84 lines
4.6 KiB
Plaintext
84 lines
4.6 KiB
Plaintext
{"login": "manager","password": "l3tm3in"}
|
|
|
|
{"login": "OpsAdminLimited","password": "OpsAdminLimited"}
|
|
|
|
|
|
todo: enable response compression
|
|
https://www.infoworld.com/article/3256012/how-to-use-response-compression-in-aspnet-core.html
|
|
|
|
todo: tag refcount
|
|
Move this into a procedure, it's apparently quite slow now that I can see the metrics
|
|
|
|
|
|
todo: I might be using List<> too much when I should be using IEnumerable instead
|
|
read this: https://www.claudiobernasconi.ch/2013/07/22/when-to-use-ienumerable-icollection-ilist-and-list/
|
|
|
|
TODO: Why is this adding UTC bit to this query check the source code maybe something is up
|
|
Schema settings mean that pg will ignore any tz specification so in theory it's ignored, but...
|
|
|
|
SELECT a.gid, a.xmin, a.created, a.exclusive, a.jobinfo, a.jobstatus, a.jobtype, a.name, a.objectid, a.objecttype, a.startafter, a.subtype
|
|
FROM aopsjob AS a
|
|
WHERE ((a.startafter < NOW() AT TIME ZONE 'UTC') AND (a.exclusive = @__exclusiveOnly_0)) AND (a.jobstatus = 1)
|
|
ORDER BY a.created
|
|
2020-05-27 12:51:57.2585|INFO|Microsoft.EntityFrameworkCore.Database.Command|Executed DbCommand (10ms) [Parameters=[@__exclusiveOnly_0='False'], CommandType='Text', CommandTimeout='30']
|
|
SELECT a.gid, a.xmin, a.created, a.exclusive, a.jobinfo, a.jobstatus, a.jobtype, a.name, a.objectid, a.objecttype, a.startafter, a.subtype
|
|
FROM aopsjob AS a
|
|
WHERE ((a.startafter < NOW() AT TIME ZONE 'UTC') AND (a.exclusive = @__exclusiveOnly_0)) AND (a.jobstatus = 1)
|
|
ORDER BY a.created
|
|
|
|
todo: Check all routes with datetime parameters, are they being used in a query parameter?
|
|
if so, then they need to be converted to UTC to query properly:
|
|
.Where(z => z.t >= tsStart.ToUniversalTime()
|
|
|
|
todo: Are serial numbers working properly, I'm seeing gaps in widget but it could be because of unit testing
|
|
|
|
todo: leave running check it does overnight backup properly
|
|
|
|
todo: add backup turn off setting
|
|
environment variable
|
|
todo: add backup master time out setting
|
|
environment variable
|
|
|
|
TODO: BIG UPDATE ALL GUTS
|
|
|
|
|
|
|
|
todo: notification?
|
|
|
|
todo: OPS notification created for failed jobs
|
|
also maybe direct immediate email bypassing generator?
|
|
Add backup fail to this will stub out for now
|
|
|
|
todo: (BREAK THIS OUT INTO LATER/NOW/CASES) there are several outstanding AUTHENTICATION related cases in rockfish for RAVEN
|
|
e.g. https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/1924
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/1835
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/1998 <---this is an important case for consideration
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/3367 <--time limited accounts for support or temporary access?
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/2059 <--- time restricted accounts so user can only login during business hours (still to be considered)
|
|
2fa stuff, some logging and lockout stuff
|
|
Go through the auth related cases and notes in client side and implement or close
|
|
todo: 2fa? (if not in first release, is there something needed to support it in future dbwise?)
|
|
todo: Auth Backdoor reset password feature
|
|
how to code it here, pretty easy to do:
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/3250
|
|
todo: Look into 2fa
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/3395
|
|
todo: look into how to use an SSL certificate with the RAVEN server directly when not behind nginx
|
|
https://docs.microsoft.com/en-us/aspnet/core/fundamentals/servers/kestrel?view=aspnetcore-3.1
|
|
- this should be supported by default out of the box working with Let's encrypt ideally
|
|
- is it now considered ok to host .net core web api directly internet facing?
|
|
todo: onboarding and default manager account password
|
|
- Need to come up with a safety plan for this so people don't leave it at default
|
|
- Maybe the very first thing required of a user is to change the password before any tasks can be performed
|
|
- Server stays in safety lock until they set a password?
|
|
- Or maybe a random password is generated on seeding and somehow provided to user through console or something?
|
|
- Maybe an empty db if no other users can be set password only so no one has made a hidden backdoor user account before ops changes it?
|
|
- maybe tied to license if licensed so they bring some info they have from rockfish / their license purchase or something?
|
|
- don't want it to be onerous too much and have some very inexperienced users so...
|
|
- see what other programs do, like our forum software
|
|
todo: API docs, make separate page for datalists and remove from api-response-format.md doc but put a reference link to it there.
|
|
|
|
DEPLOY AND TEST
|
|
|
|
todo: Test backup on Linux
|
|
- going to need to run in vm I think maybe |