Discussion centered on ongoing tasks, particularly the administrative part of the new web interface for Open Hospital.
Participants reviewed issues related to user permissions and the status of pull requests.
00:30:00
API and Permission Management
@gaspard
Gaspard proposed improvements to the API for managing user permissions more efficiently.
Discussion on whether to update permissions individually or in bulk, with suggestions for new endpoints to streamline the process.
Conflict Management in Data Updates
@All
Participants discussed the need for a locking mechanism to prevent data conflicts during updates.
Concerns were raised about automatically refreshing data, with a preference for notifying users of conflicts instead.
Agreement on the necessity of implementing a lock mechanism across various entities in the project.
Discussion on whether to create a global class for the lock mechanism to apply to all entities.
01:00:00
Data Freshness and Real-Time Updates
@All
Discussion on ensuring data freshness in the front end and backend.
Proposal for implementing real-time updates to keep users informed of changes without manual refresh.
Acknowledgment of the complexity and workload involved in implementing such features.
01:05:00
Permission Management and Dependencies
@All
Concerns raised about the dependency of permissions on one another.
Discussion on how to manage permissions effectively to avoid conflicts.
Mention of the need for a more structured approach to permission assignments.
01:40:00
User Creation and Password Management
@All
Debate on the security of password handling during user creation.
Agreement that passwords should not be sent in clear text and should be encrypted on the backend.
Discussion on the need for separate data transfer objects (DTOs) for user creation and retrieval to avoid exposing sensitive information.
01:50:00
User Controller Refactoring Discussion
@All
Discussion on the need to extract a group's controller from the user controller.
Steve Tsala mentioned the removal of response entities in favor of returning plain Java objects.
Concerns raised by Alessandro Domanico regarding the implications of this change, especially in terms of error handling and consistency across controllers.
02:05:00
Merge and Pull Request Coordination
@gaspard
@Steve Tsala
@Tedros Kahsu
Gaspard Beernaert inquired about the timing of merging his pull request related to user edits.
Steve Tsala suggested that they need to handle permissions in the pull request and will coordinate with Gaspard.
Tedros Kahsu expressed willingness to work on new issues and familiarize himself with the codebase.
02:10:00
User Deletion and Activation Discussion
@All
Discussion on user deletion versus user activation, with suggestions to implement soft deletion.
Concerns raised about the implications of deleting users who may have associated data.
02:15:00
Token Management Improvements
@Silevester Dongmo
@Alessandro Domanico
Silevester raised concerns about the user experience when tokens expire.
Alessandro mentioned an existing issue (OP-1329) regarding token provider improvements, including refreshing and blacklisting.
02:20:00
Upcoming Releases and Prioritization
@All
Discussion on the urgency of upcoming releases and the need to prioritize tasks effectively.
Gaspard Beernaert asked about the timeline for the next release.
Action items
@Silevester Dongmo to create the new issues listed in the shared doc and coordinating with @Alessandro Falezza and @Alberto Mandelli
@Steve Tsala to complete the refactoring of the user controller and communicate any complexities.
@gaspard to wait for Steve Tsala to complete the refactor before merging.
@Tedros Kahsu to start working on issue OH2-300 and @gaspard to assist Tedros with any merge conflicts.
@TeamUI to finalize the approach for managing user DTOs to ensure passwords are not exposed.