafana/prometheus based system that @FreddieAkeroyd has investigated, this is available on both SECI and IBEX
• "View experiment details e.g. sample parameters, RB numbers"

Notes

• This solution as a whole probable only applies to IBEX instruments - although the historic values of blocks may be possible to implement for the SECI web dashboard as well.

[John-Holt-Tessella]

Is there any problem in letting anyone in the world have the value of every block for all time? Is that ok or do we need to restrict the people who can see the history of blocks? Do we have to worry about DDoS: getting blocks for all of time sounds like it could be an intensive opperation Is there anything else security wise we should worry about?

[KathrynBaker]

Whilst not likely it is possible to point your blocks at things like titles and user names which then become a GDPR issue, as well as the security issues you mentioned

[Tom-Willemsen]

@John-Holt-Tessella @KathrynBaker I think the block history feature should probably be behind access control (i.e. available to users only, not the public) to mitigate these security/privacy concerns. Doing so would bring us back to the same level of security/privacy that we usually have when users are on-site.

[John-Holt-Tessella]

We could put the whole site behind security, which might be easier than just one or two bits.

[FreddieAkeroyd]

See #5423

[FreddieAkeroyd]

Above PR links to grafana graphs via user office/fed id authentication.

[kjwoodsISIS]

We have now implemented:

1. View historic values of blocks (e.g. as a graph)

We have not (yet) implemented:

1. View hidden items on the web dashboard, but these items remain hidden from public display.
   • there seems to be no real demand for this
   • the requirements are somewhat contradictory
   • other remote working solutions can permit viewing of hidden items without having to implement a complex way of doing it on the web dashboard.
   • suggest we drop this requirement until there is a clear need for it (at which point we can raise a new ticket).
2. View experiment details e.g. sample parameters, RB numbers
   • there is some doubt about the wisdom of doing this via the web dashboard (it might be disclosing too much information)
   • other remote working solutions permit viewing of experiment details without having to make them public on the web dashboard.
   • drop this requirement (a new ticket can be raised in future, if required).

@FreddieAkeroyd - do you agree that there is no more to be done on this ticket (at least for the forseeable future)?