Closed authule closed 5 years ago
Technically you can infer the identity of the users looking at timestamps/image data. However, we see no reason to provide functionality you are asking for.
Speaking generally, we have to care about being user friendly, to increase the level of engagement as much as we can, of course within the limits of reason and economy. Speaking more specifically, about this case: the users are particularly interested to access their own data, and they can do it, as you say - one can identify him/herself by timestamps, but this is not user friendly. We need a way to enable an easy API access to own data, or to data of a particularly interesting user picked up just by looking at api.credo.science. So we either 1) provide a tool that does what you say, i.e. finds numerical id for a given user name by investigating timestamps or e.g. 2) export a look-up table with the assignment of the user names to the numerical ids. I do not mind whether it is 1) or 2) or anything else that does the job, although to me 1) does not sound too economical, isn't it? 2) should be immediate. Of course it does not need to be on the web-view, but for those interested in export numerical ids should be somehow accessible. Feel free to ask more if this is not clear enough. Thanks!
@piotrhomola we're still waiting for opinion on what can we do with current "credo terms and conditions". How about we provide each user with his own id? It will be possible to identify own detections.
Enumeration of all users available for everyone might be slightly dangerous and hard to implement. Lets say we get request to remove all data associated with particular user.
Re credo terms and conditions: I've thought I've answered this question already, Krzysztof was asking. Basically we do nothing until we have an agreement between the involved parties on how to handle data, Marek promised to find time to dis uss this issue at the end of the month. Or if you have a proposal already now that would be even better :)
Re enumaration: to know own id is fine but not enough. Imagine a user sees very interesting data collected by someone else and he/she wants to analyze it. We should provide a friendly way of accesing this data. I'm completely fine if you propose a way avoiding enumeration, the only thing we need is to be able to extract data via API in a flexible and efficient way, so if we want a specific user, knowing only his user name, we should be able to request the data collected only by this user, we do not need to know the system unique id, I just thought it would be easier but if you say it would be dangerous then let us think of another way. Right now extracting a specific user data is possible but highly inefficient, we have excercised it, we should avoid wasting more time of other users, please help :)
W dniu wtorek, 19 czerwca 2018 Maciej Pawlik notifications@github.com napisał(a):
@piotrhomola https://github.com/piotrhomola we're still waiting for opinion on what can we do with current "credo terms and conditions". How about we provide each user with his own id? It will be possible to identify own detections.
Enumeration of all users available for everyone might be slightly dangerous and hard to implement. Lets say we get request to remove all data associated with particular user.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/credo-science/credo-webapp/issues/34#issuecomment-398411668, or mute the thread https://github.com/notifications/unsubscribe-auth/Ahue6Y0dI_eRqTLllii5ISnnjZbsDou0ks5t-QWngaJpZM4UraSg .
Mapping of user ID
<-> username
can be exported using /api/v2/mapping_export
endpoint.
Documentation: https://github.com/credo-science/credo-webapp/tree/master/credoapiv2#apiv2mapping_export
Hi,
Is it possible to easily associate user_id with the username on the webpage?
Thanks!