-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathconfig.json
218 lines (218 loc) · 14.1 KB
/
config.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
{
"name": "REDCapPRO",
"namespace": "YaleREDCap\\REDCapPRO",
"description": "<strong>Patient Reported Outcomes in REDCap</strong><br>This module provides a means of identifying and authenticating study participants when collecting survey data. It stores that information in the REDCap project's audit trail.<br><strong><a href='https://github.com/AndrewPoppe/REDCap-PRO#readme' style='color:#900000 !important;' target='_blank' rel='noreferrer noopen'>See full documentation here.</a></strong>",
"authors": [
{
"name": "Andrew Poppe",
"email": "andrew.poppe@yale.edu",
"institution": "Yale Center for Clinical Investigation"
}
],
"system-settings": [
{
"key": "email-from-address",
"name": "<strong>Email From Address</strong>:<br>This will be the <em>From</em> email address for all system emails. This can help if emails are being sent to spam or are not delivered (default is noreply@REDCapPRO.com)",
"type": "email"
},
{
"key": "prevent-email-login-system",
"name": "<strong>Prevent Email Login</strong>:<br>Should participants be prevented from using their email address to log in to the system. Checking this will require that they login using their participant username only.<br><em>Note: if checked, this overrides the associated project-level setting</em>",
"type": "checkbox"
},
{
"key": "warning-time",
"name": "<strong>Warning Time</strong>:<br>Number of minutes to wait before warning participant of inactivity timeout (default is 1 minute)",
"type": "text",
"validation": "number"
},
{
"key": "timeout-time",
"name": "<strong>Timeout Time</strong>:<br>Number of minutes to wait before logging participant out due to inactivity (default is 5 minutes)",
"type": "text",
"validation": "number"
},
{
"key": "allow-project-timeout-time-override",
"name": "<strong>Allow Project-Level Timeout Time Override</strong>:<br>If enabled, the participant inactivity timeout duration can be modified at the project-level to be longer or shorter than the system timeout setting. (default is No)",
"type": "checkbox"
},
{
"key": "timeout-time-maximum",
"name": "<strong>Maximum Timeout Time</strong>:<br>If the <code>Allow Project-Level Timeout Time Override</code> setting is enabled above, then this value sets the upper-bound on the project-level override. This value has no effect unless that setting is enabled. (default is the same as the system <code>Timeout Time</code> setting)",
"type": "text",
"validation": "number"
},
{
"key": "password-length",
"name": "<strong>Password Length</strong>:<br>Minimum length of password (default is 8 characters)",
"type": "text",
"validation": "integer"
},
{
"key": "login-attempts",
"name": "<strong>Login Attempts</strong>:<br>Number of failed login attempts before being locked out (default is 3 attempts)",
"type": "text",
"validation": "integer"
},
{
"key": "lockout-seconds",
"name": "<strong>Lockout Duration</strong>:<br>Length of a lockout due to failed login attempts, in seconds (default is 300 seconds)",
"type": "text",
"validation": "integer"
},
{
"key": "mfa-descriptive",
"name": "<div class='p-2' style='background-image: linear-gradient(rgb(197, 248, 255), rgb(197, 248, 255)); border: 1px solid rgba(37, 168, 133, 0.4); border-radius: 0.375rem;'><strong>Multi-Factor Authentication Settings</strong><p>These settings control the use of multi-factor authentication (MFA). Please take care to understand how MFA may be used before enabling it in the system.</p></div>",
"type": "descriptive"
},
{
"key": "mfa-system",
"name": "<div class='p-2' style='background-image: linear-gradient(rgb(197, 248, 255), rgb(197, 248, 255)); border: 1px solid rgba(37, 168, 133, 0.4); border-radius: 0.375rem;'><strong>Multi-Factor Authentication</strong>:</div><br>Should participants be required to use multi-factor authentication (MFA) when logging in? If so, they will be required to enter a code after entering their username and password. This is an additional security measure to prevent unauthorized access.<br><em>Note: this setting enables the MFA option globally, but it still must be enabled in the project settings to take effect</em>",
