Description

Support versioning of content in CMS. So that end users can rollback in case a wrong content is updated.

Design/Specification

Put Design and Specification here with links

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Support Web Push Notification for JS SDK.

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Design/Specification

WIP

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advices

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API docs should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

A standard event tracking API supporting PostgreSQL as data store.

Design

Client API Design

SkygearTracker(container: SkygearContainer)
SkygearTracker.prototype.track(eventName: string, properties: { [string]: number | string | boolean })

Sample Code

Construction of a tracker

import SkygearTracker from 'skygear-tracker';
// skygear is actually an instance of SkygearContainer
import skygear from 'skygear';

// To construct an instance of SkygearTracker
// Invoke the constructor with an instance of SkygearContainer
const skygearTracker = new SkygearTracker(skygear);
// You can use this skygearTracker throughout your app if you only work with a single
// SkygearContainer

Usage of a tracker

skygearTracker.track('Posted an item for sale', {
  currency: 'HKD',
  price: 20,
});

Expected behavior

In addition to the properties given by the caller, the tracker also gather information from the runtime environment and send them to the server.

Common columns

• _id: a server generated UUIDv4 id for the event
• _user_id: the user id of the user, in our case it is _user.id
• _received_at: the timestamp with timezone when the event is received by the server
• _tracked_at: the timestamp with timezone when the event is tracker by the caller
• _sent_at: the timestamp with timezone when the event is sent by the client
• _event_raw: the event name as given by the caller, e.g. Posted an item for sale
• _event_norm: the normalized event_name, e.g. posted_an_item_for_sale. This is same as the table name in the relational database
• _ips: the ip as seen by the server.

Web specific columns

• _page_path: the pathname of the url, e.g. /about
• _page_search: the querystring of the url, e.g. ?utm_campaign=easter-sale
• _page_url: the full url, e.g. https://www.example.com/about?utm_campaign=easter-sale
• _page_referrer: the value of document.referrer
• _utm_campaign: the utm_campagin in querystring, if any
• _utm_channel: the utm_channel in querystring, if any
• _user_agent: the value of navigator.userAgent

Mobile specific columns

• _app_id: CFBundleIdentifier or Application.getPackageName()
• _app_version: CFBundleShortVersionString or PackageInfo.versionName
• _app_build_number: CFBundleVersion or PackageInfo.versionCode
• _device_id: [[UIDevice currentDevice] identifierForVendor] or Settings.Secure.ANDROID_ID
• _device_manufacturer: "Apple" or Build.MANUFACTURER
• _device_model: utsname.machine or Build.MODEL
• _device_os: "ios" or "android"
• _device_os_version: [[UIDevice currentDevice] systemVersion] or Build.VERSION.RELEASE
• _device_carrier: [CTCarrier carrierName] or TelephonyManager.getNetworkOperatorName()
• _device_locales: A list of comma separated BCP47 tags, e.g. "en-US,ja-JP,zh-Hant-HK"
• _device_locale: The first item of _device_locales
• _device_timezone: [[NSTimeZone localTimeZone] name] or TimeZone.getDefault().getID()

Open Questions

Put a list of open questions here before a complete design / specification is decided

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

When a device is offline, the pubsub channel should cache and send it again when the device is online again.

Design/Specification

WIP

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Provide basic IoT usage supports. Related repo:

• https://github.com/skygeario/iot
• https://github.com/skygeario/iot-sdk-js

Design/Specification

• https://github.com/SkygearIO/features/wiki/Skygear-IoT-Feature-Spec

Related Issues

@akiroz please open issues related with this feature and put it below

• Server Issues
• Client Issues
• Guides Issues SkygearIO/guides#51 SkygearIO/guides#52

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

There are cases to temporary disable a user. For example, violation of the term of use; awaiting settle of a payment, etc.

Currently, a developer can do two things to achieve the goal.

1. Change the password of the user. (Usually add a ! in front of the password has to make it invalid)
2. Mark the user as disabled at user record.

We want to provide a built-in way to do it.

CMS Design

CMS Features

• A button to disable a user temporarily, with these parameters:
  • disable until Date Time (Time Zone)
  • A message to display when the user tries to login again
• A button to enable the user back
• A button to "Require user to change password in next login"

UX Design

Put (link to) Portal Design here

API Design

APIs

These three API requires a special "user_management" role to call:

• skygear.auth.disableUser(user, [message="Account blocked"], [expire_at=never])
• skygear.auth.enableUser(user)
• skygear.auth.changePasswordatLogin(user)

After disableUser or changePasswordatLogin was called, the user's subsequent API call will return NotAuthenticated.

Server Design

• skygear-server provider after user login hooks, and plugins listen to the hooks to block user login
• have a simple boolean variable at _user or UserProfile(which is better?) to define blocking status

Scenario

Put list of Scenario how developers will use this API

Sample Code

Put sample code of how you vision this API will be used, consider different type of developers and different abstract level

Open Questions

• Should we return NotAuthenticated for blocked users, or better another error code that's for the exact purpose?

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Support MQTT for two use cases:

1. Chat Client
2. Basic IoT usage (Pubsub, CloudDB)

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Design/Specification

WIP

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advices

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API docs should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Make it possible to edit the settings and theme of CMS from developer portal, before we make a more feature rich editor.

Design/Specification

• It should be a simple editor for:
  • skygear-cms.css
  • skygear-config.js
• We expect to use some out-of-the-box solution for code editor such as https://ace.c9.io/
• Links to proper documentation to explain the config / theme.

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

An official recommended way to implement many-to-many relations in Skygear Cloud DB.

