{"login": "manager","password": "l3tm3in"} todo: Search indexing performance improvement and exception avoidance (Search.cs 828) ON CONFLICT IDEA https://www.postgresql.org/docs/current/sql-insert.html#SQL-ON-CONFLICT Idea: do the insert manually with the clause "on conflict do nothing" if detect it hasn't inserted (conflict) trigger a fetch instead like what is being done now but won't have the exception to deal with!! var CtAdd.SearchDictionary.FromSqlRaw("insert into asearchdictionary (word) values('{0}') on conflict (word) do update set word=excluded.word returning id",KeyWord ).FirstOrDefaultAsync(); stored procedure? https://www.postgresqltutorial.com/plpgsql-loop-statements/ ------- -- PROCEDURE: public.pdoindex(text[], bigint, integer, boolean) -- DROP PROCEDURE public.pdoindex(text[], bigint, integer, boolean); CREATE OR REPLACE PROCEDURE public.aydosearchindex( wordlist text[], ayobjectid bigint, ayobjecttype integer) LANGUAGE 'plpgsql' AS $BODY$DECLARE s text; wordid bigint; BEGIN IF ayobjectid=0 THEN RAISE EXCEPTION 'Bad object id --> %', ayobjectid; END IF; IF ayobjecttype=0 THEN RAISE EXCEPTION 'Bad object type --> %', ayobjecttype; END IF; delete from asearchkey where objectid=ayobjectid and objecttype=ayobjecttype; FOREACH s IN ARRAY wordlist LOOP insert into asearchdictionary (word) values(s) on conflict (word) do update set word=excluded.word returning id into wordid; insert into asearchkey (wordid,objectid,objecttype) values(wordid,ayobjectid,ayobjecttype); END LOOP; END; $BODY$; ------ call aydosearchindex(ARRAY['sun','mon','tue','wed','thu','fri','sat'],3,3) ------- todo: Search confirm indexes are actually being used todo: OPS notification created for failed jobs also maybe direct immediate email bypassing generator? Add backup fail to this will stub out for now todo: (BREAK THIS OUT INTO LATER/NOW/CASES) there are several outstanding AUTHENTICATION related cases in rockfish for RAVEN e.g. https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/1924 https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/1835 https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/1998 <---this is an important case for consideration https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/3367 <--time limited accounts for support or temporary access? https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/2059 <--- time restricted accounts so user can only login during business hours (still to be considered) 2fa stuff, some logging and lockout stuff Go through the auth related cases and notes in client side and implement or close todo: 2fa? (if not in first release, is there something needed to support it in future dbwise?) todo: Auth Backdoor reset password feature how to code it here, pretty easy to do: https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/3250 todo: Look into 2fa https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/3395 todo: look into how to use an SSL certificate with the RAVEN server directly when not behind nginx - this should be supported by default out of the box working with Let's encrypt ideally - is it now considered ok to host .net core web api directly internet facing? todo: onboarding and default manager account password - Need to come up with a safety plan for this so people don't leave it at default - Maybe the very first thing required of a user is to change the password before any tasks can be performed - Server stays in safety lock until they set a password? - Or maybe a random password is generated on seeding and somehow provided to user through console or something? - Maybe an empty db if no other users can be set password only so no one has made a hidden backdoor user account before ops changes it? - maybe tied to license if licensed so they bring some info they have from rockfish / their license purchase or something? - don't want it to be onerous too much and have some very inexperienced users so... - see what other programs do, like our forum software todo: API docs, make separate page for datalists and remove from api-response-format.md doc but put a reference link to it there. DEPLOY AND TEST todo: Test backup on Linux - going to need to run in vm I think maybe