Currently if 2 users edit the same information the last store will effectively overwrite the other one. At the very least the users should be made aware of this. A simple solution seems to be to create module that keeps track for each module which entry is added, edited and deleted in the last X minutes. This information can in turn be used to indicate to other users certain information is volatile. Note that JAS16MAR002 may also rely on this information.

Currently JAS doesn't deploy any protection against overloading of the system. It seems wise to add protection against brute force login attacks and mass adding of information. As JAS16MAR001 will probably already create a "temporary log" of what's going on this may be used for overload projection. Alternatively JAS16JAN006 may also provide a way to limit submissions.

Editing the workflows is rather difficult, to make it easier the module itself should give more guidance (i.e. limit what you can fill in or rather visualize the current flow somehow. A better approach would probably be to add a workflow manager (optionally using the graphics plugin) to visualize and edit workflows.

Currently session management is handled in the default PHP fashion and thus resides on the webserver. To make it more flexible we'll need to support the following alternatives:Database (aka module based) Memcache / Redis File based Since sessions (both _session and _config) are quite fundamental to the functioning of JAS it seems wise to have as little dependencies on JAS to avoid circular dependencies. That said, replicating the Cache class seems futile as well... Configuration...

The JAS backend is starting to have a nice collection of HTML layout functions that should probably be available generically: function menuItem($menu, $content, $action=false, $title=false, $icon=false, $properties=false) function menu($menu, $class=false) function tableRow($table, $header=false, $properties=false) function tableColumn($table, $content, $action=false, $title=false, $properties=false) function table($table, $class=false) function cms(&$d, $url=false, $confi...

The array field type forces in/not in as the operator, while supported by MySQL, it's unavailable in the other storage objects. For the Session/XML storage objects it should be pretty straightforward as _filterDataset provides a nice hook. The API storage object will require some different logic for this.  Once this is available for all storage objects the internals of JAS (e.g. references data gathering) can use the in/not in operator.

JAS will need to support Encryption / Decryption for a variety of ciphers. It should also support hashing algorithms (MD5, SHA, etc) so it can replace the passwords hashing in the Data object.

JAS already support RSS formats for parsing and rendering but it should also have an API. It will probably be limited to read-only and it will be somewhat different from the other APIs. The idea is to work with templates to have some flexibility in defining the message format. Additionally it should probably support default rendering for all modules. Modules /api/rss/module name/ will generate an Atom 1.0 feed like so: <title>Title field value</title> <summary>Same a...

It would be handy if new reference can be added quickly for modules that only require the "title" field to be provided when adding a new entry. So instead of showing a (multi)dropdown a text field will be shown with the current referenced entry/entries. If a non-existing entry is added to the text field it will be automatically added as a new entry.  Additionally it should show a quick dropdown (i.e. listOptions) with all available entries to quickly selected them. For multi referen...

The JAS backend should have a help section included. Probably the easiest is to just reference the online documentation "Backend" on the website. One idea is to have an ? icon somewhere which shows the related documentation pages. This can than automatically download and show the content on the website.