[ECODP-dev] test machine to release 00.09.03 with CKAN security patch (ODP-300 & ODP-291 support)

Darwin Peltan darwin.peltan at okfn.org
Mon Oct 21 15:08:35 UTC 2013


Hi Bert,

This was requested in my email on Monday 14th of October on the thread
about ODP-291 copied below and we also discussed it in the call.

Best,

Darwin

-----------

This would require a change to one of the Python files - This could be
supplied as a patch but this is obviously more risky that going through the
whole release cycle. Whichever approach is taken we would need 10F to
create a test environment with the latest version of release 09 installed
and a up to date copy of the live DB so the change can be verified with
realistic test data before being delivered to the PO.

-----------------

*Darwin Peltan*

*Project Manager  |  skype: darwinp  |  twitter:
@darwin<http://twitter.com/darwin>
*

*The Open Knowledge Foundation <http://okfn.org/>*

*Empowering through Open Knowledge*

*http://okfn.org/  |  @okfn <http://twitter.com/OKFN>  |  OKF on
Facebook<https://www.facebook.com/OKFNetwork> |
Blog <http://blog.okfn.org/>  |  Newsletter<http://okfn.org/about/newsletter>
*
*
CKAN | http://ckan.org | @ckanproject <http://twitter.com/ckanproject>
|open source data management platform
*


On 21 October 2013 15:59, Bert Van Nuffelen
<bert.van.nuffelen at tenforce.com>wrote:

> Hi Darwin,
>
> I promised you last week a release 00.09.00. Which I did. On tuesday there
> was not requested by you that it would contain a "production" copy of the
> database. I am actually surprised myself by your question.
>
> best regards,
>
> Bert
>
>
> 2013/10/21 Darwin Peltan <darwin.peltan at okfn.org>
>
>> Dear Bert,
>>
>> I have to say that I'm slightly taken aback by your email. Our joint
>> customer has a major issue with the live version of their site. Just under
>> a week ago we discussed the actions to resolve this and you agreed that you
>> would set-up a test site with a copy of the production data. This is
>> essential so that we can test our patch with realistic test data . Now
>> after we've been waiting almost a week you tell us you can't do this
>> because you can't access your own server?
>>
>> I'm sorry but please can you try again.
>>
>> Darwin
>>
>>  *Darwin Peltan*
>>
>> *Project Manager  |  skype: darwinp  |  twitter: @darwin<http://twitter.com/darwin>
>> *
>>
>> *The Open Knowledge Foundation <http://okfn.org/>*
>>
>> *Empowering through Open Knowledge*
>>
>> *http://okfn.org/  |  @okfn <http://twitter.com/OKFN>  |  OKF on Facebook<https://www.facebook.com/OKFNetwork> |
>> Blog <http://blog.okfn.org/>  |  Newsletter<http://okfn.org/about/newsletter>
>> *
>> *
>> CKAN | http://ckan.org | @ckanproject <http://twitter.com/ckanproject> |open source data management platform
>> *
>>
>>
>> On 21 October 2013 14:54, Bert Van Nuffelen <
>> bert.van.nuffelen at tenforce.com> wrote:
>>
>>> Hi John,
>>>
>>> That backup is on the 01.00.00 test system, which is unaccessible
>>> because it sits on a machine with the same IP.
>>> I propose you test and evaluate it with your own test data.
>>>
>>> kind regards,
>>>
>>> Bert
>>>
>>>
>>>
>>> 2013/10/16 John Glover <john.glover at okfn.org>
>>>
>>>> Hi Bert,
>>>>
>>>> Thanks. Could you also please load the most recent dump of the 09
>>>> production database (the backups directory that Dimitrios mentioned before
>>>> is no longer on the server)?
>>>>
>>>> I will investigate the issue with logging in after I have written and
>>>> tested the patch.
>>>>
>>>> Regards,
>>>> John
>>>>
>>>>
>>>>  On 16 October 2013 15:20, Bert Van Nuffelen <
>>>> bert.van.nuffelen at tenforce.com> wrote:
>>>>
>>>>>  Hi John and Darwin,
>>>>>
>>>>> 212.71.25.148 has been setup to release 00.09.03. + the suggested
>>>>> changes to remove the https setup temporary.
>>>>>
>>>>> For ODP-300:
>>>>>
>>>>> There is a system admin user created api/api and a data publisher
>>>>> bert/bert.
>>>>> What we have now is that with this setup if you login as bert, then
>>>>> clear your cookies in your browser and then login as api you see bert.
>>>>> Secondly if Dimitrios logs in on another computer as api then he is
>>>>> also 'bert'.
>>>>>
>>>>> I have the feeling that the suggestion for removing the https setup
>>>>> have a drastic impact on the correct user management.
>>>>>
>>>>> best regards,
>>>>>
>>>>> Bert
>>>>>
>>>>> --
>>>>> Bert Van Nuffelen
>>>>>
>>>>> Semantic Technologies Software Architect at TenForce
>>>>> www.tenforce.be
>>>>>
>>>>> Bert.Van.Nuffelen at tenforce.com
>>>>> Office: +32 (0)16 31 48 60
>>>>> Mobile:+32 479 06 24 26
>>>>> skype: bert.van.nuffelen
>>>>>
>>>>> _______________________________________________
>>>>> Ecodp-dev mailing list
>>>>> Ecodp-dev at lists.okfn.org
>>>>> http://lists.okfn.org/mailman/listinfo/ecodp-dev
>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> Ecodp-dev mailing list
>>>> Ecodp-dev at lists.okfn.org
>>>> http://lists.okfn.org/mailman/listinfo/ecodp-dev
>>>>
>>>>
>>>
>>>
>>> --
>>> Bert Van Nuffelen
>>>
>>> Semantic Technologies Software Architect at TenForce
>>> www.tenforce.be
>>>
>>> Bert.Van.Nuffelen at tenforce.com
>>> Office: +32 (0)16 31 48 60
>>> Mobile:+32 479 06 24 26
>>> skype: bert.van.nuffelen
>>>
>>> _______________________________________________
>>> Ecodp-dev mailing list
>>> Ecodp-dev at lists.okfn.org
>>> http://lists.okfn.org/mailman/listinfo/ecodp-dev
>>>
>>>
>>
>> _______________________________________________
>> Ecodp-dev mailing list
>> Ecodp-dev at lists.okfn.org
>> http://lists.okfn.org/mailman/listinfo/ecodp-dev
>>
>>
>
>
> --
> Bert Van Nuffelen
>
> Semantic Technologies Software Architect at TenForce
> www.tenforce.be
>
> Bert.Van.Nuffelen at tenforce.com
> Office: +32 (0)16 31 48 60
> Mobile:+32 479 06 24 26
> skype: bert.van.nuffelen
>
> _______________________________________________
> Ecodp-dev mailing list
> Ecodp-dev at lists.okfn.org
> http://lists.okfn.org/mailman/listinfo/ecodp-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.okfn.org/mailman/private/ecodp-dev/attachments/20131021/6927cf39/attachment.html>


More information about the ecodp-dev mailing list