From a51635f13aef4b5b7014d680865f04f4103d9d5f Mon Sep 17 00:00:00 2001 From: John Cardinal Date: Thu, 22 Sep 2022 22:04:03 +0000 Subject: [PATCH] --- .vscode/launch.json | 2 +- devdocs/research.txt | 5 +++- devdocs/todo.txt | 23 ++++--------------- docs/8.0/ayanova/docs/ay-biz-admin-roles.md | 4 ++-- docs/8.0/ayanova/docs/ay-evaluate.md | 4 ++++ docs/8.0/ayanova/docs/ay-history.md | 10 +++++++- docs/8.0/ayanova/docs/ay-start-login.md | 4 ++++ docs/8.0/ayanova/docs/home-password.md | 4 ++-- docs/8.0/ayanova/docs/ops-server-state.md | 10 ++++---- docs/8.0/ayanova/mkdocs.yml | 2 +- .../GlobalBizSettingsController.cs | 11 ++++++++- .../AyaNova/Controllers/NotifyController.cs | 12 +++++++--- 12 files changed, 56 insertions(+), 35 deletions(-) diff --git a/.vscode/launch.json b/.vscode/launch.json index 2668545b..63ffff31 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -121,7 +121,7 @@ "AYANOVA_USE_URLS": "http://*:7575;", //"AYANOVA_PERMANENTLY_ERASE_DATABASE":"true", //"AYANOVA_REMOVE_LICENSE_FROM_DB":"true", - //"AYANOVA_SERVER_TEST_MODE": "true", + "AYANOVA_SERVER_TEST_MODE": "true", "AYANOVA_SERVER_TEST_MODE_TZ_OFFSET": "-8", "AYANOVA_SERVER_TEST_MODE_SEEDLEVEL": "small", "AYANOVA_BACKUP_PG_DUMP_PATH": "C:\\data\\code\\postgres_14\\bin" diff --git a/devdocs/research.txt b/devdocs/research.txt index a789aa97..448ce202 100644 --- a/devdocs/research.txt +++ b/devdocs/research.txt @@ -294,4 +294,7 @@ vbeta 8.0-b0.7 2021-12-28 Testing windev beta 0.8 after fixing double render due to style issue 1000 debug run 4m 41s 1556 pages - 1000 release run 3m 26s 1556 pages \ No newline at end of file + 1000 release run 3m 26s 1556 pages + + + ################################################################ \ No newline at end of file diff --git a/devdocs/todo.txt b/devdocs/todo.txt index 9d6a85e3..ec2ecb35 100644 --- a/devdocs/todo.txt +++ b/devdocs/todo.txt @@ -1,26 +1,9 @@ # now -todo: profiler not working on hosted ayanova at d.o. - check the error log for nginx, could be filtering out the request CLIENT CHANGES TO DO NOW -OPS - subscriptions don't need almost all of ops nor should they have it, is any info leaking that shouldn't go through it remove with a machete (tied to build type) -DOCS - ops section of docs not relevant to subscribers, add "PERPETUAL BUILD ONLY" maybe at top or something? -METRIC WE DO NEED - just a simple value showing storage space available for subscribers maybe usage over time? - but surface outside of OPS tree in menu, in admin? backup? - -todo: should alert users if low on disk space in dedicated subscription volume - in central location maybe server information or license page or whatever - -todo: document subscription server maximum attachment is 25mb unless they ask us to change it, actually for a subscriptin we might want to decrease that -maybe more like 5mb or something?? Need to look into it -But overall that would be a good thing to be able to show in the User interface if possible...hmmm..how to do that is tricky -can it read the nginx config file? Not likely. Maybe the config file can return a value - - - +License agreement page for subscription vs perpetual todo: v8-migrate MUST open up server again and not leave locked , morrow had thought migration was done then couldn't login said it was erasing database @@ -1378,4 +1361,6 @@ Removed optins of seedlevel from eval page at client, now defaults to small only Fixed issue with some metrics timeline charts Changed 12 hour metrics to 24 hour metrics removed profiler from client and docs, kept at server just in case -changed metrics default timeframe from last 6 hours to last 7 days as it makes the daily stats graphs look broken if people don't understand how they work \ No newline at end of file +changed metrics default timeframe from last 6 hours to last 7 days as it makes the daily stats graphs look broken if people don't understand how they work +Added ay-history doc blurb about ghostery blocking event log history +docs clarified superuser is not a normal account and specific information about the superuser \ No newline at end of file diff --git a/docs/8.0/ayanova/docs/ay-biz-admin-roles.md b/docs/8.0/ayanova/docs/ay-biz-admin-roles.md index 7304a591..44e465ec 100644 --- a/docs/8.0/ayanova/docs/ay-biz-admin-roles.md +++ b/docs/8.0/ayanova/docs/ay-biz-admin-roles.md @@ -24,11 +24,11 @@ All roles have access to their own `Home` navigation menu options in AyaNova. ### AyaNova SuperUser account -The AyaNova super user account has all roles (except Customer roles) by default and it's roles can not be modified. +The AyaNova super user account roles can not be modified. ### Accounting -This role is intended for a person responsible for typical Accounting processes in AyaNova such as setting rates, tax codes and contracts as well as integrating AyaNova with external accounting software such as [QuickBooks](https://ayanova.com/r/qbi/docs/). +This role is intended for a person responsible for typical Accounting processes in AyaNova such as setting rates, tax codes and contracts as well as integrating AyaNova with external accounting software such as [QuickBooks](https://ayanova.com/r/qbi/docs/). There is no restricted version of this role. diff --git a/docs/8.0/ayanova/docs/ay-evaluate.md b/docs/8.0/ayanova/docs/ay-evaluate.md index 94b5135b..5e2370e9 100644 --- a/docs/8.0/ayanova/docs/ay-evaluate.md +++ b/docs/8.0/ayanova/docs/ay-evaluate.md @@ -10,6 +10,10 @@ The second step is to request a [trial license](#requesting-a-trial-license). ## Default SuperUser login +The built-in SuperUser User account in AyaNova is not a normal type of User and does not consume a license; it is used for specific special operations in AyaNova that could lead to loss of data or affect the operations of the server over all. + +The SuperUser account does not have access to business data such as Customers for example and can not be used for normal day to day operations in AyaNova. + The default login for the AyaNova SuperUser account is user name: `superuser` password: `l3tm3in`. Before AyaNova is licensed and used in production you **MUST** change this or anyone could login with this default. diff --git a/docs/8.0/ayanova/docs/ay-history.md b/docs/8.0/ayanova/docs/ay-history.md index a0317eb2..e6b80985 100644 --- a/docs/8.0/ayanova/docs/ay-history.md +++ b/docs/8.0/ayanova/docs/ay-history.md @@ -53,7 +53,7 @@ Below the date and time is an icon and name representing the _type_ of object th Finally at the bottom are the `History`, `Activity` and `Open` buttons. -The `History` button will open this same history form but it will display history for that particular object only. This is the same view you can access from a business object's edit form [history menu option](ay-start-edit-forms.md#history). +The `History` button will open this same history form but it will display history for that particular object only. This is the same view you can access from a business object's edit form [history menu option](ay-start-edit-forms.md#history). For example if you click on `History` for a Customer you will see that customer's event log showing all events that affected that customer record. @@ -64,3 +64,11 @@ The `Open` button will be shown if you have rights to open that object and click #### More button By default 200 event log history items are displayed at a time. Clicking on the "More" button will retrieve the next 200. + +## Server not responding or similar error + +Some browser security extensions such as `Ghostery` may be triggered with a false positive when viewing history and attempting to fetch the event log data. + +This issue will present in the AyaNova user interface as a "Server not responding" or similar error as the request to get the history data from the server is blocked by the browser extension. + +There are no "trackers" built into AyaNova anywhere and if you run into this issue you should add AyaNova web application as a trusted site in the browser extension to fix this issue. diff --git a/docs/8.0/ayanova/docs/ay-start-login.md b/docs/8.0/ayanova/docs/ay-start-login.md index 07f93d11..4af33afd 100644 --- a/docs/8.0/ayanova/docs/ay-start-login.md +++ b/docs/8.0/ayanova/docs/ay-start-login.md @@ -38,6 +38,10 @@ Before AyaNova is licensed and used in production you **MUST** change this or an AyaNova will prompt you to change it if it discovers a login using the default superuser password with a non evaluation license. +The built-in SuperUser User account in AyaNova is not a normal type of User and does not consume a license; it is used for specific special operations in AyaNova that could lead to loss of data or affect the operations of the server over all. + +The SuperUser account does not have access to business data such as Customers for example and can not be used for normal day to day operations in AyaNova. + ## Login token When you log in, the AyaNova server issues a time limited authentication token used to grant access. diff --git a/docs/8.0/ayanova/docs/home-password.md b/docs/8.0/ayanova/docs/home-password.md index 2c0b507a..bebf050a 100644 --- a/docs/8.0/ayanova/docs/home-password.md +++ b/docs/8.0/ayanova/docs/home-password.md @@ -42,13 +42,13 @@ Make sure you have nothing personal in your password such as a relative or pet's Do _not_ write down your password anywhere unless it's to be immediately placed in a locked fire-proof safe. -In the current climate of hacking and malware we recommend you do _not_ enter your password on any device for safekeeping, in particular do not email it or save it in a document either online or locally unless it's a dedicated password manager utility. Password managers have built in protection from malware interception when using their interface which does not exist in a Word document or an email. +In the current climate of hacking and malware we recommend you do _not_ enter your password on any device for safekeeping, in particular do not email it or save it in a document either online or locally unless it's a dedicated password manager utility. Password managers have built in protection from malware interception when using their interface which does not exist in a Word document or an email. #### Backed up by Two factor authentication AyaNova has [built in support](home-tfa.md) for the current most secure form of Two factor authentication and we encourage you to use it for all users. -In particular any User account that has the Business administration role (such as the built in superuser account) should be backed up with with two factor authentication codes as these roles are extremely powerful and can be used to easily circumvent security by assigning roles to other Users or creating entirely new Users. +In particular any User account that has the Business administration role (such as the built in SuperUser account) should be backed up with with two factor authentication codes as these roles are extremely powerful and can be used to easily circumvent security by assigning roles to other Users or creating entirely new Users. ### Password manager diff --git a/docs/8.0/ayanova/docs/ops-server-state.md b/docs/8.0/ayanova/docs/ops-server-state.md index e833a945..dcf48f47 100644 --- a/docs/8.0/ayanova/docs/ops-server-state.md +++ b/docs/8.0/ayanova/docs/ops-server-state.md @@ -4,21 +4,21 @@ The Server state [form](ay-start-form-overview.md) is used to control the availa ## Authorization Roles required -Many roles can *select* this object on other records where approriate. Editing or viewing this object in detail is only available to Users with the following [roles](ay-biz-admin-roles.md): +Many roles can _select_ this object on other records where approriate. Editing or viewing this object in detail is only available to Users with the following [roles](ay-biz-admin-roles.md): Full access -- System operations +- System operations Read only access -- all users will be shown the server state and "reason" text if they attempt to use AyaNova when it's in a closed state +- all users will be shown the server state and "reason" text if they attempt to use AyaNova when it's in a closed state ## How to access server state Server state form is accessed in the following ways: -- From the `Server operations` [navigation drawer](ay-start-form-overview.md#navigation-drawer) `Server state` item to open this form +- From the `Server operations` [navigation drawer](ay-start-form-overview.md#navigation-drawer) `Server state` item to open this form ## How Server state works @@ -69,6 +69,8 @@ Select the desired state optionally enter a "Reason" message and click the Save ## Shutting down the AyaNova server +(Note: this option is not available if AyaNova is hosted as a subscription service) + This form has a menu option `Shut down server` to gracefully stop and shut down the AyaNova server software. This is the preferred way to stop an AyaNova server as pending jobs and notifications will be processed before closing down in a controlled manner. The alternative is to press ctrl-c at the server console however that type of shutdown is immediate and uncontrolled and not recommended in production use. diff --git a/docs/8.0/ayanova/mkdocs.yml b/docs/8.0/ayanova/mkdocs.yml index 8be89e0a..23b4e572 100644 --- a/docs/8.0/ayanova/mkdocs.yml +++ b/docs/8.0/ayanova/mkdocs.yml @@ -7,7 +7,7 @@ theme: site_name: AyaNova manual site_dir: '../../../server/AyaNova/wwwroot/docs' strict: true -copyright: Copyright © 2022 Ground Zero Tech-Works Inc. REV-2022-09-21 +copyright: Copyright © 2022 Ground Zero Tech-Works Inc. REV-2022-09-22 extra: generator: false # Extensions diff --git a/server/AyaNova/Controllers/GlobalBizSettingsController.cs b/server/AyaNova/Controllers/GlobalBizSettingsController.cs index 65ad930c..ea251448 100644 --- a/server/AyaNova/Controllers/GlobalBizSettingsController.cs +++ b/server/AyaNova/Controllers/GlobalBizSettingsController.cs @@ -109,6 +109,14 @@ namespace AyaNova.Api.Controllers return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); } + bool IsSubscriptionBuild = false; + +#if (SUBSCRIPTION_BUILD) + IsSubscriptionBuild=true; +#else + IsSubscriptionBuild = false;//yes redundant, but defensive all the same +#endif + var ret = new { //Actual global settings: @@ -129,7 +137,8 @@ namespace AyaNova.Api.Controllers LicenseStatus = AyaNova.Core.License.ActiveKey.Status, MaintenanceExpired = AyaNova.Core.License.ActiveKey.MaintenanceExpired, ServerDbId = AyaNova.Core.License.ServerDbId, - Company = AyaNova.Core.License.ActiveKey.RegisteredTo + Company = AyaNova.Core.License.ActiveKey.RegisteredTo, + SBuild = IsSubscriptionBuild // , // TestTSDaysWMS=new TimeSpan(22,10,15,22,33), diff --git a/server/AyaNova/Controllers/NotifyController.cs b/server/AyaNova/Controllers/NotifyController.cs index e04dc789..975c6da9 100644 --- a/server/AyaNova/Controllers/NotifyController.cs +++ b/server/AyaNova/Controllers/NotifyController.cs @@ -53,12 +53,18 @@ namespace AyaNova.Api.Controllers bool suIsDefault = await UserBiz.SuperIsDefaultCredsAsync(ct); //confirm if there are logo's to show as well var logo = await ct.Logo.AsNoTracking().SingleOrDefaultAsync(); - if (logo == null) + + bool HasLargeLogo = false; + bool HasMediumLogo = false; + bool HasSmallLogo = false; + if (logo != null) { - return Ok(ApiOkResponse.Response(new { eval = showSampleLogins, sudf = suIsDefault, ll = false, ml = false, sl = false, lcr = AyaNova.Core.License.LicenseConsentRequired })); + if (logo.Small != null) HasSmallLogo = true; + if (logo.Medium != null) HasMediumLogo = true; + if (logo.Large != null) HasLargeLogo = true; } return Ok(ApiOkResponse.Response( - new { eval = showSampleLogins, sudf = suIsDefault, ll = logo.Large != null ? true : false, ml = logo.Medium != null ? true : false, sl = logo.Small != null ? true : false, lcr = AyaNova.Core.License.LicenseConsentRequired })); + new { eval = showSampleLogins, sudf = suIsDefault, ll = HasLargeLogo, ml = HasMediumLogo, sl = HasSmallLogo, lcr = AyaNova.Core.License.LicenseConsentRequired })); }