99 lines
4.3 KiB
Plaintext
99 lines
4.3 KiB
Plaintext
{"login": "manager","password": "l3tm3in"}
|
|
|
|
|
|
todo: Search indexing performance improvement and exception avoidance (Search.cs 828)
|
|
ON CONFLICT IDEA
|
|
https://www.postgresql.org/docs/current/sql-insert.html#SQL-ON-CONFLICT
|
|
Idea: do the insert manually with the clause "on conflict do nothing"
|
|
if detect it hasn't inserted (conflict) trigger a fetch instead
|
|
like what is being done now but won't have the exception to deal with!!
|
|
var CtAdd.SearchDictionary.FromSqlRaw("insert into asearchdictionary (word) values('{0}') on conflict (word) do update set word=excluded.word returning id",KeyWord ).FirstOrDefaultAsync();
|
|
|
|
stored procedure?
|
|
https://www.postgresqltutorial.com/plpgsql-loop-statements/
|
|
-------
|
|
-- PROCEDURE: public.pdoindex(text[], bigint, integer, boolean)
|
|
|
|
-- DROP PROCEDURE public.pdoindex(text[], bigint, integer, boolean);
|
|
|
|
CREATE OR REPLACE PROCEDURE public.pdoindex(
|
|
words text[],
|
|
objectid bigint,
|
|
objecttype integer,
|
|
isupdate boolean DEFAULT false)
|
|
LANGUAGE 'plpgsql'
|
|
|
|
AS $BODY$DECLARE
|
|
s text;
|
|
wordid bigint;
|
|
BEGIN
|
|
IF objectid=0 THEN
|
|
RAISE EXCEPTION 'Bad object id --> %', objectid;
|
|
END IF;
|
|
|
|
IF objecttype=0 THEN
|
|
RAISE EXCEPTION 'Bad object type --> %', objecttype;
|
|
END IF;
|
|
|
|
|
|
|
|
-- insert into asearchdictionary (word) values('{0}') on conflict (word) do update set word=excluded.word returning *
|
|
-- iterate text in loop
|
|
FOREACH s IN ARRAY words
|
|
LOOP
|
|
insert into asearchdictionary (word) values(s) on conflict (word) do update set word=excluded.word returning id into wordid;
|
|
insert into asearchkey (wordid,objectid,objecttype) values(wordid,objectid,objecttype);
|
|
--RAISE info 'word is %', s;
|
|
--RAISE info 'word id is %', wordid;
|
|
END LOOP;
|
|
END;
|
|
$BODY$;
|
|
|
|
|
|
-------
|
|
|
|
ALTER FUNCTION public.doindex(text[], bigint, integer, boolean)
|
|
OWNER TO postgres;
|
|
|
|
|
|
todo: Search confirm indexes are actually being used
|
|
|
|
|
|
|
|
todo: OPS notification created for failed jobs
|
|
also maybe direct immediate email bypassing generator?
|
|
Add backup fail to this will stub out for now
|
|
|
|
|
|
todo: (BREAK THIS OUT INTO LATER/NOW/CASES) there are several outstanding AUTHENTICATION related cases in rockfish for RAVEN
|
|
e.g. https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/1924
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/1835
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/1998 <---this is an important case for consideration
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/3367 <--time limited accounts for support or temporary access?
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/2059 <--- time restricted accounts so user can only login during business hours (still to be considered)
|
|
2fa stuff, some logging and lockout stuff
|
|
Go through the auth related cases and notes in client side and implement or close
|
|
todo: 2fa? (if not in first release, is there something needed to support it in future dbwise?)
|
|
todo: Auth Backdoor reset password feature
|
|
how to code it here, pretty easy to do:
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/3250
|
|
todo: Look into 2fa
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/3395
|
|
todo: look into how to use an SSL certificate with the RAVEN server directly when not behind nginx
|
|
- this should be supported by default out of the box working with Let's encrypt ideally
|
|
- is it now considered ok to host .net core web api directly internet facing?
|
|
todo: onboarding and default manager account password
|
|
- Need to come up with a safety plan for this so people don't leave it at default
|
|
- Maybe the very first thing required of a user is to change the password before any tasks can be performed
|
|
- Server stays in safety lock until they set a password?
|
|
- Or maybe a random password is generated on seeding and somehow provided to user through console or something?
|
|
- Maybe an empty db if no other users can be set password only so no one has made a hidden backdoor user account before ops changes it?
|
|
- maybe tied to license if licensed so they bring some info they have from rockfish / their license purchase or something?
|
|
- don't want it to be onerous too much and have some very inexperienced users so...
|
|
- see what other programs do, like our forum software
|
|
todo: API docs, make separate page for datalists and remove from api-response-format.md doc but put a reference link to it there.
|
|
|
|
DEPLOY AND TEST
|
|
|
|
todo: Test backup on Linux
|
|
- going to need to run in vm I think maybe |