SureNetwork Stack

Development Snapshot

This stack is under active development.

SureNetwork is the identity-first research network microservice for SureClinical. It manages the organizational and project graph that underpins the SureCentric Platform:

Projects — clinical research projects
Hubs — organizational units
Teams — groups within a hub or project
Persons — researchers and participants
Tenants — multi-tenant organizational isolation

SureNetwork is a separate microservice — it is not embedded in Nuxeo. Nuxeo calls SureNetwork via HTTP using suredms.network.* configuration properties.

SureNetwork Global UI (Angular 16) is the primary frontend for SureNetwork. It is also the SureCentric Client used in SureCentric Desktop (Electron) and SureCentric Web.

Docker Compose Stack: `surenet`

Container	Image	Port	Role
`network-service`	`sn-nuxeo-lts-2023:latest`	`8880→8880`	SureNetwork Spring Boot service (Java 20)
`network-database`	`postgres:15-alpine`	`5433→5432`	SureNetwork relational database
`network-elasticsearch`	`elasticsearch/elasticsearch:...`	`9200→9200`	Full-text search for network entities

Start the stack

docker compose -f surenet/docker-compose.yml up

SureNetwork Global UI — Angular 16

The SureNetwork Global UI is the Angular 16 application that serves as the browser shell for:

SureCentric Desktop — Electron wrapper (SureClinical/Desktop)
SureCentric Web — Browser-hosted SureCentric Client
SureNetwork Web — Standalone SureNetwork access

These are the same codebase. Angular 16 was chosen because it was already present in SureNetwork Global UI.

Current top-level routes (SN Global)

Route	Purpose
`/dashboard`	Landing dashboard
`/projects`	Project browser
`/hubs`	Hub browser
`/persons`	Person browser
`/organizations`	Organization browser
`/tenants`	Tenant management
`/users`	User management
`Project Desktop`	Hub/project-scoped launcher (planned route)

SureArchive — Angular 16 Document Navigator

SureArchive is the planned Angular 16 module inside SureNetwork Global UI that will replace the legacy SureDMS AngularJS document navigator.

Property	Value
Location	SureNetwork Global UI — dedicated route/module
Status	Planned — in development
Source	SureDMS AngularJS navigator code being ported to Angular 16
Project Desktop card	`SureArchive` card alongside `SureDrive` card

Migration path:

Today: SureDrive (AngularJS) handles document navigation via iframe
Future: SureDMS doc navigator code progressively ported into SureArchive (Angular 16)
Eventually: SureDrive iframe card is retired when SureArchive reaches feature parity

API Contract with Nuxeo

SureNetwork does not connect directly to a bare Nuxeo instance. It is wired to Nuxeo through suredms.network.* Nuxeo configuration properties.

Nuxeo → SureNetwork (Nuxeo calls SureNetwork)

suredms.network.api.url=http://network-service:8880
suredms.network.api.username=user
suredms.network.api.password=1234qwER
suredms.network.api.admin_username=admin
suredms.network.api.admin_password=1234qwER
suredms.network.api.external_username=external
suredms.network.api.external_password=1234qwER

These properties are consumed by SC Nuxeo extension modules including NetworkAuthenticator, GlobalNetworkGetUserTenants, MobileExportStudyToNetwork, NetworkStudyRepository, and NetworkTeamRepository.

Key Nuxeo automation operations backed by SureNetwork

Operation	Purpose
`GlobalNetworkGetUserTenants`	Fetch tenants for the authenticated user
`MobileExportStudyToNetwork`	Export a study from Nuxeo to SureNetwork
`NetworkStudyRepository`	Study CRUD via SureNetwork
`NetworkTeamRepository`	Team management via SureNetwork
`NetworkContactRepository`	Contact management via SureNetwork

Logto Integration

SureNetwork Global UI authenticates through Logto (dev-only OIDC provider):

User clicks login in SN Global
Browser redirects to Logto authorization endpoint
User authenticates with dev credentials
Logto issues an OIDC token
SN Global stores the token and calls SureNetwork APIs with it
SureNetwork service validates the token against the Logto JWKS endpoint
User identity is mapped to a SureNetwork user record by username/email

Dev user seeding matches usernames already expected by the SureNetwork database (admin, user, external).

Future Integration with SureCentric Platform

Database: The SureNetwork PostgreSQL 15 database is a candidate for consolidation. Target: ≤ 2 PostgreSQL databases across the entire platform. The SureNetwork DB may be consolidated with the Nuxeo 2025 DB or replaced by a shared platform DB. Until consolidation, it runs independently.

Elasticsearch: The SureNetwork Elasticsearch instance may be replaced by a shared search layer (e.g., a platform-wide Elasticsearch or OpenSearch) when the platform consolidates.

SureNetwork Global UI: Becomes the primary SureCentric Client shell. All new UI development — including SureArchive, Project Desktop, and future analytics views — is delivered inside SureNetwork Global UI.

SureDrive → SureArchive: SureDrive (AngularJS) iframe is a bridge. As SureArchive (Angular 16) matures, SureDrive is retired. The end state is a single Angular 16 shell with no legacy AngularJS dependency.

See Platform Roadmap for the full phase plan.

Docker Compose Stack: surenet​

Start the stack​

SureNetwork Global UI — Angular 16​

Current top-level routes (SN Global)​

SureArchive — Angular 16 Document Navigator​

API Contract with Nuxeo​

Nuxeo → SureNetwork (Nuxeo calls SureNetwork)​

Key Nuxeo automation operations backed by SureNetwork​

Logto Integration​

Future Integration with SureCentric Platform​