indicia-team / drupal-7-module-indicia-api Goto Github PK
View Code? Open in Web Editor NEW2nd gen iform_mobile_auth
License: GNU General Public License v3.0
2nd gen iform_mobile_auth
License: GNU General Public License v3.0
The user activation code attempts to log numerous messages but all fail.
This arises because activation is done from an email link and the request contains no api key.
Moved from Indicia-Team/drupal-7-module-iform_mobile_auth#11
Return ID of the new resources.
Samples within samples.
Whilst fixing something else, I spotted that $interim_image_folder is used on this line but not defined beforehand:
If apps are left in debug mode long term then the PHP error log and, to a lesser extent, the Drupal log become so full of the debug messages that it is hard to locate errors when they occur. Look for an alternative, e.g. using a separate file for debug. When doing so, ensure the content is stored securely as it will contain sensitive information.
Accept record model/submodels in JSON format and not in a destructured smpAttr:, occAttr:, sc: key value pairs (form-data)
This should closely resemble warehouse data services submission format.
This would need to support two-step image-record submission.
Differences from existing warehouse data submission fromat:
no website_id needed as this would be attached in the module.
type would be the model's type - Occurrence or Sample
{
"id": "<set if updating existing>",
"type": "sample",
"fields": {
"survey_id": { "value": "1" },
"entered_sref": { "value": "SP41" },
"entered_sref_system": { "value": "OSGB" },
"date": { "value": "2013-06-13" },
"comment": { "value": "This is an example record" },
"smpAttr:3": { "value": "158" },
"smpAttr:41": { "value": "" },
"input_form": { "value": "node\/69" }
},
"subModels": [
{
"id": "<set if updating existing>",
"type": "sample",
"fields": {
"survey_id": { "value": "1" },
"entered_sref": { "value": "SP4123" },
"entered_sref_system": { "value": "OSGB" },
"date": { "value": "2013-06-13" },
"comment": { "value": "This is an example record" },
},
"subModels": [
{
"id": "<set if updating existing>",
"type": "occurrence",
"fields": {
"zero_abundance": { "value": "f" },
"taxa_taxon_list_id": { "value": "30" },
"record_status": { "value": "C" }
}
}
]
}
]
}
This has been reported by LERC, iRecord and iMammalia apps all of which are linked to Drupal sites that use this module. These sites have disabled the anonymous submissions by setting -1
in the anonymous user ID field but it looks like the records are still passed through to the warehouse somehow.
Here are some logs for one of the submissions which looks OK.
All these have no recorder name and were made on the LERC Wales App on 07/05/2021
https://record.bis.org.uk/details/record?occurrence_id=20346608
https://record.bis.org.uk/details/record?occurrence_id=20345470
https://record.bis.org.uk/details/record?occurrence_id=20346683
https://record.bis.org.uk/details/record?occurrence_id=20346668
https://record.bis.org.uk/details/record?occurrence_id=20346615
https://record.bis.org.uk/details/record?occurrence_id=20345342
https://record.bis.org.uk/details/record?occurrence_id=20364956
Both these are recorder name bis employee, one on the LERC Wales App & one on iRecord App on 06/05/2021.
https://record.bis.org.uk/details/record?occurrence_id=20343280
https://record.bis.org.uk/details/record?occurrence_id=20343259
This one is admin core made using LERC Wales App on 03/05/2021
https://record.bis.org.uk/details/record?occurrence_id=20322349
The module includes Access-Control-Allow-Headers: 'Authorization' in responses but not x-api-key which is needed for authentication.
This error observed during preflight checks when trying to log in user.
Moved from Indicia-Team/drupal-7-module-iform_mobile_auth#8
Do not clutter the logs with duplicate or redundant data, better format system variables, do not expose sensitive info. More logging levels.
At the moment, it is only the occurrences that are checked, so empty lists pass through:
Moved from Indicia-Team/drupal-7-module-iform_mobile_auth#6
201 Created
"data": [{
"type": "samples",
"id": "1",
"attributes": {
"date": "1/2/2017"
},
...
415 Unsupported Media Type
{
"code" : 1234,
"message" : "Something bad happened :(",
"description" : "More details about the error here"
}
After an account activation attempt the code redirects to a page determined by variables 'indicia_api_registration_redirect' and 'indicia_api_registration_redirect_unsuccessful'.
There is no interface for setting these variables.
Moved from Indicia-Team/drupal-7-module-iform_mobile_auth#9
Use HTTP basic auth and authenticate with every request using user password and not a generated secret (not sure if it is gives anything much), hopefully, we should move towards OAuth sometime soon.
Moved from Indicia-Team/drupal-7-module-iform_mobile_auth#5
Allow to itterate faster and be more flexible making breaking changes.
/api/v0.1/ samples
/api/v0.1/ occurrences
/api/v0.1/ users
/api/v1.2/ samples
The training mode flag is not always working. I can see the record in Explore -> My Records
list but when opening it I get this error:
I can see the record has been created and the training flag was sent with the occurrence:
[occurrences] => Array (
[0] => Array (
[external_key] => 5243cef3-4e54-40be-b709-b803f7416dc8
fields] => Array ( [taxa_taxon_list_id] => 228614 )
[media] => Array ( )
[training] => 1
)
)
note: this is a subsample occurrence, though I have noticed similar behaviour with a general iRecord App record.
Moved from Indicia-Team/drupal-7-module-iform_mobile_auth#10
Allow fetching samples/occurrences without going after a specific report.
eg. GET /api/v1/samples?filter=personal&sort=asc HTTP/1.1
"data": [{
"type": "samples",
"id": "1",
"attributes": {
...
},
"type": "samples",
"id": "2",
"attributes": {
...
}
Usernames shouldn't be emails by default as some of the systems (iRecord) exposes it in forums and elsewhere. It should be best generated from name+surname or required for the user manually set up.
Moved from Indicia-Team/drupal-7-module-iform_mobile_auth#7
502 Bad Gateway or 200 Success are not very useful, return better fitting statuses.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.