1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
* DONE Email::Valid does not accept UTF-8 emails adresses (e.g., peace@☮.net).
LDAP doesn't allow UTF-8 in the DNs anyway, so maybe convert the
domains/emails to Punycode internally?
* DONE Better check for existing lists (commands).
- When adding a new alias/mailbox 'test', check for existing alias/mailbox 'test', and list 'test'.
- When adding a new alias/mailbox 'test-request', check for existing alias/mailbox 'test-request', list 'test-request' *and* list 'test'. (The same for other list commands.)
- When adding a new list 'test', check for existing alias/mailbox/list 'test', 'test-request',...
- (Lists of the form 'test-request' are forbidden);
* CANCELED Check for cycles when creating new aliases?
CLOSED: [2012-09-29 Thu 16:12]
- CLOSING NOTE [2012-09-29 Thu 16:12] \\
1/ It is impossible to do it properly since the authenticated user may not have full read access on the graph.
2/ Cycles may also be created by catch-alls or mailbox forwarding, or even externally with another server.
3/ Postfix warns the administrator with a
"unreasonable virtual_alias_maps map nesting for test-loop1@fripost.org"
in the logs if there's a loop in the alias resolution.
* DONE Write a script to check every runmode against the W3 validator.
(Cf. cgiapp_postrun);
* DONE Use FastCGI. References
- http://www.cgi-app.org/index.cgi?FastCGI
- http://stackoverflow.com/questions/11771564/nginx-fastcgi-configuration-for-cgiapplication-app
* TODO Use HTML::Template::Pro. Not sure it's really worth it, though.
* DONE Escape reserved characters in URLs:
http://mark.stosberg.com/blog/2010/12/percent-encoding-uris-in-perl.html
* CANCELED How should we encode the URL for internationalized domain names? Punicode vs. unicode vs. HTML entities?
CLOSED: [2012-09-27 Thu 00:03]
- CLOSING NOTE [2012-09-27 Thu 00:03] \\
It's up to the browser (Firefox supports unicode in URLs).
* CANCELED Forbid UTF8 in the domain part of lists? (Test if the list
managers support it at least.)
CLOSED: [2012-09-27 Thu 03:38]
- CLOSING NOTE [2012-09-27 Thu 03:38] \\
Mailman and Schleuder do not support IDNs, but we convert the list name
into punicode first.
* DONE Give the right for domain postmasters to grant the right
to create aliases and lists.
* TODO Give the right to appoint co owners (for list and aliases).
* TODO Make every service use Kerberos, and remove the passphrase on
their GPG private keys.
* DONE Check list names against mailman's and schleuder's regexps?
* DONE What to do when a list creation fails? Set up a new service
to clean out the pending lists and domains if they have not been fixed
within 24h (daemon).
- CLOSING NOTE [2013-01-22 Thu 01:53] \\
* TODO Automatically generated passwords.
* TODO check if amavis{WhiteBlack}listSender supports catchall @example.org
* TODO prefixes should be used diferently (use only before a @)
* TODO Improve the CSS. Examples
http://www.w3schools.com/tags/att_form_accept_charset.asp
http://www.qubesys.com/25-css-form-templates-and-input-styles/
https://github.com/pmcelhaney/semantic-form.css/blob/master/semantic-form.css
http://designshack.net/articles/10-css-form-examples/
* TODO Maximum pending entries per user (10).
* TODO Limit what a user can create. Examples
fripostQuota: what limit [group [address]]
fripostQuota: list 3 normal @fripost.org -> users with canCreateList can create at most 3 lists under that domain.
fripostQuota: alias 15 owner owner@fripost.org -> this owner can create at most 15 aliases under that domain
fripostQuota: mailbox 30 postmaster -> the postmaster(s) can create at most 30 mailboxes
* TODO Find a way to grant alias creation to a whole domain except a few
users. (Add new attributes fripostCannotAdd{Domain,Aliases,List}).
* TODO https://en.wikipedia.org/wiki/Tld#Reserved_domains
* TODO '+' shouldn't be allowed in localparts.
use a flag in email_valid to disallow that
* TODO Use captions to explain active/pending status and anti-spam
options.
* TODO Add a a button to allow domains/aliases deletion.
* TODO Redocument the library.
* TODO The pending lists are currently broken.
* TODO MIME::Entity should somehow be replaced by MIME::Lite.
* TODO We need a test-suite for the web application as well. And
ideally, for the whole library.
http://search.cpan.org/~hartzell/Test-WWW-Mechanize-CGIApp-0.05/lib/Test/WWW/Mechanize/CGIApp.pm
* TODO Use callbacks when possible.
* TODO Alternative to set user passwords:
http://search.cpan.org/~marschap/perl-ldap-0.52/lib/Net/LDAP/FAQ.pod#..._in_most_LDAP_servers?
* TODO When creating lists, lock the namespace. (mylist-*)
Maybe a -assert_free_namespace option.
* TODO Move the LDAP bit of deleteExpiredEntries to Fripost::Schema::Pending
* TODO Explore readself for the perms of canCreateAlias
* TODO "A DN containing "[" "]" does not expand correctly.", quote from
http://www.openldap.org/faq/data/cache/1133.html
Try with an example (e.g., canAddAlias)
* TODO Wildcards:
* => *@*
xy* => xy*@*
*xy => *@*xy
x*y => x*@*y
* TODO: Ensure that the domain and local parts are always lowercase.
* TODO: wantarray
http://search.cpan.org/~dom/perl-5.12.5/pod/perlsub.pod
|
