-
Notifications
You must be signed in to change notification settings - Fork 0
04 Known Issues
The project was made to prototype a possible solution, but definitely is not ready to be used in a production environment. Many short-cuts were taken to improve testing and now improving security, cleaning code, and comprehensive testing would need to be done. In this section we will cover some areas we know to be issues and cover some advice on possible improvements and testing.
For the storage of police record checks and vulnerable sector checks we used an S3 bucket. For simplicity we left this bucket completely open to public viewing and uploading using access keys (which have since been removed). For the final version the document upload would have to be modified to either go to a private S3 bucket or somehow be stored in Civi or Drupal (we weren't sure if this is possible).
Currently there is no authentication at all. If an email address is given that matches a volunteer, then the user is logged in as a volunteer, and likewise for staff. Also this variable is reset whenever the website is refreshed or when the user navigates causing them to become locked out until they sign in again, which would have to be fixed. The final authentication should be done using the same system as the current staff logins are done (to prevent staff from having to learn two usernames / two passwords) which we assume is Drupal but aren't sure.
The site was made on a MacBook Pro and renders properly on that computer, but it has not been tested on anything else. ReactJS should allow the site to render nicely with different computers and even tablets and mobile, but due to some shortcuts on the CSS styling and organizing the elements the site will probably not work well on very different screen sizes and shapes. This would have to be tested and improved upon.
Overall we ran some integration tests using mock data but did not properly unit test each component or go through the business logic. Before the site goes live everything would have to be properly tested to ensure that it works and that there is strong security protecting the information of volunteers and staff.