Choosing an authorization framework for rails

Posted in rails, ruby by elisehuard on February 26, 2010

At my main customer’s we needed to choose an authorization framework. This is for a complex enterprise application, and requiring fine-grained authorization on:

  • roles
  • actions
  • model: most users can only access their own objects.

I’d had a look around, and after some digging ended up looking at 3 plugins, Declarative Authorization, grant and cancan.

Grant fell off almost immediately. It centered all authorization in the model, and I felt it was a bit too lightweight for our application.

Then I looked at declarative authorization and cancan.
At first sight, declarative authorization looked like a winner: I’m a believer in open source natural selection, and with about 650 people watching the plugin on github, it looked like a lot of people had found it a good fit. It’s also been lovingly polished since september 2008, so the kinks have probably been ironed out.

I cloned both plugins, and looked at the code and documentation.
Cancan is partly based on declarative_authorization. What struck me at first sight, is how simple cancan looked. Much less code, much less meta-monkey-magic. And a very friendly DSL and documentation.

And get this: I ran reek on both plugins (it’s a hobby of mine). And cancan came out practically clean ! That’s like having an alien in the living room ! It *never* happens ! Run reek on your own code, just for laughs, and you’ll see what I mean.

So we ended up choosing cancan, although declarative_authorization might have more features out of the box, we feel we’ll be able to extend cancan with much more ease, if at all necessary. It feels better to have a clean, fathomable codebase, than a larger engine. I’m aware that cancan has the unfair advantage of having learned from its predecessors, and kudos to the maintainers of declarative_authorization for having inspired others.

Note: I’m aware there are quite a few other plugins out there. If you found another one and you’re very happy about it, please share.

Tagged with: , , ,

Segfault in Ruby

Posted in ruby by elisehuard on February 12, 2010

Note: the following works with C-based ruby, not JRuby or IronRuby, obviously.
This is a sight most rubyists will fear: the segmentation fault. You’re running your tests quite innocently, or your web server is doing it’s job, until BOOM !

[BUG] Segmentation fault

What just happened ?
A segfault means your program tries to play fast and loose with memory it hasn’t been allocated. The operating system says ‘hey you!’. When this occurs on a *nix, the process receives a signal, SIGSEGV. The program crashes, and in so doing leaves a core dump, which is a recording of the state of the program at the time of crash.

Ruby then traps the corresponding signal.
You’ll find corresponding code in signal.c of the ruby source code:

install_sighandler(SIGSEGV, sigsegv);

and the sigsegv function is:

#ifdef SIGSEGV
static RETSIGTYPE sigsegv _((int));
    int sig; 
    if (!is_ruby_native_thread() && !rb_trap_accept_nativethreads[sig]) {
    rb_bug("Segmentation fault");

The rb_bug at the bottom is responsible for the message you see appearing when a segmentation fault happens.

That’s all well, you’ll say, but how to I solve this ?
First off, you have to determine where the issue came from. There’s where the core dump can help you, by telling you if the issue happened in ruby itself, or in its binding to another component, like a database or something similar.

Rails Underground

Posted in conference, JRuby, rails, ruby by elisehuard on July 26, 2009

I really liked Rails Underground, for several reason. First, where some Rails conferences (like last Railsconf Europe) was a bit disappointing in the levels of the presentations, here all technical presentations were relatively advanced.

Secondly, the audience came in a wide range of ages. At the hight of the Rails hype, conferences were attended by a majority of 20-year olds – which is fine, but it’s reassuring when a community contains a good percentage of software veterans, who’ve been around the block and judged that Ruby and Rails is Good Stuff.

And lastly, it was medium-scale – about 200 people. Seems to be an ideal number: there is enough weight to get some big names, and it’s still small enough to have a good atmosphere. You can approach people much more easily. Met lots of interesting people, amongst them some interesting women (!) like Desi McAdam from Devchix, Eleanor McHugh (who always does strange but interesting things with Ruby), Lena from Berlin, Allison Beckwith from Portland.

RailsUnder talk: internet of things

Posted in rails by elisehuard on July 25, 2009

Rails Underground is proving to be extremely interesting – I’ll do a separate post about the talks I enjoyed later on.
Although to be honest the first day passed in a haze of nerves for me, since i was doing a talk that evening. Note to self: attempt to talk early on.

I had some expert advice beforehand from my friend Baudouin, who’s doing coaching for presentations, which I duly memorized. But of course, once i came on stage, all the good advice went out of the window. I talked too fast, I moved around, I pulled on my shirt, etc.

Well, despite all this, the subject matter seems to have interested people: a surprising number of people came to me afterwards telling me it was inspirational, and made them want to get started themselves ! So all’s well.
The video should be published later, apparently.
Update: the videos are already online ! Impressive.


