plan-net / core4 Goto Github PK

it should be possible to bookmark a widget irrespective if the widget is in fullscreen mode or displayed inside the widget manager.

Implement communication between widget/app and widget manager for header title.

The admin and cop roles are rendered as inactive. Expected listing is "active".
Requires fixing.

The current help-screen looks overfilled.
We should redefine the look and content of help-pages.

Action required:

• Identify the relevant information for a help screen
• Review existing APIs in the core4os repository with regard to these elements (completeness, quality)
• Define necessary rework

Implement communication between widget/app and widget manager for theming.

One should be able to design additional html-elements/pages that get appended to each page/widget/app. Examples are imprint/privacy policy or help pages.
Certain app manager elements (e.g. the top navigation) should be customizable and be able to specify custom endpoints to deliver the content of these links.

NEXT STEP:

• Define and agree on the concept

Design a general-purpose Multi Tenant Feature:
Several business applications may be used by multiple “clients”. Each client must only have access to his own data and projects.

SUGGESTED SOLUTION:

• Define an app key by convention “app://principal/<key>”
• Define an endpoint scheme by convention https://example.com/application/<key>/what/so/ever
• Implement a handler class derived from Core4RequestHandler which automatically extracts and the principal and verifies the user has appropriate app://principal/<key> permissions. This validation is to be located outside resp. before the actual GET, POST, PUT, DELETE, OPTION method. The developer of the handler must not specify any additional code other than the routing pattern (i.e. how to extract the principal key from the URL)

NEXT STEPS:

• Verify requirement and solution approach

problem

Jobs with a kill request (killed_at is not None) in state deferred or failed keep their status.

Expected bevavior is that these jobs enter the state killed.

analysis

This is because current job querying ignores this specific situation.

solution required

Introduce a new processing step in the worker process to query jobs with

            {
                "state": {"$in": [
                    core4.queue.job.STATE_PENDING,
                    core4.queue.job.STATE_DEFERRED,
                    core4.queue.job.STATE_FAILED
                ]},
                "killed_at": {
                    "$ne": None
                }
            },

All users want to understand that previously available but recently inactivated widgets have been inactivated. A widget must not simply disappear.

editing permissions has issues:

• editing an existing permissions "doubles" the edit string

All users want the widget manager to restore the most recent view if he or she reenters the landing page.

When I try to send binary data from local file system to webserver through CoreRequestHandler post method, I am getting a UnicodeError Exception. Below code is my use case.

class Handler(CoreRequestHandler):

    def post(self):
        """
        :param: 
        :type: file.
        :return:
        :raise: HTTError 400
        """
       self.set_header("Content-type", 'application/octet-stream')
       for k, (info,) in self.request.files.items():
           name, body = info['filename'],  info['body'] 

Traceback:

Traceback (most recent call last):, "File \"/PycharmProjects/core4/core4/api/v1/request/main.py\", line 897, in prepare body_arguments = json_decode(self.request.body.decode(\"UTF-8\"))

UnicodeDecodeError: 'utf-8' codec can't decode byte 0xa3 in position 206: invalid start byte

pymongo.errors.DocumentTooLarge: BSON document too large (92181110 bytes) - the connected server supports BSON document sizes up to 16777216 bytes.
File "/home/bnag/PycharmProjects/plannet4/.venv/lib/python3.5/site-packages/tornado/web.py", line 1678, in _execute
result = await result

File "/home/bnag/PycharmProjects/core4/core4/api/v1/request/main.py", line 900, in prepare
exc_info=True)

File "/usr/lib/python3.5/logging/init.py", line 1609, in warning
self.log(WARNING, msg, *args, **kwargs)

File "/usr/lib/python3.5/logging/init.py", line 1641, in log
self.logger._log(level, msg, args, **kwargs)

File "/usr/lib/python3.5/logging/init.py", line 1416, in _log
self.handle(record)

File "/usr/lib/python3.5/logging/init.py", line 1426, in handle
self.callHandlers(record)

File "/usr/lib/python3.5/logging/init.py", line 1488, in callHandlers
hdlr.handle(record)

File "/home/bnag/PycharmProjects/core4/core4/logger/handler.py", line 102, in handle
self._collection.insert_one(doc)

File "/home/bnag/PycharmProjects/plannet4/.venv/lib/python3.5/site-packages/pymongo/collection.py", line 693, in insert_one
session=session),

