This module complements the core Status report page by providing an additional, more in-depth and technically oriented status report, designed to help technical support identify issues with the site. The generated report has some features:
- It is plain text, so it's easy to inspect and copy-and-paste.
- It is in fact a valid Markdown Extra document -- so developers and support tech staff can transform it to nicely formatted HTML or PDFs files, if desired.
- It can be downloaded for off-site reviews and/or to be sent out in attachments or uploaded elsewhere.
- It anonymizes or masks irrelevant and perhaps sensitive data. See the module page for more information.
- It is extensible -- modules can provide hooks that augment the report in a much more flexible way than via hook_requirements().
Project page: https://www.drupal.org/sandbox/flaviovs/2426407
GIT clone command: git clone --branch 7.x-1.x http://git.drupal.org/sandbox/flaviovs/2426407.git advstatus
p.s.: There is an issue with the http://pareview.sh review of this module that I didn't manage to workaround. The module implements some hooks on behalf of core nodes that are currently enabled. Obviously, those interception hooks have the original module name as a prefix, so although the warning is valid, it is not useful in this case. BTW, the mechanism used is similar to the one used by some other modules (Rules comes to mind) to implement custom hooks on behalf of the core modules.
Manual reviews of other projects
Comment | File | Size | Author |
---|---|---|---|
#9 | coder-results.txt | 3.19 KB | klausi |
#6 | 8031891.png | 37.51 KB | webcodin |
Comments
Comment #1
PA robot CreditAttribution: PA robot commentedWe are currently quite busy with all the project applications and we prefer projects with a review bonus. Please help reviewing and put yourself on the high priority list, then we will take a look at your project right away :-)
Also, you should get your friends, colleagues or other community members involved to review this application. Let them go through the review checklist and post a comment that sets this issue to "needs work" (they found some problems with the project) or "reviewed & tested by the community" (they found no major flaws).
I'm a robot and this is an automated message from Project Applications Scraper.
Comment #2
kala4ekadvstatus.module
advstatus.pages.inc
Comment #3
InviteReferrals CreditAttribution: InviteReferrals commentedhttps://www.drupal.org/node/318#naming
./modules/node.inc:
all functions should be prefixed with your module/theme name to avoid name clashes
function node_advstatus_report($anonymizer) {
function node_advstatus_report_init($report) {
./modules/dblog.inc: all functions should be prefixed with your module/theme name to avoid name clashes.
function dblog_advstatus_report($anonymizer) {
./modules/comment.inc: all functions should be prefixed with your module/theme name to avoid name clashes.
function comment_advstatus_report($anonymizer) {
function comment_advstatus_report_init($report) {
./modules/path.inc: all functions should be prefixed with your module/theme name to avoid name clashes.
function path_advstatus_report($anonymizer) {
Comment #4
flaviovs CreditAttribution: flaviovs commented@kalak,
Whilst there's no error or warning message when you do that, it's generally considered a bad practice do add elements to an undefined array. The PHP documentation is strong about this:
There's also a good discussion about this on Stackoverflow.
Can you point out where is said that you cannot have two blank lines between functions?
All functions must have a doc block, and they must be separated at least by a blank line. That's all I could find about it.
Good catch. Fixed.
@InviteReferrals,
Please, read the original post:
Comment #5
flaviovs CreditAttribution: flaviovs commentedComment #6
webcodin CreditAttribution: webcodin commentedHandle review:
In the report maybe part of names of entities, Nodes and Comment displays wrong see attached 8031891.png
Comment #7
flaviovs CreditAttribution: flaviovs commentedIt is expected behavior.
Initial post on this issue:
Module page (https://www.drupal.org/sandbox/flaviovs/2426407):
Comment #8
zbombicz CreditAttribution: zbombicz commentedAutomated Review
pareview.sh: only the mentioned function naming issues.
