zyxist / cantiga Goto Github PK
View Code? Open in Web Editor NEWMembership management system that helps non-profit organizations running their projects, written in PHP / Symfony.
Home Page: http://cantiga.org
Membership management system that helps non-profit organizations running their projects, written in PHP / Symfony.
Home Page: http://cantiga.org
Create a RESTful API to fetch the data about approved areas and routes. The API shall have a possibility to extract only the changed records since the given moment in time.
Current PHPUnit version does not support the PHP7 constructs and uses an old, outdated API.
In addition, the whole test suite must be rewritten from scratch to drop the dependency on the database.
Trimming of CoreBundle is ongoing. We want to have the functionality of Application texts moved to a separate bundle.
Other bundles shall access all application texts via interfaces from Cantiga\Components\Application
.
Copy-paste error from routes.
As a result, there is no way to select a language using _locale
flag.
Affected pages are the public EDK pages.
Add the area filter for the routes and registration settings. The filter shall be present in the group and project workspace.
In the area request list visible in the project, we display just the public e-mail of the authors of the requests, if the user remembered to turn on the visibility for the project.
Currently, those fields are reset to the most restrictive settings, and 95% of users do not know that they should actually increase them to get meaningful information. The solution could be to change the default settings:
The validation of input for invitations is missing. It worked, because usually browsers blocked sending null data, but if not, we get Error 500.
In the user profile, there is a spare place to display the user activity. Create an extensible subsystem to record the user activity and display it in the given place, filtered against certain criteria:
Create a viewer for the messages from the participants. The viewer shall be available for the area workspace, and would allow setting the status for each message and "taking" the message to answer.
The data tables in the panel are not embedded within a DIV that allows them being responsive. As a result, they do not scale if the screen size changes, and we cannot i.e. hide certain columns. Wrap all the data tables in the necessary DIV to improve the UI experience.
We have an increasing number of features that duplicate similar functionality across project, group and area workspaces. The screens are almost the same, and there are only minor differences. However, the existing workspace solution requires a separate controller for each workspace which forces us to use traits etc. in order not to duplicate the code.
We can also think about changing the URL format, because right now the same resource can be accessed from different places under different URL-s. This will cause problems with the emergence of discussion board, etc. when people from different workspaces would work on the same resource.
Professional mailing services (e.g. Mailgun) bill their users for the number of sent e-mails. The administrators of Cantiga shall be able to set limits for the number of e-mails sent by particular projects, to ensure that the budget for mailing is not exceeded.
Each project, group and area shall have a mail limit: the limit of e-mails the members of the place can send. In addition to the default limit that is granted, when the place is created, it shall be possible to grant mail packs that increase the limit. All the granted packs shall be recorded, and the full history shall be available to the administrators.
The design shall allow introducing the system for buying new mail packs directly by project/group/area leaders in the future.
When we send an invitation to user X in the place Y, and there is an identical invitation in the database, we get an unique constraint violation. The code does not check whether the invitation has already been added.
The place shall have a panel that allows:
In the area request creation form the user selects the territory for the area. However, it is not displayed anywhere in the project panel.
QueryBuilder
shall be kept in the Cantiga API as a part of Cantiga\Components
.Implement a configurable state machine for changing the area status. The change itself will be done by spawning a cron task.
Currently there is no way to find it, even for admins. Sometimes it is useful.
Check if the presentation of the geographical position of the area can be more deterministic and consistent with the pattern in the hint text. I think that this is a browser issue, and the fact that we rely on default formatting pattern for numeric fields.
As a result, changing the status is not recorded as a modification (according to modification time), and such an area won't be exported to the external system.
Introduce an additional text displayed under the chat in the area request preview.
cantiga/src/Cantiga/ExportBundle/Command/ExportCommand.php
Lines 67 to 69 in 49a2b95
why?
https://www.leaseweb.com/labs/2014/02/aes-php-mcrypt-key-padding/
https://paragonie.com/blog/2015/05/if-you-re-typing-word-mcrypt-into-your-code-you-re-doing-it-wrong
https://defuse.ca/secure-php-encryption.htm
consider replacing it with openssl or (better!) use a good wrapper like https://github.com/defuse/php-encryption
If our project (A) is a continuation of an older project (B), the user shall be able to import his/her area created in B project, with all the data.
Use case: the user wants to continue the area in the new project. He does not want to enter all the data again.
Add some unit tests for ImporterService
from the core bundle.
Create a statistical screen with charts related to courses.
Add a statistical screen with charts related to routes:
Creating an initial implementation of a discussion board:
It is safer, especially for Polish users, where comma is used for marking decimal parts of numbers.
The code specific to EDK project shall not be a part of the generic Cantiga distribution. It was originally done just for convenience, but now it's the right time to separate.
The task is to use git subtree
to split /src/WIO
directory as a separate repository and write a general-purpose tutorial on how to integrate customizations with the generic code base without loosing the ability to pull commits from the generic repository.
composer.json:
{
"name": "Cantiga Project",
- "license": "MIT",
+ "license": "GPL-3.0",
"type": "project",
The distribution lists may be quite big, and contain thousands of e-mail addresses. The task of sending the e-mail shall be delegated to some external process working in the background in order not to block the threads responsible for serving the HTTP traffic.
Explore the available solutions, choose one and implement. The chosen solution might utilize Cron or a background process, and it must allow further integration with Rackspace Mailgun.
I know personal preferences may be crucial but following PSR-2 on opensource symfony-based project would be good for contributing.
The main issue I see here is using tabs and when you look through the code on github you'll notice it is inconsistent because leading spaces are here or there (tabs on github are expanded to 8 for default so you can easily spot the difference).
There is a great tool, Sensio CS Fixer, http://cs.sensiolabs.org/ which helps keeping the code in a good shape. You can run it with --level=symfony
to ensure it follows the same CS as Symfony or use prs2
setting to ensure it's psr2 compliant.
Later, I suggest creating a .editorconfig
file in the root of the project, it is recognized by major IDEs and code editors (either native or by plugin) and allows consistent encoding, tabs, and other preferences for source projects. More on this: http://editorconfig.org/
For this project I suggest the following:
root = true
[*]
end_of_line = LF
charset = utf-8
[*.php]
indent_style = space
indent_size = 4
insert_final_newline = true
[*.yml]
indent_style = space
indent_size = 4
[*.json]
indent_style = space
indent_size = 4
[*.twig]
indent_style = space
indent_size = 4
[*.md]
trim_trailing_whitespace = false
of course it can be tweaked for future other file formats.
In the ACP, there should be a possibility to search users via login or e-mail, too.
http://codahale.com/how-to-safely-store-a-password/
https://paragonie.com/blog/2015/08/you-wouldnt-base64-a-password-cryptography-decoded
and so on...
security:
encoders:
Cantiga\CoreBundle\Entity\User:
- algorithm: sha256
+ algorithm: bcrypt
- encode_as_base64: true
- iterations: 0
+ cost: 12
and of course, reset current user passwords.
Symfony already requires ircmaxell/password-compat
package which provides password_hash
, password_verify
and password_needs_rehash
for PHP < 5.5 but you can explicitly require it in your composer.json.
Currently, membership information is spread across three tables: cantiga_project_members
, cantiga_group_members
, and cantiga_area_members
. This makes the management complicated:
There is a table cantiga_entities
, that contains basic, common information about every project, area and group. New membership table should link directly to it.
Impact on a system:
Group and project members cannot edit EDK routes due to the bug in the entity. The editing form contains the Area
field that allows to change the assignment of the route to the area. However, in the entity this property is disabled for editing and it throws an exception, when the form engine tries to update the entity state.
Add an extension that will display the routes in the given area information page (groups, projects).
Current privacy module is extremely limited and causes many problems. Because there is no global user registry, the satisfactory boundaries of the personal data visibility are projects, groups and areas, with the restriction that the lower units can't see the data of the members of the upper ones.
Project members shall be able to view e-mails sent by group and area members.
Group members shall be able to view e-mails sent by area members.
Write unit tests for the stuff in Cantiga\CoreBundle\Api\ExtensionPoints
namespace.
We are being flooded by some files we do not use, but are expected by browsers etc.
The mailing module shall allow sending e-mails only to predefined distribution lists. Distribution list is an algorithm that selects the e-mail addresses that will receive the given message.
Cantiga shall:
In addition, the project shall have a panel for:
It seems that there is a problem in the calculation of the number of areas in the groups. I'll change that to recount it.
Implement an editor for the registration settings for routes.
The editor shall be available in project, group and area workspaces.
Currently, the list of available areas does not have any filter. We should install AreaFilter
there to allow selecting areas via status, territory, group or category.
The user reported that there's a problem with downloading route maps in JPG format (cannot download the file).
CourseBundle - the text course:list:area
is displayed on the course list only, if this is a system-wide text. Project-specific text does not work despite the fact that we have an access to Project
instance.
Create the initial bundle structure for the mailing module, and register it in the framework.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.