placeos / models Goto Github PK
View Code? Open in Web Editor NEWPlaceOS entity models.
Home Page: https://placeos.com
License: Other
PlaceOS entity models.
Home Page: https://placeos.com
License: Other
Emails are returned as md5 digests, this is insecure and a stronger hash function should be used.
A new model Tenant
or Organization
should be added.
For queries, we can overload queries on the ORM to ensure that the tenant's ID is included.
This will allow the place-labs/resource abstraction to function in the same manner.
could use a ttl
field with a unix epoch as these documents are automatically cleaned up once the TTL time is reached
When module attributes are updated, it appears that tls
is incorrectly forced.
models/src/placeos-models/module.cr
Line 272 in e3e102e
Is your feature request related to a problem? Please describe.
User
emails are currently stripped and downcased when validating for uniqueness but persisted with case and surrounding whitespace preserved. This same normalisation is not applied elsewhere resulting in unexpected behaviour in other areas of the system.
An externally visible example of this is the rest-api
users controller where interactions based on user email require a case matched version to be used.
Describe the solution you'd like
Perform consistent validation and matching of email address across all areas of the platform.
Describe alternatives you've considered
Performing ad-hoc normalisation either client side, or in other services. Centralising this here appears to be the least error prone approach
Additional context
rfc5321
case of the address MUST be preserved for usage in actual emails.email_digest
should be handled.auth
user and staff-api
guest models.Add timezone
field to zone model to allow frontends to more easily consume this commonly needed value.
Is your feature request related to a problem? Please describe.
Authority
is a confusing term, where Domain
is more reflective of the function of the models.
Describe the solution you'd like
Rename Authority
to Domain
Additional context
This could be done during the migration to postgres in #71
Alternatively, a migration script could be written for RethinkDB.
Describe the bug
Errors identified in Module#merge_settings
lack context
To Reproduce
Any exceptions caused by the merge process.
This could be the result of malformed YAML/JSON settings.
Expected behaviour
Raise a clear error. Ideally no error at all.
Additional context
The best solution would be validation of Settings#settings_string
before save.
Currently, master is the only functional branch when referenced by a PlaceOS::Model::Repository
.
A simple branch : String = "master"
attribute will suffice.
The current setting merge behaviour prioritises keys that exist at higher encryption levels:
models/src/placeos-models/settings.cr
Lines 215 to 216 in 9426c23
In many cases, it may be desirable for this behaviour to be inverted so that lower encryption levels take priority. An example of this would be applying a setting that forces usage of a development token, or temporary configuration change as this can be reverted through the removal of the overriding setting. In these cases an encrypted setting may not be as easily restored by a user without knowledge of the original value.
A conflicting view does exist where prioritising settings with higher encryption may help influence 'safer' user behaviours. In some cases though this may have the opposite effect, with users preferring to store everything at lower levels due to improved usability.
Is your feature request related to a problem? Please describe.
Being able to track the versioning of a model is useful, evidenced by the existing use case of Settings
.
Metadata
changes can introduce errors, and versions allow for simpler rollbacks.
Describe the solution you'd like
After #150, this should be as simple as including the module.
Additional context
Metadata
@MrYuionObjective: Add models to support asset manager feature.
Observe asset and consumable relation and best method of implementation.
Support User password confirmation validation.
User who last modified: last modified at and modified by.
Prevent the system getting into a state with no users.
The key
field of repository is unused
models/src/placeos-models/repository.cr
Line 30 in 25ec16e
Add a destroy relation from Authority to User
Describe the bug
Settings are currently validated by ensuring they contain any data that will not cause JSON/YAML parsing to fail but parsed as assumed YAML objects when reading. This results in some issues appearing in external usage contexts, such as merging setting during a driver load.
Your environment
9426c23
To Reproduce
Store scalar or array type, or simply "\n" in a setting. When running within a full instance, core logs will show:
level=[E] time=2021-08-11T11:37:31Z program=core source=place_os.resource message="failed to update module's settings" settings_id=sets-HsUXqFomQOC type=PlaceOS::Model::Settings handler=PlaceOS::Core::SettingsUpdate action=Created id=sets-HsUXqFomQOC module_id=mod-HsUMyxnbq84
Failed to merge module settings Failed to parse YAML settings:
(PlaceOS::Core::ModuleError)
from src/placeos-core/module_manager.cr:369:9 in 'start_payload'
from src/placeos-core/module_manager.cr:168:65 in 'start_module'
from src/placeos-core/module_manager.cr:199:37 in 'refresh_module'
from src/placeos-core/settings_update.cr:36:14 in '_process_event'
from /usr/share/crystal/src/primitives.cr:255:3 in 'run'
from ???
Expected behavior
Validation should block this on save.
Additional context
There looks so be a bit of general inconsistency / looseness in how settings are handled. May be worth a general review and tidy so that a single form is used for persistence, the parsed to/from alternate encodings where required (e.g. based on contents of an Accept
header in API requests).
The current implementation for app id generation is based off an MD5 of the redirect URI. This prevents the same URI from being used on multiple app registrations.
Given that apps now bind to authorities (domains) as the owner, there are use cases where having multiple apps sharing a redirect URI are required. An example of this would be a native app registered for access across multiple auth domains.
Currently, module_id
is merged into the features field of the ControlSystem
. Desired behaviour is to have the resolved name i.e. custom_name || name
in the features string.
Simple after_save
callback to check membership of the ControlSystem's modules for Logic Modules.
Hello!
Since I set the schedule of the CI job, I receive notifications every time the job runs.
If a Place employee could update this line, that would be very appreciated.
Thanks!
Describe the solution you'd like
Describe alternatives you've considered
The existing solution of storing the column as a String was sufficient until we needed to perform queries on the data.
Additional context
Alternatively, the field should be dropped in favour of fetching it from the DB.
This is also a symptom of the lack of joins in the ORM.
Add extended metadata fields to devices at a system level to include custom key:pair values to serve as a basic CMDB eg.
*install date
*serial number
*manufacturer
These could be fixed fields, but feel its easier to allow them to be custom pairs where the end user can set what data they want to store against a device.
Allow these fields to be included in dashboards or obtained via api for display in PowerBi reports or similar.
So the user editing doesn't have to be a system admin.
Similar to how staff-api deals with user permissions for say concierge access
Google doc on how permissions work
blocked by #183
Create a migration for existing deployments that migrates Settings::ParentType
from an Integer backed enum to a String backed enum.
currently a simple metadata search locks up the database due to high CPU when there are 1000's of records (client with 24k records sees a 5minute denial of service)
Thinking we move metadata over to postgresql soon #165
possibly as part of staff api which also has metadata and some change hooks into rethinkdb, reverting the metadata field in rethink back to text
Then search operations can occur on staff API against a postgresql GIN index
https://cgi.cse.unsw.edu.au/~cs9315/20T1/postgresql/documentation/functions-json.html
https://medium.com/hackernoon/how-to-query-jsonb-beginner-sheet-cheat-4da3aa5082a3
Define a data model using Hermes. We'll potentially use a merkle tree for verification.
Ideally cloning private repos should be done via ssh, with keys added to the required repos only.
We need a way to either generate an ssh-key pair, or copy the public key of an existing pair, from backoffice.
Describe the bug
The separator in Edge
authentication tokens, _
, can cause issues when extracting the id and secret.
To Reproduce
Create an Edge
with a _
in its id.
Is your feature request related to a problem? Please describe.
Model versions are present for Settings
.
This mechanism can be generalised for use in other domain models.
Describe the solution you'd like
PlaceOS::Model::Utilities::Versions
that automatically adds version creation to a model.Describe alternatives you've considered
Hand-rolled versioning, see Settings
model.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.