EPPI Reviewer uses the Review Document API to verify users' access rights to EPPI Reviewer and enable them to work on their Cochrane reviews in EPPI Reviewer. As of January 2021, the process is as follows:
- The user logs in / authenticates in some way, and their Cochrane identity is verified - tokens work and user info retrieved from Archie asserts that user has the "author" role or superior. This makes Cochrane licensing apply for the user.
- For such users, their list of their reviews includes 2 lists, "native" EPPI-Reviewer reviews (L1), and the Cochrane Reviews for which they have authorship roles (L2).
- Reviews in L2 are identified by their Cochrane ID, and may or may not correspond to review records the EPPI-Reviewer DB.
- If a given L2 review is already present in the EPPI-Reviewer DB, user will have the option to "open" the review.
- If a given L2 review is not already present in the EPPI-Reviewer DB, user has the option to "Activate" the review in EPPI-Reviewer.
- this creates the review record on our side and gives the current user Administration rights over the review in EPPI-Reviewer.
- Administrators can assign roles to other review members.
- Once this is done, they reach the situation in point 4 and can start working.