-
Notifications
You must be signed in to change notification settings - Fork 82
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Auto-approval for datasets #925
Comments
Very interesting feature @zsaltys! We can start working on ideas and designs directly in this issue. That will help us clarifying the specific tasks |
We can split the work in 2 different tasks: 1. Include "auto-approve" option in Dataset creation and store it as metadataThis list of sub-tasks can be modified with the questions raised below:
Some ideas/questions to start the discussion:
2. Modify share workflow to skip approval process on auto-approved datasetsThis list of sub-tasks can be modified with the questions raised below:
Some ideas/questions to start the discussion:
|
@dlpzx But it is not the solution, if we want to keep 'auto-approval' as a separate property of data set, not connected with confidentiality. May I mark e.g. the 'secret' dataset with auto-approval flag? If not, than it's better be connected to confidantiality. |
To align with the described issue, I propose we make it unrelated to confidentiality levels since confidentiality standards may vary for customers. Rather than a blanket approval for say ‘unofficial/public,' let's introduce a new field (checkbox) for each dataset, enabling auto-approval. Some datasets may be public but the dataset owner may still want to have control over when it should be approved for use. Essentially. we should allow users to mark datasets as auto-approved during dataset creation/import. we store that flag and use it at the time of share request consumption to skip the approval process. Also, this should also retroactively work for already created datasets and the users should able to update metadata and check the auto approve box which would then make that existing dataset auto approved for new shares. Thought? @SofiaSazonova @noah-paige @dlpzx |
Agree with the above - think keeping auto-approve separate from confidentiality may be best Currently confidentiality affects the level of data preview that is allowed but also could be extended in the future to change the immutability/editability of the dataset parameters or similar. I think this new feature of auto-approval can be a separate standalone boolean property of the dataset specific to share requests Nonetheless, I think adding a tooltip or some legend in the UI to make sense of what each confidentiality level means could be a nice enhancement as well as it is not very intuitive to new data.all users as of now |
To not repeat the same, I agree with the above. For simplicity and to make users aware of the "auto-approve" let's keep it a separate feature |
### Feature or Bugfix <!-- please choose --> - Feature ### Detail - AutoApprove property was added to UI and API - If it is True, then the sharing request is approved right after submission ### Relates #925 ### Security Please answer the questions below briefly where applicable, or write `N/A`. Based on [OWASP 10](https://owasp.org/Top10/en/). - Does this PR introduce or modify any input fields or queries - this includes fetching data from storage outside the application (e.g. a database, an S3 bucket)? Yes - Is the input sanitized? No - What precautions are you taking before deserializing the data you consume? Default deserialiser is used - Is injection prevented by parametrizing queries? YES - Have you ensured no `eval` or similar functions are used? N/A - Does this PR introduce any functionality or component that requires authorization? No - How have you ensured it respects the existing AuthN/AuthZ mechanisms? - Are you logging failed auth attempts? - Are you using or adding any cryptographic features? No - Do you use a standard proven implementations? - Are the used keys controlled by the customer? Where are they stored? - Are you introducing any new policies/roles/users? No - Have you used the least-privilege principle? How? By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. --------- Co-authored-by: Sofia Sazonova <sazonova@amazon.co.uk>
Is your feature request related to a problem? Please describe.
Sometimes teams publish public data for which they are happy to give everyone access without any approvals. Having to always request approval just adds unnecessary delays and interrupts the approving team as they have to monitor request emails and approve requests.
Describe the solution you'd like
There should be a simple editable checkbox on the dataset that allows to mark a dataset as auto-approve. If a dataset is marked an auto-approve then after submit is clicked the share should immediately go through without an approve step.
The text was updated successfully, but these errors were encountered: