monday-morning / project-reclamation Goto Github PK

Details of the Task

• Enforce null check at graphql context authorization header
• Add sample auth key for development use
• Update type resolvers to enforce null checks

Describe the bug
duplicate article on the home page and category page

Expected behaviour
No, duplicate articles should be there on the home page and category page

Details of the Task

• Create User Type
• Create tests and write resolvers for the following
  • Create new user (Only if user exists in firebase auth)
  • Update select fields of user
  • Read user by ID
  • Read user by Email
  • Remove user (Admin only)

Planning Files

• Model Design
• APIs

Describe the bug:
Prettier run (list-different) on github actions shows invalid formatting of files while local system runs show no faults.

Expected Behaviour:
Response should match on actions and local system

Additional Context
Prettier Response:
server/schema/user/user.model.js
test/helpers/authorization.test.js

Originally posted by @github-actions[bot] in #98 (comment)

Details of the Task

• Setup Firebae Auth
• Setup Auth APIs and Functions
  • Reverify Auth Token
• Setup Custom Claims
• Setup Roles & Permissions

Details of the Task

• Create Article Type
• Create Article Queries
• Create Article Mutations
• Write resolvers for Article Schema

Planning Files

• Model Design
• APIs

Details of the Task

• Use Google Docs API to create the file
• Use Google Drive API to add editors and transfer ownership to a common MM account
• Use Google Docs and Sheets API for retrieving the content of an article

Documentation and Requirements

• Google Docs API
• Google Sheets API
• Google Drive Files API
• Google Drive Permissions API
• Google Drive Roles

Write mutation to add squiggle

Details of the Task

• Create Squiggle Type
• Create Squiggle Query
• Create resolvers for queries

Describe the bug
In Line 150 and Line 156, the argument passed is parent.id

Expected behavior
In Line 150 and Line 156 of user.type.js, the argument passed to the resolver should be parent.createdBy and parent.updatedby instead of parent.id

Details of the Task

Create the required classes and methods to handle errors across the application.

Details of the Task

• Create Club Type
• Create tests and write resolvers for the following
  • Create new club (Admin only)
  • Update club (Admin only)
  • Read club by ID
  • Find club by Name
  • List clubs by society
  • Remove club (Admin only)

Planning Files

• Model Design
• APIs

Queries

• Get all polls.
• Get latest poll.
• Get poll by id.
• Get list of user participate in a poll.

Mutation

• Add new poll.
• Edit poll by id.
• Delete poll by id.

Models to create:

• User
• Role
• Club
• Event
• CategoryMap
• Tag
• Media
• Album
• Article
• Comment
• Reaction
• Issue
• Session
• Company
• Live
• ShareInternship
• Squiggle
• Forum
• Poll

To be created as per Model Design

Describe the bug
no-magic-numbers is set to allow

Expected behavior
no-magic-numbers is should be set to off

Additional context
Formatting issues have occurred due to the bug

Describe the bug
Found in tests from #72 and #73
Firebase auth and session has been mocked incorrectly.

Expected behavior
All tests should pass

Additional context
Decoded Tokens contain custom claims in root and not within custom claims object

Details of the Task

• Isolate Permission System from Resolvers
• Do not add permission logic inside resolvers
• Do not use any form of level comparisons in resolvers

Documentation and Requirements

Relates to #62

Describe the vulnerability
The /admin/media/auth is currently public and can be used by anyone without any authentication or authorization. The route should be secured to only those who have write access to imagekit data store.

Code References (if required)
server/router/index.js:31

Details of the Task

• Create Role Type
• Create tests and write resolvers for the following
  • Create new role (Admin only)
  • Update role permissions (Admin only)
  • Get role permissions
  • Get all roles
  • Remove role (Admin only)

Planning Files

• Model Design
• APIs

Describe the bug
getArticlesByCategories sends unpublished data and many functions have missing context arguemnt

Add secure flag for Express Session in production.

Tracking issue for:

• https://github.com/Monday-Morning/project-reclamation/security/code-scanning/5

Create and add the following files

• APIs Required
• Collection Relationships
• Models

To Do:
Generate a map of field nodes being requested in graphql to projection fields in a mongoose query to limit retrieval of redundant data.

Is your feature request related to a problem? Please describe.
CI/CD for Project Reclamation at development and production stages

Describe the solution you'd like
PM2 Deploy

Describe alternatives you've considered
GCP AppEngine Auto-Deploy

Details of the Task

• Refactor contribution mutations
• Add Google Docs support.

Add documentation comments directly to your source code, right alongside the code itself. The JSDoc tool will scan your source code and generate an HTML documentation website for you.

Reference:
https://jsdoc.app/

Details of the Task

• Update updatedBy field for all update mutations in User Schema

Is your feature request related to a problem? Please describe.
When any error is thrown, be it a failed execution or a conditionally raised error, no data is sent back and only the error is.

Describe the solution you'd like
In these cases, a partial amount of data is already available or is permissible to be sent and should be sent instead of an empty data response.

Additional context
Examples:

• When a user requests fields they are not authorized to access, the data in the permissible fields can be sent back along with the error.
• When a user requests documents which contain a mix of documents they are allowed to view and not, the ones they can view can be sent back with the error or in some cases, without any error sent.
• When execution crashes mid-way, some data may have already been retrieved and can be sent back.

Describe the bug
GitHub Linting Workflow is buggy and fails due to script errors

To Reproduce
Steps to reproduce the behavior:

1. Go to Actions
2. Click on 'Lint Check'
3. See last error when linting files

Expected behavior
Should execute the script and output formatting and code errors.

Additional context
Script broke after a switch from pull_request to pull_request_review trigger

Winston is designed to be a simple and universal logging library

Reference
https://www.digitalocean.com/community/tutorials/how-to-use-winston-to-log-node-js-applications

Details of the Task

• Implement Data sources to isolate Mongoose API Calls from resolvers and use caching is possible
• Implement DataLoader to batch requests and solve N+1 problem.

Documentation and Requirements

• About the N+1 Problem: What is the N+1 Problem in GraphQL?

Details of the Task

• Restructure UserType as an independent.

Details of the Task

Standardize Error Handling across Project Reclamation, Project Tahiti, and Project Pegasus with custom error codes

Planning Files

To be planned and made

Documentation and Requirements

To be planned and added

Describe the bug
Missing SSH key GitHub deployment action causes the script to fail as it cannot access the development server.

To Reproduce
Steps to reproduce the behavior:

1. Go to actions tab
2. Click on latest deployment action
3. See error

Expected behavior
Deployment should succeed

Additional context
Use Add SSH Key using the secrets SSH_PRIVATE_KEY, SSH_KNOWN_HOSTS and SSH_CONFIG

Describe the vulnerability
A direct return of cache data is a security risk. Return standard code 200 response instead.

Code References (if required)

Is your feature request related to a problem? Please describe.
Sort the article by date and not by id.

Describe the solution you'd like
Add sort by date

Describe the bug
getArticlesByCategory resolver throws 500 error.

Expected behavior
It should not.

Additional Context
onlyPublished flag is used but not defined.

Create Schema for all the tables required

Details of the Task

• Create Event Type
• Create tests and write resolvers for the following
  • Create new event (Admin only)
  • Update event (Admin only)
  • Read event by ID
  • Find event by Name
  • List event by club
  • Remove event (Admin only)

Planning Files

• Model Design
• APIs

Dependendecies

• #58

queries

• Get comments by article id
• Get all comments

mutation

• Create comment
• Delete comment by id

Fix all prettier and lint issues in the repository.

Details of the Task

• Plan APIs required for admin panel
• Plan all permissions and roles to be created

Planning Files

• Model Design
• Standard APIs

Details of the Task

• Use firebase account linking for NITR Mails
• Remove nodemailer configuration

Documentation and Requirements

Relates to #62

Describe the bug
PM2 Deploy has an invalid path for the staging configuration (~/www)

Expected behavior
Absolute path (/home/mm/www) should be used

Describe the bug
The use of UserType in all other types is resulting in a circular dependency.

Proposed Solution
Remove createdByUser and updatedByUser edges from all types.

Details of the Task

• Update CORS to support custom check

Details of the Task

• Create Issue Type
• Write resolvers for the following:
  • Create new Issue(Admin only)
  • Update Issue(Admin only)
  • Read Issue by ID
  • List Issues
  • Delete Issue(Admin only)

Planning Files

• Model Design
• APIs