As part of our trademark application, we need to add a "Download as PDF" and a "Print" button to our workshop pages to show that our workshops fall within three trademark categories: (1) online curriculum materials, (2) downloadable curriculum materials, and (3) printable physical curriculum materials.

As a user, when I go to https://hackclub.com/workshops/personal_website/ or any other workshop on our website, I want to see a "Download as PDF" and a "Print" button somewhere on the page.

Both buttons should be functional and work on all modern browsers. We don't know what browser the person at the trademark office will be using, so we should make sure that it'll definitely work. I have a Browserstack account I can give you access to for testing on different browsers.

Rough mockup of what this could potentially look like:

This can be resolved once both buttons are live and functional on https://hackclub.com.

Currently we use Hakiri to alert for vulnerabilities in https://github.com/hackclub/api. We need to migrate this to https://github.com/hackclub/monolith.

Just like #53, the API requires SMTP_ADDRESS to be set to boot up, but it's not documented anywhere in the README.

This results is super bare ^

The setup instructions in README.md fail when you create a clean clone. frontend fails to launch because react-scripts is missing.

Steps to reproduce:

1. Clone monolith

2. Add .env files to frontend/ and api/ with appropriate contents

3. Run the following commands:

   1. docker-compose build
   2. docker-compose run api bundle
   3. docker-compose run api rails db:create db:migrate
   4. docker-compose up

4. Notice that the frontend service fails to launch.

The 'Start date' field in our application form is being messed up somewhere along the way to being saved in the database and sent out in the club application confirmation email.

Example:

To recreate:

• Submit an application from /apply
• Choose a start date
• Submit application
• Notice how the start date is not what you chose on the application page.

Currently we use Snyk to alert for vulnerabilities in https://github.com/hackclub/api. Now that api is no longer the root folder, we need to indicate to Snyk that it should only test the contents of the api directory.

All null club death dates are being set to 1969:

This is not a problem for death dates that were already set:

We want to fix this because it's incorrect data and messes up our records.

Right now clicking on the submit button on https://hackclub.com/apply while it's loading submits multiple applications.

Trying to configure a fresh install from instructions in the README.

