booking-for-relief-backend's People
Forkers
dpoldrugobooking-for-relief-backend's Issues
Tracking of terrain workers
We want to be able to log the last known location of terrain workers (if they opt-in to do so) - it doesn't need to be perfect, it doesn't need to record historic data - but it'll cut down significantly the amount of communication and miscommunication that happens in the field
Select tags / serach tags with dropdown + autocomplete
As said in title. Idea is to have a predefined set of tags to offer from, so people can tag more precisely. Of course, there's still the option of putting in something else other than what's offered.
Facebook login and relevant database footprint
- We want to allow facebook login/signup for everybody
- People who are reporting cases don't need to be logged in with facebook, but we want to encourage them to do so through UI design
- Operators & admins - volunteers, terrain workers, dispatchers etc need to be facebook-logged in
Display a different pin if the item has an assigned volunteer
For better visibility.
Document in README.md the steps necessary to start contributing
Ie
- Install node like this
- Using this ide import project like this
- Start this database and create user and db with this username/pass
- Run db migrations like this
- You need to import these credentials here
- Run tests, make sure they pass
- Run dev server like this
At this point the person should be able to develop any part of the system without stupid config errors slowing them down
Backend API specification
We already have services that need integrating
BUG: ne radi unos komentara
Frontend <-> backend API security: API protection and audit logging
No need to comment π we need to secure the backend
We should prevent the backend API to do anything the frontend API doesn't want the user to do, but given the timelines, at the very least:
- we want to prevent privilege escalation - a JSON payload saying "editor should be super admin" shouldn't pass, or sending a different user_id of who initiated it shouldn't change the initiator i, in short:
- foreign keys should be protected
- roles should be protected
- we want to have an audit logging mechanism - if we miss something and someone manages to change something someone shouldn't - we want to have a audit logging trail about it - ideally this would be something like Audited - that you plug in on all models and not worry to much about
BUG: Dodijeli sebi - ne radi
BUG: Dodijeljivanje kao proΔe, ali u biti ga ne dodijeli..
IP / browser metadata logging
We need this audit trail for cooperation with law enforcement, we can store the client IP in the DB, but it would be good to have a richer data set in the logs so we can help police investigation with browser headers etc
Do a check of contact phone
When someone adds an issue, they need to leave their contact phone. However there's no way for us to check whether the number is actually functional or whether that is the actual number of the person that's adding the entry.
What are the possibilities for us here?
We need commenting available on opened cases
Open cases need to be commentable - maybe we have this already, I forgot?
Do we need a search by any string or just by tags?
We currently have enabled a search that searches by tags. Do we want to extend that to search by any string in an entry?
Potres2020 sync improvements
1. Handle "potres_app_metadata" field
When a new entry will be firstly entered in potres.app, the sync to potres2020 will insert/update this data there.
Since the backend is already handling sync from potres2020, to avoid data duplication, use the field potres_app_metadata
from potres so handle these updates correctly.
Data in potres_app_metadata
will be in JSON format:
{
"model": "aid-collection|aid-request|transport|accommodation",
"id": 12,
"updated_at": "2021-01-05T15:14:55.694Z"
}
2. Store last updated timestamp / version from potres2020 in potres.app
To properly handle updates on entries in potres2020, which were originally created in potres.app, make sure to add an additional field which will keep track of the version of the potres2020 data. It could be called: potres2020_lasted_updated
and there store the value of the field updated
from the potres2020 json model.
Example:
https://potres2020.openit.hr/api/v3/posts/921
"updated":"2021-01-10T14:28:46+00:00"
To correctly apply changes from potres2020, make sure you apply them only if the new_sync_entry.updated > potres2020_lasted_updated
.
We need a tags relation on cases
Tags are assigned by logged in operators and visible on the index screen. Tags would be pre-defined on system level and expanded as necessary.
We want to be able to use this to ie filter all cases that need a carpenter - or for other purposes
Harden password fields
Display a unique ID next to single item
Self explanatory. Helps in terrain for quick reference.
Proposal: Introduce "title" field in the data model
Currently, the location
field is used for the address, at least on the frontend when a new post is created. But when data is coming from potres2020 webhook, location
is used to store the title
field value of the post in potres2020.
From the UI/UX perspective, we should maybe introduce a field title
and then for all potres2020 synced posts (original_app_id != null
) move the values from location
to title
. For the posts that were originally created in the app, we could take few words from the description
field and put them in the title
flowed by the dots (...)
Introducing the title
field in the model, would make the UI more clear, since we would not have the biggest UI element the location, which often contains similar data... so there is no differentiation between posts on the potres.app UI.
Examples of a post synced from potres2020:
https://potres.app/trazim-pomoc/374
https://relief-app-backend.herokuapp.com/aid-requests/374
https://potres2020.openit.hr/api/v3/posts/970
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.