Versions Compared

Old Version 14

changes.mady.by.user ravinder kumar

Saved on

compared with

New Version 15

changes.mady.by.user Anand Parthasarathy

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Business Requirement

...

Business Requirement

Sunbird provides the capability to generate various datasets for reporting purposes. Some of these can be downloaded by users via the UI (the Course progress exhaust, for example), whereas others are used by the Sunbird portal to generate reports and charts, which can then be viewed by users.

There is a need stated requirement for making all such datasets that are generated by SB to be made accessible via APIs. This will permit for these datasets to be pulled via APIs by the adopters, for usage in whatever additional manner they see fit - and enable them to create custom reports/ visualisations visualizations of their own.

Dataset generation Currently, following are the list of Datasets supported within SB currently happens for:

  1. Custom reports such as the course progress exhaust or the user PII data - these are generated by data products that run on a daily/ on-demand basis

  2. Portal based reports and charts - these are datasets generated from Druid, and power the charts shown on the ‘admin dashboard’ of the portal. These are generated based on the frequency of the reports as configured.

  3. Other custom data files such as Consent files and master data files (geo data, for example).

Dataset download considerations:

Sunbird should enable provide an adopter ability to provision for data security - and allow access to datasets based on the nature of the data they contain. Consequently, a dataset that is not considered sensitive may be made available for public access, whereas any sensitive data may require to be protected.

In order to enable different types of access, SB will support configurations that can make the datasets ‘PUBLIC’ or ‘PRIVATE’ - as the adopter may choose - this . The type of access will determine whether a dataset can be accessed publicly using the API without any additional authorisationauthorization, or whether it needs additional approval from admins for access.

...

Current Implementation

  • Currently, Sunbird Observation Obsrv supports Reports Service API to list and access all published reports. However, only metadata of a report is accessible through this the Report Service API. There are associated The data files that contain the detailed data of a given report. These are currently not accessible through API.There is an internal endpoint at the portal backend layer which downloads the respective datasets from the azure reports container. This endpoint is accessible only by the logged in person(session based) having roles (and associated data are not currently accessible through the Report Service API.

  • The Sunbird portal allows access to the configured datasets using the Sunbird portal backend APIs. However, the APIs make use of the authorization through the Sunbird portal’s session logins with the access controls that are controlled by different roles in the Sunbird portal such as REPORT_ADMIN, REPORT_VIEWER , and ORG_ADMIN).

  • Moreover, there is Data isolation is supported by performing a slug or org based validation so that they do not access other tenant’s data.

  • For parameterized reports, respective endpoints are injected based on the logged in user’s context.

  • As part of current implementation datasets cannot be accessed by non logged in person or any third party.

  • Supported parameters the access to a specific tenant’s data is controlled using the user’s login context.

  • The Sunbird user’s login context is used for parameterized reports where the parameters are injected from the user’s login context. The list of supported parameters are:

    • $slug

    • $channel

    • $state

    • $board

Below Diagram diagram explains the High Level Working high level working flow on how the reports are rendered on the Portal Admin Dashboard.

...

  • Roles which exists are supported in Admin Dashboard workflow

    • Report_Admin

    • Report_viewer

    • Super_Admin - REPORT_ADMIN

    • Org_admin

...

  • visibility

    • type - varchar(10)

    • enum - [public, private, protected, parent]

    • Details - Link

  • accessPath

    • type - jsonb

    • Details - Link

  • showOnDashboard

    • type- boolean

    • Description - Whether to show/hide the report on admin dashboard.

...

Current

...

API Structure

...