Random tinkering

Posted in open source, rails, ruby by elisehuard on January 7, 2009

Last few month, i haven’t had time to throw more than a cursory glance at whatever was going on in the Rails community.

I’m only starting my next job on the 19th of january. I’ve decided to try and submit a proposal for a Rails conf this year – so now’s time to have a good browse through all my Ruby and Rails feeds and have a sniff around.

I come to the office every day, as usual, but instead of coding i look around and experiment. All I can say is that it’s great fun – i hope i’ll have the opportunity to do this again !

Playthings so far:

  • Android and the possibility to use JRuby with android. Android uses a different bytecode, because it has its own virtual machine (Dalvik Virtual Machine) instead of the JVM. So a modified jrubyc compiler would be necessary. Not to mention that Android apps are very constrained in form, and also that we want to keep the footprint of resulting bytecode small. Difficult, but then easy is boring.
  • A plugin i mostly developed in previous project, which needs tidied up and open sourced. Remains to be seen whether anyone will find it useful. More about this later.
  • CouchDB and Rails. I found a series of articles on the subject and about to investigate whether it works …
  • XMPP/Jabber and its uses for a Rails app
  • Further tinkering with erlang
  • Keeping an eye on the Rails edge repository

That’s what’s keeping me busy for now … If you have other ideas, let me know. Fun !

Ruby to MSN

Posted in ruby by elisehuard on September 20, 2008

So for work i’m looking into making a chatbot for an application.  Apparently these days teenagers like MSN, so if that’s your market, that’s where you go.  Anyhow, it turns out it’s pretty easy to do !

First off, make a Jabber account on an existing jabber server, which also has an MSN transport plugin.  Jabber is the nice name for XMPP (Extensible Messaging and Presence Protocol), an IETF recognized standard.

Tagged with: , , , ,

libxml-ruby on Debian

Posted in deployment by elisehuard on September 17, 2008

If, like me, you get the following error message:

Install the library or try one of the following options to extconf.rb:

The solution is very, very simple.
sudo apt-get install libxml2
sudo apt-get install libxml2-dev

(and maybe an sudo ldconfig -v for good measure)
(especially that last one gets the C includes needed to build libxml-ruby).

Tagged with: , , ,

Railsconf Europe day 3

Posted in conference, rails by elisehuard on September 12, 2008

The sunny morning found me schlepping my luggage to the conference building. Last day of the conf, always slightly less relaxed, with the flight to catch and the check-outs to manage.

First keynote was by David Black of RubyCentral, one of the main organizers of the conference. He talked about Ruby’s version. It sounded slightly ad hoc (fibers ? mh, i knew about that 3 months ago, but can’t say now), but interesting anyhow.

Jeremy Kemper was helping out on the trickier details. Seems Rails is actively being ported to 1.9, so it might be worth it to start checking out the change logs.

Then i attended a talk by Matt Wood from the Welcome Trust Sanger Institute, which was involved in the Human Genome Project. The human genome was sequenced and open-data’ed (beating a team that wanted to patent it), but they continue sequencing different species to map evolution, and to research diseases and genetic conditions. This involved the handling of massive amounts of data. They do some of it with Rails, because of its flexibility (talk here).

Then Rany Keddo talked about background scheduling of jobs. Obviously you don’t want to block any of your web servers/threads with a lenghty process. There are many tools to offload this to background processes. Rany demo’ed and talked about some of them – and also his plugin Workling, which is a kind of wrapper making them pluggable in Rails.

Lunch was spent talking to several really interesting people (who i’ll probably never meet again), as wont in such a conference. DHH and Koz spottings.

After lunch: Justin Gehtland talking about modular architecture (monolithic software = the Death Star, modular agile stuff = the rebel fleet) talks. Some people are just great speakers. Then i had to leave to catch my flight. Easyjet waits for no woman.

What was up with the Star Wars meme ? It popped up every few slides with the US speakers. Certainly added to the comical effect. I suppose that there’s only a few common denominators between Geeks International United, and Star Wars is certainly one of them.

My conclusion about the conference is this: spotless organization, but the talks themselves (with exceptions !) were not stellar, nor particularly useful. I still hope to see the ones i missed released on the net.

The main point of being there, for me, would be to meet professionals in the same branche, and to be able to exchange views with them. Is that worth the price ? Actually, it might be. I had a good time.

Tagged with: , ,

Railsconf Europe day 2

Posted in conference, rails by elisehuard on September 12, 2008

Grayer skies for day 2. Also a bit the worse for wear from the night before. Caffeine for the soul.

DHH did the keynote – and while he didn’t say that much (information content), what he said was interesting, and well developed: legacy code makes us better programmers. We learn by seeing our past mistakes, and correcting them. Rewriting from scratch will be way less instructive than actually giving love to the old code.

Next talk i attended was about jQuery by Yehuda Katz (maintainer and co-author of jQuery in action amongst other things). Let’s say that it was a good talk for absolute beginners, but while not being an expert at all, i didn’t learn anything new.

At some point during the day, we got what was for me THE news of the conference: localization in Rails 2.2 ! Finally ! A language by a japanese person, a platform by a (former) danish citizen, so i’m happy that finally they correct the US-centric approach.

Start of the afternoon: talk about combining different apps seamlessly to improve scalability by 2 guys from Texperts. They do this by using javascript widgets pointing to different apps.

I then moved on to a talk about Rubinius by Wilson Bilkovich. Completely lost there, since he seemed to assume in-depth knowledge of how this kind of compiler-VM works, and mine is sketchy at most. They now use LLVM as a virtual machine, that they have a lot of primitives in C that are platform-specific but most of the core classes are now written in Ruby. The Ruby parser is the same as for MRI, and then *mumble Kernel mumble compiler C++*. Sounded cool in an incomprehensible kind of way.

Then the organization broke down a little bit, because 2 talks were cancelled, and so the main common-interest one, about security, was absolutely mobbed (picture geeks squatting every square cm of the room). In a fit of claustrophobia, i decided to stay out and follow the talk as well as i could through IRC (which was not too bad actually).

Some highlights: the usual cross-site scripting, but also the reading of session info in the cookie, sql injection on some params in rails pre-2.1, and then a cross-site JSON attack i’ve got to read up about because didn’t quite get it in the flow of conversation.

Sun is one of the main sponsors of this convention (together with Engine Yard),
which was already obvious by the plugging of JRuby at every possible occasion.

Nick Sieger (Dr Nic ?) did his bit for Sun, and then there was a long, long keynote by Jeremy Kemper. Jeremy Kemper is one of those guys who may be great programmers and project managers, but may not be stage material.

He talked about the performance of rails, and how he found that most of it could be reduced by looking at the browser (basically this stuff), and some in the actual garbage collection of the Ruby virtual machine (MRI).

Then we adjourned, and those of us who had been lurking on IRC to counter the slight boredom gathered to have a nice indian meal, and then some drinks at the Irish pub. A good night amongst international geeks.

Tagged with: , ,

Railsconf Europe Day 1

Posted in conference, rails by elisehuard on September 12, 2008

In Berlin they know what summer means, and how to taper off softly to winter. The day started sunny with a hint of freshness.

So i started off towards the Railsconf in a pretty good mood, despite the early hour. I ended up subscribing to the tutorials, because i’ve been told last night (at the Bratwurst on Rails) that they were worth it.

My morning tutorial was about hacking the Rails internals by two people of the company Intridea. About showing how you can minutely twist the default rails magic to make your life easier. Pradeep Elunkamaran in the first half was fairly interesting – except that it was a bit fast, especially since (gasp) i hadn’t had my coffee yet (and hadn’t eaten since lunch the day before).

The second half was by Michael Bleigh, who’s given us subdomain-fu and uberkit (didn’t know the last one). This was more applied, and more focused towards getting a result (without knowing all the details underneath). Different point of view.

Lunch was pleasantly spent with the belgian delegation: 4 of OpenMinds, Alain Ravet, and 2 guys of belighted (and me). And two start-up founders from resp. Germany and Austria.

I started the afternoon at a presentation about deploying and monitoring rails by people from Peritor, which was woefully basic. They started off by describing all the most common server setups, and then talking about capistrano. I gave up hoping when it appeared the level wouldn’t exponentially increase.

So i skipped talks to one by Thoughtworks people about meta-programming in Ruby. Pat Farley made a good job of taking something that could have been endlessly dull (Ruby C internals) and making it bearable, grabbing our attention with humor here and there.

After dinner break, there was a panel discussion by DHH, Jeremy Kemper and Michael Koziarsky.. All being Rails core people, there was not much debate, so it became a Q&A session. About future of web apps according to them, if other test frameworks were going to creep in (no), what they thought about the other frameworks (cute but not Rails) … not many surprises there, in other words.

Rejectconf took place at a bar a couple of kilometers away, and was one of the best parts of the day. The formula was that everyone had maximum 5 minutes to talk about a related subject, however wacky

Best_of: a ‘make_spec_better’ plugin that passes all specs, whatever happens. An application by leethal, who apparently gets pretty frustrated on IRC, to be able to tell people how exactly they fit the term ‘retard’ (unable to google etc). Braid was presented as the piston for git by a young dutch guy (whose name i didn’t catch, but surely will find again).

Geoffrey Grosenbach talked about Zshell – a bit surreal to actually see the guy after listening to his disembodied voice in a few Peepcode tutorials. He then was nice (and brave) enough to lend his Macbook air to increasingly drunk presenters.

Tagged with: , ,