Sensitive data#476

[BobLamarley]

Linked to #476

[mboudet]

Hmm, not fond on writing these questions in the code directly, as various platforms might have various needs (on genouest side, we ask this question on the user registration).

Would be great to have something like for user registration, where the admin can customize the registration form with content in the config file (with the 'registration' key)

[BobLamarley]

Sure, i will parametize the text, in order to come from the config file

[mboudet]

You can refer to the part in the registrer page. On our side, we have something like this in the config file:

{
  "registration": [
    {
     "title": "resources",
     "description": "Computing resources needed",
     "choices": [["cluster_cpu","cluster - CPU"], ["cluster_gpu", "cluster - GPU"], ["containers", "Docker / Singularity"], ["cloud", "cloud"], ["cesgo", "Cesgo"]],
     "multiple": true
    },
    {
    "title": "data",
    "description": "Data storage",
    "choices": [["standard", "Standard quotas (120Gb for home, 250Gb for scratch)"], ["less500G", "< 500Gb"], ["less1T", "< 1 TB"], ["less2T", "< 2TB"], ["more", "More"]],
    "multiple": false
    },
    {
      "title": "ethical",
      "description": "Ethical and legal aspects of your data",
      "choices": [
        [ "public", "Public data", "alert-success", " Data obtained from public repositories, open data. Such data can be easily hosted on our infrastructure"],
        [ "restricted", "Restricted data", "alert-warning", "Patented data, embargoed data, trade secrecy. Hosting is possible, but please keep in mind that it is your responsibility to take all measures to protect this data (Linux access restrictions)"],
        [ "personal", "Personal data", "alert-danger", "Personal data is any information that relates to an individual who can be directly or indirectly identified (e.g. names, email). Only anonymized data can be hosted. Please contact us"],
        [ "sensitive", "Sensitive data", "alert-danger", "Personal data revealing racial or ethnic origin, political or religious opinions, genetic data, health related data. GenOuest is not certified for health data hosting"]
      ],
      "multiple": false,
      "feedback": true
    },
    {
      "title": "removal",
      "description": "What to do with your data when your account or project expires",
      "choices": [["delete", "Delete all"], ["contact", "Contact my supervisor"], ["transfer", "Transfer on a repository"]],
      "multiple": false
    }
  ]

Which translate into this:

[BobLamarley]

I will just add an entry in message.terms_and_conditions_hds with the text

And also add a boolean to activate/deactivate this checkbox in user project creation :

Is it what you thinking ?

[mboudet]

No, I was mostly thinking of a modular system to add some custom questions (including hds stuff, but we might want to add some other stuff, such as services used or whatever)

[BobLamarley]

Can you link me the code where you find this file ?

[BobLamarley]

I've added a parameter terms_and_conditions_hds who can be :

• False, the project creation form will only need project name, description and expiration date filled in order to submit it
• True, the project creation form will also have the checkbox and the submit will only be done when project name, description and expiration date are filled and checkbox checked

[lecorguille]

on genouest side, we ask this question on the user registration

We didn't choose this implementation because for me the question is regarding the data not the user. A user can change his topic at some point.

[mboudet]

on genouest side, we ask this question on the user registration

We didn't choose this implementation because for me the question is regarding the data not the user. A user can change his topic at some point.

I understand. It was more of an example that different platforms have different needs, and thus we need something modular.

[mboudet]

Please add the changes to the changelog, and I'll merge

[BobLamarley]

Thanks :)