I think, it is wrong method to implement hook functions in your module behalf of other modules (node, comment, etc.). With this solution you exclude the possibility for these modules to implement your hooks in future. I know, that these are core modules, and probably any of these modules will not implement your hooks as own, but I have concerns in general with implementing hooks behalf of other modules. I think the proper solution could be not to implement these reports as hook functions, but creating of internal function for these (for example: advstatus_report_default_node), and put all of these function calls into advstatus_report (with verification the existence of these modules). Sorry for my bad english, If I was not fully understood, please tell me than.
Manual Review
- function advstatus_support_report_page - $my_path
- function advstatus_anon_file - $droot
- ...
- advstatus.pages.inc: 233. obect
- advstatus.pages.inc: 341. formated
- advstatus.pages.inc: 657. curent
The starred items (*) are fairly big issues and warrant going back to Needs Work. Items marked with a plus sign (+) are important and should be addressed before a stable project release. The rest of the comments in the code walkthrough are recommendations.
Personal notes: This module is very handful. I would really like feature, that make "anonymization" optional (on/off). In some cases I would really like to see statistics about my nodes, node types, etc., with real names, and exact data. I agree, that protecting sensitive information is very important, but for self use I really want if it was available too.
Anyway: Hands up, very useful module, I hope it will be contrib as soon as possible.
This review uses the Project Application Review Template.
Comment #9
klausiReview of the 7.x-1.x branch (commit ee9f2f4):
This automated report was generated with PAReview.sh, your friendly project application review script. You can also use the online version to check your project. You have to get a review bonus to get a review from me.
manual review:
But otherwise looks good to me. Removing review bonus tag, you can add it again if you have done another 3 reviews of other projects.
Assigning to mpdonadio as he might have time to take a final look at this.
Comment #10
flaviovs CreditAttribution: flaviovs commented@zbombicz,
It is not wrong if you really meant to implement the hook on behalf of a core module. There are a bunch of modules that do that, mainly because this is the most elegant way to code this, IMHO . I mentioned Rules, but I think they did this only on Rules 1.x -- Rules 2.x use another scheme. However, another big player that do this is Views.
I think that general sense is that it's very unlikely -- not to say wrong -- to core modules implement every other hook that pops up on contrib. And if they do it someday, it is just a matter of copying the hook from the origin module. (In my module, I took care of testing if the core module did not define the hook -- no matter how unlikely it sounds -- and include() the proxy only if not. That way, we never risk to break a site with double-defined functions errors. Not sure if Views do that, though.)
This module will still undergo an alpha phase before an stable release. When in alpha, the API may still change, so I think this is not the best time to document API parameters and return values yet.
I also think so. But in this case, those variables used to be used more that once, and I choose to left then alone when the other parts of the code were removed. Why, you may ask... Just common sense. I have a strong feeling that they may be used again if another unanticipated user cases pops in. Also, removing the variables will means to put function inside string concatenation, inside other function calls... This usually mean we will move beyond the dreaded 80 column, and it is going to sacrifice code readability a lot. This alone is a very strong reason to keep the variable to me. See Line length and wrapping in the Coding standards page for a similar example where "unnecessary" variables are used to improve readability.
Oops... I wonder why Codespell did not catch this here.
Fixed. Thank you!
@klausi,
Which version of CodeSniffer are you using? I am on 1.5.6 and I do not get these warnings here (but got and fixed a lot of similar "Closing parenthesis not on a new line" previously.)
Fixed, anyway.
Mea culpa, you are absolutely right. The actual name of the module is "Advanced status report". That's how it calls itself all over the UI. This was changed some time ago and I just forgot to update the module page (and this issue). I am doing this right now.
I also committed a fix some comments and help text using the old name. Thanks.
Comment #11
flaviovs CreditAttribution: flaviovs commentedBTW, I reverted the commit with the drupal_set_title() fix for the issue reported in #2. The reason is that without it, the page never get the right title set on hook_menu(). It looks like this is caused by a bug in core (see #891892: Page/Overlay title doesn't change when MENU_LOCAL_ACTION is used).