File "/home/bnag/PycharmProjects/plannet4/.venv/lib/python3.5/site-packages/pymongo/collection.py", line 607, in _insert
bypass_doc_val, session)

File "/home/bnag/PycharmProjects/plannet4/.venv/lib/python3.5/site-packages/pymongo/collection.py", line 595, in _insert_one
acknowledged, _insert_command, session)

File "/home/bnag/PycharmProjects/plannet4/.venv/lib/python3.5/site-packages/pymongo/mongo_client.py", line 1248, in _retryable_write
return self._retry_with_session(retryable, func, s, None)

File "/home/bnag/PycharmProjects/plannet4/.venv/lib/python3.5/site-packages/pymongo/mongo_client.py", line 1201, in _retry_with_session
return func(session, sock_info, retryable)

File "/home/bnag/PycharmProjects/plannet4/.venv/lib/python3.5/site-packages/pymongo/collection.py", line 590, in _insert_command
retryable_write=retryable_write)

File "/home/bnag/PycharmProjects/plannet4/.venv/lib/python3.5/site-packages/pymongo/pool.py", line 584, in command
self._raise_connection_failure(error)

File "/home/bnag/PycharmProjects/plannet4/.venv/lib/python3.5/site-packages/pymongo/pool.py", line 745, in _raise_connection_failure
raise error

File "/home/bnag/PycharmProjects/plannet4/.venv/lib/python3.5/site-packages/pymongo/pool.py", line 579, in command
unacknowledged=unacknowledged)

File "/home/bnag/PycharmProjects/plannet4/.venv/lib/python3.5/site-packages/pymongo/network.py", line 119, in command
message._raise_document_too_large(name, size, max_bson_size)

File "/home/bnag/PycharmProjects/plannet4/.venv/lib/python3.5/site-packages/pymongo/message.py", line 961, in _raise_document_too_large
" bytes." % (doc_size, max_size))

at the moment the complete connection string will be saves in log:

password is the plain text password, better would be something like ***
2019-08-30 05:38:13,018 - DEBUG [aqis4.helper_webapp.collector.CollectData/5d68b644ee4a10be715c16f9] set job to [JobConnectTag] at [mongodb://bzi:password@pnbi_mongodb1/plannet/display.aggregate] 2019-08-30 05:38:13,019 - DEBUG [aqis4.helper_webapp.collector.CollectData/5d68b644ee4a10be715c16f9] set job to [JobConnectTag] at [mongodb://bzi:password@pnbi_mongodb1/plannet/tblergebnisschaltungen]

Dashboard control is available as a right-side navigation bar. The left-side navigation bar is not in scope of the widget manager. It is in scope of the widget instead.
We call this right-side navigation bar “widget manager”
The widget manager in the right-side navigation bar features

• the widget listing
• the search including the search bar and the current filters
• the dashboard control access item (see below)

The widget manager has three sizes and the user can select between these:

• small size - the widget manager only lists the widgets, the quick access, a condensed search. The size is ~25%.
• medium size - the widget manager lists the widgets, the quick access, the search. The size is ~50%.
• large size - the widget manager lists the widgets as cards, the quick access, the search. The size is ~90% or more.

current role api implements CRUD for user/role management.
This feature requests is about a simple HTML frontend using this API together with vue to deliver simple role management.

The plugin search of WebStorms (see here) is a very good blueprint. It provides autocompletion for the most relevant search attributes with dropdown boxes to facilitate widget search.
The following widget attributes are relevant to search:

• by title
• by subtitle (defaults to qual_name)
• by author (matching the username and real name)
• by tag
• by description

the following enhancements are required

• option to send email to user so that the user can define his own password

When setting a initial password or resetting a password via the frontend (domain/#/reset) one can successfully set a new/initial password.

But: No success-feedback is provided to the user after klicking the "Request" button.
The user hast to manually redirect to the login-page. Also he does not know whether the password reset was successful.

throws error card() got an unexpected keyword argument 'author'

branch: current develop

When trying to create a user (= role with email and password) using the api ('/core4/api/v1/roles'), the following steps are executed resulting in a removal of the password-information necessary to create a user.

within the post-request one can find the following lines:

core4/api/v1/request/role/main.py

        kwargs = dict(
            name=self.get_argument(
                "name", as_type=str),
            realname=self.get_argument(
                "realname", as_type=str, default=""),
            is_active=self.get_argument(
                "is_active", as_type=bool, default=True),
            role=self.get_argument(
                "role", as_type=list, default=[]),
            email=self.get_argument(
                "email", as_type=str, default=None),
            password=self.get_argument(
                "password", as_type=str, default=None, remove=False),
            perm=self.get_argument(
                "perm", as_type=list, default=[])
        )

password will always be ''None'' when one uses a cookie for authentication.

Before reaching above statement, core4 tries to verify the user of the request:

core4/api/v1/request/main.py

  async def verify_user(self):
      ...
      if auth_header is not None:
      ...
      else:
          token = self.get_argument("token", default=None, remove=True)
          username = self.get_argument("username", default=None, remove=True)
          password = self.get_argument("password", default=None, remove=True)
              if token is not None:
                  source = ("token", "args")
              elif username and password:
                  source = ("username", "args")
              else:
                  source = ("token", "cookie")
                  token = self.get_secure_cookie("token")

The password will get loaded using get_argument with the remove=True flag,
which results in it getting removed from the request arguments.
Within the CoreRequestHandler, the now missing password argument, which had nothing to do with authentication has been removed and can not be accessed any longer.
Expected behaviour: password argument still accessible within the RequestHandler.

Same can be expected if using the username argument.

from the search and "all widget listing" the following calls to actions are required:

• launch widget embedded in the widget manager
• launch widget in standalone mode
• add the widget to the current dashboard
• remove the widget from the dashboard if exists
• show widget help

https://core4os.readthedocs.io/en/latest/example/mvg.html

hard to find in documentation, wrong call in msg-Examples, maybe others. (execute vs launch)

• tag all existing APIs in all projects with API as a default tag
• tag all featured widgets in all projects with FEATURED
• tag all data provider widgets in all projects with DATA

Candidate for FEATURED, TOOL is the role management widget (#13)

non-admin (cop) user cannot launch jobs through the API.
with correct permission protocol job://[qual-name]/[xr] this uses wrong argument type (tuple) instead of strings for variables qualname and access level.

All users of the widget manager have a default dashboard "Favorites". Users can add, rename and remove dashboards (including the Favorites). The current dashboard's title is rendered at the top of the screen. Switching between dashboards is to be implemented by a the previous and next dashboard. Call to action is by arrows or by dashboard titles.
Another idea is to represent the number of dashboards and the current dashboards as unfilled/filled circles at the bottom of the screen similar to android start screens.
The concrete decision and visualisation is to be decided.

after change of the logging and timestamping resolution to milliseconds, various coco and chist commands have non-aligned columns. This includes

• coco --alive
• coco --list
• chist in general

solution required

• fix CLI formatting

since additional features of the widget manager are to be implemented as widgets, these widgets must be accessible with the following call to actions

1. regular cards with their controls
2. from the search
3. from the all widget listing (as regular cards with their controls)
4. from links in the header bar
5. from items in the right-side menue in the header bar

The links in the header bar and menu must be customiisable. The customisation approach and OS version needs to be defined and implemented.

Upgrade frontend dependency vuetify from 1.5.x to 2.0.x
All core4os frontends rely heavily on new vuetify features.

There is an upgrade guide: https://vuetifyjs.com/en/getting-started/frequently-asked-questions#how-do-i-upgrade-to-the-latest-version

error: FileNotFoundError: [Errno 2] No such file or directory: '/srv/core4/home/core4/.venv/lib/python3.5/site-packages/core4/api/v1/request/role/template/roles.html'

CORE4OS frontends need a proper documentation for:

1. CORE4OS Single Page Apps (based on webpack, vuejs, vuetify and core4ui)
2. Widgets (with some constraint technically open for all frontend technologies)

On how to:

1. Install needed dependencies for running them in the CORE4OS environment
2. A skeleton and step-by-step guide on how to develop such an app/widget using vuejs/templating including:
   • Dark/light theming
   • Build a static card
   • Build a dynamic card
   • link directly to Applications or use them within the WidgetManger inside an iframe
3. A setup routine similar to “vue initialise”
4. technically build
   • dependencies
   • tools
   • processes
5. run, develop and test

executing tests/api/test_comoco_history.py throws some errors which require further investigation. Hypothesis is that ioloop/motor watch cleanup is not implemented properly.

See for example:

2019-06-26 13:57:14,638 - WARNING  [core4.service.setup.CoreSetup/None] created folder [/tmp/pytest-of-mra/pytest-216/test_comoco_history_get_some_p0/transfer]
2019-06-26 13:57:14,639 - WARNING  [core4.service.setup.CoreSetup/None] created folder [/tmp/pytest-of-mra/pytest-216/test_comoco_history_get_some_p0/proc]
2019-06-26 13:57:14,640 - WARNING  [core4.service.setup.CoreSetup/None] created folder [/tmp/pytest-of-mra/pytest-216/test_comoco_history_get_some_p0/arch]
2019-06-26 13:57:14,640 - WARNING  [core4.service.setup.CoreSetup/None] created folder [/tmp/pytest-of-mra/pytest-216/test_comoco_history_get_some_p0/temp]
2019-06-26 13:57:14,659 - INFO     [core4.service.setup.CoreSetup/None] created index [job_args] on [sys.queue]
2019-06-26 13:57:14,674 - INFO     [core4.service.setup.CoreSetup/None] created index [ttl] on [sys.stdout]
2019-06-26 13:57:14,706 - INFO     [core4.service.setup.CoreSetup/None] created index [unique_name] on [sys.role]
2019-06-26 13:57:14,715 - INFO     [core4.service.setup.CoreSetup/None] created index [unique_email] on [sys.role]
2019-06-26 13:57:14,737 - INFO     [core4.service.setup.CoreSetup/None] created user [admin]
2019-06-26 13:57:14,739 - INFO     [core4.service.setup.CoreSetup/None] created user [standard_user]
2019-06-26 13:57:14,770 - INFO     [core4.api.v1.tool.serve.CoreApiServerTool/app@devops] successfully registered container [core4.api.v1.server.CoreApiServer] at [/core4/api/v1.*]
2019-06-26 13:57:14,770 - INFO     [core4.api.v1.tool.serve.CoreApiServerTool/app@devops] registering server [app@devops] at [http://0.0.0.0:38929]
2019-06-26 13:57:14,793 - INFO     [core4.api.v1.tool.serve.CoreApiServerTool/app@devops] found [1] application, handlers registered [0], reset [0], updated [0], created [16]
2019-06-26 13:57:14,827 - INFO     [core4.api.v1.tool.serve.CoreApiServerTool/app@devops] open NOT secure socket on port [0.0.0.0:38929] routed at [http://0.0.0.0:38929]
PASSED         [ 63%]http://127.0.0.1:38929/core4/api/v1/login?password=hans&username=admin
http://127.0.0.1:38929/core4/api/v1/comoco/history?page=1&sort=1&startDate=2017-01-01T00%3A00%3A00&perPage=1
2019-06-26 13:57:14,881 - ERROR    [basename:ioloop.py/None] Exception in callback functools.partial(<function wrap.<locals>.null_wrapper at 0x7f4744171730>, <Task finished coro=<watch() done, defined at /home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py:30> exception=KeyError('fullDocument',)>)
Traceback (most recent call last):
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/ioloop.py", line 758, in _run_callback
    ret = callback()
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/stack_context.py", line 300, in null_wrapper
    return fn(*args, **kwargs)
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/ioloop.py", line 779, in _discard_future_result
    future.result()
  File "/usr/lib/python3.5/asyncio/futures.py", line 293, in result
    raise self._exception
  File "/usr/lib/python3.5/asyncio/tasks.py", line 239, in _step
    result = coro.send(None)
  File "/home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py", line 35, in watch
    EventHandler.on_event(change)
  File "/home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py", line 180, in on_event
    doc = change["fullDocument"]
KeyError: 'fullDocument'
2019-06-26 13:57:14,881 - ERROR    [basename:ioloop.py/None] Exception in callback functools.partial(<function wrap.<locals>.null_wrapper at 0x7f4744171730>, <Task finished coro=<watch() done, defined at /home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py:30> exception=KeyError('fullDocument',)>)
Traceback (most recent call last):
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/ioloop.py", line 758, in _run_callback
    ret = callback()
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/stack_context.py", line 300, in null_wrapper
    return fn(*args, **kwargs)
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/ioloop.py", line 779, in _discard_future_result
    future.result()
  File "/usr/lib/python3.5/asyncio/futures.py", line 293, in result
    raise self._exception
  File "/usr/lib/python3.5/asyncio/tasks.py", line 239, in _step
    result = coro.send(None)
  File "/home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py", line 35, in watch
    EventHandler.on_event(change)
  File "/home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py", line 180, in on_event
    doc = change["fullDocument"]
KeyError: 'fullDocument'
2019-06-26 13:57:14,881 - ERROR    [basename:ioloop.py/None] Exception in callback functools.partial(<function wrap.<locals>.null_wrapper at 0x7f4744171730>, <Task finished coro=<watch() done, defined at /home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py:30> exception=KeyError('fullDocument',)>)
Traceback (most recent call last):
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/ioloop.py", line 758, in _run_callback
    ret = callback()
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/stack_context.py", line 300, in null_wrapper
    return fn(*args, **kwargs)
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/ioloop.py", line 779, in _discard_future_result
    future.result()
  File "/usr/lib/python3.5/asyncio/futures.py", line 293, in result
    raise self._exception
  File "/usr/lib/python3.5/asyncio/tasks.py", line 239, in _step
    result = coro.send(None)
  File "/home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py", line 35, in watch
    EventHandler.on_event(change)
  File "/home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py", line 180, in on_event
    doc = change["fullDocument"]
KeyError: 'fullDocument'
2019-06-26 13:57:14,881 - ERROR    [basename:ioloop.py/None] Exception in callback functools.partial(<function wrap.<locals>.null_wrapper at 0x7f4744171730>, <Task finished coro=<watch() done, defined at /home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py:30> exception=KeyError('fullDocument',)>)
Traceback (most recent call last):
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/ioloop.py", line 758, in _run_callback
    ret = callback()
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/stack_context.py", line 300, in null_wrapper
    return fn(*args, **kwargs)
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/ioloop.py", line 779, in _discard_future_result
    future.result()
  File "/usr/lib/python3.5/asyncio/futures.py", line 293, in result
    raise self._exception
  File "/usr/lib/python3.5/asyncio/tasks.py", line 239, in _step
    result = coro.send(None)
  File "/home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py", line 35, in watch
    EventHandler.on_event(change)
  File "/home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py", line 180, in on_event
    doc = change["fullDocument"]
KeyError: 'fullDocument'
2019-06-26 13:57:14,881 - ERROR    [basename:ioloop.py/None] Exception in callback functools.partial(<function wrap.<locals>.null_wrapper at 0x7f4744171730>, <Task finished coro=<watch() done, defined at /home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py:30> exception=KeyError('fullDocument',)>)
Traceback (most recent call last):
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/ioloop.py", line 758, in _run_callback
    ret = callback()
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/stack_context.py", line 300, in null_wrapper
    return fn(*args, **kwargs)
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/ioloop.py", line 779, in _discard_future_result
    future.result()
  File "/usr/lib/python3.5/asyncio/futures.py", line 293, in result
    raise self._exception
  File "/usr/lib/python3.5/asyncio/tasks.py", line 239, in _step
    result = coro.send(None)
  File "/home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py", line 35, in watch
    EventHandler.on_event(change)
  File "/home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py", line 180, in on_event
    doc = change["fullDocument"]
KeyError: 'fullDocument'
2019-06-26 13:57:14,881 - ERROR    [basename:ioloop.py/None] Exception in callback functools.partial(<function wrap.<locals>.null_wrapper at 0x7f4744171730>, <Task finished coro=<watch() done, defined at /home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py:30> exception=KeyError('fullDocument',)>)
Traceback (most recent call last):
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/ioloop.py", line 758, in _run_callback
    ret = callback()
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/stack_context.py", line 300, in null_wrapper
    return fn(*args, **kwargs)
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/ioloop.py", line 779, in _discard_future_result
    future.result()
  File "/usr/lib/python3.5/asyncio/futures.py", line 293, in result
    raise self._exception
  File "/usr/lib/python3.5/asyncio/tasks.py", line 239, in _step
    result = coro.send(None)
  File "/home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py", line 35, in watch
    EventHandler.on_event(change)
  File "/home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py", line 180, in on_event
    doc = change["fullDocument"]
KeyError: 'fullDocument'
2019-06-26 13:57:14,881 - ERROR    [basename:ioloop.py/None] Exception in callback functools.partial(<function wrap.<locals>.null_wrapper at 0x7f4744171730>, <Task finished coro=<watch() done, defined at /home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py:30> exception=KeyError('fullDocument',)>)
Traceback (most recent call last):
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/ioloop.py", line 758, in _run_callback
    ret = callback()
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/stack_context.py", line 300, in null_wrapper
    return fn(*args, **kwargs)
  File "/home/mra/PycharmProjects/core4/.venv/lib/python3.5/site-packages/tornado/ioloop.py", line 779, in _discard_future_result
    future.result()
  File "/usr/lib/python3.5/asyncio/futures.py", line 293, in result
    raise self._exception
  File "/usr/lib/python3.5/asyncio/tasks.py", line 239, in _step
    result = coro.send(None)
  File "/home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py", line 35, in watch
    EventHandler.on_event(change)
  File "/home/mra/PycharmProjects/core4/core4/api/v1/request/standard/event.py", line 180, in on_event
    doc = change["fullDocument"]
KeyError: 'fullDocument'
2019-06-26 13:57:14,973 - INFO     [core4.api.v1.request.role.model.CoreRole/5d1379baad70713b2c1564e0] set [last_login] for role [admin] with _id [5d1379baad70713b2c1564b5]
2019-06-26 13:57:14,977 - INFO     [core4.api.v1.request.standard.login.LoginHandler/5d1379baad70713b2c1564e0] [200] [GET /core4/api/v1/login] in [80.71ms] by [admin] from [app@devops]
2019-06-26 13:57:15,073 - INFO     [core4.api.v1.request.queue.history.ComocoHistoryHandler/5d1379baad70713b2c1564e6] [200] [GET /core4/api/v1/comoco/history] in [91.98ms] by [admin] from [app@devops]

The top left menu bar is under control of the widget. It is not under control of the widget manager.
Refactor the main menu item.

Current default API permission is api://core4.api.v1.request.standard.*. See core4.yaml. This prohibits access of all static resources (CoreStaticFileHandler). This handler is to be considered a "default API" endpoint. Problem is, that this handler is not located in core4.api.v1.request.standard but in core4.api.v1.request.static instead.

solution alternatives

• make static file handlers protected = False. We have seen this solution. But it is actually not suggested. Only the root handler of core4 (The App/Widget Manager) must be public. All other static file handlers should be protected.
• add api://core4.api.v1.request.static.* to all handlers accessible by the standard user. This requires modification of core4.yaml
• Move the CoreStaticFileHandler int core4.api.v1.request.standard.static. This requires refactoring of all productive servers

Implement a close button on the top right corner to close a widget. This icon is only visible if a widget is in control.

The sub title can be defined by the developer and defaults to the widgets' qual_name.

current implementation of the widget/api collection (/_info) and the help (/_info/help) differ. The api/widget attributes of both have to be aliigned. These include:

from created_at some "age" attribute can be derived.

Some widget, e.g. the JIRA link widget must be opened without iframe.
Therefore we need the following opening actions:

1. open in widget manager (embedded) - default behavior
2. open in standalone with regular navigation bar, menu item, close button etc. (standalone) - triggered with target = "blank"
3. open undocked without iframe, triggered with target = "?"

next step

what are your thoughts?

Client users irrespective of their role (DEV, DAT, BUS) want to have the widget manager in their corporate identity.

to guide users with the widget manager a custom widget manager key is required.
This key allows the listing of widgets by tag.
The suggested app key is app://widget/[regex] where the regex is applied to the api/widget list of tags.

core4.yaml
user_setting:
   _general:
     language: EN

local.yaml
user_setting:
  _general:
     menu:
       Imprint: /home4/menu/imprint
       Privacy Policy: /home4/menu/pp

should result in:

user_setting:
   _general:
     language: EN
     menu:
       Imprint: /home4/menu/imprint
       Privacy Policy: /home4/menu/pp

@OlhaTodorashko
@m-rau

Implement core4 handler attribute target with “blank” or None (defaults to None).
with None the user has the option to open the widget embedded in the widget manager or to open the widget without the widget manager in standalone mode.
With "blank" this behavior is enforced to open without the widget manager in standalone mode.

Currently a user always sees all endpoints he has access to, even the default ones.
This leads to a huge bloat of the Widgetmanager.

Steps to reproduce:

• Fresh install of core4
• Create a user with standard_user permissions
• Log in
• The WidgetManager shows “widgets” like LogoutHandler, LoginHandler, AccessHandler, … that the user is not interested in.

Suggested behaviour:

• “Technical Endpoints” are hidden by default and can be made visible.

Next Steps:

• Draft and align solution alternatives
• Decide whether to accept the suggested behaviour or suggest a different one.
• Qualify existing core4os endpoints if they are technical/non-technical

please do that in scope of 0.4.0.