Difference between revisions of "MediaWiki for CNM Cloud"
(10 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | [[MediaWiki for CNM Cloud]] is | + | [[MediaWiki for CNM Cloud]] (hereinafter, the ''Project'') is the group of endeavors undertaken to advance [[Educaship MediaWiki]] to upgrade this app from its [[minimal viable product]] ([[minimal viable product|MVP]]) state up to parts of [[Careerprise Funnel]]. [[MediaWiki]] and [[MariaDB]] as its database management system are used under the hood of this app. For a few years, the stable version of ''MediaWiki'' has not been updated due to new versions' conflict with our LDAP plugin. However, a decision has been made to migrate the integration to [[WSO2 IS]] and it is not clear whether LDAP will remain necessary. Also periodically there are problems with pictures, which the [[Warehouse for CNM Cloud]] project shall address. |
Line 9: | Line 9: | ||
: [[Prototype]]s | : [[Prototype]]s | ||
− | ===Stakeholder=== | + | ===Stakeholder's=== |
: [[Stakeholder requirement]]s | : [[Stakeholder requirement]]s | ||
+ | #As a [[NetAnyone]], I need to be able to: | ||
+ | #*Read and/or view contents of any wikipage at clearly understood [[URL]]s such as starting with https://wiki.friendsofcnm.org/ | ||
+ | #*See the logo at the right upper corner and the name of the resource such as [[CNM Wiki]]; | ||
+ | #*Feel safe while seeing that the ''App's'' resource is verified by the [[SSL certificate]]; | ||
+ | #As a Russian-speaking [[NetAnyone]], I need to be able to locate wikipages in Russian, possibly, at [[URL]]s starting with https://wiki.friendsofcnm.org/ru | ||
+ | #As a [[NetConsumer]], I need to be able to add selected wikipages to my watchlist and receive notifications when the watched wikipages are updated to my email. | ||
+ | #As a [[CertAssociate]], I need to be able to: | ||
+ | #*Have predefined rights of a user (with a registered account) established at [[MediaWiki]]; | ||
+ | #*Upload files, including [[SVG]] graphics, with sizes up to 2Mb; the combined size of all downloaded files shouldn't exceed 200Mb. | ||
+ | #As a [[CertFellow]], I need to: | ||
+ | #*Have predefined rights of a sysop established at [[MediaWiki]]; | ||
+ | #*Be able to upload files up to 20Mb. | ||
+ | #As a [[OppletBureaucrat]], I need to: | ||
+ | #*Have predefined rights of a bureaucrat established at [[MediaWiki]]; | ||
+ | #As a [[CloudAdmin]], I need to: | ||
+ | #*Make sure that [[CNM Wiki]] at least gets basic [[cyber-security]] features, especially [https://www.mediawiki.org/wiki/Manual:Security Manual:Security], implemented; new threats are monitored and, based on them, the security policy should be defined and, further, re-defined; | ||
+ | #*Be able to restore [[CNM Wiki]] if the working software collapses. No more than one hour of work is allowed to be lost. | ||
− | === | + | ===Deliverable=== |
− | :[[ | + | :[[Deliverable specification]]s |
===Work=== | ===Work=== | ||
− | : [[ | + | : [[Work specification]]s |
==States== | ==States== | ||
Line 31: | Line 48: | ||
: [[State of controllability]] | : [[State of controllability]] | ||
− | [[Category: | + | ==Development== |
+ | |||
+ | ===History=== | ||
+ | :The first instance, 1.26.4 version, was installed under supervision of [[User: Mina Nizhnih]]. | ||
+ | |||
+ | ===Further development=== | ||
+ | In order to constantly develop the ''App'', [[Friends Of CNM]] is looking for one or more vendors. This development project has at least two phases: | ||
+ | :#To identify [[#Acceptance criteria|Acceptance criteria]] that shall be met at the end of any further upgrade; and | ||
+ | :#To procure those upgrades from one or more vendors. | ||
+ | |||
+ | :[[RFB]] has been posted and the following responses are collected so far: | ||
+ | :*Define page types, naming conventions, user rights, expected behavior to select a set of useful extensions. Then develop ontologies, templates and forms for pages of various types. Adjust search function to the needs of the project. | ||
