These are chat archives for eventum/eventum

31st
Oct 2015
Bryan Alsdorf
@balsdorf
Oct 31 2015 02:10
Hmmm, found an interesting issue with logging custom field changes
Right now even if a field is set to a role of admin only, all users can see what the value was changed to in the history log.
Obviously we need to fix this. Unfortunately, you can't specify the minimum role for a history entry, the minimum role comes from the history type
I can either add 7 different history types (custom_field_updated_viewer, custom_field_updated_reporter,..., custom_field_updated_admin) or I can add a minimum role to the history table.
Thoughts @glensc and @cpinfold ?
Craig
@cpinfold
Oct 31 2015 04:03
Storing the minimum role would probably have other applications.
Elan Ruusamäe
@glensc
Oct 31 2015 11:13
what if the minimum role changes for specific custom field?
either way is acceptable, depending on how people expect to use eventum:
a) historic changes are not affected
b) changes will be visible to old entries too
don't know what is the most expected one. for us all custom fields have same visibility
besides history log, the change is visible in mail queue as well. but that is restricted to admin only anyway, so not a big issue
so to account for making custom field level change also make historic entries visible/invisible, it's probably better to add min role to history table
Elan Ruusamäe
@glensc
Oct 31 2015 12:37
we definately need to start using objects. then could start profiling any class method with a decorator
currently i converted one static method to log to phpdebugbar

    /**
     * Gets the current user ID.
     *
     * @return  integer The ID of the user
     */
    public static function getUserID()
    {
        global $debugbar;
        $debugbar['time']->measure(
            'Auth::getUserID',
            function () use (&$ret) {
                $f = function () {
                    $info = AuthCookie::getAuthCookie();
                    if (!$info) {
                        return '';
                    }

                    return User::getUserIDByEmail($info['email']);
                };
                $ret = $f();
            }
        );
        return $ret;
    }
this is YUCK! but, i found that the same method is called 133 on issue listing page :D
so, should first start with $user object imho
so, here's checkauthentication method wrapped http://sprunge.us/UVcQ
Elan Ruusamäe
@glensc
Oct 31 2015 12:45
but probably is better to start looking to some framework components to make life easier, any suggestions?