universityofhelsinkics / labtool Goto Github PK

you print the password for all to see in console!

backend should decoded token from bearer token. It does not do that

Developmentserver isn't working because of backend url isn't found.

When user logs in and presses the "edit email"-button, email shown is first correct. After updating the email and pressing the button again, email shown is the one that was correct at the time of login.

(e.g. email is [email protected] when loggin in, then you update it to [email protected] and you still see the [email protected] at the edit email form)

Problem:

Current development environment works only if the front end is run on localhost along with the backend. In the current production test server there's another path for the backend.

In a local development environment scenario where the back and front end is not run on localhost from the browsers point of view, one has to go in and change the request urls in the labtool2.0/src/Login.js to something which is the actual host where the back end is. In the current docker-compose.yml file there is already an environment variable called REACT_APP_BACKEND_URL specified and documentated here: https://github.com/labtool/labtool/wiki/Deployment

Solution proposal:

Change the behaviour of these

    if (process.env.NODE_ENV === 'development') {
      backend = 'http://localhost:3001/api/users/update'
    } else {
      backend = '/labtool-backend/users/update'
    }

to

backend = process.env.REACT_APP_BACKEND_URL + '/api/users/update'

or something similar (some check somewhere to see if the REACT_APP_BACKEND_URL is set, and if not then set it to default like http://localhost:3001) so that anyone can just specify where the backend is without having to change the front end code in any way.

When sending PUT to /users/update with data { email: [email protected] }
Backend returns user with { email: '' }

PUT should return updated user AKA user with the new email. # #

double check that id is sanitized properly in server/controllers/courseinstances.js

Button: "notify user".

Shows "user notified" when e-mail is sent.

Email contains a link AND the comment/information.

Topic: course name (unimportant information dropped), "new comment"

#115 #117

We want path for login to be /api/login instead of just /login

Because everyother path uses api

Example data sent:

`courseActive:"true"
currentWeek:"1"
ohid:"TKT20010.2018.K.K.1" (This can also be taken from url)
weekAmount:"1"
weeklyMaxpoints:"1"`

We want backend to check if the user has rights to modify the course instance specified and updated it with the fields given.

studentnumber with no capital N is used in some part of backend. Find it. Fix it. Thank you.

There's currently only a static model of the page - make it functional

This user story should also contain task: add column for teacher name to teacher's course instance view table

• Should provide a route for the page that contains forms for buttons that enable each not yet enabled course.
• POST route that handles the page post form and redirects back to the form page
• Needs just Basic html auth alike functionality where the password is taken from the application runtime env variable.

#183 also students comments should use markdown

Please make the naming consistent

Issue description:

Production server doesn't reside at the root of the host. The host also might be something different than in development. For that reason using PUBLIC_URL env variable this host and possible path can be specified the docker-compose.yml configuration or in development by telling the react thing its URL (if that was even nescessary in NODE_ENV=development. This feature was working before but something has changed.

This might help to resolve this issue:

https://medium.com/@svinkle/how-to-deploy-a-react-app-to-a-subdirectory-f694d46427c1

title.

Request URL:http://localhost:3001/api/course/teacher
Request Method:POST
Status Code:400 Bad Request
-> Db Error

aka koodikatselmointi

Both of these urls given by backend do not exist. Why did backend team give these?

http://localhost:3001/api/course/teacher
http://localhost:3001/api/course/student

Steps to reproduce:

1. Login with account information that has no DB entry
2. Enter email address to email editing page that you are redirected to and press save
3. You are now in Redirect loop between email changing page redirecting to my courses page and email changing page redirecting my courses page, enjoy!

Issues TODO:

#103 #108 #119

Currently there are atleast three different ways how the token is being verified spread out through the backend. All should be using the same type of verification from which the latest incarnation is: #96

#123

Data can be send or is send automatically straight to Kurki after giving course gradings to students.

related to #102

Kysely jossa lähetetään Userin tokeni, opetushallitus kurssi Id, ja palauttaa tiedon onko käyttäjä rekisteröitymätön, opiskelija, vai opettaja kyseisellä kurssilla.

Esim. POST jnqwiou90wqh TKT20011.2018.K.K.2

vastaus voisi olla
{unregistered}, {teacher}, {student} tms mitä vaan millä saa selvää.

When updating email, email does update to DB, but it does not update to localstorage.
#34

Mahdollisuus hakea bäkkäriltä kaikki tietyn courseinstancen studentinstancet kyseisen courseinstancen idllä.

Eli jos Tiralabra courseinstancella on 3 studentinstancea, saadaan nämä 3 SI haettua bäkkäristä tiralabran CI id:llä.

This story includes adding the following features:

• Each course instance's each week has its own checklist. It is empty by default.

Teacher can

Use a checklist

When the teacher is reviewing a student, they see a checklist on the right side of the comment and points fields. The checklist displays the categories of the tasks, and each task under the category it belongs to.

There is a text field on the right side of the checklist. The contents of the text field changes according to what boxes are checked (just like in the current Labtool).

Under the checklist, a point total is displayed. The point total changes according to what boxes are checked, i.e. what tasks are fulfilled.

After choosing the checklist and marking the check-boxes to their will, the teacher can copy the text from the text field and paste it to the feedback field and edit it. The points total is automatically copied to the points field, but it can be edited too before submitting.

description here

Teacher can see what students see.

#138 #137 #142

There are a few functions and routes that are not even used and in some cases not even wanted features.

#123

#132

Should get the current semester and the next semester list of courses from upstream check weather any of them are not enabled or added.

Umbrella issue for them

#124 #127 #130

Checkbox that leaves the student out of all the listings by default and another checkbox that shows the dropped students.

Atleast two part process:

1. Iteration: Just say /** before every function in IntelliJ Webstorm and the thing just autocompletes a skeleton based on function params

2. Actually comment the functions

#123