11159 Add more information about anonymous access Preview URL; Limit Anon Access to Draft Versions #11164
Conversation
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
| @@ -694,6 +694,9 @@ Creating a Preview URL for your dataset allows you to share your dataset (for vi | |||
| #. Copy the Preview URL which has been created for this dataset and it can now be shared with anyone you wish to have access to view or download files in your unpublished dataset. | |||
|
|
|||
| To disable a Preview URL and to revoke access, follow the same steps as above until step #3 when you return to the popup, click the “Disable Preview URL” button. | |||
|
|
|||
| Before distributing an anonymized Preview URL it is recommended that you view the dataset as a potential user to verify that the metadata available does not reveal authorship, etc. You must first log out of Dataverse then open the dataset via the anonymized Preview URL you plan to distribute. By logging out first, you will be able to view the dataset as it would be seen by the anonymized Preview URL user. It may be necessary for you to further edit your dataset's metadata to remove identifying items before you distribute the anonymized Preview URL. | |||
There was a problem hiding this comment.
| Before distributing an anonymized Preview URL it is recommended that you view the dataset as a potential user to verify that the metadata available does not reveal authorship, etc. You must first log out of Dataverse then open the dataset via the anonymized Preview URL you plan to distribute. By logging out first, you will be able to view the dataset as it would be seen by the anonymized Preview URL user. It may be necessary for you to further edit your dataset's metadata to remove identifying items before you distribute the anonymized Preview URL. | |
| Before distributing an anonymized Preview URL it is recommended that you view the dataset as a potential user to verify that the metadata available does not reveal authorship, etc. You must first log out of Dataverse and then open the dataset via the anonymized Preview URL you plan to distribute. By logging out first, you will be able to view the dataset as it would be seen by the anonymized Preview URL user. It may be necessary for you to further edit your dataset's metadata to remove identifying items before you distribute the anonymized Preview URL. |
I'm suggesting the same change below in the bundle but maybe we can discuss it here. I'm simply adding "and" but perhaps the whole paragraph could be made a bit shorter somehow? In the docs it's fine but in the tooltip (thanks for the screenshot!) it looks a bit big.
I assume we're using a tooltip because we already have a lot of text in the popup and we're trying not to overwhelm the user.
There was a problem hiding this comment.
Right. And that's what Katie suggested and approved
There was a problem hiding this comment.
I definitely take the point of having a lot of info in the tool tip here too. I just think there should be someplace where a user can access the list of fields that are anonymized. A link to somewhere in the guide would be fine.
There was a problem hiding this comment.
As discussed, I removed the tool tip and replaced it with an update to the popup that includes a link to the documentation that includes detailed steps on how to view an anonymous url as a reviewer would see it
| dataset.privateurl.anonymous.description.paragraph.two=The dataset's files are not changed and users of the Anonymous Preview URL will be able to access them. Users of the Anonymous Preview URL will not be able to see the name of the Dataverse that this dataset is in but will be able to see the name of the repository, which might expose the dataset authors' identities. | ||
| dataset.privateurl.anonymous.tooltip.testing=Before distributing an anonymized Preview URL it is recommended that you view the dataset as a potential user to verify that the metadata available does not reveal authorship, etc. You must first log out of Dataverse then open the dataset via the anonymized Preview URL you plan to distribute. By logging out first, you will be able to view the dataset as it would be seen by the anonymized Preview URL user. It may be necessary for you to further edit your dataset's metadata to remove identifying items before you distribute the anonymized Preview URL. |
There was a problem hiding this comment.
| dataset.privateurl.anonymous.tooltip.testing=Before distributing an anonymized Preview URL it is recommended that you view the dataset as a potential user to verify that the metadata available does not reveal authorship, etc. You must first log out of Dataverse then open the dataset via the anonymized Preview URL you plan to distribute. By logging out first, you will be able to view the dataset as it would be seen by the anonymized Preview URL user. It may be necessary for you to further edit your dataset's metadata to remove identifying items before you distribute the anonymized Preview URL. | |
| dataset.privateurl.anonymous.tooltip.testing=Before distributing an anonymized Preview URL it is recommended that you view the dataset as a potential user to verify that the metadata available does not reveal authorship, etc. You must first log out of Dataverse and then open the dataset via the anonymized Preview URL you plan to distribute. By logging out first, you will be able to view the dataset as it would be seen by the anonymized Preview URL user. It may be necessary for you to further edit your dataset's metadata to remove identifying items before you distribute the anonymized Preview URL. |
There was a problem hiding this comment.
Let me think about making this shorter, but Katie is very concerned about someone distributing an anonymized preview that might contain identifying info.
There was a problem hiding this comment.
