Encode license and attribution information in project models

[atruskie]

With the introduction of public permissions (#265) and other issues related to discoverability (https://github.com/QutBioacoustics/Ecoacoustics/issues/88) we need to start considering how public users of our data will use it. These concerns were raised by @JessCappadonna, @towsey, and @cofiem as well.

Thus add the following fields to projects:

• A license chooser, with urls to chosen license

  • need a short selection of relevant licences (complete lack of restrictions, all rights reserved (default), share/resuse with attribution/citation)
  • or allow a user to link to their own
    • Creative Commons (https://creativecommons.org/choose/)
    • ANDS http://www.ands.org.au/working-with-data/enabling-data-reuse/licensing-for-reuse,
    • Github's non-software licenses: http://choosealicense.com/non-software/

• An attribution field (markdown enabled)

  • Add a suggested template:

  This data was collected by <name of researcher/group> with support of <grant information>.
  
  If you use this data in your research please cite:
  Surname F., (20xx) A publication or something. _Journal of things_, etc...
  

  • add a site-wide attribution field that appears on every project for the software (config file value)

[hudson-newey]

[Draft] Project license's mockup

Users want the ability to assign SPDX licenses or custom licenses to projects.

Amended project model shape:

# == Schema Information
#
# Table name: projects
#
#  id                      :integer          not null, primary key
#  allow_audio_upload      :boolean          default(FALSE)
#  allow_original_download :string
#  deleted_at              :datetime
#  description             :text
#  image_content_type      :string
#  image_file_name         :string
#  image_file_size         :bigint
#  image_updated_at        :datetime
#  name                    :string           not null
#  notes                   :text
#  urn                     :string
#  created_at              :datetime
#  updated_at              :datetime
#  creator_id              :integer          not null
#  deleter_id              :integer
#  updater_id              :integer
#  license                 :text             # NEW ADDITION
#
# Indexes
#
#  index_projects_on_creator_id  (creator_id)
#  index_projects_on_deleter_id  (deleter_id)
#  index_projects_on_updater_id  (updater_id)
#  projects_name_uidx            (name) UNIQUE
#
# Foreign Keys
#
#  projects_creator_id_fk  (creator_id => users.id)
#  projects_deleter_id_fk  (deleter_id => users.id)
#  projects_updater_id_fk  (updater_id => users.id)
#

---

Two new virtual fields on the project model can be emitted spdx_license and license_text.

spdx_license will be emitted with the SPDX identifier (e.g. Apache-2.0) if the license property in the projects model is present in the list of valid SPDX identifiers (stored in a server-side json file).
if the projects license property is not in the list of valid SPDX identifiers, the license property will be emitted under the license_text virtual field.

The license field will be writable by incoming PATCH requests to the /projects/:id endpoint

e.g.

PATH /projects/1

{
    "name": "abc123",
    "license": "ADSL"
}

OR

PATH /projects/1

{
    "name": "abc123",
    "license": "license information lorem ipsum ..."
}

---

To keep our list of valid SPDX identifiers up to date, when the docker container is built: we will fetch the list in JSON form from the open source spdx licenses repository

---

Edit: In hindsight, we should probably use a polymorphic property for this. Overloading the type with freeform text and an SPDX identifier object.