Versions Compared

Old Version 21

changes.mady.by.user Kameswararao Bh

Saved on

compared with

New Version 22

changes.mady.by.user Santhosh Vasabhaktula

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Currently, following are the list of Datasets supported within SB:

  1. Druid based Datasets/Reports (created via HE/APIs)

  2. Custom datasets created as data products and configured manually

    1. Ex: VDN reports, WFS, Collection Summary dataset

  3. On-Demand Datasets

Expand
titleExpand for more details

  1. Sunbird Obsrv’s Data Service allows creation of reusable custom datasets and an ability to submit requests for generation of such reports. The datasets that are currently configured are course progress exhausts, the user information exhausts and the assessment response exhaust reports. These reports are are run on preset frequency or on-demand basis.

  2. Sunbird Obsrv’s Report Service allows creation of datasets that can be published as reports and charts that can be viewed from Sunbird Portal’s Admin Dashboard web UI. These reports are generated based on the frequency configured while publishing the report.

  3. Other custom data files such as Consent files and master data files (geo data, for example).

...

Dataset download considerations:

...

In order to enable different types of access, SB will support configurations that can make the datasets ‘PUBLIC’ or ‘PRIVATE’‘PROTECTED’. The type of access will determine whether a dataset can be accessed publicly using the API without any additional authorization, or whether it needs additional approval from admins for to validate the user before providing access.

...

Current Implementation

...

  • Roles which are supported in Admin Dashboard workflow

    • Report_Admin

    • Report_viewerViewer

    • Super_Admin - REPORTINSTANCE_ADMIN

    • Org_admin

Pages

REPORT_ADMIN <SUPER_ADMIN>

State REPORT_ADMIN

REPORT_VIEWER

List Page

  • Can see all Reports.

  • If report is parameterized, can see all the resolved parameterized versions of that report.

  • Can see all live, retired and draft reports

  • Can see reports + parameterized reports from only the resolved parameter value.

  • For Example - if Report is parameterized by state. Then REPORT_ADMIN belonging to Rajasthan can see only the Rajasthan report version, not others.

  • Can see all live, retired and draft reports.

  • Can see datasets tab.

  • Can see only live reports .

Report Detail Page

  • Can Publish, Retire, Add Report/Chart Summaries for all the reports + their parameterized versions.

  • Switch b/w other parameter versions.

  • Can publish, Retire, Add Report/Chart Summaries for that report.

  • Can view only live reports

  • Cannot perform any other action.

...

  • visibility

    • type - varchar(10)

    • enum - [public, private, protected]

    • Details - Link

  • accessPath

    • type - jsonb

    • Details - Link

  • showOnDashboardvisibilityFlags

    • type- booleanjsonb

    • Description - Whether to show/hide the report on admin dashboardspecific pages.

...

Current API Structure

...

path: Endpoint for downloading the dataset file(s) - the path can be both parameterized and non parameterized . Portal backend populates the parameters using logged in user context details and downloads the respective file.

...

Proposed Solution

API to get

...

materialized data Files

There is a need to create API in report service that will provide access to the meta data as well as the report data files that are used to generate the reports in the 'Admin dashboards' page on the Sunbird portal with certain access controls.

...

URL: /report/datasets/get/:reportId?from=<>&to=<>&since=<>

Expand
titleAPI to get

...

materialized data from the dataset

Proposed response structure - to get meta + datasets.

Success Scenario - Status Code 200

Code Block
languagejson
{
    "id": "api.report.read",
    "ver": "string",
    "ts": "timestamp",
    "params": {
      "resmsgid": "string",
      "msgid": "string",
      "status": "success",
      "err": "string",
      "errmsg": "string"
    },
    "responseCode": "OK",
    "result": {
        "metadata": {... similar to above API},
        "datasets": [
            {
                "dataset_id": "dataset_id_1"

...


                "isParameterized": true,
                "parameters": ["$state"],
                "data": {
                    "rj": {
                        "signedUrl": "url"
                    },
                    "tn": {
                        "signedUrl": "url"
                    },
                    "...otherParameters": {
                        "signedUrl": "url"
                    }
                }
            },
            {
                "dataset_id": "dataset_id_2"

...


