Human-readable character strings that live in the server-side code aren't translated,
this issue should be resolved with #11

Hi,
The "download" button does not open the page in a new tab.
It would be very useful allow the click-wheel or ctrl + click on this "download" button!
Cheers,

We need to be able to search through the directory via key

After the massive action "link a task" for more than one check in the checklist, the alert (Mail) for the first check of the liste is sent. other alerts (mail) for the next checks will not be sent.

They made it, the web crawlers came to our platform.
It's time to think about SEO one day because :

(courtesy of @dethegeek)

Hi,

The display plugin page has some issues when displayed as logged in user. Here is for example the output in firefox:

Display is not the same using chromium; but it is also broken. I did not test on other browsers.

Search bar is not enough visible:

• Too small
• Same color as baskground

"trending", "new", "popular", and "updated" should be reserved names, and should be rejected when provided as plugin key in the XML file of any plugin.

This is because, the fact of having those reserved names could lead to some conflicts, like :

/api/plugin/room => card of a single plugin
/api/plugin/trending => list of all trending plugins
/api/plugin/new => list of all recently added plugins
/api/plugin/popular => list of all popular plugins
/api/plugin/updated => list of all recently updated plugins

but what if we have new as a plugin key,
the url for the plugin at the API level would be : /api/plugin/new
which is in conflict with the endpoint that lists all the recently added plugins.

In fact, this conflicts is not that much of a problem for the Slim Framework's Router,
because the "list of new plugins" endpoint is registered on the router before the
"single plugin" endpoint, so this, won't break the homepage;
but the plugin will still be unavailable for direct query of it's card.

The system based on window.open and window.postMessage is not working in Internet Explorer 10.
I'm currently thinking to how we are going to make it easy and possible for all browsers.
Things went temporarily fixed, IE users can register/signin/signout with straight GLPi Plugins accounts,
but cannot register/signin with a Github account fromr IE.

you shouldn't show new plugins (aka date_added = date_updated) in top10 updated

Search criterias are sended when typing new chars...

• But a click on the send icon does nothing
• Pressing enter key does nothing

It is a problem when we are on another page and want to resend search (and if ajax doesn't work well, if it's too slow, etc.).

Note: there is currently not any "firewall" for the requested OAuth2 scopes.
I'm going to try things like getting a user scope without any password grant which is likely going to work, but without any user ID, which is likely going to "make the request crash". This is one of the last important issue before you all can register on GLPi Plugins.
Be sure we're keeping security in mind before the release.

when doing ->first() with eloquent, the LIMIT 1 clause is sent to SQL server,
which means that it is going to apply to the inner join that is established.

In fact, this means that the specialized scope withCurrentVersion()
is not responsible by itself to fullfill its role, but the usage
that is made of it, in the controller (called endpoints in this project,
because @newls plays the artist)

it is not very important issue, but is good to remember,
in fact, ->first() is used in every endpoint that is about
to return a single entry from a collection.

this issue popped while trying to properly resolve #17 ,
I think the end of that workday is going to be spent on master.

when being a known author (i.e: registered on plugins.glpi and being a known author after an authorship claim)

Can't submit new plugin:
Errors in Chrome are:

thank you,
Tomolimo

Using SeaMonkey v2.40 I get a blank page on http://plugins.glpi-project.org, here is the JS error I get in the JS console (on scripts/vendor.3a764c92.js, line 4, col. 2289):

Error: [$injector:modulerr] Failed to instantiate module frontendApp due to:
The operation is insecure.
@http://plugins.glpi-project.org/scripts/scripts.7e0c9bb7.js:1:653
c/this.determinePreferredLanguage@http://plugins.glpi-project.org/scripts/vendor.3a764c92.js:26:23597
@http://plugins.glpi-project.org/scripts/scripts.7e0c9bb7.js:1:613
e@http://plugins.glpi-project.org/scripts/vendor.3a764c92.js:4:21621
d@http://plugins.glpi-project.org/scripts/vendor.3a764c92.js:4:20633
bb/n/<@http://plugins.glpi-project.org/scripts/vendor.3a764c92.js:4:20765
f@http://plugins.glpi-project.org/scripts/vendor.3a764c92.js:4:2735
n@http://plugins.glpi-project.org/scripts/vendor.3a764c92.js:4:20542
bb@http://plugins.glpi-project.org/scripts/vendor.3a764c92.js:4:22232
ga/h@http://plugins.glpi-project.org/scripts/vendor.3a764c92.js:4:9465
ga@http://plugins.glpi-project.org/scripts/vendor.3a764c92.js:4:9775
fa@http://plugins.glpi-project.org/scripts/vendor.3a764c92.js:4:9023
@http://plugins.glpi-project.org/scripts/vendor.3a764c92.js:9:598
na.Callbacks/j@http://plugins.glpi-project.org/scripts/vendor.3a764c92.js:2:9301
na.Callbacks/k.fireWith@http://plugins.glpi-project.org/scripts/vendor.3a764c92.js:2:10075
.ready@http://plugins.glpi-project.org/scripts/vendor.3a764c92.js:2:11891
h@http://plugins.glpi-project.org/scripts/vendor.3a764c92.js:1:1130

http://errors.angularjs.org/1.4.10/$injector/modulerr?p0=frontendApp&p1=The%20operation%20is%20insecure.%0A%40http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fscripts.7e0c9bb7.js%3A1%3A653%0Ac%2Fthis.determinePreferredLanguage%40http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.3a764c92.js%3A26%3A23597%0A%40http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fscripts.7e0c9bb7.js%3A1%3A613%0Ae%40http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.3a764c92.js%3A4%3A21621%0Ad%40http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.3a764c92.js%3A4%3A20633%0Abb%2Fn%2F%3C%40http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.3a764c92.js%3A4%3A20765%0Af%40http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.3a764c92.js%3A4%3A2735%0An%40http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.3a764c92.js%3A4%3A20542%0Abb%40http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.3a764c92.js%3A4%3A22232%0Aga%2Fh%40http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.3a764c92.js%3A4%3A9465%0Aga%40http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.3a764c92.js%3A4%3A9775%0Afa%40http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.3a764c92.js%3A4%3A9023%0A%40http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.3a764c92.js%3A9%3A598%0Ana.Callbacks%2Fj%40http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.3a764c92.js%3A2%3A9301%0Ana.Callbacks%2Fk.fireWith%40http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.3a764c92.js%3A2%3A10075%0A.ready%40http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.3a764c92.js%3A2%3A11891%0Ah%40http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.3a764c92.js%3A1%3A1130%0A

NB: Others AngularJS application works fine on this browser.

Slowly migrating to the future,
Authors will now be GLPi Plugins users, here is information I wrote for this refactoring :
Mind that at the same time, the project is moving to Laravel, see #39

First part, transformation of the data model,

Modification of the web app according to that

Having only 'contributors' ; no more 'authors'
meaning that the 'author' table is going to dissappear.

List of angular controllers involving data from author table (You know what i mean)

authors.js
author.js
author_plugins.js

List of PHP controllers involving data from/related to author table

Author

• /claimauthorship ($claim_authorship)
  User
• /user/plugins ($user_plugins)
• /user ($profile_view)

Procedure

• grab the production database for reference
• for each author, create a user, that's the actual model (could be renamed to 'contributor' not sure it's very usefull though)
  • that user musn't be able to log in
    • the simple unix way to ensure that, do nothing,
      if there's no hash in the password field,
      no login will be possible, if there's no username,
      no login will be possible.
• now, switch the author page to 'user public page'
• switch the 'authors' page to 'contributors'
• switch the 'author plugins' page to 'user contributed plugins page'

In terms of relation, it means

• that the plugin_contributor table is going to be created
• that the plugin_author table is going to be deleted

Suggestions

I suggest that the replacement strategy take place
in that order :

• adding the new table, endpoint, behaviour
• work on the frontend to ensure everything turn fine
• delete the old table, endpoint, behaviour

Second part, transformation of the "claim an authorship"

feature to allow community migration on the new system

Once a registered user claims his authorship on known plugins.

We receive a request on the GLPi mailbox, saying that user X
claims being user Y.

If we accept the request, we are going to copy the realname
of the known author in the realname field of the asking author,
we are going to replace the user_id of the known author by the
one of the requesting author, for every plugin_contributor entry.
We can finally delete the user table entry corresponding to the
known original author.

I think it's a good idea to add on the front of the web site, the list of plugins avalaibles for last version of GLPI

example :
http://.../#/version/0.90/plugins

In XML file we have languages generated by the plugin.
But in catalogue, we don't see which languages the plugin maintains.
I think an user must knows if the plugin is compatible or not with his language

We should check if we could add a fallback for this version of IE.

Angular material doesn't provide this support.
With matchmedia-ng, no more javascript errors triggered, but layout is totally broken.

We will need to work on css to provide flex alternative.

todo when site will be public

see submit exemple to displays it in a good place

ATM the error handling mechanism is not well defined, in terms of Exceptions.
It would be nice to make use of exception classes to define every possible error,
that are likely to happen during request

This is important for the upcoming merge of the development branch in the master one as OAuth requires HTTPS at the RFC level

Hi,

It would be great to introduce, at least, a link to plugins documentations on a plugin's page.

Hello,
The following Javascript error message occurs when running this web site with IE10:

SCRIPT5007: Unable to get property 'split' of undefined or null reference
scripts.2d21fa5b.js, line 1 character 286

If we continue running we get this:

regards,
Tomolimo

Hello,
I tried the Claim an authorship feature, but nothing happened: I got an 'We ackownledged your request', but nothing happened after that!
Should I wait for an administrator action, or will it be automatic?
thank you,
regards,
Tomolimo

PS: "ackownledged" should be "acknowledge", with a 'n' after the 'k' and no 'd'.

This is happening right now.
As we plan to do continuous integration on the Plugin catalogue of GLPi (glpi-plugin-directory running at plugins.glpi-project.org), the codebase is moving to Laravel right now.
I'm writing this issue as a memo for myself, it will be updated.

For all those points, I'm looking for Laravel best-practices, but writing it down here first

• moving the configuration files to laravel's .env usage or use any practice encouraged by laravel in order to have custom configuration values for the app runtime
• [practice included] using Laravel Schemas instead of the previous structure.sql which eventually starts to be difficult to maintain. Write those Schemas definition in Laravel migrations.
• properly "include" the angular.js application in the new laravel project's directory structure, will need a beautiful solution for that, meaning that I don't see why PHP should be used to serve the index.html, looking for apache mod_rewrite usage/anything good for the purpose of keeping both angular and laravel codebases technically separated at the app runtime stack level
• eventually move some Apache configuration parameters for the virtualhost in the .htaccess file if possible [for deployment easiness] (planned for a future version, will simply edit the recommended virtualhost)

Using the URL https://plugins.glpi-project.org/ leads browsers to HTTP 502 error: Bad gateway...
I clicked on the link in front of the https://github.com/glpi-project/plugins and I got this error...
regards,
Tomolimo

Hello,
Here are the errors in the IE debug console:

HTML1300: Navigation occurred.
http://plugins.glpi-project.org/
SCRIPT1046: Multiple definitions of a property not allowed in strict mode
scripts.8dbffda7.js, line 1 character 4242
SCRIPT5022: [$injector:modulerr] Failed to instantiate module frontendApp due to:
Error: [$injector:nomod] Module 'frontendApp' is not available! You either misspelled the module name or forgot to load it. If registering a module ensure that you specify the dependencies as the second argument.
http://errors.angularjs.org/1.4.7/$injector/nomod?p0=frontendApp
at Anonymous function (http://plugins.glpi-project.org/scripts/vendor.81a16c6c.js:4:10533)
at b (http://plugins.glpi-project.org/scripts/vendor.81a16c6c.js:4:9993)
at Anonymous function (http://plugins.glpi-project.org/scripts/vendor.81a16c6c.js:4:10267)
at Anonymous function (http://plugins.glpi-project.org/scripts/vendor.81a16c6c.js:4:19003)
at f (http://plugins.glpi-project.org/scripts/vendor.81a16c6c.js:4:1387)
at n (http://plugins.glpi-project.org/scripts/vendor.81a16c6c.js:4:18846)
at $a (http://plugins.glpi-project.org/scripts/vendor.81a16c6c.js:4:20534)
at h (http://plugins.glpi-project.org/scripts/vendor.81a16c6c.js:4:8060)
at ga (http://plugins.glpi-project.org/scripts/vendor.81a16c6c.js:4:8279)
at fa (http://plugins.glpi-project.org/scripts/vendor.81a16c6c.js:4:7624)
http://errors.angularjs.org/1.4.7/$injector/modulerr?p0=frontendApp&p1=Error%3A%20%5B%24injector%3Anomod%5D%20Module%20'frontendApp'%20is%20not%20available!%20You%20either%20misspelled%20the%20module%20name%20or%20forgot%20to%20load%20it.%20If%20registering%20a%20module%20ensure%20that%20you%20specify%20the%20dependencies%20as%20the%20second%20argument.%0Ahttp%3A%2F%2Ferrors.angularjs.org%2F1.4.7%2F%24injector%2Fnomod%3Fp0%3DfrontendApp%0A%20%20%20at%20Anonymous%20function%20(http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.81a16c6c.js%3A4%3A10533)%0A%20%20%20at%20b%20(http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.81a16c6c.js%3A4%3A9993)%0A%20%20%20at%20Anonymous%20function%20(http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.81a16c6c.js%3A4%3A10267)%0A%20%20%20at%20Anonymous%20function%20(http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.81a16c6c.js%3A4%3A19003)%0A%20%20%20at%20f%20(http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.81a16c6c.js%3A4%3A1387)%0A%20%20%20at%20n%20(http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.81a16c6c.js%3A4%3A18846)%0A%20%20%20at%20%24a%20(http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.81a16c6c.js%3A4%3A20534)%0A%20%20%20at%20h%20(http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.81a16c6c.js%3A4%3A8060)%0A%20%20%20at%20ga%20(http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.81a16c6c.js%3A4%3A8279)%0A%20%20%20at%20fa%20(http%3A%2F%2Fplugins.glpi-project.org%2Fscripts%2Fvendor.81a16c6c.js%3A4%3A7624)
vendor.81a16c6c.js, line 4 character 19171

