-
-
Notifications
You must be signed in to change notification settings - Fork 38
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create public demo of UI #220
Comments
This is great, Pat. I like how this help frames the discussion. Just a quick correction: it was @weatherpattern and I that had the chat, not Rob. |
Thanks for your enthusiasm and love the feelings you have about the project! I think I share all of them. I recognize having something like this would help augment our limited resources and feature flags would be helpful ongoing. A sticking point is that access to the api, and therefore everything useful (content & diffing), is restricted by login credentials. And how to open that up to the public is the long conversation I was referencing. (What types of users, what types of permissions, do we need login for certain things, etc.) This conversation probably goes beyond our working group as well. So, I'm not sure it would be as easy to change as flipping a bit. |
And just to reiterate, I want this as badly as you do! (I mean I just suggested it a couple days ago) But figuring out how to do this well, at least, I don't have the bandwidth for. We're really trying hard to get our deployment down and also get off Versionista. I would love to revisit this once those are settled. |
Totally. Thanks @lightandluck! I definitely feel where y'all are coming from. I'm equally excited to see action on the horizon as opposed to now :) Without expectation of near-term action, I'll add a few more comments, hopefully building on yours:
No pressure to respond, but pls do feel free to correct any errors above. |
Thanks, Pat, for sparking this convo! I've been thinking about it a lot over the last few days. I agree, all the facts are true. And honestly if it was up to me only I would
|
Can we solve this for now by simply:
There was some back-and-forth a while ago on edgi-govdata-archiving/web-monitoring-db#152 about whether we even want staging to match production (which it currently sort-of does because the scraper sends the same data to both staging and production), and giving up on that and doing this also makes it easy to onboard new contributors — they can just connect to staging with the publicly known credentials. That’s less simple than a version totally lacking in auth requirements, but it’s really low-effort and almost as good (maybe better since development and testing against it will be similar to production — not requiring any auth in a test/dev environment is an easy way to make mistakes about what can be expected once auth is back on in production). /cc @danielballan since he was in the other discussion about staging matching/not matching production. |
Note we’ve had rough agreement that we don’t need to be careful about access to changes more than a month old, so as long as we strip any newer data from its DB and disconnect it from the scraper, we should be a-ok in the “can we make this public” department. |
/cc @gretchengehrke from the analyst team on privacy concerns. |
@Mr0grog I like this idea! And looks like Dan and Patcon gave the thumbs up too. This would also make it a lot easier to show people what we're doing and help recruit volunteers. One thing to flag is that because we've been re-working the annotations, we'll probably want to import data with the settled changes. |
A public demo would be great.
If we open things to the public, even for just a demo, we should determine
if the terms of use docs need to be implemented, and if so, put them in
place.
…On Wed, Aug 29, 2018 at 12:13 PM Kevin Nguyen ***@***.***> wrote:
@Mr0grog <https://github.com/Mr0grog> I like this idea! And looks like
Dan and Patcon gave the thumbs up too.
This would also make it a lot easier to show people what we're doing and
help recruit volunteers.
One thing to flag is that because we've been re-working the annotations,
we'll probably want to import data with the settled changes.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#220 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ABwEVsvAToL8VbczggSP4szf3oFKShSGks5uVr3DgaJpZM4TcHpM>
.
|
Does that apply here, though? I don’t think we should be surfacing analysts’ actual annotations in a public demo site, or at least not any time soon (this was the biggest and [in my view] most reasonable of all the original privacy issues). They certainly shouldn’t be on staging, regardless of private/public concerns. |
I am not sure, it depends on the eventual functionality of the demo. I
raised the question to help ensure it is thought about.
By the way, the clinical produced two versions of the summaries of use, one
including annotations and one without.
…On Thu, Aug 30, 2018 at 3:56 PM Rob Brackett ***@***.***> wrote:
because we've been re-working the annotations, we'll probably want to
import data with the settled changes.
Does that apply here, though? I don’t think we should be surfacing
analysts’ actual annotations in a public demo site, or at least not any
time soon (this was the *biggest* and [in my view] most reasonable of all
the original privacy issues). They certainly shouldn’t be on staging,
regardless of private/public concerns.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#220 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ABwEVpP9eryc3UXBD49rtCSHZHZ6lxekks5uWENegaJpZM4TcHpM>
.
|
Oh, yea, you're right! For some reason, I was thinking that the data input from the scraping was bringing along annotations, but of course that's not happening. Whenever the form gets turned on, it will be usable in the demo? We just won't fill it with real data? |
Well, we won’t fill it with our analyst team’s data. People would still be free to use it however they want, either by putting in meaningless stuff or real analysis. And we’d continue to make the same non-guarantee we do today about staging: everything could be flushed and totally reset at any time and we don’t consider any of its data to be worth preserving. At least that’s my proposal here. That said, I did just think of one thing we probably want to be able to lock down here — imports. |
+1 Rob's proposal |
OK, I’ve turned off live importing of data to staging, so from this point forward, it will cease to receive all the same data that we pull out of Versionista and send to production. That’s probably something we should have done anyway, but it’s also the first step here :) |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed in seven days if no further activity occurs. If it should not be closed, please comment! Thank you for your contributions. |
OK! We now have authorization support in DB, and I’ve created a user on the staging system (public.access@envirodatagov.org) that can only view. What else needs to happen here?
|
Add more explanation to `.env.example` and to the README about how data is managed and stored in the application. Also explain the overall data model and document the public access user on staging (see edgi-govdata-archiving/web-monitoring-ui#220). Fixes #249. Fixes #469.
Add more explanation to `.env.example` and to the README about how data is managed and stored in the application. Also explain the overall data model and document the public access user on staging (see edgi-govdata-archiving/web-monitoring-ui#220). Fixes #249. Fixes #469. Co-Authored-By: Kevin Nguyen <kevin.nguyen@lightandluck.com>
This issue has been automatically marked as stale because it has not had recent activity. It will be closed in seven days if no further activity occurs. If it should not be closed, please comment! Thank you for your contributions. |
Re-ticketed from #219 (comment)
Thanks for your consideration, @lightandluck :)
I hope it's not presumptuous to transpose your and Rob's comments -- into 🔍facts, ❤️feelings, and 💡ideas -- so as to better engage with it.
(Generally, facts are things we all agree to be true. Feelings are subjective, not disputable, and optionally supported by facts. Ideas are ways forward, ideally based on facts & feelings.)
And now my own 🎉
The text was updated successfully, but these errors were encountered: