Closed ppanero closed 1 month ago
I think we want embargoed records to have published DOIs. Embargoed record metadata is public so there is no risk in sending metadata to DataCite. For our common embargo use case (files under review for a publication) you need the DOI to be registered so editors and reviewers can see that the DOI works.
For records where access is "restricted", I think there is very limited risk in having a reserved DOI. Reserved DOIs don't show up in any public system and aren't even in the handle system. I guess it depends on your level of concern about restricting access to the metadata, since you are putting information on another system. But the access levels do match between restricted
and draft.
The only state change I think we have to worry about is:
restricted
. In this case we'd want to use the private_doi
call to make sure metadata doesn't appear in the DataCite public interface.@tmorrell I see your point about embargoed, thanks. In terms of restricted
... I think I would still not send the metadata out... For Zenodo/similar use cases is Ok I guess. But for medical or more "confidential" repositories it might not be a good idea to shit metadata out... In that case I guess the question is "why have a DOI provider?"... Maybe @lnielsen can clarify on this use case.
Add this test:
@pytest.mark.skip("PIDS-FIXME: re-enable when tackling permissions")
def test_reserve_pid_without_login(
app, location, es_clear, headers, client, minimal_record
):
"""Test the reserve function" without client log in."""
# Create the draft
response = client.post(
"/records", data=json.dumps(minimal_record), headers=headers)
assert response.status_code == 201
recid = response.json['id']
response = client.get(
f"/records/{recid}/draft/pids/doi", headers=headers)
assert response.status_code == 403
Among others, just not in the test suite at the moment...
This issue was automatically marked as stale.
But for medical or more "confidential" repositories it might not be a good idea to shit metadata out... In that case I guess the question is "why have a DOI provider?"... Maybe @lnielsen can clarify on this use case.
People who want a DOI should be aware that the metadata is always public (even CC0?), so if you want your metadata to be hidden, don't get a DOI.
This issue was automatically marked as stale.
People who want a DOI should be aware that the metadata is always public (even CC0?), so if you want your metadata to be hidden, don't get a DOI.
Going the other way round:
Said that... I'm sure I didn't thought through all corner cases.
Additional notes:
This issue was automatically marked as stale.
This issue was automatically marked as stale.
We don't want fully restricted records to register a DOI. If it is only a reserved DOI which is not findable it might be ok.
Discussion from the coffee break at the InvenioRDM workshop with Werner, Nico, Martin, Karolina and Christoph.
Proposed solution:
State changes:
Can someone shortly explain:
"Restricted -> Public (e.g. user changes the setting or embargo expire): No DOI is created automatically."
Why did you decide to not create a DOI in this case?
Will there be a way to create it manually?
+1 on @chriz-uniba comments. Apart from that the rest of the approach seems good and we would like to see that happen at NU. We are willing to lend a hand.
Datacite identify three states for registered metadata:
publish | Triggers a state move from draft or registered to findable register | Triggers a state move from draft to registered hide | Triggers a state move from findable to registered
to Move from published to restricted we can use the "hide" state this will make metadata no longer available and findable via the Public API but they will stay viewable by members! https://support.datacite.org/docs/doi-states
A record might get a DOI reserved when creating a draft. However, then the access rules might change. The use cases are the following:
embargoed
.embargoed
. Can this happen, the record access cannot changed, when published?restricted
Related issues: