canopy/release_checklist.md

Canopy - 0.1-INDEV Release Checklist

This checklist serves as both a list of goals for this version, as well as a future patchnotes files. Canopy - 0.1-INDEV inteds to be near-feature-complete with the chat and account management parts of fore.st

• Accounts/Authentication ✓

  • single document collection in DB for instance statistics ✓
  • session management ✓
  • basic account system using bcrypt/mongoose/ferretdb (mongodb for now, mongo backend for express-session is currently incompatible) ✓
  • account creation/login frontend ✓
  • logout/kill session ✓
  • Setup basic config file ✓
  • XSS/Security check ✓

• Profile Info/Page ✓

  • profile display page layout ✓
  • display profile creation date ✓
  • display profile short-bio ✓
  • display profile bio ✓
  • display profile image (url based) ✓
  • display badges ✓
  • edit profile items ✓
  • password update (authenticated by old password) ✓
  • account deletion ✓
  • XSS/Security check
    • standardize account functions ✓
      • fix account id ✓
      • check password ✓
      • login ✓
      • logout ✓
      • session management features
        • add ip, auth date, and redundant seshid to authed sessions ✓
        • function to get authed sessions for specific user ✓
        • full logout (kill all sessions for specific user) ✓
      • password reset ✓
      • account deletion ✓
      • register ✓
    • XSS check ✓
      • navbar ✓
      • profile ✓

• Multi-Channel ✓

  • Channel Schema ✓

  • Channel Creation ✓

  • Channel List ✓

  • basic channel page layout (no scripted functionality) ✓

    • check layout scales proper ✓
    • try in chromium ✓
    • try on mobile (or at least browser-sim, getting this to work proper might req a little JS, so we might save it for a later touch up on UX :P) ✓

  • Channel Settings ✓

  • Channel Deletion ✓

  • Site-Wide Admin Channel Management Page ✓

  • XSS/Security check X

    • FAIL: XSS: index (channel description - to be fixed by express-validator)
    • FAIL: XSS: adminPanel (channel description - to be fixed by express-validator)

  • Implement Express-Validator ✓

    • /api/ ✓
      • Account Logic ✓
        • Login ✓
        • Register ✓
        • Delete ✓
        • Update ✓
      • Channel Logic ✓
        • Register ✓
        • Settings ✓
        • Delete ✓
    • XSS Check
      • XSS: index ✓
      • XSS: adminPanel ✓

• Chat

  • duplex comms (socket.io) ✓
  • connected user-list ✓
  • simulatnious socket.io connections within same room for same user ✓
  • chat ✓
  • high-level ✓
  • random-multi-color usernames a-la TTN/OF/TZ (super important) ✓
  • XSS/Security check ✓
    • express-validator - Chat ✓

• Quiet Public Code Release

  • Prettify movie-night.css to make it at least kinda resemble TMN ✓
  • Responsive Channel Page JS
    • Click to Drag Video/Chat Split ✓
    • Lock Chat Split to Aspect Ratio (fake aspect ratio for now until media playback is implemented) ✓
    • Click to Drag Chat/Userlist Split ✓
    • Prevent chat from breaking during resize ✓
    • Prevent userlist from breaking during resize ✓
    • Auto hide/show media header bar ✓
    • Collapse Userlist ✓
    • Collapse Video ✓
    • Collapse Chat ✓
    • Cinema Mode ✓
  • AGPL v3 Notice check on all original files ✓
  • Move realease_checklist.md milestones to gitlab issue tracker

• Channel Page Multi-Pannel

  • Successor to fpanel from fore.st, that isn't so gross
  • Create blank panel element that pops open/closed over chat with matching class which can take a current panel page object and display it
  • Allow panel-pinning. Pinned panel opens next to chat, instead of over. Standard panel can be opened over pinned-panel/chat. Only one pinned-panel at a time.
  • Allow panel-popouts, allowing users to pop-panels out into a seperate window.
  • Allow dynamic resizing of both active and pinned panels via mouse click/drag.

• Rank/Authorization

  • account ranks (user, gold, mod, bot, admin)
  • session ranks (derived from account: anonymous, user, gold, mod, bot, admin)
  • Central DB Collection for documents containing global permissions and min rank for each
  • Global Permission Page
  • No direct rank checks, all rank checks must go through a Permission
  • Global Ban function
  • flair (some rank-locked) (super duper important)
  • Channel-Based Rank/Authorization
  • Channel Ban function (automatically list all global banned)
  • Channel Kick function
  • XSS/Security check

• Commands

  • Client-side command parser using '/'
    • /high # to set high level
  • Serverside command parser using '!'
    • !whisper for subscript
    • !announce for announcements
    • !clear to clear all or a specific users chat
  • XSS/Security check

• Tokebot

  • Basic tokebot functionality with global !tokes
  • !toke commands stored in DB documents
  • !toke command management page
  • store use statistics for each !toke command within respective user account document
  • display toke statistics on user profile
  • store each toke as a document in toke history db collection
  • tokebot "profile" that displays site/channel toke statistics
  • XSS/Security check

• Link/Media Check/Embed (images/gif/webm in chat)

  • Seperate links from message client-side
  • Serverside media check
  • Re-assemble link/embed client-side
  • Site-wide Emotes
  • XSS/Security check

• Account Security Extra's

  • Email password reset
  • captcha requirement for registration

Near-Future Milestones Post v0.1:

• Announcement & Loud Public Code Release
• Chat-only public test w/ bugfix sessions
• v0.2:
• Media Metadata Gathering (yt-dlp)
• Basic video queue
• Synced video embed based on current video from queue.
• Channel Queue History
• Video-Synced public test w/ bugfix sessions