Fix before going live
---------------------

* Rename page/user/group need to update page references.
* Disable UI access to unfinished TODO--* items.
* Convert the content in www.opendylan.org to wiki pages and make
  them only editable by the dylan-hackers group.
* Careful by-hand test of all existing features.


General
-------
* wikimatrix.org is a good source of feature ideas.
* The "Recent Changes" and "Pages" links both get an error if there
  is nothing to list.  (minor)
* static files (e.g., /styles.css) should be under the dynamically
  configured url prefix.
* MAKE THREAD SAFE -- basically anything like removing a user, which
  modifies multiple objects, may have race conditions.  Needs careful
  thought.
* Convert specialized DSP tags to use <dsp:loop> and improve <dsp:loop>
  as needed.
* i18n
* Implement all dsp pages the same way: with a class and respond-to-*
  methods.  Having some be functions and some be classes is annoying
  because it's harder to remember the names of things.

Browser Compatibility
---------------------
* IE7 doesn't make all the links in the left nav menu active.
  Something in the style sheet breaks it.  This makes it fairly
  useless.
* Safari: login doesn't work.  See IRC comments on 2009-06-15.
* Test with Opera

Feeds
-----
* Is there a secure way to make page feeds respect ACLs?  For
  now they just show publicly viewable pages.
* Fix various problems shown by http://www.feedvalidator.org/
* Include more info in the entry descriptions.  For pages, maybe
  include the diff up to a certain size limit?
* Limit feeds to a certain time period.  Not sure how this is
  normally done yet.

Tags
----
* Overview page (hannes: what do you have in mind exactly?)
* Ability to browse all pages with a given set of tags.
* Make reserved tags and the "news" tag configurable.

Users
-----
* Don't store passwords in cleartext.
* Show non-activated accounts in the Users list (maybe only to admins?)
  and allow admins to edit/activate the accounts.  Might be nice to have
  an icon that indicates data that is only shown to admins.
* Show the email address if the user him/herself is viewing the page.
* When an admin is editing a user, allow them to make the user an admin.
  (This is where the two levels of admin could come into play.)
* Support a full name attribute.
* Have a "home" wiki page for each user, similar to twiki.  Pre-create
  the page.  Maybe call it e.g. "User: Full Name".
* Allow user to set their timezone and date format, and show all times
  relative to that.
* Validate name, password, email.  Require a minimum level of
  security in passwords?  e.g., must not be empty, one char, all the
  same char, etc.  Maybe there's a cookbook for this.

Registration
------------
* The account activation key is just base-64 encoded.  Not very secure,
  just minimally good enough for now.
* Put initial focus in password field.

Groups
------
* Options menu offers edit/remove even if the user is not owner or admin.
* Remove group from any ACLs upon deletion, and display list of pages whos
  ACLs will be affected.  Bonus points: say whether removing the group will
  make it so that no one (other than an admin and the owner) has access to
  a page.
* Show "This group has no members" if true.
* Combine editing attributes and group members onto one page.  This requires
  javascript to do it right, i.e. not require a POST for each member change.

Pages
-----
* Currently (as I rewrite to use git as the back end) I plan for most
  operations to execute git commands directly rather than caching
  anything.  Ultimately that will probably be too slow as the number
  of pages grows.  One possible way forward will be to create a <page>
  object for each page, without filling in the content, parsing tags,
  etc., then fill in the page content as pages are loaded on demand.
  For full content search we'll need an index.
* Preview doesn't work if the page is new, never saved.
* Looks like show-page-responder doesn't respect "view" ACLs (but I could
  be wrong because I've been away from the code for a while).
* Conflict detection (multiple overlapping edits)
* improve display of tags.  maybe put to the right of the title.
* Allow owner or administrator to change page owner when editing page.
* When viewing a non-newest revision, the options menu items are incorrect.
  e.g., "edit" loads the newest revision's content.  Instead it should
  load the old content and give a warning near the Save button that you
  are editing an older revision.  "remove" probably shouldn't be there,
  and "connections" should show the connections of the older revision.
* A way to set ACLs for multiple pages at once.  How to choose the pages?
  By tags, by owner, by reference, by backlink?

Other
-----

- search widget not implemented
  * advanced search
- tag cloud (what's this?)
- inline svg
  * connection graph
- microformats! (what's this?)
  * users
- menu for user
- hints in lists
- icon for groups
- icon for files
- renaming users/groups/pages
- file upload
- user page: edited pages
  * each page: list of versions
- page: authors
  * each user: list of versions