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Design/Specification

Approach A. Store array of references in each record
Approach B. Create an intermediate record

Approach A

For approach A, current one can use Skygear.ReferenceArray with a list of objects, and use containsValue to filter it.

To support this approach, we will need to:

• allow using Object as value for containsValue filter.
• make sub-query and return a subset of the result in Reference Array

Approach B

@samuelplaymore suggested that:

I think we can take a reference from Parse.Relation.
It also save an intermediate class dynamically.

Take a look with the following 3 classes in Parse and MongoDB.
_User, _Role, _Join:users:_Role

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Description

Support approval workflow for CMS:

• Allow customizing a workflow (or at least a simple 2 layer approval workflow of Writer => Editor)
• Support Publish later so approved content in effect later.

Design/Specification

Put Design and Specification here with links

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Since we expect users who wrote Cloud Functions will access the PostgreSQL server with SQL directly, it would be very handy if there is a default ORM, and an easy way to convert the query result into Skygear Records.

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Design/Specification

WIP

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advices

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API docs should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Have official plugins for common SSO support; And also make it easy to enable and config them from Skygear Portal.

Related Issues

Portal Design

Portal Features

• List of official plugins:
  • Google
  • Facebook
  • Wechat
  • OAuth
• Have an interface for on/off and configuration of ID / Secret.

UX Design

Put (link to) Portal Design here

API Design

Scenario

To be expanded

• Sign in with web popup
• Sign in with web redirect
• Sign in with limited capability devices (TV/Command line)
• Sign in with Mobile
• Login by AuthProvider A, but the email already got another account from AuthProvider B, show an error and tell users to login with another AuthProvide B
• Login by AuthProvider A, but the email already got another account from AuthProvider B, tell users to login and link with new AuthProvider
• Login by AuthProvider A, but the email already got another account from AuthProvider B, assume it is two different accounts (will break the assumption of Skygear, which each users got unique email address)
• At User Setting page, add another AuthProvider

Sample Code

Put sample code of how you vision this API will be used, consider different type of developers and different abstract level

API Design

This is the API I am proposing

JS

• loginWithOAuthProvider(providerID, options, [accessToken])
  • Create or login a new skygear user, associated with the provider
  • providerID - A string that identify the login provider
  • options
    • uxMode - Either popup(default), or redirect
    • clientID
    • scope
    • redirectUrl - when uxMode is redirect, skygear will redirect the user to this url after auth. If it is null, back to the current URL
  • accessToken - Optional. Pass in access token if client already has it, skygear will try to login directly instead of going through the OAuth flow.
  • This function returns a skygear user, and an access token of the service.
• associateAccountWithProvider(providerID, options)
  • Add a new auth provider to the user by going through the auth flow
  • This API requires user to be logged in already, return error otherwise
  • providerID - A string that identify the login provider
  • options
    • uxMode - Either popup(default), or redirect
    • clientID
    • scope
    • redirectUrl - when uxMode is redirect, skygear will redirect the user to this url after auth. If it is null, back to the current URL
  • This function returns a skygear user, and an access token of the new service.
• getOAuthTokens()

  • Return a promise of tokens

    getOAuthTokens().then(function(tokens){
      //tokens['com.facebook'] is FB's access token
    });
    

Platform specific API

• loginWithFacebook(options) and loginWithGoogle(options)
  • options
    • uxMode - Either popup(default), or redirect
    • clientID
    • scope
    • redirectUrl - when uxMode is redirect, skygear will redirect the user to this url after auth. If it is null, back to the current URL

iOS

• -[SKYContainer loginWithOAuthProvider:(NSString*)providerID, options:(NSDictionary*)options completion:(void(^)(NSError*, SKYUser*))]
  • Create or login a new skygear user, associated with the provider
  • providerID - A string that identify the login provider
    • We will provide com.facebook, com.google
  • options
    • uxMode - Either popup(default), or redirect, popup means in-app-browser (SFSafariViewController/WKWebView) and redirect means Safari.app
    • clientID
    • scope
    • version - FB Client SDK only
    • cookiePolicy - Google Client SDK only
  • This function returns a skygear user, and an access token of the service, via a delegate.
• -[SKYContainer loginWithOAuthProvider:(NSString*)providerID, accessToken:(NSString*)accessToken completion:(void(^)(NSError*, SKYUser*))]
  • accessToken - Client calls this API if it already has an access token, skygear will try to login directly instead of going through the OAuth flow.
• -[SKYContainer associateAccountWithProvider:(NSString*)providerID options:(NSDictionary*)options completion:(void(^)(NSError*, SKYUser*))]
  • Add a new auth provider to the user by going through the auth flow
  • providerID - A string that identify the login provider
  • options
    • uxMode - Either popup(default), or redirect, popup means in-app-browser (SFSafariViewController/WKWebView) and redirect means Safari.app
    • clientID
    • scope
    • version - FB Client SDK only
    • cookiePolicy - Google Client SDK only
  • This function returns a skygear user, and an access token of the new service, via delegate.
• -[SKYContainer getOAuthTokensWithCompletion:(void(^)(NSError*, NSDictionary*))]

  • Return tokens

    [container getOAuthTokensWithCompletion:^(NSDictionary *tokens){
      //tokens['com.facebook'] is FB's access token
    }];
    

Platform specific APIs

• -[SKYContainer loginWithFacebook:(NSDictionary*)options] and -[SKYContainer loginWithGoogle:(NSDictionary*)options]
  • options
    • uxMode - Either popup(default), or redirect, popup means in-app-browser (SFSafariViewController/WKWebView) and redirect means Safari.app
    • clientID
    • scope
    • version - FB Client SDK only
    • cookiePolicy - Google Client SDK only
  • Returns the user logged in via delegate.

