Let's sum up the good and the bad things about the core that is currently in use, to keep that in mind while developing the new one, so it'll be awesome from the start. Add your opinion here as well.
Sergey.
The good:-
the circles/permissions system
...
postgres as the db
the refresh/access token system
The bad:-
the stack (nobody knows elixir, you know)
...
no gsuite integration
...
users and members are separated, making it difficult to use
...
no body history
...
no actions history (like, there's no way to see who done what at which time. This can be solved by storing logs though)
...
most fields are optional
...
no consent in the db
...
no automatic users management (like the users are not deleted from the body/suspended once the fee is expired)
...
circles permissions (there's such thing as circle admin, when a person is a circle admin s/he can do more time, and it doesn't match the permissions schema)
security-wise: no way to revoke a session (refresh_token); sessions are not revoked once the password is changed; no need to confirm email once it was changed; no notification on changed password
Proposals for the new core:
...
- a lot of copypaste from statutory/events, most likely
- preserve the permissions/circles system exactly the way it is now (seems like a really flexible solution)
...