+ | :* Follow the [[updates]] at https://www.mediawiki.org/wiki/Download/ru and after the appearance of a new stable version, reinstall the ''App''. We used the latest version where the normal LDAP authorization module. You need to keep track of updates to the media and LDAP module. As soon as a newer version appears, you should need to update it on the test and check it out. If all is well, then it will be possible to update on the working site friendsofcnm.org | ||
+ | :* Monitor the detection of vulnerabilities and the emergence of solutions to eliminate them, apply them. | ||
+ | :* Support [[SSL certificate]] of Let's Encrypt (how to do it https://hostiq.ua/wiki/how-to-install-lets-encrypt-ssl/); | ||
+ | :* Regularly check the site for viruses using this link - https://www.virustotal.com/en/url/07612517c24492a2b4ecf505640d0c4e5d060149282543f1376dc6079b911641/analysis/1522339359/ | ||
+ | :*The system shall ensure that there is no interference to the active users when maintenance is being done.If need be, the system shall not be shut down for maintenance more than once in a 24‐hour period. | ||
+ | :*The system shall produce a [[storage capacity]] warning notification when a particular percentage of [[storage capacity]] threshold is crossed with additional notifications issued thereafter at different threshold increments. | ||
+ | :*When a new version of the system(application) is released, it shall be possible to upgrade to it from any previous version. | ||
+ | |||
+ | ===Choice=== | ||
+ | :''Main wikipage: [[MediaWiki]]'' | ||
+ | |||
+ | :The [[MediaWiki]] software is chosen as the ''App'' engine because its usability, productivity, and reliability. Particularly, [[MediaWiki]]: | ||
+ | :#Is easy to load (it is a light weight); | ||
+ | :#Allows integration with [[CNM Farms]] and, possibly, other [[CNM app]]s; | ||
+ | :#Is scalable and allows addition of more data as need arises; | ||
+ | :#Is easy to navigate with a search function that makes it easy to search what any user wants; | ||
+ | :#Is cloud hosted so that it can be accessed anywhere; | ||
+ | :#Provides an audit trail that can provide identification of who has entered any new information. | ||
+ | |||
+ | :[[MediaWiki]] also has a provision for the future usage of multiple languages. When the time for adding a new language comes, the existing system shall enable this addition without need for additional components to the original system. It will also enable the user to nominate their preferred language when entering their personal information. | ||
+ | |||
+ | ===Software to be evaluated=== | ||
+ | :#[[BlueSpice MediaWiki]]. | ||
+ | :#[[Tiki Wiki CMS Groupware]]. | ||
+ | :#[[Wiki.js]]. | ||
+ | :#[[XWiki]]. | ||
+ | |||
+ | ==Acceptance criteria== | ||
+ | ===Vulnerability=== | ||
+ | :{|class="wikitable" width=100% style="text-align:center;" | ||
+ | !# | ||
+ | |Feature | ||
+ | !Acceptance test!!Responsible | ||
+ | |- | ||
+ | |W001 | ||
+ | ![[PHP security]] | ||
+ | |style="text-align:left;"| | ||
+ | |Vendor for [[CNM Farms]] | ||
+ | |- | ||
+ | |W002 | ||
+ | ![[TLS]] | ||
+ | |style="text-align:left;"| | ||
+ | *''[[Let's Encrypt]]'' [[SSL certificate]] is seen in the [[URL field]] of a [[web browser]] | ||
+ | |The ''App'' vendor | ||
+ | |} | ||
+ | |||
+ | ===Navigation=== | ||
+ | #[[URL]] | ||
+ | #[[URL]] for Russian speakers | ||
+ | #Logo | ||
+ | #CNM Wiki name | ||
+ | |||
+ | ===Editing alerts=== | ||
+ | |||
+ | ===Uploads=== | ||
+ | #[[SVG]] | ||
+ | |||
+ | ===Backup restoration=== | ||
+ | |||
+ | [[Category: CNMCyber endeavors]] |
Latest revision as of 23:23, 14 April 2024
MediaWiki for CNM Cloud (hereinafter, the Project) is the group of endeavors undertaken to advance Educaship MediaWiki to upgrade this app from its minimal viable product (MVP) state up to parts of Careerprise Funnel. MediaWiki and MariaDB as its database management system are used under the hood of this app. For a few years, the stable version of MediaWiki has not been updated due to new versions' conflict with our LDAP plugin. However, a decision has been made to migrate the integration to WSO2 IS and it is not clear whether LDAP will remain necessary. Also periodically there are problems with pictures, which the Warehouse for CNM Cloud project shall address.
