Rethink how we do exports (Trac #5017) #5017

Closed
elgg-gitbot opened this Issue Feb 16, 2013 · 6 comments

Comments

Projects
None yet
3 participants
@elgg-gitbot

Original ticket http://trac.elgg.org/ticket/5017 on 43084402-06-08 by cash, assigned to unknown.

Elgg version: 1.8

Right now a lot of information is available if someone wants to make arbitrary requests on the export endpoint. We need to develop some use cases for export.

If exporting is primarily about giving users control over there data, only that user should be able to export the data. If it is about supporting migrating data to a new site/platform, doing it through http calls is tremendously inefficient.

@elgg-gitbot

This comment has been minimized.

Show comment
Hide comment
@elgg-gitbot

elgg-gitbot Feb 17, 2013

cash wrote on 43084404-06-03

As an example of the confusion generated by this, see #440

cash wrote on 43084404-06-03

As an example of the confusion generated by this, see #440

@elgg-gitbot

This comment has been minimized.

Show comment
Hide comment
@elgg-gitbot

elgg-gitbot Feb 17, 2013

trac user srokap wrote on 43084724-08-06

Let's add plugin hook ('export', $entity->getType()) to export handler to allow blocking it.

Additionally we colud consider some profiles of enabling exportability (export disabled by default?), ie. no-export, admin-only, open (current logic).

Second question are exportable fields, but this is wider issue as it's used also in various viewtypes for fields selection. I've mentioned before problem with the view serving exportable output that serves metadata and relations - that shouldn't happen IMHO (dont mistake it with default /view/GUID page handler)

trac user srokap wrote on 43084724-08-06

Let's add plugin hook ('export', $entity->getType()) to export handler to allow blocking it.

Additionally we colud consider some profiles of enabling exportability (export disabled by default?), ie. no-export, admin-only, open (current logic).

Second question are exportable fields, but this is wider issue as it's used also in various viewtypes for fields selection. I've mentioned before problem with the view serving exportable output that serves metadata and relations - that shouldn't happen IMHO (dont mistake it with default /view/GUID page handler)

@ewinslow ewinslow removed this from the Elgg 1.10.0 milestone Jun 13, 2014

@ewinslow

This comment has been minimized.

Show comment
Hide comment
@ewinslow

ewinslow Jun 6, 2015

Member

Personally I think I'd like to drop the export APIs. They give out too much information by default...

Member

ewinslow commented Jun 6, 2015

Personally I think I'd like to drop the export APIs. They give out too much information by default...

@mrclay

This comment has been minimized.

Show comment
Hide comment
@mrclay

mrclay Jun 6, 2015

Member

Very very much agreed

Member

mrclay commented Jun 6, 2015

Very very much agreed

@ewinslow ewinslow added this to the Elgg 2.0.x milestone Jun 6, 2015

@ewinslow

This comment has been minimized.

Show comment
Hide comment
@ewinslow

ewinslow Jun 6, 2015

Member

2.0 is our opportunity for this

Member

ewinslow commented Jun 6, 2015

2.0 is our opportunity for this

mrclay added a commit to mrclay/Elgg-leaf that referenced this issue Jun 7, 2015

feature(routing): Removes /export and all secondary front controllers
This removes the “export” URL endpoints and removes all other /engine/handlers.
Requests for these resources now all use the front controller `index.php`.

Fixes #8425
Fixes #5017
@mrclay

This comment has been minimized.

Show comment
Hide comment
Member

mrclay commented Jun 7, 2015

PR #8427

mrclay added a commit to mrclay/Elgg-leaf that referenced this issue Jun 8, 2015

feature(routing): Removes /export and all secondary front controllers
This removes the “export” URL endpoints and removes all other /engine/handlers.
Requests for these resources now all use the front controller `index.php`.

Fixes #8425
Fixes #5017

@mrclay mrclay closed this in #8427 Jun 8, 2015

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment