From 8a6ab2ed76d725e6e8d47e51572f009407ed5ca2 Mon Sep 17 00:00:00 2001 From: Bryan Newbold Date: Sat, 29 Dec 2018 00:09:36 -0800 Subject: notes and TODO (WIP) --- TODO | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'TODO') diff --git a/TODO b/TODO index 7692444b..9a69ab7d 100644 --- a/TODO +++ b/TODO @@ -1,10 +1,20 @@ ## In Progress +- authentication! + => unit tests + => refactor to use other macaroons lib + => env key passing + => RBAC infra + => wire up fatcatd (env, cli) + => check permissions everywhere + => toml or similar key-right +- webface auth + ## Next Up -- fileset/webcapture entities -- authentication +- cargo update (rust deps) +- pipenv update (python deps) - remove the concept of "active editgroup", and simplify autoaccept batch path - fix returned error messages; should return type (shortname), and then actual message/description -- cgit v1.2.3 From aba2465b7fa20f1415873563be63d18d9766ea1c Mon Sep 17 00:00:00 2001 From: Bryan Newbold Date: Fri, 4 Jan 2019 14:03:15 -0800 Subject: update top-level TODO --- TODO | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) (limited to 'TODO') diff --git a/TODO b/TODO index 9a69ab7d..c31ef99e 100644 --- a/TODO +++ b/TODO @@ -1,30 +1,26 @@ ## In Progress -- authentication! - => unit tests - => refactor to use other macaroons lib - => env key passing - => RBAC infra - => wire up fatcatd (env, cli) - => check permissions everywhere - => toml or similar key-right -- webface auth +- tool scripts auth + => from ENV, with optional prefixes by type +- review/refactor/audit auth setup (eg, created/epoch times) ## Next Up - cargo update (rust deps) -- pipenv update (python deps) +- pipenv update; and maybe pin some versions (python deps) - remove the concept of "active editgroup", and simplify autoaccept batch path +- refactor webface views to use shared entity_view.html template - fix returned error messages; should return type (shortname), and then actual message/description -- handle wip entities in web UI +- handle 'wip' status entities in web UI - elastic inserter should handle deletions and redirects; if state isn't active, delete the document => don't delete, just store state. but need to "blank" redirects and WIP so they don't show up in results => refactor inserter to be a class (eg, for command line use) => end-to-end test of this behavior? +- un-accepted editgroup access: by created/updated, accepted/not ## Ideas -- cgit v1.2.3 From 9aef7507e18567c96b373436a894242f65af7c70 Mon Sep 17 00:00:00 2001 From: Bryan Newbold Date: Tue, 8 Jan 2019 15:48:52 -0800 Subject: update TODO --- TODO | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'TODO') diff --git a/TODO b/TODO index c31ef99e..ccd44d21 100644 --- a/TODO +++ b/TODO @@ -1,13 +1,12 @@ ## In Progress -- tool scripts auth - => from ENV, with optional prefixes by type -- review/refactor/audit auth setup (eg, created/epoch times) - ## Next Up +- pg_tmp for rust tests - cargo update (rust deps) +- rust to 2018 version +- guide updates for auth - pipenv update; and maybe pin some versions (python deps) - remove the concept of "active editgroup", and simplify autoaccept batch path - refactor webface views to use shared entity_view.html template @@ -24,6 +23,9 @@ ## Ideas +- more logins: orcid, wikimedia +- `fatcat-auth` tool should support more caveats, both when generating new or + mutating existing tokens - fast path to skip recursive redirect checks for bulk inserts - when getting "wip" entities, require a parameter ("allow_wip"), else get a 404 @@ -41,6 +43,7 @@ ## Production blockers +- privacy policy, and link from: create account, create edit - refactors and correctness in rust/TODO - importers have editor accounts and include editgroup metadata - crossref importer sets release_type as "stub" when appropriate -- cgit v1.2.3