Thank you,
regards,
Tomolimo

See in the following print screen the buttons to move checks in the checklist attributed to a ressource are availlable. but there is no sence to use them in this situation.

We need to initialize plugin.download_count, because if set to NULL never going to be incremented on download

Hello,
As I would like to move the 'Timezones' plugin from the old forge to github (at least for the new versions), and as it is no possible to use the 'Submit a plugin' (as it is already existing), I've sent an email to 'contact' URL http://plugins.glpi-project.org/#/contact, but got no answer.

Thank you to check,
Regards,
Tomolimo

server side if authed, client side if not, we might like to add the recaptcha security to ensure "humanity" of downloads in all situations. it's something we might want to have if we prefer to disable possibility of someone actually trying to mess around with our local statistics, not the HTTP statistics which rely on GA, we need to think about that.

For example the genericobject plugin, for it's latest release, has 2 compatibility keys :

<version>
      <num>0.85-1.0</num>
      <compatibility>0.85</compatibility>
      <compatibility>0.90</compatibility>
  </version>

Only the first is displayed on the plugin directory website

We currently have a Toaster provider that uses angular-material's $mdToast as a backend,
when we use 'body' as relative positionning element, the alert sometimes appears to be hidden on strange resolutions/window-sizes.
Here, we can see a half-hidden alert on the top of the screen.

The following image is required by the application http://plugins.glpi-project.org/images/logo-small.png (see file frontend/app/styles/_header.sass, line 10 but it seems it does not exists causing a 404 HTTP response.

curl -D - -o /dev/null -s http://plugins.glpi-project.org/images/logo-small.png

HTTP/1.1 404 Not Found
Date: Thu, 29 Sep 2016 14:21:50 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d26bed67a7f87a418e9a07aa008930acb1475158910; expires=Fri, 29-Sep-17 14:21:50 GMT; path=/; domain=.glpi-project.org; HttpOnly
CF-Cache-Status: HIT
Server: cloudflare-nginx
CF-RAY: 2ea0157890d308fc-CDG

(Could be an error on CloudFlare's side)

We need to think about the privacy of users in GLPI Plugins,
as every web service does, because it is very important to users.
I was thinking today about that, but I don't know how to start.
First off,
Are we going to offer users the way to show their email publicly ?
That is the most basic question, but there might be others that
fall in this category, this issue could help us to centralize all those questions in one "topic".

This is mostly important right now for the server implementation because,
unrelated fact, I always try to simplify the coding to the maximum extent, and,
I was going to think about 2 versions :

• The easy one (might be the better option, I don't know), all the data is public, so there is one OAuth 'scope' : 'user that allow any logged user (or anonymous one) to see all user infos
• The "more complicated one" : there is some infos that are going to be public and some others that are not going to, and this is up to the user to decide which one are. In that case we are going to have the user scope that allow a logged-in user to retrieve it's own information, and the users scope that allow that same logged-in user to retrieve public informations of others

The version display, at the right of the plugin name, is not correctly ordered.

It should, I think, be displayed as 0.90 0.85 0.84

For :

• Plugins url modifying
• Notifications (plugins update)
• Stars / comment
• Register applications (tokens/security key for accessing api key)

With token and security key
we need #1 before

This feature is not present as of now

When I enter an XML URL, check the "I'm not a robot" checkbox and click the "Send" button... Nothing happen!

This is the part that cleans the perempted sessions with perempted refresh tokens. That is going to be implemented inside the BackgroundTasks class

some authors don't have any plugin associated (example old authors of formcreator)