Open Bug 956719 Opened 10 years ago Updated 4 years ago

SecReview: One and Done

Categories

(mozilla.org :: Security Assurance: Review Request, task)

Product:
mozilla.org
Component:
Security Assurance: Review Request
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

People

(Reporter: osmose, Assigned: ygjb)

References

(
URL
)

Details

(Whiteboard: u= c= p=1 s=sprint 6) 

= Who is/are the point of contact(s) for this review? =
Michael Kelly <mkelly@mozilla.com> as primary contact and main dev, Marcia Knous <marcia@mozilla.com> as secondary/product owner.

= Please provide a short description of the feature / application (e.g. problem solved, use cases, etc.): =
One and Done is a Playdoh/Django application that lists out tasks that the QA community can attempt to complete. Tasks usually take between 15 minutes to an hour to accomplish and come with instructions and contact information. Examples of tasks would be running a test suite against a staging server, or writing a few automated tests for a particular site.

(This is the first Milestone for One and Done, there are significant features planned for the future that will be released/reviewed separately)

Users register via Persona and can accept tasks from a list of tasks entered by administrators. They can then mark the task as completed or abandoned, and leave feedback on their attempt to complete the tasks via a freeform text box shown after a task attempt is cleared.

Admins can create tasks and view the feedback and attempts that users have made against the tasks.

= Please provide links to additional information (e.g. feature page, wiki) if available and not yet included in feature description: =
- Main wiki page: https://wiki.mozilla.org/QA/Taskboard
- Milestone 1 User Stories and Wireframes: https://wiki.mozilla.org/QA/Taskboard/Version1-Milestone1 
- Development site: https://oneanddone.paas.allizom.org/en-US/
- Github Repo: https://github.com/mozilla/oneanddone
- Issue Tracker: https://github.com/mozilla/oneanddone/issues?state=open

= Does this request block another bug? If so, please indicate the bug number =
Nope.

= This review will be scheduled amongst other requested reviews. What is the urgency or needed completion date of this review? =
We're aiming to release the site on February 5th. We'll need at least a week of time prior to that if there are any bugs that need to be resolved and tested.

= To help prioritize this work request, does this project support a goal specifically listed on this quarter's goal list? If so, which goal? =
I believe this was a 2013Q4 goal for marcia or stephend's team, but I don't know where to find that info. Will needinfo marcia to answer this in more detail.

= Does this feature or code change affect Firefox, Thunderbird or any product or service the Mozilla ships to end users? =
Directly, no, but it does indirectly as most of the tasks will be QA tasks for those products and services.

= Are there any portions of the project that interact with 3rd party services? =
Persona for authentication using django-browserid.

= Will your application/service collect user data? If so, please describe  =
We collect emails as part of Persona authentication, and we ask users for a display name (but have no requirement that it be a real name).

= If you feel something is missing here or you would like to provide other kind of feedback, feel free to do so here (no limits on size): =
We've been using Github Issues to track our bugs, but if you want to file bugs in Bugzilla for the review, you can put them in Mozilla QA::General.

Major development is completed, but we will be spending part of January writing unit and integration tests. We'll also use that time to resolve bugs that come from the review.

We're using paas.mozilla.org to deploy the site. The dev version of the site is up at https://oneanddone.paas.allizom.org/en-US/.

= Desired Date of review (if known from https://mail.mozilla.com/home/ckoenig@mozilla.com/Security%20Review.html) and whom to invite. = 
Any date before January 29th is fine (so we have time to resolve bugs). mkelly and marcia are the only two required invitees. Stephen Donner <sdonner@mozilla.com> can be an optional attendee.
Whiteboard: [pending secreview] → [triage needed]
FYI Dev site will be down for a bit in case anyone tries to view it, having some issues moving it to a group so people who are not me can push to it.
Assignee: nobody → yboily
Whiteboard: [triage needed]
Whiteboard: u= c= p=1 s=sprint 5
Any updates on when we can expect this review to happen?
Whiteboard: u= c= p=1 s=sprint 5 → u= c= p=1 s=sprint 6
I have been performing a code review and don't see any show stoppers.  I will continue to review the application, and aim to complete testing, but at this point I don't anticipate security blockers.  Please proceed, and I will formally close this bug soon!
Flags: needinfo?(yboily)
You need to log in before you can comment on or make changes to this bug.