Coder Social home page Coder Social logo

gym's People

Contributors

andruhon avatar danielmorales9 avatar dsyer avatar gavvvr avatar gitter-badger avatar gordianyuan avatar gregturn avatar kaminski-tomasz avatar lauriru avatar rdlopes avatar thetric avatar wgorder avatar wilder avatar yoshuanahar avatar

Watchers

avatar avatar

gym's Issues

Migrate application to Terraform

Requirements

  • Load Balancer
    • Multi AZ
    • Application Level
    • HTTP Level
    • HTTPS Level
    • Autoscaling Target
    • Logging (if Needed)
  • RDS
    • Multi AZ
    • Snapshoting
    • Backup
    • Restore From S3
    • Logging (if Needed)
  • ElasticCache
    • Multi AZ
    • Logging (if Needed)
  • ECR
  • ECS Cluster
    • Multi AZ
    • Logging (if Needed)
    • EC2 based ECS
      • Memory cloudwatch autoscaling rule
  • Cost Explorer
    • Tags for Exploration

Vulnerability issue: token di verifica della password non viene cambiato se si richiede nuovo token

Descrizione

Una volta generato il token non viene mai più cambiato, semplicemente viene cambioato il suo expirydate e viene abilitato. Chiunque può riutilizzarlo e cambiare la password per l'utente.
È necessario modificare il token prima di inviare la mail. Eventualmente solo modificare la stringa random senza creare un nuovo token nel db (per risparmiare spazio).

step per lo sviluppo

vedi #39

Criteri di accettazione

  • tutti i casi d'uso che utilizzano il token devono essere modificati
  • end2end test per tutti i casi d'uso
  • (opzionale) unit test per tutti i casi d'uso

Analisi prima dello sviluppo

  • inventory dei casi d'uso
  • considerare l'impatto del cambiamento su tutti i casi d'uso

pull request

  • deve contenere l'inventory dei casi d'uso

s

gym/README.md

Lines 46 to 49 in 7b611dd

# TODOs
- TODO write plan
- Follow this guidelines: [Angular 7 - Guidelines](https://medium.freecodecamp.org/best-practices-for-a-clean-and-performant-angular-application-288e7b39eb6f)

This issue was generated by todo based on a TODO comment in 7b611dd. It's been assigned to @undefined because they committed the code.

expire token once the password gets modified or entered

gym/app/src/main/java/it/gym/controller/AuthorizationController.java

Lines 96 to 100 in 36bebda

// TODO expire token once the password gets modified or entered
@PostMapping("/changeNewPassword/{id}")
ResponseEntity<AUserResource> changeNewPassword(@PathVariable Long id, @RequestBody PasswordForm form) {
AUser user = this.userRepository.findById(id).orElseThrow(() -> new UserNotFoundException(id));

This issue was generated by todo based on a TODO comment in 36bebda. It's been assigned to @undefined because they committed the code.

write plan

Rotte e azioni

  • Definire le route:
    • /auth
      • /login
      • /verification
      • /sendChangePasswordToken
      • /modifyPassword
    • /profile
      • actions:
        • editProfile
        • changePassword
        • addProfilePicture
    • /admin
      • /users
        • actions:
          • addUser
          • deleteUser
          • modifyUser
        • /{id}
          • actions:
          • buy
          • resendToken
          • deleteUser
          • modifyUser
      • /sessions
        • /{id} - da definire
      • /sales
        • actions:
        • paySale
        • removeSale
        • /{id}
          • actions:
          • paySale
          • deleteSale
        • /buy/{id}
      • /bundles
        • actions:
          • addBundle
          • modifyBundle
          • deleteBundle
          • enable/disable
        • /{id}
          • actions:
          • modifyBundle
          • deleteBundle
          • enable/disable
      • /calendar
        • actions:
          • info
          • hour
          • change
          • delete
          • header
  • /customer
    • /orders*
    • /calendar
      • actions:
        • info
        • hour
        • delete
    • /sessions
  • /trainer
    • /users
      • /{id}
    • /calendar
      • actions:
        • info
        • hour
        • change
        • delete
        • header
    • /sessions

Progettare

  • Notification System** -> webSocket, store notifications
  • Improve Authentication System -> Less code is fundamental
  • Training Session Schedule

