fuelrats / fuelrats.com Goto Github PK

from WEB-69

Acceptance Criteria

TODO

Acceptance Criteria

• A new tab in the profile page lists all oauth clients authorized by the rat.
• An option exists for each client to revoke access from the rat's account.

Bonus Points

• An additional button exists to log the user out everywhere, which deletes all tokens under the user, then logs them out of the website.

Background

Additional Information

It would be really cool if we could have a first and last used/login date display for each client so the user can better identify unauthorized usage of their account.

Acceptance Criteria

• [ ]

Background

Additional Information

The redux patterns of old leave the website rather bloated since our entire redux boilerplate needs to be included with the initial download. Removing this hard coupling to ~/store may improve bundle sizes. Further, the old react-redux patterns of mSTP and mDTP are rather inflexible and should really be avoided.

I am going through each connected class component and either rewriting them or removing their coupling to the store.

This progress can be tracked on the refactor/remove-connect-hoc branch.

Remaining tasks (as of issue creation):

• <AddRatForm />
  • rewrite to useForm() based form component.
• <RatLeaderboardTable />
  • Rewrite to hooks-based function component.
• <AddNicknameForm />
  • Rewrite to useForm() based form component.
• <LoginModal />
  • Use hook-based wrapper function.
• <DefaultRatButton />
  • Why is this even a class?
• <RatCard />
  • Rewrite to hooks-based function component.
• <RatShipLine />
  • Delete. unused and empty component.
• <TermsModal />
  • Rewrite to hooks-based function component.
• <UserNicknamesPanel />
  • Rewrite to hooks-based function component.
• ~/pages/[slug].js
  • Investigate further.
• ~/pages/authorize.js
  • rewrite to hook-based function.
• ~/pages/i-need-fuel.js
  • rewrite to hook-based function.
• ~/pages/admin/rescues.js
  • This page doesn't work anyway right now, and due for reimplementation.
• ~/pages/paperwork/[rescueId]/edit.js
  • Write hook-based wrapper for now.
• ~/pages/paperwork/[rescueId]/index.js
  • Write hook-based wrapper for now.
• ~/store
  • Remove custom connect HoC.

Acceptance Criteria

• A new UI element exists on the dispatch board that gives options for filtering the rescue list.
• The menu that controls filters should have the following filtering options
  • Platform (PC, XB, PS)
  • CR State
  • Rescue state (active, inactive)
  • un/assigned state
  • assigned to current user

Background

Additional Information

Acceptance Criteria

• [ ]

Background

Additional Information

Once again, blcked by API-398

Acceptance Criteria

• A component exists which is displayed by the ratcard, and contains the following details:
  • Ship ID 
  • Ship Name
  • Ship Type
• The following details about the ship should be editable:
  • Ship Name
  • Ship Type
    • Type should be a dropdown of available ships.
• When information is being edited, buttons should exist to either save or cancel the changes
  • canceling changes should reset changed values.
  • saved changes should be PUT to the API.
• A button should exist to delete a ship. This action should come with a confirmation option.
• A button should exist to create a new ship.

Background

Additional Information

Acceptance Criteria

• A button is displayed on all API Errors which generates an error report from the redux action.
• This error report MUST:
  • Be uploaded to paste.fuelrats.com
  • Be censored of any sensitive information.
  • Passwords, auth tokens, and emails are the biggest issues. These are in predictable places with predictable keys, however, so it shouldn't be too difficult to catch everything.
• A method of sending this report should be provided.

Background

We should have an option added to <ApiErrorBox /> which auto-generates error report documents and posts them to {{paste.fuelrats.com}}.

Additional Information

The final method of sending this report is still in flux. just some ideas:

• Just provide a link to our support email and have the user email the report link to us,
• Fully generate and submit the report on the server end with a single click.
  • If we do this, the report should be submitted as a helpdesk ticket, and ideally we have a modal open up to have the user submit some basic contact information along with it.

Acceptance Criteria

• [ ]

Background

Additional Information

Blocked by: API-398

Acceptance Criteria

• Add an about page, darnit!

Background

Additional Information

Acceptance Criteria

• I want to see a "Epics" tab on the user profile if the user has an epic
• Contents Epics Tab meets the following criteria
  • I want to see a form that accepts the following fields
    • Rat (Dropdown) (required)
    • Rat's Full name (required)
    • Shipping Address (required)
    • Shipping City (required)
    • Shipping State/Region (required if country has region)
    • Shipping PostCode (required)
    • Shipping Country (required)
    • Submit button
  • When I press the submit button, if all required fields are filled I want the form to be submitted to the epic cert API (
    • TODO: full URL to be determined later)
  • I want to see a text block explaining if I already have a certificate and want a new one, I should contact a quartermaster rat.

