Discussion: MD-collected data vs community-collected data #68
Comments
|
I think it will be important later to be able to separate the data collected from the MD from other data if we end up releasing th ecollection app to more people. |
|
I've been thinking about this for an hour or so and I have a couple of questions.
I think the harder question to answer is "How to we restrict app packages based on who's using them?". If we're on-boarding clinical professionals manually, we can just have an obfuscated link for them (a link with ID/Hash values that are hard or impossible to just guess) and a "regular" link for anyone else (testers, random users that stumble on it, etc). We would then only share the obfuscated link with the pros. The actual layout of the data in S3 is dependent on the answer to question 1 but we have a lot of flexibility. Without knowing the answer to question 1 I see two possible ways to isolate the incoming data streams: A multi-bucket strategy: Or a single bucket strategy: I personally think a single bucket strategy is going to reduce complexity and increase flexibility so again without knowing the answer to question 1 I'd suggest that approach. |
Can we not simply request a signedURL for PRO and a different signedURL for others? for example in the openapi, we could simply send a bool true/false depending on who is using it and then use the single bucket strategy? |
Yes at the API level that's fine but you still need to know at the app level what flag(s) to send on the API call to let the backend know what kind of user is inputting the data. I can easily add a |
|
We can definitely create and distribute multiple APKs with different versions and signatures. That's straightforward. Another option could be that MDs must authenticate and other users are not required to. From talking with CJ it sounded like we were going with Auth0 to handle authentication - at that point we can ask MDs to contact us for validation before they're approved. One of the questions that was raised was about API secrets - we can hide credentials, secrets, etc in things like Vault while still being completely open source. That's just one option, and maybe should be a separate discussion from this thread. |
|
@kaeawc Authn is part of the "phase 2" (user-facing app) initiatives. There is additional work involved to get the authn flow right between all the apps and backend so it was decided that the data collection app would be "auth-less". Speed to launch (for the collection app) is critical because product is worried that doctors could soon be too overwhelmed to collect data using the app (which is understandable). I think that having multiple APK's, one specifically for clinical pros and another for everyone else is good enough for the phase 1 collection app. If that sounds good then I can add a new property to the {
"role": "clinical | patient"
}Thoughts? |
|
Ahk, gotcha. In that case the variants idea seems like the best option. |
|
Yeah the auth version sounds great but the variant is much more straight forward so let's go with that. If we see a real use in having built that dataset and that the MD are really keen to help maybe we can have a v2 where the MDs have to auth and verify with us so that they can participate in building the dataset. But that would be for later and if the project worked. Question: is it possible to "kill" the signed url upload for the app later? Let's say we want to collect data only for a certain time using this app, can we make it so it won't upload anymore when we decide we have enough data? |
|
@MalcolmMielle we can disable the API(s) in various ways so that's not a problem. OK so to summarize:
Do we all agree on that method? @YoniSchirris Does this answer your question? |
|
Yes that sounds good! Although maye the role values should be "clinical" and "community" to disctinguish the two cases ? |
|
Sure works for me 😄 |
|
Just to restate Malcolm's comment: Patients won't use this app. This is all for the data collection application. However, the data collected can be done by professional MDs, or by community members :) The above sounds good. Thanks @haggy |
|
@haggy Is the role in the API already :)? I've pulled the latest version but I may be missing it from the doc. |
|
@MalcolmMielle Not yet. Also Im going to change the property name from Property name: I'm going to add that in tonight and I'll let you know when it's done. |
|
New key schema ^^. Local tests are going well so Im going to get this pushed to the sandbox. |
|
FYI @MalcolmMielle Im having some weird issues with the build pipeline. Working through those now. |
|
Ok, should I hold off updating the app yet? I'll wait until you tell me it's ok to update the upload func :). Thanks for the great job |
|
Yea hold off for now. Waiting for GH to fix things on their side. Will post here when released. I'm assuming the app is built against staging? |
|
I usually pull master, compile the dart library and push it to this repo to use in the app. |
|
@MalcolmMielle GH has fixed the issues and CI is back online. Im testing on Sandbox and will deploy to staging soon. |
|
@MalcolmMielle @YoniSchirris Released to staging! Please test and let me know if you run into any issues :D |
|
Will do either tonight or tomorrow! :D |
An issue that popped up since our repo is public, that anyone with the APK can upload data to the DB while putting in fake ground-truth values.
Currently, we have no way of controlling for this.
How can we have a sense of "authentication" without actual authentication?
Ideas:
The text was updated successfully, but these errors were encountered: