PEAR :: Bug #2417 :: [PATCH] Incorrect processing of ‘permission denied’ style error messages

Got the bugger – and supplied a patch that fixes it!

This should spell an end to those annoying (and really unhelpful) “DB Error: unknown error” messages from PEAR::DB when the user doesn’t have enough permissions.

Been hitting this a bit with MemberDB.

I’d love PEAR::DB to return back the native error string as well… but it’s kinda hidden.

Maybe I should be changing the getMessage() methods to return the PEAR message *and* the extra debug stuff? hrrmmm…

oh well, for later

well… at some point there has to be some voting code done for MemberDB. Namely because Linux Australia has to have elections sometime early next year, and the code really should work before then!

Currently, we can easily work out who is a current member of the organisation. Only current members, with the appropriate type of membership should be able to vote. Initially, we will assume that if member_types.validates_membership=true and member_types.revokes_membership=false, they are able to vote (i.e. if they show up in the current_memberships view).

This means they can log in. This is a good thing (note, a member may have to reset their password first – this is supported in latest MemberDB snapshots).

Once logged in, the member should be able to see a list of elections they can currently participate in. Elections (election table?) should be tied to organisation and a time period. They should also have a name and description. Only the election_id should be unique.

e.g., something like:

create table election (
        id serial unique not null,
        org_id int not null,  -- election for this org (NULL=all orgs)
        name varchar(50) not null,
        start_advertising date, -- date that we'll display in a UI that "an election is coming"
        nominations_start date,
        nominations_close date,
        advertise_candidates date, -- list the candidates from date onwards
        live_results boolean, -- results in real-time
        start_voting date, -- when voting opens
        close_voting date, -- when it closes
        show_results date, -- show results from election from this date onwards (NULL=never). This field can be updated (i.e. after the results have been verified/approved)
        description text,
        CONSTRAINT "election_pkey" PRIMARY KEY (id),
        CONSTRAINT "election_org_id_fkey" FOREIGN KEY (org_id) references orgs(id) on update restrict
);

In the future, we may want to support more than one election type – this should be safe to introduce in the future as we can add a column to election and election_vote. Currently, we’re only going to care about “first past the post” style elections. i.e. the classic “a show of hands”.

Only authorised people should be able to change any details of the election – this should be a new activity, and members granted explicit permissions to do this. We will probably need to add a “data” field to the permissions table – allowing us to have more specialised permissions (i.e. only membey X can modify election Y, and only member A can modify election B).

We need positions to elect people into.
e.g.

create table election_position (
 id serial unique not null,
 election_id int not null,
 name varchar(50) not null,
 description text,
-- FIXME: insert constraints here
);

Each election needs candidates. Candidates need to be approved (by whoever can modify the election. Since the process for approving candidates can vary, this will require human thinking logic to work out that everything is okay before they click the “approve” button).

something like:

create table election_candidate (
     id serial unique not null,
     election_position_id int not null,
     approved boolean,
     member_id int not null,
     spiel text,
        CONSTRAINT "election_candidate_pkey" PRIMARY KEY (id),
        CONSTRAINT "election_candidate_election_position_id_fkey" FOREIGN KEY (org_id) references election_position(id) on update restrict,
      CONSTRAINT "election_candidate_member_id" FOREIGN KEY (member-id) references current_memberships(id)
 -- FIXME: need constraint that member is a member of the correct org.
 );

We’re currently making the assumption that only members can go for positions. This seems fair and reasonable – am open to arguments against it though.

So, an election has positions and each position has candidates. Candidates have spiels, and have to be approved before they’re listed.

Each member gets one vote per election position. They can change this anytime up until the closing date (this should take care of the “oh shit, someone dropped out of the election” thing too).

create table election_vote (
    election_position_id int not null,
    member_id int not null,
    election_candidate_id int not null
-- FIXME: constraints here
);

now… all that needs to be done is a UI… and some sanity checking of the above. :)

been doing a fair bit of mods to memberdb recently – getting features in.

– new css based look (which is almost correct)
– more solid code around the place
– better error reporting (that needs debugging… hahaha)
– a start on the positions tracking UI
– change password UI
– sorting of the memberlist
– moving look and messages into site customisable directories (so nobody has to get scared by memberdb code itself)

so, been busy :)

some of these have made it to the stable branch… i guess i’ll put more of them in there as things actually stabilise. Especially since linux.org.au is actually running the stable 0.2 branch now (which is nowhere near final).

Have no real schedule or ideas on when to release 0.2, maybe when i’ve done the positions stuff, fixed the CSS and made a “edit member info” (accessible to admin and each member) UI. That’d be a real big leap from 0.1 :)

I’d like to put GPG stuff on the cards for 0.3…. but it’ll be tricky finding a nice way to integrate everything. I’m thinking along the lines of a UI where a person enters their key ID, fingerprint and keyserver (then we pull the key using gpg). To help verify, we could then send all email gpg signed/encrypted :)

we’d then have to have a not-well-trusted GPG key for memberdb installations – which could be… interesting….

but hey – it’s the one big feature request from an outside group.

They want to have GPG signed applications – but maybe they’ll settle for sending GPG encrypted mail to the applicant (saying “confirm membership like this”). The validity of the key can always be checked before approving the membership – it’s going to have to be semi manual anyway.

Oh yes, time for me to abuse my position and spam a bunch of lists! :)

memberdb is the membership database software i’ve been hacking off and
on for a while now, and is being used by Linux Australia.

In it’s current form, it’s visually not very pretty – but the backend
database has had a huge amount of design (and redesign) work put into
it. This release is to encourage feedback, patches and volunteers.

It’s also out there so that other groups can look at it as a possible
solution to their membership database needs. Okay, realistically,
they’ll need a lot of work on it before it suits them and not us. It’s
called contributing dudes!

Yes, there are bugs. Yes, probably a security issue or something that’s
slipped me by – open source, peer review – all good.

Anyway, go have a look:
http://www.flamingspork.com/projects/memberdb/

or grab the 0.1 tarball from:
http://www.flamingspork.com/projects/memberdb/release/0.1/memberdb-0.1.tar.=
gz

even better, grab the latest sources and start hacking! esp if you’re a
XHTML and CSS guru – i need them :)

actually have made a fair bit of progress – only a bit more of the admin UI to do and it’ll accept and track memberships and do all sorts of funky biz.

just hope digital is back and functioning soon.