Skip to content

Requirements for Production #4

New issue
New issue
Open
Task
Open
Requirements for Production#4
Task
Assignees
aostrowEleonoraPetzold
@geofranzi

Description

@geofranzi
geofranzi
opened on Aug 21, 2025

The tool previously was only used by the data curator; to allow for user usage, some steps & checks are needed to prevent security issues related to data protection and the server.

Problem 1: Permissions

The data statistic API was developed before the introduction of the advanced version opportunities. Once releases are activated, parts of a dataset could still be hidden from a user, but the API only works with the latest version (depending on the existence of the materialized view).

https://github.com/BEXIS2/Core/blob/master/Console/BExIS.Web.Shell/Areas/DIM/BExIS.Modules.Dim.UI/Controllers/API/DataStatisticOutController.cs

  • check if the current permission check would already prevent access ( I am not 100% sure)
    • If yes, return a usable and correct response code from the API
    • If not, add error handling in the API and return with correct HTTP Status codes
  • add Svelte code to handle response codes correctly

Problem 2: Long(er) Response Times

In comparison to curators, users may not wait long enough until the request is done. For bigger datasets, it can take several minutes. As the requests directly go into the database, and they are not bound via NHibernate to a session. (Less overall control on it).

  • give good feedback, something is going on (not sure if already, may not be enough)
  • cache request in the browser the prevent recall after tab changes

If used only with an account less problematic, if also for public data, bots should not be able to trigger too many heavy requests to the database.

  • decide on general visibility

Options

  • Limit dataset size (do not allow big requests from the beginning) to be requested
  • page reload should kill the previous request if still running (running request within the same session, ...but may kill running one in another open tab
  • ???
  • Long-term solution: API caching (cache stats out after each data upload)

Problem 3: Return to big

found in an older todo list, may still be an issue for big float values

  • check if currently solved or not

Considerations for the future:

  • Place on new dataset landing page (hook (via Module) or more directly integrated in Core as an optional Feature to switch on if wanted)
  • alignment with curation tool

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

Task

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions