sastix / cms Goto Github PK
View Code? Open in Web Editor NEWA general purpose java cms
License: Apache License 2.0
A general purpose java cms
License: Apache License 2.0
Implement a Frontend environment for Administrators and Content Creators/Consumers to easily use, manage and monitor this application through simple and secure flows. Angular or React or Thymeleaf can be used. An admin should be able to manage any kind of resources and monitor the usage of the application (eg net/disk io, memory/cpu usage, disk allocation). A creator should be able to create update and delete resources. A consumer should have access to the published content and be able to effectively use it (eg see a video with chunked transfer encoding support).
Notes: This is a generic story(epic) and should be broken to smaller tasks
In order to acquire acceptance-integration tests a Behaviour-driven development tool could be used. The support of multitenancy could complicate development and the use of feature testing could help on keeping features clean.
Cucumber could be used as it integrates well with Spring and could help translate requirements to Gherkin-language tests.
https://cucumber.io
https://cucumber.io/docs/cucumber/state/
If this is desirable I could work on that and submit a Pull Request.
We need to implement a new API call, in order for old revisions to delete the physical asset on the disk to save some space.
The CMS by default never deletes any physical asset on the disk. But this can lead to situations where the disk is full and there is no really a need to keep all these files for old revisions.
It would by nice to be able to mark old revisions as "archived" and having the physical asset on the disk truly deleted. We will keep all the revision history, but not the physical asset on the disk.
Fix this vulnerability issue with version upgrade or move to the proposed artifact.
CVE-2019-10172
high severity
Vulnerable versions: <= 1.9.13
Patched version: No fix
A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar to CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes.
Note: this artifact has been moved
com.fasterxml.jackson.core » jackson-databind
Support user authentication, registration and role management.
More details/specifications to be added or discussed
As a means of getting familiar with the code and in order for the project to get advantage of the latest advances in the Spring framework we could advance to Spring Boot 2.4.3 ( the latest stable version as of now).
The JDK 8 support is announced to be discontinued as per the Oracle Java SE Support Roadmap. Migration to JDK 11 should be an easy task as Java written with JDK 8 can be compiled and run in the JVM for JDK 11.
If this is ok I will be available to work on that and submit a pull request.
Integrate Lombok to improve getters/setters and use @slf4j to avoid boilerplate logger instantiations.
Any PRs should be towards develop branch
Tasks:
This CMS takes into account scalability; how it can be deployed in a clustered mode using docker or kubernetes so it can support more than 1000 concurrent users?
Setup a cluster and generate/simulate some high throughput. Upload some video at the CMS and simulate 1000 concurrent clients to watch those videos (using chunk encoding) by consuming URIs from the CMS
Let's suppose we have a ready-to-use SastixCMS platform. The main question is how can it be used securely and effectively from a third party application?
To be discussed:
I feel prometheus would be a good choice owing to its in built alerting mechanisms, centralised control and web ui for visualization and also the presence of PromQL
Some questions regarding monitoring:
Propose and add any features related with audio and video optimisation
I was wondering if we can do a POC on sidecar hazelcast pattern as described and see if it can increase performance.
https://hazelcast.com/blog/hazelcast-sidecar-container-pattern/
@iskitsas
I feel react would be the best choice, some question regarding that:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.