DocDB API

We need to write an API that an use the underlying CRUD REST API that rest-dcc implements to add users to the DocDB database. We never delete a user from the DCC author table, so the API only needs to add.

Managing Users

To make life simpler, we will create a new extended type in COmanage which will map to the user's ID in the DocDB database. To do this, create a new extended type names DccDocDBID and use it to add a sequential identifier assignment, as shown below.

We will then set DocDB's Author/AuthorID = RemoteUser/RemoteUserID = EmailUser/EmailUserID = COmanage's DccDocDBID to keep things simple.

Managing Security Groups

We will use the COGroup to map users to the DocDB SecurityGroup. The COGroup name can map directly to the SecurityGroup/Name since this does not contain spaces.

Managing Institutions

We can't guarantee that a user enters anything sensible in their institutional organization field. InCommon doesn't require this to be released as an attribute, and users from the same place might use different name variants (e.g. Syracuse University, SU, Syracuse, etc.)

To get around this, we will create an Attribute Enumeration for Organization (CO Person Role) with specific organization names that map to Institution/LongName in the DocDB database, with a catch-all "Cosmic Explorer Consortium" institution. We will ask users for their organizational institution, but not use it. The COmanage admin can then manually create new attribute enumerations based on these and assign users to CO Person Organizations.

DocDB Tables

The relevant tables in the DocDB database are:

Author

[
  {
    "AuthorID": 1,
    "FirstName": "Duncan",
    "MiddleInitials": null,
    "LastName": "Brown",
    "InstitutionID": 50,
    "Active": 1,
    "TimeStamp": "2019-01-30T08:00:00.000Z",
    "AuthorAbbr": "dabrown",
    "FullAuthorName": "Duncan Brown"
  }
]

RemoteUser

[
  {
    "RemoteUserID": 1,
    "RemoteUserName": "dabrown@syr.edu",
    "EmailUserID": 1,
    "EmailAddress": "dabrown@syr.edu"
  }
]

EmailUser

[
  {
    "EmailUserID": 1,
    "Username": "dabrown",
    "Password": "",
    "Name": "Duncan Brown",
    "EmailAddress": "dabrown@syr.edu",
    "PreferHTML": 0,
    "TimeStamp": "2019-01-30T08:00:00.000Z",
    "CanSign": 1,
    "Verified": 1,
    "AuthorID": 1,
    "EmployeeNumber": 1
  }
]

UsersGroup

[
  {
    "UsersGroupID": 1,
    "EmailUserID": 1,
    "GroupID": 45,
    "TimeStamp": "2019-01-30T08:00:00.000Z"
  }
]

SecurityGroup

[
  {
    "GroupID": 1,
    "Name": "Public_Pending",
    "Description": "Public Pending",
    "TimeStamp": "2009-05-07T17:10:29.000Z",
    "CanCreate": 0,
    "CanAdminister": 0,
    "CanView": 1,
    "CanConfig": 0,
    "DisplayInList": "0"
  },
  {
    "GroupID": 45,
    "Name": "docdbadm",
    "Description": "DocDB Administrators",
    "TimeStamp": "2017-01-24T03:07:09.000Z",
    "CanCreate": 1,
    "CanAdminister": 1,
    "CanView": 1,
    "CanConfig": 1,
    "DisplayInList": "0"
  },
  {
    "GroupID": 3,
    "Name": "docdbrw",
    "Description": "Create and View Documents",
    "TimeStamp": "2008-11-21T18:58:19.000Z",
    "CanCreate": 1,
    "CanAdminister": null,
    "CanView": 1,
    "CanConfig": 0,
    "DisplayInList": "0"
  },
  {
    "GroupID": 4,
    "Name": "LSC",
    "Description": "LSC member",
    "TimeStamp": "2008-12-11T00:33:52.000Z",
    "CanCreate": 1,
    "CanAdminister": 0,
    "CanView": 1,
    "CanConfig": 0,
    "DisplayInList": "1"
  },
  {
    "GroupID": 11,
    "Name": "Lab_Management",
    "Description": "Laboratory Management",
    "TimeStamp": "2008-10-27T19:22:21.000Z",
    "CanCreate": 1,
    "CanAdminister": 0,
    "CanView": 1,
    "CanConfig": 0,
    "DisplayInList": "1"
  }
]

Institution

[
  {
    "InstitutionID": 33,
    "ShortName": "LO",
    "LongName": "LIGO - Hanford Observatory",
    "TimeStamp": "2008-10-24T22:45:12.000Z"
  }
]

duncan-brown / comanage-registry

RestDccProvisioner API to create DocDB users #2