search

UtrechtUniversity / yoda

A system for reliable, long-term storing and archiving large amounts of research data during all stages of a study.
https://utrechtuniversity.github.io/yoda/
GNU General Public License v3.0
46 stars 27 forks source link

[FEATURE] Group provenance information #469

Open ll4strw opened 2 months ago

ll4strw commented 2 months ago

Yoda v1.9.0

This is probably related to #44, #413, and #468.

Any research-<group_name> member can insert arbitrary provenance information to a research group collection, see below image

In particular, by adding/modifying metadata with org_action_log attribute and value which format is different than yoda's expected format '["<timestamp>", "<action>", "<actor_email>"]' will produce a 500 error, which will result in the impossibility to read a folder provenance info for any other user.

Could maybe attribute org_action_log be protected? Alternatively, yoda should ignore any formats she does not know when parsing that attribute value so that it does not produce a 500 error.

stsnel commented 1 month ago

Thanks for the issue report. This is indeed a specific case of the general problem described in #44. We'll be able to fix the root cause of this issue when/after Yoda 2.0 is released. I've assigned this issue to the Yoda 2.0 version milestone for now.