mesh icon indicating copy to clipboard operation
mesh copied to clipboard
verified publisher icon gentics

Fix edge cases / add missing implementation

Open Jotschi opened this issue 8 years ago • 0 comments

Edge cases

  • [ ] Cross Project Content - We need to ensure that content linking is limited to a single project. Otherwise GraphQL will not work.
  • [ ] Fileupload - The file upload is currently not checking against the mimetype whilelist of the schema. Moving Tags - It is currently not possible to move tags in between tag families. Tag reference update will not work.
  • [ ] Node Field - The segmentField is currently not populated or checked against the schema.
  • [ ] Read with Role - Currently it is not possible to read an element using a dedicated role.
  • [ ] Number Field - The number field limits are currently not handled.
  • [ ] Schema whitelisting - This is not yet implemented for node field schema
  • [ ] Image Manipulation - Bogus query parameters must be checked and an meaningful error message must be returned.

Potential pitfalls

  • [x] Update permissions - A admin user could potentially update his own permission set of the admin role and restrict him on updating objects.
  • [ ] Tag Conflicts - Tags are currently assigned to a tagroot. Newly created tags that have the same name will cause an error. It is therefore not possible to have two tags with the same assigned each to a different tagfamily.
  • [ ] Node Field Updates - Node field updates are not checking the permissions on the node field.
  • [ ] Node Field Read - Node fields are not checked against permissions of the user.
  • [ ] Delete node - Delete a folder which has subfolders that are read only: Undefined behavior. Missing permissions on a folder stop deletion and missing permission on a file just cause an warning. name. The field would need to be a string field. The field would need to be mandatory.
  • [ ] Node Move/Delete Folder - Node move may cause problems when moving to a folder that can be deleted.

Questions / Other

  • [ ] Tag deletion - Should tags be deleted when they are removed from the tagfamily? → TagFamilyImpl.removeTag(tag)

Possible Feature

  • [ ] Schema whitelisting - Currently it is not possible to restrict the creation of nodes in a given schema for a given parent node. A node of any schema can be created in the parent node.
  • [ ] Role creation - It would be useful to inherit permissions from an existing role when creating a new one.
  • [ ] Binary Fields in Micronodes - Currently it is not allowed to add binary fields in micronodes. We should check whether we actually want this since those fields may not be usable for webroot resolving.
  • [ ] Binary Field List - It is currently not possible to have a binary field list which holds multiple binary fields.

Done

  • [x] Applying recursive permissions takes a long time
  • [x] File Download - Currently it is not possible to download segments of a file. This would be very useful for video streaming. (Http 206 - Content-Range) - #533
  • [x] Search Index Handling - The search index handling is currently iterating over all found items since document level permission are not handled within ES. See #26

Jotschi avatar May 23 '17 12:05 Jotschi