[zrl@charmander monolith]$ docker-compose run api rails db:create db:migrate   
Starting monolith_bundle_1 ...         
Starting monolith_cache_1 ...          
Starting monolith_bundle_1             
Starting monolith_bundle_1 ... done    
Database 'app_development' already exists                                      
Database 'app_test' already exists     
rails aborted!                         
KeyError: key not found: "SLACK_ADMIN_ACCESS_TOKEN"                            
(erb):50:in `fetch'                    
(erb):50:in `<main>'                   
/bundle/gems/railties-5.0.3/lib/rails/application.rb:391:in `secrets'          
/usr/src/app/config/initializers/cloud9_client.rb:1:in `<top (required)>'      
/bundle/gems/activesupport-5.0.3/lib/active_support/dependencies.rb:287:in `load'                                                                              
/bundle/gems/activesupport-5.0.3/lib/active_support/dependencies.rb:287:in `block in load'                                                                     
/bundle/gems/activesupport-5.0.3/lib/active_support/dependencies.rb:259:in `load_dependency'                                                                   
/bundle/gems/activesupport-5.0.3/lib/active_support/dependencies.rb:287:in `load'                                                                              
/bundle/gems/railties-5.0.3/lib/rails/engine.rb:648:in `block in load_config_initializer'                                                                      
/bundle/gems/activesupport-5.0.3/lib/active_support/notifications.rb:166:in `instrument'                                                                       
/bundle/gems/railties-5.0.3/lib/rails/engine.rb:647:in `load_config_initializer'                                                                               
/bundle/gems/railties-5.0.3/lib/rails/engine.rb:612:in `block (2 levels) in <class:Engine>'                                                                    
/bundle/gems/railties-5.0.3/lib/rails/engine.rb:611:in `each'                  
/bundle/gems/railties-5.0.3/lib/rails/engine.rb:611:in `block in <class:Engine>'                                                                               
/bundle/gems/railties-5.0.3/lib/rails/initializable.rb:30:in `instance_exec'   
/bundle/gems/railties-5.0.3/lib/rails/initializable.rb:30:in `run'             
/bundle/gems/railties-5.0.3/lib/rails/initializable.rb:55:in `block in run_initializers'                                                                       
/bundle/gems/railties-5.0.3/lib/rails/initializable.rb:44:in `each'            
/bundle/gems/railties-5.0.3/lib/rails/initializable.rb:44:in `tsort_each_child'                                                                                
/bundle/gems/railties-5.0.3/lib/rails/initializable.rb:54:in `run_initializers'                                                                                
/bundle/gems/railties-5.0.3/lib/rails/application.rb:352:in `initialize!'      
/usr/src/app/config/environment.rb:5:in `<top (required)>'                     
/bundle/gems/activesupport-5.0.3/lib/active_support/dependencies.rb:293:in `require'                                                                           
/bundle/gems/activesupport-5.0.3/lib/active_support/dependencies.rb:293:in `block in require'                                                                  
/bundle/gems/activesupport-5.0.3/lib/active_support/dependencies.rb:259:in `load_dependency'                                                                   
/bundle/gems/activesupport-5.0.3/lib/active_support/dependencies.rb:293:in `require'                                                                           
/bundle/gems/railties-5.0.3/lib/rails/application.rb:328:in `require_environment!'                                                                             
/bundle/gems/railties-5.0.3/lib/rails/application.rb:448:in `block in run_tasks_blocks'                                                                        
/bundle/gems/railties-5.0.3/lib/rails/commands/rake_proxy.rb:14:in `block in run_rake_task'                                                                    
/bundle/gems/railties-5.0.3/lib/rails/commands/rake_proxy.rb:11:in `run_rake_task'                                                                             
/bundle/gems/railties-5.0.3/lib/rails/commands/commands_tasks.rb:51:in `run_command!'                                                                          
/bundle/gems/railties-5.0.3/lib/rails/commands.rb:18:in `<top (required)>'     
bin/rails:4:in `require'               
bin/rails:4:in `<main>'                
Tasks: TOP => db:migrate => environment                                        
(See full trace by running task with --trace)                                  

README currently doesn't mention anything about SLACK_ADMIN_ACCESS_TOKEN.

Currently Streakable handles saving dates to Streak pretty well, but it fails dismally at reading them in.

#63 should be reverted once this is added in.

Currently our two separate repositories (https://github.com/hackclub/api and https://github.com/hackclub/frontend) have individual Circle-CI test suites.

This repository needs to be able to run BOTH of those whenever a commit is pushed.

This warning occurs whenever I run UpdateFromStreakJob.perform_now

irb(main):016:0> UpdateFromStreakJob.perform_now
Performing UpdateFromStreakJob from DelayedJob(default)
/usr/src/app/lib/cloud9_client.rb:66: warning: already initialized constant Module::USER_AGENT
/usr/src/app/lib/cloud9_client.rb:66: warning: previous definition of USER_AGENT was here

Same deal as #53 and #54. Tried setting up monolith from scratch and needed to set STREAK_CLUB_APPLICATIONS_PIPELINE_KEY, which is not documented in the README.

v1/clubs

Summary

This endpoint shows sensitive, internal information about all clubs

Reproduce

curl -X GET https://hackclub.com/v1/clubs

v1/clubs

Summary

Submitting a POST request can alter entries and create entries

Examples

Look at club.id 114,1063,1064

I'll be looking at a bit more later, but these are the most fearing from the bunch.

Credits:
@maxwofford For confirming results
@paked For egging me on (and backing up the db)

Context

Creating this issue so I remember to flesh it out in a couple of hours time.

