Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Use case:

The state will create its question papers on Diksha using the Sourcing portal; Vidyadaan (Prashnavali). Once the question paper is finalized it will be published on the Consumption portal; Diksha with private visibility.

Once the Question paper is created and published(privately), it will be accessed by:

  1. External Applications - The external applications will call

    1. Consumption Search API (Diksha API) to get the list of question papers that are published and are private.

    2. Content read API to get the complete question paper.
      These API request needs to be

      1. Authenticated - who is calling the API is checked

      2. Authorized - The entity calling the API, with the request to access private question paper will receive the Question paper details if they are allowed to, in case of unauthorized access the request should return an error.

  2. Users with administrator role - Users (assessment wing Admins) who are given the authorization to view the private question paper, when they logon on to Diksha, they can view the question paper resources which are private as well.
    Note:
    - Any user (teacher or admin) can be given this authorization. (Typically within the contributing org circle)
    - Not all users involved in question sourcing will have access to the private question paper

Enhancement required:

Access Control at the API level -

  • At present - Diksha has ACL at the frontend level and not at the API level.

  • Required - ACL (Authentication and authorization) at the API level
    Here we have a special use case of a resource question paper that can not be made publicly available.

  • No labels

0 Comments

You are not logged in. Any changes you make will be marked as anonymous. You may want to Log In if you already have an account.