Legenda:

italic: optional or low priority
bold: priority or high priority

* come sales ma con tab fra correnti e completati
** requires research first

gym/README.md

Line 46 in 52f4d1e

# TODO write plan

This issue was generated by todo based on a TODO comment in 52f4d1e. It's been assigned to @DanielMorales9 because they committed the code.

fix desktop view-->

gym/app/src/app/app.component.html

Lines 11 to 14 in dd3707d

<!--TODO fix desktop view-->
<mat-sidenav-container class="main-sidenav-container">
<mat-sidenav class="main-sidenav" #snav [hidden]="!authenticated" [opened]="screenWidth > 599" [mode]="(screenWidth <= 599) ? 'over' : 'side'">
<mat-toolbar *ngIf="screenWidth <= 599">

This issue was generated by todo based on a TODO comment in dd3707d. It's been assigned to @DanielMorales9 because they committed the code.

sidenav non si deve vedere quando non autenticato

Step per lo sviluppo

  • crea un branch a partire dal branch material
    • git checkout master
    • git pull
    • git checkout -b <nome-del-mio-nuovo-branch>
  • mvn install
  • docker-compose up
  • cd app && ng build --watch (per lo sviluppo instantaneo)

Descrizione

  • sidenav non appare quando non autenticato.
  • bottone invisibile o non cliccabile

Criteri di accettazione

  • sidenav non si vede e non si può cliccare il bottone menu se non autenticato
  • test su chrome
  • test su firefox
  • test ios

gym/app/src/app/app.component.html

Lines 1 to 58 in ce1279a

<div class="main-container">
<mat-toolbar color="primary" layout="row" class="main-toolbar">
<a mat-icon-button (click)="snav.toggle()" *ngIf="screenWidth <= 599">
<mat-icon fontSet="fa" fontIcon="fa-bars"></mat-icon>
</a>
<h1 class="main-app-name"> {{ appName }} </h1>
<span class="spacer"></span>
<mat-icon fontSet="fas" fontIcon="fa-sign-in-alt" routerLink="/auth/login" [hidden]="hideLogin()"></mat-icon>
<mat-icon fontSet="fas" fontIcon="fa-sign-out-alt" (click)="logout()" [hidden]="hideLogout()"></mat-icon>
</mat-toolbar>
<mat-sidenav-container class="main-sidenav-container">
<mat-sidenav class="main-sidenav" #snav [opened]="screenWidth > 599" [mode]="(screenWidth <= 599) ? 'over' : 'side'">
<mat-toolbar *ngIf="screenWidth <= 599">
<mat-toolbar-row>
<h2> {{ appName }} </h2>
</mat-toolbar-row>
</mat-toolbar>
<mat-nav-list>
<div *ngIf="authenticated">
<h2 matSubheader>Home</h2>
<a href=# mat-list-item
*ngIf="current_role_view == 1"
[routerLinkActive]="['active-link']"
routerLink="/home/sales">
<mat-icon fontSet="fas" fontIcon="fa-money-bill-wave"></mat-icon>&nbsp;&nbsp;Vendite</a>
<a href=# mat-list-item
*ngIf="current_role_view == 1"
[routerLinkActive]="['active-link']"
routerLink="/home/users">
<mat-icon fontSet="fas" fontIcon="fa-users"></mat-icon>&nbsp;&nbsp;Utenti</a>
<a href=# mat-list-item
*ngIf="current_role_view == 1"
[routerLinkActive]="['active-link']"
routerLink="/home/bundles">
<mat-icon fontSet="fas" fontIcon="fa-box"></mat-icon>&nbsp;&nbsp;Pacchetti</a>
<a href=# mat-list-item
[routerLinkActive]="['active-link']"
routerLink="/home/calendar">
<mat-icon fontSet="fas" fontIcon="fa-calendar-alt"></mat-icon>&nbsp;&nbsp;Calendario
</a>
<mat-divider></mat-divider>
</div>
<div *ngIf="authenticated">
<h2 matSubheader> Viste </h2>
<a *ngFor="let r of user.roles" mat-list-item
[ngClass]="{'active-link': current_role_view == r.id}" (click)="switchView(r.id)">
&nbsp;&nbsp;{{r.name.toLocaleLowerCase()}}
</a>
</div>
</mat-nav-list>
</mat-sidenav>
<mat-sidenav-content class="main-sidenav-content">
<router-outlet></router-outlet>
</mat-sidenav-content>
</mat-sidenav-container>
</div>

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.