Report issues
We're currently not allowing issue reporting directly via ITS. Please use the feedback form to submit your issues.
Add known issues to JAS backend
The JAS backend should be able to pull all known issues from the JAS website and display them in the backend.
Logs clean up
Log table can fill up quite a bit, so it would be nice if it would clean up automatically. Multiple ways of doing this but the most logical seems to be to remove everything older than X days (configurable). A similar approach already exists for cache cleanup which simply the "next clean up time" and checks every time whether it's passed it and if so removes everything older than X.
The downside of this is that (currently) it uses the session to maintain the "next clean up time" which means...
API set project completely overwrites session
When switching projects via the APIs it does load the new project but overwrites the current session (clearing the login etc). Depending on the scenario this may be desired behavior however it seems more logical to take a similar approach as how the backend handles multi project sessions.
Moreover it seems debatable whether switching projects with the APIs is something that should be allowed on a project basis. If project A allows it but project B doesn't then there's no way to switc...
Plugin static data
When distributing plugins they often require static data to be setup to function correctly. While this can be handled in the postSetup function, it isn'/files/ in its storage directory which are loaded automagically.
So far to big issues arise:
The order in which the data is loaded is crucial. Mostly this is the order of the modules which is typically dictated by their references. However self-referencing modules also require the order of the individual entries to be correct.
...
Add CSRF prevention support
Cross-Site Request Forgery (CSRF) are request to the server initiated from other websites. Allowing this is potentially dangerous as the request piggybacks on the existing session on the server if it's ran from the same browser (imagine 2 tabs, 1 logged in on the server, the other with a malicious site that sends a request to the server).
The most suitable way to prevent this seems to be Synchronizer Token Pattern
(STP) which effectively requires a unique token to be sent...
1:* filtering should use reference ID instead of referenced field
Currently when setting the 1:* reference field value the MySQL use referenced field instead of the ID field of the referenced module. Using the former is rather useless since that's effectively the ID field of the original module.
So change:
FROM `module`
LEFT JOIN `referenceModule` ON `module`.`nr`=`referenceModule`.`referenceField`
WHERE referenceModule
`.`referenceField
`="123"
To:
FROM `module`
LEFT JOIN `referenceModule` ON `module`.`nr`=`referenceModule`.`referenceFi...
JSON format & API support
JAS should support JSON parsing and rendering which in turn can be used for a full-fledged read/write API. The JavaScript HTTP class should be extended to support this as well.
How should system upgrades be handled?
Currently only the initial installation is foreseen, however upgrades should be easy to install as well. This could be handled in a similar fashion as plugins, i.e. download the latest version and upgrade JAS using the backend.
JAS backend filters
The JAS backend should have a filter section to more effectively drill down in the data. the filters should be automatically generated based on the module (similar to the CMS). Text fields should have a inline dropdown with available values (like the search box).
Additionally it should remember the last set filters if the user comes back to the page later. This will require a "Reset" button to set all values to their defaults.
