jrogelstad / featherbone Goto Github PK
View Code? Open in Web Editor NEWA JavaScript based persistence framework for building object relational database applications
License: GNU Affero General Public License v3.0
A JavaScript based persistence framework for building object relational database applications
License: GNU Affero General Public License v3.0
A non-super user is able to export a super user object. Because user object exports include credentials, this allows any user to authenticate to any other user in the system except for the initial administrative account (E.G.: postgres) as that password does appear to be stripped.
Issue:
Expected result:
Incomplete feature
When a feather is created, it is not immediately available for use when a new workbook is created. Work around is to refresh the browser.
Export a user object from the FeatherBone UI.
The user's password is included in plain text.
Expected result: Strip the password out, or encrypt it.
Also, the UI for exporting user objects appears greyed out, but still allows the object to be exported.
Auto populate contact children for email and phone
Should be able to web search all documents.
Prevent it from being possible to run a sql statement from a service definition stored in the database.
Need a way to create settings via designer GUI. Also include in packaging
How should it work?
Server should not accept value if it's not in the dataList and feather property format is enum.
Try filtering on "amount" in opportunity in cardinal project. It can not be done.
Missing newer authentication functions. Needs API key support.
Password issues when creating a user:
plain text credential is being logged/written to console on user create (this is understood as being in development, but something to filter out before getting anywhere close to production)
user and credential are posted together over an unencrypted connection. Add HTTPS/TLS support, and investigate/confirm either a) hooks to third party libraries allow you to wholly bypass touching passwords, and/or that they protect the credential at the time of account creation.
Drag 'n drop actions on worksheets including column width, column position and tab move/delete do not work on Firefox browsers.
On the current basic authentication form (username, password), specifically the password field, add a keypress handler for {event}.keyCode == 13 to submit form without having to tab to or click on the submit button.
A user should be able to update their own contact information from within the application. Currently a menu option exists that is disabled.
On a form like the "Feather" form where there are two or more lists, if you do Alt + I you can an insert on all the lists
Currently 'postgres' is set as the service user by default as a matter of convenience, but this user created by the postgres installer has super user access which is very dangerous to grant to a service.
Proposed solution:
A user should be able to update their own password from within the application. Currently a menu option exists that is disabled.
Add a function to synchronize roles and user accounts based on postgres roles.
If an empty database is created ahead of time (instead of featherbone creating it itself) and you run node install against it, it will throw an error:
C:\Users\john\Documents\GitHub\featherbone>node install
(node:6992) UnhandledPromiseRejectionWarning: error: relation "$settings" does not exist
at Connection.parseE (C:\Users\john\Documents\GitHub\featherbone\node_modules\pg\lib\connection.js:554:11)
at Connection.parseMessage (C:\Users\john\Documents\GitHub\featherbone\node_modules\pg\lib\connection.js:379:19)
at Socket. (C:\Users\john\Documents\GitHub\featherbone\node_modules\pg\lib\connection.js:119:22)
at Socket.emit (events.js:200:13)
at addChunk (_stream_readable.js:294:12)
at readableAddChunk (_stream_readable.js:275:11)
at Socket.Readable.push (_stream_readable.js:210:10)
at TCP.onStreamRead (internal/stream_base_commons.js:166:17)
(node:6992) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 1)
(node:6992) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
If you create a new record in a form that was launched in a new browser tab, based on the worksheet configuration to create records in a new browser tab, the record can not be deleted. Work around: refresh the browser.
Need to do the following
While trying to create the feather ... picked one. Then I decided to try to change it. However, when I did (from Object to Document) I received an error about 'Owner' not existing. When I tried to add 'Owner' I received a script callback error.
It should be possible to deactivate a user so they can not log in, without deleting their account.
So Open API integration can work
Should not be allowed for now. Long term, deleting a module should hard delete all it's constituent components.
When you change a user name in the UI. When you save, you get an error about the role name not existing.
Expected behavior: Server should throw an error name cannot be changed. Client should make the name field read only so this isn't possible from the client in the first place.
Overloads for default, required, type aren't enforced on server side
No default password policy or reset confirmation are in effect.
Reproduction Steps:
Observed Results:
User
Expected Results:
Repro Steps:
Expected Results: No change, or the error is caught.
Observed Results: Login does not proceed with any indication of status. Any attempt to access the app afterwards results in a blank page.
Recovery: It is then necessary to delete the module from the script table before the app may be accessed again.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.