                "isParameterized": false,
                "parameters": null,
                "data": {
                    "default": {
                        "signedUrl": "url"
                    }
                }
            }

...

]
    }
}

Explanation -

  • If the report dataset file path is parameterized then

    • isParameterized - true

    • parameters - parameter attribute

    • data object will contain all resolved parameter values along with the signed url to download the file

  • Else

    • data object will have default key with the signed url to download the file.


Error Response

Unauthorized Access - Status Code 401

Code Block
languagejson
{
    "id": "api.report.read",
    "ver": "v1",
    "ts": "timestamp",
    "params": {
        "resmsgid": null,
        "msgid": "string",
        "err": "UNAUTHORIZED_USER",
        "status": "UNAUTHORIZED_USER",
        "errmsg": "You are not authorized."
    },
    "responseCode": "UNAUTHORIZED",
    "result": {}
}


Internal Server Error - Status Code - 500

Code Block
languagejson
{
  "id": "api.report.read",
  "ver": "v1",
  "ts": "timestamp",
  "params": {
    "resmsgid": null,
    "msgid": "string",
    "err": "string",
    "status": "SERVER_ERROR",
    "errmsg": "string"
  },
  "responseCode": "SERVER_ERROR",
  "result": {}
}


Invalid Report Id - Status Code 404

Code Block
languagejson
{
  "id": "api.report.read",
  "ver": "1.0.0",
  "params": {
    "resmsgid": "string",
    "msgid": null,
    "status": "failed",
    "err": null,
    "errmsg": "no report found"
  },
  "responseCode": "string",
  "result": {}
}

...

Access Control Spec

  • Controls who can access a report based on certain rules.

  • This can be achieved using two attributes visibility and accessPath.

...

Visibility

Access

public (default)

Accessible by all users. Anyone can discover and consume these Reports.

protected

Accessible only to a limited set of users based on a criteria defined by the access path attribute.

Default can be users user with REPORT_VIEWER role belonging to the same organisation channel or tenant etc.

private

Similar to “protected” - accessible only to a limited set of users defined by the “access path” attributethe creator of the report.

AccessPath

This attribute is applicable for Reports with “protected” or “private” visibility only. This attribute can be used to restrict the access based on or more of the following criteria: organisation, role, group, user id, and location.

AccessPath interface is as follows :-
**Note - All keys are optional. Also very fine grained accessPath may not be required in this case. Replicating the actual schema defined for ActionSets as is and to be re-used for datasets as well.

Code Block
languagejson
interface IAccessPath {
  organisation: Array<string> | string;
  role: Array<string> | string;
  tenant: Array<string> | string;
  channel: Array<string> | string;
  group: Array<string> | string;
  userType: Array<string> | string;
  framework: Array<string> | string;
  isSuperAdmin: Array<string> | string;
  board: Array<string> | string;
  userId: Array<string> | string;
  userLocation: {
    state: Array<string> | string;
    district: Array<string> | string;
    block: Array<string> | string;
  };
  ...anyOtherAttribute: any
}

...

Expand
titleGet Reports List by passing visibility and accessPath

Example of Request payload with visibility and accessPath

Code Block
{
    "request": {
        "filters": {
            "visibility": "privateprotected",
            "accessPath": {
                "organisation": [
                    "ORG_001"
                ],
                "tenant": "tn",
                "role": [
                    "REPORT_ADMIN",
                    "ORG_ADMIN"
                ]
            }
        }
    }
}

Success Response - Status Code 200

Code Block
languagejson
{
  "id": "api.report.list",
  "ver": "1.0.0",
  "params": {
    "resmsgid": "string",
    "msgid": "string",
    "status": "string",
    "err": "string",
    "errmsg": "string"
  },
  "responseCode": "string",
  "result": {
    "reports": [
      {
        ...metadata
      }
    ],
    "count": 1
  }
}

Error Response - Status code 500

Code Block
languagejson
{
  "id": "api.report.list",
  "ver": "v1",
  "ts": "timestamp",
  "params": {
    "resmsgid": null,
    "msgid": "string",
    "err": "string",
    "status": "SERVER_ERROR",
    "errmsg": "string"
  },
  "responseCode": "SERVER_ERROR",
  "result": {}
}

...