Comment #12
mpdonadioAutomated Review
Review of the 7.x-1.x branch (commit 9c396df):
This automated report was generated with PAReview.sh, your friendly project application review script. You can also use the online version to check your project. You have to get a review bonus to get a review from me.
Manual Review
@flaviovs, klausi and the other review admins use the bleeding edge review tools from: https://github.com/klausi/pareviewsh
Having a subdirectory called modules that doesn't contain any Drupal modules is kinda weird and goes against conventions.
(+) advstatus_permission should have the 'restrict access' and possible the 'warning' keys set. Your node_advstatus_report() calls
db_select() agains the {node} table w/o the node_access tag, so whoever gets this permission will get access to all nodes. I am not
deeming this a security problem, as this is a reporting tool for admins, and no real information would be revealed anyway (I don't
consiuder node counts sensitive). There may also be things in the logs, and you aren't checking the access log permission in your dblog_advstatus_report().
Yeah, fix the namespace of the module.
Not seeing any blocking issues.
The starred items (*) are fairly big issues and warrant going back to Needs Work. Items marked with a plus sign (+) are important and should be addressed before a stable project release. The rest of the comments in the code walkthrough are recommendations.
If added, please don't remove the security tag, we keep that for statistics and to show examples of security problems.
This review uses the Project Application Review Template.
Comment #13
mpdonadioThanks for your contribution, flaviovs!
I updated your account so you can promote this to a full project and also create new projects as either a sandbox or a "full" project.
Here are some recommended readings to help with excellent maintainership:
You can find lots more contributors chatting on IRC in #drupal-contribute. So, come hang out and stay involved!
Thanks, also, for your patience with the review process. Anyone is welcome to participate in the review process. Please consider reviewing other projects that are pending review. I encourage you to learn more about that process and join the group of reviewers.
Thanks to the dedicated reviewer(s) as well.
Comment #14
flaviovs CreditAttribution: flaviovs commentedThanks for the upgrade and for your review!
BTW:
Strangely enough, I'm also using the pareview.sh script from the above URL (commit 2907f4be). But I did not get the above Code Sniffer issues.
Code Sniffer version mismatch maybe? What your
phpcs --version
says?(Mine says "PHP_CodeSniffer version 1.5.6 (stable) by Squiz (http://www.squiz.net)")
This is exactly the same pattern used by Views, Rules and Entity API (at least)!
(Not that I do not think it's weird -- I do. But I really thought that that was the convention...)
Nice suggestion. I will open a feature request for this.
I think that the warnings in the permission you suggested take care of this. As an admin/developer tool, this module should provide a accurate picture of the Drupal installation -- that's why I went directly to the
db_select()
route.But giving a notice on the report about node_access is a great suggestion. I will also open an issue for this.
The dblog report only list the last PHP errors (currently). Yep, they may contain information that some user may not be able to see, but I again think that the permission warning does suffice. OTOH, I recognize that it really makes sense to omit (with a warning) the dblog report if the user does not have the appropriate permission. Well... I will open an issue to discuss this question latter. Maybe with some more feedback from users we will be able make a better decision about this.
I will look into this.
Comment #15
mqannehpareview.sh report
Review of the 7.x-1.x branch (commit 1436c6e):
This automated report was generated with PAReview.sh, your friendly project application review script. You can also use the online version to check your project. You have to get a review bonus to get a review from me.
Source: http://pareview.sh/ - PAReview.sh online service
Comment #16
mpdonadioThis application was already approved by two admins. No need for further review. In addition, the output of the automated tools is not an automatic reason for pushing an application back to needs work. In the report you posted, the namespace prefix problems don't apply as they are hook implementations for other modules, and therefore wouldn't get the namespace. The rest is fairly minor as far as code standard go.