@zachlatta mentioned we were getting impossible results because the analytics code might still be in our iframe'd team and home pages.

A big part of the work which has been done on Hack Club over the past couple of months has been making it easier for us to collect statistics on things. While this has been a positive change for external forces, the way everything has been implemented internally is... well, it's shit. We're at a point where we have upwards of 3 different statistics related 'services' in our API codebase. Each serving a similar role, calculating the same things in different ways, and all around just not being consistent.

I'd like to consolidate CheckInReportService, ClubStatsService, and StatsService into a single 'Stats' service. With a consistent API.

Right now if someone submits their application twice it gets attached to only one of the club application boxes on Streak because both emails have the same subject and Gmail threads emails with the same subject. We can fix this by adding their club application ID to the email subject.

We'll also want to remove the club application ID added to the confirmation email message we currently have here: https://github.com/hackclub/monolith/blob/master/api/app/views/club_application_mailer/admin_notification.text.erb#L10

I'm getting the following error when I start up the container.

frontend_1  | (node:33) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 1): Error: Exited with code 3
frontend_1  | (node:33) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections thatare not handled will terminate the Node.js process with a non-zero exit co

The application API isn't handling the application start date correctly. Here's the network request for an application that should be set to today:

Here's the start date on the application confirmation email:

We need this fixed because 1. it looks weird to applicants when they receive the confirmation email and 2. we're collecting incorrect information about clubs that might cause issues in our ops process.

Here's our whiteboard:

Accountability bot stuff in black and on the right.

Check out the application confirmation emails to see an example of this ^

Currently, CircleCI runs bundle install on every build without any caching, which takes ~2 minutes and slows down the overall build.

You can see https://circleci.com/gh/hackclub/monolith/382 for an example of what this looks like:

This issue can be resolved by having CircleCI cache the installed gems so we don't have to start from scratch on every build.

From @BUSH1DO on August 14, 2017 22:35

Not sure it's just an issue on my browser but these buttons the Hack Club front page aren't functional on Firefox.

Copied from original issue: hackclub/hackclub#1036

https://sentry.io/hack-club/Frontend/issues/336282098/

Error: Not Found: https://hackclub.com/workshops/that_was_easy/sounds
  at callbacks (containers/NotFound/NotFound.js:31:34)
  at this (../node_modules/react-dom/lib/CallbackQueue.js:76)
  at wrapper (../node_modules/react-dom/lib/ReactReconcileTransaction.js:80)
  at this (../node_modules/react-dom/lib/Transaction.js:209)
  at method (../node_modules/react-dom/lib/Transaction.js:156)
...
(12 additional frame(s) were not displayed)

https://sentry.io/hack-club/Frontend/issues/327052070/

TypeError: Cannot read property 'document' of null
  at document (components/FullPageIframe/FullPageIframe.js:17:54)

There is currently a bug with our Streak syncing code that will evaluate read-only values before everything else.

This is a problem because often these read-only values require the latest information in order to parse their results, and in an environment where this information is often assumed to not be nil this can be very bad.

Example: We're loading a bunch of new data into the database, but Streak because read only field X relies on Z, and Z has not been set from in the DB yet X will throw a nil value error.

When I go to https://hackclub.com/workshops, I see :smile: instead of the 😊 emoji rendered.

This can be fixed by properly rendering emoji tags on all workshop pages.

Consider the following:

1. I'm a teacher and hear about starting a Hack Club and am interested
2. I go to https://hackclub.com, click "Start a Hack Club", and am brought to https://hackclub.com/start
3. I read through the page, decide I want to start my application, and say I'm a teacher.
4. When I click through, I'm told that Hack Club only accepts applications from students, but not why that's the case or what I can do to get one started at my high school as a teacher. See screenshots below.

When we reject teachers without a proper explanation, we make it harder for people to start Hack Clubs and establish ourselves as an organization that doesn't care about explaining itself.

