Loading...
 
Skip to main content

History: Bare Tiki

Source of version: 19 (current)

Copy to clipboard
"Bare Tiki" is a project to improve Tiki to make it great for use cases that need next to no features.

One of the ((3 Rules)) is "Make it Optional".  However, some of the features can't be turned off. As a community, let's review this, and confirm for which ones we should ((create a new preference)), so they can easily be turned off.

!! Why?
* Security: If a vulnerability is discovered, you can only be affected if the feature is activated.
* More suitable for some use cases: For example, you want to use Tiki as an [https://en.wikipedia.org/wiki/Identity_provider|Identity provider]. You don't want content features. You just want user management. As of Tiki20, there are some features which can't be turned off in Tiki.
*GDPR, HIPPA, or other compliance, as well as possible ISO standard qualification :
**"For Muhib, one of the main issues with low code platforms is the governance of the applications themselves. Anyone might be able to design an app very quickly, but not everyone might be familiar with the requirements of GDPR or HIPAA and how the app might violate compliance with these. These applications, he says, may also not be easy to secure and could create unintended vulnerabilities in the infrastructure of an organization." [https://www.devopsonline.co.uk/the-rise-of-low-code/|source] {sign user="mikeua" datetime="2021-02-24T11:02:36+00:00"}
**example GDPR:[https://www.onlyoffice.com/blog/2018/05/how-onlyoffice-complies-with-gdpr/| OnlyOffice]
**example HIPAA: [https://www.onlyoffice.com/blog/2020/10/how-onlyoffice-complies-with-hipaa/|OnlyOffice]

!! Who
* Scott Tresor (leading development on this project)
* Roberto Kirschbaum (coach)
* {userlink user=luci} (providing guidance)
* Marc (providing guidance)
* Michael Imbeault (providing guidance)
* You?


!! Major Features
That need a preference so we can turn them off:
* There should be a pref for comments that turns off all comments, and this panel: tiki-admin.php?page=comments  (see how it's done for blogs as an example)
* Modules could be optional
* Profiles could be optional
* i18n
* Maps
* Feeds
* Tiki Connect
* Stats
* Packages
* RTC

!!! Social networks
When the feature is off, it should not render the proprietary -+og:+- and -+twitter:+- meta tags in the page source like:
{CODE()}
<meta content="Baretiki" property="og:site_name">
<meta content="Baretiki" name="twitter:site">
{CODE}

!! Minor Preferences
(Sub-)Preferences of the main features like Wiki related preferences etc.
* CodeMirror syntax highlighter: -+var syntaxHighlighter+- gets loaded even when not used?
* jQuery TreeTable JS and CSS loaded on every page even when not used (used only on -+tiki-objectpermissions.php+-?)
* -+lib/query_tiki/pluginedit.js+- is loaded on every page even when the pref __Allow plugin-specific edits__ is disabled

!!! User Information Display
For example: https://dev.tiki.org/tiki-user_information.php?userId=1
Should be optional preference too. See related wish list item: https://dev.tiki.org/item5982

!! System Menu
Menu ID 42
* External Feeds
* External Wikis
* Mail Notifications?
* Scheduler - when the -+feature_scheduler+- is off it should not display the option in the Settings submenu
* Tiki Importer
* Tiki Logs
* Toolbars could be optional
* Transitions
* phpinfo

!! To discuss
!!! Wiki
* Rename is not optional - could be -+wiki_page_rename+- pref

!!! Print Settings
There could be apps where print settings are not needed.

!!! Membership
* tiki-admingroups.php has settings like
** Membership expiry Anniversary
** Number of Days
** Pro-Rate Membership

These should be active only if the feature is activated.

Perhaps one pref -+feature_membership+-?

!!! Decided to keep as a non-option
!!!! Major features
* Groups
* Log in /Log out
* Look & Feel
* Menus
* Performance
* Permissions
* Security
* Tiki Cache/Sys Admin
* Users
* User Settings

!!!! Minor features
to keep always on (e.g. when major feature is enabled)
* Edit (like wiki page editing; depending on edit permissions of course)
* Plugin Aliases
* Tiki Check (aka Server Fitness link on the General control panel)
* What else?

!! Questions

!! Related
* https://profiles.tiki.org/BareTiki
Show PHP error messages