Before distributing an anonymized Preview URL it is recommended that you view the dataset as a potential user to verify that the metadata available does not reveal authorship, etc. You must first log out of Dataverse then open the dataset via the anonymized Preview URL you plan to distribute. By logging out first, you will be able to view the dataset as it would be seen by the anonymized Preview URL user. It may be necessary for you to further edit your dataset's metadata to remove identifying items before you distribute the anonymized Preview URL.
@pdurbin Just to be clear, in these instructions, we are assuming the user publishes the dataset and then goes back in and looks at it from a user perspective. Reading this, it may be unclear to the user whether they need to publish first and get a copy of the link before logging out. I know, hate being so specific but... This also implies if they want to review it, they are publishing a minor version with any additional anonymization they may need to do?
There was a problem hiding this comment.
What about something like: "To verify that all identifying information has been removed or anonymized, it is recommended that you logout and review the dataset as as it would be seen by an anonymized Preview URL user." I think it could be fine to assume that a user understands the concept of "logging out to review" without having to explicitly talk them through each step and the reasoning behind.
There was a problem hiding this comment.
I'm going to take another pass at this. what I was trying to get across is that the author/depositor should view the dataset via the anonymous url before distributing it. That way they can see what the anonymous reviewer would see and be alerted to any metadata that may reveal authorship, etc.
Co-authored-by: Philip Durbin <philip_durbin@harvard.edu>
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
1 similar comment
This comment has been minimized.
This comment has been minimized.
|
Made some more updates here based on further feedback from. Katie and Sonia. Additionally Sonia requested some redundancy in. the popup and User Guide to emphasize that the dataset must be unpublished and in draft. |
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
sekmiller
changed the title
There was a problem hiding this comment.
I think this is nicer, linking to the guides and having less text in the UI.
Also, I'm glad we're including a fix for #11202.
I haven't done any testing but I think this is looking good. Approved.
Oh, I did leave one comment below. I might be simply mis-remembering how Preview URL work. 😅
| @@ -683,17 +683,26 @@ If you have a Contributor role (can edit metadata, upload files, and edit files, | |||
| Preview URL to Review Unpublished Dataset | |||
| ========================================= | |||
|
|
|||
| Creating a Preview URL for your dataset allows you to share your dataset (for viewing and downloading of files) before it is published to a wide group of individuals who may not have a user account on the Dataverse installation. Anyone you send the Preview URL to will not have to log into the Dataverse installation to view the dataset. | |||
| Creating a Preview URL for a draft version your dataset allows you to share your dataset (for viewing and downloading of files) before it is published to a wide group of individuals who may not have a user account on the Dataverse installation. Anyone you send the Preview URL to will not have to log into the Dataverse installation to view the unpublished dataset. Once a dataset has been published you may continue to use the General Preview URL for future drafts, but the Anonymous Preview URL will no longer be available. | |||
There was a problem hiding this comment.
Interesting. I seem to remember that Preview URLs were deleted on publish but apparently that isn't the case anymore, if it ever was!
There was a problem hiding this comment.
Maybe unclear. Trying to say that you can make a new ":general" preview url for subsequent drafts. Didn't mean to say that the prior one would continue to work. I'll re-word it.
This comment has been minimized.
This comment has been minimized.
|
code looks good, just made some documentation change suggestions. Will merge after doc changes have been reviewed/committed.
|
Co-authored-by: Omer Fahim <mfahim11427@gmail.com>
Co-authored-by: Omer Fahim <mfahim11427@gmail.com>
|
thanks for the review. I completed the suggested changes. |
This comment has been minimized.
This comment has been minimized.
1 similar comment
|
📦 Pushed preview images as 🚢 See on GHCR. Use by referencing with full name as printed above, mind the registry name. |
|
merging PR |
What this PR does / why we need it:
In reviewing the complete list of dataset fields to be withheld from users of the anonymized Preview URL, the curation team suggested that the dataset depositor should have more info available - in particular the names of the metadata fields which will be withheld from the url user and suggestions on how they could test the preview url to make sure that the available Metadata does not reveal the identity of the depositor,
Which issue(s) this PR closes:
Special notes for your reviewer: no functional changes just tool tips and docs as suggested by curation team
Suggestions on how to test this: as a dataset owner in an installation that supports anonymous preview url make sure that the list of withheld metadata fields in the tool tip on the Preview URL popup matches the fields from the setting AnonymizedFieldTypeNames. Also review the proposed document changes.
With respect to 11202 - once you've looked at a dataset via a preview URL with anonymized access navigate over to a published dataset and verify that none of the metadata is "withheld".
Does this PR introduce a user interface change? If mockups are available, please link/include them here:
Is there a release notes update needed for this change?: included
Additional documentation: the note on testing was added to the doc