To resolve this, we should replace the current text displayed to teachers with a proper explanation for why we believe all Hack Clubs need to be led by students, for students and what they can do as a teacher.

This story can be resolved once new copy has been approved by me and deployed to https://hackclub.com. Ping me on Slack if I can be helpful figuring out what to write here.

At the moment we store the addresses of our leaders, clubs and letters as strings and (sometimes) lat/long pairings.

In order for @zachlatta to get proper demographic data about our leaders, we need to have a broken down set of columns containing segments of the addresses which he can query.

The important fields are:

1. Zip/postal code
2. Country
3. State

But getting as many of the other fields as possible is also helpful.

If I change the assignee of a club, I'd like the backend to change the assignee of all of the leaders to the club's assignee.

If I change the assignee of a leader, I'd like the backend to change it back to the club's assignee and send me a notification letting me know that if I want to change a leader's assignee, I need to change the club's assignee directly.

Currently, if you go to https://cards-dev.twitter.com/validator and enter https://hackclub.com/workshops/personal_website/, you see generic metadata for the homepage.

As a social media sites or search engines, I want to see custom metadata for each workshop page. For personal website, I'll want to see "Personal Website" as the title and either a short description of the workshop (ex. "Learn to build your first website!") or the first few words of text from the workshop (ex. "Prophet Orpheus, our mascot, is here to guide you through making your own personal website. It will look...").

This story can be resolved once https://cards-dev.twitter.com/validator and https://developers.facebook.com/tools/debug/sharing/ both get custom metadata for every workshop on https://hackclub.com.

Right now the division between codebases isn't clear because "api" contains hackbot's logic, which is arguably part of "frontend". This could get confusing to newcomers.

I think we can make a better distinction by renaming "frontend" to "web".

Currently when any of these Streakable items are created they are assigned to API User. This has worked OK up until now, but now that both Max and I are working it is becoming annoying to have to constantly assign these items to each other to various boxes -- and when this 'system' breaks down, it becomes difficult to tell who belongs to who.

So, instead of having humans do things (boo) we should make robots to do them instead (yay!). Whenever a box (of type club, letter, leader OR a task) is created they should be assigned to someone by the following strategies:

• Clubs: Randomly assign between @maxwofford and I
• Letters: Use leader's assignee
• Leaders: Use club's assignee
• Tasks: Use leader's assignee

We're currently using the Papertrail Heroku addon for our logs, which is significantly more expensive than the service available directly from https://papertrail.com – 8GB of logs on https://papertrail.com is $75/m, where 10GB of logs from the Heroku addon is $425/m.

Our primary hosting expense today is Papertrail and as part of our cost cutting, we want to move our logs to the service directly available on https://papertrail.com.

This issue can be resolved once all Heroku applications on the hackclub team are using the service available directly from https://papertrail.com. Ping me on Slack if you need billing info.

Every single Club Application should have a year field associated with it.

The validation for this was disabled with #65 because of a failure on my behalf with the migration code.

When loading the page, it acts like the "monthly contribution?" box is checked when it's not.

1. You can test this by going to https://hackclub.com/workshops/personal_website/:

2. Then click the "workshops" link in the navbar:

3. The url updates to https://hackclub.com/workshops/, but the page content doesn't change:

As part of setting up monolith for the first time, you must run git submodule init and git submodule update, but neither commands are currently documented in the README.

http://hackclub.com should redirect to https://hackclub.com

Right now letter boxes created by the set-poc command are automatically assigned to "API User":

This means I have to manually self-assign letters sent to club leaders created by the set-poc command. It would be great if it automatically assigned me to the letter (because I'm already the leader's assignee).

Right now our home page is sitting in an iframe. This sucks for numerous reasons (that I won't get into too much detail on here). I'm making this issue to track a new home page I'm making with React components. Still figuring out all the details to this, so I'll edit the description when I know more.