Story #3875: Create a dashboard (version 1) for DataONE to provide high level overall system status
Filter the d1-cn-log index based on a public role
The d1-cn-log Solr index currently requires authenticated access, since portions of the log entries are sensitive information. For the d1_dashboard, we need access to the index for various levels of display, both authenticated and public.
pid, ipAddress, userAgent, subject, event, dateLogged and nodeId are the fields exposed through the d1 log api call. Of these, ipAddress, userAgent, and subject are sensitive fields. These fields should only be accessible by a 1) CN subject, 2) owning MN subject, 3) rights owner subject or equivalent identity.
For the first version of the d1_dashboard application, filter Solr queries to provide public access to only the summary information returned by Solr. This requires that queries by the public user
1) should be accepted
2) should have the rows parameter set to 0 despite the input prior to executing the query
3) queries that include facets should redact the ipAddress, userAgent, and subject fields from the facet.field parameter prior to executing the query
This will provide general data on total MN CRUD events per pid.
#1 Updated by Chris Jones over 10 years ago
- Subject changed from Filter the d1-cn-log index based on authenticated role to Filter the d1-cn-log index based on a public role
- Priority changed from Normal to High
- Assignee changed from Skye Roseboom to Robert Waltz
- Description updated (diff)
Assigning to Robert. Skye indicated that Robert would be able to make these changes most efficiently.