2009-10-15 Developers Conference Call

Date

15 October 2009

In Attendance

  • Mike Seaton
  • Ben Wolfe
  • Darius Jazayeri
  • Justin Miranda
  • Paul Biondich
  • Burke Mamlin
  • Win Ribeka
  • Michael Downey

Agenda

  • Discuss module authentication (how does it work? how should it work?) – see discussion on dev list
    • Module startup and service startup are really system functions, and should be invoked with Admin privileges.
  • By design, modules can do anything they want to by assigning proxy privileges. Given that, we should have a simple mechanism to bypass privilege checks, like: Context.runWithAdministratorPrivileges(Runnable);
  • Should user sessions timeout be default? (dev list thread)
  • Review branches to see what needs pruned.
  • Discretely define what determines that something becomes part of core OpenMRS.
  • Puntable Agenda Refactor the program and workflow to person from patient.

Preperatory Data about Branches

Active Lists

Upul

last touched 2 months ago

5 commits

cohort-definition-refactoring

mseaton

last touched 6 months

8 commits

data-synchronization-admin-ui

nzeyi

2 months

30 commits (should be merged into sync module)

data_synchronization_bidirectional

maros

3 weeks

many commits (being moved to sync module)

dataset

jmiranda for grekier

2 years

(no commits to branch after creation)

dataset-definition-refactoring

jmiranda

5 months

(4 commits)

form-refactoring

djazayeri for jmanico -

1 year

~20 commits

global-property-types

dthomas for konnikov

2 months

~50 commits

hl7-nk1

bmckown

2 months

1 commit

indicator

mseaton

6 months

1 commit

logic-cache

tmdugan for frosemond

3 months

15 commits

logicathon

bwolfe

1 year

~50 commits

reporting

jmiranda + pboucher

2 years ago

4 commits

reporting-sprint

mseaton, jmiranda

7 months ago

~30 commits

scheduler

jmiranda

2 years ago

5 commits

serialization

bwolfe for luzhuangwei

3 months

50 commits, partially merged to trunk?

structured-numeric

bwolfe (djazayeri?) for vdgreat

1 year

3 commits

testathon

jmiranda for group

4 months

~40 commits

visualization

sdamarju, hrodrigues

2 years

40 commits

Minutes

  • Current state of modules
    • Module gets privileges of user who started it when started from admin page. When starting OpenMRS, modules get no privileges
    • On startup, OpenMRS loads each module (puts the module in memory), starts each module that is supposed to be running (calls the activator's onStartup method), then Spring is restarted
    • If module activator throws an exception, then the module is considered not started and the message shows on the module management page as an error
  • Proposed changes
    • Modules need to be called as system is starting (similar to current onStartup method)
    • Need a notification after all contexts are initiated (Spring has restarted) (#1712)
    • Need a context will restart and context restarting
    • Need a notification that module is being shutdown
    • Need a notification that a module has been shutdown
    • method names: willStart, started, willRefreshContext, contextRefreshed, willStop, stopped
    • Framework should make methods thread-safe
    • Notification methods should be invoked as super user
    • We add a daemon user that will be used to notify modules, could replace scheduler, and cannot authenticate to API

To Do

    • Need to e-mail devsec list about idea to add daemon user to all OpenMRS implementations with reserved UUID
      • Shouldn't this go out to a broader audience? I'd vote for dev instead of devsec -Paul
    • Would like to move away from assuming id == 1 for core data and use reserved UUIDs
    • Need a ticket for refactoring module notification methods

We talked about how to handle proxy privileges. Ideally, privileges could only be added (proxy'd) by someone who has those privileges.

    • Could do this with signed modules, where module author is proxying as super user
    • Could require admin to "grant" privileges to a module when loaded
    • Proxy privilege method in API would need:
      1. to persist which privileges have been allowed for which modules and
      2. to know which module had invoked the method to ensure the module has been granted those privileges
        • There is a Thread.currentThread().getStackTrace() that could be used to find out who called a method

Should user sessions timeout be default? (dev list thread)

  • We agree that API should have a default timeout for user authentication
  • This could be done by checking time since last hasPrivilege() call during each hasPrivilege() call. If too much time has passed, then invalidate user context otherwise reset the timeout at hasPrivilege() call
  • Admin interface should have a way to alter specific user timeouts, even increasing to infinity if necessary

Pruning branches

Keep

Active Lists

Upul

last touched 2 months ago

5 commits

Prune

cohort-definition-refactoring

mseaton

last touched 6 months

8 commits

Keep

data-synchronization-admin-ui

nzeyi

2 months

30 commits (should be merged into sync module)

Keep

data_synchronization_bidirectional

maros

3 weeks

many commits (being moved to sync module)

Prune

dataset

jmiranda for grekier

2 years

(no commits to branch after creation)

Prune

dataset-definition-refactoring

jmiranda

5 months

(4 commits)

Prune

form-refactoring

djazayeri for jmanico -

1 year

~20 commits

Keep (check w/ Dave)

global-property-types

dthomas for konnikov

2 months

~50 commits

Keep

hl7-nk1

bmckown

2 months

1 commit

Prune

indicator

mseaton

6 months

1 commit

Prune after checking w/ Tammy/Win

logic-cache

tmdugan for frosemond

3 months

15 commits

On deck for Prune

logicathon

bwolfe

1 year

~50 commits

Prune

reporting

jmiranda + pboucher

2 years ago

4 commits

Prune

reporting-sprint

mseaton, jmiranda

7 months ago

~30 commits

Prune

scheduler

jmiranda

2 years ago

5 commits

Prune after checking with Ben

serialization

bwolfe for luzhuangwei

3 months

50 commits, partially merged to trunk?

Keep

structured-numeric

bwolfe (djazayeri?) for vdgreat

1 year

3 commits

Keep

testathon

jmiranda for group

4 months

~40 commits

Prune after checking with Paul/Ben

visualization

sdamarju, hrodrigues

2 years

40 commits

Branches To Dos

  • Win will check into logic-cache branch
  • Ben will f/u on serialization and visualization branches

Punted

  • Discretely define what determines that something becomes part of core OpenMRS.
  • Puntable Agenda Refactor the program and workflow to person from patient.

We will schedule weekly slots for code review and design time

  • Tentative is code review on Monday morning, design on Wednesday mornings
  • Will finalize times on dev list
  • We should send a note to dev list if we are going 2 or more weeks without scheduled code review and/or design time (with 2+ people for each). Ben will cover this for now, but it will eventually be part of the job for a QA person