Skip to main content

Notice

We are in the process of rolling out a soft launch of the RDA website, which includes a new member platform. Existing RDA members PLEASE REACTIVATE YOUR ACCOUNT using this link: https://rda-login.wicketcloud.com/users/confirmation. Visitors may encounter functionality issues with group pages, navigation, missing content, broken links, etc. As you explore the new site, please provide your feedback using the UserSnap tool on the bottom right corner of each page. Thank you for your understanding and support as we work through all issues as quickly as possible. Stay updated about upcoming features and functionalities: https://www.rd-alliance.org/rda-web-platform-upcoming-features-and-functionalities/

Who We Are
What We Do
What We Work On
Get Involved
Events
RDA Groups
News & Media

Re: Re: [exposing-plans] Exposing maDMPs – repository prototype

  • Creator
    Discussion
  • September 7, 2020 at 5:29 pm #69902

    A S
    Member

    > Hello Tomasz,
    > Thank you for the opportunity to see this new development in the maDMP field, quite nice.
    > I have one question for now : does the search also include/operate on the hidden fields ?
    > Best wishes,
    > Paulette.
    Hi,
    Currently it doesn’t search the hidden fields. Since they are supposed to be completely hidden to any users other than the creator, we removed them from the elasticsearch search index before indexing. Otherwise, it would be possible to extract potentially sensitive information (text fragments) by querying the search index word-by-word or sentence-by-sentence and observing the search results.
    However, it would not be that hard to implement. We could either use elasticsearch field-level security to grant access to certain fields or create a separate search index including the hidden fields and manage authentication by passing it through the spring backend (currently the frontend directly queries the elasticsearch server).
    Kind regards,
    Alex Selzer & Lucas Berent
    Hi,
    Currently it doesn’t search the hidden fields. Since they are supposed to be completely hidden to any users other than the creator, we removed them from the elasticsearch search index before indexing. Otherwise, it would be possible to extract potentially sensitive information (text fragments) by querying the search index word-by-word or sentence-by-sentence and observing the search results.
    However, it would not be that hard to implement. We could either use elasticsearch field-level security to grant access to certain fields or create a separate search index including the hidden fields and manage authentication by passing it through the spring backend (currently the frontend directly queries the elasticsearch server).
    Kind regards,
    Alex Selzer & Lucas Berent

  • Creator
    Discussion
  • Author
    Replies
  • September 9, 2020 at 7:49 am #90323

    Paulette Lieby
    Member

    Good morning all,
    Sorry for the late answer. Oh yes I completely agree re search on hidden
    fields: this is why I asked the question –I think I didn’t see a
    mention of this fact, that’s all. I should have phrased the question
    differently maybe…
    But many thanks.
    Best wishes,
    Paulette.

  • Author
    Replies

Log in to reply.