DESCRIPTION
This module attempts to provide content editors with the ability to include links to documents stored in a Documentum repository. For example editors can add a file using the file/add menu and then embed a link to this file in content. Or, if using media and wysiwyg then a media browser of the repository is provided.
At the same time, a use case for the primary client (so far) is to use drupal as a proxy between the browser and the Documentum repository for serving up the documents. Unlike remote stream wrapper that embeds a remote link to some content or a document, the embedded link should be a link back to the drupal site so that drupal can stream the content from the Documentum repository back to the browser.
As a design choice this wrapper uses the REST apis from Documentum (tested, but not exhaustively, with 6.7 SP2 and 7.1 versions of content server).
PROJECT PAGE
https://www.drupal.org/sandbox/joel.gilchrist/2557493
GIT CLONE INFORMATION
git clone --branch 7.x-1.x http://git.drupal.org/sandbox/joel.gilchrist/2557493.git documentum_stream_wrapper
MANUAL REVIEWS
https://www.drupal.org/node/2402147#comment-10290091
https://www.drupal.org/node/2511448#comment-10290321
https://www.drupal.org/node/2453715#comment-10294045
Comments
Comment #2
PA robot CreditAttribution: PA robot commentedThere are some errors reported by automated review tools, did you already check them? See http://pareview.sh/pareview/httpgitdrupalorgsandboxjoelgilchrist2557493git
Fixed the git clone URL in the issue summary for non-maintainer users.
We are currently quite busy with all the project applications and we prefer projects with a review bonus. Please help reviewing and put yourself on the high priority list, then we will take a look at your project right away :-)
Also, you should get your friends, colleagues or other community members involved to review this application. Let them go through the review checklist and post a comment that sets this issue to "needs work" (they found some problems with the project) or "reviewed & tested by the community" (they found no major flaws).
I'm a robot and this is an automated message from Project Applications Scraper.
Comment #3
joel.gilchrist CreditAttribution: joel.gilchrist commentedItems from the automated review have been addressed (as much as possible). There are a few outstanding issues but addressing them makes the code non-functional. These are due to the fact that the new code is inheriting from a class/interface that does not adhere to the coding standards.
FILE: ...var/www/drupal-7-pareview/pareview_temp/documentum_stream_wrapper.inc
---------------------------------------------------------------------------
FOUND 6 ERRORS AFFECTING 5 LINES
---------------------------------------------------------------------------
126 | ERROR | Type hint "array" missing for $options
126 | ERROR | Public method name "DocumentumStreamWrapper::stream_open"
| | is not in lowerCamel format
321 | ERROR | Public method name "DocumentumStreamWrapper::stream_read"
| | is not in lowerCamel format
360 | ERROR | Public method name "DocumentumStreamWrapper::stream_eof" is
| | not in lowerCamel format
376 | ERROR | Public method name "DocumentumStreamWrapper::stream_close"
| | is not in lowerCamel format
393 | ERROR | Public method name "DocumentumStreamWrapper::stream_stat"
| | is not in lowerCamel format
---------------------------------------------------------------------------
Comment #4
joel.gilchrist CreditAttribution: joel.gilchrist commentedComment #5
joel.gilchrist CreditAttribution: joel.gilchrist commentedComment #6
joel.gilchrist CreditAttribution: joel.gilchrist commentedComment #7
joel.gilchrist CreditAttribution: joel.gilchrist commentedComment #8
dhaval_panara CreditAttribution: dhaval_panara as a volunteer commentedI have reviewed code and found following issues:
1) $form_state argument should have ampersand symbol(&) in parameter.
File : documentum_stream_wrapper.admin.inc
function documentum_stream_wrapper_configuration_form($form, $form_state) {
function documentum_stream_wrapper_configuration_form_submit($form, $form_state) {
2) Maintain files in specific folders like js file should be in 'js' folder, inc files should be in "includes" folders.
3) I would suggest it will be good if you will use a form tpl for design form instead of use #prefix and #suffix.
Comment #9
joel.gilchrist CreditAttribution: joel.gilchrist commentedThanks for the review and for providing feedback. I will take a look at these items and make appropriate changes.
Comment #10
joel.gilchrist CreditAttribution: joel.gilchrist commentedOkay, I've taken care of numbers 1 and 2 from comment #8.
For #3 can you clarify the reasons for the suggestion? I understand some value from separating html/markup from the code but in a few quick prototypes it seems like overkill to have a theme and a template file, plus a bunch of variable passing to replace a few simple lines of prefix/suffix code. (Maybe I'm overcomplicating it by not doing it correctly). Do you consider this comment a blocker?
Thanks.
Comment #11
joel.gilchrist CreditAttribution: joel.gilchrist commented@dhaval_panara: For #3 review item instead of using a template file, since really I am not messing with the overall template, I have chosen to pull out the html tags into a theming function within the module. I think this does a good job of separating form definition from the extra html tags and keeps the html tags all in one location. So I'm hoping this solves the 'spirit' of your review item, if not the actual wording of your comment.
Please take another review and let me know if you have any further comments or suggestions.
Comment #12
joel.gilchrist CreditAttribution: joel.gilchrist commentedComment #13
dhaval_panara CreditAttribution: dhaval_panara as a volunteer commentedI have checked Point #1 and #2 and it's implemented.
But I am not still fully satisfied with solution of #3.
you can make it more better with this reference link THEMING FORMS WITH TEMPLATE FILES
Comment #14
dhaval_panara CreditAttribution: dhaval_panara as a volunteer commentedComment #15
joel.gilchrist CreditAttribution: joel.gilchrist commented@dhaval_panara: Thanks for your review time (and for your patience). The theming help link you sent was very useful. I've made some changes to use a template file. It is working well. Please take another look.
Comment #16
joel.gilchrist CreditAttribution: joel.gilchrist commentedComment #17
joel.gilchrist CreditAttribution: joel.gilchrist commentedA few more changes have been made to simplify and to remove the media browser plugin. This shortens the code quite a bit and it has been tested quite a bit more too.
Comment #18
klausiReview of the 7.x-1.x branch (commit 5f4f7ec):
This automated report was generated with PAReview.sh, your friendly project application review script. You can also use the online version to check your project. You have to get a review bonus to get a review from me.
manual review:
<script>alert('XSS');
as repository name for example then I will get a nasty javascript popup in the overview table. You need sanitize user provided text before printing in a table, make sure to read https://www.drupal.org/node/28984 again. And please don't remove the security tag, we keep that for statistics and to show examples of security problems.Removing review bonus tag, you can add it again if you have done another 3 reviews of other projects.
Comment #19
joel.gilchrist CreditAttribution: joel.gilchrist commentedThanks @klausi for the thorough and professional review. All comments have been addressed. I'll look to review 3 other projects to gain another review bonus tag.
Comment #20
joel.gilchrist CreditAttribution: joel.gilchrist commentedComment #21
yogeshmpawarComment #22
klausimanual review:
documentum_stream_wrapper_file_add_search(): you are building a tableselect here, but you do not sanitize file_name which is coming from an external untrusted source, right? Same for oid.
Comment #23
PA robot CreditAttribution: PA robot commentedClosing due to lack of activity. If you are still working on this application, you should fix all known problems and then set the status to "Needs review". (See also the project application workflow).
I'm a robot and this is an automated message from Project Applications Scraper.
Comment #24
joel.gilchrist CreditAttribution: joel.gilchrist commentedComments from #22 have been addressed. Setting back to 'Needs Review'. I wasn't sure of the best way to sanitize filename. I found a reference here https://www.drupal.org/node/2472895 which looked good. Let me know if something else is readily available and I will used it.
Comment #25
joel.gilchrist CreditAttribution: joel.gilchrist commentedComment #26
Warped CreditAttribution: Warped as a volunteer commentedThank you for your contribution!
After 2017 March 7 everyone can promote a project to a full project. A full project has a short project name and a drupal.org/project URL. It can also have releases (like alpha1 or 1.0). Edit your sandbox project, and then choose the 'Promote' tab.
https://www.drupal.org/docs/8/understanding-drupal-version-numbers/drupa...
https://www.drupal.org/docs/8/choosing-a-drupal-version/what-do-version-...
https://www.drupal.org/docs/8/understanding-drupal-version-numbers/what-...
https://www.drupal.org/docs/8/choosing-a-drupal-version/release-stable-v...
If you'd like to opt into security coverage, please ensure your module is ready for a full release, and then set this issue back to 'needs review'
Immense apologies for how long it took to get to this review completed.
Comment #27
apadernoI am closing this application for the lack for replies. I take the OP just needed to be able to promote the project.