[08:32:58] ja [10:24:28] (Abandoned) Hashar: Jenkins job validation (DO NOT SUBMIT) [wikimedia/fundraising/crm] - https://gerrit.wikimedia.org/r/151840 (owner: Hashar) [11:19:03] (CR) Pcoombe: [C: 2] "Ok, thanks Adam!" [wikimedia/fundraising/crm] - https://gerrit.wikimedia.org/r/161413 (owner: Awight) [16:26:38] (CR) Ejegg: "Oops, did we really want to stop wrapping lines? Sorry, should have asked this before +2" [wikimedia/fundraising/crm] - https://gerrit.wikimedia.org/r/161615 (owner: Awight) [17:00:35] yo K4-713 are you coming to standup? [17:01:48] atgo: Maybe not. [17:01:52] Or, yes. [17:01:53] hah [17:01:55] ha... ok [17:02:02] IRL or online? we are in 67 [17:02:55] Don't you see? If you go to the standup in Google Hangouts, you go to the standup IN REAL LIFE [17:03:14] It's similar to dying in Canada [17:05:10] I didn't even know what I was referencing. https://www.xkcd.com/180/ [17:16:55] hahaha thanks marktraceur :) [17:22:52] (CR) Ejegg: [C: 2] finish moving Twig support into wmf_communication [wikimedia/fundraising/crm] - https://gerrit.wikimedia.org/r/161412 (owner: Awight) [17:33:40] awight ccogdill - k4 can't make the brown bag on wednesday. we should postpone or do you want to do just the 3 of us? [17:34:13] maybe leave that up to awight? I’m happy to still do it if he wants to [17:41:11] atgomez: ccogdill: sadly, I can't make it either. It's a surprise papa day. [17:41:38] okay let’s reschedule then [17:41:49] and I don’t know what a surprise papa day is but I like the sound of it! [17:42:52] hehe, just an unscheduled need for parent [17:43:51] I could almost bring the kid, but I would need... another excuse to come to the city, it's a bit of a production :) [17:49:51] understandable. surprise papa day it is! [18:01:19] atgomez: working on the call? [18:01:52] We're getting there. [18:02:01] k [18:31:15] (CR) Ejegg: "Couple of questions inline. Also, do we have to wrap the wgRequest->getText in DonationData's sourceHarvest? I see that called from it's" (2 comments) [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/139452 (owner: Awight) [18:37:56] ejegg: awesome, thanks for starting on that review! [18:39:21] awight: yw. Lots to pull apart there, and tricky to realistically test locally! [18:40:06] Does the DonationData constructor somehow get called with external_data when used in the civi context? [18:40:08] oof, yeah. I think the CRM test mocks the entire library. [18:40:54] ejegg: I don't think so--that was a hack that originated in the standalone work, and I think we merged that into the trunk, but I think the standalone mechanism works differently. [18:41:16] Testing shouldn't be too bad, though. We can do it on the same level as other DI tests, mocking only at the net layer [18:41:23] right. [18:41:31] Good point that I should absolutely write those... [18:42:35] OK, so if we're not constructing the Globalcollect Gateway adapter object with external_data set in the options, it looks like it calls the DonationData constructor without it, which in turn tries to harvest a bunch of info from $wgRequest. am I getting confused somewhere? [18:43:39] That. Is probably a huge bug. Looking... [18:45:16] ... [18:45:21] What's a huge bug? [18:45:28] The thing... behaving as intended? [18:45:56] K4-713: no, we're talking about https://gerrit.wikimedia.org/r/#/c/139452/ [18:46:17] I'm trying to unfork standalone vs trunk DI [18:46:44] This, you should always be running in batch mode, sounds like. [18:47:10] So, recurring_globalcollect.module currently calls $adapter->load_request_data yeah and should use the new batch mode and external_data instead. [18:47:18] yep [18:47:48] OK, so as long as we update the way we're using it, we don't need to wrap those calls [18:48:00] That's what batch mode is for. :) [18:48:02] totally, I can revert any changes to that code [18:48:04] woohoo [18:48:48] you didn't change that code - must have been planning to go batch mode all along! [18:49:36] We have had batch mode since 2011. [18:49:48] ...Orphan slaying. [18:51:01] K4-713: yeah but we could only pass data to an OrphanGlobalCollectAdapter. Now we can do it to the base glass. [18:51:59] class [18:56:52] awight: is this the oauth provider vetted for dash? https://www.drupal.org/project/oauth [18:57:32] ejegg: yah, "vet" might be too strong, that seems to be the only semi-mature module [18:59:02] the Oauth2 server seems to have more dls & installs, and is at the same version num. But source code is not as good? [18:59:18] oops, scratch that about version num [19:00:48] ejegg: whew, 154 sites vs 61k sites using it... [19:00:58] lemme see what else was scary... [19:01:36] yeah, sorry, was not actually looking at oauth page. i'm convinced! [19:01:43] https://www.drupal.org/node/2302391 [19:02:04] eesh [19:02:06] I'm only 80% convinced we should go with "oauth" [19:02:19] I wish I'd taken notes on comparing the options, though... [19:02:34] Doesn't look entirely bad: https://www.drupal.org/project/issues/oauth2_server?categories=All [19:03:33] ejegg: hehe, you know, it was probably because I evaluated before oauth2 had even been released [19:03:39] Definitely should give it a fair look [19:04:25] that must have been a while ago! [19:05:06] Either way, there's only been one release, this July. [19:05:48] ok, i'll set up oauth 1.0 and see if i can get dash to play nice with it [19:08:17] wow, ok! [19:08:52] locally, i mean! Seems like the next step for the dash backend [19:09:05] ejegg: u should those cards into the sprint, in that case... [19:09:16] yeah [19:09:20] yeah it is. I've been worrying about that with regularity [19:26:45] (PS12) Awight: Backport Standalone framework [extensions/DonationInterface] - https://gerrit.wikimedia.org/r/139452 [20:30:18] ejegg: I'm thinking about replacing this WmfFramework thing, with a transparent compatibility layer that defines the global wf* functions... have an opinion? [20:31:25] meh, it's too inconsistent, nvm... [20:31:47] Some calls are accesses to global variables, some classes, some wfFuncs. [20:32:12] It still bothers me that one codepath is ported and the remainder is not. [20:32:36] awight: Yeah, that's really no fun [20:32:54] I'm going to be cursing myself for years, either way. [20:33:00] it's already tricky enough to work in DI, no need to add the 'which set of fns do I use?' [20:33:20] And, we're low on 3rd-party scapegoats :( [20:33:23] heh [20:34:12] How about the mediawiki validation stuff like IP::isValid or whatever? Going to fake all those up too? [20:34:34] oh, i see your 'too inconsistent' comment above [20:34:41] yeah, really ugly either way [20:36:03] Thinking about it further, the WmfFramework calls are at least an obvious marker for where you need to do things differently [20:36:38] The long-term plan is (probably) to componentize payment code into something independent of MW... [20:36:44] Faking up the rest would make it easy to add calls to unfaked functions in there. [20:37:02] So, I guess I feel good about the framework shim. [20:37:23] yeah, got to start quarantine someplace [20:37:44] The only other semi-sane thing to do, though, is to finish the port :-/ [20:38:07] well, at least make a plan for it [20:38:18] The big obstacle to a full port is the Forms code, it's even more closely coupled to MW [20:38:40] the localization in particular, right? [20:38:42] yeah, I'll bring up the planning part more regularly from now on, cos not having that plan is becoming an issue [20:39:43] hmm, i18n is a big part of it, but I was thinking more about RapidHTML, and how it needs to meet its antimatter complement one day soon. [20:40:03] I don't want to do any work to reinforce such a borken paradigm [20:40:31] there's an OAuth login provider drupal module that will provide an identity to node, and has a matching passport plugin for support on the node side [20:40:46] ejegg: ooh? [20:40:49] what's the link? [20:40:56] https://www.drupal.org/project/oauthloginprovider [20:41:01] https://github.com/mixmarket/passport-drupal [20:41:13] Cool! It's very stale though [20:41:30] yeah, unfortunately [20:41:54] Looks like a new maintainer is stepping up... but no release yet. [20:41:58] might still be worth using till oauth 2.0 is stable enough to make it unnecessary [20:42:55] Well, if we're using something unmaintained, we might as well go with oauth 2? [20:43:38] oof, matt2000's commits are all from 2 days in May. [20:43:41] hmm, let me see just how much logic there is in these two things [20:43:51] yep [20:44:03] the passport side is quite small [20:44:24] it requires ctools, which I was sort of avoiding [20:44:40] I suppose I can relax though, now that we're better protected from the open internet. [20:44:47] so does the oauth 1.0 base module, to add contexts at least [20:44:55] though that could be done via script [20:46:12] Could certainly write a dash-specific WS endpoint that stores user widget prefs in drupal's db [20:47:17] ejegg: erm, http://cgit.drupalcode.org/services/tree/auth/services_oauth?h=7.x-3.x [20:48:16] That's what the oauthloginprovider thing is based on. [20:48:45] ok, and it just returns a structured user profile from the service endpoint. [20:49:21] That shouldn't be too hard to imitate [20:50:16] looking at how little code is involved in the loginprovider, I'm fine using that. ctools is an optional dependency, too. [20:50:19] http://cgit.drupalcode.org/oauthloginprovider/tree/oauthloginprovider.info [20:50:57] ah, cool [20:51:12] ejegg: Ugh! This was release last week: https://www.drupal.org/project/oauth2_authentication [20:51:39] Glad to see other people saw this as a lack in the ecosystem... [20:52:01] oh, neat [20:54:52] sorry, this one is only a consumer. [20:55:52] ejegg: after that enormous loop I took us on, perhaps we should use oauth2_server like you were saying earlier :) [20:56:33] heh.heh [20:57:00] well, i'm 1/2 way down the 1.0 / loginprovider / passport-drupal road [20:57:08] so I'll see where that takes me first [20:58:09] ok have fun, there's some lovely filth down there :p [20:58:32] thanks, i think [20:59:35] ejegg: one more detail: the ssl client cert complication! [21:02:10] ooh, right [21:02:38] i wonder if node can present one of those? [21:14:30] (CR) Awight: "Very premature review. I really like what's going on here, but I want to start a discussion about the wmfa_execute thing. IMO it will be" (3 comments) [wikimedia/fundraising/crm] - https://gerrit.wikimedia.org/r/159761 (owner: Katie Horn) [21:16:23] ejegg: yeah, that would be nicest. Otherwise, we'd need to mess with Apache rules to restrict that endpoint by IP, but not require the cert... [21:16:36] right [21:16:59] Jeff_Green: would that be an easy thing? ^^ [21:19:10] awight: to bypass cert auth from known IPs? yeah, I originally did that for the office, but no longer [21:20:11] ahh, cool. we may want to whitelist the dash server to be able to make backend token auth calls to drupal [21:20:36] (... just in case implement client cert for the dash server is difficult) [21:20:42] from the same physical machine? [21:21:05] hehe yes, if dash and crm and on the same server [21:21:38] accessing the drupal creds db directly would not be cool, in this case... [21:43:21] I think I just stepped on a yellowjacket... what an unpleasant feeling! [21:43:33] ouch! sorry to hear that [21:44:10] atgomez__: when you say "we have a plan" re: EC, what does that mean? [21:44:28] * awight glares at flying things [21:44:34] we know what it in theory looks like to tackle it [21:44:42] when/if it makes more sense than it does right now [21:44:48] oh no! your foot :( [21:45:09] hehe [21:46:01] atgo: ok thx, so nothing has changed since the call... I feel like there's still a discussion to have about what we want to do, and scoping the OmniPay alternative. [21:46:10] word [21:46:18] the only thing that's changed is that it's off the table for december [21:46:25] (everyone agrees) [21:46:39] * awight woots quietly about that. [21:48:28] :) [21:48:44] hey awight ccogdill when might be a good time to reschedule the brown bag about sql to? [21:49:13] since we have no teachers available wednesday [21:49:26] whenever awight can do it! Fridays are great for me but not sure about you guys [21:52:48] (CR) Qgil: "Is this oldish patch still waiting for a review? It says Composer, so I'm adding Bryan." [wikimedia/fundraising/stomp] - https://gerrit.wikimedia.org/r/115807 (owner: Awight) [21:56:04] Thurs or Fri would work for me [21:56:51] (Abandoned) Awight: Use composer to pull a current release of the fusesource STOMP library [wikimedia/fundraising/stomp] - https://gerrit.wikimedia.org/r/115807 (owner: Awight) [23:34:29] hey awight! i see that the PCI doc is in pcr... anything i can help with there? [23:38:11] hey awight, any chance you have a moment for a hopefully quick mysql question? [23:38:50] ccogdill: sure! [23:38:55] thank you! [23:39:07] I was trying to get a list of Jul - Sept 2013 donors [23:39:12] so I tried: SELECT e.email email FROM civicrm.civicrm_email e, civicrm.civicrm_contribution ct WHERE ct.contact_id=e.contact_id AND ct.receive_date >= '2013-08-01' AND ct.receive_date < '2013-09-30' INTO OUTFILE 'C:/Desktop/output.tsv'; [23:39:15] atgo: I think it's ready to send. They can ask us for clarification if any of the blanks are relevant. What you think? [23:39:23] ccogdill: fancy! [23:39:40] haha the marks of inexperience? [23:39:41] * awight reads about into outfile [23:39:47] I googled it… [23:39:56] thanks for showing me! [23:39:59] well mysql told me ERROR 1045 (28000): Access denied for user 'ccogdill'@'localhost' (using password: YES) [23:40:04] oh heh [23:48:01] awight do we not need any info about Database / At-rest Data Scoping Questions? [23:48:35] i realize i have the doc right now.. let me save it back in 1 sec [23:49:19] atgo: no, we can safely say the database is out of scope, and we have no other static files containing "cardholder data" [23:49:30] awight cool [23:49:44] hey, FYI i created https://wikimedia.mingle.thoughtworks.com/projects/online_fundraiser/cards/1995 and am jumping on that cos it's pretty emergency-level data corruption. [23:49:57] pls mention to K4 if around... [23:53:15] atgo: ^^ [23:53:23] done... she says "Oh, good." [23:53:46] :) thx