[OTDev] List of all resources and authentication
Nina Jeliazkova nina at acad.bgFri Jun 18 14:07:10 CEST 2010
- Previous message: [OTDev] List of all resources and authentication
- Next message: [OTDev] List of all resources and authentication
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
chung wrote: > Hi Nina, All, > > On Fri, 2010-06-18 at 13:42 +0300, Nina Jeliazkova wrote: > >> Hi Pantelis, All, >> >> chung wrote: >> >>> Hello Nina, >>> I think it would be both more efficient for the server (because it >>> would provide shorter representations) and for the client (to be able to >>> view only the resources to which it has access) if the services return >>> only a URI list of resources at which the client has access. Otherwise >>> the services would have to return very long lists of URIs or even RDF >>> documents. >>> >>> >> IMHO this is better handled by adopting a search functionality - >> e.g.retrieve only objects which comply to certain criteria (user or >> group ownership) and should be independent of AA. >> I am kind of reluctant to the idea of duplicating resource - users >> relationships in services, for the obvious reason one can issue OpenSSO >> call to change this relationship, without ever informing the service. >> Then the service will have outdated information, which will be difficult >> to synchronize. >> > > Well, this is why the services should not store user-related information > hence there is no way to provide such lookup services. How can the > service tell which are the models owned by 'Nina' if there is no Nina in > the Database of the service? > > Would be good if Andreas can find a way to perform such queries via OpenSSO. Another idea is to have separate service(s) for storing users' favorites / bookmarks - this could establish user- resource relationships without pretending these to be "ownership"-like. Something like del.icio.us for models, algorithms, compounds , datasets, etc. In principle, the Ontology service can be used for this as well, if we introduce such "bookmark" property in opentox.owl >> >From OpenSSO side , I am afraid there is no easy way to retrieve list of >> objects of particular type that "belongs" to particular user - Andreas >> am I right? >> >>> However if we decide to return the complete list I think it would be >>> good practice if clients requested only URI lists and not RDFs for the >>> sake of shorter representations. Recall that RDF representations contain >>> all information about the underlying resources, for example if you ask >>> for an RDF/XML representation of all model you can see every model's >>> independent and dependent variables etc. >>> >>> >> It will be valid to have subset of RDF representation, e.g. when >> retrieving datasets , only metadata is retrieved, not all compounds and >> properties. Same could be done for models. >> >> > > Is there any kind of information in the representation of a model which > should be hidden/protected? I think the model representations as they > are now do not have anything about the model itself such as its > equation, coefficients etc... > No, but you have this in PMML / TEXT representation . I would say the current model API is a bit inconsistent, since RDF is actually a metadata of the model, not the model itself. It might be reasonable to introduce additional URIs to retrieve model content, where applicable, e.g. /model/1 retrieves metadata, but /model/1/content retrieves the model itself. Best regards, Nina > >> Even if model variables are retrieved, these are only links, not their >> representation. >> >> Regards, >> Nina >> >>> Best regards, >>> Pantelis >>> >>> >>> -------------------------------------------------- >>> >>> New Book: Teach yourself C in 45 years, Volume I. >>> Special offers for life prisoners ;) >>> >>> >>> On Fri, 2010-06-18 at 12:36 +0300, Nina Jeliazkova wrote: >>> >>> >>>> Hi, >>>> >>>> Good question. The easiest workaround would be to return URIs of all >>>> resources, regardless of the ownership/policy - if the user wants to >>>> retrieve representation of the particular resource, then the >>>> authorisation applies. This will not break protection of confidential >>>> resources, since the client will get only links, not resources >>>> themselves. And this is how typical web page works as well - you can >>>> see the links, but accessing the links might require AA. >>>> >>>> In fact, retrieving list of resources should rely on the policy for the >>>> top level resource (e.g. /model ) , which might have GET allowed for >>>> everybody. >>>> >>>> Best regards, >>>> Nina >>>> >>>> chung wrote: >>>> >>>> >>>>> Hi All, >>>>> If a user needs a list of all models or datasets (either a URI list or >>>>> an RDF document) is the service supposed to return only his resources >>>>> neglecting all other or list all resources to which the user has access? >>>>> >>>>> In the first case I guess some identifier for the user has to be saved >>>>> in the database (e.g. bob at opentox.org). Checking all resources in the >>>>> database for authorization one by one I think is out of the question for >>>>> this would be a bottleneck. Maybe it is worth think about how can the >>>>> client obtain a list of all resources it can access which of course >>>>> might have been created by other users. >>>>> >>>>> Best regards, >>>>> Pantelis >>>>> >>>>> _______________________________________________ >>>>> Development mailing list >>>>> Development at opentox.org >>>>> http://www.opentox.org/mailman/listinfo/development >>>>> >>>>> >>>>> >>>> _______________________________________________ >>>> Development mailing list >>>> Development at opentox.org >>>> http://www.opentox.org/mailman/listinfo/development >>>> >>>> >>>> >>> _______________________________________________ >>> Development mailing list >>> Development at opentox.org >>> http://www.opentox.org/mailman/listinfo/development >>> >>> >> _______________________________________________ >> Development mailing list >> Development at opentox.org >> http://www.opentox.org/mailman/listinfo/development >> >> > >
- Previous message: [OTDev] List of all resources and authentication
- Next message: [OTDev] List of all resources and authentication
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Development mailing list