From aba2465b7fa20f1415873563be63d18d9766ea1c Mon Sep 17 00:00:00 2001
From: Bryan Newbold <bnewbold@robocracy.org>
Date: Fri, 4 Jan 2019 14:03:15 -0800
Subject: update top-level TODO

---
 TODO | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)

(limited to 'TODO')

diff --git a/TODO b/TODO
index 9a69ab7d..c31ef99e 100644
--- a/TODO
+++ b/TODO
@@ -1,30 +1,26 @@
 
 ## In Progress
 
-- authentication!
-    => unit tests
-    => refactor to use other macaroons lib
-    => env key passing
-    => RBAC infra
-    => wire up fatcatd (env, cli)
-    => check permissions everywhere
-    => toml or similar key-right
-- webface auth
+- tool scripts auth
+    => from ENV, with optional prefixes by type
+- review/refactor/audit auth setup (eg, created/epoch times)
 
 ## Next Up
 
 - cargo update (rust deps)
-- pipenv update (python deps)
+- pipenv update; and maybe pin some versions (python deps)
 - remove the concept of "active editgroup", and simplify autoaccept batch path
+- refactor webface views to use shared entity_view.html template
 - fix returned error messages; should return type (shortname), and then actual
   message/description
-- handle wip entities in web UI
+- handle 'wip' status entities in web UI
 - elastic inserter should handle deletions and redirects; if state isn't
   active, delete the document
     => don't delete, just store state. but need to "blank" redirects and WIP so
        they don't show up in results
     => refactor inserter to be a class (eg, for command line use)
     => end-to-end test of this behavior?
+- un-accepted editgroup access: by created/updated, accepted/not
 
 ## Ideas
 
-- 
cgit v1.2.3