cms-server's People
cms-server's Issues
Create a logger class
- Used in ErrorResponsesManager
- Needs to add to the database.
Remove FOSUserBundle
- Going for custom. Too much limitations with FOSUserBundle (Plus Id instead of id :P)
- Using Site references in all other tables with -1 as the local site
Don't use "security" name for test suite, services etc (Removal)
Instead refer explicitly to the object/module
- security will be split into login/registration
User privileges system
- Users will be privileged to perform certain Actions (foreign key)
- When an action is requests, system will check if User has these privileges or is in an appropriate UserGroup that does
Move all entity classes into same folder and adopt CamelCase convention globally
Using CamelCase convention for all variables, tables etc.
- Every word most have a capital first character even if its only 1 word
- Move all Entity classes into same folder and adopt ApiUsers, ApiXXX convention
Introduce a generic bbcode inline editor
- http://www.sceditor.com/ seems promising
Breadcumb links in documentation
- Links to the parent documentation up until it reaches the root (documentation with no parent)
- Root link (home) does not have a parent documentation page
Integrate FOSOAuthServerBundle
https://github.com/FriendsOfSymfony/FOSOAuthServerBundle
- It will be more maintainable and secure for authenticating api requests
- Remove sessions table as would be redundant
Write basic user unit tests (login, registration etc)
Test the following actions:
- Unauthenticated user attempting to access restricted page (and for authenticated user)
- Login system with valid/invalid credentials
- Registration system with valid/invalid details
- Logout system
- Reset password system
Don't spend too much time on it Cover the main requirements of the system.
... For example, a test suite to see if the login system works with a long username and a valid password with the CSRF token manipulated is too specific!
Sort out logout route
Introduce validation for user fields
Symfony built in validation with annotations seems very flexible
Validation performed in service managers (eg UserManager add(array $Options) method)
Need to fix the github markdown on /docs/ pages
Integrate FOSCommentBundle
- https://github.com/FriendsOfSymfony/FOSCommentBundle/
- Seems to be very flexible
Obsolete issue
500 status code internal server error for login functional test
Remove all Api prefixes
- Want to merge them all together
Make nice error pages 404, 500 etc
github.com has a cool 404 page - https://github.com/404
Separate table for external users
Why? Because would be difficult to completely customize the FOSUserbundle.
We don't want username and email field to be unique across all sites. Just across individual sites.
Logging in, registration is done with a different protocol for site users and external users.
etc..
Get authentication system working
Traditional login form may be useful
Swagger annotations with NelmioApiBundle
Integrate alertify.js
- This will be used for all responses to ajax requests
- http://fabien-d.github.io/alertify.js/
Perform constrain validation in service managers
Make footer sticky to the bottom of the page
Add middleware events for validating admin area, private API requests etc
Separate the authenticators for local and api access
Implement a universal inline mysql table editor
http://phppot.com/php/php-mysql-inline-editing-using-jquery-ajax/ - Might be useful
Integrate SCEditor
- Use custom themes and bbcodes
- http://www.sceditor.com/
User management should be under admin/ and api user management under manage/users
Fix FOSUserBundle login and registration
Add csrf tokens to all forms / ajax requests
Remove underscore naming convention for database attributes and tables
It could prove annoying in the future considering the PHP is following a userId type convention and database is user_id
Check the roles are working with tokens for all pages
Exceptions should return a different page if called through AJAX
AJAX request should return a json error response
Web request will return the appropriate HTML error page
Start on SearchManager
This will include all the methods required to rank results based on a query
- XSS protection is important
Brute force checks on login
- Add methods to AuthenticationManager
- Add another entity for LoginAttempts that store the Id of the user and the timestamp of the login request
- If more than 3 login attempts made within 1 minutes, block the account for 10 minutes
Add controllers for api user management
Encoding Ids in urls
Use https://github.com/jenssegers/optimus to encode all ids from database
Move all controllers inside Api/ into Controller/ and remove libraries/Michelf
- All controllers should be in one place Api/ directory is confusing
- Using bbcode rather than markdown now
Can't access phpmyadmin
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.