romain-fontugne
commented
11 years ago OK, I will push the temporary workaround.
Closed joelweinberger closed 11 years ago
romain-fontugne
commented
11 years ago OK, I will push the temporary workaround.
joelweinberger
commented
11 years ago @romain-fontugne, can you email or post a test file that I can upload to recreate this problem? I just realized that I can't really debug this at the moment because I don't have any way to recreate it :-(
romain-fontugne
commented
11 years ago @metromoxie you can use this one: http://203.178.135.93/coryHall-sampled.csv If the file is too big and it takes too much time to upload you can just shrink it as you want
joelweinberger
commented
11 years ago @romain-fontugne, I'm having trouble debugging this because when I try to upload locally, it complains that I'm not running tsdb. This may be a more general problem, in fact. Would you mind adding to the README a more complete explanation of how to setup the server side so I can run it locally? Unfortunately, I'm kind of blocked on this bug until I can get that running :-(
romain-fontugne
commented
11 years ago @metromoxie TSDB is quite a pain to install... Are you on a linux or Mac/BSD? It seems that Jorge had certain difficulties to install it on Mac... I did it on linux, I basically followed this instructions: http://opentsdb.net/getting-started.html I had some troubles during the install but I don't remember what was it exactly... If you got any troubles installing it let me know I might figure out what I've done
Or if you don't wanna spend time installing it, you can try your code on this machine: 203.178.135.93 You can access this machine through ssh, I've create an account for you. The login is metromoxie and the pwd is your first name (please change it asap).
joelweinberger
commented
11 years ago My SSH connections are timing out to that machine. Is it running on a strange (non-22) port?
On Mon, Apr 8, 2013 at 11:51 PM, romain-fontugne notifications@github.comwrote:
@metromoxie https://github.com/metromoxie TSDB is quite a pain to install... Are you on a linux or Mac/BSD? It seems that Jorge had certain difficulties to install it on Mac... I did it on linux, I basically followed this instructions: http://opentsdb.net/getting-started.html I had some troubles during the install but I don't remember what was it exactly... If you got any troubles installing it let me know I might figure out what I've done
Or if you don't wanna spend time installing it, you can try your code on this machine: 203.178.135.93 You can access this machine through ssh, I've create an account for you. The login is metromoxie and the pwd is your first name (please change it asap).
— Reply to this email directly or view it on GitHubhttps://github.com/jortizcs/Pangia/issues/7#issuecomment-16097066 .
romain-fontugne
commented
11 years ago Sorry, it seems that students messed up the switches.... Unfortunately I'm not in the lab this week, I'll ask one of the students to fix it and I'll let you know when it works.
romain-fontugne
commented
11 years ago it should work now!
joelweinberger
commented
11 years ago @romain-fontugne, I started to look at this issue again, but the machine you set me up with an ssh account to doesn't seem to be working anymore (that is, I can't SSH into it).
Is there any chance you can this bug over? It's kind of high priority, in that we effectively have no security as long as we allow uploads without authorization, but it also requires a deep knowledge of the upload code I think. I also am slightly hopeful that our switch to Mongo and some of the auth code updates might help in solving this.
romain-fontugne
commented
11 years ago @metromoxie oops, sorry I turned off this machine a while ago. hmmm... and I played a bit too hard with this machine... now things are a bit broken...
I think you can test your code on the rackspace server. The IP, login and pwd are given in a google doc. Do you have acces to this document?
romain-fontugne
commented
11 years ago I don't know if you @metromoxie tried to fix this, but it now works! :-D
joelweinberger
commented
11 years ago No, I haven't tried to fix it. When you say it works, you just mean that you can upload files, right? Not that it's secure? Because I never reactivated the authorization check for the upload POST. On Aug 6, 2013 10:06 PM, "romain-fontugne" notifications@github.com wrote:
I don't know if you @metromoxie https://github.com/metromoxie tried to fix this, but it now works! :-D
— Reply to this email directly or view it on GitHubhttps://github.com/jortizcs/Pangia/issues/7#issuecomment-22230003 .
romain-fontugne
commented
11 years ago No, I mean it is now secured! I did reactivated the authorization check because I needed to know the user _id (and we can easily get it from the authorization module) and surprisingly it worked!
On Wed, Aug 7, 2013 at 3:14 PM, Joel Weinberger notifications@github.comwrote:
No, I haven't tried to fix it. When you say it works, you just mean that you can upload files, right? Not that it's secure? Because I never reactivated the authorization check for the upload POST. On Aug 6, 2013 10:06 PM, "romain-fontugne" notifications@github.com wrote:
I don't know if you @metromoxie https://github.com/metromoxie tried to fix this, but it now works! :-D
— Reply to this email directly or view it on GitHub< https://github.com/jortizcs/Pangia/issues/7#issuecomment-22230003> .
— Reply to this email directly or view it on GitHubhttps://github.com/jortizcs/Pangia/issues/7#issuecomment-22231760 .
joelweinberger
commented
11 years ago Great! I'll verify later, but they must have fixed something in the node module. On Aug 6, 2013 11:19 PM, "romain-fontugne" notifications@github.com wrote:
No, I mean it is now secured! I did reactivated the authorization check because I needed to know the user _id (and we can easily get it from the authorization module) and surprisingly it worked!
On Wed, Aug 7, 2013 at 3:14 PM, Joel Weinberger notifications@github.comwrote:
No, I haven't tried to fix it. When you say it works, you just mean that you can upload files, right? Not that it's secure? Because I never reactivated the authorization check for the upload POST. On Aug 6, 2013 10:06 PM, "romain-fontugne" notifications@github.com wrote:
I don't know if you @metromoxie https://github.com/metromoxie tried to fix this, but it now works! :-D
— Reply to this email directly or view it on GitHub< https://github.com/jortizcs/Pangia/issues/7#issuecomment-22230003> .
— Reply to this email directly or view it on GitHub< https://github.com/jortizcs/Pangia/issues/7#issuecomment-22231760> .
— Reply to this email directly or view it on GitHubhttps://github.com/jortizcs/Pangia/issues/7#issuecomment-22231897 .
From @romain-fontugne: We use fineuploader to upload the files and it expects from routes.uploader a JSON object that gives the status of the upload. With the authorization code it now returns html and crashes fineuploader. A workaround is to ignore the authorization for routes.uploader but it is obviously a security issue... It is probably related to this: http://stackoverflow.com/questions/13363110/passportjss-passport-session-conflicts-with-file-uploader-wont-write-file
For now, we will temporarily disable authorization for the uploader, and I'll look for a more permanent fix.
See commit 9c340ab9860f93f39a1536f18b4a6fe9709a4c12 and https://github.com/jortizcs/Pangia/commit/9c340ab9860f93f39a1536f18b4a6fe9709a4c12#commitcomment-2918146.