-
Notifications
You must be signed in to change notification settings - Fork 4
Future
AnnotationInstances maintain a relationship with SystemUsers indicating the creator of the annotation. There is not yet any support in the service layer or the brat interface to manage multiple annotators - e.g. to only list annotations of a particular user or to compare annotations from multiple users. This functionality should be integrated with efforts to manage multiple system users along with authentication and access permissions (see below)
###Multiple system users with authentication and permission management Currently, all APIs expose functionality without restrictions to any user that is able to reach the API endpoints. We need a way of keeping track of system users and assigning access permissions to them that are checked with every API request. Since DiscourseDB is part of LearnSphere, DataShop would be an ideal permission provider and InCommon/Google Auth a good authentication provider. The permission granularity in DataShop is on the project level, which would not be sufficient for DiscourseDB. The granularity should at least be on the dataset level. This could be implemented with Spring Security. Examples for integrating Spring Data with Spring Security can be found here
More details here
An even better approach would be a domain object level permission system in order to validate permissions on a per-object basis. One way of doing this would be with Spring Security Domain ACLs. However, it needs to be evaluated how DataShop could be used as a permission provider in this case.
Importing large amounts of data often takes a very long time with the current way data converters are written. It should be evaluated if other approaches are more reasonable when large datasets are involved. For instance, Spring XD is, among others, a unified, distributed, and extensible system for data ingestion. This could greatly improve the import performance but requires all converters to be rewritten. Spring XD is based on Spring Batch, which could also be reviewed with respect to how batch processing could benefit certain aspects of DiscourseDB (e.g. analytics components)
The annotation system in DiscourseDB is very flexible and makes no assumptions about the types of annotations that can be stored. In a practical environment, we most likely would like to know about the structure of the annotations employed in a particular instance of DiscourseDB. This could be achieved with an external type system which informs the user of available or possible annotations on a particular dataset and which can be used for integrity checks (are there annotations that are not defined in the schema? are all annotations valid?)