63 lines
3.5 KiB
Plaintext
63 lines
3.5 KiB
Plaintext
|
|
|
|
{
|
|
"login": "manager",
|
|
"password": "l3tm3in"
|
|
}
|
|
|
|
|
|
working on: BACKUP finish routes.
|
|
Add integration tests as much as possible
|
|
maybe need whole other category of integration tests for ops that can be run seprately?
|
|
Then test with actual attachments to ensure it's working for that part as well
|
|
Upload backup file so can restore?
|
|
only works if we have automated restore which is doubtful at any point
|
|
|
|
todo: OPS routes (SERVER AND CLIENT)
|
|
- Backup, restore https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/3369
|
|
- These need to be done fairly early on in order to have shit to play with for testing etc
|
|
|
|
todo: Test backup on Linux
|
|
- going to need to run in vm I think maybe
|
|
|
|
todo: Search indexing performance improvement and exception avoidance (Search.cs 828)
|
|
ON CONFLICT IDEA
|
|
https://www.postgresql.org/docs/current/sql-insert.html#SQL-ON-CONFLICT
|
|
Idea: do the insert manually with the clause "on conflict do nothing"
|
|
if detect it hasn't inserted (conflict) trigger a fetch instead
|
|
like what is being done now but won't have the exception to deal with!!
|
|
|
|
todo: OPS notification created for failed jobs
|
|
also maybe direct immediate email bypassing generator?
|
|
Add backup fail to this will stub out for now
|
|
|
|
|
|
todo: (BREAK THIS OUT INTO LATER/NOW/CASES) there are several outstanding AUTHENTICATION related cases in rockfish for RAVEN
|
|
e.g. https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/1924
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/1835
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/1998 <---this is an important case for consideration
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/3367 <--time limited accounts for support or temporary access?
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/2059 <--- time restricted accounts so user can only login during business hours (still to be considered)
|
|
2fa stuff, some logging and lockout stuff
|
|
Go through the auth related cases and notes in client side and implement or close
|
|
todo: 2fa? (if not in first release, is there something needed to support it in future dbwise?)
|
|
todo: Auth Backdoor reset password feature
|
|
how to code it here, pretty easy to do:
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/3250
|
|
todo: Look into 2fa
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/3395
|
|
todo: look into how to use an SSL certificate with the RAVEN server directly when not behind nginx
|
|
- this should be supported by default out of the box working with Let's encrypt ideally
|
|
- is it now considered ok to host .net core web api directly internet facing?
|
|
todo: onboarding and default manager account password
|
|
- Need to come up with a safety plan for this so people don't leave it at default
|
|
- Maybe the very first thing required of a user is to change the password before any tasks can be performed
|
|
- Server stays in safety lock until they set a password?
|
|
- Or maybe a random password is generated on seeding and somehow provided to user through console or something?
|
|
- Maybe an empty db if no other users can be set password only so no one has made a hidden backdoor user account before ops changes it?
|
|
- maybe tied to license if licensed so they bring some info they have from rockfish / their license purchase or something?
|
|
- don't want it to be onerous too much and have some very inexperienced users so...
|
|
- see what other programs do, like our forum software
|
|
todo: API docs, make separate page for datalists and remove from api-response-format.md doc but put a reference link to it there.
|
|
|