Write access #3
Description
Being able to handle metadata submissions would enable a wide range of attractive use cases (connection technical systems that auto-submit metadata), having a wide range of people contribute what they can, without getting elevated privileges.
It would be beneficial to keep authorization/authentication issues out of the implementation as much as possible. Here is a sketch of a proposal:
- let a submission require some kind of token
- a token must match a directory name at a specific root location. the directory contains a "dump-thing" collection (just like the original one). a curator can individually check submissions or accept them in bulk.
- a submission is rejected if that directory does not exist
- this enables independent processes to create and remove these directories. tokens could be issues via an API or manually by email -- full flexibility
- the service can immediate return previously submitted metadata (with the same token?) to enable an "immediately incremental user experience"
It may nevertheless make sense to implement some kind of rate/size limits.