CERN-Solid code investigation - Meeting with the Indico developers

Thursday 15 Oct 2020, 15:00 → 16:00 Europe/Zurich

Maria Dimou (CERN)

This is a brainstorming between:

Maria Dimou - CERN-Solid collaboration manager

Michiel de Jong - Solid developer

Pedro Ferreira - Indico project leader

Adrian Moennich - Indico chief developer

Jan Schill - MSc student

The purpose of this meeting is to discuss point 3 of Jan's project, namely give some inside info of the Indico code, structure, philosophy, update methods and advice on how to:

1. develop a PoC (Proof of Concept) of the Indico registration form module, in which registration data belongs to the user and not to Indico. Especially useful, given that, in certain events, people may be asked, for instance, to send a scan of their ID, a kind of information one wishes to keep control of and be able to erase.
2. enrich Indico meeting pages with some kind of Solid-based content, such as comments. Such data should better not be kept in Indico and not very critical for continuous availability. The advantage of this development is that it could be tested non-intrusively.

Zoom link to connect to this meeting

Adrian, Jan, Maria, Michiel, Pedro discussing Jan's MSc project HERE

For Jan to do for Point 3:

1. Clone the Indico repo - HERE.
2. Study the set-up guide for developers HERE.
3. Create a Conference Indico event in (Jan's) own Indico instance to understand the Registration workflow. Relevant doc section for end users HERE.
4. Start registering and study the current Indico model for storing personal data.
   1. Note that there is versioning at the field level as some fields get updated between registration and the actual event.

Tackling the "Comments in user's pod" first:

• If comments are "public", implementation is easier because issues of Authorisation to see the comments won't need to be handled.
• Follow the https://disqus.com/ scenario (demo page HERE).
• Link the Solid ID to the Indico ID. Solid generates a token that is used when interfacing with other applications.
• https://solidcommunity.net/ can be the Solid ID provider.
• The Solid Authentication client, in .js, runs on the client side.

Tackling the "Registration form" module expansion to keep user's personal data out of Indico:

• Accept that users login to Indico with a Solid ID. Then their personal data can be stored in their own pod.

About point 4 in Jan's project, namely:

comparing the Solid approach with the design principles adopted by the relevant CERN applications

Pedro said that some of Indico data, e.g. material attached to an event, must be kept centrally for archiving purposes and data integrity, they can't be left to Solid and the user's pod.

Michiel said that other applications like Calendar and Contacts can live in the user's pod.

These are some of the elements that can be reported as output of the approaches' comparison.

About point 2 in Jan's project, namely:

evaluating the first Solid implementations,

Michiel said that implementation for storage will result from a NextCloud-Solid connection being implemented now. Nextcloud is a Cloud solution personal dropbox (german development).

Other Solid implementations can be found HERE. Links to their internals by Michiel:

https://github.com/michielbdejong/empty-solid-app
https://empty-solid-app.5apps.com/
https://github.com/linkeddata/rdflib.js

At CERN we use owncloud with the in-house development cernbox.cern.ch. Project CS3-MESH is listed in the CERN-Solid collaboration index, as one of the candidate applications to be influenced by Solid.

Outside the CERN-Solid project:

Jan and co-student have to study security frameworks for the software engineering course. The idea is to use Indico for this study. This will give in-depth Indico knowledge to Jan. Adrian, being a security expert, will be of great help. He suggests, as a first step, to define, what a security framework is.

 

Notes by Maria - please comment/fix

Notes by Jan can be found HERE