Skygear plugin

Environment variables

• UNIQUE_EMAIL_FOR_ACCOUNTS
• FACEBOOK_CLIENT_SECRET
• GOOGLE_API_KEY
• SSO_ENABLED e.g FACEBOOK,GOOGLE.

APIs

• oauth:auth_url
  • Accepts a provider id and options
  • Return an url for auth
• oauth:handle_code
  • Accepts code from 3rd party service
  • Exchange code with access token
  • Create user if needed
  • Pass the user back to client
• oauth:handle_access_token
  • Accepts a provider id, and access token
  • If this handler is called with a user logged in
    • Associate the user with auth provider and access token
  • Otherwise,
    • Login or create new users according to the provider and access token
  • Return the user

Login flow

JS, iOS and Android should follow this flow:

When using 3rd party client

1. Call 3rd party client
2. When user is authed, get the access_token
3. Pass access_token to oauth:handle_access_token, to receive skygear user

• Server behaviour depends on UNIQUE_EMAIL_FOR_ACCOUNTS

4. Return user and access_token

When using OAuth flow

1. Ask for a url to display via oauth:auth_url
2. Show the url to user, either popup or redirect
3. After user login, the webpage should be redirected to skygear-server with a code
4. Skygear-server exchange access token with code (oauth:handle_code)

• Behaviour depends on UNIQUE_EMAIL_FOR_ACCOUNTS

5. Skygear-server create or login a user
6. Pass the user back to client side

For devices with limited capability

1. Fetch code and URL from Google / Facebook
2. Return the above data to the developer, expect the URL and should to be shown to user
3. Constantly poll Google / Facebook for auth result
   • With timeout
4. When access_token is received via polling, send it to skygear-server oauth:handle_access_token

• Server behaviour depends on UNIQUE_EMAIL_FOR_ACCOUNTS

5. Pass the user from skygear user and access_token back to user

Progress Tracker

Preparation

• Specification design approval (SkygearIO/skygear-server#350)
• Draft guides (SkygearIO/skygear-server#59)
• Portal design (oursky/skygear-portal#222)

Implementation

• Code
• Minimal tests
• API reference
• Portal design implementation

QA

• UI QA for portal design

Documentation

• GitHub readme
• Edit guides

Release

• Release note

Description

To make #3 possible, we need to make Cloud Functions Deploy & Test Cycle much quicker

Design/Specification

Put Design and Specification here with links

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

In order to make #3 Cloud Function Development Environment possible, we need to be able to have a skycli command line interfaces to:

1. List all Cloud Functions
2. Invoke Cloud Functions easily
3. Isolate logs for the test request from 2 for easy debug.

Design/Specification

Put Design and Specification here with links

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • SkygearIO/skygear-server#391
  • SkygearIO/skygear-server#392
  • SkygearIO/skycli#11
  • SkygearIO/skycli#12
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Allow admin to edit data structure of Skygear Cloud DB from Developer Portal / CMS.

Questions

• Should we have it on Developer Portal or CMS? Or both? Because while the data structure editor would change the structure of Database, it might contain some CMS information (such as is it a Single Line or HTML field while both field can have the same data type as string.)
• The advantage of put it on Developer Portal is simplicity, we can set the expectation of there are NO ACCESS CONTROL in Developer Portal.

Design/Specification

The editor should works by showing the Table already existed in the database, users should be able to create new table, or modify existing table.

Each column have a Field Type. The field type is NOT the data type, however only compatible Field Type can be assigned to Data Type. The Field type is used to display the correct editing fields inside the CMS.

Each column have it's Properties listed below.

Field Type

• string
  • Single line
  • Multi Line
  • HTML
  • Link
• number
  • Number
• boolean
  • Boolean
• array
  • Dropdown
  • Checkbox
• dictionary
• reference
  • Reference
• geolocation
• date time
  • Date
  • Date / Time
• asset
  • File
  • Image
  • Video

Properties

• Name
• id (should be identical to the Column name)
• Place Holder / Instruction / Help
• Default value (depends on Field Type)
• Required
• Unique
• Number of characters (String only)
• Size (Asset only)
• Single / Multiple Entries (Can this table have more than 1 row?)

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Support using 3rd party Identity Provider for User Auth

Design/Specification

• As a LDAP server / provide JWT token?

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Optionally users can require Email / SMS Confirmation for Changing Password

Design/Specification

WIP - Just an idea / randomly asked by users.

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Handle the use case of User Profile have an email field, and users need to verify by emails before using certain functions.

Portal Design

Portal Features

• Portal Setting (Under User Auth > Email Verification)
  • Setting (Enable, Sender, From, Reply To)
  • Verify Email Template (sent when email verification requested)
  • Verify Confirmation HTML Template (display the HTML when the confirmation link in Verify Email is clicked)
  • Email Address Change Notification Email Template (optional, sent to old email address when email change)
  • Each Email Template / HTML Template in Portal have a "Try" button for a preview.
  • Each email template should have the following fields:
    • From Email Address
    • Subject
    • Reply to
    • Content
    • Redirect URL (only applicable for emails)
    • URL Lifetime (only applicable for HTML templates)
  • Content are expected to be an HTML / plain text editor with placeholder variable. The list of placeholder variable should include all the fields under the User table, and something like [[url]] to include the link to confirmation result page.