Requirements
Business
Prototypes
Stakeholder's
- As a NetAnyone, I need to be able to:
- Read and/or view contents of any wikipage at clearly understood URLs such as starting with https://wiki.friendsofcnm.org/
- See the logo at the right upper corner and the name of the resource such as CNM Wiki;
- Feel safe while seeing that the App's resource is verified by the SSL certificate;
- As a Russian-speaking NetAnyone, I need to be able to locate wikipages in Russian, possibly, at URLs starting with https://wiki.friendsofcnm.org/ru
- As a NetConsumer, I need to be able to add selected wikipages to my watchlist and receive notifications when the watched wikipages are updated to my email.
- As a CertAssociate, I need to be able to:
- As a CertFellow, I need to:
- Have predefined rights of a sysop established at MediaWiki;
- Be able to upload files up to 20Mb.
- As a OppletBureaucrat, I need to:
- Have predefined rights of a bureaucrat established at MediaWiki;
- As a CloudAdmin, I need to:
- Make sure that CNM Wiki at least gets basic cyber-security features, especially Manual:Security, implemented; new threats are monitored and, based on them, the security policy should be defined and, further, re-defined;
- Be able to restore CNM Wiki if the working software collapses. No more than one hour of work is allowed to be lost.
Deliverable
Work
States
Certainty
Utility
Applicability
Controllability
Development
History
- The first instance, 1.26.4 version, was installed under supervision of User: Mina Nizhnih.
Further development
In order to constantly develop the App, Friends Of CNM is looking for one or more vendors. This development project has at least two phases:
- To identify Acceptance criteria that shall be met at the end of any further upgrade; and
- To procure those upgrades from one or more vendors.
- RFB has been posted and the following responses are collected so far:
- Define page types, naming conventions, user rights, expected behavior to select a set of useful extensions. Then develop ontologies, templates and forms for pages of various types. Adjust search function to the needs of the project.
- Follow the updates at https://www.mediawiki.org/wiki/Download/ru and after the appearance of a new stable version, reinstall the App. We used the latest version where the normal LDAP authorization module. You need to keep track of updates to the media and LDAP module. As soon as a newer version appears, you should need to update it on the test and check it out. If all is well, then it will be possible to update on the working site friendsofcnm.org
- Monitor the detection of vulnerabilities and the emergence of solutions to eliminate them, apply them.
- Support SSL certificate of Let's Encrypt (how to do it https://hostiq.ua/wiki/how-to-install-lets-encrypt-ssl/);
- Regularly check the site for viruses using this link - https://www.virustotal.com/en/url/07612517c24492a2b4ecf505640d0c4e5d060149282543f1376dc6079b911641/analysis/1522339359/
- The system shall ensure that there is no interference to the active users when maintenance is being done.If need be, the system shall not be shut down for maintenance more than once in a 24‐hour period.
- The system shall produce a storage capacity warning notification when a particular percentage of storage capacity threshold is crossed with additional notifications issued thereafter at different threshold increments.
- When a new version of the system(application) is released, it shall be possible to upgrade to it from any previous version.
Choice
- Main wikipage: MediaWiki
- The MediaWiki software is chosen as the App engine because its usability, productivity, and reliability. Particularly, MediaWiki:
- Is easy to load (it is a light weight);
- Allows integration with CNM Farms and, possibly, other CNM apps;
- Is scalable and allows addition of more data as need arises;
- Is easy to navigate with a search function that makes it easy to search what any user wants;
- Is cloud hosted so that it can be accessed anywhere;
- Provides an audit trail that can provide identification of who has entered any new information.
- MediaWiki also has a provision for the future usage of multiple languages. When the time for adding a new language comes, the existing system shall enable this addition without need for additional components to the original system. It will also enable the user to nominate their preferred language when entering their personal information.
Software to be evaluated
Acceptance criteria
Vulnerability
# Feature Acceptance test Responsible W001 PHP security Vendor for CNM Farms W002 TLS - Let's Encrypt SSL certificate is seen in the URL field of a web browser
The App vendor