in order for the default values to be inserted from the db when creating a new sql row you need to add default &server_default to the models.py so sqlalchemy can expect the values to be inserted, also i created the restapi for creating a new order

Managed to reduce Docker from 943 MB to 402 MB, Please notice that the order of commands have changed and now the pip command is wrapped with apk add above and apk del below, this will ensure the dependencies for building the pip wheels will not be part of the Docker layer so that less space is required (posrgresql-dev is required).

Also our Snyk score should be improved drastically with this change.

As suggested by @dangalg in #7 we should try and utilize a task management platform.

Since we don't really have agile development methodology I'm not sure it's super relevant but we have the following suggestions: Taiga - Open source. Trello - Free but commercial. WeKan - Open source. *GitHub Projects - Closed source, builtin.

We can also work with assigning Issues to ourselves.

As proposed by both @YBB8201 and @dangalg we would like to split the project into components to avoid collisions and merge conflicts.

We should first decide what will the different components be and then split the work into subunits and tasks and start working on separate files and branches for each component.

The app container is crashing because Keycloak is unavailable while the app was fully loaded.

Restarting the container several times after a minute or 2 solves that.

A fairly complex fix that masks all the services behind a single endpoint that can be diverted upon request.

Currently we have:

• invitease.localhost
• keycloak.localhost
• dash.localhost

All of them can be converted to:

• invitease.localhost
• invitease.localhost/keycloak
• invitease.localhost/dash

Binding these all under the same domain as required by @inbarbarkai

Closes #40

@inbarbarkai I've noticed a small diff between your implementation and the wiki.

https://github.com/Maagan-Michael/invitease/blob/master/db_init/baseline.sql#L34

In the wiki we've documented it like this:

* creation_timestamp - When was this entry created.
* modify_timestamp - When was the last action performed on this entry.

Not sure if we need it, what do you think?

I've changed the docker to the latest one. Reorganized the seeding files (both DB and keycloak). Recreated the seeding script to wait for Keycloak and run in backgroud.

In order to maintain readability of the DB structure and produce human readable log we should implement some DB fields conversion in runtime to convert field names such as user_id to User Identification.

In addition to displaying the data in a readable format it will allow i18n and l10n.

Log retrieval flow

Get request that returns:

• [ ] Events CSV

Promotion/Demotion flow

Get request that returns:

• [ ] Selected users according to search query

Post request that:

• [ ] Modifies user level

Authorization flow

• [ ] Login
• [ ] Logout

Gatekeeping flow

Get request that retrieves:

• [ ] List of active invitations

Post request that can handle:

• [ ] Decrease number of invitees number per invitation

Autorization flow

Post request that can handle:

• [ ] Shift start with login
• [ ] Shift end with logout

This PR was automatically created by Snyk using the credentials of a real user.

Changes included in this PR

• web/Dockerfile

We recommend upgrading to nginx:1.23.2-alpine, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

| Severity | Priority Score / 1000 | Issue | Exploit Maturity | | :------: | :-------------------- | :---- | :--------------- | | | 500 | Exposure of Resource to Wrong Sphere
SNYK-ALPINE316-CURL-3063711 | No Known Exploit | | | 500 | Exposure of Resource to Wrong Sphere
SNYK-ALPINE316-CURL-3063711 | No Known Exploit | | | 500 | Double Free
SNYK-ALPINE316-CURL-3063712 | No Known Exploit | | | 500 | Double Free
SNYK-ALPINE316-CURL-3063712 | No Known Exploit | | | 400 | Out-of-bounds Write
SNYK-ALPINE316-NGINX-3055742 | No Known Exploit |

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

This PR was automatically created by Snyk using the credentials of a real user.

Changes included in this PR

• web/Dockerfile

We recommend upgrading to nginx:mainline-alpine, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

| Severity | Priority Score / 1000 | Issue | Exploit Maturity | | :------: | :-------------------- | :---- | :--------------- | | | 571 | Double Free
SNYK-ALPINE316-CURL-3063712 | No Known Exploit | | | 571 | Double Free
SNYK-ALPINE316-CURL-3063712 | No Known Exploit | | | 471 | Cleartext Transmission of Sensitive Information
SNYK-ALPINE316-CURL-3063713 | No Known Exploit | | | 471 | Cleartext Transmission of Sensitive Information
SNYK-ALPINE316-CURL-3063713 | No Known Exploit | | | 400 | Out-of-bounds Write
SNYK-ALPINE316-NGINX-3055742 | No Known Exploit |

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

This PR was automatically created by Snyk using the credentials of a real user.

Changes included in this PR

• web/Dockerfile

We recommend upgrading to nginx:1.22.1-alpine, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

| Severity | Priority Score / 1000 | Issue | Exploit Maturity | | :------: | :-------------------- | :---- | :--------------- | | | 571 | Double Free
SNYK-ALPINE316-CURL-3063712 | No Known Exploit | | | 571 | Double Free
SNYK-ALPINE316-CURL-3063712 | No Known Exploit | | | 471 | Cleartext Transmission of Sensitive Information
SNYK-ALPINE316-CURL-3063713 | No Known Exploit | | | 471 | Cleartext Transmission of Sensitive Information
SNYK-ALPINE316-CURL-3063713 | No Known Exploit | | | 400 | Out-of-bounds Write
SNYK-ALPINE316-NGINX-3055742 | No Known Exploit |

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

This PR was automatically created by Snyk using the credentials of a real user.

Changes included in this PR

• Dockerfile

We recommend upgrading to python:3.12.0a1-alpine, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this PR

• web/Dockerfile

We recommend upgrading to nginx:1.23.2-alpine, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

| Severity | Priority Score / 1000 | Issue | Exploit Maturity | | :------: | :-------------------- | :---- | :--------------- | | | 221 | CVE-2022-40304
SNYK-ALPINE316-LIBXML2-3050523 | No Known Exploit | | | 221 | CVE-2022-40303
SNYK-ALPINE316-LIBXML2-3050527 | No Known Exploit | | | 221 | Out-of-bounds Write
SNYK-ALPINE316-NGINX-3055741 | No Known Exploit | | | 221 | Out-of-bounds Write
SNYK-ALPINE316-NGINX-3055742 | No Known Exploit |

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

This PR was automatically created by Snyk using the credentials of a real user.

Changes included in this PR

• Dockerfile.frontend

We recommend upgrading to nginx:1.23.2-alpine, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

| Severity | Issue | Exploit Maturity | | :------: | :---- | :--------------- | | | CVE-2022-40304
SNYK-ALPINE316-LIBXML2-3050523 | No Known Exploit | | | CVE-2022-40303
SNYK-ALPINE316-LIBXML2-3050527 | No Known Exploit |

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.