UX Design

Put (link to) Portal Design here

API Design

Scenario

• Simple blogging apps that require email verification to post new blog post
  • Send a verification email when non-verified users logged in and tried to post a new blog post
  • Display a page say "You need your email to be verified before a new post" if user's email was not verified.
  • After the user clicks on the link of verified email, it should show a page say "Verified email", and users can click elsewhere to continue what they do.

Sample Code

When user click on an action that require email verification:

if !currentUser.email_verified
  skygear.userUtils.sendEmailVerfication('actionX')

The above code will send an email, and the verification links after clicked, will comes with actionX as the parameter. actionX will pass as a string as query string to the redirected URL after the verification link is clicked, or ignored if users supply an HTML template.

API Design

Put Design and Specification here with links

• Call sendEmailVerification(currentLink) from client side
• User.email_verified return true or false

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Add a user list and allow basic users management from Skygear Portal. It also include several new features not exist yet: Login history, Block User, Devices Record, Track Location from Client SDK

Design/Specification

• At Portal, Under User Auth > Users:
  • Show a list of users, with filter / search options:
    • Email address (exact / partial match)
    • username (exact / partial match)
  • Columns: Name, Last Login, Created At, UID, Gravter, Email, (other attributes of User Records?)
  • Click on each users, it should show a user profile with these information:
    • User Records' attributes
    • Login History
    • Location
    • Password Complexity
    • Devices (?)
  • Following actions can be performed on users:
    • Block Users
    • Logout all Sessions
• Server Issues:
  • Record user login history by default
  • Complexity check for password
  • Devices record
• Client SDK
  • Multiple API changes to prevent block users login
  • New API / API changes for devices record?
  • Optional: Track location by GeoAPI on mobile / web, not just by IP

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Handle the use case of User Profile have an phone field, and users need to verify by SMS before using certain functions.

Related with #19 Login by SMS?

Design/Specification

• Support Twillio as the only SMS gateway is acceptable.
• Workflow:
  • Call sendSMSVerification() from client side (support any fields or a default field for phone no?)
  • Call verifySMSVerification(code) from client side, return success or failure
  • User.verifiedBySMS() return true or false

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Something like rqworker/rqscheduler

Questions

Put a list of questions here before if you cannot provide a complete design / specification yet

Design/Specification

• A Job Queue
• The Job queue should allow enqueue a job at certain time / certain time later.
• Cancel job.

Put Design and Specification here with links

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

While Cloud Functions have been heavily used by a lot of existing users, there are a few recurring requests we've got:

1. Update code for Cloud Functions and test quickly (in scale of seconds) #2
2. If one Cloud Functions crash, others should not be affected. #2
3. Easier test environment e.g. supply lambda functions parameter / HTTP request parameters to test without launching the app; Test should return console&error logs immediately. #3
4. Easier to stream logs and search logs
5. Default / Built-in ORM if we expect people to code in SQL. Easy to return records object from Cloud Function's SQL query to Client SDK #4

Related Features

• #2 Revamp Architecture of Cloud Functions
• #3 Cloud Functions Development Environment
• #4 Default ORM and Skygear Records converter for Cloud Functions

User Story

So far two kind of use cases are most common:

1. Simple HTTP Webhook (actually our internal team have start adopting it especially for non-tech)
   Webhook for:

• Chat bot like /tellchima
• Scheduled Tasks or simple functions like QA test, or Data Analysis with Crawlers
• Integration with 3rd party services, e.g. stripe unsubscription callback => emails

2. Web / Mobile apps lambda call, to handle something need to be done at server side:

• Transactional Database Query
• Handle complicated data logic
• Return data with complicated access control

Description

Login by SMS, kind of like Telegram / Village. Where users have no username / email (both are optional), users can sign up or login simply by a verification on SMS.

Design/Specification

WIP

• Support Twilio as the only SMS provider is acceptable.

Portal Features

• An interface for setup Twilio credential
• An interface for setup redirect URL on magic link

API Design

skygear.auth.passwordlessSend({
  connection: 'email', // or 'sms'
  send: 'code', // or link
  email: '[email protected]'  // phoneNumber
})

skygear.getLoginRedirectResult().then(function(skygearUser) {

  }).catch(function(error) {

  });

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

This issue is an effort to expand the feature set of Skygear Portal. We aim at covering most common features required by skygear.io users.

While most features tracked here are related to the portal, it is very likely the portal will cover some features do not currently exist in open source skygear-server and would be developed in open source version in parallel with the portal.

There is a meta feature issue for an even longer roadmap #30

Features in Priority

• #25 Forgot Password and Welcome Email
• #22 Verification by Emails
• #5 Basic SSO Implementation
• #28 User List
• #27 CMS Settings / Theme Plain Text Editor
• #23 Push Notification Portal
• #20 Verification by SMS
• #19 Login by SMS

Description

A plugin allows to like any skygear resource (e.g. user / custom created resources), and able to provide common features required related to like

The necessary originated from Village (https://basecamp.com/2635797/projects/10525916/messages/56678569).

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Design/Specification

Proposed by @royuen

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advices

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API docs should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Support 3rd party Email Provider or Custom SMTP server for better email deliverability. It is an Skygear.io exclusive issue and should not be related with Open Source version.

Design/Specification

WIP

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Cloud Functions need a better development environment. The goal is let developers update code and test quickly (Depends on #2 and #42); And then one can simply test the code by simulating a request for:

• Supply Lambda Functions Parameters
• HTTP Request Parameters
• Other events hooks

It should also return the console & error logs immediately.

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Design/Specification

There are two ideas currently:

1. Make a command line interface to complete the goal.
2. Make a GUI interface on portal to complete the goal.

For web interface, as the plugins runtime will crash if syntax error and lost all of the code (as mentioned in oursky/skygear-cloud#351), it will need to store the code separately.

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Description

Support Conditional save predicate which is useful when users need to handle some atomic save siutation.

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Design/Specification

Purpose: The conditional save predicate is used by the client to specify conditions in which a record should be saved. Conditions are evaluated by the server.

Proposal: record:save request to have a new attribute that state the predicate for which the record should be saved if the existing record satisfy the predicate (in other words, “satisfy” means a query of that predicate will return the record).

Example: a record is only saved if date is null:

{ "action": "record:save",
  "records": [{
    "_save_predicate": {"eq", "date", null},
    "_id": "note/abc"
}]}
// or
{ "action": "record:save",
  "predicate": {"eq", "date", null}",
  "records": [/* ... */]
}

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API docs should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

This is a meta feature, for list of SSO support heard from clients / users.

Related Features

• #5 Basic SSO Implementation (Google, Facebook, Linkedin, Instagram)
• #60 Support Wechat Login

List of SSO

(Please feel free to comment if you wish one of the platform will be implemented earlier. The order here is important)

• Google
• Linkedin
• Instagram
• Facebook
• Wechat #60
• Active Directory / LDAP
  • Identifier
  • Email domains
  • Cache?
• Azure Active Directory
• LDAP
• Office 365
• Dropbox
• Bitbucket
• Paypal
• Amazon
• Box
• Salesforce
• Yahoo
• Baidu
• Renren
• Sina Weibo
• AOL
• Shopify
• Wordpress
• Yammer
• SAML
• Sharepoint Apps
• IP Address

Description

This is an issue to evaluate the usage of HTTP2 and Message Pack as transport between Skygear-server and plugins runtime in Skygear micro-services architecture.

It aims at replacing zmq for maintainability.

Design/Specification

Put Design and Specification here with links

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Make it possible for CMS user to login as users from the portal. (Think about God mode)

Questions

• Technically, is it better to:
  • Give a temporary username/password for users to login, or
  • Hijack a user session with another (is it possible with JWT?)

Design/Specification

• In Portal, CMS > User List, we should:
  • Let admin click on a user, and perform the "Login as users" action
  • Depends on how we implement it, we should display a temporary login code, or let the admin to choose another users to hijack with.

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Multiple users asked about it would be much simpler if they can just start calling CloudDB features with anonymous users session.

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Design/Specification

WIP

Progress Tracker

Preparation

• Specification Design Approval (SkygearIO/skygear-server#351)
• Draft guides

Implementation

• Code
• Minimal tests
• API reference

Documentation

• Edit guides

Release

• Update release notes
• Release

Description

Allow users to look at a list of devices registered via SDK.

Design/Specification

Usage

• Users can view all the device status, device information and set remote action for the device on the device list
• This feature is optional. Users turn this feature on when needed.

Design Link: https://projects.invisionapp.com/share/6AB1RERBK#/screens/225932555

Device List:

Users can perform 3 things in this table. They can

1. Filter information to view the table
2. Multi-select the device to perform 3 actions
3. Click the 'View in Pub/Sub' link in Device Channel on the table for Pub/Sub feature

1 - Filter information to view the table

There are filter for the table. If multiple conditions are selected, it is consider an AND conditions.

• IP address - filter by sub-net (e.g. 192.168.0.0/16)
• Device Class - use drop down
• Device ID - exact match match substring
• Skygear SDK version / Application version
  • Placeholder will educate the users to use standard format (semver)

2 - Multi-select the device and perform 3 actions
The multi-select function is on the first column of the table.

The 3 actions are

• Restart Device - multi-select
  • confirm button on a pop-up
• Shutdown Device - multi-select
  • confirm button on a pop-up
• Set Device Class - multi-select
  • text input, auto-complete with existing device classes.
  • confirm button on a pop-up

When there is no check off on the box, the 3 actions buttons should be unclickable.

3 - Click the 'View in Pub/Sub' link in Device Channel on the table for Pub/Sub feature
When users click on the 'View in Pub/Sub' link, they will be redirected to the Pub/Sub dashboard page with the param (the subscribe channel)

Related Issues

• Server Issues
• Client Issues
• Guides Issues
• Depend on #36 IoT SDK

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Extend ACL to policy-based for fine-grained access control, with sensible default for users like role-based one.

Questions

• Can we use some opensource project like https://github.com/ory/ladon for the ACL server?

Design/Specification

Some notes for ideas:

• An policy-based ACL define Who can do What on Resource
  • Who - Users / Role as in existing Skygear
  • What - READ/WRITE/CREATE/DELETE
  • Resource: records: <record type>:<record id>:<column name>
• Check all queries against an ACL policies service, when constructing the query to say "yes/no" for certain query, and limits the columns retrieved.
• Sensible default, so users can simply say: User A/Role A can READ all RECORDS A with a few set of default policy, to avoid developers have to mess with policy file all the time.

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Role based access control for CMS:

• Developer - Full Access
• Content - Edit some content
• Editor - Approval some content

Some should refer to Record Type / Content Type here.

Questions

Put a list of questions here before if you cannot provide a complete design / specification yet

Design/Specification

Put Design and Specification here with links

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

It is quite common business users need to input different languages translation for content in an app. It would be important to have built-in support for CMS interface and on API level.

Questions

• How to best model L10N? Use column based database fields, or another table for translation?
• How to provide access to L10N content from client SDK? From standard CloudDB API, or another set of API would need to be used?

Design/Specification

Put Design and Specification here with links

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

A Dashboard to listen to Pubsub Channel, and send Pubsub message via Portal

Design/Specification

Design Link: https://projects.invisionapp.com/share/6AB1RERBK#/screens/225937760

Usage:

Publish part

• If the users click “Publish” without subscribing a channel (i.e. disconnecting status), a red line under the message textbox “Please subscribe a channel first” should be shown.
• If the users click “Publish” with an empty message box, a red line under the message textbox “Please enter your message” should be shown.
• If the users successfully publish a message, a line with a timestamp, publish channel and message content will be shown in the log.

Subscribe part

Input part

• If the users click into this page with no subscribed channel, under the Subscribe Message Log it should say “Subscribe a Channel to Display the Log” in a prominent colour (Red)
• Users click at 'Subscribe' button to subscribe a channel. If the channel is empty, a red line should be displayed under the textbox “Channel name is needed”; If the subscription was succeeded, the status icon should change to green with the word “Connected”.
• The status icon of connecting status should be in yellow color with the word 'connecting'.
• The connecting timeout will be 3 seconds.
• After users successfully subscribe a channel, the Subscribe Message Log should state: 'No message is loaded'
• The status icon should change according to the connection status of subscription.
• When the status is connected, the button 'Subscribe' will become button 'Unsubscribe' for users to disconnect the subscription.
• If users click the 'View the Pub/Sub' from IoT Device List table, they will be redirected to Pub/Sub page and subscribe the relevant channel automatically.

Message Log

• After subscribed to a channel, all new pubsub messages should display in text under Subscribe Message Log.
• The Log will be inverse-log. The latest message will be shown at the top.
• The displayed information should include (Boris please help fill this)
• If there is any pub/sub state change, we will display a read line in the Message Log. 'Subscribed a channelName at when' and 'Unsubcribed a channelName at when'
• All logs relevant to publish event will be in blue color
• All logs relevant to subscribe event will be in grey color

Things shown on the Subscribe Message Log:

• Timestamp
• Channel
• Message

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should go in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

A CMS-like Portal for sending Push Notification

Design/Specification

Reference of Design: https://dl.dropboxusercontent.com/u/27303632/skygear-specs/skygear-cms-push-2/index.html

Everything included in the design above can be considered as v1.0, features listed below can be considered for future improvement/consideration:

• Segment users based on
  • attributes under UserProfile.
  • manually uploaded device identifiers
  • manually uploaded list of username/emails/sms numbers
  • devices attributes
    • Last timezone
    • Language
    • Country
    • iOS / Android model
    • Locations
• Send push notification with actions:
  • Open the apps
  • In App HTML page (allow users to copy and paste a HTML in it, or can we embed a simple WYSIWYG browser?)
  • Deep linking (choose a deep link URL)
  • Open URL in browser (input a URL)
  • Custom JSON

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Revamp architecture of Cloud Functions to make test and deploy cycle quicker and safer. Quicker meant for update code to test should be in matters of seconds (< 15 sec?); Safer meant if a Cloud Function crash rest of the Skygear should remain safe.

Related Issues

• Server Issues: oursky/skygear-cloud#351
• Client Issues

Design/Specification

@cheungpat will work out a design specification after oursky/skygear-cloud#351

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Description

Make it easy to create saved query on the server side; Then call them from client side and retrieve the result. Aims at making it easier to construct complicated query yet without re-implementing all of SQL on in Skygear

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Design/Specification

There are two ways to do it:

• Method 1. In Development Mode, a Skygear instance would accept SQL Query from client SDK and save it as a template, and run them in production mode.
• Method 2. In Developer Portal, there will be UI for developers to construct SQL Query with placeholder variables, and call them easily from Client SDK.

Although both method can be mixed, it seems better to priority for Method 2 which is easier to use.

It is also noted that the Query result will need to be in a specific format in-order to return the Skygear Record correctly. It is agreed that we should do it via an UI to guide users construct the query.

Finally, we will need to convert the SQL Query result to Skygear Records:

• In Python, besides dict, what other ORM we should support? (SQLAlchemy? Any other?)
• In Javascript, besides array map, what other ORM we should support? (sequelizejs?)
• Shall we have a "default ORM" in Cloud Functions?

Tasks breakdown:

• Support Query Template on skygear-server
• Support Query Template on iOS, Android Javascript SDK
• Developer Portal should have an UI to configure the query templates. (How to assist users to construct the correct result?)
• Utility Function to convert SQL Query result to Skygear Records

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advices

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API docs should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Plugins to implement forget password and welcome emails features

There is an existing plugins: https://github.com/skygeario/forgot_password/

Design/Specification

• Workflow:
  • Call forgotPassword(email) from client-side
  • The respond is always success even if the email address was not found, if FORGOT_PASSWORD_SECURE_MATCH is set to TRUE. (Hence users are expected to display something like If a matching account was found an email was sent to [email protected] to allow you to reset your password. after forgot password was requested.
  • FORGOT_PASSWORD_SECURE_MATCH is set to FALSE by default, which will return ResourceNotFound if the email doesn't match.
  • If FORGOT_PASSWORD_WELCOME_EMAIL is set to TRUE, send an Welcome Email when new user signed up.
• Portal Setting (Under User Auth > Forgot Password / Welcome Email)
  • Setting (Enable, Sender, From, Reply To)
  • Welcome Email Template (sent when new user signed up and enabled)
  • Forgot Password Email Template (sent when password reset was requested)
  • Reset Password HTML Template
  • Reset Password Success HTML Template
  • Reset Password Error HTML Template
  • Each Email Template / HTML Template in Portal have a "Try" button for a preview.
  • Each template should have the following fields:
    • From Email Address
    • Subject
    • Reply to
    • Content
    • Redirect URL (only applicable for emails)
    • URL Lifetime (only applicable for HTML templates)
  • Content are expected to be an HTML / plain text editor with placeholder variable. The list of placeholder variable should include all the fields under the User table, and something like [[url]] to include link to the confirmation page.

Sample code

SKYContainer.default().forgotPassword(email: “[email protected]”)
skygearContainer.forgotPassword(“[email protected]”)
skygear.forgotPassword(“[email protected]”)

Related Issues

• Server Issues
  • SkygearIO/forgot_password#9
  • SkygearIO/forgot_password#10
  • SkygearIO/forgot_password#11
  • SkygearIO/forgot_password#12
• Client Issues
  • SkygearIO/skygear-SDK-Android#123
  • SkygearIO/skygear-SDK-JS#192
  • SkygearIO/skygear-SDK-iOS#92
• Portal Issues
  • https://trello.com/c/M7QhTYqM/118-skygear-forgot-password-and-welcome-email-portal-setting
  • oursky/skygear-portal#262
• Guides Issues
  • SkygearIO/guides#56

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Add support for HTTP2 and take advantages of the protocol. e.g. Reduce overhead of multiple connections.

Related Issues

• Server Issues: SkygearIO/skygear-server#326
• Client Issues: SkygearIO/skygear-SDK-Android#113
• Guides Issues

Design/Specification

WIP

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Description

Support Inner Query like Parse.

Related Issues

• Server Issues
• Client Issues SkygearIO/skygear-SDK-Android#103
• Guides Issues

Design/Specification

https://parseplatform.github.io/docs/android/guide/#relational-queries https://web.archive.org/web/20170222001607/http://parseplatform.github.io/docs/android/guide/#relational-queries

Looks at whereMatchesQuery whereDoesNotMatchQuery include

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Description

Currently there are multiple APIs like discoverUserByEmails, getUsersByEmail, queryUsersByEmail etc. It is very confusing. We should consider design a new set by considering the scenario of usages.

API Design

Scenario

• User Profile of a Telegram-like Chat App
  • Maintain a contact list by each user
  • Add new users by username/telephone no. (But both attributes should be private)
• User Profile of a Dating App
  • Maintain a contact list by each user
  • Add new users by username/email (But both attributes should be private)
  • List all Female users in Hong Kong
• User Profile of a Blog
  • Create new users with most info private
  • Selectively make Country, Gender, or Email public on the blogging site
  • When users visit blog.com/[slug], it should list the user info and all of the blog records owned publicly by the user.

Sample Code

Put sample code of how you vision this API will be used, consider different type of developers and different abstract level

API Design

PR:

• #69 API Design of Field-based ACL
• #68 API Design of User Profile

Technical initial thought

• 1 User Profile over multiple Profiles
• Merge _user with the User Profile for all APIs
• ACL support column-based (Policy-based ACL? #39)

Existing related API

• Design the API and see how to migrate from current to the new one.

Related Issues

• Server Issues
  • Create field-based ACL model (SkygearIO/skygear-server#375)
  • Support field-based accessibility control for trivial user roles (SkygearIO/skygear-server#376)
  • Support field-based discoverability control for trivial user roles (SkygearIO/skygear-server#377)
  • Support field-based ACL on owner user role (SkygearIO/skygear-server#378)
  • Support field-based ACL on dynamic user set (SkygearIO/skygear-server#379)
  • New User Profile Design: use _auth as authentication object, update auth api (SkygearIO/skygear-server#393)
• Client Issues
  • New user profile design: Update skygear.auth api (SkygearIO/skygear-SDK-JS#250)
  • New user profile design: Update skygear.auth api (SkygearIO/skygear-SDK-iOS#112)
• Guides Issues
  • Add guides for field-based ACL (SkygearIO/guides#76)

Progress Tracker

Preparation

• Specification Design Approval (SkygearIO/skygear-server#352)
• Draft guides (SkygearIO/guides#9)

Implementation

• Code
• Minimal tests
• API reference

Documentation

• Edit guides

Release

• Update release notes
• Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Trigger Cloud Functions by Pubsub

Design/Specification

WIP

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Support GeoPolygon and Location storage, search by location and search by geometry.

API Design

Scenario

Put list of Scenario how developers will use this API

Sample Code

To save polygon

const polygon = new skygear.GeoJSON({
  "type": "Polygon",
  "coordinates": [[
    [100.0, 0.0], [101.0, 0.0], [101.0, 1.0], [100.0, 1.0], [100.0, 0.0]
  ]]
});

To search geometry by location

const query = new skygear.Query(District);
const geoLocation = new skygear.Geolocation(22.283, 114.15);
query.containsValue('area', geoLocation);

To search location by geometry

const place = new Place({
  name: 'IFC HK',
  location: geoLocation,
});
skygear.publicDB.save(place);

const query = new skygear.Query(Place)
query.contains('location', polygon); 

To search geometry by geometry

const query = new skygear.Query(District);
query.containsValue('area', polygon);

Other geometry types

http://geojson.org/geojson-spec.html#appendix-a-geometry-examples

Point

{
  "type": "Point", 
  "coordinates": [102.0, 0.5]
}

LineString

{
  "type": "LineString",
  "coordinates": [
    [102.0, 0.0], [103.0, 1.0], [104.0, 0.0], [105.0, 1.0]
  ]
}

Polygon with interior rings

{ "type": "Polygon",
  "coordinates": [
    [[100.0, 0.0], [101.0, 0.0], [101.0, 1.0], [100.0, 1.0], [100.0, 0.0]],
    [[100.2, 0.2], [100.8, 0.2], [100.8, 0.8], [100.2, 0.8], [100.2, 0.2]]
  ]
}

Multipolygon

{ "type": "MultiPolygon",
  "coordinates": [
    [[[102.0, 2.0], [103.0, 2.0], [103.0, 3.0], [102.0, 3.0], [102.0, 2.0]]],
    [[[100.0, 0.0], [101.0, 0.0], [101.0, 1.0], [100.0, 1.0], [100.0, 0.0]],
     [[100.2, 0.2], [100.8, 0.2], [100.8, 0.8], [100.2, 0.8], [100.2, 0.2]]]
    ]
}

API Design

Put Design and Specification here with links

Open Questions

Put a list of open questions here before a complete design / specification is decided

Related Issues

• Server Issues
  • SkygearIO/skygear-server#262
  • SkygearIO/skygear-server#343
• Client Issues
  • SkygearIO/skygear-SDK-Android#121
  • SkygearIO/skygear-SDK-JS#185
  • SkygearIO/skygear-SDK-iOS#90
  • SkygearIO/py-skygear#133
• Guides Issues
  • SkygearIO/guides#50

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code SkygearIO/skygear-server#340
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

A meta feature to track Skygear Portal development, kind of a wish list for skygear.io too.

Design/Specification

• Dashboard
  • Number of users, active users, etc.
• Cloud DB
  • Data Browser
  • Settings
  • Schema
  • ACL
  • Query Subscription
  • Query Template
  • Import
  • Usage
  • Backup
• Users
  • Users List
  • 2FA
  • Forgot password
  • Email Verification
  • SMS Verification
  • Single Sign On
  • Setting
• Chat
  • Dashboard
  • Conversations
  • Settings
• Push
  • Dashboard
  • Settings
  • Send Push Notification
• CMS
  • Settings
  • Theme
• Pubsub
  • Dashboard (send / receive pubsub)
  • Web Hook configuration
• IoT
  • Devices Management
• Cloud Functions
  • Editor (alt. Console)
    • Web Hooks
  • API Keys Management
  • Production Log
• Settings
  • Profile
  • Environment
  • App Info
  • Audit Log
  • Collaborators
  • Advanced

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

When registering device token, tell which segment (or app) it is belonging to. When sending push notification, can choose to send to a user with which segment. e.g. only app A for this user will be received. But not another app sharing with.

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Design/Specification

WIP

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API docs should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Make it super-simple to enable 2FA support on apps. Aims at support Google Auth (TOTP) and SMS at the beginning.

Design/Specification

WIP

• Portal
  • Developer can enable 2FA support from portal. There should be two 2FA provider Google Auth (TOTP) and SMS, and each one can be enabled individually.
  • Developer can choose to require 2FA challenge only for:
    • All users
    • (All users with an attribute set <== this one might be too complicated)
    • Users when country change
    • Users requests not in an IP ranges (A textbox mult-line)
  • Developer can choose the SMS Provider.
• Client SDK / API
  • SDK/API for login with 2FA.
  • SDK/API for users setting up 2FA. Including enable each 2FA options. (SMS can depends on the verification by SMS plugins?)

Questions

• Shall we have a default UIKit for User Login + 2FA?
• How to enable the possibility to support custom logic of who needs to login with 2FA? Country change and IP ranges are most common one, but there can be countless possibility (say I really just hate people with @oursky.com (http://oursky.com/) email anyone with an email like that need 2FA), we don't have to implement it now but how to make sure we can support it in future?
• How to enable users to “remember the 2FA session for 30 days”?
• We should focus on the most common way of 2FA (i.e. Google Authenticator, TOTP); For other 2FA options, we shall consider doing them only if paid users specify it (e.g. Push notification, U2F or some other hardware solutions)

Related Issues

• Spec PRs
  • #343
• Server Issues
  • SkygearIO/skygear-server#1025
• Client Issues
  • SkygearIO/skygear-SDK-JS#513
• Guides Issues

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advice

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API doc should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.

Description

Since Skygear early days, one of the most common usages internally is to build Chatbot (for Slack / FB Messenger, etc). We should consider how to improve this experience for users.

It depends on the completion of feature #3 Improve Cloud Functions Development Environment

Related Issues

• Server Issues
• Client Issues
• Guides Issues

Design/Specification

WIP

Some initial idea:

• Provide a UI to configure connection to the services provider (Slack, Facebook Messenger, Hipchat) easily.
• Provide template code for modification for common usages such as command subscription, send messages, etc.

Progress Tracker

• Specification Design Approval
• Write (code + tests + API docs) then get them merged. Put All PR there
  • Code
  • Minimal tests
  • Minimal API Docs
• Guides. Put All PR there
• Release
  • Update release notes
  • Release

Advices

• Specification Design Approval
  • Once you get LGTM from another Skygear Core Team Member, you can check this checkbox. And apply the "workflow/design-complete" label.
• Coding
  • Use as many PRs as you need. Write tests in the same or different PRs, as is convenient for you.
  • API docs should goes in the same PR with the code.
  • As each PR is merged, add a comment to this issue referencing the PRs.
  • When you are done with the code, apply the "workflow/code-complete" label.
• Guides
  • Write or modify guides and get them merged in https://github.com/skygeario/guides
  • When the PR of guides is merged, check this checkbox and apply the "workflow/guides-complete" label.