Of late, the demo server has been unstable with times when it even fails to start OpenMRS.
I have noticed that it at times has modules which are not part of the reference application (most likely cause of the instability) as you can see examples like radiology here: https://demo.openmrs.org/openmrs/admin/modules/module.list
Since its web interface is configured not to allow installation of modules, could it be that some one is using other means to upload modules to it? Like via REST?
@dkayiwa I guess there are other ways to upload a module. One such method is possibly using this OWA.
That must be it. Thanks @reubenv for pointing it out.
@suthagar23 can you use this https://github.com/openmrs/openmrs-module-owa/pull/48 to prevent the upload of modules? We did this for the Andela addon manager owa.
Thanks @dkayiwa for pointing it out. Let me check it
That’s the same security hole that exists if uploading modules via the UI were enabled…all someone would have to do is know that this is enabled and BAM, they uploaded a module…
Just started work on this @dkayiwa : https://issues.openmrs.org/browse/SAD-20
Great @suthagar23 . If you have it ready soon enough, it can be part of the next release
Not only this, I hope to put a new version 1.2 along with the Ref App 2.9