search

medizininformatik-initiative / feasibility-backend

Backend of the feasibility-gui.
Apache License 2.0
2 stars 5 forks source link

Save and load query results for saved queries #199

Closed juliangruendner closed 8 months ago

juliangruendner commented 10 months ago

The backend should be extended to allow a user to save up to n queries (n configurable via env var) for use in a project proposal.

When a user saves a query for a project proposal the overall result (sum results across all sites) should be saved. It should only be possible to save a result if the overall result > PRIVACY_THRESHOLD_RESULTS.

When the user then later adds the saved query to the proposal component it should be possible for the proposal component to query the feasibility backend api with a query id to get the overall result for the specifc saved query.

Potentially the /summary-result endpoint could exactly fulfill the requirement without having to change it - please check if this is the case.

Things to implement as part of the issue:

  1. Allow the saving of saved queries with an overall result 1.1 Ensure it can only be saved if overall result > PRIVACY_THRESHOLD_RESULTS 1.2 Implement that only max n queries (n configurable via env var) can be saved per user.
  2. Implement CRUD for the saved queries, so that the UI can be extended to allow the management of the saved queries 2.1. When implementing delete ensure the query itself is not deleted but instead either a flag is added to the query or it is only deleted from saved queries while keeping the track record of all sent queries for the user intact.
  3. Implement an endpoint or make it part of an endpoint to convey the information how many queries the user can still save before having to delete a saved qury
  4. Provide API endpoint for proposal component to get the result for a saved query 4.1 check if the summary-result endpoint will suffice for this purpose
michael-82 commented 10 months ago

After discussing the possible complications and confusion with potentially late or already deleted result numbers, we decided to change this slightly. The total number of results will be provided by the GUI when sending the POST request to save a query. This introduces the possibility of fraudulent result numbers being sent by the GUI with no chance of verifying them in the backend, but since there is no real threat in that and it was decided to accept that.

This change needs to be reflected in the GUI as well (ping @Shayan1375 @thkoehler11 )