3 18 2024 Tech Team Report - QualitativeDataRepository/TechnicalTeam GitHub Wiki
3-18-2024
Logged Tasks
| Date | Task | Hours (Main) | Hours (EOLS) | Hours (PII) | Hours (QDAS) |
|---|---|---|---|---|---|
| 27-Feb-2024 | Fix logic for checking for account conflicts, investigate where to add Drupal/Dataverse accounts upon reg. | 3 | |||
| 28-Feb-2024 | Add code to create Drupal account as of registration and to add a builtin Dataverse account at the same time, add user key param for sso module, test. | 2 | 3 | ||
| 29-Feb-2024 | Test social account creation, investigate not requiring email from ORCID, HEAL - add diagram to slides, review text. | 1 | 4 | ||
| 1-Mar-2024 | Add metadatablock/script slide/send to CIMMYT, initial support for no email ORCID | 3 | |||
| 5-Mar-2024 | Restart annorep server on prod, investigate failure | 1 | |||
| 7-Mar-2024 | Install HEAL metadata block on stage, prod, test adding metadata, QDR/HEAL talk, prep & follow-up | 2 | |||
| 11-Mar-2024 | Investigate/fix indexing issue on prod - updated solr schema.xml to include HEAL block, meeting, review Drupal security notices (no issues). | 2 | |||
| 12-Mar-2024 | Investigate/report annorep server failure due to search issue, update code to provide clearer message. Update/merge open guestbook-related PRs, fix flyway conflict. | 2 | |||
| 13-Mar-2024 | Investigate/fix timing issue for ARServer re: search, update to Java 17, fix stage and prod ARServer setup/logging/deploy new 0.0.6 server version, Update Drupal core, sitemap, drush on dev. | 2 | |||
| 14-Mar-2024 | Investigate AR client 400 error re: json not type object, investigate/remove failed update-current-version in dev - possibly related to privateUrl?, start testing SSO w/new ids. | 3 | |||
| 15-Mar-2024 | nginx - use static robots on stage, turn off auto-account gen for social, investigate using keycloak api, service accounts, change invalid login msg to mention registration, clear old accounts for testing, check stage outage (no log msgs), upload new HEAL block to github. | 6 |
Operations
- Restart AnnoRep server on prod, investigate failures in server and client calls
- Install HEAL metadata block on stage, prod
- Add HEAL fields to prod solr schema, restart solr
- Change stage Drupal nginx to use static block-all robots.txt
SSO
- Fix account conflict logic
- Add Drupal account as of completing registration form
- Add Dataverse account as of completing registration form, add 'built-in user key' param to Drupal SSO module to support this
- Check that ORCID account creation works for no-email case
- Try disallowing new account creation from social login - see tradeoffs in discussion
- Investigate use of Keycloak API as a way to unlink social accounts when email changes - to support users changing their email rather than asking an admin (not yet fully successful)
- Clear testing accounts on dev (not always having the current db entries)
Drupal
- Check security warnings - none applicable
- Update Drupal core, sitemap, drush on dev
Dataverse
- Update open guestbook-related PRs
- Investigate failure of update-current-version on dev - possibly due to PrivateUrl, cleaned up bad test dataset
HEAL
- Add HEAL metadata block to github
- Add HEAL endpoint in stage Keycloak
- Give HEAL-related talk at DCM 2024
AnnoRep
- Switch server to use file api rather than search (which is now async and can return no hits immediately after an upload)
- Update server to Java 17
- Investigate logging issues
- Deploy new server on stage, prod
Discussion
- AnnoRep client - next steps?
- AnnoRep server - no logging on restart
- SSO - How should it work?
- Can you create new accounts with Social logins (as happens now), which adds the ORCID/Google ID as the account name (opaque, not like local account names), or force initial registration? Allowing use of email instead of account name for login makes accounts with ID as account name easier if using both social and normal login. Requiring reg form first means a password has to be created, even if social login is the only login desired and must use ORCID as account name for ORCID w/o email case.
Plans
- Continue working on authentication issue #43(non-email account id, MFA, etc.)
- Work on metadata issue #44 (more metadata to DataCite, etc.)
- Fix Stata-14 ingest by allowing file inspection during direct upload or adjusting the Stata ingester.
- Fix #113 if possible
- Matomo - investigate event-level tracking via tag manager, remove non-working google scripts
- AnnoRep - explore round-trip, configure auto-start and log rotation
- Ops
- check missing globalidcreationdates and fix via /modifyRegistration or alternative
- Dataverse
- Make PR for guestbook adding datasetversion fix
- Popup info accessibility - IQSS likes the recommendations from the source I linked to, so this can be implemented along those lines.
- QDAS Previewer
- Updates per request
- Investigate writing aux file/previewing lower-sensitivity version and/or other write options
- TBD: FRDR Security