6.3. Versioning, approvals and audit logs

In order to fulfil the needs of the different parties, guarantee the data quality and accountability of each actor, three different mechanism are put in place:

Mechanism	Purpose	Concerned data
Audit logs	The purpose of audit logs is to keep track of who did what on the system. The audit logs contain the exact actions taken on the system and link them to the user / organisation that triggered the action. The purpose is not to version data, but to keep track of changes and keep the users of the system accountable for their actions	all NRVC data all API calls all login attempts (success or failure) any action performed on the system
Versioning	The purpose of the versioning is to: enforce an approval process for the production of VC data keep track of the evolution of the VC situation in Luxembourg and on its evolution.	vertical cables (physical links)
Approvals	Approval processes are put in place to guarantee data quality and to avoid unintentional destructive modifications.	vertical cables (physical links) delete operations on NRVC data

Mechanism

Purpose

Concerned data

Audit logs

The purpose of audit logs is to keep track of who did what on the system. The audit logs contain the exact actions taken on the system and link them to the user / organisation that triggered the action.

The purpose is not to version data, but to keep track of changes and keep the users of the system accountable for their actions

all NRVC data
all API calls
all login attempts (success or failure)
any action performed on the system

Versioning

The purpose of the versioning is to:

enforce an approval process for the production of VC data
keep track of the evolution of the VC situation in Luxembourg and on its evolution.

vertical cables (physical links)

Approvals

Approval processes are put in place to guarantee data quality and to avoid unintentional destructive modifications.

vertical cables (physical links)
delete operations on NRVC data

Versioning of physical links

In the figure above each row of data represents on Physical Link data entry in the database. The background colors of the rows represent:

grey: Physical Link information that has not been approved or rejected
green: Approved Physical Link data
red: Approved Physical Link data that indicates that a specific Physical Link Type has been decommissioned and is not present anymore.

In this example, There are free approved Physical Links, two that indicate that Fiber and Coax are present between two units and one that indicates that ETH was removed.

Description

Versioning of physical links between two equipments or an equipment and a unit in multi-dwelling units is a crucial part of the RNVC. In order to support the approval process, each version of a connection needs to have a flag “validated” that can be “true” or “false” to indicate if that specific version has been validated. Furthermore we also need a flag to explicitly indicate if a specific link type has been decommissioned.

When an Editor wants to send an update for a vertical cabling connection between an “Equipment 1” and an “Equipment / Unit 2”, the Editor creates a new connection with and POST it using the “physical links” endpoint. This POST contains following information:

Source equipment
Destination equipment or destination unit
Link Type
If all physical links of that specific link type were removed, a flag “deleted = true”

When receiving an update request, the system adds following information to it:

timestamp of creation
the editor that produced the data
organisation to which the connection belongs is set to the Editor’s organisation
version
flag “validated = false”

The organisation approver always get the latest entry for a given connection that is not yet validated to validate. Once the validator has validated the entry following information is stored:

flag “validated = true” or “rejected = true” depending on decision
validation timestamp
the approver

When retrieving data, the default version of the physical link returned are the latest validated once. The users can explicitly request the latest versions if needed or any other historical version.

Processes

7.5. Send update vertical cabling request process

7.6. Approve update vertical cabling request

Data deletion requests

The NRVC will contain some information that is very static by nature:

addresses
sites
blocks
units
equipments

Due to the static nature of this data and to the fact that a history of the changes performed to this data is not relevant to the project, it has been decided not to keep any historical data on this data. Instead of versioning, audit logs will be used to keep track of who did what to the data.

One important principle is that once created these objects cannot and will not be deleted.

Instead if deleting the data a process is in place to mark data as deleted. This process involves an Editor marking the data as “to be deleted” and a Approver that will need to validate the deletion request. Furthermore Administrators and Organisation Administrators will have the power to recover deleted datasets.

Processes

7.7. Approve delete site request

7.8. Approve delete block request

7.9. Approve delete unit request

7.10. Approve delete equipment request

1.1. Change log

2.1. Context

2.2. Document purpose and scope

2.3. Targeted audience

3.1. User management

3.2. Roles

4.1. User - Profile management [canceled]

4.2. User - Change password

4.3. User - Manage user secrets [canceled]

4.4. Application Administrator - Create users

4.5. Application Administrator - Update users

4.6. Application Administrator - Delete users

4.7. Application Administrator - Recover users marked for deletion

4.8. Application Administrator - Create access tokens [new]

4.9. Application Administrator - Delete access tokens [new]

4.10. Application Administrator - View audit logs

4.11. Application Administrator - View all data on the platform

4.12. Application Administrator - Restore deleted records

4.13. Application Administrator - Un-reject/approve an approved/rejected record

4.14. Application Administrator - Export all

4.15. Application Administrator - Monitoring

4.16. Application Administrator - Alerting

4.17. Application Administrator - Lightweight Administration Panel

4.18. Application Administrator - Define webhooks [new]

4.19. Organisation Administrator - Create organisation users

4.20. Organisation Administrator - Update organisation users

4.21. Organisation Administrator - Delete organisation users

4.22. Organisation Approver - Recover organisation users marked for deletion

4.23. Organisation Administrator - Create organisation access tokens [new]

4.24. Organisation Administrator - Delete organisation access tokens [new]

4.25. Organisation Administrator - View organisation audit logs

4.26. Organisation Administrator - Un-reject/approve an approved/rejected record lined to organisation

4.27. Organisation Administrator - Restore records deleted by the organisation

4.28. Editor - Create temporary address

4.29. Editor - Create an additional temporary address for an existing site

4.30. Editor - Create an additional temporary address for an existing block

4.31. Editor - Add a site

4.32. Editor - Update a site

4.33. Editor - Delete a site

4.34. Editor - Add a block

4.35. Editor - Update a block

3.36. Editor - Delete a block

4.37. Editor - Add a unit

4.38. Editor - Update a unit

4.39. Editor - Delete a unit

4.40. Editor - Add an equipment

4.41. Editor - Update an equipment

4.42. Editor - Delete an equipment

4.43. Editor - Attach pictures [postponed]

4.44. Editor - Delete Pictures [postponed]

4.45. Editor - Search a site by address

4.46. Editor - Send an update vertical cabling request

4.47. Approver - Approve deleted site request

4.48. Approver - Approve deleted block request

4.49. Approver - Approve deleted unit request

4.50. Approver - Approve deleted equipment request

4.51. Approver - Approve or reject update vertical cabling request

4.52. Organisation Approver - Approve deleted site request for organisation

4.53. Organisation Approver - Approve deleted block request for organisation

4.54. Organisation Approver - Approve deleted unit request for organisation

4.55. Organisation Approver - Approve delete equipment request for organisation

4.56. Organisation Approver - Approve or reject update vertical cabling request for organisation

4.57. Analyst - Access to all data

4.58. Analyst - Querying data

4.59. Analyst - Query historical data

4.60. Analyst - Query audit logs

4.61. Analyst - Export data [to be reviewed]

4.62. Analyst - Integrate external applications [to be reviewed]

4.63. Analyst - Un-reject/approve an approved/rejected record

4.64. Viewer - Search sites/blocks/units/equipments by address

4.65. Viewer - Read single entries by ID

4.66. Viewer - Read different versions of connections

4.67. ETL - Retrieve addresses

4.68. ETL - Create and update addresses

6.1. User management

6.2. Address ingestion

6.3. Versioning, approvals and audit logs

6.4. Data privacy

6.5. Data quality

6.6. Data governance