Additional Information

Copy for text block:

TODO

Object to pass to API is as such:

interface CertBase {
  ratId: string; // Inferred from rat dropdown
  userId: string; // current user ID
  cmdrname: string; // Inferred from rat dropdown
  email: string; // current user email
  address?: string; 
  fullname?: string;
  postcode?: string; // ZIP code
  postname?: string; // City
  region?: string; // state/region
  country?: string;
}

Avatars on both the API and the default avatar service now default to webp. This is fine for all but older versions of Safari. We should implement a way to detect support and fallback to when not available. Both avatar sources accept size and format arguments.

Notes

• FuelRats API accepts the query parameters size and format.
  • size is a number in the range of >=32 && <=256
  • format may be one of ['webp', 'png', 'jpeg']
• Avatars API accepts a route signature of /api/avatars/:id/:size?/:format?, but also accepts size and format as query parameters.
  • both size and format accept the same values as the FuelRats API

This issue is for tracking progress of a new way of displaying rescue data on the board.

Tables are kinda old, yo.

Describe the bug

RadioInput fails to be placed within tab order, making it inaccessible for screen readers

Input options should also have a focus state

Expected behavior

I expect the thing to bloody work with tab controls

Steps to reproduce

1. go to page with RadioInput control
2. try tabbing around!

Additional Information (optional)

No response

FuelRats IRC Nickname (optional)

No response

Acceptance Criteria

• [ ]

Background

Additional Information

Blocked by: API-398

just.. look at it. need I say more?

• 100% parent control available
• no more DOM data tags
• separated remote search logic
• Standardized tag data model (JSONAPI?)
• retain accessibility
• no more unsafe lifecycle methods
• Derivatives compose <TagsInput /> instead of inherit it.

react-table-6 will soon become a React 18 upgrade blocker due to it's use of UNSAFE_ methods.

We need to investigate paths forward.

• Upgrade to react-table v7
  • Is an option, but it is drastically different and would require a rewrite from scratch anyway.
  • Further, v7 tends to lead to some somewhat ugly code that I would rather want to avoid, and we need to bring our own UI. from scratch
• Finding another table component
  • Not sure if we want to lock ourselves into another component like this again?
• Rewrite from scratch with a custom brewed component for listing
  • Would give us reason to abstract some pagination logic from blogs for other purposes.
  • Full stylistic control would be a bonus

Acceptance Criteria

• [ ]

Background

Additional Information

Acceptance Criteria

• a pop-up exists that lists unfinished paperwork on all pages.

Background

Additional Information

• File input can/should be styled to include a drop zone which responds to a hovering file (again the original file uploader from rollforguild had this, we can pull from that.)
• Crop tool should be hidden until there is a file to crop
• Some "stop points" for rotate should be added (if possible). maybe in 45deg increments each way, perhaps.
• Theming for rc-slider would be a nice-to-have. maybe modeled after the switch input. ditch the side icons, use a single center icon in the slider handle to represent what the slider is for.
• Some changes to submission flow should be considered.
  • After avatar submission has begun, inputs in the modal should be disabled and have a visible change to clearly convey a pending state.
  • If avatar submission fails, controls of the modal should be restored.
• Styling of the avatar on the profile page still needs to be looked at to resolve that "pop-in" layout breaking effect.
• #374
• The selectAvatarByUserId() selector needs to be modified in the following ways
  • user.attributes.image has become user.relationships.avatar. Avatars are now represented as a relationship instead, so we need to check if the relationship exists to determine if the user's avatar should be used.
  • The ID of the avatar resource should be used to cache bust the user's avatar. this should result in the avatar path to appear like: url = `/api/fr/:userId/image?v=${user.relationships.avatar.data.id}\`

from WEB-7

• Move Marenthyu's x509 certificate generator to a FuelRats host.
• Add link on user's page to run generation and download the certificate. Store the FP and maybe even add it to NickServ? (If possible, it may be NS requires you to have the certificate active on the connection to add a fingerprint)

Right now each page has the default description of

The Fuel Rats are Elite: Dangerous's premier emergency refueling service. Fueling the galaxy, one ship at a time, since 3301.

This should really only be used for the front page and MAYBE /i-need-fuel

everything else could have a custom description.

Acceptance Criteria

• [ ]

Background

Additional Information

Acceptance Criteria

• When the user visits /i-need-fuel on mobile, a notification should appear warning of spotty connection issues.
  • Additionally, Xbox users should be warned as well
  • The option to call for fuel should still exist regardless.

Background

We are getting an increasing number of clients joining from mobile devices (especially now with the Xbox surge). Many of them end up being bouncy because their device suspends the browser with the IRC webclient. This has already led to failed rescues because the client got frustrated with the spotty communication.

