codedsun
commented
4 years ago Shall i close this? https://github.com/fossasia/open-event-server/issues/6640 due to same
Open iamareebjamal opened 4 years ago
codedsun
commented
4 years ago Shall i close this? https://github.com/fossasia/open-event-server/issues/6640 due to same
iamareebjamal
commented
4 years ago No, that is sub issue and this is parent issue
Image sizes (event and speaker) are implemented very poorly and cause a lot of confusion. Reimplement both
Problems:
Consider the following The current image resizing and setting is extremely wasteful and expensive and screams for a redesign.
We should not accept external URLs in our API. What if I link a 1 GB file as an image? The server will try to download it and waste resources like bandwidth, disk space and CPU resources
Secondly, it shouldn't even accept URLs. Even in the scenario the URL is of our server, we redownload the file instead of just moving which makes the file duplicated and wastes more bandwidth as well. And then proceed to resize. We are using cloudflare on top of the server, so it starts giving forbidden errors for connecting too frequently. All in all, the entire media layer should be rewritten with design first in mind
This design is a perfect example of why CRUD should be only minimally exposed to the user. And database driven designs push the clients to do more work which the server should be doing. We are basically exposing our DB tables directly to the user with wrapper authorization. We have just created a glorified ORM like https://hasura.io/ and https://prisma.io/
Only the read layer can be exposed reliably to the user, even that with care and proper authentication and authorization. Create, Update and Delete should be handled in custom manner, and not just be delegated to libraries like flask-rest-jsonapi