"type": "checkbox"
},
{
"key": "mfa-authenticator-app-system",
"name": "<div class='p-2' style='background-image: linear-gradient(rgb(197, 248, 255), rgb(197, 248, 255)); border: 1px solid rgba(37, 168, 133, 0.4); border-radius: 0.375rem;'><strong>Multi-Factor Authentication with Authenticator App</strong>:</div><br>Should participants be allowed to use an authenticator app (such as Google Authenticator or Microsoft Authenticator) to generate their MFA code? If not, they will be required to use the code sent to their email address.<br><em>Note: this setting only applies if MFA is enabled globally, but it still must be enabled in the project settings to take effect</em>",
"type": "checkbox",
"branchingLogic": {
"field": "mfa-system",
"value": "1"
}
},
{
"key": "mfa-require-admin",
"name": "<div class='p-2' style='background-image: linear-gradient(rgb(197, 248, 255), rgb(197, 248, 255)); border: 1px solid rgba(37, 168, 133, 0.4); border-radius: 0.375rem;'><strong>Restrict MFA project settings to REDCap administrators</strong>:</div><br>Should only REDCap administrators be able to enable/disable MFA options in project settings? If not, any REDCapPRO manager in the project will be able to enable/disable MFA options in project settings.<br><em>Note: this setting only applies if MFA is enabled globally</em>",
"type": "checkbox"
},
{
"key": "self-registration-descriptive",
"name": "<div class='p-2' style='background-image: linear-gradient(rgb(255, 197,248), rgb(255, 197,248)); border: 1px solid rgba(168, 37, 133, 0.4); border-radius: 0.375rem;'><strong>Self-Registration and Enrollment Settings</strong><p>These settings control the ability for participants to register and/or enroll themselves. Please take care to understand the implications of this before enabling it in the system.</p></div>",
"type": "descriptive"
},
{
"key": "allow-self-registration-system",
"name": "<div class='p-2' style='background-image: linear-gradient(rgb(255, 197,248), rgb(255, 197,248)); border: 1px solid rgba(168, 37, 133, 0.4); border-radius: 0.375rem;'><strong>Allow Self-Registration:</strong></div><br>Should participants be allowed to create their own accounts? (default is No)<br><em>Note: this must also be enabled in a project's settings to take effect</em>",
"type": "checkbox"
},
{
"key": "self-registration-require-admin",
"name": "<div class='p-2' style='background-image: linear-gradient(rgb(255, 197, 248), rgb(255, 197, 248)); border: 1px solid rgba(168, 37, 133, 0.4); border-radius: 0.375rem;'><strong>Restrict Self-Registration project settings to REDCap administrators:</strong></div>Should only REDCap administrators be able to enable/disable the API in project settings? If not, any REDCapPRO manager in the project will be able to enable/disable participant self-registration and/or enrollment in project settings.<br><em>Note: this setting only applies if participant self-registration is enabled globally</em>",
"type": "checkbox"
},
{
"key": "allow-auto-enroll-upon-self-registration-system",
"name": "<div class='p-2' style='background-image: linear-gradient(rgb(255, 197,248), rgb(255, 197,248)); border: 1px solid rgba(168, 37, 133, 0.4); border-radius: 0.375rem;'><strong>Allow Auto-Enroll Upon Self-Registration:</strong></div><br>Should participants be automatically enrolled in the project upon self-registration? (default is No)<br><em>Note: this must also be enabled in a project's settings to take effect</em>",
"type": "checkbox",
"branchingLogic": {
"field": "allow-self-registration-system",
"value": "1"
}
},
{
"key": "recaptcha-site-key",
"name": "<div class='p-2' style='background-image: linear-gradient(rgb(255, 197,248), rgb(255, 197,248)); border: 1px solid rgba(168, 37, 133, 0.4); border-radius: 0.375rem;'><strong>reCAPTCHA Site Key:</strong></div><br>Site key for reCAPTCHA v3 (default is empty)<br>If this is blank, reCAPTCHA will not be used when participants self-register (not recommended)<br><em>You cannot use the same site key that you use for REDCap, since that is a v2 key. Create a v3 key <a href='https://www.google.com/recaptcha/admin#list'>here</a> and then copy and paste the site key</em>",
"type": "text"
},
{
"key": "recaptcha-secret-key",
"name": "<div class='p-2' style='background-image: linear-gradient(rgb(255, 197,248), rgb(255, 197,248)); border: 1px solid rgba(168, 37, 133, 0.4); border-radius: 0.375rem;'><strong>reCAPTCHA Secret Key:</strong></div><br>Secret key for reCAPTCHA v3 (default is empty)<br><em>You cannot use the same secret key that you use for REDCap surveys, since that is a v2 key. This must be a v3 key</em>",
"type": "password"
},
{
"key": "api-descriptive",
"name": "<div class='p-2' style='background-image: linear-gradient(rgb(255, 248, 197), rgb(255, 248, 197)); border: 1px solid rgba(168, 133, 37, 0.4); border-radius: 0.375rem;'><strong>API Settings</strong><p>These settings control the use of the API. Please take care to understand how the API may be used before enabling it in the system.</p> </div>",
"type": "descriptive"
},
{
"key": "api-enabled-system",
"name": "<div class='p-2' style='background-image: linear-gradient(rgb(255, 248, 197), rgb(255, 248, 197)); border: 1px solid rgba(168, 133, 37, 0.4); border-radius: 0.375rem;'><strong>Enable the API</strong></div>Should the API be enabled for use?<br><em>Note: this setting enables the API option globally, but it still must be enabled in the project settings to take effect</em>",
"type": "checkbox"
},
{
"key": "api-require-admin",
"name": "<div class='p-2' style='background-image: linear-gradient(rgb(255, 248, 197), rgb(255, 248, 197)); border: 1px solid rgba(168, 133, 37, 0.4); border-radius: 0.375rem;'><strong>Restrict API project settings to REDCap administrators</strong></div>Should only REDCap administrators be able to enable/disable the API in project settings? If not, any REDCapPRO manager in the project will be able to enable/disable the API in project settings.<br><em>Note: this setting only applies if the API is enabled globally</em>",
"type": "checkbox"
}
],
"links": {
"project": [
{
"name": "<span style='margin-top:2px;'><strong><font style='color:black;'>REDCap</font><em><font style='color:#900000;'>PRO</font></em></span>",
"key": "redcappro",
"icon": "images/fingerprint_2.png",
"url": "src/home.php",
"show-header-and-footer": true
}
],
"control-center": [
{
"name": "<strong><font style='color:black;'>REDCap</font><em><font style='color:#900000;'>PRO</font></em>",
"key": "redcappro",
"icon": "images/fingerprint_2.png",
"url": "src/cc_projects.php",
"show-header-and-footer": true
}
]
},
"no-auth-pages": [
"src/login",
"src/logout",
"src/mfa",
"src/reset-password",
"src/create-password",
"src/forgot-password",
"src/forgot-username",
"src/session_check",
"src/create-account",
"src/api",
"src/generate_qr_code",
"src/authenticator-app-info"
],
"no-csrf-pages": [
"src/api"
],
"auth-ajax-actions": [
"exportLogs",
"getLogs",
"getParticipants",
"getParticipantsCC",
"getProjectsCC",
"getStaff",
"getStaffCC",
"importCsvEnroll",
"importCsvRegister",
"searchParticipantByEmail"
],
"no-auth-ajax-actions": [
"sendMfaTokenEmail",
"showMFAInfo",
"sendMFAInfo"
],
"action-tags": [
{
"tag": "@RCPRO-USERNAME",
"description": "This transforms a text field into a dropdown selector. The user can select an enrolled participant and populate the field with that participant's username"
},
{
"tag": "@RCPRO-EMAIL",
"description": "If @RCPRO-USERNAME is present on the instrument, then when the participant is selected the email field with the @RCPRO-EMAIL tag will be populated with the participant's email address"
},
{
"tag": "@RCPRO-FNAME",
"description": "If @RCPRO-USERNAME is present on the instrument, then when the participant is selected the text field with the @RCPRO-FNAME tag will be populated with the participant's first name"
},
{
"tag": "@RCPRO-LNAME",
"description": "If @RCPRO-USERNAME is present on the instrument, then when the participant is selected the text field with the @RCPRO-LNAME tag will be populated with the participant's last name"
}
],
"framework-version": 15,
"compatibility": {
"php-version-min": "7.4.0",
"php-version-max": "",
"redcap-version-min": "14.0.2",
"redcap-version-max": ""
},
"enable-no-auth-logging": true
}