Suggestion: Add a hint to the connection page at https://clients.fuelrats.com:7778/
e.g. "If you are connecting from a mobile device, make sure to keep its screen active so our connection will not be interrupted."
The hint could be selectively shown to mobile users with some CSS, e.g. https://stackoverflow.com/a/42835826

Possible contra: Any extra text for the client to read would delay their preparation in CR cases.

Additional Information

• Right now, the current userAgent check on /i-need-fuel is rather naive. We should switch to something like ua-parser-js for more in-depth results. This also makes mobile checking easier.
• UA for Playstation4 Mozilla/5.0 (PlayStation; PlayStation 4/8.52) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Safari/605.1.15

Acceptance Criteria

• [ ]

Background

Currently, the paperwork viewer renders unidentified rats, however the edit view does not expose unidentified rats at all. Currently the only way short of direct database manipulation to correct the unidentified rats field is to re-open the case in mecha and deal with it there.

This has caused an issue at least once, where a case was closed without cleaning up unidentified rats, while other rescues were still active. the Rat responsible for correcting the paperwork was unable to remidy this via the website, nor was an overseer able to nor was an netadmin.

The request: add some mechanism to the paperwork editor to allow modifying the unidentified_rats field of a rescue to the edit paperwork view.

Additional Information

Hey! I am trialing where GH Issues has come over the past few years. I have imported a good chunk of our backlog and testing to see if it's worth swapping back from our internal JIRA.

This does not mean we are abandoning JIRA, only that I am exploring other options.

Describe the bug

Carousel images are requested multiple times from the worker

Expected behavior

Each image should only be gathered once.

Steps to reproduce

1. Load front page
2. Feel pain

We have a new rest api built by NoLifeKing which renders data in JSONAPI format, includes and all. We can use it to significantly speed up our blog load times by dropping the synchronous request loading we do now in favor of having a all-in-one page that includes related data for us.

api docs: https://github.com/FuelRats/fuelrats-blogapi

Implementation Requirements

• Blog data retrieval actions are rewritten to use wpService/axios, and points to [~NoLifeKing]'s wonderful blog API
• Authors and Categories are either moved to their own global state objects, or separated from blog post objects within the blog global state
  • This is to simplify code required to support blog post filtering options down the line.
• Blog pages (all.js and blog.js) are rewritten to work with the new JSON API format.
  • Preferably tracking it's own loading state
  • Server-side data loading should be avoided for now due to performance concerns caused by inconsistent response times from the wordpress server.

Acceptance Criteria

• [ ]

Background

Additional Information

Page should have some boilerplate "about us" blurbs, images, logos, and the how-to posters we have accumulated through the years. Each should have attached copyright information to make it as easy as possible for those who wish to use our assets.

Describe the bug

Checkbox lacks a "hover" or "focus" state to use when focused by tab select.

Expected behavior

checkbox should have special styling when selected by tab selection.

Steps to reproduce

1. go to page with checkbox (/register)
2. tab around

Additional Information (optional)

No response

FuelRats IRC Nickname (optional)

No response

Acceptance Criteria

• A tab exists on a developer's profile page named "developer"
• A method of creating new OAuth clients exists
• A list of all OAuth clients belonging to the user exists with the following criteria:
  • The listing contains the client's ID, name, and redirect URI.
  • The listing contains a delete button, which will also confirm the user's choice to delete when first pressed.
  • The listing contains a "revoke tokens" button which presents the user with a modal which completes the revocation process.
    • The modal must contain an input for the client secret to be used in the authentication process for the API endpoint.

Background

This feature has been partially implemented with a half-baked UI. We should revisit it someday soon.

Additional Information

Deleting Clients

The API requires the following request to delete a client:
(This may change to include the client secret soon)

DELETE /clients/:id
Authentication: Bearer <token>

Revoking tokens

The API requires the following request to revoke all tokens:

POST /oauth/revokeAll
Authentication: <ClientId>:<ClientSecret>

Acceptance Criteria

• Two options should be presented upon page load: one-time donation and reoccurring subscription. choosing an option should lead to a form which is separate from the other.
• An option should exist to choose the currency to make the donation in. It should accept USD, EUR, and GBP.
• Subscription plan options should be loaded from the Stripe API and displayed accordingly.

Background

Additional Information

Checkout quickstart: https://stripe.com/docs/payments/checkout/one-time

API Docs: https://stripe.com/docs/api/checkout/sessions

Describe the bug

On fuelrats.dev and fuelrats.com, security headers are sent by NGINX. next-safe sends the same headers, causing duplicates. This reeks havoc in Safari, where duplicate headers are concatenated instead of overwritten like other browsers.

The fix for this is to submit a PR to next-safe allowing us to disable specific features, then disable security features depending on dev mode

Expected behavior

No duplicate headers!

Steps to reproduce

N/A

Additional Information (optional)

No response

FuelRats IRC Nickname (optional)

No response

I can help!

• I am willing to fix to this issue, and submit it as a PR.