Metadata Form Versioning #1621
Assignees
Comments
|
How to edit MF: |
|
Attach MF: Only latest version is available Edit attached entity:
Delete attached MF: When no attached MF left for the older version, it's automatically deleted. Delete parent MF: all versions and attached MFs are deleted in cascade. A pop up with confirmation needed in the UI |
|
Some Comments/Qs:
|
|
(1) Right now the versioning is only about the fields. Visibility is not editable, description is editable without additional problems |
SofiaSazonova
added a commit
that referenced
this issue
Oct 14, 2024
### Feature or Bugfix <!-- please choose --> - Feature ### Detail - new db model - migration: -- create default version one -- backfill existing MF fields and attached MFs - when MF is created, service automatically create version 1 - fields and attached metadata forms automatically use the latest version (for now version === 1) ### Relates - #1621 ### Security Please answer the questions below briefly where applicable, or write `N/A`. Based on [OWASP 10](https://owasp.org/Top10/en/). - Does this PR introduce or modify any input fields or queries - this includes fetching data from storage outside the application (e.g. a database, an S3 bucket)? - Is the input sanitized? - What precautions are you taking before deserializing the data you consume? - Is injection prevented by parametrizing queries? - Have you ensured no `eval` or similar functions are used? - Does this PR introduce any functionality or component that requires authorization? - How have you ensured it respects the existing AuthN/AuthZ mechanisms? - Are you logging failed auth attempts? - Are you using or adding any cryptographic features? - Do you use a standard proven implementations? - Are the used keys controlled by the customer? Where are they stored? - Are you introducing any new policies/roles/users? - Have you used the least-privilege principle? How? By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. --------- Co-authored-by: Sofia Sazonova <[email protected]>
Merged
SofiaSazonova
added a commit
that referenced
this issue
Oct 16, 2024
### Feature or Bugfix <!-- please choose --> - Feature ### Detail - Metadata Form View -> Fileds. User can create/view/edit/delete versions - No restrictions on editing yet - If version deleted, all attached entities deleted - User can't delete the only version (backend and frontend restrictions) - When user attach a form to an entity, we use only the last version - Metadata Form View -> Preview. Can view different versions ### Relates - #1621 ### Security Please answer the questions below briefly where applicable, or write `N/A`. Based on [OWASP 10](https://owasp.org/Top10/en/). - Does this PR introduce or modify any input fields or queries - this includes fetching data from storage outside the application (e.g. a database, an S3 bucket)? - Is the input sanitized? - What precautions are you taking before deserializing the data you consume? - Is injection prevented by parametrizing queries? - Have you ensured no `eval` or similar functions are used? - Does this PR introduce any functionality or component that requires authorization? - How have you ensured it respects the existing AuthN/AuthZ mechanisms? - Are you logging failed auth attempts? - Are you using or adding any cryptographic features? - Do you use a standard proven implementations? - Are the used keys controlled by the customer? Where are they stored? - Are you introducing any new policies/roles/users? - Have you used the least-privilege principle? How? By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. --------- Co-authored-by: Sofia Sazonova <[email protected]>
|
After PR-3 what is still ToDo:
|
noah-paige
pushed a commit
that referenced
this issue
Oct 28, 2024
### Feature or Bugfix <!-- please choose --> - Feature ### Detail View: - [ ] Display version on "attached form" card - [ ] Display version in attached form list - [ ] Show number of entities attached (MF -> Fields) - [ ] Delete confirmation PopUp - [ ] Enforcement tab temporary hidden Edit: - [ ] No editing if there are attached entities - [ ] Editing of attached MF - [ ] If new version is available, editing of MF automatically shows new version Other: - [ ] Notifications for entity owners, if new version of MF is released Left ToDo: #1621 (comment) ### Relates - #1621 ### Security Please answer the questions below briefly where applicable, or write `N/A`. Based on [OWASP 10](https://owasp.org/Top10/en/). - Does this PR introduce or modify any input fields or queries - this includes fetching data from storage outside the application (e.g. a database, an S3 bucket)? - Is the input sanitized? - What precautions are you taking before deserializing the data you consume? - Is injection prevented by parametrizing queries? - Have you ensured no `eval` or similar functions are used? - Does this PR introduce any functionality or component that requires authorization? - How have you ensured it respects the existing AuthN/AuthZ mechanisms? - Are you logging failed auth attempts? - Are you using or adding any cryptographic features? - Do you use a standard proven implementations? - Are the used keys controlled by the customer? Where are they stored? - Are you introducing any new policies/roles/users? - Have you used the least-privilege principle? How? By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. --------- Co-authored-by: Sofia Sazonova <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The target features are: Make MFs editable.
But what to do with already attached forms?
Solution: enable versioning of Metadata Forms.
The text was updated successfully, but these errors were encountered: