Allow some parts of the UI to be accessible without a password

[sedwards@bbn.com]

Portions of the UI should be accessible without a password.

Mitch and Sarah discussed this and came up with the following plan:

(1) Run two instances of the monitoring UI that use the same codebase but differ by a flag which controls hiding some columns and tabs in the public version:

(a) The public instance shows only public data.

(b) The private instance shows all info available to that user (exactly as we do now).

(2) There is a single "shareable" url which contains something like "public/shared" in it's url. So the full url would be like ​http://gmoc.geni.net/public/shared?...

(a) When you visit that url, the system auto-detects if you are logged in and takes you to the private version if you are, otherwise it takes you to the public version.

[sedwards@bbn.com]

Recording items that should be private in the UI so we can find it later when we do this ticket...

In general, we think there are three levels of privacy:

(1) totally public

(2) available to anyone who is signed in

(3) protected further than that

This list is trying to distinguish between (1) and (2).

Given where we are now, I think the only things we need to worry about being private are personally identifiable info (like contact info).

In that spirit, the following items should be PRIVATE (that is they should require at least a login) ...

The entire page and it's contents for:

• Contacts

The entire page OR everything but names/identifiers for:

• POPs (maybe node count is public?)
• Organizations

The following info:

• Slice page -> Contact column

Example: ​https://gmoc-db.grnoc.iu.edu/protected-openid/index.pl?method=slices&search=tuptymon

• Slice page -> Details link/tab -> Principal Email

Example: ​https://gmoc-db.grnoc.iu.edu/protected-openid/index.pl?method=slice_details;slice=urn%3Apublicid%3AIDN%2Bpgeni.gpolab.bbn.com%2Bslice%2Btuptymon

• Slivers details -> Creator

Example: ​https://gmoc-db.grnoc.iu.edu/protected-openid/index.pl?method=sliver_details;sliver=urn%3Apublicid%3AIDN%2Bpgeni.gpolab.bbn.com%2Bslice%2BIG-EXP-5-exp2%3A6c7cd5a1-4d17-4d60-9117-e1d0bf0d942f

• Resources page -> Details link -> Slices tab -> Contact

Example: ​https://gmoc-db.grnoc.iu.edu/protected-openid/index.pl?method=node_details;node=06%3Ab6%3A00%3A12%3Ae2%3Ab8%3Adc%3A3b

Anything not listed above should be PUBLIC.

In particular, the following items should be completely PUBLIC...

• Aggregates
• SAs
• Circuits

[hdempsey@bbn.com]

This is a fairly conservative view. We have actually already warned people that their emails will be exposed if they are creating/owning slices or slivers. Personally, I don't see any reason for keeping PoPs? and Organizations private either. This list may right, I'm just adding this note because I'm generally in favor of sharing everything except what GENI people tell us they really don't want shared. So far, that has only been personal phone numbers and addresses. Of course so far, there wasn't much being shared either, so we should probably try to get some community input on this if we have the chance.