A while ago I found a publisher that was publishing an activity under the IATI identifier GB-1-123456 (one of DFID's activities). This was by a publisher that was publishing through CSV2IATI and probably misunderstood the guidance to refer to GB-1-123456 as provider-activity-id for its DFID funded transactions within the activity.
Of course we wanted to invalidate this data as it was not DFID's. I could do that quite easily because the reporting-org ref was set correctly, and when when you don't use that reporting-org ref as your prefix, I'll just invalidate the activity.
It becomes more error prone if the reporting-org is also set incorrectly, how do I know who's speaking truth then? I don't expect anyone to purposely do this but I've seen odder mistakes in IATI and try to avoid assumptions where possible.
For this we need a validation check to see if the activity reporting-org is the publisher of the dataset (are there any edge cases on this?). This is possible by using the publisher_iati_id key on the IATI Registry CKAN API endpoint to get all publishers: https://iatiregistry.org/api/action/organization_list?all_fields=true&include_extras=true&limit=10
Though unfortunately, this is not always set correctly:
Another use scenario this would help is; I'm building an IATI publishing tool and would like to make it easier for new publishers to start publishing correctly. I ask them to make an IATI registry account and after registration ask them for their IATI Registry user name and API key. Based upon that I fetch the publisher with its iati id, I validate the user and automatically set the reporting-org correctly so they can't make any errors on that.
-Is this a shared need?
-How can we keep the IATI Registry publisher_iati_id in sync? It seems like quite some orgs did not correctly fill in the publisher_iati_id on registration, but afterwards did use the correct one on their reporting-org (see the gdoc). @dalepotter @hayfield can this be included in the new validator?